Merge "Add options to enable using DHCP agent Metadata-proxy"
diff --git a/.gitignore b/.gitignore
index b80b476..67ab722 100644
--- a/.gitignore
+++ b/.gitignore
@@ -5,10 +5,11 @@
*.pem
.localrc.auto
.prereqs
+.tox
.stackenv
accrc
-docs/files
-docs/html
+doc/files
+doc/build
files/*.gz
files/*.qcow2
files/images
diff --git a/.mailmap b/.mailmap
index 29be995..43e4e6e 100644
--- a/.mailmap
+++ b/.mailmap
@@ -4,3 +4,4 @@
Jiajun Liu <jiajun@unitedstack.com> <iamljj@gmail.com>
Jian Wen <jian.wen@canonical.com> <wenjianhn@gmail.com>
Joe Gordon <joe.gordon0@gmail.com> <jogo@cloudscaling.com>
+Sean Dague <sean.dague@samsung.com> <sdague@linux.vnet.ibm.com> <sean@dague.net>
diff --git a/AUTHORS b/AUTHORS
deleted file mode 100644
index 04bff48..0000000
--- a/AUTHORS
+++ /dev/null
@@ -1,51 +0,0 @@
-Aaron Lee <aaron.lee@rackspace.com>
-Aaron Rosen <arosen@nicira.com>
-Adam Gandelman <adamg@canonical.com>
-Akihiro MOTOKI <motoki@da.jp.nec.com>
-Andrew Laski <andrew.laski@rackspace.com>
-Andy Smith <github@anarkystic.com>
-Anthony Young <sleepsonthefloor@gmail.com>
-Armando Migliaccio <armando.migliaccio@eu.citrix.com>
-Brad Hall <brad@nicira.com>
-Chmouel Boudjnah <chmouel@chmouel.com>
-Dan Prince <dprince@redhat.com>
-Dean Troyer <dtroyer@gmail.com>
-Devin Carlen <devin.carlen@gmail.com>
-Doug hellmann <doug.hellmann@dreamhost.com>
-Eddie Hebert <edhebert@gmail.com>
-Edgar Magana <emagana@gmail.com>
-Eoghan Glynn <eglynn@redhat.com>
-Eric Windisch <ewindisch@cloudscaling.com>
-Gabriel Hurley <gabriel@strikeawe.com>
-Gary Kotton <gkotton@redhat.com>
-Hengqing Hu <hudayou@hotmail.com>
-Hua ZHANG <zhuadl@cn.ibm.com>
-Isaku Yamahata <yamahata@private.email.ne.jp>
-Jake Dahn <admin@jakedahn.com>
-James E. Blair <james.blair@rackspace.com>
-Jason Cannavale <jason.cannavale@rackspace.com>
-Jay Pipes <jaypipes@gmail.com>
-Jesse Andrews <anotherjesse@gmail.com>
-Jian Wen <jian.wen@canonical.com>
-Joe Gordon <jogo@cloudscaling.com>
-Johannes Erdfelt <johannes.erdfelt@rackspace.com>
-John Postlethwait <john.postlethwait@nebula.com>
-Josh Kearney <josh@jk0.org>
-Justin Shepherd <galstrom21@gmail.com>
-Ken Pepple <ken.pepple@rabbityard.com>
-Kiall Mac Innes <kiall@managedit.ie>
-Matt Joyce <matt.joyce@cloudscaling.com>
-Osamu Habuka <xiu.yushen@gmail.com>
-Russell Bryant <rbryant@redhat.com>
-Scott Moser <smoser@ubuntu.com>
-Sean Dague <sdague@linux.vnet.ibm.com>
-Sumit Naiksatam <sumitnaiksatam@gmail.com>
-Thierry Carrez <thierry@openstack.org>
-Todd Willey <xtoddx@gmail.com>
-Tres Henry <tres@treshenry.net>
-Vincent Untz <vuntz@suse.com>
-Vishvananda Ishaya <vishvananda@gmail.com>
-Yun Mao <yunmao@gmail.com>
-Yong Sheng Gong <gongysh@cn.ibm.com>
-Zhongyue Luo <lzyeval@gmail.com>
-Zhenguo Niu <niu.zglinux@gmail.com>
diff --git a/HACKING.rst b/HACKING.rst
index d69bb49..3ffe1e2 100644
--- a/HACKING.rst
+++ b/HACKING.rst
@@ -10,8 +10,8 @@
Shell script was chosen because it best illustrates the steps used to
set up and interact with OpenStack components.
-DevStack's official repository is located on GitHub at
-https://github.com/openstack-dev/devstack.git. Besides the master branch that
+DevStack's official repository is located on git.openstack.org at
+https://git.openstack.org/openstack-dev/devstack. Besides the master branch that
tracks the OpenStack trunk branches a separate branch is maintained for all
OpenStack releases starting with Diablo (stable/diablo).
@@ -126,14 +126,9 @@
Documentation
-------------
-The official DevStack repo on GitHub does not include a gh-pages branch that
-GitHub uses to create static web sites. That branch is maintained in the
-`CloudBuilders DevStack repo`__ mirror that supports the
-http://devstack.org site. This is the primary DevStack
-documentation along with the DevStack scripts themselves.
-
-__ repo_
-.. _repo: https://github.com/cloudbuilders/devstack
+The DevStack repo now contains all of the static pages of devstack.org in
+the ``doc/source`` directory. The OpenStack CI system rebuilds the docs after every
+commit and updates devstack.org (now a redirect to docs.openstack.org/developer/devstack).
All of the scripts are processed with shocco_ to render them with the comments
as text describing the script below. For this reason we tend to be a little
@@ -144,6 +139,8 @@
.. _shocco: https://github.com/dtroyer/shocco/tree/rst_support
The script used to drive <code>shocco</code> is <code>tools/build_docs.sh</code>.
+The complete docs build is also handled with <code>tox -edocs</code> per the
+OpenStack project standard.
Exercises
@@ -235,8 +232,12 @@
collections of bash scripts. These should be considered as part of the
review process.
-We have a preliminary enforcing script for this called bash8 (only a
-small number of these rules are enforced).
+DevStack uses the bashate_ style checker
+to enforce basic guidelines, similar to pep8 and flake8 tools for Python. The
+list below is not complete for what bashate checks, nor is it all checked
+by bashate. So many lines of code, so little time.
+
+.. _bashate: https://pypi.python.org/pypi/bashate
Whitespace Rules
----------------
diff --git a/MAINTAINERS.rst b/MAINTAINERS.rst
new file mode 100644
index 0000000..d55135d
--- /dev/null
+++ b/MAINTAINERS.rst
@@ -0,0 +1,98 @@
+MAINTAINERS
+===========
+
+
+Overview
+--------
+
+The following is a list of people known to have interests in
+particular areas or sub-systems of devstack.
+
+It is a rather general guide intended to help seed the initial
+reviewers list of a change. A +1 on a review from someone identified
+as being a maintainer of its affected area is a very positive flag to
+the core team for the veracity of the change.
+
+The ``devstack-core`` group can still be added to all reviews.
+
+
+Format
+~~~~~~
+
+The format of the file is the name of the maintainer and their
+gerrit-registered email.
+
+
+Maintainers
+-----------
+
+.. contents:: :local:
+
+
+Ceph
+~~~~
+
+* Sebastien Han <sebastien.han@enovance.com>
+
+Cinder
+~~~~~~
+
+Fedora/CentOS/RHEL
+~~~~~~~~~~~~~~~~~~
+
+* Ian Wienand <iwienand@redhat.com>
+
+Neutron
+~~~~~~~
+
+OpenDaylight
+~~~~~~~~~~~~
+
+* Kyle Mestery <mestery@mestery.com>
+
+OpenFlow Agent (ofagent)
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+* YAMAMOTO Takashi <yamamoto@valinux.co.jp>
+* Fumihiko Kakuma <kakuma@valinux.co.jp>
+
+Ryu
+~~~
+
+* YAMAMOTO Takashi <yamamoto@valinux.co.jp>
+* Fumihiko Kakuma <kakuma@valinux.co.jp>
+
+Sahara
+~~~~~~
+
+* Sergey Lukjanov <slukjanov@mirantis.com>
+
+Swift
+~~~~~
+
+* Chmouel Boudjnah <chmouel@enovance.com>
+
+SUSE
+~~~~
+
+* Ralf Haferkamp <rhafer@suse.de>
+* Vincent Untz <vuntz@suse.com>
+
+Tempest
+~~~~~~~
+
+Trove
+~~~~~
+
+* Nikhil Manchanda <SlickNik@gmail.com>
+* Michael Basnight <mbasnight@gmail.com>
+
+Xen
+~~~
+* Bob Ball <bob.ball@citrix.com>
+
+Zaqar (Marconi)
+~~~~~~~~~~~~~~~
+
+* Flavio Percoco <flaper87@gmail.com>
+* Malini Kamalambal <malini.kamalambal@rackspace.com>
diff --git a/clean.sh b/clean.sh
index e2374e7..db1a1e4 100755
--- a/clean.sh
+++ b/clean.sh
@@ -84,7 +84,6 @@
fi
# Clean projects
-cleanup_oslo
cleanup_cinder
cleanup_glance
cleanup_keystone
diff --git a/docs/source/assets/css/bootstrap.css b/doc/source/assets/css/bootstrap.css
similarity index 100%
rename from docs/source/assets/css/bootstrap.css
rename to doc/source/assets/css/bootstrap.css
diff --git a/docs/source/assets/css/local.css b/doc/source/assets/css/local.css
similarity index 99%
rename from docs/source/assets/css/local.css
rename to doc/source/assets/css/local.css
index 5c703af..c8667c4 100644
--- a/docs/source/assets/css/local.css
+++ b/doc/source/assets/css/local.css
@@ -71,7 +71,7 @@
margin-bottom: 14px;
}
-li#github {
+li#git {
background-position: left -70px !important;
height: 61px;
padding: ;
@@ -119,4 +119,4 @@
.wat {
margin-top: 33px;
-}
\ No newline at end of file
+}
diff --git a/docs/source/assets/images/devstack.png b/doc/source/assets/images/devstack.png
similarity index 100%
rename from docs/source/assets/images/devstack.png
rename to doc/source/assets/images/devstack.png
Binary files differ
diff --git a/docs/source/assets/images/header_bg.png b/doc/source/assets/images/header_bg.png
similarity index 100%
rename from docs/source/assets/images/header_bg.png
rename to doc/source/assets/images/header_bg.png
Binary files differ
diff --git a/docs/source/assets/images/logo.png b/doc/source/assets/images/logo.png
similarity index 100%
rename from docs/source/assets/images/logo.png
rename to doc/source/assets/images/logo.png
Binary files differ
diff --git a/doc/source/assets/images/quickstart.png b/doc/source/assets/images/quickstart.png
new file mode 100644
index 0000000..735617b
--- /dev/null
+++ b/doc/source/assets/images/quickstart.png
Binary files differ
diff --git a/docs/source/assets/images/small_logo.png b/doc/source/assets/images/small_logo.png
similarity index 100%
rename from docs/source/assets/images/small_logo.png
rename to doc/source/assets/images/small_logo.png
Binary files differ
diff --git a/docs/source/assets/js/bootstrap.js b/doc/source/assets/js/bootstrap.js
similarity index 100%
rename from docs/source/assets/js/bootstrap.js
rename to doc/source/assets/js/bootstrap.js
diff --git a/docs/source/assets/js/bootstrap.min.js b/doc/source/assets/js/bootstrap.min.js
similarity index 100%
rename from docs/source/assets/js/bootstrap.min.js
rename to doc/source/assets/js/bootstrap.min.js
diff --git a/docs/source/assets/js/jquery-1.7.1.min.js b/doc/source/assets/js/jquery-1.7.1.min.js
similarity index 100%
rename from docs/source/assets/js/jquery-1.7.1.min.js
rename to doc/source/assets/js/jquery-1.7.1.min.js
diff --git a/doc/source/changes.rst b/doc/source/changes.rst
new file mode 100644
index 0000000..ccd96e8
--- /dev/null
+++ b/doc/source/changes.rst
@@ -0,0 +1,14 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Recent Changes What's been happening?
+-------------------------------------
+
+These are the commits to DevStack for the last six months. For the
+complete list see `the DevStack project in
+Gerrit <https://review.openstack.org/#/q/status:merged+project:openstack-dev/devstack,n,z>`__.
diff --git a/doc/source/conf.py b/doc/source/conf.py
new file mode 100644
index 0000000..3e9aa45
--- /dev/null
+++ b/doc/source/conf.py
@@ -0,0 +1,263 @@
+# -*- coding: utf-8 -*-
+#
+# Tempest documentation build configuration file, created by
+# sphinx-quickstart on Tue May 21 17:43:32 2013.
+#
+# This file is execfile()d with the current directory set to its containing dir.
+#
+# Note that not all possible configuration values are present in this
+# autogenerated file.
+#
+# All configuration values have a default; values that are commented out
+# serve to show the default.
+
+import sys
+import os
+
+# If extensions (or modules to document with autodoc) are in another directory,
+# add these directories to sys.path here. If the directory is relative to the
+# documentation root, use os.path.abspath to make it absolute, like shown here.
+#sys.path.insert(0, os.path.abspath('.'))
+
+# -- General configuration -----------------------------------------------------
+
+# If your documentation needs a minimal Sphinx version, state it here.
+#needs_sphinx = '1.0'
+
+# Add any Sphinx extension module names here, as strings. They can be extensions
+# coming with Sphinx (named 'sphinx.ext.*') or your custom ones.
+extensions = [ 'oslosphinx' ]
+
+todo_include_todos = True
+
+# Add any paths that contain templates here, relative to this directory.
+templates_path = ['_templates']
+
+# The suffix of source filenames.
+source_suffix = '.rst'
+
+# The encoding of source files.
+#source_encoding = 'utf-8-sig'
+
+# The master toctree document.
+master_doc = 'index'
+
+# General information about the project.
+project = u'DevStack'
+copyright = u'2014, OpenStack Foundation'
+
+# The language for content autogenerated by Sphinx. Refer to documentation
+# for a list of supported languages.
+#language = None
+
+# There are two options for replacing |today|: either, you set today to some
+# non-false value, then it is used:
+#today = ''
+# Else, today_fmt is used as the format for a strftime call.
+#today_fmt = '%B %d, %Y'
+
+# List of patterns, relative to source directory, that match files and
+# directories to ignore when looking for source files.
+exclude_patterns = ['_build']
+
+# The reST default role (used for this markup: `text`) to use for all documents.
+#default_role = None
+
+# If true, '()' will be appended to :func: etc. cross-reference text.
+#add_function_parentheses = True
+
+# If true, the current module name will be prepended to all description
+# unit titles (such as .. function::).
+add_module_names = False
+
+# If true, sectionauthor and moduleauthor directives will be shown in the
+# output. They are ignored by default.
+show_authors = False
+
+# The name of the Pygments (syntax highlighting) style to use.
+pygments_style = 'sphinx'
+
+# A list of ignored prefixes for module index sorting.
+modindex_common_prefix = ['DevStack-doc.']
+
+# -- Options for man page output ----------------------------------------------
+man_pages = []
+
+# -- Options for HTML output ---------------------------------------------------
+
+# The theme to use for HTML and HTML Help pages. See the documentation for
+# a list of builtin themes.
+html_theme = 'nature'
+
+# Theme options are theme-specific and customize the look and feel of a theme
+# further. For a list of options available for each theme, see the
+# documentation.
+#html_theme_options = {}
+
+# Add any paths that contain custom themes here, relative to this directory.
+#html_theme_path = []
+
+# The name for this set of Sphinx documents. If None, it defaults to
+# "<project> v<release> documentation".
+#html_title = None
+
+# A shorter title for the navigation bar. Default is the same as html_title.
+#html_short_title = None
+
+# The name of an image file (relative to this directory) to place at the top
+# of the sidebar.
+#html_logo = None
+
+# The name of an image file (within the static path) to use as favicon of the
+# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
+# pixels large.
+#html_favicon = None
+
+# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
+# using the given strftime format.
+git_cmd = "git log --pretty=format:'%ad, commit %h' --date=local -n1"
+html_last_updated_fmt = os.popen(git_cmd).read()
+
+# If true, SmartyPants will be used to convert quotes and dashes to
+# typographically correct entities.
+#html_use_smartypants = True
+
+# Custom sidebar templates, maps document names to template names.
+#html_sidebars = {}
+
+# Additional templates that should be rendered to pages, maps page names to
+# template names.
+#html_additional_pages = {}
+
+# If false, no module index is generated.
+html_domain_indices = False
+
+# If false, no index is generated.
+html_use_index = False
+
+# If true, the index is split into individual pages for each letter.
+#html_split_index = False
+
+# If true, links to the reST sources are added to the pages.
+#html_show_sourcelink = True
+
+# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
+#html_show_sphinx = True
+
+# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
+#html_show_copyright = True
+
+# If true, an OpenSearch description file will be output, and all pages will
+# contain a <link> tag referring to it. The value of this option must be the
+# base URL from which the finished HTML is served.
+#html_use_opensearch = ''
+
+# This is the file name suffix for HTML files (e.g. ".xhtml").
+#html_file_suffix = None
+
+# Output file base name for HTML help builder.
+htmlhelp_basename = 'DevStack-doc'
+
+
+# -- Options for LaTeX output --------------------------------------------------
+
+latex_elements = {
+# The paper size ('letterpaper' or 'a4paper').
+#'papersize': 'letterpaper',
+
+# The font size ('10pt', '11pt' or '12pt').
+#'pointsize': '10pt',
+
+# Additional stuff for the LaTeX preamble.
+#'preamble': '',
+}
+
+# Grouping the document tree into LaTeX files. List of tuples
+# (source start file, target name, title, author, documentclass [howto/manual]).
+latex_documents = [
+ ('index', 'DevStack-doc.tex', u'DevStack Docs',
+ u'OpenStack DevStack Team', 'manual'),
+]
+
+# The name of an image file (relative to this directory) to place at the top of
+# the title page.
+#latex_logo = None
+
+# For "manual" documents, if this is true, then toplevel headings are parts,
+# not chapters.
+#latex_use_parts = False
+
+# If true, show page references after internal links.
+#latex_show_pagerefs = False
+
+# If true, show URL addresses after external links.
+#latex_show_urls = False
+
+# Documents to append as an appendix to all manuals.
+#latex_appendices = []
+
+# If false, no module index is generated.
+#latex_domain_indices = True
+
+# -- Options for Texinfo output ------------------------------------------------
+
+# Grouping the document tree into Texinfo files. List of tuples
+# (source start file, target name, title, author,
+# dir menu entry, description, category)
+texinfo_documents = [
+ ('index', 'DevStack-doc', u'DevStack Docs',
+ u'OpenStack DevStack Team', 'DevStack-doc', 'DevStack documentation',
+ 'Miscellaneous'),
+]
+
+# Documents to append as an appendix to all manuals.
+#texinfo_appendices = []
+
+# If false, no module index is generated.
+#texinfo_domain_indices = True
+
+# How to display URL addresses: 'footnote', 'no', or 'inline'.
+#texinfo_show_urls = 'footnote'
+
+
+# -- Options for Epub output ---------------------------------------------------
+
+# Bibliographic Dublin Core info.
+epub_title = u'DevStack Documentation'
+epub_author = u'OpenStack DevStack Team'
+epub_publisher = u'OpenStack DevStack Team'
+epub_copyright = u'2014, OpenStack DevStack Team'
+
+# The language of the text. It defaults to the language option
+# or en if the language is not set.
+#epub_language = ''
+
+# The scheme of the identifier. Typical schemes are ISBN or URL.
+#epub_scheme = ''
+
+# The unique identifier of the text. This can be a ISBN number
+# or the project homepage.
+#epub_identifier = ''
+
+# A unique identification for the text.
+#epub_uid = ''
+
+# A tuple containing the cover image and cover page html template filenames.
+#epub_cover = ()
+
+# HTML files that should be inserted before the pages created by sphinx.
+# The format is a list of tuples containing the path and title.
+#epub_pre_files = []
+
+# HTML files shat should be inserted after the pages created by sphinx.
+# The format is a list of tuples containing the path and title.
+#epub_post_files = []
+
+# A list of files that should not be packed into the epub file.
+#epub_exclude_files = []
+
+# The depth of the table of contents in toc.ncx.
+#epub_tocdepth = 3
+
+# Allow duplicate toc entries.
+#epub_tocdup = True
diff --git a/doc/source/configuration.rst b/doc/source/configuration.rst
new file mode 100644
index 0000000..9befc90
--- /dev/null
+++ b/doc/source/configuration.rst
@@ -0,0 +1,356 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Configuration Making it go my way
+---------------------------------
+
+DevStack has always tried to be mostly-functional with a minimal amount
+of configuration. The number of options has ballooned as projects add
+features, new projects added and more combinations need to be tested.
+Historically DevStack obtained all local configuration and
+customizations from a ``localrc`` file. The number of configuration
+variables that are simply passed-through to the individual project
+configuration files is also increasing. The old mechanism for this
+(``EXTRAS_OPTS`` and friends) required specific code for each file and
+did not scale well.
+
+In Oct 2013 a new configuration method was introduced (in `review
+46768 <https://review.openstack.org/#/c/46768/>`__) to hopefully
+simplify this process and meet the following goals:
+
+- contain all non-default local configuration in a single file
+- be backward-compatible with ``localrc`` to smooth the transition
+ process
+- allow settings in arbitrary configuration files to be changed
+
+local.conf
+~~~~~~~~~~
+
+The new configuration file is ``local.conf`` and resides in the root
+DevStack directory like the old ``localrc`` file. It is a modified INI
+format file that introduces a meta-section header to carry additional
+information regarding the configuration files to be changed.
+
+The new header is similar to a normal INI section header but with double
+brackets (``[[ ... ]]``) and two internal fields separated by a pipe
+(``|``):
+
+::
+
+ [[ <phase> | <config-file-name> ]]
+
+where ``<phase>`` is one of a set of phase names defined by ``stack.sh``
+and ``<config-file-name>`` is the configuration filename. The filename
+is eval'ed in the ``stack.sh`` context so all environment variables are
+available and may be used. Using the project config file variables in
+the header is strongly suggested (see the ``NOVA_CONF`` example below).
+If the path of the config file does not exist it is skipped.
+
+The defined phases are:
+
+- **local** - extracts ``localrc`` from ``local.conf`` before
+ ``stackrc`` is sourced
+- **pre-install** - runs after the system packages are installed but
+ before any of the source repositories are installed
+- **install** - runs immediately after the repo installations are
+ complete
+- **post-config** - runs after the layer 2 services are configured and
+ before they are started
+- **extra** - runs after services are started and before any files in
+ ``extra.d`` are executed
+
+The file is processed strictly in sequence; meta-sections may be
+specified more than once but if any settings are duplicated the last to
+appear in the file will be used.
+
+::
+
+ [[post-config|$NOVA_CONF]]
+ [DEFAULT]
+ use_syslog = True
+
+ [osapi_v3]
+ enabled = False
+
+A specific meta-section ``local|localrc`` is used to provide a default
+``localrc`` file (actually ``.localrc.auto``). This allows all custom
+settings for DevStack to be contained in a single file. If ``localrc``
+exists it will be used instead to preserve backward-compatibility. More
+details on the `contents of localrc <localrc.html>`__ are available.
+
+::
+
+ [[local|localrc]]
+ FIXED_RANGE=10.254.1.0/24
+ ADMIN_PASSWORD=speciale
+ LOGFILE=$DEST/logs/stack.sh.log
+
+Note that ``Q_PLUGIN_CONF_FILE`` is unique in that it is assumed to
+*NOT* start with a ``/`` (slash) character. A slash will need to be
+added:
+
+::
+
+ [[post-config|/$Q_PLUGIN_CONF_FILE]]
+
+Also note that the ``localrc`` section is sourced as a shell script
+fragment amd MUST conform to the shell requirements, specifically no
+whitespace around ``=`` (equals).
+
+Minimal Configuration
+~~~~~~~~~~~~~~~~~~~~~
+
+While ``stack.sh`` is happy to run without a ``localrc`` section in
+``local.conf``, devlife is better when there are a few minimal variables
+set. This is an example of a minimal configuration that touches the
+values that most often need to be set.
+
+- no logging
+- pre-set the passwords to prevent interactive prompts
+- move network ranges away from the local network (``FIXED_RANGE`` and
+ ``FLOATING_RANGE``, commented out below)
+- set the host IP if detection is unreliable (``HOST_IP``, commented
+ out below)
+
+::
+
+ [[local|localrc]]
+ ADMIN_PASSWORD=secrete
+ DATABASE_PASSWORD=$ADMIN_PASSWORD
+ RABBIT_PASSWORD=$ADMIN_PASSWORD
+ SERVICE_PASSWORD=$ADMIN_PASSWORD
+ SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50
+ #FIXED_RANGE=172.31.1.0/24
+ #FLOATING_RANGE=192.168.20.0/25
+ #HOST_IP=10.3.4.5
+
+If the ``*_PASSWORD`` variables are not set here you will be prompted to
+enter values for them by ``stack.sh``.
+
+The network ranges must not overlap with any networks in use on the
+host. Overlap is not uncommon as RFC-1918 'private' ranges are commonly
+used for both the local networking and Nova's fixed and floating ranges.
+
+``HOST_IP`` is normally detected on the first run of ``stack.sh`` but
+often is indeterminate on later runs due to the IP being moved from an
+Ethernet integace to a bridge on the host. Setting it here also makes it
+available for ``openrc`` to set ``OS_AUTH_URL``. ``HOST_IP`` is not set
+by default.
+
+Common Configuration Variables
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Set DevStack install directory
+ | *Default: ``DEST=/opt/stack``*
+ | The DevStack install directory is set by the ``DEST`` variable.
+ | By setting it early in the ``localrc`` section you can reference it
+ in later variables. It can be useful to set it even though it is not
+ changed from the default value.
+ |
+
+ ::
+
+ DEST=/opt/stack
+
+stack.sh logging
+ | *Defaults: ``LOGFILE="" LOGDAYS=7 LOG_COLOR=True``*
+ | By default ``stack.sh`` output is only written to the console
+ where is runs. It can be sent to a file in addition to the console
+ by setting ``LOGFILE`` to the fully-qualified name of the
+ destination log file. A timestamp will be appended to the given
+ filename for each run of ``stack.sh``.
+ |
+
+ ::
+
+ LOGFILE=$DEST/logs/stack.sh.log
+
+ Old log files are cleaned automatically if ``LOGDAYS`` is set to the
+ number of days of old log files to keep.
+
+ ::
+
+ LOGDAYS=1
+
+ The some of the project logs (Nova, Cinder, etc) will be colorized
+ by default (if ``SYSLOG`` is not set below); this can be turned off
+ by setting ``LOG_COLOR`` False.
+
+ ::
+
+ LOG_COLOR=False
+
+Screen logging
+ | *Default: ``SCREEN_LOGDIR=""``*
+ | By default DevStack runs the OpenStack services using ``screen``
+ which is useful for watching log and debug output. However, in
+ automated testing the interactive ``screen`` sessions may not be
+ available after the fact; setting ``SCREEN_LOGDIR`` enables logging
+ of the ``screen`` sessions in the specified diretory. There will be
+ one file per ``screen`` session named for the session name and a
+ timestamp.
+ |
+
+ ::
+
+ SCREEN_LOGDIR=$DEST/logs/screen
+
+ *Note the use of ``DEST`` to locate the main install directory; this
+ is why we suggest setting it in ``local.conf``.*
+
+One syslog to bind them all
+ | *Default: ``SYSLOG=False SYSLOG_HOST=$HOST_IP SYSLOG_PORT=516``*
+ | Logging all services to a single syslog can be convenient. Enable
+ syslogging by setting ``SYSLOG`` to ``True``. If the destination log
+ host is not localhost ``SYSLOG_HOST`` and ``SYSLOG_PORT`` can be
+ used to direct the message stream to the log host.
+ |
+
+ ::
+
+ SYSLOG=True
+ SYSLOG_HOST=$HOST_IP
+ SYSLOG_PORT=516
+
+A clean install every time
+ | *Default: ``RECLONE=""``*
+ | By default ``stack.sh`` only clones the project repos if they do
+ not exist in ``$DEST``. ``stack.sh`` will freshen each repo on each
+ run if ``RECLONE`` is set to ``yes``. This avoids having to manually
+ remove repos in order to get the current branch from ``$GIT_BASE``.
+ |
+
+ ::
+
+ RECLONE=yes
+
+ Swift
+ Default: SWIFT_HASH="" SWIFT_REPLICAS=1 SWIFT_DATA_DIR=$DEST/data/swift
+ Swift is now used as the back-end for the S3-like object store. When enabled Nova's objectstore (n-obj in ENABLED_SERVICES) is automatically disabled. Enable Swift by adding it services to ENABLED_SERVICES:
+ enable_service s-proxy s-object s-container s-account
+
+ Setting Swift's hash value is required and you will be prompted for
+ it if Swift is enabled so just set it to something already:
+
+ ::
+
+ SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5
+
+ For development purposes the default number of replicas is set to
+ ``1`` to reduce the overhead required. To better simulate a
+ production deployment set this to ``3`` or more.
+
+ ::
+
+ SWIFT_REPLICAS=3
+
+ The data for Swift is stored in the source tree by default (in
+ ``$DEST/swift/data``) and can be moved by setting
+ ``SWIFT_DATA_DIR``. The specified directory will be created if it
+ does not exist.
+
+ ::
+
+ SWIFT_DATA_DIR=$DEST/data/swift
+
+ *Note: Previously just enabling ``swift`` was sufficient to start
+ the Swift services. That does not provide proper service
+ granularity, particularly in multi-host configurations, and is
+ considered deprecated. Some service combination tests now check for
+ specific Swift services and the old blanket acceptance will longer
+ work correctly.*
+
+Service Catalog Backend
+ | *Default: ``KEYSTONE_CATALOG_BACKEND=sql``*
+ | DevStack uses Keystone's ``sql`` service catalog backend. An
+ alternate ``template`` backend is also available. However, it does
+ not support the ``service-*`` and ``endpoint-*`` commands of the
+ ``keystone`` CLI. To do so requires the ``sql`` backend be enabled:
+ |
+
+ ::
+
+ KEYSTONE_CATALOG_BACKEND=template
+
+ DevStack's default configuration in ``sql`` mode is set in
+ ``files/keystone_data.sh``
+
+Cinder
+ | Default:
+ | VOLUME_GROUP="stack-volumes" VOLUME_NAME_PREFIX="volume-" VOLUME_BACKING_FILE_SIZE=10250M
+ | The logical volume group used to hold the Cinder-managed volumes
+ is set by ``VOLUME_GROUP``, the logical volume name prefix is set
+ with ``VOLUME_NAME_PREFIX`` and the size of the volume backing file
+ is set with ``VOLUME_BACKING_FILE_SIZE``.
+ |
+
+ ::
+
+ VOLUME_GROUP="stack-volumes"
+ VOLUME_NAME_PREFIX="volume-"
+ VOLUME_BACKING_FILE_SIZE=10250M
+
+Multi-host DevStack
+ | *Default: ``MULTI_HOST=False``*
+ | Running DevStack with multiple hosts requires a custom
+ ``local.conf`` section for each host. The master is the same as a
+ single host installation with ``MULTI_HOST=True``. The slaves have
+ fewer services enabled and a couple of host variables pointing to
+ the master.
+ | **Master**
+
+ ::
+
+ MULTI_HOST=True
+
+ **Slave**
+
+ ::
+
+ MYSQL_HOST=w.x.y.z
+ RABBIT_HOST=w.x.y.z
+ GLANCE_HOSTPORT=w.x.y.z:9292
+ ENABLED_SERVICES=n-vol,n-cpu,n-net,n-api
+
+API rate limits
+ | Default: ``API_RATE_LIMIT=True``
+ | Integration tests such as Tempest will likely run afoul of the
+ default rate limits configured for Nova. Turn off rate limiting
+ during testing by setting ``API_RATE_LIMIT=False``.*
+ |
+
+ ::
+
+ API_RATE_LIMIT=False
+
+Examples
+~~~~~~~~
+
+- Eliminate a Cinder pass-through (``CINDER_PERIODIC_INTERVAL``):
+
+ ::
+
+ [[post-config|$CINDER_CONF]]
+ [DEFAULT]
+ periodic_interval = 60
+
+- Sample ``local.conf`` with screen logging enabled:
+
+ ::
+
+ [[local|localrc]]
+ FIXED_RANGE=10.254.1.0/24
+ NETWORK_GATEWAY=10.254.1.1
+ LOGDAYS=1
+ LOGFILE=$DEST/logs/stack.sh.log
+ SCREEN_LOGDIR=$DEST/logs/screen
+ ADMIN_PASSWORD=quiet
+ DATABASE_PASSWORD=$ADMIN_PASSWORD
+ RABBIT_PASSWORD=$ADMIN_PASSWORD
+ SERVICE_PASSWORD=$ADMIN_PASSWORD
+ SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50
diff --git a/doc/source/contributing.rst b/doc/source/contributing.rst
new file mode 100644
index 0000000..73069e7
--- /dev/null
+++ b/doc/source/contributing.rst
@@ -0,0 +1,100 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Contributing Help us help you
+-----------------------------
+
+DevStack uses the standard OpenStack contribution process as outlined in
+`the OpenStack wiki 'How To
+Contribute' <https://wiki.openstack.org/wiki/How_To_Contribute>`__. This
+means that you will need to meet the requirements of the Contribututors
+License Agreement (CLA). If you have already done that for another
+OpenStack project you are good to go.
+
+Things To Know
+~~~~~~~~~~~~~~
+
+|
+| **Where Things Are**
+
+The official DevStack repository is located at
+``git://git.openstack.org/openstack-dev/devstack.git``, replicated from
+the repo maintained by Gerrit. GitHub also has a mirror at
+``git://github.com/openstack-dev/devstack.git``.
+
+The `blueprint <https://blueprints.launchpad.net/devstack>`__ and `bug
+trackers <https://bugs.launchpad.net/devstack>`__ are on Launchpad. It
+should be noted that DevStack generally does not use these as strongly
+as other projects, but we're trying to change that.
+
+The `Gerrit review
+queue <https://review.openstack.org/#/q/project:openstack-dev/devstack,n,z>`__
+is, however, used for all commits except for the text of this website.
+That should also change in the near future.
+
+|
+| **HACKING.rst**
+
+Like most OpenStack projects, DevStack includes a ``HACKING.rst`` file
+that describes the layout, style and conventions of the project. Because
+``HACKING.rst`` is in the main DevStack repo it is considered
+authoritative. Much of the content on this page is taken from there.
+
+|
+| **bashate Formatting**
+
+Around the time of the OpenStack Havana release we added a tool to do
+style checking in DevStack similar to what pep8/flake8 do for Python
+projects. It is still \_very\_ simplistic, focusing mostly on stray
+whitespace to help prevent -1 on reviews that are otherwise acceptable.
+Oddly enough it is called ``bashate``. It will be expanded to enforce
+some of the documentation rules in comments that are used in formatting
+the script pages for devstack.org and possibly even simple code
+formatting. Run it on the entire project with ``./run_tests.sh``.
+
+Code
+~~~~
+
+|
+| **Repo Layout**
+
+The DevStack repo generally keeps all of the primary scripts at the root
+level.
+
+``docs`` - Contains the source for this website. It is built using
+``tools/build_docs.sh``.
+
+``exercises`` - Contains the test scripts used to validate and
+demonstrate some OpenStack functions. These scripts know how to exit
+early or skip services that are not enabled.
+
+``extras.d`` - Contains the dispatch scripts called by the hooks in
+``stack.sh``, ``unstack.sh`` and ``clean.sh``. See `the plugins
+docs <plugins.html>`__ for more information.
+
+``files`` - Contains a variety of otherwise lost files used in
+configuring and operating DevStack. This includes templates for
+configuration files and the system dependency information. This is also
+where image files are downloaded and expanded if necessary.
+
+``lib`` - Contains the sub-scripts specific to each project. This is
+where the work of managing a project's services is located. Each
+top-level project (Keystone, Nova, etc) has a file here. Additionally
+there are some for system services and project plugins.
+
+``samples`` - Contains a sample of the local files not included in the
+DevStack repo.
+
+``tests`` - the DevStack test suite is rather sparse, mostly consisting
+of test of specific fragile functions in the ``functions`` file.
+
+``tools`` - Contains a collection of stand-alone scripts, some of which
+have aged a bit (does anyone still do ramdisk installs?). While these
+may reference the top-level DevStack configuration they can generally be
+run alone. There are also some sub-directories to support specific
+environments such as XenServer.
diff --git a/doc/source/eucarc.rst b/doc/source/eucarc.rst
new file mode 100644
index 0000000..c91d341
--- /dev/null
+++ b/doc/source/eucarc.rst
@@ -0,0 +1,52 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+eucarc EC2 settings
+-------------------
+
+``eucarc`` creates EC2 credentials for the current user as defined by
+``OS_TENANT_NAME:OS_USERNAME``. ``eucarc`` sources ``openrc`` at the
+beginning (which in turn sources ``stackrc`` and ``localrc``) in order
+to set credentials to create EC2 credentials in Keystone.
+
+EC2\_URL
+ Set the EC2 url for euca2ools. The endpoint is extracted from the
+ service catalog for ``OS_TENANT_NAME:OS_USERNAME``.
+
+ ::
+
+ EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')
+
+S3\_URL
+ Set the S3 endpoint for euca2ools. The endpoint is extracted from
+ the service catalog for ``OS_TENANT_NAME:OS_USERNAME``.
+
+ ::
+
+ export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')
+
+EC2\_ACCESS\_KEY, EC2\_SECRET\_KEY
+ Create EC2 credentials for the current tenant:user in Keystone.
+
+ ::
+
+ CREDS=$(keystone ec2-credentials-create)
+ export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }')
+ export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')
+
+Certificates for Bundling
+ Euca2ools requires certificate files to enable bundle uploading. The
+ exercise script ``exercises/bundle.sh`` demonstrated retrieving
+ certificates using the Nova CLI.
+
+ ::
+
+ EC2_PRIVATE_KEY=pk.pem
+ EC2_CERT=cert.pem
+ NOVA_CERT=cacert.pem
+ EUCALYPTUS_CERT=${NOVA_CERT}
diff --git a/doc/source/exerciserc.rst b/doc/source/exerciserc.rst
new file mode 100644
index 0000000..ed3f2e8
--- /dev/null
+++ b/doc/source/exerciserc.rst
@@ -0,0 +1,49 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+exerciserc Exercise settings
+----------------------------
+
+``exerciserc`` is used to configure settings for the exercise scripts.
+The values shown below are the default values. Thse can all be
+overridden by setting them in the ``localrc`` section.
+
+ACTIVE\_TIMEOUT
+ Max time to wait while vm goes from build to active state
+
+ ::
+
+ ACTIVE_TIMEOUT==30
+
+ASSOCIATE\_TIMEOUT
+ Max time to wait for proper IP association and dis-association.
+
+ ::
+
+ ASSOCIATE_TIMEOUT=15
+
+BOOT\_TIMEOUT
+ Max time till the vm is bootable
+
+ ::
+
+ BOOT_TIMEOUT=30
+
+RUNNING\_TIMEOUT
+ Max time from run instance command until it is running
+
+ ::
+
+ RUNNING_TIMEOUT=$(($BOOT_TIMEOUT + $ACTIVE_TIMEOUT))
+
+TERMINATE\_TIMEOUT
+ Max time to wait for a vm to terminate
+
+ ::
+
+ TERMINATE_TIMEOUT=30
diff --git a/doc/source/faq.rst b/doc/source/faq.rst
new file mode 100644
index 0000000..36b25b3
--- /dev/null
+++ b/doc/source/faq.rst
@@ -0,0 +1,180 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+FAQ: Using DevStack Making to behave
+------------------------------------
+
+- `General Questions <#general>`__
+- `Operation and Configuration <#ops_conf>`__
+- `Miscellaneous <#misc>`__
+
+General Questions
+~~~~~~~~~~~~~~~~~
+
+Q: Can I use DevStack for production?
+ A: No. We mean it. Really. DevStack makes some implementation
+ choices that are not appropriate for production deployments. We
+ warned you!
+Q: Then why selinux in enforcing mode?
+ A: That is the default on current Fedora and RHEL releases. DevStack
+ has (rightly so) a bad reputation for its security practices; it has
+ always been meant as a development tool first and system integration
+ later. This is changing as the security issues around OpenStack's
+ use of root (for example) have been tightened and developers need to
+ be better equipped to work in these environments. ``stack.sh``'s use
+ of root is primarily to support the activities that would be handled
+ by packaging in "real" deployments. To remove additional protections
+ that will be desired/required in production would be a step
+ backward.
+Q: But selinux is disabled in RHEL 6!
+ A: Today it is, yes. That is a specific exception that certain
+ DevStack contributors fought strongly against. The primary reason it
+ was allowed was to support using RHEL6 as the Python 2.6 test
+ platform and that took priority time-wise. This will not be the case
+ with RHEL 7.
+Q: Why a shell script, why not chef/puppet/...
+ A: The script is meant to be read by humans (as well as ran by
+ computers); it is the primary documentation after all. Using a
+ recipe system requires everyone to agree and understand chef or
+ puppet.
+Q: Why not use Crowbar?
+ A: DevStack is optimized for documentation & developers. As some of
+ us use `Crowbar <https://github.com/dellcloudedge/crowbar>`__ for
+ production deployments, we hope developers documenting how they
+ setup systems for new features supports projects like Crowbar.
+Q: I'd like to help!
+ A: That isn't a question, but please do! The source for DevStack is
+ at
+ `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+ and bug reports go to
+ `LaunchPad <http://bugs.launchpad.net/devstack/>`__. Contributions
+ follow the usual process as described in the `OpenStack
+ wiki <http://wiki.openstack.org/HowToContribute>`__ even though
+ DevStack is not an official OpenStack project. This site is housed
+ in the CloudBuilder's
+ `github <http://github.com/cloudbuilders/devstack>`__ in the
+ gh-pages branch.
+Q: Why not use packages?
+ A: Unlike packages, DevStack leaves your cloud ready to develop -
+ checkouts of the code and services running in screen. However, many
+ people are doing the hard work of packaging and recipes for
+ production deployments. We hope this script serves as a way to
+ communicate configuration changes between developers and packagers.
+Q: Why isn't $MY\_FAVORITE\_DISTRO supported?
+ A: DevStack is meant for developers and those who want to see how
+ OpenStack really works. DevStack is known to run on the
+ distro/release combinations listed in ``README.md``. DevStack is
+ only supported on releases other than those documented in
+ ``README.md`` on a best-effort basis.
+Q: What about Fedora/RHEL/CentOS?
+ A: Fedora and CentOS/RHEL are supported via rpm dependency files and
+ specific checks in ``stack.sh``. Support will follow the pattern set
+ with the Ubuntu testing, i.e. only a single release of the distro
+ will receive regular testing, others will be handled on a
+ best-effort basis.
+Q: Are there any differences between Ubuntu and Fedora support?
+ A: Neutron is not fully supported prior to Fedora 18 due lack of
+ OpenVSwitch packages.
+Q: How about RHEL 6?
+ A: RHEL 6 has Python 2.6 and many old modules packaged and is a
+ challenge to support. There are a number of specific RHEL6
+ work-arounds in ``stack.sh`` to handle this. But the testing on py26
+ is valuable so we do it...
+
+Operation and Configuration
+~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Q: Can DevStack handle a multi-node installation?
+ A: Indirectly, yes. You run DevStack on each node with the
+ appropriate configuration in ``local.conf``. The primary
+ considerations are turning off the services not required on the
+ secondary nodes, making sure the passwords match and setting the
+ various API URLs to the right place.
+Q: How can I document the environment that DevStack is using?
+ A: DevStack includes a script (``tools/info.sh``) that gathers the
+ versions of the relevant installed apt packages, pip packages and
+ git repos. This is a good way to verify what Python modules are
+ installed.
+Q: How do I turn off a service that is enabled by default?
+ A: Services can be turned off by adding ``disable_service xxx`` to
+ ``local.conf`` (using ``n-vol`` in this example):
+
+ ::
+
+ disable_service n-vol
+
+Q: Is enabling a service that defaults to off done with the reverse of the above?
+ A: Of course!
+
+ ::
+
+ enable_service qpid
+
+Q: How do I run a specific OpenStack milestone?
+ A: OpenStack milestones have tags set in the git repo. Set the appropriate tag in the ``*_BRANCH`` variables in ``local.conf``. Swift is on its own release schedule so pick a tag in the Swift repo that is just before the milestone release. For example:
+
+ ::
+
+ [[local|localrc]]
+ GLANCE_BRANCH=stable/grizzly
+ HORIZON_BRANCH=stable/grizzly
+ KEYSTONE_BRANCH=stable/grizzly
+ NOVA_BRANCH=stable/grizzly
+ GLANCE_BRANCH=stable/grizzly
+ NEUTRON_BRANCH=stable/grizzly
+ SWIFT_BRANCH=1.10.0
+
+Q: Why not use [STRIKEOUT:``tools/pip-requires``]\ ``requirements.txt`` to grab project dependencies?
+ [STRIKEOUT:The majority of deployments will use packages to install
+ OpenStack that will have distro-based packages as dependencies.
+ DevStack installs as many of these Python packages as possible to
+ mimic the expected production environemnt.] Certain Linux
+ distributions have a 'lack of workaround' in their Python
+ configurations that installs vendor packaged Python modules and
+ pip-installed modules to the SAME DIRECTORY TREE. This is causing
+ heartache and moving us in the direction of installing more modules
+ from PyPI than vendor packages. However, that is only being done as
+ necessary as the packaging needs to catch up to the development
+ cycle anyway so this is kept to a minimum.
+Q: What can I do about RabbitMQ not wanting to start on my fresh new VM?
+ A: This is often caused by ``erlang`` not being happy with the
+ hostname resolving to a reachable IP address. Make sure your
+ hostname resolves to a working IP address; setting it to 127.0.0.1
+ in ``/etc/hosts`` is often good enough for a single-node
+ installation. And in an extreme case, use ``clean.sh`` to eradicate
+ it and try again.
+Q: How can I set up Heat in stand-alone configuration?
+ A: Configure ``local.conf`` thusly:
+
+ ::
+
+ [[local|localrc]]
+ HEAT_STANDALONE=True
+ ENABLED_SERVICES=rabbit,mysql,heat,h-api,h-api-cfn,h-api-cw,h-eng
+ KEYSTONE_SERVICE_HOST=<keystone-host>
+ KEYSTONE_AUTH_HOST=<keystone-host>
+
+Q: Why are my configuration changes ignored?
+ A: You may have run into the package prerequisite installation
+ timeout. ``tools/install_prereqs.sh`` has a timer that skips the
+ package installation checks if it was run within the last
+ ``PREREQ_RERUN_HOURS`` hours (default is 2). To override this, set
+ ``FORCE_PREREQ=1`` and the package checks will never be skipped.
+
+Miscellaneous
+~~~~~~~~~~~~~
+
+Q: ``tools/fixup_stuff.sh`` is broken and shouldn't 'fix' just one version of packages.
+ A: [Another not-a-question] No it isn't. Stuff in there is to
+ correct problems in an environment that need to be fixed elsewhere
+ or may/will be fixed in a future release. In the case of
+ ``httplib2`` and ``prettytable`` specific problems with specific
+ versions are being worked around. If later releases have those
+ problems than we'll add them to the script. Knowing about the broken
+ future releases is valuable rather than polling to see if it has
+ been fixed.
diff --git a/doc/source/guides/multinode-lab.rst b/doc/source/guides/multinode-lab.rst
new file mode 100644
index 0000000..0b1ebb9
--- /dev/null
+++ b/doc/source/guides/multinode-lab.rst
@@ -0,0 +1,379 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Multi-Node Lab: Serious Stuff
+=============================
+
+Here is OpenStack in a realistic test configuration with multiple
+physical servers.
+
+Prerequisites Linux & Network
+-----------------------------
+
+Minimal Install
+~~~~~~~~~~~~~~~
+
+You need to have a system with a fresh install of Linux. You can
+download the `Minimal
+CD <https://help.ubuntu.com/community/Installation/MinimalCD>`__ for
+Ubuntu releases since DevStack will download & install all the
+additional dependencies. The netinstall ISO is available for
+`Fedora <http://mirrors.kernel.org/fedora/releases/18/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso>`__
+and
+`CentOS/RHEL <http://mirrors.kernel.org/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-netinstall.iso>`__.
+
+Install a couple of packages to bootstrap configuration:
+
+::
+
+ apt-get install -y git sudo || yum install -y git sudo
+
+Network Configuration
+~~~~~~~~~~~~~~~~~~~~~
+
+The first iteration of the lab uses OpenStack's FlatDHCP network
+controller so only a single network will be required. It should be on
+its own subnet without DHCP; the host IPs and floating IP pool(s) will
+come out of this block. This example uses the following:
+
+- Gateway: 192.168.42.1
+- Physical nodes: 192.168.42.11-192.168.42.99
+- Floating IPs: 192.168.42.128-192.168.42.254
+
+Configure each node with a static IP. For Ubuntu edit
+``/etc/network/interfaces``:
+
+::
+
+ auto eth0
+ iface eth0 inet static
+ address 192.168.42.11
+ netmask 255.255.255.0
+ gateway 192.168.42.1
+
+For Fedora and CentOS/RHEL edit
+``/etc/sysconfig/network-scripts/ifcfg-eth0``:
+
+::
+
+ BOOTPROTO=static
+ IPADDR=192.168.42.11
+ NETMASK=255.255.255.0
+ GATEWAY=192.168.42.1
+
+Installation shake and bake
+---------------------------
+
+Add the DevStack User
+~~~~~~~~~~~~~~~~~~~~~
+
+OpenStack runs as a non-root user that has sudo access to root. There is
+nothing special about the name, we'll use ``stack`` here. Every node
+must use the same name and preferably uid. If you created a user during
+the OS install you can use it and give it sudo privileges below.
+Otherwise create the stack user:
+
+::
+
+ groupadd stack
+ useradd -g stack -s /bin/bash -d /opt/stack -m stack
+
+This user will be making many changes to your system during installation
+and operation so it needs to have sudo privileges to root without a
+password:
+
+::
+
+ echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
+From here on use the ``stack`` user. **Logout** and **login** as the
+``stack`` user.
+
+Set Up Ssh
+~~~~~~~~~~
+
+Set up the stack user on each node with an ssh key for access:
+
+::
+
+ mkdir ~/.ssh; chmod 700 ~/.ssh
+ echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyYjfgyPazTvGpd8OaAvtU2utL8W6gWC4JdRS1J95GhNNfQd657yO6s1AH5KYQWktcE6FO/xNUC2reEXSGC7ezy+sGO1kj9Limv5vrvNHvF1+wts0Cmyx61D2nQw35/Qz8BvpdJANL7VwP/cFI/p3yhvx2lsnjFE3hN8xRB2LtLUopUSVdBwACOVUmH2G+2BWMJDjVINd2DPqRIA4Zhy09KJ3O1Joabr0XpQL0yt/I9x8BVHdAx6l9U0tMg9dj5+tAjZvMAFfye3PJcYwwsfJoFxC8w/SLtqlFX7Ehw++8RtvomvuipLdmWCy+T9hIkl+gHYE4cS3OIqXH7f49jdJf jesse@spacey.local" > ~/.ssh/authorized_keys
+
+Download DevStack
+~~~~~~~~~~~~~~~~~
+
+Grab the latest version of DevStack:
+
+::
+
+ git clone https://git.openstack.org/openstack-dev/devstack
+ cd devstack
+
+Up to this point all of the steps apply to each node in the cluster.
+From here on there are some differences between the cluster controller
+(aka 'head node') and the compute nodes.
+
+Configure Cluster Controller
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The cluster controller runs all OpenStack services. Configure the
+cluster controller's DevStack in ``local.conf``:
+
+::
+
+ [[local|localrc]]
+ HOST_IP=192.168.42.11
+ FLAT_INTERFACE=eth0
+ FIXED_RANGE=10.4.128.0/20
+ FIXED_NETWORK_SIZE=4096
+ FLOATING_RANGE=192.168.42.128/25
+ MULTI_HOST=1
+ LOGFILE=/opt/stack/logs/stack.sh.log
+ ADMIN_PASSWORD=labstack
+ MYSQL_PASSWORD=supersecret
+ RABBIT_PASSWORD=supersecrete
+ SERVICE_PASSWORD=supersecrete
+ SERVICE_TOKEN=xyzpdqlazydog
+
+In the multi-node configuration the first 10 or so IPs in the private
+subnet are usually reserved. Add this to ``local.sh`` to have it run
+after every ``stack.sh`` run:
+
+::
+
+ for i in `seq 2 10`; do /opt/stack/nova/bin/nova-manage fixed reserve 10.4.128.$i; done
+
+Fire up OpenStack:
+
+::
+
+ ./stack.sh
+
+A stream of activity ensues. When complete you will see a summary of
+``stack.sh``'s work, including the relevant URLs, accounts and passwords
+to poke at your shiny new OpenStack. The most recent log file is
+available in ``stack.sh.log``.
+
+Configure Compute Nodes
+~~~~~~~~~~~~~~~~~~~~~~~
+
+The compute nodes only run the OpenStack worker services. For additional
+machines, create a ``local.conf`` with:
+
+::
+
+ [[local|localrc]]
+ HOST_IP=192.168.42.12 # change this per compute node
+ FLAT_INTERFACE=eth0
+ FIXED_RANGE=10.4.128.0/20
+ FIXED_NETWORK_SIZE=4096
+ FLOATING_RANGE=192.168.42.128/25
+ MULTI_HOST=1
+ LOGFILE=/opt/stack/logs/stack.sh.log
+ ADMIN_PASSWORD=labstack
+ MYSQL_PASSWORD=supersecret
+ RABBIT_PASSWORD=supersecrete
+ SERVICE_PASSWORD=supersecrete
+ SERVICE_TOKEN=xyzpdqlazydog
+ DATABASE_TYPE=mysql
+ SERVICE_HOST=192.168.42.11
+ MYSQL_HOST=192.168.42.11
+ RABBIT_HOST=192.168.42.11
+ GLANCE_HOSTPORT=192.168.42.11:9292
+ ENABLED_SERVICES=n-cpu,n-net,n-api,c-sch,c-api,c-vol
+ NOVA_VNC_ENABLED=True
+ NOVNCPROXY_URL="http://192.168.42.11:6080/vnc_auto.html"
+ VNCSERVER_LISTEN=$HOST_IP
+ VNCSERVER_PROXYCLIENT_ADDRESS=$VNCSERVER_LISTEN
+
+Fire up OpenStack:
+
+::
+
+ ./stack.sh
+
+A stream of activity ensues. When complete you will see a summary of
+``stack.sh``'s work, including the relevant URLs, accounts and passwords
+to poke at your shiny new OpenStack. The most recent log file is
+available in ``stack.sh.log``.
+
+Cleaning Up After DevStack
+~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+Shutting down OpenStack is now as simple as running the included
+``unstack.sh`` script:
+
+::
+
+ ./unstack.sh
+
+A more aggressive cleanup can be performed using ``clean.sh``. It
+removes certain troublesome packages and attempts to leave the system in
+a state where changing the database or queue manager can be reliably
+performed.
+
+::
+
+ ./clean.sh
+
+Sometimes running instances are not cleaned up. DevStack attempts to do
+this when it runs but there are times it needs to still be done by hand:
+
+::
+
+ sudo rm -rf /etc/libvirt/qemu/inst*
+ sudo virsh list | grep inst | awk '{print $1}' | xargs -n1 virsh destroy
+
+Options pimp your stack
+-----------------------
+
+Additional Users
+~~~~~~~~~~~~~~~~
+
+DevStack creates two OpenStack users (``admin`` and ``demo``) and two
+tenants (also ``admin`` and ``demo``). ``admin`` is exactly what it
+sounds like, a privileged administrative account that is a member of
+both the ``admin`` and ``demo`` tenants. ``demo`` is a normal user
+account that is only a member of the ``demo`` tenant. Creating
+additional OpenStack users can be done through the dashboard, sometimes
+it is easier to do them in bulk from a script, especially since they get
+blown away every time ``stack.sh`` runs. The following steps are ripe
+for scripting:
+
+::
+
+ # Get admin creds
+ . openrc admin admin
+
+ # List existing tenants
+ keystone tenant-list
+
+ # List existing users
+ keystone user-list
+
+ # Add a user and tenant
+ NAME=bob
+ PASSWORD=BigSecrete
+ TENANT=$NAME
+ keystone tenant-create --name=$NAME
+ keystone user-create --name=$NAME --pass=$PASSWORD
+ keystone user-role-add --user-id=<bob-user-id> --tenant-id=<bob-tenant-id> --role-id=<member-role-id>
+ # member-role-id comes from the existing member role created by stack.sh
+ # keystone role-list
+
+Swift
+~~~~~
+
+Swift requires a significant amount of resources and is disabled by
+default in DevStack. The support in DevStack is geared toward a minimal
+installation but can be used for testing. To implement a true multi-node
+test of Swift required more than DevStack provides. Enabling it is as
+simple as enabling the ``swift`` service in ``local.conf``:
+
+::
+
+ enable_service s-proxy s-object s-container s-account
+
+Swift will put its data files in ``SWIFT_DATA_DIR`` (default
+``/opt/stack/data/swift``). The size of the data 'partition' created
+(really a loop-mounted file) is set by ``SWIFT_LOOPBACK_DISK_SIZE``. The
+Swift config files are located in ``SWIFT_CONFIG_DIR`` (default
+``/etc/swift``). All of these settings can be overridden in (wait for
+it...) ``local.conf``.
+
+Volumes
+~~~~~~~
+
+DevStack will automatically use an existing LVM volume group named
+``stack-volumes`` to store cloud-created volumes. If ``stack-volumes``
+doesn't exist, DevStack will set up a 5Gb loop-mounted file to contain
+it. This obviously limits the number and size of volumes that can be
+created inside OpenStack. The size can be overridden by setting
+``VOLUME_BACKING_FILE_SIZE`` in ``local.conf``.
+
+``stack-volumes`` can be pre-created on any physical volume supported by
+Linux's LVM. The name of the volume group can be changed by setting
+``VOLUME_GROUP`` in ``localrc``. ``stack.sh`` deletes all logical
+volumes in ``VOLUME_GROUP`` that begin with ``VOLUME_NAME_PREFIX`` as
+part of cleaning up from previous runs. It is recommended to not use the
+root volume group as ``VOLUME_GROUP``.
+
+The details of creating the volume group depends on the server hardware
+involved but looks something like this:
+
+::
+
+ pvcreate /dev/sdc
+ vgcreate stack-volumes /dev/sdc
+
+Syslog
+~~~~~~
+
+DevStack is capable of using ``rsyslog`` to aggregate logging across the
+cluster. It is off by default; to turn it on set ``SYSLOG=True`` in
+``local.conf``. ``SYSLOG_HOST`` defaults to ``HOST_IP``; on the compute
+nodes it must be set to the IP of the cluster controller to send syslog
+output there. In the example above, add this to the compute node
+``local.conf``:
+
+::
+
+ SYSLOG_HOST=192.168.42.11
+
+Using Alternate Repositories/Branches
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+The git repositories for all of the OpenStack services are defined in
+``stackrc``. Since this file is a part of the DevStack package changes
+to it will probably be overwritten as updates are applied. Every setting
+in ``stackrc`` can be redefined in ``local.conf``.
+
+To change the repository or branch that a particular OpenStack service
+is created from, simply change the value of ``*_REPO`` or ``*_BRANCH``
+corresponding to that service.
+
+After making changes to the repository or branch, if ``RECLONE`` is not
+set in ``localrc`` it may be necessary to remove the corresponding
+directory from ``/opt/stack`` to force git to re-clone the repository.
+
+For example, to pull Nova from a proposed release candidate in the
+primary Nova repository:
+
+::
+
+ NOVA_BRANCH=rc-proposed
+
+To pull Glance from an experimental fork:
+
+::
+
+ GLANCE_BRANCH=try-something-big
+ GLANCE_REPO=https://github.com/mcuser/glance.git
+
+Notes stuff you might need to know
+----------------------------------
+
+Reset the Bridge
+~~~~~~~~~~~~~~~~
+
+How to reset the bridge configuration:
+
+::
+
+ sudo brctl delif br100 eth0.926
+ sudo ip link set dev br100 down
+ sudo brctl delbr br100
+
+Set MySQL Password
+~~~~~~~~~~~~~~~~~~
+
+If you forgot to set the root password you can do this:
+
+::
+
+ mysqladmin -u root -pnova password 'supersecret'
diff --git a/doc/source/guides/pxe-boot.rst b/doc/source/guides/pxe-boot.rst
new file mode 100644
index 0000000..f745abb
--- /dev/null
+++ b/doc/source/guides/pxe-boot.rst
@@ -0,0 +1,140 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+PXE Boot Server Guide: Magic Dust for Network Boot
+==================================================
+
+Boot DevStack from a PXE server to a RAM disk.
+
+Prerequisites Hardware & OpenWRT
+--------------------------------
+
+Hardware
+~~~~~~~~
+
+The whole point of this exercise is to have a highly portable boot
+server, so using a small router with a USB port is the desired platform.
+This guide uses a Buffalo WZR-HP-G300NH as an example, but it is easily
+generalized for other supported platforms. See openwrt.org for more.
+
+OpenWRT
+~~~~~~~
+
+Any recent 'Backfire' build of OpenWRT will work for the boot server
+project. We build from trunk and have made the images available at
+`http://openwrt.xr7.org/openwrt <http://openwrt.xr7.org/openwrt>`__.
+
+Installation bit blasting
+-------------------------
+
+Install the Image
+~~~~~~~~~~~~~~~~~
+
+This process follows `the OpenWRT doc OEM
+Install <http://wiki.openwrt.org/toh/buffalo/wzr-hp-g300h>`__ to tftp
+the new image onto the router. You need a computer to set up the router,
+we assume it is a recent Linux or OS/X installation.
+
+- Get openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin
+
+ ::
+
+ wget http://openwrt.xr7.org/openwrt/ar71xx/openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin
+
+- Connect computer to LAN port 4 (closest to WAN port)
+- Set computer interface to IP address in the 192.168.11.2
+- Add static arp entry for router
+
+ ::
+
+ arp -s 192.168.11.1 <mac-address>
+
+- Start TFTP transfer attempt
+
+ ::
+
+ tftp 192.168.11.1
+ binary
+ rexmt 1
+ timeout 60
+ put openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin
+
+- Power on router. Router will reboot and initialize on 192.168.1.1.
+- Delete static arp entry for router
+
+ ::
+
+ arp -d 192.168.11.1
+
+- Set computer to DHCP, connect and telnet to router and set root
+ password.
+
+Configure the Router
+~~~~~~~~~~~~~~~~~~~~
+
+- Update ``/etc/opkg.conf`` to point to our repo:
+
+ ::
+
+ src/gz packages http://192.168.5.13/openwrt/build/ar71xx/packages
+
+- Configure anon mounts:
+
+ ::
+
+ uci delete fstab.@mount[0]
+ uci commit fstab
+ /etc/init.d/fstab restart
+
+- Reset the DHCP address range. DevStack will claim the upper /25 of
+ the router's LAN address space for floating IPs so the default DHCP
+ address range needs to be moved:
+
+ ::
+
+ uci set dhcp.lan.start=65
+ uci set dhcp.lan.limit=60
+ uci commit dhcp
+
+- Enable TFTP:
+
+ ::
+
+ uci set dhcp.@dnsmasq[0].enable_tftp=1
+ uci set dhcp.@dnsmasq[0].tftp_root=/mnt/sda1/tftpboot
+ uci set dhcp.@dnsmasq[0].dhcp_boot=pxelinux.0
+ uci commit dhcp
+ /etc/init.d/dnsmasq restart
+
+Set Up tftpboot
+~~~~~~~~~~~~~~~
+
+- Create the ``/tmp/tftpboot`` structure and populate it:
+
+ ::
+
+ cd ~/devstack
+ tools/build_pxe_boot.sh /tmp
+
+ This calls ``tools/build_ramdisk.sh`` to create a 2GB ramdisk
+ containing a complete development Oneiric OS plus the OpenStack code
+ checkouts.
+
+- Copy ``tftpboot`` to a USB drive:
+
+ ::
+
+ mount /dev/sdb1 /mnt/tmp
+ rsync -a /tmp/tftpboot/ /mnt/tmp/tftpboot/
+ umount /mnt/tmp
+
+- Plug USB drive into router. It will be automounted and is ready to
+ serve content.
+
+Now `return <ramdisk.html>`__ to the RAM disk Guide to kick off your
+DevStack experience.
diff --git a/doc/source/guides/ramdisk.rst b/doc/source/guides/ramdisk.rst
new file mode 100644
index 0000000..1ba74f2
--- /dev/null
+++ b/doc/source/guides/ramdisk.rst
@@ -0,0 +1,86 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Stack-in-a-Box: Try before you mkfs
+===================================
+
+Run DevStack from a RAM disk to give it a whirl before making the
+commitment to install it. We'll cover booting from a USB drive or over
+the network via PXE. We'll even thow in configuring a home router to
+handle the PXE boot. You will need a minimum of 3GB for both of these
+configurations as the RAM disk itself is 2GB.
+
+Prerequisites Hardware
+----------------------
+
+USB Boot
+~~~~~~~~
+
+`This guide <usb-boot.html>`__ covers the creation of a bootable USB
+drive. Your computer BIOS must support booting from USB.
+
+PXE Boot
+~~~~~~~~
+
+`This guide <pxe-boot.html>`__ covers the installation of OpenWRT on a
+home router and configuring it as a PXE server, plus the creation of the
+boot images and PXE support files.
+
+Installation bit blasting
+-------------------------
+
+Install DevStack
+~~~~~~~~~~~~~~~~
+
+Grab the latest version of DevStack via https:
+
+::
+
+ sudo apt-get install git -y
+ git clone https://git.openstack.org/openstack-dev/devstack
+ cd devstack
+
+Prepare the Boot RAMdisk
+~~~~~~~~~~~~~~~~~~~~~~~~
+
+Pick your boot method and follow the guide to prepare to build the RAM
+disk and set up the boot process:
+
+- `USB boot <usb-boot.html>`__
+- `PXE boot <pxe-boot.html>`__
+
+Fire It Up
+~~~~~~~~~~
+
+- Boot the computer into the RAM disk. The details will vary from
+ machine to machine but most BIOSes have a method to select the boot
+ device, often by pressing F12 during POST.
+- Select 'DevStack' from the Boot Menu.
+- Log in with the 'stack' user and 'pass' password.
+- Create ``devstack/localrc`` if you wish to change any of the
+ configuration variables. You will probably want to at least set the
+ admin login password to something memorable rather than the default
+ 20 random characters:
+
+ ::
+
+ ADMIN_PASSWORD=openstack
+
+- Fire up OpenStack!
+
+ ::
+
+ ./run.sh
+
+- See the processes running in screen:
+
+ ::
+
+ screen -x
+
+- Connect to the dashboard at ``http://<ip-address>/``
diff --git a/doc/source/guides/single-machine.rst b/doc/source/guides/single-machine.rst
new file mode 100644
index 0000000..3e0a39c
--- /dev/null
+++ b/doc/source/guides/single-machine.rst
@@ -0,0 +1,140 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+All-In-One: Dedicated Hardware
+==============================
+
+Things are about to get real! Using OpenStack in containers or VMs is
+nice for kicking the tires, but doesn't compare to the feeling you get
+with hardware.
+
+Prerequisites Linux & Network
+-----------------------------
+
+Minimal Install
+~~~~~~~~~~~~~~~
+
+You need to have a system with a fresh install of Linux. You can
+download the `Minimal
+CD <https://help.ubuntu.com/community/Installation/MinimalCD>`__ for
+Ubuntu releases since DevStack will download & install all the
+additional dependencies. The netinstall ISO is available for
+`Fedora <http://mirrors.kernel.org/fedora/releases/18/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso>`__
+and
+`CentOS/RHEL <http://mirrors.kernel.org/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-netinstall.iso>`__.
+You may be tempted to use a desktop distro on a laptop, it will probably
+work but you may need to tell Network Manager to keep its fingers off
+the interface(s) that OpenStack uses for bridging.
+
+Network Configuration
+~~~~~~~~~~~~~~~~~~~~~
+
+Determine the network configuration on the interface used to integrate
+your OpenStack cloud with your existing network. For example, if the IPs
+given out on your network by DHCP are 192.168.1.X - where X is between
+100 and 200 you will be able to use IPs 201-254 for **floating ips**.
+
+To make things easier later change your host to use a static IP instead
+of DHCP (i.e. 192.168.1.201).
+
+Installation shake and bake
+---------------------------
+
+Add your user
+~~~~~~~~~~~~~
+
+We need to add a user to install DevStack. (if you created a user during
+install you can skip this step and just give the user sudo privileges
+below)
+
+::
+
+ adduser stack
+
+Since this user will be making many changes to your system, it will need
+to have sudo privileges:
+
+::
+
+ apt-get install sudo -y || yum install -y sudo
+ echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
+
+From here on you should use the user you created. **Logout** and
+**login** as that user.
+
+Download DevStack
+~~~~~~~~~~~~~~~~~
+
+We'll grab the latest version of DevStack via https:
+
+::
+
+ sudo apt-get install git -y || yum install -y git
+ git clone https://git.openstack.org/openstack-dev/devstack
+ cd devstack
+
+Run DevStack
+~~~~~~~~~~~~
+
+Now to configure ``stack.sh``. DevStack includes a sample in
+``devstack/samples/local.conf``. Create ``local.conf`` as shown below to
+do the following:
+
+- Set ``FLOATING_RANGE`` to a range not used on the local network, i.e.
+ 192.168.1.224/27. This configures IP addresses ending in 225-254 to
+ be used as floating IPs.
+- Set ``FIXED_RANGE`` and ``FIXED_NETWORK_SIZE`` to configure the
+ internal address space used by the instances.
+- Set ``FLAT_INTERFACE`` to the Ethernet interface that connects the
+ host to your local network. This is the interface that should be
+ configured with the static IP address mentioned above.
+- Set the administrative password. This password is used for the
+ **admin** and **demo** accounts set up as OpenStack users.
+- Set the MySQL administrative password. The default here is a random
+ hex string which is inconvenient if you need to look at the database
+ directly for anything.
+- Set the RabbitMQ password.
+- Set the service password. This is used by the OpenStack services
+ (Nova, Glance, etc) to authenticate with Keystone.
+
+``local.conf`` should look something like this:
+
+::
+
+ [[local|localrc]]
+ FLOATING_RANGE=192.168.1.224/27
+ FIXED_RANGE=10.11.12.0/24
+ FIXED_NETWORK_SIZE=256
+ FLAT_INTERFACE=eth0
+ ADMIN_PASSWORD=supersecret
+ MYSQL_PASSWORD=iheartdatabases
+ RABBIT_PASSWORD=flopsymopsy
+ SERVICE_PASSWORD=iheartksl
+
+Run DevStack:
+
+::
+
+ ./stack.sh
+
+A seemingly endless stream of activity ensues. When complete you will
+see a summary of ``stack.sh``'s work, including the relevant URLs,
+accounts and passwords to poke at your shiny new OpenStack.
+
+Using OpenStack
+~~~~~~~~~~~~~~~
+
+At this point you should be able to access the dashboard from other
+computers on the local network. In this example that would be
+http://192.168.1.201/ for the dashboard (aka Horizon). Launch VMs and if
+you give them floating IPs and security group access those VMs will be
+accessible from other machines on your network.
+
+Some examples of using the OpenStack command-line clients ``nova`` and
+``glance`` are in the shakedown scripts in ``devstack/exercises``.
+``exercise.sh`` will run all of those scripts and report on the results.
diff --git a/doc/source/guides/single-vm.rst b/doc/source/guides/single-vm.rst
new file mode 100644
index 0000000..35efb14
--- /dev/null
+++ b/doc/source/guides/single-vm.rst
@@ -0,0 +1,106 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Running a Cloud in a VM
+=======================
+
+Use the cloud to build the cloud! Use your cloud to launch new versions
+of OpenStack in about 5 minutes. When you break it, start over! The VMs
+launched in the cloud will be slow as they are running in QEMU
+(emulation), but their primary use is testing OpenStack development and
+operation. Speed not required.
+
+Prerequisites Cloud & Image
+---------------------------
+
+Virtual Machine
+~~~~~~~~~~~~~~~
+
+DevStack should run in any virtual machine running a supported Linux
+release. It will perform best with 2Gb or more of RAM.
+
+OpenStack Deployment & cloud-init
+~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+
+If the cloud service has an image with ``cloud-init`` pre-installed, use
+it. You can get one from `Ubuntu's Daily
+Build <http://uec-images.ubuntu.com>`__ site if necessary. This will
+enable you to launch VMs with userdata that installs everything at boot
+time. The userdata script below will install and run DevStack with a
+minimal configuration. The use of ``cloud-init`` is outside the scope of
+this document, refer to the ``cloud-init`` docs for more information.
+
+If you are directly using a hypervisor like Xen, kvm or VirtualBox you
+can manually kick off the script below as a non-root user in a
+bare-bones server installation.
+
+Installation shake and bake
+---------------------------
+
+Launching With Cloud-Init
+~~~~~~~~~~~~~~~~~~~~~~~~~
+
+This cloud config grabs the latest version of DevStack via git, creates
+a minimal ``local.conf`` file and kicks off ``stack.sh``. It should be
+passed as the user-data file when booting the VM.
+
+::
+
+ #cloud-config
+
+ users:
+ - default
+ - name: stack
+ lock_passwd: False
+ sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"]
+ shell: /bin/bash
+
+ write_files:
+ - content: |
+ #!/bin/sh
+ DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy
+ DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git
+ sudo chown stack:stack /home/stack
+ cd /home/stack
+ git clone https://git.openstack.org/openstack-dev/devstack
+ cd devstack
+ echo '[[local|localrc]]' > local.conf
+ echo ADMIN_PASSWORD=password >> local.conf
+ echo MYSQL_PASSWORD=password >> local.conf
+ echo RABBIT_PASSWORD=password >> local.conf
+ echo SERVICE_PASSWORD=password >> local.conf
+ echo SERVICE_TOKEN=tokentoken >> local.conf
+ ./stack.sh
+ path: /home/stack/start.sh
+ permissions: 0755
+
+ runcmd:
+ - su -l stack ./start.sh
+
+As DevStack will refuse to run as root, this configures ``cloud-init``
+to create a non-root user and run the ``start.sh`` script as that user.
+
+Launching By Hand
+~~~~~~~~~~~~~~~~~
+
+Using a hypervisor directly, launch the VM and either manually perform
+the steps in the embedded shell script above or copy it into the VM.
+
+Using OpenStack
+~~~~~~~~~~~~~~~
+
+At this point you should be able to access the dashboard. Launch VMs and
+if you give them floating IPs access those VMs from other machines on
+your network.
+
+One interesting use case is for developers working on a VM on their
+laptop. Once ``stack.sh`` has completed once, all of the pre-requisite
+packages are installed in the VM and the source trees checked out.
+Setting ``OFFLINE=True`` in ``local.conf`` enables ``stack.sh`` to run
+multiple times without an Internet connection. DevStack, making hacking
+at the lake possible since 2012!
diff --git a/doc/source/guides/usb-boot.rst b/doc/source/guides/usb-boot.rst
new file mode 100644
index 0000000..4f7a494
--- /dev/null
+++ b/doc/source/guides/usb-boot.rst
@@ -0,0 +1,57 @@
+`DevStack </>`__
+
+- `Overview <../overview.html>`__
+- `Changes <../changes.html>`__
+- `FAQ <../faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+USB Boot: Undoable Stack Boot
+=============================
+
+Boot DevStack from a USB disk into a RAM disk.
+
+Prerequisites
+-------------
+
+Hardware
+~~~~~~~~
+
+This guide covers the creation of a bootable USB drive. Your computer
+BIOS must support booting from USB and You will want at least 3GB of
+RAM. You also will need a USB drive of at least 2GB.
+
+Software
+~~~~~~~~
+
+Ubuntu 11.10 (Oneiric Ocelot) is required on host to create images.
+
+Installation bit blasting
+-------------------------
+
+Set Up USB Drive
+~~~~~~~~~~~~~~~~
+
+- Insert the USB drive into the computer. Make a note of the device
+ name, such as ``sdb``. Do not mount the device.
+- Install the boot system:
+
+ ::
+
+ tools/build_usb_boot.sh /dev/sdb1
+
+ This calls tools/build\_ramdisk.sh to create a 2GB ramdisk containing
+ a complete development Oneiric OS plus the OpenStack code checkouts.
+ It then writes a syslinux boot sector to the specified device and
+ creates ``/syslinux``.
+
+- If desired, you may now mount the device:
+
+ ::
+
+ mount /dev/sdb1 /mnt/tmp
+ # foo
+ umount /mnt/tmp
+
+Now `return <ramdisk.html>`__ to the RAM disk Guide to kick off your
+DevStack experience.
diff --git a/doc/source/index.rst b/doc/source/index.rst
new file mode 100644
index 0000000..37b365d
--- /dev/null
+++ b/doc/source/index.rst
@@ -0,0 +1,345 @@
+`DevStack </>`__
+
+- `Overview <overview.rst>`__
+- `Changes <changes.rst>`__
+- `FAQ <faq.rst>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+.. toctree::
+ :glob:
+ :maxdepth: 2
+
+ *
+ guides/*
+
+
+
+DevStack - an OpenStack Community Production
+============================================
+
+| A documented shell script to build complete OpenStack development environments.
+| An OpenStack program maintained by the developer community.
+
+#. Setup a fresh supported Linux installation.
+#. Clone devstack from git.openstack.org.
+
+ ::
+
+ git clone https://git.openstack.org/openstack-dev/devstack
+
+#. Deploy your OpenStack Cloud
+
+ ::
+
+ cd devstack && ./stack.sh
+
+
+
+Quick Start This ain't your first rodeo
+---------------------------------------
+
+#. Select a Linux Distribution
+
+ Only Ubuntu 14.04 (Trusty), Fedora 20 and CentOS/RHEL 6.5 are
+ documented here. OpenStack also runs and is packaged on other flavors
+ of Linux such as OpenSUSE and Debian.
+
+#. Install Selected OS
+
+ In order to correctly install all the dependencies, we assume a
+ specific minimal version of the supported distributions to make it as
+ easy as possible. We recommend using a minimal install of Ubuntu or
+ Fedora server in a VM if this is your first time.
+
+#. Download DevStack
+
+ ::
+
+ git clone https://git.openstack.org/openstack-dev/devstack
+
+ The ``devstack`` repo contains a script that installs OpenStack and
+ templates for configuration files
+
+#. Configure
+
+ We recommend at least a `minimal
+ configuration <configuration.html>`__ be set up.
+
+#. Start the install
+
+ ::
+
+ cd devstack; ./stack.sh
+
+ It takes a few minutes, we recommend `reading the
+ script <stack.sh.html>`__ while it is building.
+
+Guides Walk through various setups used by stackers
+---------------------------------------------------
+
+OpenStack on VMs
+----------------
+
+Title
+
+Description
+
+Link
+
+Virtual Machine
+
+Run OpenStack in a VM. The VMs launched in your cloud will be slow as
+they are running in QEMU (emulation), but it is useful if you don't have
+spare hardware laying around.
+
+`Read » <guides/single-vm.html>`__
+
+1 Guide
+
+What is this?
+^^^^^^^^^^^^^
+
+These guides tell you how to virtualize your OpenStack cloud in virtual
+machines. This means that you can get started without having to purchase
+any hardware.
+
+OpenStack on Hardware
+---------------------
+
+Title
+
+Description
+
+Link
+
+All-In-One
+
+Run OpenStack on dedicated hardware to get real performance in your VMs.
+This can include a server-class machine or a laptop at home.
+
+`Read » <guides/single-machine.html>`__
+
+Multi-Node + VLANs
+
+Setup a multi-node cluster with dedicated VLANs for VMs & Management.
+
+`Read » <guides/multinode-lab.html>`__
+
+2 Guides
+
+What is this?
+^^^^^^^^^^^^^
+
+These guides tell you how to deploy a development environment on real
+hardware. Guides range from running OpenStack on a single laptop to
+running a multi-node deployment on datacenter hardware.
+
+Documentation Help yourself to stack
+------------------------------------
+
+Overview
+--------
+
+`An overview of DevStack goals and priorities <overview.html>`__
+
+Configuration
+-------------
+
+`Configuring and customizing the stack <configuration.html>`__
+
+Plugins
+-------
+
+`Extending DevStack with new features <plugins.html>`__
+
+Recent Changes
+--------------
+
+`An incomplete summary of recent changes <changes.html>`__
+
+FAQ
+---
+
+`The DevStack FAQ <faq.html>`__
+
+Contributing
+------------
+
+`Pitching in to make DevStack a better place <contributing.html>`__
+
+Code A look at the bits that make it all go
+-------------------------------------------
+
+Scripts Generated documentation of DevStack scripts.
+----------------------------------------------------
+
++-------------------------------+----------------------------------------------+
+| Filename | Link |
++===============================+==============================================+
+| stack.sh | `Read » <stack.sh.html>`__ |
++-------------------------------+----------------------------------------------+
+| functions | `Read » <functions.html>`__ |
++-------------------------------+----------------------------------------------+
+| functions-common | `Read » <functions-common.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/apache | `Read » <lib/apache.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/baremetal | `Read » <lib/baremetal.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/ceilometer | `Read » <lib/ceilometer.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/cinder | `Read » <lib/cinder.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/config | `Read » <lib/config.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/database | `Read » <lib/database.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/glance | `Read » <lib/glance.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/heat | `Read » <lib/heat.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/horizon | `Read » <lib/horizon.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/infra | `Read » <lib/infra.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/ironic | `Read » <lib/ironic.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/keystone | `Read » <lib/keystone.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/ldap | `Read » <lib/ldap.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/zaqar | `Read » <lib/zaqar.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/neutron | `Read » <lib/neutron.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/nova | `Read » <lib/nova.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/oslo | `Read » <lib/oslo.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/rpc\_backend | `Read » <lib/rpc_backend.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/sahara | `Read » <lib/sahara.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/savanna | `Read » <lib/savanna.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/stackforge | `Read » <lib/stackforge.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/swift | `Read » <lib/swift.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/tempest | `Read » <lib/tempest.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/tls | `Read » <lib/tls.html>`__ |
++-------------------------------+----------------------------------------------+
+| lib/trove | `Read » <lib/trove.html>`__ |
++-------------------------------+----------------------------------------------+
+| unstack.sh | `Read » <unstack.sh.html>`__ |
++-------------------------------+----------------------------------------------+
+| clean.sh | `Read » <clean.sh.html>`__ |
++-------------------------------+----------------------------------------------+
+| run\_tests.sh | `Read » <run_tests.sh.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/50-ironic.sh | `Read » <extras.d/50-ironic.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/70-zaqar.sh | `Read » <extras.d/70-zaqar.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/70-sahara.sh | `Read » <extras.d/70-sahara.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/70-savanna.sh | `Read » <extras.d/70-savanna.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/70-trove.sh | `Read » <extras.d/70-trove.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/80-opendaylight.sh | `Read » <extras.d/80-opendaylight.html>`__ |
++-------------------------------+----------------------------------------------+
+| extras.d/80-tempest.sh | `Read » <extras.d/80-tempest.html>`__ |
++-------------------------------+----------------------------------------------+
+
+Configuration Setting the table
+-------------------------------
+
++--------------+--------------------------------+
+| Filename | Link |
++==============+================================+
+| local.conf | `Read » <local.conf.html>`__ |
++--------------+--------------------------------+
+| stackrc | `Read » <stackrc.html>`__ |
++--------------+--------------------------------+
+| openrc | `Read » <openrc.html>`__ |
++--------------+--------------------------------+
+| exerciserc | `Read » <exerciserc.html>`__ |
++--------------+--------------------------------+
+| eucarc | `Read » <eucarc.html>`__ |
++--------------+--------------------------------+
+
+Tools Support scripts
+---------------------
+
++-----------------------------+----------------------------------------------+
+| Filename | Link |
++=============================+==============================================+
+| tools/info.sh | `Read » <tools/info.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/build\_docs.sh | `Read » <tools/build_docs.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/create\_userrc.sh | `Read » <tools/create_userrc.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/fixup\_stuff.sh | `Read » <tools/fixup_stuff.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/install\_prereqs.sh | `Read » <tools/install_prereqs.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/install\_pip.sh | `Read » <tools/install_pip.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+| tools/upload\_image.sh | `Read » <tools/upload_image.sh.html>`__ |
++-----------------------------+----------------------------------------------+
+
+Samples Generated documentation of DevStack sample files.
+---------------------------------------------------------
+
++------------+--------------------------------------+
+| Filename | Link |
++============+======================================+
+| local.sh | `Read » <samples/local.sh.html>`__ |
++------------+--------------------------------------+
+| localrc | `Read » <samples/localrc.html>`__ |
++------------+--------------------------------------+
+
+Exercises Generated documentation of DevStack scripts.
+------------------------------------------------------
+
++---------------------------------+-------------------------------------------------+
+| Filename | Link |
++=================================+=================================================+
+| exercise.sh | `Read » <exercise.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/aggregates.sh | `Read » <exercises/aggregates.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/boot\_from\_volume.sh | `Read » <exercises/boot_from_volume.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/bundle.sh | `Read » <exercises/bundle.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/client-args.sh | `Read » <exercises/client-args.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/client-env.sh | `Read » <exercises/client-env.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/euca.sh | `Read » <exercises/euca.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/floating\_ips.sh | `Read » <exercises/floating_ips.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/horizon.sh | `Read » <exercises/horizon.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/neutron-adv-test.sh | `Read » <exercises/neutron-adv-test.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/sahara.sh | `Read » <exercises/sahara.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/savanna.sh | `Read » <exercises/savanna.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/sec\_groups.sh | `Read » <exercises/sec_groups.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/swift.sh | `Read » <exercises/swift.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/trove.sh | `Read » <exercises/trove.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/volumes.sh | `Read » <exercises/volumes.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
+| exercises/zaqar.sh | `Read » <exercises/zaqar.sh.html>`__ |
++---------------------------------+-------------------------------------------------+
diff --git a/doc/source/local.conf.rst b/doc/source/local.conf.rst
new file mode 100644
index 0000000..e1de44c
--- /dev/null
+++ b/doc/source/local.conf.rst
@@ -0,0 +1,16 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+local.conf User settings
+------------------------
+
+``local.conf`` is a user-maintained setings file that is sourced in
+``stackrc``. It contains a section that replaces the historical
+``localrc`` file. See `the description of
+local.conf <configuration.html>`__ for more details about the mechanics
+of the file.
diff --git a/doc/source/localrc.rst b/doc/source/localrc.rst
new file mode 100644
index 0000000..487280b
--- /dev/null
+++ b/doc/source/localrc.rst
@@ -0,0 +1,16 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+localrc User settings
+---------------------
+
+``localrc`` is the old file used to configure DevStack. It is deprecated
+and has been replaced by ```local.conf`` <local.conf.html>`__. DevStack
+will continue to use ``localrc`` if it is present and ignore the
+``localrc`` section in ``local.conf.``. Remove ``localrc`` to switch to
+using the new file.
diff --git a/doc/source/openrc.rst b/doc/source/openrc.rst
new file mode 100644
index 0000000..ce5765a
--- /dev/null
+++ b/doc/source/openrc.rst
@@ -0,0 +1,83 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+openrc User authentication settings
+-----------------------------------
+
+``openrc`` configures login credentials suitable for use with the
+OpenStack command-line tools. ``openrc`` sources ``stackrc`` at the
+beginning (which in turn sources the ``localrc`` setion of
+``local.conf``) in order to pick up ``HOST_IP`` and/or ``SERVICE_HOST``
+to use in the endpoints. The values shown below are the default values.
+
+OS\_TENANT\_NAME
+ The introduction of Keystone to the OpenStack ecosystem has
+ standardized the term *tenant* as the entity that owns resources. In
+ some places references still exist to the original Nova term
+ *project* for this use. Also, *tenant\_name* is preferred to
+ *tenant\_id*.
+
+ ::
+
+ OS_TENANT_NAME=demo
+
+OS\_USERNAME
+ In addition to the owning entity (tenant), Nova stores the entity
+ performing the action as the *user*.
+
+ ::
+
+ OS_USERNAME=demo
+
+OS\_PASSWORD
+ With Keystone you pass the keystone password instead of an api key.
+ Recent versions of novaclient use OS\_PASSWORD instead of
+ NOVA\_API\_KEYs or NOVA\_PASSWORD.
+
+ ::
+
+ OS_PASSWORD=secrete
+
+HOST\_IP, SERVICE\_HOST
+ Set API endpoint host using ``HOST_IP``. ``SERVICE_HOST`` may also
+ be used to specify the endpoint, which is convenient for some
+ ``localrc`` configurations. Typically, ``HOST_IP`` is set in the
+ ``localrc`` section.
+
+ ::
+
+ HOST_IP=127.0.0.1
+ SERVICE_HOST=$HOST_IP
+
+OS\_AUTH\_URL
+ Authenticating against an OpenStack cloud using Keystone returns a
+ *Token* and *Service Catalog*. The catalog contains the endpoints
+ for all services the user/tenant has access to - including Nova,
+ Glance, Keystone and Swift.
+
+ ::
+
+ OS_AUTH_URL=http://$SERVICE_HOST:5000/v2.0
+
+GLANCE\_HOST
+ Some exercises call Glance directly. On a single-node installation,
+ Glance should be listening on ``HOST_IP``. If its running elsewhere
+ it can be set here.
+
+ ::
+
+ GLANCE_HOST=$HOST_IP
+
+KEYSTONECLIENT\_DEBUG, NOVACLIENT\_DEBUG
+ Set command-line client log level to ``DEBUG``. These are commented
+ out by default.
+
+ ::
+
+ # export KEYSTONECLIENT_DEBUG=1
+ # export NOVACLIENT_DEBUG=1
diff --git a/doc/source/overview.rst b/doc/source/overview.rst
new file mode 100644
index 0000000..cedf941
--- /dev/null
+++ b/doc/source/overview.rst
@@ -0,0 +1,99 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Overview DevStack from a cloud-height view
+------------------------------------------
+
+DevStack has evolved to support a large number of configuration options
+and alternative platforms and support services. That evolution has grown
+well beyond what was originally intended and the majority of
+configuration combinations are rarely, if ever, tested. DevStack is not
+a general OpenStack installer and was never meant to be everything to
+everyone..
+
+Below is a list of what is specifically is supported (read that as
+"tested") going forward.
+
+Supported Components
+--------------------
+
+Base OS
+~~~~~~~
+
+*The OpenStack Technical Committee (TC) has defined the current CI
+strategy to include the latest Ubuntu release and the latest RHEL
+release (for Python 2.6 testing).*
+
+- Ubuntu: current LTS release plus current development release
+- Fedora: current release plus previous release
+- RHEL: current major release
+- Other OS platforms may continue to be included but the maintenance of
+ those platforms shall not be assumed simply due to their presence.
+ Having a listed point-of-contact for each additional OS will greatly
+ increase its chance of being well-maintained.
+- Patches for Ubuntu and/or Fedora will not be held up due to
+ side-effects on other OS platforms.
+
+Databases
+~~~~~~~~~
+
+*As packaged by the host OS*
+
+- MySQL
+- PostgreSQL
+
+Queues
+~~~~~~
+
+*As packaged by the host OS*
+
+- Rabbit
+- Qpid
+
+Web Server
+~~~~~~~~~~
+
+*As packaged by the host OS*
+
+- Apache
+
+OpenStack Network
+~~~~~~~~~~~~~~~~~
+
+*Default to Nova Network, optionally use Neutron*
+
+- Nova Network: FlatDHCP
+- Neutron: A basic configuration approximating the original FlatDHCP
+ mode using linuxbridge or OpenVSwitch.
+
+Services
+~~~~~~~~
+
+The default services configured by DevStack are Identity (Keystone),
+Object Storage (Swift), Image Storage (Glance), Block Storage (Cinder),
+Compute (Nova), Network (Nova), Dashboard (Horizon), Orchestration
+(Heat)
+
+Additional services not included directly in DevStack can be tied in to
+``stack.sh`` using the `plugin mechanism <plugins.html>`__ to call
+scripts that perform the configuration and startup of the service.
+
+Node Configurations
+~~~~~~~~~~~~~~~~~~~
+
+- single node
+- multi-node is not tested regularly by the core team, and even then
+ only minimal configurations are reviewed
+
+Exercises
+~~~~~~~~~
+
+The DevStack exercise scripts are no longer used as integration and gate
+testing as that job has transitioned to Tempest. They are still
+maintained as a demonstrations of using OpenStack from the command line
+and for quick operational testing.
diff --git a/doc/source/plugins.rst b/doc/source/plugins.rst
new file mode 100644
index 0000000..0747b59
--- /dev/null
+++ b/doc/source/plugins.rst
@@ -0,0 +1,119 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+Plugins Add stuff
+-----------------
+
+DevStack has a couple of plugin mechanisms to allow easily adding
+support for additional projects and features.
+
+Extras.d Hooks
+~~~~~~~~~~~~~~
+
+These relatively new hooks are an extension of the existing calls from
+``stack.sh`` at the end of its run, plus ``unstack.sh`` and
+``clean.sh``. A number of the higher-layer projects are implemented in
+DevStack using this mechanism.
+
+The script in ``extras.d`` is expected to be mostly a dispatcher to
+functions in a ``lib/*`` script. The scripts are named with a
+zero-padded two digits sequence number prefix to control the order that
+the scripts are called, and with a suffix of ``.sh``. DevSack reserves
+for itself the sequence numbers 00 through 09 and 90 through 99.
+
+Below is a template that shows handlers for the possible command-line
+arguments:
+
+::
+
+ # template.sh - DevStack extras.d dispatch script template
+
+ # check for service enabled
+ if is_service_enabled template; then
+
+ if [[ "$1" == "source" ]]; then
+ # Initial source of lib script
+ source $TOP_DIR/lib/template
+ fi
+
+ if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
+ # Set up system services
+ echo_summary "Configuring system services Template"
+ install_package cowsay
+
+ elif [[ "$1" == "stack" && "$2" == "install" ]]; then
+ # Perform installation of service source
+ echo_summary "Installing Template"
+ install_template
+
+ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+ # Configure after the other layer 1 and 2 services have been configured
+ echo_summary "Configuring Template"
+ configure_template
+
+ elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+ # Initialize and start the template service
+ echo_summary "Initializing Template"
+ ##init_template
+ fi
+
+ if [[ "$1" == "unstack" ]]; then
+ # Shut down template services
+ # no-op
+ :
+ fi
+
+ if [[ "$1" == "clean" ]]; then
+ # Remove state and transient data
+ # Remember clean.sh first calls unstack.sh
+ # no-op
+ :
+ fi
+ fi
+
+The arguments are:
+
+- **source** - Called by each script that utilizes ``extras.d`` hooks;
+ this replaces directly sourcing the ``lib/*`` script.
+- **stack** - Called by ``stack.sh`` three times for different phases
+ of its run:
+
+ - **pre-install** - Called after system (OS) setup is complete and
+ before project source is installed.
+ - **install** - Called after the layer 1 and 2 projects source and
+ their dependencies have been installed.
+ - **post-config** - Called after the layer 1 and 2 services have
+ been configured. All configuration files for enabled services
+ should exist at this point.
+ - **extra** - Called near the end after layer 1 and 2 services have
+ been started. This is the existing hook and has not otherwise
+ changed.
+
+- **unstack** - Called by ``unstack.sh`` before other services are shut
+ down.
+- **clean** - Called by ``clean.sh`` before other services are cleaned,
+ but after ``unstack.sh`` has been called.
+
+Hypervisor
+~~~~~~~~~~
+
+Hypervisor plugins are fairly new and condense most hypervisor
+configuration into one place.
+
+The initial plugin implemented was for Docker support and is a useful
+template for the required support. Plugins are placed in
+``lib/nova_plugins`` and named ``hypervisor-<name>`` where ``<name>`` is
+the value of ``VIRT_DRIVER``. Plugins must define the following
+functions:
+
+- ``install_nova_hypervisor`` - install any external requirements
+- ``configure_nova_hypervisor`` - make configuration changes, including
+ those to other services
+- ``start_nova_hypervisor`` - start any external services
+- ``stop_nova_hypervisor`` - stop any external services
+- ``cleanup_nova_hypervisor`` - remove transient data and cache
diff --git a/doc/source/stackrc.rst b/doc/source/stackrc.rst
new file mode 100644
index 0000000..5d9d221
--- /dev/null
+++ b/doc/source/stackrc.rst
@@ -0,0 +1,73 @@
+`DevStack </>`__
+
+- `Overview <overview.html>`__
+- `Changes <changes.html>`__
+- `FAQ <faq.html>`__
+- `git.openstack.org <https://git.openstack.org/cgit/openstack-dev/devstack>`__
+- `Gerrit <https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z>`__
+
+stackrc DevStack settings
+-------------------------
+
+``stackrc`` is the primary configuration file for DevStack. It contains
+all of the settings that control the services started and the
+repositories used to download the source for those services. ``stackrc``
+sources the ``localrc`` section of ``local.conf`` to perform the default
+overrides.
+
+DATABASE\_TYPE
+ Select the database backend to use. The default is ``mysql``,
+ ``postgresql`` is also available.
+ENABLED\_SERVICES
+ Specify which services to launch. These generally correspond to
+ screen tabs. The default includes: Glance (API and Registry),
+ Keystone, Nova (API, Certificate, Object Store, Compute, Network,
+ Scheduler, VNC proxies, Certificate Authentication), Cinder
+ (Scheduler, API, Volume), Horizon, MySQL, RabbitMQ, Tempest.
+
+ ::
+
+ ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-cond,cinder,c-sch,c-api,c-vol,n-sch,n-novnc,n-xvnc,n-cauth,horizon,rabbit,tempest,$DATABASE_TYPE
+
+ Other services that are not enabled by default can be enabled in
+ ``localrc``. For example, to add Swift, use the following service
+ names:
+
+ ::
+
+ enable_service s-proxy s-object s-container s-account
+
+ A service can similarly be disabled:
+
+ ::
+
+ disable_service horizon
+
+Service Repos
+ The Git repositories used to check out the source for each service
+ are controlled by a pair of variables set for each service.
+ ``*_REPO`` points to the repository and ``*_BRANCH`` selects which
+ branch to check out. These may be overridden in ``local.conf`` to
+ pull source from a different repo for testing, such as a Gerrit
+ branch proposal. ``GIT_BASE`` points to the primary repository
+ server.
+
+ ::
+
+ NOVA_REPO=$GIT_BASE/openstack/nova.git
+ NOVA_BRANCH=master
+
+ To pull a branch directly from Gerrit, get the repo and branch from
+ the Gerrit review page:
+
+ ::
+
+ git fetch https://review.openstack.org/p/openstack/nova refs/changes/50/5050/1 && git checkout FETCH_HEAD
+
+ The repo is the stanza following ``fetch`` and the branch is the
+ stanza following that:
+
+ ::
+
+ NOVA_REPO=https://review.openstack.org/p/openstack/nova
+ NOVA_BRANCH=refs/changes/50/5050/1
diff --git a/docs/source/assets/images/quickstart.png b/docs/source/assets/images/quickstart.png
deleted file mode 100644
index 5400a6f..0000000
--- a/docs/source/assets/images/quickstart.png
+++ /dev/null
Binary files differ
diff --git a/docs/source/changes.html b/docs/source/changes.html
deleted file mode 100644
index 966b0c9..0000000
--- a/docs/source/changes.html
+++ /dev/null
@@ -1,70 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Recent Changes</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="faq" class="span12">
-
- <div class='row pull-left'>
- <h2>Recent Changes <small>What's been happening?</small></h2>
- <p>These are the commits to DevStack for the last six months. For the complete list see <a href="https://review.openstack.org/#/q/status:merged+project:openstack-dev/devstack,n,z">the DevStack project in Gerrit</a>.</p>
-
- <ul class='pull-left'>
- <!--
- This list is generated by:
- git log --pretty=format:' <li>%s - <em>Commit <a href="https://review.openstack.org/#q,%h,n,z">%h</a> %cd</em></li>' --date=short --since 2014-01-01 | grep -v Merge
- -->
- <!-- Begin git log %GIT_LOG% -->
- <!-- End git log -->
- </ul>
- </div>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/configuration.html b/docs/source/configuration.html
deleted file mode 100644
index fbcead7..0000000
--- a/docs/source/configuration.html
+++ /dev/null
@@ -1,237 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Overview</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="overview" class="span12">
-
- <div class='row pull-left'>
- <h2>Configuration <small>Making it go my way</small></h2>
- <p>DevStack has always tried to be mostly-functional with a minimal amount of configuration. The number of options has ballooned as projects add features, new projects added and more combinations need to be tested. Historically DevStack obtained all local configuration and customizations from a <code>localrc</code> file. The number of configuration variables that are simply passed-through to the individual project configuration files is also increasing. The old mechanism for this (<code>EXTRAS_OPTS</code> and friends) required specific code for each file and did not scale well.</p>
- <p>In Oct 2013 a new configuration method was introduced (in <a href="https://review.openstack.org/#/c/46768/">review 46768</a>) to hopefully simplify this process and meet the following goals:</p>
- <ul>
- <li>contain all non-default local configuration in a single file</li>
- <li>be backward-compatible with <code>localrc</code> to smooth the transition process</li>
- <li>allow settings in arbitrary configuration files to be changed</li>
- </ul>
-
- <h3>local.conf</h3>
- <p>The new configuration file is <code>local.conf</code> and resides in the root DevStack directory like the old <code>localrc</code> file. It is a modified INI format file that introduces a meta-section header to carry additional information regarding the configuration files to be changed.</p>
-
- <p>The new header is similar to a normal INI section header but with double brackets (<code>[[ ... ]]</code>) and two internal fields separated by a pipe (<code>|</code>):</p>
-<pre>[[ <phase> | <config-file-name> ]]
-</pre>
-
- <p>where <code><phase></code> is one of a set of phase names defined by <code>stack.sh</code> and <code><config-file-name></code> is the configuration filename. The filename is eval'ed in the <code>stack.sh</code> context so all environment variables are available and may be used. Using the project config file variables in the header is strongly suggested (see the <code>NOVA_CONF</code> example below). If the path of the config file does not exist it is skipped.</p>
-
- <p>The defined phases are:</p>
- <ul>
- <li><strong>local</strong> - extracts <code>localrc</code> from <code>local.conf</code> before <code>stackrc</code> is sourced</li>
- <li><strong>pre-install</strong> - runs after the system packages are installed but before any of the source repositories are installed</li>
- <li><strong>install</strong> - runs immediately after the repo installations are complete</li>
- <li><strong>post-config</strong> - runs after the layer 2 services are configured and before they are started</li>
- <li><strong>extra</strong> - runs after services are started and before any files in <code>extra.d</code> are executed
- </ul>
-
- <p>The file is processed strictly in sequence; meta-sections may be specified more than once but if any settings are duplicated the last to appear in the file will be used.</p>
-<pre>[[post-config|$NOVA_CONF]]
-[DEFAULT]
-use_syslog = True
-
-[osapi_v3]
-enabled = False
-</pre>
-
- <p>A specific meta-section <code>local|localrc</code> is used to
- provide a default <code>localrc</code> file (actually
- <code>.localrc.auto</code>). This allows all custom settings
- for DevStack to be contained in a single file. If <code>localrc</code>
- exists it will be used instead to preserve backward-compatibility. More
- details on the <a href="localrc.html">contents of localrc</a> are available.</p>
-<pre>[[local|localrc]]
-FIXED_RANGE=10.254.1.0/24
-ADMIN_PASSWORD=speciale
-LOGFILE=$DEST/logs/stack.sh.log
-</pre>
-
- <p>Note that <code>Q_PLUGIN_CONF_FILE</code> is unique in that it is assumed to <em>NOT</em> start with a <code>/</code> (slash) character. A slash will need to be added:</p>
-<pre>[[post-config|/$Q_PLUGIN_CONF_FILE]]
-</pre>
-
- <p>Also note that the <code>localrc</code> section is sourced as a shell script fragment amd <string>MUST</strong> conform to the shell requirements, specifically no whitespace around <code>=</code> (equals).</p>
-
- <a id="minimal"></a>
- <h3>Minimal Configuration</h3>
- <p>While <code>stack.sh</code> is happy to run without a <code>localrc</code> section in <code>local.conf</code>, devlife is better when there are a few minimal variables set. This is an example of a minimal configuration that touches the values that most often need to be set.</p>
- <ul>
- <li>no logging</li>
- <li>pre-set the passwords to prevent interactive prompts</li>
- <li>move network ranges away from the local network (<code>FIXED_RANGE</code> and <code>FLOATING_RANGE</code>, commented out below)</li>
- <li>set the host IP if detection is unreliable (<code>HOST_IP</code>, commented out below)</li>
- </ul>
- <pre>[[local|localrc]]
-ADMIN_PASSWORD=secrete
-DATABASE_PASSWORD=$ADMIN_PASSWORD
-RABBIT_PASSWORD=$ADMIN_PASSWORD
-SERVICE_PASSWORD=$ADMIN_PASSWORD
-SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50
-#FIXED_RANGE=172.31.1.0/24
-#FLOATING_RANGE=192.168.20.0/25
-#HOST_IP=10.3.4.5</pre>
- <p>If the <code>*_PASSWORD</code> variables are not set here you will be prompted to enter values for them by <code>stack.sh</code>.</p>
- <p>The network ranges must not overlap with any networks in use on the host. Overlap is not uncommon as RFC-1918 'private' ranges are commonly used for both the local networking and Nova's fixed and floating ranges.</p>
- <p><code>HOST_IP</code> is normally detected on the first run of <code>stack.sh</code> but often is indeterminate on later runs due to the IP being moved from an Ethernet integace to a bridge on the host. Setting it here also makes it available for <code>openrc</code> to set <code>OS_AUTH_URL</code>. <code>HOST_IP</code> is not set by default.</p>
-
- <h3>Common Configuration Variables</h3>
- <dl>
- <dt>Set DevStack install directory</dt>
- <dd><em>Default: <code>DEST=/opt/stack</code></em><br />
- The DevStack install directory is set by the <code>DEST</code> variable. By setting it early in the <code>localrc</code> section you can reference it in later variables. It can be useful to set it even though it is not changed from the default value.
- <pre>DEST=/opt/stack</pre></dd>
-
- <dt>stack.sh logging</dt>
- <dd><em>Defaults: <code>LOGFILE="" LOGDAYS=7 LOG_COLOR=True</code></em><br />
- By default <code>stack.sh</code> output is only written to the console where is runs. It can be sent to a file in addition to the console by setting <code>LOGFILE</code> to the fully-qualified name of the destination log file. A timestamp will be appended to the given filename for each run of <code>stack.sh</code>.
- <pre>LOGFILE=$DEST/logs/stack.sh.log</pre>
- Old log files are cleaned automatically if <code>LOGDAYS</code> is set to the number of days of old log files to keep.
- <pre>LOGDAYS=1</pre>
- The some of the project logs (Nova, Cinder, etc) will be colorized by default (if <code>SYSLOG</code> is not set below); this can be turned off by setting <code>LOG_COLOR</code> False.
- <pre>LOG_COLOR=False</pre></dd>
-
- <dt>Screen logging</dt>
- <dd><em>Default: <code>SCREEN_LOGDIR=""</code></em><br />
- By default DevStack runs the OpenStack services using <code>screen</code> which is useful for watching log and debug output. However, in automated testing the interactive <code>screen</code> sessions may not be available after the fact; setting <code>SCREEN_LOGDIR</code> enables logging of the <code>screen</code> sessions in the specified diretory. There will be one file per <code>screen</code> session named for the session name and a timestamp.
- <pre>SCREEN_LOGDIR=$DEST/logs/screen</pre>
- <em>Note the use of <code>DEST</code> to locate the main install directory; this is why we suggest setting it in <code>local.conf</code>.</em></dd><br />
-
- <dt>One syslog to bind them all</dt>
- <dd><em>Default: <code>SYSLOG=False SYSLOG_HOST=$HOST_IP SYSLOG_PORT=516</code></em><br />
- Logging all services to a single syslog can be convenient. Enable syslogging by seting <code>SYSLOG</code> to <code>True</code>. If the destination log host is not localhost <code>SYSLOG_HOST</code> and <code>SYSLOG_PORT</code> can be used to direct the message stream to the log host.
- <pre>SYSLOG=True
-SYSLOG_HOST=$HOST_IP
-SYSLOG_PORT=516</pre></dd>
-
- <dt>A clean install every time</dt>
- <dd><em>Default: <code>RECLONE=""</code></em><br />
- By default <code>stack.sh</code> only clones the project repos if they do not exist in <code>$DEST</code>. <code>stack.sh</code> will freshen each repo on each run if <code>RECLONE</code> is set to <code>yes</code>. This avoids having to manually remove repos in order to get the current branch from <code>$GIT_BASE</code>.
- <pre>RECLONE=yes</code></dd>
-
- <dt>Swift</dt>
- <dd><em>Default: <code>SWIFT_HASH="" SWIFT_REPLICAS=1 SWIFT_DATA_DIR=$DEST/data/swift</code></em><br />
- Swift is now used as the back-end for the S3-like object store. When enabled Nova's objectstore (n-obj in <code>ENABLED_SERVICES</code>) is automatically disabled. Enable Swift by adding it services to <code>ENABLED_SERVICES</code>:
- <pre>enable_service s-proxy s-object s-container s-account</pre>
- Setting Swift's hash value is required and you will be prompted for it if Swift is enabled so just set it to something already:
- <pre>SWIFT_HASH=66a3d6b56c1f479c8b4e70ab5c2000f5</pre>
- For development purposes the default number of replicas is set to <code>1</code> to reduce the overhead required. To better simulate a production deployment set this to <code>3</code> or more.
- <pre>SWIFT_REPLICAS=3</pre>
- The data for Swift is stored in the source tree by default
- (in <code>$DEST/swift/data</code>) and can be moved by setting
- <code>SWIFT_DATA_DIR</code>. The specified directory will be created if it does not exist.
- <pre>SWIFT_DATA_DIR=$DEST/data/swift</pre>
- <em>Note: Previously just enabling <code>swift</code> was sufficient to start the Swift services. That does not provide proper service granularity, particularly in multi-host configurations, and is considered deprecated. Some service combination tests now check for specific Swift services and the old blanket acceptance will longer work correctly.</em>
- </dd>
-
- <dt>Service Catalog Backend</dt>
- <dd><em>Default: <code>KEYSTONE_CATALOG_BACKEND=sql</code></em><br />
- DevStack uses Keystone's <code>sql</code> service catalog backend. An alternate <code>template</code> backend is also available. However, it does not support the <code>service-*</code> and <code>endpoint-*</code> commands of the <code>keystone</code> CLI. To
- do so requires the <code>sql</code> backend be enabled:
- <pre>KEYSTONE_CATALOG_BACKEND=template</pre>
- DevStack's default configuration in <code>sql</code> mode is set in
- <code>files/keystone_data.sh</code></dd>
-
- <dt>Cinder</dt>
- <dd><em>Default: <code>VOLUME_GROUP="stack-volumes" VOLUME_NAME_PREFIX="volume-" VOLUME_BACKING_FILE_SIZE=10250M</code></em><br />
- The logical volume group used to hold the Cinder-managed volumes is set by <code>VOLUME_GROUP</code>, the logical volume name prefix is set with <code>VOLUME_NAME_PREFIX</code> and the size of the volume backing file is set with <code>VOLUME_BACKING_FILE_SIZE</code>.
- <pre>VOLUME_GROUP="stack-volumes"
-VOLUME_NAME_PREFIX="volume-"
-VOLUME_BACKING_FILE_SIZE=10250M</pre></dd>
-
- <dt>Multi-host DevStack</dt>
- <dd><em>Default: <code>MULTI_HOST=False</code></em><br />
- Running DevStack with multiple hosts requires a custom <code>local.conf</code> section for each host. The master is the same as a single host installation with <code>MULTI_HOST=True</code>. The slaves have fewer services enabled and a couple of host variables pointing to the master.
- <br /><br />
- <strong>Master</strong>
- <pre>MULTI_HOST=True</pre>
-
- <strong>Slave</strong>
- <pre>MYSQL_HOST=w.x.y.z
-RABBIT_HOST=w.x.y.z
-GLANCE_HOSTPORT=w.x.y.z:9292
-ENABLED_SERVICES=n-vol,n-cpu,n-net,n-api</pre></dd>
-
- <dt>API rate limits</dt>
- <dd><em>Default: <code>API_RATE_LIMIT=True</code><br />
- Integration tests such as Tempest will likely run afoul of the default rate limits configured for Nova. Turn off rate limiting during testing by setting <code>API_RATE_LIMIT=False</code>.
- <pre>API_RATE_LIMIT=False</pre></dd>
- </dl>
-
- <h3>Examples</h3>
- <ul>
- <li>Eliminate a Cinder pass-through (<code>CINDER_PERIODIC_INTERVAL</code>):
-<pre>[[post-config|$CINDER_CONF]]
-[DEFAULT]
-periodic_interval = 60
-</pre></li>
- <li>Sample <code>local.conf</code> with screen logging enabled:
-<pre>[[local|localrc]]
-FIXED_RANGE=10.254.1.0/24
-NETWORK_GATEWAY=10.254.1.1
-LOGDAYS=1
-LOGFILE=$DEST/logs/stack.sh.log
-SCREEN_LOGDIR=$DEST/logs/screen
-ADMIN_PASSWORD=quiet
-DATABASE_PASSWORD=$ADMIN_PASSWORD
-RABBIT_PASSWORD=$ADMIN_PASSWORD
-SERVICE_PASSWORD=$ADMIN_PASSWORD
-SERVICE_TOKEN=a682f596-76f3-11e3-b3b2-e716f9080d50</pre></li>
- </ul>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/contributing.html b/docs/source/contributing.html
deleted file mode 100644
index f3d4b5a..0000000
--- a/docs/source/contributing.html
+++ /dev/null
@@ -1,88 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Overview</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="overview" class="span12">
-
- <div class='row pull-left'>
- <h2>Contributing <small>Help us help you</small></h2>
- <p>DevStack uses the standard OpenStack contribution process as outlined in <a href="https://wiki.openstack.org/wiki/How_To_Contribute">the OpenStack wiki 'How To Contribute'</a>. This means that you will need to meet the requirements of the Contribututors License Agreement (CLA). If you have already done that for another OpenStack project you are good to go.</p>
-
- <h3>Things To Know</h3>
-
- <br /><strong>Where Things Are</strong>
- <p>The official DevStack repository is located at <code>git://github.com/openstack-dev/devstack.git</code> and <code>git://git.openstack.org/openstack-dev/devstack.git</code>, both mirrors of the official repo maintained by Gerrit.</p>
- <p>The <a href="https://blueprints.launchpad.net/devstack">blueprint</a> and <a href="https://bugs.launchpad.net/devstack">bug trackers</a> are on Launchpad. It should be noted that DevStack generally does not use these as strongly as other projects, but we're trying to change that.</p>
- <p>The <a href="https://review.openstack.org/#/q/project:openstack-dev/devstack,n,z">Gerrit review queue</a> is, however, used for all commits except for the text of this website. That should also change in the near future.</p>
-
- <br /><strong>HACKING.rst</strong>
- <p>Like most OpenStack projects, DevStack includes a <code>HACKING.rst</code> file that describes the layout, style and conventions of the project. Because <code>HACKING.rst</code> is in the main DevStack repo it is considered authoritative. Much of the content on this page is taken from there.</p>
-
- <br /><strong>bashate Formatting</strong>
- <p>Around the time of the OpenStack Havana release we added a tool to do style checking in DevStack similar to what pep8/flake8 do for Python projects. It is still _very_ simplistic, focusing mostly on stray whitespace to help prevent -1 on reviews that are otherwise acceptable. Oddly enough it is called <code>bashate</code>. It will be expanded to enforce some of the documentation rules in comments that are used in formatting the script pages for devstack.org and possibly even simple code formatting. Run it on the entire project with <code>./run_tests.sh</code>.</p>
-
- <h3>Code</h3>
-
- <br /><strong>Repo Layout</strong>
- <p>The DevStack repo generally keeps all of the primary scripts at the root level.</p>
- <p><code>docs</code> - Contains the source for this website. It is built using <code>tools/build_docs.sh</code>.</p>
- <p><code>exercises</code> - Contains the test scripts used to validate and demonstrate some OpenStack functions. These scripts know how to exit early or skip services that are not enabled.</p>
- <p><code>extras.d</code> - Contains the dispatch scripts called by the hooks in <code>stack.sh</code>, <code>unstack.sh</code> and <code>clean.sh</code>. See <a href="plugins.html">the plugins docs</a> for more information.</p>
- <p><code>files</code> - Contains a variety of otherwise lost files used in configuring and operating DevStack. This includes templates for configuration files and the system dependency information. This is also where image files are downloaded and expanded if necessary.</p>
- <p><code>lib</code> - Contains the sub-scripts specific to each project. This is where the work of managing a project's services is located. Each top-level project (Keystone, Nova, etc) has a file here. Additionally there are some for system services and project plugins.</p>
- <p><code>samples</code> - Contains a sample of the local files not included in the DevStack repo.</p>
- <p><code>tests</code> - the DevStack test suite is rather sparse, mostly consisting of test of specific fragile functions in the <code>functions</code> file.</p>
- <p><code>tools</code> - Contains a collection of stand-alone scripts, some of which have aged a bit (does anyone still do ramdisk installs?). While these may reference the top-level DevStack configuration they can generally be run alone. There are also some sub-directories to support specific environments such as XenServer.</p>
-
-
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a> created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/eucarc.html b/docs/source/eucarc.html
deleted file mode 100644
index df52972..0000000
--- a/docs/source/eucarc.html
+++ /dev/null
@@ -1,94 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - eucarc</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>eucarc <small>EC2 settings</small></h2>
- <p><code>eucarc</code> creates EC2 credentials for the current user as
- defined by <code>OS_TENANT_NAME:OS_USERNAME</code>.
- <code>eucarc</code> sources <code>openrc</code> at the beginning
- (which in turn sources <code>stackrc</code> and <code>localrc</code>)
- in order to set credentials to create EC2 credentials in Keystone.
- </div>
- <dl>
-
- <dt>EC2_URL</dt>
- <dd>Set the EC2 url for euca2ools. The endpoint is extracted from the
- service catalog for <code>OS_TENANT_NAME:OS_USERNAME</code>.
- <pre>EC2_URL=$(keystone catalog --service ec2 | awk '/ publicURL / { print $4 }')</pre></dd>
-
- <dt>S3_URL</dt>
- <dd>Set the S3 endpoint for euca2ools. The endpoint is extracted from the
- service catalog for <code>OS_TENANT_NAME:OS_USERNAME</code>.
- <pre>export S3_URL=$(keystone catalog --service s3 | awk '/ publicURL / { print $4 }')</pre></dd>
-
- <dt>EC2_ACCESS_KEY, EC2_SECRET_KEY</dt>
- <dd>Create EC2 credentials for the current tenant:user in Keystone.
- <pre>CREDS=$(keystone ec2-credentials-create)
-export EC2_ACCESS_KEY=$(echo "$CREDS" | awk '/ access / { print $4 }')
-export EC2_SECRET_KEY=$(echo "$CREDS" | awk '/ secret / { print $4 }')</pre></dd>
-
- <dt>Certificates for Bundling</dt>
- <dd>Euca2ools requires certificate files to enable bundle uploading.
- The exercise script <code>exercises/bundle.sh</code> demonstrated
- retrieving certificates using the Nova CLI.
- <pre>EC2_PRIVATE_KEY=pk.pem
-EC2_CERT=cert.pem
-NOVA_CERT=cacert.pem
-EUCALYPTUS_CERT=${NOVA_CERT}</pre></dd>
-
- </dl>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An
- <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a>
- created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/exerciserc.html b/docs/source/exerciserc.html
deleted file mode 100644
index 7e4dd54..0000000
--- a/docs/source/exerciserc.html
+++ /dev/null
@@ -1,88 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - exerciserc</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>exerciserc <small>Exercise settings</small></h2>
- <p><code>exerciserc</code> is used to configure settings for the
- exercise scripts. The values shown below are the default values.
- Thse can all be overridden by setting them in the <code>localrc</code>
- section.</p>
- </div>
- <dl>
-
- <dt>ACTIVE_TIMEOUT</dt>
- <dd>Max time to wait while vm goes from build to active state
- <pre>ACTIVE_TIMEOUT==30</pre></dd>
-
- <dt>ASSOCIATE_TIMEOUT</dt>
- <dd>Max time to wait for proper IP association and dis-association.
- <pre>ASSOCIATE_TIMEOUT=15</pre></dd>
-
- <dt>BOOT_TIMEOUT</dt>
- <dd>Max time till the vm is bootable
- <pre>BOOT_TIMEOUT=30</pre></dd>
-
- <dt>RUNNING_TIMEOUT</dt>
- <dd>Max time from run instance command until it is running
- <pre>RUNNING_TIMEOUT=$(($BOOT_TIMEOUT + $ACTIVE_TIMEOUT))</pre></dd>
-
- <dt>TERMINATE_TIMEOUT</dt>
- <dd>Max time to wait for a vm to terminate
- <pre>TERMINATE_TIMEOUT=30</pre></dd>
-
- </dl>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An
- <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a>
- created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/faq.html b/docs/source/faq.html
deleted file mode 100644
index bfac1dc..0000000
--- a/docs/source/faq.html
+++ /dev/null
@@ -1,169 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Frequently Asked Questions</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="faq" class="span12">
-
- <div class='row pull-left'>
- <h2>FAQ: Using DevStack <small>Making to behave</small></h2>
-
- <ul>
- <li><a href="#general">General Questions</a></li>
- <li><a href="#ops_conf">Operation and Configuration</a></li>
- <li><a href="#misc">Miscellaneous</a></li>
- </ul>
-
- <h3><a name="general">General Questions</a></h3>
-
- <dl class='pull-left'>
- <dt>Q: Can I use DevStack for production?</dt>
- <dd>A: No. We mean it. Really. DevStack makes some implementation choices that are not appropriate for production deployments. We warned you!</dd>
-
- <dt>Q: Then why selinux in enforcing mode?</dt>
- <dd>A: That is the default on current Fedora and RHEL releases. DevStack has (rightly so) a bad reputation for its security practices; it has always been meant as a development tool first and system integration later. This is changing as the security issues around OpenStack's use of root (for example) have been tightened and developers need to be better equipped to work in these environments. <code>stack.sh</code>'s use of root is primarily to support the activities that would be handled by packaging in "real" deployments. To remove additional protections that will be desired/required in production would be a step backward.</dd>
-
- <dt>Q: But selinux is disabled in RHEL 6!</dt>
- <dd>A: Today it is, yes. That is a specific exception that certain DevStack contributors fought strongly against. The primary reason it was allowed was to support using RHEL6 as the Python 2.6 test platform and that took priority time-wise. This will not be the case with RHEL 7.</dd>
-
- <dt>Q: Why a shell script, why not chef/puppet/...</dt>
- <dd>A: The script is meant to be read by humans (as well as ran by computers); it is the primary documentation after all. Using a recipe system requires everyone to agree and understand chef or puppet.</dd>
-
- <dt>Q: Why not use Crowbar?</dt>
- <dd>A: DevStack is optimized for documentation & developers. As some of us use <a href="https://github.com/dellcloudedge/crowbar">Crowbar</a> for production deployments, we hope developers documenting how they setup systems for new features supports projects like Crowbar.</dd>
-
- <dt>Q: I'd like to help!</dt>
- <dd>A: That isn't a question, but please do! The source for DevStack is <a href="http://github.com/openstack-dev/devstack">github</a> and bug reports go to <a href="http://bugs.launchpad.net/devstack/">LaunchPad</a>. Contributions follow the usual process as described in the <a href="http://wiki.openstack.org/HowToContribute">OpenStack wiki</a>. DevStack is not a core project but a gating project and therefore an official OpenStack project. This site is housed in the CloudBuilder's <a href="http://github.com/cloudbuilders/devstack">github</a> in the gh-pages branch.</dd>
-
- <dt>Q: Why not use packages?</dt>
- <dd>A: Unlike packages, DevStack leaves your cloud ready to develop - checkouts of the code and services running in screen. However, many people are doing the hard work of packaging and recipes for production deployments. We hope this script serves as a way to communicate configuration changes between developers and packagers.</dd>
-
- <dt>Q: Why isn't $MY_FAVORITE_DISTRO supported?</dt>
- <dd>A: DevStack is meant for developers and those who want to see how OpenStack really works. DevStack is known to run on the distro/release combinations listed in <code>README.md</code>. DevStack is only supported on releases other than those documented in <code>README.md</code> on a best-effort basis.</dd>
-
- <dt>Q: What about Fedora/RHEL/CentOS?</dt>
- <dd>A: Fedora and CentOS/RHEL are supported via rpm dependency files and specific checks in <code>stack.sh</code>. Support will follow the pattern set with the Ubuntu testing, i.e. only a single release of the distro will receive regular testing, others will be handled on a best-effort basis.</dd>
-
- <dt>Q: Are there any differences between Ubuntu and Fedora support?</dt>
- <dd>A: LXC support is not complete on Fedora; Neutron is not fully supported prior to Fedora 18 due lack of OpenVSwitch packages.</dd>
-
- <dt>Q: How about RHEL 6?</dt>
- <dd>A: RHEL 6 has Python 2.6 and many old modules packaged and is a challenge to support. There are a number of specific RHEL6 work-arounds in <code>stack.sh</code> to handle this. But the testing on py26 is valuable so we do it...</dd>
- </dl>
-
- <h3><a name="ops_conf">Operation and Configuration</a></h3>
-
- <dl class='pull-left'>
- <dt>Q: Can DevStack handle a multi-node installation?</dt>
- <dd>A: Indirectly, yes. You run DevStack on each node with the appropriate configuration in <code>local.conf</code>. The primary considerations are turning off the services not required on the secondary nodes, making sure the passwords match and setting the various API URLs to the right place.</dd>
-
- <dt>Q: How can I document the environment that DevStack is using?</dt>
- <dd>A: DevStack includes a script (<code>tools/info.sh</code>) that gathers the versions of the relevant installed apt packages, pip packages and git repos. This is a good way to verify what Python modules are installed.</dd>
-
- <dt>Q: How do I turn off a service that is enabled by default?</dt>
- <dd>A: Services can be turned off by adding <code>disable_service xxx</code> to <code>local.conf</code> (using <code>n-vol</code> in this example):
- <pre>disable_service n-vol</pre>
- </dd>
-
- <dt>Q: Is enabling a service that defaults to off done with the reverse of the above?</dt>
- <dd>A: Of course!
- <pre>enable_service qpid</pre>
- </dd>
-
- <dt>Q: How do I run a specific OpenStack milestone?</dt>
- <dd>A: OpenStack milestones have tags set in the git repo. Set the appropriate tag in the <code>*_BRANCH</code> variables in <code>local.conf</code>. Swift is on its own release schedule so pick a tag in the Swift repo that is just before the milestone release. For example:
- <pre>[[local|localrc]]
-GLANCE_BRANCH=stable/grizzly
-HORIZON_BRANCH=stable/grizzly
-KEYSTONE_BRANCH=stable/grizzly
-NOVA_BRANCH=stable/grizzly
-GLANCE_BRANCH=stable/grizzly
-NEUTRON_BRANCH=stable/grizzly
-SWIFT_BRANCH=1.10.0</pre>
- </dd>
-<!--- this is incomplete, remove it until populating the sql catalog is complete
- <dt>Q: How do I use the SQL catalog backend in Keystone?</dt>
- <dd>A: Comment out the template backend lines in the <code>[catalog]</code> section of <code>keystone/etc/keystone.conf</code> and add the SQL backend config like this:
- <pre>[catalog]
-#driver = keystone.catalog.backends.templated.TemplatedCatalog
-#template_file = ./etc/default_catalog.templates
-driver = keystone.catalog.backends.sql.Catalog</pre>
- </dd>
--->
- <dt>Q: Why not use <strike><code>tools/pip-requires</code></strike><code>requirements.txt</code> to grab project dependencies?</dt>
- <dd><strike>The majority of deployments will use packages to install OpenStack that will have distro-based packages as dependencies. DevStack installs as many of these Python packages as possible to mimic the expected production environemnt.</strike> Certain Linux distributions have a 'lack of workaround' in their Python configurations that installs vendor packaged Python modules and pip-installed modules to the SAME DIRECTORY TREE. This is causing heartache and moving us in the direction of installing more modules from PyPI than vendor packages. However, that is only being done as necessary as the packaging needs to catch up to the development cycle anyway so this is kept to a minimum.</dd>
-
- <dt>Q: What can I do about RabbitMQ not wanting to start on my fresh new VM?</dt>
- <dd>A: This is often caused by <code>erlang</code> not being happy with the hostname resolving to a reachable IP address. Make sure your hostname resolves to a working IP address; setting it to 127.0.0.1 in <code>/etc/hosts</code> is often good enough for a single-node installation. And in an extreme case, use <code>clean.sh</code> to eradicate it and try again.</dd>
-
- <dt>Q: How can I set up Heat in stand-alone configuration?</dt>
- <dd>A: Configure <code>local.conf</code> thusly:
- <pre>[[local|localrc]]
-HEAT_STANDALONE=True
-ENABLED_SERVICES=rabbit,mysql,heat,h-api,h-api-cfn,h-api-cw,h-eng
-KEYSTONE_SERVICE_HOST=<keystone-host>
-KEYSTONE_AUTH_HOST=<keystone-host></pre>
- </dd>
-
- <dt>Q: Why are my configuration changes ignored?</dt>
- <dd>A: You may have run into the package prerequisite installation timeout. <code>tools/install_prereqs.sh</code> has a timer that skips the package installation checks if it was run within the last <code>PREREQ_RERUN_HOURS</code> hours (default is 2). To override this, set <code>FORCE_PREREQ=1</code> and the package checks will never be skipped.
- </dd>
- </dl>
-
- <h3><a name="misc">Miscellaneous</a></h3>
-
- <dl class='pull-left'>
- <dt>Q: <code>tools/fixup_stuff.sh</code> is broken and shouldn't 'fix' just one version of packages.</dt>
- <dd>A: [Another not-a-question] No it isn't. Stuff in there is to correct problems in an environment that need to be fixed elsewhere or may/will be fixed in a future release. In the case of <code>httplib2</code> and <code>prettytable</code> specific problems with specific versions are being worked around. If later releases have those problems than we'll add them to the script. Knowing about the broken future releases is valuable rather than polling to see if it has been fixed.</dd>
- </dl>
- </div>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/guides/multinode-lab.html b/docs/source/guides/multinode-lab.html
deleted file mode 100644
index 2e52379..0000000
--- a/docs/source/guides/multinode-lab.html
+++ /dev/null
@@ -1,330 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Multi-Node Lab Server Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section id="overview">
- <h1>Multi-Node Lab: Serious Stuff</h1>
- <p>Here is OpenStack in a realistic test configuration with multiple physical servers.</p>
- </section>
-
- <section id="prerequisites">
- <div class="page-header">
- <h2>Prerequisites <small>Linux & Network</small></h2>
- </div>
-
- <h3>Minimal Install</h3>
- <p>You need to have a system with a fresh install of Linux. You can download the <a href="https://help.ubuntu.com/community/Installation/MinimalCD">Minimal CD</a> for Ubuntu releases since DevStack will download & install all the additional dependencies. The netinstall ISO is available for <a href="http://mirrors.kernel.org/fedora/releases/18/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso">Fedora</a> and <a href="http://mirrors.kernel.org/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-netinstall.iso">CentOS/RHEL</a>.</p>
-
- <p>Install a couple of packages to bootstrap configuration:</p>
- <pre>apt-get install -y git sudo || yum install -y git sudo</pre>
-
- <h3>Network Configuration</h3>
- <p>The first iteration of the lab uses OpenStack's FlatDHCP network controller so
- only a single network will be required. It should be on its own subnet without DHCP;
- the host IPs and floating IP pool(s) will come out of this block. This example
- uses the following:</p>
- <ul>
- <li>Gateway: 192.168.42.1</li>
- <li>Physical nodes: 192.168.42.11-192.168.42.99</li>
- <li>Floating IPs: 192.168.42.128-192.168.42.254</li>
- </ul>
- <p>Configure each node with a static IP.
- For Ubuntu edit <code>/etc/network/interfaces</code>:</p>
-
- <pre>auto eth0
-iface eth0 inet static
- address 192.168.42.11
- netmask 255.255.255.0
- gateway 192.168.42.1
-</pre>
- <p>For Fedora and CentOS/RHEL edit
- <code>/etc/sysconfig/network-scripts/ifcfg-eth0</code>:</p>
-
- <pre>BOOTPROTO=static
-IPADDR=192.168.42.11
-NETMASK=255.255.255.0
-GATEWAY=192.168.42.1
-</pre>
-
-<!-- save these for the VLAN version
- auto eth0.926
- iface eth0.926 inet static
- address 10.4.144.3
- netmask 255.255.240.0
- #gateway 10.4.144.1
- up ifconfig eth0.926
-
- auto eth0.605
- iface eth0.605 inet static
- address 172.16.103.3
- netmask 255.255.255.0
- #gateway 172.16.103.1
- up ifconfig eth0.605 up
--->
-
- </section>
-
- <section id="installation">
- <div class="page-header">
- <h2>Installation <small>shake and bake</small></h2>
- </div>
-
- <h3>Add the DevStack User</h3>
- <p>OpenStack runs as a non-root user that has sudo access to root. There is nothing special
- about the name, we'll use <code>stack</code> here. Every node must use the same name and
- preferably uid. If you created a user during the OS install you can use it and give it
- sudo priviledges below. Otherwise create the stack user:</p>
- <pre>groupadd stack
-useradd -g stack -s /bin/bash -d /opt/stack -m stack</pre>
- <p>This user will be making many changes to your system during installation and operation
- so it needs to have sudo priviledges to root without a password:</p>
- <pre>echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers</pre>
- <p>From here on use the <code>stack</code> user. <b>Logout</b> and <b>login</b> as the
- <code>stack</code> user.</p>
-
- <h3>Set Up Ssh</h3>
- <p>Set up the stack user on each node with an ssh key for access:</p>
- <pre>mkdir ~/.ssh; chmod 700 ~/.ssh
-echo "ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQCyYjfgyPazTvGpd8OaAvtU2utL8W6gWC4JdRS1J95GhNNfQd657yO6s1AH5KYQWktcE6FO/xNUC2reEXSGC7ezy+sGO1kj9Limv5vrvNHvF1+wts0Cmyx61D2nQw35/Qz8BvpdJANL7VwP/cFI/p3yhvx2lsnjFE3hN8xRB2LtLUopUSVdBwACOVUmH2G+2BWMJDjVINd2DPqRIA4Zhy09KJ3O1Joabr0XpQL0yt/I9x8BVHdAx6l9U0tMg9dj5+tAjZvMAFfye3PJcYwwsfJoFxC8w/SLtqlFX7Ehw++8RtvomvuipLdmWCy+T9hIkl+gHYE4cS3OIqXH7f49jdJf jesse@spacey.local" > ~/.ssh/authorized_keys</pre>
-
- <h3>Download DevStack</h3>
- <p>Grab the latest version of DevStack from github:</p>
- <pre>git clone https://github.com/openstack-dev/devstack.git
-cd devstack</pre>
-
- <p>Up to this point all of the steps apply to each node in the cluster. From here on
- there are some differences between the cluster controller (aka 'head node') and the
- compute nodes.</p>
-
- <h3>Configure Cluster Controller</h3>
- <p>The cluster controller runs all OpenStack services. Configure the cluster controller's DevStack in <code>local.conf</code>:</p>
- <pre>[[local|localrc]]
-HOST_IP=192.168.42.11
-FLAT_INTERFACE=eth0
-FIXED_RANGE=10.4.128.0/20
-FIXED_NETWORK_SIZE=4096
-FLOATING_RANGE=192.168.42.128/25
-MULTI_HOST=1
-LOGFILE=/opt/stack/logs/stack.sh.log
-ADMIN_PASSWORD=labstack
-MYSQL_PASSWORD=supersecret
-RABBIT_PASSWORD=supersecrete
-SERVICE_PASSWORD=supersecrete
-SERVICE_TOKEN=xyzpdqlazydog</pre>
-<!-- save for vlan
-FLAT_INTERFACE=eth0.926
--->
-
- <p>In the multi-node configuration the first 10 or so IPs in the private subnet are usually reserved. Add this to <code>local.sh</code> to have it run after every <code>stack.sh</code> run:</p>
- <pre>for i in `seq 2 10`; do /opt/stack/nova/bin/nova-manage fixed reserve 10.4.128.$i; done</pre>
-
- <p>Fire up OpenStack:</p>
- <pre>./stack.sh</pre>
- <p>A stream of activity ensues. When complete you will see a summary of
- <code>stack.sh</code>'s work, including the relevant URLs, accounts and passwords to poke at your
- shiny new OpenStack. The most recent log file is available in <code>stack.sh.log</code>.</p>
-
- <h3>Configure Compute Nodes</h3>
- <p>The compute nodes only run the OpenStack worker services. For additional machines, create a <code>local.conf</code> with:</p>
- <pre>HOST_IP=192.168.42.12 # change this per compute node
-FLAT_INTERFACE=eth0
-FIXED_RANGE=10.4.128.0/20
-FIXED_NETWORK_SIZE=4096
-FLOATING_RANGE=192.168.42.128/25
-MULTI_HOST=1
-LOGFILE=/opt/stack/logs/stack.sh.log
-ADMIN_PASSWORD=labstack
-MYSQL_PASSWORD=supersecret
-RABBIT_PASSWORD=supersecrete
-SERVICE_PASSWORD=supersecrete
-SERVICE_TOKEN=xyzpdqlazydog
-DATABASE_TYPE=mysql
-SERVICE_HOST=192.168.42.11
-MYSQL_HOST=192.168.42.11
-RABBIT_HOST=192.168.42.11
-GLANCE_HOSTPORT=192.168.42.11:9292
-ENABLED_SERVICES=n-cpu,n-net,n-api,c-sch,c-api,c-vol</pre>
-<!-- save for vlan
-FLAT_INTERFACE=eth0.926
--->
-
- <p>Fire up OpenStack:</p>
- <pre>./stack.sh</pre>
- <p>A stream of activity ensues. When complete you will see a summary of
- <code>stack.sh</code>'s work, including the relevant URLs, accounts and passwords to poke at your
- shiny new OpenStack. The most recent log file is available in <code>stack.sh.log</code>.</p>
-
- <h3>Cleaning Up After DevStack</h3>
- <p>Shutting down OpenStack is now as simple as running the included <code>unstack.sh</code> script:</p>
- <pre>./unstack.sh</pre>
-
- <p>A more aggressive cleanup can be performed using <code>clean.sh</code>. It removes certain troublesome packages and attempts to leave the system in a state where changing the database or queue manager can be reliably performed.
- <pre>./clean.sh</pre>
-
- <p>Sometimes running instances are not cleaned up. DevStack attempts to do this when it
- runs but there are times it needs to still be done by hand:</p>
- <pre>sudo rm -rf /etc/libvirt/qemu/inst*
-sudo virsh list | grep inst | awk '{print $1}' | xargs -n1 virsh destroy</pre>
-
- </section>
-
- <section id="options">
- <div class="page-header">
- <h2>Options <small>pimp your stack</small></h2>
- </div>
-
- <h3>Additional Users</h3>
- <p>DevStack creates two OpenStack users (<code>admin</code> and <code>demo</code>) and two tenants (also <code>admin</code> and <code>demo</code>). <code>admin</code> is exactly what it sounds like, a priveleged administrative account that is a member of both the <code>admin</code> and <code>demo</code> tenants. <code>demo</code> is a normal user account that is only a member of the <code>demo</code> tenant. Creating additional OpenStack users can be done through the dashboard, sometimes it is easier to do them in bulk from a script, especially since they get blown away every time
- <code>stack.sh</code> runs. The following steps are ripe for scripting:</p>
- <pre># Get admin creds
-. openrc admin admin
-
-# List existing tenants
-keystone tenant-list
-
-# List existing users
-keystone user-list
-
-# Add a user and tenant
-NAME=bob
-PASSWORD=BigSecrete
-TENANT=$NAME
-keystone tenant-create --name=$NAME
-keystone user-create --name=$NAME --pass=$PASSWORD
-keystone user-role-add --user-id=<bob-user-id> --tenant-id=<bob-tenant-id> --role-id=<member-role-id>
-# member-role-id comes from the existing member role created by stack.sh
-# keystone role-list</pre>
-
- <h3>Swift</h3>
- <p>Swift requires a significant amount of resources and is disabled by default in DevStack.
- The support in DevStack is geared toward a minimal installation but can be used for
- testing. To implement a true multi-node test of Swift required more than DevStack provides.
- Enabling it is as simple as enabling the <code>swift</code> service in <code>local.conf</code>:
- <pre>enable_service swift</pre>
-
- <p>Swift will put its data files in <code>SWIFT_DATA_DIR</code> (default <code>/opt/stack/data/swift</code>).
- The size of the data 'partition' created (really a loop-mounted file) is set by
- <code>SWIFT_LOOPBACK_DISK_SIZE</code>. The Swift config files are located in
- <code>SWIFT_CONFIG_DIR</code> (default <code>/etc/swift</code>). All of these settings can be overridden in
- (wait for it...) <code>local.conf</code>.</p>
-
- <h3>Volumes</h3>
- <p>DevStack will automatically use an existing LVM volume group named <code>stack-volumes</code>
- to store cloud-created volumes. If <code>stack-volumes</code> doesn't exist, DevStack
- will set up a 5Gb loop-mounted file to contain it. This obviously limits the
- number and size of volumes that can be created inside OpenStack. The size can be
- overridden by setting <code>VOLUME_BACKING_FILE_SIZE</code> in <code>local.conf</code>.</p>
-
- <p><code>stack-volumes</code> can be pre-created on any physical volume supported by
- Linux's LVM. The name of the volume group can be changed by setting <code>VOLUME_GROUP</code>
- in <code>localrc</code>. <code>stack.sh</code> deletes
- all logical volumes in <code>VOLUME_GROUP</code> that begin with
- <code>VOLUME_NAME_PREFIX</code> as part of cleaning up from previous runs.
- It is recommended to not use the root volume group as <code>VOLUME_GROUP</code>.</p>
-
- <p>The details of creating the volume group depends on the server hardware involved
- but looks something like this:</p>
- <pre>pvcreate /dev/sdc
-vgcreate stack-volumes /dev/sdc</pre>
-
- <h3>Syslog</h3>
- <p>DevStack is capable of using <code>rsyslog</code> to agregate logging across the cluster.
- It is off by default; to turn it on set <code>SYSLOG=True</code> in <code>local.conf</code>.
- <code>SYSLOG_HOST</code> defaults to <code>HOST_IP</code>; on the compute nodes it
- must be set to the IP of the cluster controller to send syslog output there. In the example
- above, add this to the compute node <code>local.conf</code>:</p>
- <pre>SYSLOG_HOST=192.168.42.11</pre>
-
- <h3>Using Alternate Repositories/Branches</h3>
- <p>The git repositories for all of the OpenStack services are defined in <code>stackrc</code>.
- Since this file is a part of the DevStack package changes to it will probably be overwritten
- as updates are applied. Every setting in <code>stackrc</code> can be redefined in
- <code>local.conf</code>.</p>
-
- <p>To change the repository or branch that a particular OpenStack service is created from,
- simply change the value of <code>*_REPO</code> or <code>*_BRANCH</code> corresponding to
- that service.</p>
-
- <p>After making changes to the repository or branch, if <code>RECLONE</code> is not set
- in <code>localrc</code> it may be necessary to remove the corresponding directory from
- <code>/opt/stack</code> to force git to re-clone the repository.</p>
-
- <p>For example, to pull Nova from a proposed release candidate in the primary Nova
- repository:</p>
- <pre>NOVA_BRANCH=rc-proposed</pre>
-
- <p>To pull Glance from an experimental fork:</p>
- <pre>GLANCE_BRANCH=try-something-big
-GLANCE_REPO=https://github.com/mcuser/glance.git</pre>
-
- </section>
-
- <section id="Notes">
- <div class="page-header">
- <h2>Notes <small>stuff you might need to know</small></h2>
- </div>
-
- <h3>Reset the Bridge</h3>
- <p>How to reset the bridge configuration:</p>
- <pre>sudo brctl delif br100 eth0.926
-sudo ip link set dev br100 down
-sudo brctl delbr br100</pre>
-<!--
- sudo rm /etc/libvirt/qemu/*.xml
--->
-
- <h3>Set MySQL Password</h3>
- <p>If you forgot to set the root password you can do this:</p>
- <pre>mysqladmin -u root -pnova password 'supersecret'</pre>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/guides/pxe-boot.html b/docs/source/guides/pxe-boot.html
deleted file mode 100644
index 4dc61a3..0000000
--- a/docs/source/guides/pxe-boot.html
+++ /dev/null
@@ -1,147 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>PXE Boot Server Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
- <section id="overview">
- <h1>PXE Boot Server Guide: Magic Dust for Network Boot</h1>
- <p>Boot DevStack from a PXE server to a RAM disk.</p>
- </section>
-
- <section id="requirements">
- <div class="page-header">
- <h2>Prerequisites <small>Hardware & OpenWRT</small></h2>
- </div>
-
- <h3>Hardware</h3>
- <p>The whole point of this exercise is to have a highly portable boot server, so using a small router with a USB port is the desired platform. This guide uses a Buffalo WZR-HP-G300NH as an example, but it is easily generalized for other supported platforms. See openwrt.org for more.</p>
-
- <h3>OpenWRT</h3>
- <p>Any recent 'Backfire' build of OpenWRT will work for the boot server project. We build from trunk and have made the images available at <a href="http://openwrt.xr7.org/openwrt">http://openwrt.xr7.org/openwrt</a>.</p>
- </section>
-
- <section id="installation">
- <div class="page-header">
- <h2>Installation <small>bit blasting</small></h2>
- </div>
-
- <h3>Install the Image</h3>
- <p>This process follows <a href="http://wiki.openwrt.org/toh/buffalo/wzr-hp-g300h">the OpenWRT doc OEM Install</a> to tftp the new image onto the router. You need a computer to set up the router, we assume it is a recent Linux or OS/X installation.</p>
- <ul>
- <li>Get openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin
- <pre>wget http://openwrt.xr7.org/openwrt/ar71xx/openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin</pre>
- </li>
- <li>Connect computer to LAN port 4 (closest to WAN port)</li>
- <li>Set computer interface to IP address in the 192.168.11.2</li>
- <li>Add static arp entry for router
- <pre>arp -s 192.168.11.1 <mac-address></pre>
- </li>
- <li>Start TFTP transfer attempt
- <pre>tftp 192.168.11.1
-binary
-rexmt 1
-timeout 60
-put openwrt-ar71xx-wzr-hp-g300nh-squashfs-tftp.bin</pre>
- </li>
- <li>Power on router. Router will reboot and initialize on 192.168.1.1.</li>
- <li>Delete static arp entry for router
- <pre>arp -d 192.168.11.1</pre>
- </li>
- <li>Set computer to DHCP, connect and telnet to router and set root password.</li>
- </ul>
-
- <h3>Configure the Router</h3>
- <ul>
- <li>Update <code>/etc/opkg.conf</code> to point to our repo:
- <pre>src/gz packages http://192.168.5.13/openwrt/build/ar71xx/packages</pre>
- </li>
- <li>Configure anon mounts:
- <pre>uci delete fstab.@mount[0]
-uci commit fstab
-/etc/init.d/fstab restart</pre>
- </li>
- <li>Reset the DHCP address range. DevStack will claim the upper
- /25 of the router's LAN address space for floating IPs so the
- default DHCP address range needs to be moved:
- <pre>uci set dhcp.lan.start=65
-uci set dhcp.lan.limit=60
-uci commit dhcp</pre>
- </li>
- <li>Enable TFTP:
- <pre>uci set dhcp.@dnsmasq[0].enable_tftp=1
-uci set dhcp.@dnsmasq[0].tftp_root=/mnt/sda1/tftpboot
-uci set dhcp.@dnsmasq[0].dhcp_boot=pxelinux.0
-uci commit dhcp
-/etc/init.d/dnsmasq restart</pre>
- </li>
- </ul>
-
- <h3>Set Up tftpboot</h3>
- <ul>
- <li>Create the <code>/tmp/tftpboot</code> structure and populate it:
- <pre>cd ~/devstack
-tools/build_pxe_boot.sh /tmp</pre>
- This calls <code>tools/build_ramdisk.sh</code> to create a 2GB ramdisk
- containing a complete development Oneiric OS plus the
- OpenStack code checkouts.
- </li>
- <li>Copy <code>tftpboot</code> to a USB drive:
- <pre>mount /dev/sdb1 /mnt/tmp
-rsync -a /tmp/tftpboot/ /mnt/tmp/tftpboot/
-umount /mnt/tmp</pre>
- </li>
- <li>Plug USB drive into router. It will be automounted and is ready to serve content.</li>
- </ul>
-
- <p>Now <a href="ramdisk.html">return</a> to the RAM disk Guide to kick
- off your DevStack experience.</p>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — this is not an official OpenStack project...</p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/guides/ramdisk.html b/docs/source/guides/ramdisk.html
deleted file mode 100644
index eaef16e..0000000
--- a/docs/source/guides/ramdisk.html
+++ /dev/null
@@ -1,119 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>RAMdisk Boot Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
- <section id="overview">
- <h1>Stack-in-a-Box: Try before you mkfs</h1>
- <p>Run DevStack from a RAM disk to give it a whirl before making the
- commitment to install it. We'll cover booting from a USB drive or
- over the network via PXE. We'll even thow in configuring a home
- router to handle the PXE boot. You will need a minimum of 3GB
- for both of these configurations as the RAM disk itself is 2GB.</p>
- </section>
-
- <section id="requirements">
- <div class="page-header">
- <h2>Prerequisites <small>Hardware</small></h2>
- </div>
-
- <h3>USB Boot</h3>
- <p><a href="usb-boot.html">This guide</a> covers the creation of a bootable USB drive. Your
- computer BIOS must support booting from USB.</p>
-
- <h3>PXE Boot</h3>
- <p><a href="pxe-boot.html">This guide</a> covers the installation of OpenWRT on a home router
- and configuring it as a PXE server, plus the creation of the
- boot images and PXE support files.
- </section>
-
- <section id="installation">
- <div class="page-header">
- <h2>Installation <small>bit blasting</small></h2>
- </div>
-
- <h3>Install DevStack</h3>
- <p>Grab the latest version of DevStack via https:</p>
- <pre>sudo apt-get install git -y
-git clone https://github.com/openstack-dev/devstack.git
-cd devstack</pre>
-
- <h3>Prepare the Boot RAMdisk</h3>
- <p>Pick your boot method and follow the guide to prepare to build
- the RAM disk and set up the boot process:</p>
- <ul>
- <li><a href="usb-boot.html">USB boot</a></li>
- <li><a href="pxe-boot.html">PXE boot</a></li>
- </ul>
-
- <h3>Fire It Up</h3>
- <ul>
- <li>Boot the computer into the RAM disk. The details will vary from
- machine to machine but most BIOSes have a method to select the
- boot device, often by pressing F12 during POST.</li>
- <li>Select 'DevStack' from the Boot Menu.</li>
- <li>Log in with the 'stack' user and 'pass' password.</li>
- <li>Create <code>devstack/localrc</code> if you wish to change any
- of the configuration variables. You will probably want to at
- least set the admin login password to something memorable rather
- than the default 20 random characters:
- <pre>ADMIN_PASSWORD=openstack</pre>
- </li>
- <li>Fire up OpenStack!
- <pre>./run.sh</pre>
- </li>
- <li>See the processes running in screen:
- <pre>screen -x</pre>
- </li>
- <li>Connect to the dashboard at <code>http://<ip-address>/</code></li>
- </ul>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — this is not an official OpenStack project...</p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/guides/single-machine.html b/docs/source/guides/single-machine.html
deleted file mode 100644
index ca9cafa..0000000
--- a/docs/source/guides/single-machine.html
+++ /dev/null
@@ -1,131 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Single Machine Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
- <section id="overview">
- <h1>All-In-One: Dedicated Hardware</h1>
- <p>Things are about to get real! Using OpenStack in containers or VMs is nice for kicking the tires, but doesn't compare to the feeling you get with hardware.</p>
- </section>
-
- <section id="prerequisites">
- <div class="page-header">
- <h2>Prerequisites <small>Linux & Network</small></h2>
- </div>
-
- <h3>Minimal Install</h3>
- <p>You need to have a system with a fresh install of Linux. You can download the <a href="https://help.ubuntu.com/community/Installation/MinimalCD">Minimal CD</a> for Ubuntu releases since DevStack will download & install all the additional dependencies. The netinstall ISO is available for <a href="http://mirrors.kernel.org/fedora/releases/18/Fedora/x86_64/iso/Fedora-20-x86_64-netinst.iso">Fedora</a> and <a href="http://mirrors.kernel.org/centos/6.5/isos/x86_64/CentOS-6.5-x86_64-netinstall.iso">CentOS/RHEL</a>. You may be tempted to use a desktop distro on a laptop, it will probably work but you may need to tell Network Manager to keep its fingers off the interface(s) that OpenStack uses for bridging.</p>
-
- <h3>Network Configuration</h3>
- <p>Determine the network configuration on the interface used to integrate your
- OpenStack cloud with your existing network. For example, if the IPs given out on your network
- by DHCP are 192.168.1.X - where X is between 100 and 200 you will be able to use IPs
- 201-254 for <b>floating ips</b>.</p>
- <p>To make things easier later change your host to use a static IP instead of DHCP (i.e. 192.168.1.201).</p>
- </section>
-
- <section id="installation">
- <div class="page-header">
- <h2>Installation <small>shake and bake</small></h2>
- </div>
-
- <h3>Add your user</h3>
- <p>We need to add a user to install DevStack. (if you created a user during install you can skip this step and just give the user sudo priviledges below)</p>
- <pre>adduser stack</pre>
- <p>Since this user will be making many changes to your system, it will need to have sudo priviledges:</p>
- <pre>apt-get install sudo -y || yum install -y sudo
-echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers</pre>
- <p>From here on you should use the user you created. <b>Logout</b> and <b>login</b> as that user.</p>
-
- <h3>Download DevStack</h3>
- <p>We'll grab the latest version of DevStack via https:</p>
- <pre>sudo apt-get install git -y || yum install -y git
-git clone https://github.com/openstack-dev/devstack.git
-cd devstack</pre>
-
- <h3>Run DevStack</h3>
- <p>Now to configure <code>stack.sh</code>. DevStack includes a sample in <code>devstack/samples/local.conf</code>. Create <code>local.conf</code> as shown below to do the following:</p>
- <ul>
- <li>Set <code>FLOATING_RANGE</code> to a range not used on the local network, i.e. 192.168.1.224/27. This configures IP addresses ending in 225-254 to be used as floating IPs.</li>
- <li>Set <code>FIXED_RANGE</code> and <code>FIXED_NETWORK_SIZE</code> to configure the internal address space used by the instances.</li>
- <li>Set <code>FLAT_INTERFACE</code> to the Ethernet interface that connects the host to your local network. This is the interface that should be configured with the static IP address mentioned above.</li>
- <li>Set the administrative password. This password is used for the <b>admin</b> and <b>demo</b> accounts set up as OpenStack users.</li>
- <li>Set the MySQL administrative password. The default here is a random hex string which is inconvenient if you need to look at the database directly for anything.</li>
- <li>Set the RabbitMQ password.</li>
- <li>Set the service password. This is used by the OpenStack services (Nova, Glance, etc) to authenticate with Keystone.</li>
- </ul>
- <p><code>local.conf</code> should look something like this:</p>
- <pre>[[local|localrc]]
-FLOATING_RANGE=192.168.1.224/27
-FIXED_RANGE=10.11.12.0/24
-FIXED_NETWORK_SIZE=256
-FLAT_INTERFACE=eth0
-ADMIN_PASSWORD=supersecret
-MYSQL_PASSWORD=iheartdatabases
-RABBIT_PASSWORD=flopsymopsy
-SERVICE_PASSWORD=iheartksl</pre>
-
- <p>Run DevStack:</p>
- <pre>./stack.sh</pre>
- <p>A seemingly endless stream of activity ensues. When complete you will see a summary of
- <code>stack.sh</code>'s work, including the relevant URLs, accounts and passwords to poke at your
- shiny new OpenStack.</p>
-
- <h3>Using OpenStack</h3>
- <p>At this point you should be able to access the dashboard from other computers on the
- local network. In this example that would be http://192.168.1.201/ for the dashboard (aka Horizon).
- Launch VMs and if you give them floating IPs and security group access those VMs will be accessable from other machines on your network.</p>
-
- <p>Some examples of using the OpenStack command-line clients <code>nova</code> and <code>glance</code>
- are in the shakedown scripts in <code>devstack/exercises</code>. <code>exercise.sh</code>
- will run all of those scripts and report on the results.</p>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a> created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/guides/single-vm.html b/docs/source/guides/single-vm.html
deleted file mode 100644
index 2f1990a..0000000
--- a/docs/source/guides/single-vm.html
+++ /dev/null
@@ -1,137 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>Single Machine Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
- <section id="overview">
- <h1>Running a Cloud in a VM</h1>
- <p>Use the cloud to build the cloud! Use your cloud to launch new versions of OpenStack
- in about 5 minutes. When you break it, start over! The VMs launched in the cloud will
- be slow as they are running in QEMU (emulation), but their primary use is testing
- OpenStack development and operation. Speed not required.</p>
- </section>
-
- <section id="prerequisites">
- <div class="page-header">
- <h2>Prerequisites <small>Cloud & Image</small></h2>
- </div>
-
- <h3>Virtual Machine</h3>
- <p>DevStack should run in any virtual machine running a supported Linux release. It will perform best with 2Gb or more of RAM.</p>
-
- <h3>OpenStack Deployment & cloud-init</h3>
- <p>If the cloud service has an image with <code>cloud-init</code> pre-installed, use it. You can
- get one from <a href="http://uec-images.ubuntu.com">Ubuntu's Daily Build</a>
- site if necessary. This will enable you to launch VMs with userdata that installs
- everything at boot time. The userdata script below will install and run
- DevStack with a minimal configuration. The use of <code>cloud-init</code>
- is outside the scope of this document, refer to <a href"http://cloudinit.readthedocs.org/en/latest/index.html">the
- <code>cloud-init</code> docs</a> for more information.</p>
-
- <p>If you are directly using a hypervisor like Xen, kvm or VirtualBox you can manually kick off
- the script below as a non-root user in a bare-bones server installation.</p>
- </section>
-
- <section id="requirements">
- <div class="page-header">
- <h2>Installation <small>shake and bake</small></h2>
- </div>
-
- <h3>Launching With Cloud-Init</h3>
- <p>This cloud config grabs the latest version of DevStack via git, creates a minimal
- <code>local.conf</code> file and kicks off <code>stack.sh</code>. It should
- be passed as the user-data file when booting the VM.</p>
- <pre>#cloud-config
-
-users:
- - default
- - name: stack
- lock_passwd: False
- sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"]
- shell: /bin/bash
-
-write_files:
- - content: |
- #!/bin/sh
- DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy
- DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git
- sudo chown stack:stack /home/stack
- cd /home/stack
- git clone https://github.com/openstack-dev/devstack.git
- cd devstack
- echo '[[local|localrc]]' > local.conf
- echo ADMIN_PASSWORD=password >> local.conf
- echo MYSQL_PASSWORD=password >> local.conf
- echo RABBIT_PASSWORD=password >> local.conf
- echo SERVICE_PASSWORD=password >> local.conf
- echo SERVICE_TOKEN=tokentoken >> local.conf
- ./stack.sh
- path: /home/stack/start.sh
- permissions: 0755
-
-runcmd:
- - su -l stack ./start.sh</pre>
- <p>As DevStack will refuse to run as root, this configures <code>cloud-init</code>
- to create a non-root user and run the <code>start.sh</code> script as that user.</p>
-
- <h3>Launching By Hand</h3>
- <p>Using a hypervisor directly, launch the VM and either manually perform the steps in the
- embedded shell script above or copy it into the VM.</p>
-
- <h3>Using OpenStack</h3>
- <p>At this point you should be able to access the dashboard. Launch VMs and if you give them floating IPs access those VMs from other machines on your network.</p>
-
- <p>One interesting use case is for developers working on a VM on their laptop. Once
- <code>stack.sh</code> has completed once, all of the pre-requisite packages are installed
- in the VM and the source trees checked out. Setting <code>OFFLINE=True</code> in
- <code>local.conf</code> enables <code>stack.sh</code> to run multiple times without an Internet
- connection. DevStack, making hacking at the lake possible since 2012!</p>
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/guides/usb-boot.html b/docs/source/guides/usb-boot.html
deleted file mode 100644
index 75adc6f..0000000
--- a/docs/source/guides/usb-boot.html
+++ /dev/null
@@ -1,99 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>USB Boot Server Guide - DevStack</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="../assets/css/bootstrap.css" rel="stylesheet">
- <link href="../assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="../overview.html">Overview</a></li>
- <li><a href="../changes.html">Changes</a></li>
- <li><a href="../faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
- <section id="overview">
- <h1>USB Boot: Undoable Stack Boot</h1>
- <p>Boot DevStack from a USB disk into a RAM disk.</p>
- </section>
-
- <section id="requirements">
- <div class="page-header">
- <h2>Prerequisites</h2>
- </div>
-
- <h3>Hardware</h3>
- <p>This guide covers the creation of a bootable USB drive. Your
- computer BIOS must support booting from USB and You will want at least 3GB of
- RAM. You also will need a USB drive of at least 2GB.</p>
-
- <h3>Software</h3>
- <p>Ubuntu 11.10 (Oneiric Ocelot) is required on host to create images.</p>
- </section>
-
- <section id="installation">
- <div class="page-header">
- <h2>Installation <small>bit blasting</small></h2>
- </div>
-
- <h3>Set Up USB Drive</h3>
- <ul>
- <li>Insert the USB drive into the computer. Make a note of the device name, such as
- <code>sdb</code>. Do not mount the device.</li>
- <li>Install the boot system:
- <pre>tools/build_usb_boot.sh /dev/sdb1</pre>
- <p>This calls tools/build_ramdisk.sh to create a 2GB ramdisk
- containing a complete development Oneiric OS plus the
- OpenStack code checkouts. It then writes a syslinux boot sector
- to the specified device and creates <code>/syslinux</code>.</p>
- </li>
- <li>If desired, you may now mount the device:
- <pre>mount /dev/sdb1 /mnt/tmp
-# foo
-umount /mnt/tmp</pre>
- </li>
- </ul>
-
- <p>Now <a href="ramdisk.html">return</a> to the RAM disk Guide to kick
- off your DevStack experience.</p>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — this is not an official OpenStack project...</p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/index.html b/docs/source/index.html
deleted file mode 100644
index 1a31df1..0000000
--- a/docs/source/index.html
+++ /dev/null
@@ -1,561 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Deploying OpenStack for Developers</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <div class="hero-unit">
- <div class="pull-left">
- <h1 id="main_header">DevStack - an OpenStack Community Production</h1>
- <div class="sub_header">
- <p></p>
- <p>A documented shell script to build complete OpenStack development environments. <br /><br />
- An OpenStack program maintained by the developer community.</p>
- </div>
- </div>
- <div class="pull-left">
- <ol id="getting_started">
- <li id="ubuntu">Setup a fresh supported Linux installation.</li>
- <li id="github">
- Clone devstack from devstack.
- <pre>git clone https://github.com/openstack-dev/devstack.git</pre>
- </li>
- <li id="install">
- Deploy your OpenStack Cloud
- <pre>cd devstack && ./stack.sh</pre>
- </li>
- </ol>
- </div>
- <div class="clear"> </div>
- </div>
-
-
- <section id="quickstart" class="span12">
- <div class="page-header">
- <h2>Quick Start <small>This ain't your first rodeo</small></h2>
- </div>
- <ol>
- <li value="0">
- <h3>Select a Linux Distribution</h3>
- <p>Only Ubuntu 14.04 (Trusty), Fedora 20 and CentOS/RHEL 6.5 are documented here. OpenStack also runs and is packaged on other flavors of Linux such as OpenSUSE and Debian.</p>
- </li>
- <li>
- <h3>Install Selected OS</h3>
- <p>In order to correctly install all the dependencies, we assume a specific minimal version of the supported distributions to make it as easy as possible. We recommend using a minimal install of Ubuntu or Fedora server in a VM if this is your first time.</p>
- </li>
- <li>
- <h3>Download DevStack</h3>
- <pre>git clone https://github.com/openstack-dev/devstack.git</pre>
- <p>The <code>devstack</code> repo contains a script that installs OpenStack and templates for configuration files</p>
- </li>
- <li>
- <h3>Configure</h3>
- <p>We recommend at least a <a href="configuration.html">minimal configuration</a> be set up.</p>
- </li>
- <li>
- <h3>Start the install</h3>
- <pre>cd devstack; ./stack.sh</pre>
- <p>It takes a few minutes, we recommend <a href="stack.sh.html">reading the script</a> while it is building.</p>
- </li>
- </ol>
- </section>
-
- <section id="guides" class='span12'>
- <div class="page-header">
- <h2>Guides <small>Walk through various setups used by stackers</small></h2>
- </div>
-
- <div class='row span8'>
- <h2>OpenStack on VMs</h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Title</th>
- <th>Description</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>Virtual Machine</td>
- <td>Run OpenStack in a VM. The VMs launched in your cloud will be slow as they are running in QEMU (emulation), but it is useful if you don't have spare hardware laying around.</td>
- <td><a class="btn btn-small btn-primary table-action" href="guides/single-vm.html">Read »</a></td>
- </tr>
-
-<!--
- <tr>
- <td>LXC Containers</td>
- <td>Already running Ubuntu on your machine? Using containers lets you build even faster.</td>
- <td>Coming soon!</td>
- </tr>
--->
- </tbody>
- <tfoot>
- <td colspan="3">1 Guide</td>
- </tfoot>
- </table>
- </div>
- <div class="wat span3 pull-right">
- <h4>What is this?</h4>
- <p>These guides tell you how to virtualize your OpenStack cloud in virtual machines. This means that you can get started without having to purchase any hardware.</p>
- </div>
-
- <div class='row span8'>
- <h2>OpenStack on Hardware</h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Title</th>
- <th>Description</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>All-In-One</td>
- <td>Run OpenStack on dedicated hardware to get real performance in your VMs. This can include a server-class machine or a laptop at home.</td>
- <td><a class="btn btn-small btn-primary table-action" href="guides/single-machine.html">Read »</a></td>
- </tr>
-
- <tr>
- <td>Multi-Node + VLANs</td>
- <td>Setup a multi-node cluster with dedicated VLANs for VMs & Management.</td>
- <td><a class="btn btn-small btn-primary table-action" href="guides/multinode-lab.html">Read »</a></td>
- </tr>
-
-<!--
- <tr>
- <td>Stack-in-a-Box</td>
- <td>Run OpenStack from a RAM disk to give it a spin without touching your existing OS installation. Includes PXE and USB boot methods.</td>
- <td><a class="btn btn-small btn-primary table-action" href="guides/ramdisk.html">Read »</a></td>
- </tr>
--->
- </tbody>
- <tfoot>
- <td colspan="3">2 Guides</td>
- </tfoot>
- </table>
- </div>
- <div class="wat span3 pull-right">
- <h4>What is this?</h4>
- <p>These guides tell you how to deploy a development environment on real hardware. Guides range from running OpenStack on a single laptop to running a multi-node deployment on datacenter hardware.</p>
- </div>
-
- </section>
-
- <section id="docs" class="span12">
- <div class="page-header">
- <h2>Documentation <small>Help yourself to stack</small></h2>
- </div>
-
- <div class='row span5 pull-left'>
- <h2>Overview</h2>
- <p><a href="overview.html">An overview of DevStack goals and priorities</a></p>
- <h2>Configuration</h2>
- <p><a href="configuration.html">Configuring and customizing the stack</a></p>
- <h2>Plugins</h2>
- <p><a href="plugins.html">Extending DevStack with new features</a></p>
- </div>
-
- <div class='span5 pull-right'>
- <h2>Recent Changes</h2>
- <p><a href="changes.html">An incomplete summary of recent changes</a></p>
- <h2>FAQ</h2>
- <p><a href="faq.html">The DevStack FAQ</a></p>
- <h2>Contributing</h2>
- <p><a href="contributing.html">Pitching in to make DevStack a better place</a></p>
- </div>
-
- </section>
-
- <section id="docs" class="span12">
- <div class="page-header">
- <h2>Code <small>A look at the bits that make it all go</small></h2>
- </div>
-
- <div class='row span5 pull-left'>
- <h2>Scripts <small>Generated documentation of DevStack scripts.</small></h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Filename</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>stack.sh</td>
- <td><a href="stack.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>functions</td>
- <td><a href="functions.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>functions-common</td>
- <td><a href="functions-common.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/apache</td>
- <td><a href="lib/apache.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/baremetal</td>
- <td><a href="lib/baremetal.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/ceilometer</td>
- <td><a href="lib/ceilometer.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/cinder</td>
- <td><a href="lib/cinder.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/config</td>
- <td><a href="lib/config.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/database</td>
- <td><a href="lib/database.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/glance</td>
- <td><a href="lib/glance.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/heat</td>
- <td><a href="lib/heat.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/horizon</td>
- <td><a href="lib/horizon.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/infra</td>
- <td><a href="lib/infra.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/ironic</td>
- <td><a href="lib/ironic.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/keystone</td>
- <td><a href="lib/keystone.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/ldap</td>
- <td><a href="lib/ldap.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/marconi</td>
- <td><a href="lib/marconi.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/neutron</td>
- <td><a href="lib/neutron.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/nova</td>
- <td><a href="lib/nova.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/oslo</td>
- <td><a href="lib/oslo.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/rpc_backend</td>
- <td><a href="lib/rpc_backend.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/sahara</td>
- <td><a href="lib/sahara.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/savanna</td>
- <td><a href="lib/savanna.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/stackforge</td>
- <td><a href="lib/stackforge.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/swift</td>
- <td><a href="lib/swift.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/tempest</td>
- <td><a href="lib/tempest.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/tls</td>
- <td><a href="lib/tls.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>lib/trove</td>
- <td><a href="lib/trove.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>unstack.sh</td>
- <td><a href="unstack.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>clean.sh</td>
- <td><a href="clean.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>run_tests.sh</td>
- <td><a href="run_tests.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/50-ironic.sh</td>
- <td><a href="extras.d/50-ironic.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/70-marconi.sh</td>
- <td><a href="extras.d/70-marconi.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/70-sahara.sh</td>
- <td><a href="extras.d/70-sahara.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/70-savanna.sh</td>
- <td><a href="extras.d/70-savanna.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/70-trove.sh</td>
- <td><a href="extras.d/70-trove.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/80-opendaylight.sh</td>
- <td><a href="extras.d/80-opendaylight.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>extras.d/80-tempest.sh</td>
- <td><a href="extras.d/80-tempest.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- </tbody>
- </table>
- </div>
-
- <div class='span5 pull-right'>
- <h2>Configuration <small>Setting the table</small></h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Filename</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>local.conf</td>
- <td><a href="local.conf.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>stackrc</td>
- <td><a href="stackrc.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>openrc</td>
- <td><a href="openrc.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exerciserc</td>
- <td><a href="exerciserc.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>eucarc</td>
- <td><a href="eucarc.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- </tbody>
- </table>
-
- <h2>Tools <small>Support scripts</small></h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Filename</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>tools/info.sh</td>
- <td><a href="tools/info.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/build_docs.sh</td>
- <td><a href="tools/build_docs.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/create_userrc.sh</td>
- <td><a href="tools/create_userrc.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/fixup_stuff.sh</td>
- <td><a href="tools/fixup_stuff.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/install_prereqs.sh</td>
- <td><a href="tools/install_prereqs.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/install_pip.sh</td>
- <td><a href="tools/install_pip.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>tools/upload_image.sh</td>
- <td><a href="tools/upload_image.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- </tbody>
- </table>
-
- <h2>Samples <small>Generated documentation of DevStack sample files.</small></h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Filename</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>local.sh</td>
- <td><a href="samples/local.sh.html" class="btn btn-small btn-success table-action">Read »</a></td>
- </tr>
- <tr>
- <td>localrc</td>
- <td><a href="samples/localrc.html" class="btn btn-small btn-success table-action">Read »</a></td>
- </tr>
- </tbody>
- </table>
-
- <div class='row span5 pull-right'>
- <h2>Exercises <small>Generated documentation of DevStack scripts.</small></h2>
- <table class='table table-striped table-bordered'>
- <thead>
- <tr>
- <th>Filename</th>
- <th>Link</th>
- </tr>
- </thead>
- <tbody>
- <tr>
- <td>exercise.sh</td>
- <td><a href="exercise.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/aggregates.sh</td>
- <td><a href="exercises/aggregates.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/boot_from_volume.sh</td>
- <td><a href="exercises/boot_from_volume.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/bundle.sh</td>
- <td><a href="exercises/bundle.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/client-args.sh</td>
- <td><a href="exercises/client-args.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/client-env.sh</td>
- <td><a href="exercises/client-env.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/euca.sh</td>
- <td><a href="exercises/euca.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/floating_ips.sh</td>
- <td><a href="exercises/floating_ips.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/horizon.sh</td>
- <td><a href="exercises/horizon.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <td>exercises/marconi.sh</td>
- <td><a href="exercises/marconi.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/neutron-adv-test.sh</td>
- <td><a href="exercises/neutron-adv-test.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <td>exercises/sahara.sh</td>
- <td><a href="exercises/sahara.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <td>exercises/savanna.sh</td>
- <td><a href="exercises/savanna.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/sec_groups.sh</td>
- <td><a href="exercises/sec_groups.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/swift.sh</td>
- <td><a href="exercises/swift.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <td>exercises/trove.sh</td>
- <td><a href="exercises/trove.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- <tr>
- <td>exercises/volumes.sh</td>
- <td><a href="exercises/volumes.sh.html" class="btn btn-small btn-primary table-action">Read »</a></td>
- </tr>
- </tbody>
- </table>
-
- </div>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/local.conf.html b/docs/source/local.conf.html
deleted file mode 100644
index ed53adf..0000000
--- a/docs/source/local.conf.html
+++ /dev/null
@@ -1,64 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - local.conf</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>local.conf <small>User settings</small></h2>
- <p><code>local.conf</code> is a user-maintained setings file that is
- sourced in <code>stackrc</code>. It contains a section that replaces
- the historical <code>localrc</code> file. See
- <a href="configuration.html">the description of local.conf</a> for
- more details about the mechanics of the file.</p>
- </div>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/localrc.html b/docs/source/localrc.html
deleted file mode 100644
index 0f669bd..0000000
--- a/docs/source/localrc.html
+++ /dev/null
@@ -1,60 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - localrc</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>localrc <small>User settings</small></h2>
- <p><code>localrc</code> is the old file used to configure DevStack. It is deprecated and has been replaced by <a href="local.conf.html"><code>local.conf</code></a>. DevStack will continue to use <code>localrc</code> if it is present and ignore the <code>localrc</code> section in <code>local.conf.</code>. Remove <code>localrc</code> to switch to using the new file.</p>
- </div>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/openrc.html b/docs/source/openrc.html
deleted file mode 100644
index b84d268..0000000
--- a/docs/source/openrc.html
+++ /dev/null
@@ -1,115 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - openrc</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>openrc <small>User authentication settings</small></h2>
- <p><code>openrc</code> configures login credentials suitable for use
- with the OpenStack command-line tools. <code>openrc</code> sources
- <code>stackrc</code> at the beginning (which in turn sources
- the <code>localrc</code> setion of <code>local.conf</code>) in
- order to pick up <code>HOST_IP</code>
- and/or <code>SERVICE_HOST</code> to use in the endpoints.
- The values shown below are the default values.</p>
- </div>
- <dl>
-
- <dt>OS_TENANT_NAME</dt>
- <dd>The introduction of Keystone to the OpenStack ecosystem has standardized the
- term <em>tenant</em> as the entity that owns resources. In some places references
- still exist to the original Nova term <em>project</em> for this use. Also,
- <em>tenant_name</em> is prefered to <em>tenant_id</em>.
- <pre>OS_TENANT_NAME=demo</pre></dd>
-
- <dt>OS_USERNAME</dt>
- <dd>In addition to the owning entity (tenant), Nova stores the entity performing
- the action as the <em>user</em>.
- <pre>OS_USERNAME=demo</pre></dd>
-
- <dt>OS_PASSWORD</dt>
- <dd>With Keystone you pass the keystone password instead of an api key.
- Recent versions of novaclient use OS_PASSWORD instead of NOVA_API_KEYs
- or NOVA_PASSWORD.
- <pre>OS_PASSWORD=secrete</pre></dd>
-
- <dt>HOST_IP, SERVICE_HOST</dt>
- <dd>Set API endpoint host using <code>HOST_IP</code>. <code>SERVICE_HOST</code>
- may also be used to specify the endpoint, which is convenient for
- some <code>localrc</code> configurations. Typically, <code>HOST_IP</code>
- is set in the <code>localrc</code> section.
- <pre>HOST_IP=127.0.0.1
-SERVICE_HOST=$HOST_IP</pre></dd>
-
- <dt>OS_AUTH_URL</dt>
- <dd>Authenticating against an OpenStack cloud using Keystone returns a <em>Token</em>
- and <em>Service Catalog</em>. The catalog contains the endpoints for all services
- the user/tenant has access to - including Nova, Glance, Keystone and Swift.
- <pre>OS_AUTH_URL=http://$SERVICE_HOST:5000/v2.0</pre></dd>
-
- <dt>GLANCE_HOST</dt>
- <dd>Some exercises call Glance directly. On a single-node installation, Glance
- should be listening on <code>HOST_IP</code>. If its running elsewhere
- it can be set here.
- <pre>GLANCE_HOST=$HOST_IP</pre></dd>
-
- <dt>KEYSTONECLIENT_DEBUG, NOVACLIENT_DEBUG</dt>
- <dd>Set command-line client log level to <code>DEBUG</code>. These are
- commented out by default.
- <pre># export KEYSTONECLIENT_DEBUG=1
-# export NOVACLIENT_DEBUG=1</pre></dd>
-
- </dl>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An
- <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a>
- created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/docs/source/overview.html b/docs/source/overview.html
deleted file mode 100644
index baee400..0000000
--- a/docs/source/overview.html
+++ /dev/null
@@ -1,118 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Overview</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="overview" class="span12">
-
- <div class='row pull-left'>
- <h2>Overview <small>DevStack from a cloud-height view</small></h2>
- <p>DevStack has evolved to support a large number of configuration options and alternative platforms and support services. That evolution has grown well beyond what was originally intended and the majority of configuration combinations are rarely, if ever, tested. DevStack is not a general OpenStack installer and was never meant to be everything to everyone..</p>
- <p>Below is a list of what is specifically is supported (read that as "tested") going forward.</p>
-
- <h2>Supported Components</h2>
-
- <h3>Base OS</h3>
- <p><em>The OpenStack Technical Committee (TC) has defined the current CI strategy to include the latest Ubuntu release and the latest RHEL release (for Python 2.6 testing).</em></p>
- <ul>
- <li>Ubuntu: current LTS release plus current development release</li>
- <li>Fedora: current release plus previous release</li>
- <li>RHEL: current major release</li>
- <li>Other OS platforms may continue to be included but the maintenance of those platforms shall not be assumed simply due to their presence. Having a listed point-of-contact for each additional OS will greatly increase its chance of being well-maintained.</li>
- <li>Patches for Ubuntu and/or Fedora will not be held up due to side-effects on other OS platforms.</li>
- </ul>
-
- <h3>Databases</h3>
- <p><em>As packaged by the host OS</em></p>
- <ul>
- <li>MySQL</li>
- <li>PostgreSQL</li>
- </ul>
-
- <h3>Queues</h3>
- <p><em>As packaged by the host OS</em></p>
- <ul>
- <li>Rabbit</li>
- <li>Qpid</li>
-<!--
- <li>ZeroMQ</li>
--->
- </ul>
-
- <h3>Web Server</h3>
- <p><em>As packaged by the host OS</em></p>
- <ul>
- <li>Apache</li>
- </ul>
-
- <h3>OpenStack Network</h3>
- <p><em>Default to Nova Network, optionally use Neutron</em></p>
- <ul>
- <li>Nova Network: FlatDHCP</li>
- <li>Neutron: A basic configuration approximating the original FlatDHCP mode using linuxbridge or OpenVSwitch.</li>
- </ul>
-
- <h3>Services</h3>
- <p>The default services configured by DevStack are Identity (Keystone), Object Storage (Swift), Image Storage (Glance), Block Storage (Cinder), Compute (Nova), Network (Nova), Dashboard (Horizon), Orchestration (Heat)</p>
- <p>Additional services not included directly in DevStack can be tied in to <code>stack.sh</code> using the <a href="plugins.html">plugin mechanism</a> to call scripts that perform the configuration and startup of the service.</p>
-
- <h3>Node Configurations</h3>
- <ul>
- <li>single node</li>
- <li>multi-node is not tested regularly by the core team, and even then only minimal configurations are reviewed</li>
- </ul>
-
- <h3>Exercises</h3>
- <p>The DevStack exercise scripts are no longer used as integration and gate testing as that job has transitioned to Tempest. They are still maintained as a demonstrations of using OpenStack from the command line and for quick operational testing.</p>
-
- </div>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/plugins.html b/docs/source/plugins.html
deleted file mode 100644
index 3327128..0000000
--- a/docs/source/plugins.html
+++ /dev/null
@@ -1,142 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - Plugins</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container" id="home">
-
- <section id="faq" class="span12">
-
- <div class='row pull-left'>
- <h2>Plugins <small>Add stuff</small></h2>
- <p>DevStack has a couple of plugin mechanisms to allow easily adding support for additional projects and features.</p>
-
- <h3>Extras.d Hooks</h3>
- <p>These relatively new hooks are an extension of the existing calls from <code>stack.sh</code> at the end of its run, plus <code>unstack.sh</code> and <code>clean.sh</code>. A number of the higher-layer projects are implemented in DevStack using this mechanism.</p>
-
- <p>The script in <code>extras.d</code> is expected to be mostly a dispatcher to functions in a <code>lib/*</code> script. The scripts are named with a zero-padded two digits sequence number prefix to control the order that the scripts are called, and with a suffix of <code>.sh</code>. DevSack reserves for itself the sequence numbers 00 through 09 and 90 through 99.</p>
-
- <p>Below is a template that shows handlers for the possible command-line arguments:</p>
-
-<pre>
-# template.sh - DevStack extras.d dispatch script template
-
-# check for service enabled
-if is_service_enabled template; then
-
- if [[ "$1" == "source" ]]; then
- # Initial source of lib script
- source $TOP_DIR/lib/template
- fi
-
- if [[ "$1" == "stack" && "$2" == "pre-install" ]]; then
- # Set up system services
- echo_summary "Configuring system services Template"
- install_package cowsay
-
- elif [[ "$1" == "stack" && "$2" == "install" ]]; then
- # Perform installation of service source
- echo_summary "Installing Template"
- install_template
-
- elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
- # Configure after the other layer 1 and 2 services have been configured
- echo_summary "Configuring Template"
- configure_template
-
- elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
- # Initialize and start the template service
- echo_summary "Initializing Template"
- ##init_template
- fi
-
- if [[ "$1" == "unstack" ]]; then
- # Shut down template services
- # no-op
- :
- fi
-
- if [[ "$1" == "clean" ]]; then
- # Remove state and transient data
- # Remember clean.sh first calls unstack.sh
- # no-op
- :
- fi
-fi
-</pre>
-
- <p>The arguments are:
- <ul>
- <li><strong>source</strong> - Called by each script that utilizes <code>extras.d</code> hooks; this replaces directly sourcing the <code>lib/*</code> script.</li>
- <li><strong>stack</strong> - Called by <code>stack.sh</code> three times for different phases of its run:
- <ul>
- <li><strong>pre-install</strong> - Called after system (OS) setup is complete and before project source is installed.</li>
- <li><strong>install</strong> - Called after the layer 1 and 2 projects source and their dependencies have been installed.</li>
- <li><strong>post-config</strong> - Called after the layer 1 and 2 services have been configured. All configuration files for enabled services should exist at this point.</li>
- <li><strong>extra</strong> - Called near the end after layer 1 and 2 services have been started. This is the existing hook and has not otherwise changed.</li>
- </ul></li>
- <li><strong>unstack</strong> - Called by <code>unstack.sh</code> before other services are shut down.</li>
- <li><strong>clean</strong> - Called by <code>clean.sh</code> before other services are cleaned, but after <code>unstack.sh</code> has been called.
- </ul></p>
-
-
- <h3>Hypervisor</h3>
- <p>Hypervisor plugins are fairly new and condense most hypervisor configuration into one place.</p>
-
- <p>The initial plugin implemented was for Docker support and is a useful template for the required support. Plugins are placed in <code>lib/nova_plugins</code> and named <code>hypervisor-<name></code> where <code><name></code> is the value of <code>VIRT_DRIVER</code>. Plugins must define the following functions:</p>
- <ul>
- <li><code>install_nova_hypervisor</code> - install any external requirements</li>
- <li><code>configure_nova_hypervisor</code> - make configuration changes, including those to other services</li>
- <li><code>start_nova_hypervisor</code> - start any external services</li>
- <li><code>stop_nova_hypervisor</code> - stop any external services</li>
- <li><code>cleanup_nova_hypervisor</code> - remove transient data and cache</li>
- </ul>
- </div>
-
- </section>
-
- <footer>
- <p>© Openstack Foundation 2011-2013 — An <a href="https://wiki.openstack.org/wiki/Programs">OpenStack program</a> created by <a href="http://www.rackspace.com/cloud/private_edition/">Rackspace Cloud Builders</a></p>
- </footer>
-
- </div> <!-- /container -->
- </body>
-</html>
diff --git a/docs/source/stackrc.html b/docs/source/stackrc.html
deleted file mode 100644
index 23a48c5..0000000
--- a/docs/source/stackrc.html
+++ /dev/null
@@ -1,101 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
- <head>
- <meta charset="utf-8">
- <title>DevStack - stackrc</title>
- <meta name="description" content="">
- <meta name="author" content="">
-
- <!-- Le HTML5 shim, for IE6-8 support of HTML elements -->
- <!--[if lt IE 9]>
- <script src="http://html5shim.googlecode.com/svn/trunk/html5.js"></script>
- <![endif]-->
-
- <!-- Le styles -->
- <link href="assets/css/bootstrap.css" rel="stylesheet">
- <link href="assets/css/local.css" rel="stylesheet">
- <style type="text/css">
- body { padding-top: 60px; }
- dd { padding: 10px; }
- </style>
-
- <!-- Le javascripts -->
- <script src="../assets/js/jquery-1.7.1.min.js" type="text/javascript" charset="utf-8"></script>
- <script src="../assets/js/bootstrap.js" type="text/javascript" charset="utf-8"></script>
- </head>
-
- <body>
-
- <div class="navbar navbar-fixed-top">
- <div class="navbar-inner">
- <div class="container">
- <a class="brand" href="/">DevStack</a>
- <ul class="nav pull-right">
- <li><a href="overview.html">Overview</a></li>
- <li><a href="changes.html">Changes</a></li>
- <li><a href="faq.html">FAQ</a></li>
- <li><a href="http://github.com/openstack-dev/devstack">GitHub</a></li>
- <li><a href="https://review.openstack.org/#/q/status:open+project:openstack-dev/devstack,n,z">Gerrit</a></li>
- </ul>
- </div>
- </div>
- </div>
-
- <div class="container">
-
- <section class="span12">
- <div class="page-header">
- <h2>stackrc <small>DevStack settings</small></h2>
- <p><code>stackrc</code> is the primary configuration file for DevStack.
- It contains all of the settings that control the services started
- and the repositories used to download the source for those services.
- <code>stackrc</code> sources the <code>localrc</code> section of
- <code>local.conf</code> to perform the default overrides.</p>
- </div>
- <dl>
-
- <dt>DATABASE_TYPE</dt>
- <dd>Select the database backend to use. The default is <code>mysql</code>,
- <code>postgresql</code> is also available.</dd>
-
- <dt>ENABLED_SERVICES</dt>
- <dd>Specify which services to launch. These generally correspond to
- screen tabs.
- The default includes: Glance (API and Registry), Keystone, Nova (API,
- Certificate, Object Store, Compute, Network, Scheduler, VNC proxies,
- Certificate Authentication), Cinder (Scheduler, API, Volume), Horizon, MySQL, RabbitMQ, Tempest.
- <pre>ENABLED_SERVICES=g-api,g-reg,key,n-api,n-crt,n-obj,n-cpu,n-net,n-cond,cinder,c-sch,c-api,c-vol,n-sch,n-novnc,n-xvnc,n-cauth,horizon,rabbit,tempest,$DATABASE_TYPE</pre>
- Other services that are not enabled by default can be enabled in
- <code>localrc</code>. For example, to add Swift:
- <pre>enable_service swift</pre>
- A service can similarly be disabled:
- <pre>disable_service horizon</pre></dd>
-
- <dt>Service Repos</dt>
- <dd>The Git repositories used to check out the source for each service
- are controlled by a pair of variables set for each service.
- <code>*_REPO</code> points to the repository and <code>*_BRANCH</code>
- selects which branch to check out. These may be overridden in
- <code>local.conf</code> to pull source from a different repo for testing,
- such as a Gerrit branch proposal. <code>GIT_BASE</code> points to the primary repository server.
- <pre>NOVA_REPO=$GIT_BASE/openstack/nova.git
-NOVA_BRANCH=master</pre>
- To pull a branch directly from Gerrit, get the repo and branch from the
- Gerrit review page:
- <pre>git fetch https://review.openstack.org/p/openstack/nova refs/changes/50/5050/1 && git checkout FETCH_HEAD</pre>
- The repo is the stanza following <code>fetch</code> and the branch
- is the stanza following that:
- <pre>NOVA_REPO=https://review.openstack.org/p/openstack/nova
-NOVA_BRANCH=refs/changes/50/5050/1</pre></dd>
-
- </dl>
- </section
-
- <footer>
- <p>© Openstack Foundation 2011-2014 — An <a href="https://www.openstack.org/">OpenStack</a> <a href="https://wiki.openstack.org/wiki/Programs">program</a></p>
- </footer>
-
- </div> <!-- /container -->
-
- </body>
-</html>
diff --git a/exercises/boot_from_volume.sh b/exercises/boot_from_volume.sh
index d756685..a2ae275 100755
--- a/exercises/boot_from_volume.sh
+++ b/exercises/boot_from_volume.sh
@@ -71,10 +71,10 @@
# ------
# List the images available
-glance image-list
+openstack image list
# Grab the id of the image to launch
-IMAGE=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
+IMAGE=$(openstack image list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
die_if_not_set $LINENO IMAGE "Failure getting image $DEFAULT_IMAGE_NAME"
# Security Groups
diff --git a/exercises/client-args.sh b/exercises/client-args.sh
index b360f1e..2f85d98 100755
--- a/exercises/client-args.sh
+++ b/exercises/client-args.sh
@@ -122,7 +122,7 @@
STATUS_GLANCE="Skipped"
else
echo -e "\nTest Glance"
- if glance $TENANT_ARG $ARGS image-list; then
+ if openstack $TENANT_ARG $ARGS image list; then
STATUS_GLANCE="Succeeded"
else
STATUS_GLANCE="Failed"
diff --git a/exercises/client-env.sh b/exercises/client-env.sh
index cc518d9..4a0609a 100755
--- a/exercises/client-env.sh
+++ b/exercises/client-env.sh
@@ -132,7 +132,7 @@
STATUS_GLANCE="Skipped"
else
echo -e "\nTest Glance"
- if glance image-list; then
+ if openstack image list; then
STATUS_GLANCE="Succeeded"
else
STATUS_GLANCE="Failed"
diff --git a/exercises/floating_ips.sh b/exercises/floating_ips.sh
index 7e90e5a..57f48e0 100755
--- a/exercises/floating_ips.sh
+++ b/exercises/floating_ips.sh
@@ -71,10 +71,10 @@
# ------
# List the images available
-glance image-list
+openstack image list
# Grab the id of the image to launch
-IMAGE=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
+IMAGE=$(openstack image list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
die_if_not_set $LINENO IMAGE "Failure getting image $DEFAULT_IMAGE_NAME"
# Security Groups
diff --git a/exercises/neutron-adv-test.sh b/exercises/neutron-adv-test.sh
index 6679670..5b3281b 100755
--- a/exercises/neutron-adv-test.sh
+++ b/exercises/neutron-adv-test.sh
@@ -134,7 +134,7 @@
}
function get_image_id {
- local IMAGE_ID=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
+ local IMAGE_ID=$(openstack image list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
die_if_not_set $LINENO IMAGE_ID "Failure retrieving IMAGE_ID"
echo "$IMAGE_ID"
}
diff --git a/exercises/swift.sh b/exercises/swift.sh
index 25ea671..afcede8 100755
--- a/exercises/swift.sh
+++ b/exercises/swift.sh
@@ -45,16 +45,16 @@
# =============
# Check if we have to swift via keystone
-swift stat || die $LINENO "Failure geting status"
+swift stat || die $LINENO "Failure getting status"
# We start by creating a test container
-swift post $CONTAINER || die $LINENO "Failure creating container $CONTAINER"
+openstack container create $CONTAINER || die $LINENO "Failure creating container $CONTAINER"
# add some files into it.
-swift upload $CONTAINER /etc/issue || die $LINENO "Failure uploading file to container $CONTAINER"
+openstack object create $CONTAINER /etc/issue || die $LINENO "Failure uploading file to container $CONTAINER"
# list them
-swift list $CONTAINER || die $LINENO "Failure listing contents of container $CONTAINER"
+openstack object list $CONTAINER || die $LINENO "Failure listing contents of container $CONTAINER"
# And we may want to delete them now that we have tested that
# everything works.
diff --git a/exercises/volumes.sh b/exercises/volumes.sh
index 1dff6a4..504fba1 100755
--- a/exercises/volumes.sh
+++ b/exercises/volumes.sh
@@ -68,10 +68,10 @@
# ------
# List the images available
-glance image-list
+openstack image list
# Grab the id of the image to launch
-IMAGE=$(glance image-list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
+IMAGE=$(openstack image list | egrep " $DEFAULT_IMAGE_NAME " | get_field 1)
die_if_not_set $LINENO IMAGE "Failure getting image $DEFAULT_IMAGE_NAME"
# Security Groups
diff --git a/exercises/marconi.sh b/exercises/zaqar.sh
similarity index 86%
rename from exercises/marconi.sh
rename to exercises/zaqar.sh
index 9d83a99..6996f34 100755
--- a/exercises/marconi.sh
+++ b/exercises/zaqar.sh
@@ -1,8 +1,8 @@
#!/usr/bin/env bash
-# **marconi.sh**
+# **zaqar.sh**
-# Sanity check that Marconi started if enabled
+# Sanity check that Zaqar started if enabled
echo "*********************************************************************"
echo "Begin DevStack Exercise: $0"
@@ -33,9 +33,9 @@
# Import exercise configuration
source $TOP_DIR/exerciserc
-is_service_enabled marconi-server || exit 55
+is_service_enabled zaqar-server || exit 55
-curl http://$SERVICE_HOST:8888/v1/ 2>/dev/null | grep -q 'queue_name' || die $LINENO "Marconi API not functioning!"
+curl http://$SERVICE_HOST:8888/v1/ 2>/dev/null | grep -q 'queue_name' || die $LINENO "Zaqar API not functioning!"
set +o xtrace
echo "*********************************************************************"
diff --git a/extras.d/40-dib.sh b/extras.d/40-dib.sh
new file mode 100644
index 0000000..fdae011
--- /dev/null
+++ b/extras.d/40-dib.sh
@@ -0,0 +1,27 @@
+# dib.sh - Devstack extras script to install diskimage-builder
+
+if is_service_enabled dib; then
+ if [[ "$1" == "source" ]]; then
+ # Initial source
+ source $TOP_DIR/lib/dib
+ elif [[ "$1" == "stack" && "$2" == "install" ]]; then
+ echo_summary "Installing diskimage-builder"
+ install_dib
+ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+ # no-op
+ :
+ elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+ # no-op
+ :
+ fi
+
+ if [[ "$1" == "unstack" ]]; then
+ # no-op
+ :
+ fi
+
+ if [[ "$1" == "clean" ]]; then
+ # no-op
+ :
+ fi
+fi
diff --git a/extras.d/60-ceph.sh b/extras.d/60-ceph.sh
index 5fb34ea..50bdfae 100644
--- a/extras.d/60-ceph.sh
+++ b/extras.d/60-ceph.sh
@@ -26,8 +26,9 @@
if is_service_enabled cinder; then
echo_summary "Configuring Cinder for Ceph"
configure_ceph_cinder
- # NOTE (leseb): the part below is a requirement from Cinder in order to attach volumes
- # so we should run the following within the if statement.
+ fi
+ if is_service_enabled cinder || is_service_enabled nova; then
+ # NOTE (leseb): the part below is a requirement to attach Ceph block devices
echo_summary "Configuring libvirt secret"
import_libvirt_secret_ceph
fi
diff --git a/extras.d/70-marconi.sh b/extras.d/70-marconi.sh
deleted file mode 100644
index a96a4c5..0000000
--- a/extras.d/70-marconi.sh
+++ /dev/null
@@ -1,29 +0,0 @@
-# marconi.sh - Devstack extras script to install Marconi
-
-if is_service_enabled marconi-server; then
- if [[ "$1" == "source" ]]; then
- # Initial source
- source $TOP_DIR/lib/marconi
- elif [[ "$1" == "stack" && "$2" == "install" ]]; then
- echo_summary "Installing Marconi"
- install_marconiclient
- install_marconi
- elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
- echo_summary "Configuring Marconi"
- configure_marconi
- configure_marconiclient
-
- if is_service_enabled key; then
- create_marconi_accounts
- fi
-
- elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
- echo_summary "Initializing Marconi"
- init_marconi
- start_marconi
- fi
-
- if [[ "$1" == "unstack" ]]; then
- stop_marconi
- fi
-fi
diff --git a/extras.d/70-sahara.sh b/extras.d/70-sahara.sh
index 80e07ff..2a34999 100644
--- a/extras.d/70-sahara.sh
+++ b/extras.d/70-sahara.sh
@@ -4,21 +4,15 @@
if [[ "$1" == "source" ]]; then
# Initial source
source $TOP_DIR/lib/sahara
- source $TOP_DIR/lib/sahara-dashboard
elif [[ "$1" == "stack" && "$2" == "install" ]]; then
echo_summary "Installing sahara"
install_sahara
+ install_python_saharaclient
cleanup_sahara
- if is_service_enabled horizon; then
- install_sahara_dashboard
- fi
elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
echo_summary "Configuring sahara"
configure_sahara
create_sahara_accounts
- if is_service_enabled horizon; then
- configure_sahara_dashboard
- fi
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
echo_summary "Initializing sahara"
start_sahara
@@ -26,9 +20,6 @@
if [[ "$1" == "unstack" ]]; then
stop_sahara
- if is_service_enabled horizon; then
- cleanup_sahara_dashboard
- fi
fi
if [[ "$1" == "clean" ]]; then
diff --git a/extras.d/70-zaqar.sh b/extras.d/70-zaqar.sh
new file mode 100644
index 0000000..63c4fd5
--- /dev/null
+++ b/extras.d/70-zaqar.sh
@@ -0,0 +1,29 @@
+# zaqar.sh - Devstack extras script to install Zaqar
+
+if is_service_enabled zaqar-server; then
+ if [[ "$1" == "source" ]]; then
+ # Initial source
+ source $TOP_DIR/lib/zaqar
+ elif [[ "$1" == "stack" && "$2" == "install" ]]; then
+ echo_summary "Installing Zaqar"
+ install_zaqarclient
+ install_zaqar
+ elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
+ echo_summary "Configuring Zaqar"
+ configure_zaqar
+ configure_zaqarclient
+
+ if is_service_enabled key; then
+ create_zaqar_accounts
+ fi
+
+ elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
+ echo_summary "Initializing Zaqar"
+ init_zaqar
+ start_zaqar
+ fi
+
+ if [[ "$1" == "unstack" ]]; then
+ stop_zaqar
+ fi
+fi
diff --git a/files/apache-ceilometer.template b/files/apache-ceilometer.template
new file mode 100644
index 0000000..1c57b32
--- /dev/null
+++ b/files/apache-ceilometer.template
@@ -0,0 +1,15 @@
+Listen %PORT%
+
+<VirtualHost *:%PORT%>
+ WSGIDaemonProcess ceilometer-api processes=2 threads=10 user=%USER% display-name=%{GROUP}
+ WSGIProcessGroup ceilometer-api
+ WSGIScriptAlias / %WSGIAPP%
+ WSGIApplicationGroup %{GLOBAL}
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%{cu}t %M"
+ </IfVersion>
+ ErrorLog /var/log/%APACHE_NAME%/ceilometer.log
+ CustomLog /var/log/%APACHE_NAME%/ceilometer_access.log combined
+</VirtualHost>
+
+WSGISocketPrefix /var/run/%APACHE_NAME%
diff --git a/files/apache-dib-pip-repo.template b/files/apache-dib-pip-repo.template
new file mode 100644
index 0000000..5d2379b
--- /dev/null
+++ b/files/apache-dib-pip-repo.template
@@ -0,0 +1,15 @@
+Listen %DIB_PIP_REPO_PORT%
+
+<VirtualHost *:%DIB_PIP_REPO_PORT%>
+ DocumentRoot %DIB_PIP_REPO%
+ <Directory %DIB_PIP_REPO%>
+ DirectoryIndex index.html
+ Require all granted
+ Order allow,deny
+ allow from all
+ </Directory>
+
+ ErrorLog /var/log/%APACHE_NAME%/dib_pip_repo_error.log
+ LogLevel warn
+ CustomLog /var/log/%APACHE_NAME%/dib_pip_repo_access.log combined
+</VirtualHost>
diff --git a/files/apache-horizon.template b/files/apache-horizon.template
index af880c4..bca1251 100644
--- a/files/apache-horizon.template
+++ b/files/apache-horizon.template
@@ -1,6 +1,6 @@
<VirtualHost *:80>
WSGIScriptAlias / %HORIZON_DIR%/openstack_dashboard/wsgi/django.wsgi
- WSGIDaemonProcess horizon user=%USER% group=%GROUP% processes=3 threads=10 home=%HORIZON_DIR%
+ WSGIDaemonProcess horizon user=%USER% group=%GROUP% processes=3 threads=10 home=%HORIZON_DIR% display-name=%{GROUP}
WSGIApplicationGroup %{GLOBAL}
SetEnv APACHE_RUN_USER %USER%
@@ -17,10 +17,16 @@
<Directory %HORIZON_DIR%/>
Options Indexes FollowSymLinks MultiViews
- %HORIZON_REQUIRE%
AllowOverride None
- Order allow,deny
- allow from all
+ # Apache 2.4 uses mod_authz_host for access control now (instead of
+ # "Allow")
+ <IfVersion < 2.4>
+ Order allow,deny
+ Allow from all
+ </IfVersion>
+ <IfVersion >= 2.4>
+ Require all granted
+ </IfVersion>
</Directory>
ErrorLog /var/log/%APACHE_NAME%/horizon_error.log
diff --git a/files/apache-ironic.template b/files/apache-ironic.template
new file mode 100644
index 0000000..8864194
--- /dev/null
+++ b/files/apache-ironic.template
@@ -0,0 +1,12 @@
+Listen %PUBLICPORT%
+
+<VirtualHost *:%PUBLICPORT%>
+ DocumentRoot "%HTTPROOT%"
+ <Directory "%HTTPROOT%">
+ Options Indexes FollowSymLinks
+ AllowOverride None
+ Order allow,deny
+ Allow from all
+ Require all granted
+ </Directory>
+</VirtualHost>
diff --git a/files/apache-keystone.template b/files/apache-keystone.template
index 805e7b8..88492d3 100644
--- a/files/apache-keystone.template
+++ b/files/apache-keystone.template
@@ -2,23 +2,33 @@
Listen %ADMINPORT%
<VirtualHost *:%PUBLICPORT%>
- WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER%
+ WSGIDaemonProcess keystone-public processes=5 threads=1 user=%USER% display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / %PUBLICWSGI%
WSGIApplicationGroup %{GLOBAL}
- ErrorLog /var/log/%APACHE_NAME%/keystone
- LogLevel debug
- CustomLog /var/log/%APACHE_NAME%/access.log combined
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%{cu}t %M"
+ </IfVersion>
+ ErrorLog /var/log/%APACHE_NAME%/keystone.log
+ CustomLog /var/log/%APACHE_NAME%/keystone_access.log combined
+ %SSLENGINE%
+ %SSLCERTFILE%
+ %SSLKEYFILE%
</VirtualHost>
<VirtualHost *:%ADMINPORT%>
- WSGIDaemonProcess keystone-admin processes=5 threads=1 user=%USER%
+ WSGIDaemonProcess keystone-admin processes=5 threads=1 user=%USER% display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / %ADMINWSGI%
WSGIApplicationGroup %{GLOBAL}
- ErrorLog /var/log/%APACHE_NAME%/keystone
- LogLevel debug
- CustomLog /var/log/%APACHE_NAME%/access.log combined
+ <IfVersion >= 2.4>
+ ErrorLogFormat "%{cu}t %M"
+ </IfVersion>
+ ErrorLog /var/log/%APACHE_NAME%/keystone.log
+ CustomLog /var/log/%APACHE_NAME%/keystone_access.log combined
+ %SSLENGINE%
+ %SSLCERTFILE%
+ %SSLKEYFILE%
</VirtualHost>
# Workaround for missing path on RHEL6, see
diff --git a/files/apts/general b/files/apts/general
index d65cab3..3fe7863 100644
--- a/files/apts/general
+++ b/files/apts/general
@@ -7,6 +7,7 @@
psmisc
gcc
git
+graphviz # testonly - docs
lsof # useful when debugging
openssh-server
openssl
@@ -25,3 +26,5 @@
bc
libyaml-dev
libffi-dev
+libssl-dev # for pyOpenSSL
+gettext # used for compiling message catalogs
diff --git a/files/apts/horizon b/files/apts/horizon
index 8969046..5d06928 100644
--- a/files/apts/horizon
+++ b/files/apts/horizon
@@ -9,13 +9,12 @@
python-xattr
python-sqlalchemy
python-webob
-python-kombu
pylint
python-eventlet
python-nose
python-sphinx
python-mox
-python-kombu
python-coverage
python-cherrypy3 # why?
python-migrate
+libpcre3-dev # pyScss
diff --git a/files/apts/ironic b/files/apts/ironic
index fe9c07f..45fdecc 100644
--- a/files/apts/ironic
+++ b/files/apts/ironic
@@ -1,5 +1,7 @@
+docker.io
ipmitool
iptables
+ipxe
libguestfs0
libvirt-bin
openssh-client
@@ -7,6 +9,9 @@
openvswitch-datapath-dkms
python-libguestfs
python-libvirt
+qemu
+qemu-kvm
+qemu-utils
syslinux
tftpd-hpa
xinetd
diff --git a/files/apts/keystone b/files/apts/keystone
index b7218b7..d316a42 100644
--- a/files/apts/keystone
+++ b/files/apts/keystone
@@ -6,6 +6,7 @@
python-pysqlite2
python-sqlalchemy
python-mysqldb
+python-mysql.connector
python-webob
python-greenlet
python-routes
diff --git a/files/apts/marconi-server b/files/apts/marconi-server
deleted file mode 100644
index bc7ef22..0000000
--- a/files/apts/marconi-server
+++ /dev/null
@@ -1,3 +0,0 @@
-python-pymongo
-mongodb-server
-pkg-config
diff --git a/files/apts/neutron b/files/apts/neutron
index 648716a..a48a800 100644
--- a/files/apts/neutron
+++ b/files/apts/neutron
@@ -2,24 +2,25 @@
iptables
iputils-ping
iputils-arping
+libmysqlclient-dev # testonly
mysql-server #NOPRIME
sudo
-python-boto
python-iso8601
python-paste
python-routes
python-suds
python-pastedeploy
python-greenlet
-python-kombu
python-eventlet
python-sqlalchemy
python-mysqldb
+python-mysql.connector
python-pyudev
-python-qpid # dist:precise
+python-qpid # NOPRIME
dnsmasq-base
dnsmasq-utils # for dhcp_release only available in dist:precise
rabbitmq-server # NOPRIME
qpidd # NOPRIME
sqlite3
vlan
+radvd # NOPRIME
diff --git a/files/apts/nova b/files/apts/nova
index e779849..66f29c4 100644
--- a/files/apts/nova
+++ b/files/apts/nova
@@ -4,8 +4,10 @@
kpartx
parted
iputils-arping
+libmysqlclient-dev # testonly
mysql-server # NOPRIME
python-mysqldb
+python-mysql.connector
python-xattr # needed for glance which is needed for nova --- this shouldn't be here
python-lxml # needed for glance which is needed for nova --- this shouldn't be here
gawk
@@ -16,13 +18,14 @@
qemu-kvm # NOPRIME
qemu # dist:wheezy,jessie NOPRIME
libvirt-bin # NOPRIME
+libvirt-dev # NOPRIME
pm-utils
libjs-jquery-tablesorter # Needed for coverage html reports
vlan
curl
genisoimage # required for config_drive
rabbitmq-server # NOPRIME
-qpidd # dist:precise NOPRIME
+qpidd # NOPRIME
socat # used by ajaxterm
python-mox
python-paste
@@ -40,8 +43,6 @@
python-suds
python-lockfile
python-m2crypto
-python-boto
-python-kombu
python-feedparser
python-iso8601
-python-qpid # dist:precise
+python-qpid # NOPRIME
diff --git a/files/apts/q-agt b/files/apts/q-agt
new file mode 100644
index 0000000..ea8819e
--- /dev/null
+++ b/files/apts/q-agt
@@ -0,0 +1 @@
+ipset
diff --git a/files/apts/q-l3 b/files/apts/q-l3
new file mode 100644
index 0000000..b98b628
--- /dev/null
+++ b/files/apts/q-l3
@@ -0,0 +1,2 @@
+conntrackd
+keepalived
diff --git a/files/apts/qpid b/files/apts/qpid
new file mode 100644
index 0000000..e3bbf09
--- /dev/null
+++ b/files/apts/qpid
@@ -0,0 +1 @@
+sasl2-bin # NOPRIME
diff --git a/files/apts/zaqar-server b/files/apts/zaqar-server
new file mode 100644
index 0000000..32b1017
--- /dev/null
+++ b/files/apts/zaqar-server
@@ -0,0 +1,5 @@
+python-pymongo
+mongodb-server
+pkg-config
+redis-server # NOPRIME
+python-redis # NOPRIME
\ No newline at end of file
diff --git a/files/default_catalog.templates b/files/default_catalog.templates
index ff00e38..a18d38f 100644
--- a/files/default_catalog.templates
+++ b/files/default_catalog.templates
@@ -12,10 +12,10 @@
catalog.RegionOne.compute.name = Compute Service
-catalog.RegionOne.computev3.publicURL = http://%SERVICE_HOST%:8774/v3
-catalog.RegionOne.computev3.adminURL = http://%SERVICE_HOST%:8774/v3
-catalog.RegionOne.computev3.internalURL = http://%SERVICE_HOST%:8774/v3
-catalog.RegionOne.computev3.name = Compute Service V3
+catalog.RegionOne.computev21.publicURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
+catalog.RegionOne.computev21.adminURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
+catalog.RegionOne.computev21.internalURL = http://%SERVICE_HOST%:8774/v2.1/$(tenant_id)s
+catalog.RegionOne.computev21.name = Compute Service V2.1
catalog.RegionOne.volume.publicURL = http://%SERVICE_HOST%:8776/v1/$(tenant_id)s
diff --git a/files/rpms-suse/general b/files/rpms-suse/general
index 82cb09d..0a4746f 100644
--- a/files/rpms-suse/general
+++ b/files/rpms-suse/general
@@ -5,6 +5,7 @@
euca2ools
gcc
git-core
+graphviz # testonly - docs
iputils
libopenssl-devel # to rebuild pyOpenSSL if needed
lsof # useful when debugging
diff --git a/files/rpms-suse/horizon b/files/rpms-suse/horizon
index d3bde26..fa7e439 100644
--- a/files/rpms-suse/horizon
+++ b/files/rpms-suse/horizon
@@ -12,7 +12,6 @@
python-coverage
python-dateutil
python-eventlet
-python-kombu
python-mox
python-nose
python-pylint
diff --git a/files/rpms-suse/keystone b/files/rpms-suse/keystone
index 403d82f..4c37ade 100644
--- a/files/rpms-suse/keystone
+++ b/files/rpms-suse/keystone
@@ -10,5 +10,6 @@
python-greenlet
python-lxml
python-mysql
+python-mysql-connector-python
python-pysqlite
sqlite3
diff --git a/files/rpms-suse/neutron b/files/rpms-suse/neutron
index d4841b1..8431bd1 100644
--- a/files/rpms-suse/neutron
+++ b/files/rpms-suse/neutron
@@ -4,12 +4,11 @@
iptables
iputils
mariadb # NOPRIME
-python-boto
python-eventlet
python-greenlet
python-iso8601
-python-kombu
python-mysql
+python-mysql-connector-python
python-Paste
python-PasteDeploy
python-pyudev
@@ -20,6 +19,7 @@
sqlite3
sudo
vlan
+radvd # NOPRIME
# FIXME: qpid is not part of openSUSE, those names are tentative
python-qpid # NOPRIME
diff --git a/files/rpms-suse/nova b/files/rpms-suse/nova
index 7a1160e..b1c4f6a 100644
--- a/files/rpms-suse/nova
+++ b/files/rpms-suse/nova
@@ -23,18 +23,17 @@
python-Routes
python-SQLAlchemy
python-Tempita
-python-boto
python-cheetah
python-eventlet
python-feedparser
python-greenlet
python-iso8601
-python-kombu
python-libxml2
python-lockfile
python-lxml # needed for glance which is needed for nova --- this shouldn't be here
python-mox
python-mysql
+python-mysql-connector-python
python-numpy # needed by websockify for spice console
python-paramiko
python-sqlalchemy-migrate
diff --git a/files/rpms-suse/q-agt b/files/rpms-suse/q-agt
new file mode 100644
index 0000000..ea8819e
--- /dev/null
+++ b/files/rpms-suse/q-agt
@@ -0,0 +1 @@
+ipset
diff --git a/files/rpms/general b/files/rpms/general
index 74997a8..d4a9fcb 100644
--- a/files/rpms/general
+++ b/files/rpms/general
@@ -4,6 +4,7 @@
euca2ools # only for testing client
gcc
git-core
+graphviz # testonly - docs
openssh-server
openssl
openssl-devel # to rebuild pyOpenSSL if needed
@@ -25,6 +26,7 @@
which
bc
libyaml-devel
+gettext # used for compiling message catalogs
# [1] : some of installed tools have unversioned dependencies on this,
# but others have versioned (<=0.7). So if a later version (0.7.1)
diff --git a/files/rpms/horizon b/files/rpms/horizon
index 92afed2..7add23a 100644
--- a/files/rpms/horizon
+++ b/files/rpms/horizon
@@ -4,13 +4,11 @@
pylint
python-anyjson
python-BeautifulSoup
-python-boto
python-coverage
python-dateutil
python-eventlet
python-greenlet
python-httplib2
-python-kombu
python-migrate
python-mox
python-nose
@@ -21,3 +19,4 @@
python-sqlalchemy
python-webob
pyxattr
+pcre-devel # pyScss
diff --git a/files/rpms/ironic b/files/rpms/ironic
index 0c81081..e646f3a 100644
--- a/files/rpms/ironic
+++ b/files/rpms/ironic
@@ -1,5 +1,7 @@
+docker-io
ipmitool
iptables
+ipxe-bootimgs
libguestfs
libvirt
libvirt-python
diff --git a/files/rpms/keystone b/files/rpms/keystone
index 7182091..ce41ee5 100644
--- a/files/rpms/keystone
+++ b/files/rpms/keystone
@@ -1,3 +1,4 @@
+MySQL-python
python-greenlet
libxslt-devel # dist:f20
python-lxml #dist:f19,f20
@@ -8,5 +9,6 @@
python-sqlalchemy
python-webob
sqlite
+mod_ssl
# Deps installed via pip for RHEL
diff --git a/files/rpms/marconi-server b/files/rpms/marconi-server
deleted file mode 100644
index d7b7ea8..0000000
--- a/files/rpms/marconi-server
+++ /dev/null
@@ -1,3 +0,0 @@
-selinux-policy-targeted
-mongodb-server
-pymongo
diff --git a/files/rpms/neutron b/files/rpms/neutron
index 15ed973..2c9dd3d 100644
--- a/files/rpms/neutron
+++ b/files/rpms/neutron
@@ -4,17 +4,17 @@
ebtables
iptables
iputils
+mysql-connector-python
+mysql-devel # testonly
mysql-server # NOPRIME
openvswitch # NOPRIME
-python-boto
python-eventlet
python-greenlet
python-iso8601
-python-kombu
#rhel6 gets via pip
python-paste # dist:f19,f20,rhel7
python-paste-deploy # dist:f19,f20,rhel7
-python-qpid
+python-qpid # NOPRIME
python-routes
python-sqlalchemy
python-suds
@@ -22,3 +22,4 @@
qpid-cpp-server # NOPRIME
sqlite
sudo
+radvd # NOPRIME
diff --git a/files/rpms/nova b/files/rpms/nova
index 6097991..f3261c6 100644
--- a/files/rpms/nova
+++ b/files/rpms/nova
@@ -11,20 +11,21 @@
kpartx
kvm # NOPRIME
libvirt-bin # NOPRIME
+libvirt-devel # NOPRIME
libvirt-python # NOPRIME
libxml2-python
numpy # needed by websockify for spice console
m2crypto
+mysql-connector-python
+mysql-devel # testonly
mysql-server # NOPRIME
parted
polkit
-python-boto
python-cheetah
python-eventlet
python-feedparser
python-greenlet
python-iso8601
-python-kombu
python-lockfile
python-migrate
python-mox
@@ -33,7 +34,7 @@
# pip we need
python-paste # dist:f19,f20,rhel7
python-paste-deploy # dist:f19,f20,rhel7
-python-qpid
+python-qpid # NOPRIME
python-routes
python-sqlalchemy
python-suds
diff --git a/files/rpms/q-agt b/files/rpms/q-agt
new file mode 100644
index 0000000..ea8819e
--- /dev/null
+++ b/files/rpms/q-agt
@@ -0,0 +1 @@
+ipset
diff --git a/files/rpms/q-l3 b/files/rpms/q-l3
new file mode 100644
index 0000000..a7a190c
--- /dev/null
+++ b/files/rpms/q-l3
@@ -0,0 +1,2 @@
+conntrack-tools
+keepalived
diff --git a/files/rpms/qpid b/files/rpms/qpid
new file mode 100644
index 0000000..9e3f10a
--- /dev/null
+++ b/files/rpms/qpid
@@ -0,0 +1,4 @@
+qpid-proton-c-devel # NOPRIME
+python-qpid-proton # NOPRIME
+cyrus-sasl-lib # NOPRIME
+
diff --git a/files/rpms/zaqar-server b/files/rpms/zaqar-server
new file mode 100644
index 0000000..69e8bfa
--- /dev/null
+++ b/files/rpms/zaqar-server
@@ -0,0 +1,5 @@
+selinux-policy-targeted
+mongodb-server
+pymongo
+redis # NOPRIME
+python-redis # NOPRIME
diff --git a/functions b/functions
index 1fa6346..bb40a48 100644
--- a/functions
+++ b/functions
@@ -21,29 +21,6 @@
declare -f -F $1 > /dev/null
}
-# Checks if installed Apache is <= given version
-# $1 = x.y.z (version string of Apache)
-function check_apache_version {
- local cmd="apachectl"
- if ! [[ -x $(which apachectl 2>/dev/null) ]]; then
- cmd="/usr/sbin/apachectl"
- fi
-
- local version=$($cmd -v | grep version | grep -Po 'Apache/\K[^ ]*')
- expr "$version" '>=' $1 > /dev/null
-}
-
-
-# Cleanup anything from /tmp on unstack
-# clean_tmp
-function cleanup_tmp {
- local tmp_dir=${TMPDIR:-/tmp}
-
- # see comments in pip_install
- sudo rm -rf ${tmp_dir}/pip-build.*
-}
-
-
# Retrieve an image from a URL and upload into Glance.
# Uses the following variables:
#
@@ -71,10 +48,10 @@
fi
image="$FILES/${image_fname}"
else
- # File based URL (RFC 1738): file://host/path
+ # File based URL (RFC 1738): ``file://host/path``
# Remote files are not considered here.
- # *nix: file:///home/user/path/file
- # windows: file:///C:/Documents%20and%20Settings/user/path/file
+ # unix: ``file:///home/user/path/file``
+ # windows: ``file:///C:/Documents%20and%20Settings/user/path/file``
image=$(echo $image_url | sed "s/^file:\/\///g")
if [[ ! -f $image || "$(stat -c "%s" $image)" == "0" ]]; then
echo "Not found: $image_url"
@@ -85,7 +62,7 @@
# OpenVZ-format images are provided as .tar.gz, but not decompressed prior to loading
if [[ "$image_url" =~ 'openvz' ]]; then
image_name="${image_fname%.tar.gz}"
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name" --is-public=True --container-format ami --disk-format ami < "${image}"
+ openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name" --public --container-format ami --disk-format ami < "${image}"
return
fi
@@ -123,7 +100,7 @@
if [[ "$vmdk_create_type" = "monolithicSparse" ]]; then
vmdk_disktype="sparse"
elif [[ "$vmdk_create_type" = "monolithicFlat" || "$vmdk_create_type" = "vmfs" ]]; then
- # Attempt to retrieve the *-flat.vmdk
+ # Attempt to retrieve the ``*-flat.vmdk``
local flat_fname="$(head -25 $image | { grep -G 'RW\|RDONLY [0-9]+ FLAT\|VMFS' $image || true; })"
flat_fname="${flat_fname#*\"}"
flat_fname="${flat_fname%?}"
@@ -196,7 +173,7 @@
vmdk_adapter_type="${props[1]:-$vmdk_adapter_type}"
vmdk_net_adapter="${props[2]:-$vmdk_net_adapter}"
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name" --is-public=True --container-format bare --disk-format vmdk --property vmware_disktype="$vmdk_disktype" --property vmware_adaptertype="$vmdk_adapter_type" --property hw_vif_model="$vmdk_net_adapter" < "${image}"
+ openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name" --public --container-format bare --disk-format vmdk --property vmware_disktype="$vmdk_disktype" --property vmware_adaptertype="$vmdk_adapter_type" --property hw_vif_model="$vmdk_net_adapter" < "${image}"
return
fi
@@ -212,11 +189,11 @@
# directly from volume.
force_vm_mode="--property vm_mode=xen"
fi
- glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name "$image_name" --is-public=True \
+ openstack \
+ --os-token $token \
+ --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \
+ image create \
+ "$image_name" --public \
--container-format=ovf --disk-format=vhd \
$force_vm_mode < "${image}"
return
@@ -227,11 +204,11 @@
# Setting metadata, so PV mode is used.
if [[ "$image_url" =~ '.xen-raw.tgz' ]]; then
image_name="${image_fname%.xen-raw.tgz}"
- glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name "$image_name" --is-public=True \
+ openstack \
+ --os-token $token \
+ --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT \
+ image create \
+ "$image_name" --public \
--container-format=tgz --disk-format=raw \
--property vm_mode=xen < "${image}"
return
@@ -289,6 +266,15 @@
disk_format=iso
container_format=bare
;;
+ *.vhd|*.vhdx|*.vhd.gz|*.vhdx.gz)
+ local extension="${image_fname#*.}"
+ image_name=$(basename "$image" ".$extension")
+ disk_format=vhd
+ container_format=bare
+ if [ "${image_fname##*.}" == "gz" ]; then
+ unpack=zcat
+ fi
+ ;;
*) echo "Do not know what to do with $image_fname"; false;;
esac
@@ -298,9 +284,9 @@
if [ "$container_format" = "bare" ]; then
if [ "$unpack" = "zcat" ]; then
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name" $img_property --is-public True --container-format=$container_format --disk-format $disk_format < <(zcat --force "${image}")
+ openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name" $img_property --public --container-format=$container_format --disk-format $disk_format < <(zcat --force "${image}")
else
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name" $img_property --is-public True --container-format=$container_format --disk-format $disk_format < "${image}"
+ openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name" $img_property --public --container-format=$container_format --disk-format $disk_format < "${image}"
fi
else
# Use glance client to add the kernel the root filesystem.
@@ -308,12 +294,12 @@
# kernel for use when uploading the root filesystem.
local kernel_id="" ramdisk_id="";
if [ -n "$kernel" ]; then
- kernel_id=$(glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name-kernel" $img_property --is-public True --container-format aki --disk-format aki < "$kernel" | grep ' id ' | get_field 2)
+ kernel_id=$(openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name-kernel" $img_property --public --container-format aki --disk-format aki < "$kernel" | grep ' id ' | get_field 2)
fi
if [ -n "$ramdisk" ]; then
- ramdisk_id=$(glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "$image_name-ramdisk" $img_property --is-public True --container-format ari --disk-format ari < "$ramdisk" | grep ' id ' | get_field 2)
+ ramdisk_id=$(openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "$image_name-ramdisk" $img_property --public --container-format ari --disk-format ari < "$ramdisk" | grep ' id ' | get_field 2)
fi
- glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT image-create --name "${image_name%.img}" $img_property --is-public True --container-format ami --disk-format ami ${kernel_id:+--property kernel_id=$kernel_id} ${ramdisk_id:+--property ramdisk_id=$ramdisk_id} < "${image}"
+ openstack --os-token $token --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image create "${image_name%.img}" $img_property --public --container-format ami --disk-format ami ${kernel_id:+--property kernel_id=$kernel_id} ${ramdisk_id:+--property ramdisk_id=$ramdisk_id} < "${image}"
fi
}
@@ -342,7 +328,7 @@
function wait_for_service {
local timeout=$1
local url=$2
- timeout $timeout sh -c "while ! curl --noproxy '*' -s $url >/dev/null; do sleep 1; done"
+ timeout $timeout sh -c "while ! curl -k --noproxy '*' -s $url >/dev/null; do sleep 1; done"
}
diff --git a/functions-common b/functions-common
index 5284056..9f8476e 100644
--- a/functions-common
+++ b/functions-common
@@ -19,6 +19,7 @@
#
# The following variables are assumed to be defined by certain functions:
#
+# - ``GIT_DEPTH``
# - ``ENABLED_SERVICES``
# - ``ERROR_ON_CLONE``
# - ``FILES``
@@ -31,11 +32,17 @@
# - ``TRACK_DEPENDS``
# - ``UNDO_REQUIREMENTS``
# - ``http_proxy``, ``https_proxy``, ``no_proxy``
+#
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
+# Global Config Variables
+declare -A GITREPO
+declare -A GITBRANCH
+declare -A GITDIR
+
# Config Functions
# ================
@@ -113,6 +120,33 @@
[ -n "$line" ]
}
+# Add another config line for a multi-line option.
+# It's normally called after iniset of the same option and assumes
+# that the section already exists.
+#
+# Note that iniset_multiline requires all the 'lines' to be supplied
+# in the argument list. Doing that will cause incorrect configuration
+# if spaces are used in the config values.
+#
+# iniadd_literal config-file section option value
+function iniadd_literal {
+ local xtrace=$(set +o | grep xtrace)
+ set +o xtrace
+ local file=$1
+ local section=$2
+ local option=$3
+ local value=$4
+
+ [[ -z $section || -z $option ]] && return
+
+ # Add it
+ sed -i -e "/^\[$section\]/ a\\
+$option = $value
+" "$file"
+
+ $xtrace
+}
+
# Set an option in an INI file
# iniset config-file section option value
function iniset {
@@ -466,6 +500,13 @@
[[ "$(uname -m)" == "$1" ]]
}
+# Quick check for a rackspace host; n.b. rackspace provided images
+# have these Xen tools installed but a custom image may not.
+function is_rackspace {
+ [ -f /usr/bin/xenstore-ls ] && \
+ sudo /usr/bin/xenstore-ls vm-data | grep -q "Rackspace"
+}
+
# Determine if current distribution is a Fedora-based distribution
# (Fedora, RHEL, CentOS, etc).
# is_fedora
@@ -509,8 +550,7 @@
# ``get_release_name_from_branch branch-name``
function get_release_name_from_branch {
local branch=$1
-
- if [[ $branch =~ "stable/" ]]; then
+ if [[ $branch =~ "stable/" || $branch =~ "proposed/" ]]; then
echo ${branch#*/}
else
echo "master"
@@ -523,16 +563,22 @@
# Set global ``RECLONE=yes`` to simulate a clone when dest-dir exists
# Set global ``ERROR_ON_CLONE=True`` to abort execution with an error if the git repo
# does not exist (default is False, meaning the repo will be cloned).
-# Uses globals ``ERROR_ON_CLONE``, ``OFFLINE``, ``RECLONE``
+# Set global ``GIT_DEPTH=<number>`` to limit the history depth of the git clone
+# Uses globals ``ERROR_ON_CLONE``, ``OFFLINE``, ``RECLONE``, ``GIT_DEPTH``
# git_clone remote dest-dir branch
function git_clone {
local git_remote=$1
local git_dest=$2
local git_ref=$3
local orig_dir=$(pwd)
+ local git_clone_flags=""
RECLONE=$(trueorfalse False $RECLONE)
+ if [[ -n "${GIT_DEPTH}" ]]; then
+ git_clone_flags="$git_clone_flags --depth $GIT_DEPTH"
+ fi
+
if [[ "$OFFLINE" = "True" ]]; then
echo "Running in offline mode, clones already exist"
# print out the results so we know what change was used in the logs
@@ -547,7 +593,7 @@
if [[ ! -d $git_dest ]]; then
[[ "$ERROR_ON_CLONE" = "True" ]] && \
die $LINENO "Cloning not allowed in this configuration"
- git_timed clone $git_remote $git_dest
+ git_timed clone $git_clone_flags $git_remote $git_dest
fi
cd $git_dest
git_timed fetch $git_remote $git_ref && git checkout FETCH_HEAD
@@ -556,7 +602,7 @@
if [[ ! -d $git_dest ]]; then
[[ "$ERROR_ON_CLONE" = "True" ]] && \
die $LINENO "Cloning not allowed in this configuration"
- git_timed clone $git_remote $git_dest
+ git_timed clone $git_clone_flags $git_remote $git_dest
cd $git_dest
# This checkout syntax works for both branches and tags
git checkout $git_ref
@@ -591,6 +637,18 @@
cd $orig_dir
}
+# A variation on git clone that lets us specify a project by it's
+# actual name, like oslo.config. This is exceptionally useful in the
+# library installation case
+function git_clone_by_name {
+ local name=$1
+ local repo=${GITREPO[$name]}
+ local dir=${GITDIR[$name]}
+ local branch=${GITBRANCH[$name]}
+ git_clone $repo $dir $branch
+}
+
+
# git can sometimes get itself infinitely stuck with transient network
# errors or other issues with the remote end. This wraps git in a
# timeout/retry loop and is intended to watch over non-local git
@@ -688,6 +746,13 @@
echo $host_ip
}
+# Generates hex string from ``size`` byte of pseudo random data
+# generate_hex_string size
+function generate_hex_string {
+ local size=$1
+ hexdump -n "$size" -v -e '/1 "%02x"' /dev/urandom
+}
+
# Grab a numbered field from python prettytable output
# Fields are numbered starting with 1
# Reverse syntax is supported: -1 is the last field, -2 is second to last, etc.
@@ -732,38 +797,70 @@
mv ${tmpfile} ${policy_file}
}
+# Gets or creates a domain
+# Usage: get_or_create_domain <name> <description>
+function get_or_create_domain {
+ local os_url="$KEYSTONE_SERVICE_URI/v3"
+ # Gets domain id
+ local domain_id=$(
+ # Gets domain id
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \
+ --os-identity-api-version=3 domain show $1 \
+ -f value -c id 2>/dev/null ||
+ # Creates new domain
+ openstack --os-token=$OS_TOKEN --os-url=$os_url \
+ --os-identity-api-version=3 domain create $1 \
+ --description "$2" \
+ -f value -c id
+ )
+ echo $domain_id
+}
+
# Gets or creates user
-# Usage: get_or_create_user <username> <password> <project> [<email>]
+# Usage: get_or_create_user <username> <password> <project> [<email> [<domain>]]
function get_or_create_user {
if [[ ! -z "$4" ]]; then
local email="--email=$4"
else
local email=""
fi
+ local os_cmd="openstack"
+ local domain=""
+ if [[ ! -z "$5" ]]; then
+ domain="--domain=$5"
+ os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI/v3 --os-identity-api-version=3"
+ fi
# Gets user id
local user_id=$(
# Gets user id
- openstack user show $1 -f value -c id 2>/dev/null ||
+ $os_cmd user show $1 $domain -f value -c id 2>/dev/null ||
# Creates new user
- openstack user create \
+ $os_cmd user create \
$1 \
--password "$2" \
--project $3 \
$email \
+ $domain \
-f value -c id
)
echo $user_id
}
# Gets or creates project
-# Usage: get_or_create_project <name>
+# Usage: get_or_create_project <name> [<domain>]
function get_or_create_project {
# Gets project id
+ local os_cmd="openstack"
+ local domain=""
+ if [[ ! -z "$2" ]]; then
+ domain="--domain=$2"
+ os_cmd="$os_cmd --os-url=$KEYSTONE_SERVICE_URI/v3 --os-identity-api-version=3"
+ fi
local project_id=$(
# Gets project id
- openstack project show $1 -f value -c id 2>/dev/null ||
+ $os_cmd project show $1 $domain -f value -c id 2>/dev/null ||
# Creates new project if not exists
- openstack project create $1 -f value -c id
+ $os_cmd project create $1 $domain -f value -c id
)
echo $project_id
}
@@ -896,6 +993,8 @@
local file_to_parse
local service
+ INSTALL_TESTONLY_PACKAGES=$(trueorfalse False $INSTALL_TESTONLY_PACKAGES)
+
if [[ -z "$package_dir" ]]; then
echo "No package directory supplied"
return 1
@@ -1121,11 +1220,14 @@
# fork. It includes the dirty work of closing extra filehandles and preparing log
# files to produce the same logs as screen_it(). The log filename is derived
# from the service name and global-and-now-misnamed ``SCREEN_LOGDIR``
-# Uses globals ``CURRENT_LOG_TIME``, ``SCREEN_LOGDIR``
-# _run_process service "command-line"
+# Uses globals ``CURRENT_LOG_TIME``, ``SCREEN_LOGDIR``, ``SCREEN_NAME``, ``SERVICE_DIR``
+# If an optional group is provided sg will be used to set the group of
+# the command.
+# _run_process service "command-line" [group]
function _run_process {
local service=$1
local command="$2"
+ local group=$3
# Undo logging redirections and close the extra descriptors
exec 1>&3
@@ -1134,15 +1236,23 @@
exec 6>&-
if [[ -n ${SCREEN_LOGDIR} ]]; then
- exec 1>&${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log 2>&1
- ln -sf ${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log ${SCREEN_LOGDIR}/screen-${1}.log
+ exec 1>&${SCREEN_LOGDIR}/screen-${service}.${CURRENT_LOG_TIME}.log 2>&1
+ ln -sf ${SCREEN_LOGDIR}/screen-${service}.${CURRENT_LOG_TIME}.log ${SCREEN_LOGDIR}/screen-${service}.log
# TODO(dtroyer): Hack to get stdout from the Python interpreter for the logs.
export PYTHONUNBUFFERED=1
fi
- exec /bin/bash -c "$command"
- die "$service exec failure: $command"
+ # Run under ``setsid`` to force the process to become a session and group leader.
+ # The pid saved can be used with pkill -g to get the entire process group.
+ if [[ -n "$group" ]]; then
+ setsid sg $group "$command" & echo $! >$SERVICE_DIR/$SCREEN_NAME/$service.pid
+ else
+ setsid $command & echo $! >$SERVICE_DIR/$SCREEN_NAME/$service.pid
+ fi
+
+ # Just silently exit this process
+ exit 0
}
# Helper to remove the ``*.failure`` files under ``$SERVICE_DIR/$SCREEN_NAME``.
@@ -1170,62 +1280,71 @@
return $exitcode
}
-# run_process() launches a child process that closes all file descriptors and
-# then exec's the passed in command. This is meant to duplicate the semantics
-# of screen_it() without screen. PIDs are written to
-# ``$SERVICE_DIR/$SCREEN_NAME/$service.pid``
-# run_process service "command-line"
+# Run a single service under screen or directly
+# If the command includes shell metachatacters (;<>*) it must be run using a shell
+# If an optional group is provided sg will be used to run the
+# command as that group.
+# run_process service "command-line" [group]
function run_process {
local service=$1
local command="$2"
+ local group=$3
- # Spawn the child process
- _run_process "$service" "$command" &
- echo $!
+ if is_service_enabled $service; then
+ if [[ "$USE_SCREEN" = "True" ]]; then
+ screen_process "$service" "$command" "$group"
+ else
+ # Spawn directly without screen
+ _run_process "$service" "$command" "$group" &
+ fi
+ fi
}
-# Helper to launch a service in a named screen
+# Helper to launch a process in a named screen
# Uses globals ``CURRENT_LOG_TIME``, ``SCREEN_NAME``, ``SCREEN_LOGDIR``,
# ``SERVICE_DIR``, ``USE_SCREEN``
-# screen_it service "command-line"
-function screen_it {
+# screen_process name "command-line" [group]
+# Run a command in a shell in a screen window, if an optional group
+# is provided, use sg to set the group of the command.
+function screen_process {
+ local name=$1
+ local command="$2"
+ local group=$3
+
SCREEN_NAME=${SCREEN_NAME:-stack}
SERVICE_DIR=${SERVICE_DIR:-${DEST}/status}
USE_SCREEN=$(trueorfalse True $USE_SCREEN)
- if is_service_enabled $1; then
- # Append the service to the screen rc file
- screen_rc "$1" "$2"
+ # Append the process to the screen rc file
+ screen_rc "$name" "$command"
- if [[ "$USE_SCREEN" = "True" ]]; then
- screen -S $SCREEN_NAME -X screen -t $1
+ screen -S $SCREEN_NAME -X screen -t $name
- if [[ -n ${SCREEN_LOGDIR} ]]; then
- screen -S $SCREEN_NAME -p $1 -X logfile ${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log
- screen -S $SCREEN_NAME -p $1 -X log on
- ln -sf ${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log ${SCREEN_LOGDIR}/screen-${1}.log
- fi
-
- # sleep to allow bash to be ready to be send the command - we are
- # creating a new window in screen and then sends characters, so if
- # bash isn't running by the time we send the command, nothing happens
- sleep 3
-
- NL=`echo -ne '\015'`
- # This fun command does the following:
- # - the passed server command is backgrounded
- # - the pid of the background process is saved in the usual place
- # - the server process is brought back to the foreground
- # - if the server process exits prematurely the fg command errors
- # and a message is written to stdout and the service failure file
- # The pid saved can be used in screen_stop() as a process group
- # id to kill off all child processes
- screen -S $SCREEN_NAME -p $1 -X stuff "$2 & echo \$! >$SERVICE_DIR/$SCREEN_NAME/$1.pid; fg || echo \"$1 failed to start\" | tee \"$SERVICE_DIR/$SCREEN_NAME/$1.failure\"$NL"
- else
- # Spawn directly without screen
- run_process "$1" "$2" >$SERVICE_DIR/$SCREEN_NAME/$1.pid
- fi
+ if [[ -n ${SCREEN_LOGDIR} ]]; then
+ screen -S $SCREEN_NAME -p $name -X logfile ${SCREEN_LOGDIR}/screen-${name}.${CURRENT_LOG_TIME}.log
+ screen -S $SCREEN_NAME -p $name -X log on
+ ln -sf ${SCREEN_LOGDIR}/screen-${name}.${CURRENT_LOG_TIME}.log ${SCREEN_LOGDIR}/screen-${name}.log
fi
+
+ # sleep to allow bash to be ready to be send the command - we are
+ # creating a new window in screen and then sends characters, so if
+ # bash isn't running by the time we send the command, nothing happens
+ sleep 3
+
+ NL=`echo -ne '\015'`
+ # This fun command does the following:
+ # - the passed server command is backgrounded
+ # - the pid of the background process is saved in the usual place
+ # - the server process is brought back to the foreground
+ # - if the server process exits prematurely the fg command errors
+ # and a message is written to stdout and the process failure file
+ #
+ # The pid saved can be used in stop_process() as a process group
+ # id to kill off all child processes
+ if [[ -n "$group" ]]; then
+ command="sg $group '$command'"
+ fi
+ screen -S $SCREEN_NAME -p $name -X stuff "$command & echo \$! >$SERVICE_DIR/$SCREEN_NAME/${name}.pid; fg || echo \"$name failed to start\" | tee \"$SERVICE_DIR/$SCREEN_NAME/${name}.failure\"$NL"
}
# Screen rc file builder
@@ -1261,21 +1380,41 @@
# If screen is being used kill the screen window; this will catch processes
# that did not leave a PID behind
# Uses globals ``SCREEN_NAME``, ``SERVICE_DIR``, ``USE_SCREEN``
-# screen_stop service
-function screen_stop {
+# screen_stop_service service
+function screen_stop_service {
+ local service=$1
+
SCREEN_NAME=${SCREEN_NAME:-stack}
SERVICE_DIR=${SERVICE_DIR:-${DEST}/status}
USE_SCREEN=$(trueorfalse True $USE_SCREEN)
- if is_service_enabled $1; then
+ if is_service_enabled $service; then
+ # Clean up the screen window
+ screen -S $SCREEN_NAME -p $service -X kill
+ fi
+}
+
+# Stop a service process
+# If a PID is available use it, kill the whole process group via TERM
+# If screen is being used kill the screen window; this will catch processes
+# that did not leave a PID behind
+# Uses globals ``SERVICE_DIR``, ``USE_SCREEN``
+# stop_process service
+function stop_process {
+ local service=$1
+
+ SERVICE_DIR=${SERVICE_DIR:-${DEST}/status}
+ USE_SCREEN=$(trueorfalse True $USE_SCREEN)
+
+ if is_service_enabled $service; then
# Kill via pid if we have one available
- if [[ -r $SERVICE_DIR/$SCREEN_NAME/$1.pid ]]; then
- pkill -TERM -P -$(cat $SERVICE_DIR/$SCREEN_NAME/$1.pid)
- rm $SERVICE_DIR/$SCREEN_NAME/$1.pid
+ if [[ -r $SERVICE_DIR/$SCREEN_NAME/$service.pid ]]; then
+ pkill -g $(cat $SERVICE_DIR/$SCREEN_NAME/$service.pid)
+ rm $SERVICE_DIR/$SCREEN_NAME/$service.pid
fi
if [[ "$USE_SCREEN" = "True" ]]; then
# Clean up the screen window
- screen -S $SCREEN_NAME -p $1 -X kill
+ screen_stop_service $service
fi
fi
}
@@ -1310,6 +1449,91 @@
fi
}
+# Tail a log file in a screen if USE_SCREEN is true.
+function tail_log {
+ local name=$1
+ local logfile=$2
+
+ USE_SCREEN=$(trueorfalse True $USE_SCREEN)
+ if [[ "$USE_SCREEN" = "True" ]]; then
+ screen_process "$name" "sudo tail -f $logfile"
+ fi
+}
+
+
+# Deprecated Functions
+# --------------------
+
+# _old_run_process() is designed to be backgrounded by old_run_process() to simulate a
+# fork. It includes the dirty work of closing extra filehandles and preparing log
+# files to produce the same logs as screen_it(). The log filename is derived
+# from the service name and global-and-now-misnamed ``SCREEN_LOGDIR``
+# Uses globals ``CURRENT_LOG_TIME``, ``SCREEN_LOGDIR``, ``SCREEN_NAME``, ``SERVICE_DIR``
+# _old_run_process service "command-line"
+function _old_run_process {
+ local service=$1
+ local command="$2"
+
+ # Undo logging redirections and close the extra descriptors
+ exec 1>&3
+ exec 2>&3
+ exec 3>&-
+ exec 6>&-
+
+ if [[ -n ${SCREEN_LOGDIR} ]]; then
+ exec 1>&${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log 2>&1
+ ln -sf ${SCREEN_LOGDIR}/screen-${1}.${CURRENT_LOG_TIME}.log ${SCREEN_LOGDIR}/screen-${1}.log
+
+ # TODO(dtroyer): Hack to get stdout from the Python interpreter for the logs.
+ export PYTHONUNBUFFERED=1
+ fi
+
+ exec /bin/bash -c "$command"
+ die "$service exec failure: $command"
+}
+
+# old_run_process() launches a child process that closes all file descriptors and
+# then exec's the passed in command. This is meant to duplicate the semantics
+# of screen_it() without screen. PIDs are written to
+# ``$SERVICE_DIR/$SCREEN_NAME/$service.pid`` by the spawned child process.
+# old_run_process service "command-line"
+function old_run_process {
+ local service=$1
+ local command="$2"
+
+ # Spawn the child process
+ _old_run_process "$service" "$command" &
+ echo $!
+}
+
+# Compatibility for existing start_XXXX() functions
+# Uses global ``USE_SCREEN``
+# screen_it service "command-line"
+function screen_it {
+ if is_service_enabled $1; then
+ # Append the service to the screen rc file
+ screen_rc "$1" "$2"
+
+ if [[ "$USE_SCREEN" = "True" ]]; then
+ screen_process "$1" "$2"
+ else
+ # Spawn directly without screen
+ old_run_process "$1" "$2" >$SERVICE_DIR/$SCREEN_NAME/$1.pid
+ fi
+ fi
+}
+
+# Compatibility for existing stop_XXXX() functions
+# Stop a service in screen
+# If a PID is available use it, kill the whole process group via TERM
+# If screen is being used kill the screen window; this will catch processes
+# that did not leave a PID behind
+# screen_stop service
+function screen_stop {
+ # Clean up the screen window
+ stop_process $1
+}
+
# Python Functions
# ================
@@ -1369,25 +1593,48 @@
pip_mirror_opt="--use-mirrors"
fi
- # pip < 1.4 has a bug where it will use an already existing build
- # directory unconditionally. Say an earlier component installs
- # foo v1.1; pip will have built foo's source in
- # /tmp/$USER-pip-build. Even if a later component specifies foo <
- # 1.1, the existing extracted build will be used and cause
- # confusing errors. By creating unique build directories we avoid
- # this problem. See https://github.com/pypa/pip/issues/709
- local pip_build_tmp=$(mktemp --tmpdir -d pip-build.XXXXX)
-
$xtrace
$sudo_pip PIP_DOWNLOAD_CACHE=${PIP_DOWNLOAD_CACHE:-/var/cache/pip} \
http_proxy=$http_proxy \
https_proxy=$https_proxy \
no_proxy=$no_proxy \
- $cmd_pip install --build=${pip_build_tmp} \
- $pip_mirror_opt $@ \
- && $sudo_pip rm -rf ${pip_build_tmp}
+ $cmd_pip install \
+ $pip_mirror_opt $@
+
+ INSTALL_TESTONLY_PACKAGES=$(trueorfalse False $INSTALL_TESTONLY_PACKAGES)
+ if [[ "$INSTALL_TESTONLY_PACKAGES" == "True" ]]; then
+ local test_req="$@/test-requirements.txt"
+ if [[ -e "$test_req" ]]; then
+ $sudo_pip PIP_DOWNLOAD_CACHE=${PIP_DOWNLOAD_CACHE:-/var/cache/pip} \
+ http_proxy=$http_proxy \
+ https_proxy=$https_proxy \
+ no_proxy=$no_proxy \
+ $cmd_pip install \
+ $pip_mirror_opt -r $test_req
+ fi
+ fi
}
+# should we use this library from their git repo, or should we let it
+# get pulled in via pip dependencies.
+function use_library_from_git {
+ local name=$1
+ local enabled=1
+ [[ ,${LIBS_FROM_GIT}, =~ ,${name}, ]] && enabled=0
+ return $enabled
+}
+
+# setup a library by name. If we are trying to use the library from
+# git, we'll do a git based install, otherwise we'll punt and the
+# library should be installed by a requirements pull from another
+# project.
+function setup_lib {
+ local name=$1
+ local dir=${GITDIR[$name]}
+ setup_install $dir
+}
+
+
# this should be used if you want to install globally, all libraries should
# use this, especially *oslo* ones
function setup_install {
@@ -1401,6 +1648,16 @@
setup_package_with_req_sync $project_dir -e
}
+# determine if a project as specified by directory is in
+# projects.txt. This will not be an exact match because we throw away
+# the namespacing when we clone, but it should be good enough in all
+# practical ways.
+function is_in_projects_txt {
+ local project_dir=$1
+ local project_name=$(basename $project_dir)
+ return grep "/$project_name\$" $REQUIREMENTS_DIR/projects.txt >/dev/null
+}
+
# ``pip install -e`` the package, which processes the dependencies
# using pip before running `setup.py develop`
#
@@ -1419,8 +1676,19 @@
local update_requirements=$(cd $project_dir && git diff --exit-code >/dev/null || echo "changed")
if [[ $update_requirements != "changed" ]]; then
- (cd $REQUIREMENTS_DIR; \
- python update.py $project_dir)
+ if [[ "$REQUIREMENTS_MODE" == "soft" ]]; then
+ if is_in_projects_txt $project_dir; then
+ (cd $REQUIREMENTS_DIR; \
+ python update.py $project_dir)
+ else
+ # soft update projects not found in requirements project.txt
+ (cd $REQUIREMENTS_DIR; \
+ python update.py -s $project_dir)
+ fi
+ else
+ (cd $REQUIREMENTS_DIR; \
+ python update.py $project_dir)
+ fi
fi
setup_package $project_dir $flags
@@ -1580,6 +1848,7 @@
# are implemented
[[ ${service} == n-cell-* && ${ENABLED_SERVICES} =~ "n-cell" ]] && enabled=0
+ [[ ${service} == n-cpu-* && ${ENABLED_SERVICES} =~ "n-cpu" ]] && enabled=0
[[ ${service} == "nova" && ${ENABLED_SERVICES} =~ "n-" ]] && enabled=0
[[ ${service} == "cinder" && ${ENABLED_SERVICES} =~ "c-" ]] && enabled=0
[[ ${service} == "ceilometer" && ${ENABLED_SERVICES} =~ "ceilometer-" ]] && enabled=0
@@ -1589,6 +1858,7 @@
[[ ${service} == "trove" && ${ENABLED_SERVICES} =~ "tr-" ]] && enabled=0
[[ ${service} == "swift" && ${ENABLED_SERVICES} =~ "s-" ]] && enabled=0
[[ ${service} == s-* && ${ENABLED_SERVICES} =~ "swift" ]] && enabled=0
+ [[ ${service} == key-* && ${ENABLED_SERVICES} =~ "key" ]] && enabled=0
done
$xtrace
return $enabled
diff --git a/lib/apache b/lib/apache
index f4f82a1..2c43681 100644
--- a/lib/apache
+++ b/lib/apache
@@ -59,6 +59,33 @@
else
exit_distro_not_supported "apache installation"
fi
+
+ # ensure mod_version enabled for <IfVersion ...>. This is
+ # built-in statically on anything recent, but precise (2.2)
+ # doesn't have it enabled
+ sudo a2enmod version || true
+}
+
+# get_apache_version() - return the version of Apache installed
+# This function is used to determine the Apache version installed. There are
+# various differences between Apache 2.2 and 2.4 that warrant special handling.
+function get_apache_version {
+ if is_ubuntu; then
+ local version_str=$(sudo /usr/sbin/apache2ctl -v | awk '/Server version/ {print $3}' | cut -f2 -d/)
+ elif is_fedora; then
+ local version_str=$(rpm -qa --queryformat '%{VERSION}' httpd)
+ elif is_suse; then
+ local version_str=$(rpm -qa --queryformat '%{VERSION}' apache2)
+ else
+ exit_distro_not_supported "cannot determine apache version"
+ fi
+ if [[ "$version_str" =~ ^2\.2\. ]]; then
+ echo "2.2"
+ elif [[ "$version_str" =~ ^2\.4\. ]]; then
+ echo "2.4"
+ else
+ exit_distro_not_supported "apache version not supported"
+ fi
}
# apache_site_config_for() - The filename of the site's configuration file.
@@ -87,8 +114,8 @@
function apache_site_config_for {
local site=$@
if is_ubuntu; then
- local apache_version=$(sudo /usr/sbin/apache2ctl -v | awk '/Server version/ {print $3}' | cut -f2 -d/)
- if [[ "$apache_version" =~ ^2\.2\. ]]; then
+ local apache_version=$(get_apache_version)
+ if [[ "$apache_version" == "2.2" ]]; then
# Ubuntu 12.04 - Apache 2.2
echo $APACHE_CONF_DIR/${site}
else
diff --git a/lib/baremetal b/lib/baremetal
index adcbe4c..af90c06 100644
--- a/lib/baremetal
+++ b/lib/baremetal
@@ -127,10 +127,6 @@
BM_FLAVOR_ARCH=${BM_FLAVOR_ARCH:-$BM_CPU_ARCH}
-# Below this, we set some path and filenames.
-# Defaults are probably sufficient.
-DIB_DIR=${DIB_DIR:-$DEST/diskimage-builder}
-
# Use DIB to create deploy ramdisk and kernel.
BM_BUILD_DEPLOY_RAMDISK=`trueorfalse True $BM_BUILD_DEPLOY_RAMDISK`
# If not use DIB, these files are used as deploy ramdisk/kernel.
@@ -165,8 +161,9 @@
# Install diskimage-builder and shell-in-a-box
# so that we can build the deployment kernel & ramdisk
function prepare_baremetal_toolchain {
- git_clone $DIB_REPO $DIB_DIR $DIB_BUILD_BRANCH
-
+ if [[ $(type -P ramdisk-image-create) == "" ]]; then
+ pip_install diskimage_builder
+ fi
local shellinabox_basename=$(basename $BM_SHELL_IN_A_BOX)
if [[ ! -e $DEST/$shellinabox_basename ]]; then
cd $DEST
@@ -223,25 +220,27 @@
BM_DEPLOY_KERNEL=bm-deploy.kernel
BM_DEPLOY_RAMDISK=bm-deploy.initramfs
if [ ! -e "$TOP_DIR/files/$BM_DEPLOY_KERNEL" -o ! -e "$TOP_DIR/files/$BM_DEPLOY_RAMDISK" ]; then
- $DIB_DIR/bin/ramdisk-image-create $BM_DEPLOY_FLAVOR \
+ ramdisk-image-create $BM_DEPLOY_FLAVOR \
-o $TOP_DIR/files/bm-deploy
fi
fi
# load them into glance
- BM_DEPLOY_KERNEL_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $BM_DEPLOY_KERNEL \
- --is-public True --disk-format=aki \
+ BM_DEPLOY_KERNEL_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $BM_DEPLOY_KERNEL \
+ --public --disk-format=aki \
+ --container-format=aki \
< $TOP_DIR/files/$BM_DEPLOY_KERNEL | grep ' id ' | get_field 2)
- BM_DEPLOY_RAMDISK_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $BM_DEPLOY_RAMDISK \
- --is-public True --disk-format=ari \
+ BM_DEPLOY_RAMDISK_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $BM_DEPLOY_RAMDISK \
+ --public --disk-format=ari \
+ --container-format=ari \
< $TOP_DIR/files/$BM_DEPLOY_RAMDISK | grep ' id ' | get_field 2)
}
@@ -271,7 +270,7 @@
image_name=$(basename "$file" ".qcow2")
# this call returns the file names as "$kernel,$ramdisk"
- out=$($DIB_DIR/bin/disk-image-get-kernel \
+ out=$(disk-image-get-kernel \
-x -d $TOP_DIR/files -o bm-deploy -i $file)
if [ $? -ne 0 ]; then
die $LINENO "Failed to get kernel and ramdisk from $file"
@@ -284,19 +283,21 @@
OUT_RAMDISK=${out##*,}
# load them into glance
- KERNEL_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $image_name-kernel \
- --is-public True --disk-format=aki \
+ KERNEL_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $image_name-kernel \
+ --public --disk-format=aki \
+ --container-format=aki \
< $TOP_DIR/files/$OUT_KERNEL | grep ' id ' | get_field 2)
- RAMDISK_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $image_name-initrd \
- --is-public True --disk-format=ari \
+ RAMDISK_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $image_name-initrd \
+ --public --disk-format=ari \
+ --container-format=ari \
< $TOP_DIR/files/$OUT_RAMDISK | grep ' id ' | get_field 2)
}
@@ -362,18 +363,18 @@
if [ "$CONTAINER_FORMAT" = "bare" ]; then
extract_and_upload_k_and_r_from_image $token $IMAGE
elif [ "$CONTAINER_FORMAT" = "ami" ]; then
- KERNEL_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name "$IMAGE_NAME-kernel" --is-public True \
+ KERNEL_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ "$IMAGE_NAME-kernel" --public \
--container-format aki \
--disk-format aki < "$KERNEL" | grep ' id ' | get_field 2)
- RAMDISK_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name "$IMAGE_NAME-ramdisk" --is-public True \
+ RAMDISK_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ "$IMAGE_NAME-ramdisk" --public \
--container-format ari \
--disk-format ari < "$RAMDISK" | grep ' id ' | get_field 2)
else
@@ -381,11 +382,11 @@
return
fi
- glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name "${IMAGE_NAME%.img}" --is-public True \
+ openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ "${IMAGE_NAME%.img}" --public \
--container-format $CONTAINER_FORMAT \
--disk-format $DISK_FORMAT \
${KERNEL_ID:+--property kernel_id=$KERNEL_ID} \
diff --git a/lib/ceilometer b/lib/ceilometer
index 54d95c5..483cd27 100644
--- a/lib/ceilometer
+++ b/lib/ceilometer
@@ -41,6 +41,7 @@
CEILOMETER_CONF=$CEILOMETER_CONF_DIR/ceilometer.conf
CEILOMETER_API_LOG_DIR=/var/log/ceilometer-api
CEILOMETER_AUTH_CACHE_DIR=${CEILOMETER_AUTH_CACHE_DIR:-/var/cache/ceilometer}
+CEILOMETER_WSGI_DIR=${CEILOMETER_WSGI_DIR:-/var/www/ceilometer}
# Support potential entry-points console scripts
CEILOMETER_BIN_DIR=$(get_python_exec_prefix)
@@ -52,6 +53,7 @@
CEILOMETER_SERVICE_PROTOCOL=http
CEILOMETER_SERVICE_HOST=$SERVICE_HOST
CEILOMETER_SERVICE_PORT=${CEILOMETER_SERVICE_PORT:-8777}
+CEILOMETER_USE_MOD_WSGI=$(trueorfalse False $CEILOMETER_USE_MOD_WSGI)
# To enable OSprofiler change value of this variable to "notifications,profiler"
CEILOMETER_NOTIFICATION_TOPICS=${CEILOMETER_NOTIFICATION_TOPICS:-notifications}
@@ -71,27 +73,26 @@
}
# create_ceilometer_accounts() - Set up common required ceilometer accounts
-
+#
# Project User Roles
# ------------------------------------------------------------------
# SERVICE_TENANT_NAME ceilometer admin
# SERVICE_TENANT_NAME ceilometer ResellerAdmin (if Swift is enabled)
+function create_ceilometer_accounts {
-create_ceilometer_accounts() {
-
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
# Ceilometer
if [[ "$ENABLED_SERVICES" =~ "ceilometer-api" ]]; then
- CEILOMETER_USER=$(get_or_create_user "ceilometer" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $CEILOMETER_USER $SERVICE_TENANT
+ local ceilometer_user=$(get_or_create_user "ceilometer" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $ceilometer_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- CEILOMETER_SERVICE=$(get_or_create_service "ceilometer" \
+ local ceilometer_service=$(get_or_create_service "ceilometer" \
"metering" "OpenStack Telemetry Service")
- get_or_create_endpoint $CEILOMETER_SERVICE \
+ get_or_create_endpoint $ceilometer_service \
"$REGION_NAME" \
"$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
"$CEILOMETER_SERVICE_PROTOCOL://$CEILOMETER_SERVICE_HOST:$CEILOMETER_SERVICE_PORT/" \
@@ -105,12 +106,39 @@
}
+# _cleanup_keystone_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
+function _cleanup_ceilometer_apache_wsgi {
+ sudo rm -f $CEILOMETER_WSGI_DIR/*
+ sudo rm -f $(apache_site_config_for ceilometer)
+}
+
# cleanup_ceilometer() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_ceilometer {
if [ "$CEILOMETER_BACKEND" != 'mysql' ] && [ "$CEILOMETER_BACKEND" != 'postgresql' ] ; then
mongo ceilometer --eval "db.dropDatabase();"
fi
+ if [ "$CEILOMETER_USE_MOD_WSGI" == "True" ]; then
+ _cleanup_ceilometer_apache_wsgi
+ fi
+}
+
+function _config_ceilometer_apache_wsgi {
+ sudo mkdir -p $CEILOMETER_WSGI_DIR
+
+ local ceilometer_apache_conf=$(apache_site_config_for ceilometer)
+ local apache_version=$(get_apache_version)
+
+ # copy proxy vhost and wsgi file
+ sudo cp $CEILOMETER_DIR/ceilometer/api/app.wsgi $CEILOMETER_WSGI_DIR/app
+
+ sudo cp $FILES/apache-ceilometer.template $ceilometer_apache_conf
+ sudo sed -e "
+ s|%PORT%|$CEILOMETER_SERVICE_PORT|g;
+ s|%APACHE_NAME%|$APACHE_NAME|g;
+ s|%WSGIAPP%|$CEILOMETER_WSGI_DIR/app|g;
+ s|%USER%|$STACK_USER|g
+ " -i $ceilometer_apache_conf
}
# configure_ceilometer() - Set config files, create data dirs, etc
@@ -127,6 +155,11 @@
iniset $CEILOMETER_CONF DEFAULT verbose True
iniset $CEILOMETER_CONF DEFAULT debug "$ENABLE_DEBUG_LOG_LEVEL"
+ if [[ -n "$CEILOMETER_COORDINATION_URL" ]]; then
+ iniset $CEILOMETER_CONF coordination backend_url $CEILOMETER_COORDINATION_URL
+ iniset $CEILOMETER_CONF compute workload_partitioning True
+ fi
+
# Install the policy file for the API server
cp $CEILOMETER_DIR/etc/ceilometer/policy.json $CEILOMETER_CONF_DIR
iniset $CEILOMETER_CONF DEFAULT policy_file $CEILOMETER_CONF_DIR/policy.json
@@ -146,14 +179,11 @@
iniset $CEILOMETER_CONF service_credentials os_password $SERVICE_PASSWORD
iniset $CEILOMETER_CONF service_credentials os_tenant_name $SERVICE_TENANT_NAME
- iniset $CEILOMETER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $CEILOMETER_CONF keystone_authtoken admin_user ceilometer
- iniset $CEILOMETER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $CEILOMETER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $CEILOMETER_CONF keystone_authtoken signing_dir $CEILOMETER_AUTH_CACHE_DIR
+ configure_auth_token_middleware $CEILOMETER_CONF ceilometer $CEILOMETER_AUTH_CACHE_DIR
if [ "$CEILOMETER_BACKEND" = 'mysql' ] || [ "$CEILOMETER_BACKEND" = 'postgresql' ] ; then
- iniset $CEILOMETER_CONF database connection `database_connection_url ceilometer`
+ iniset $CEILOMETER_CONF database connection $(database_connection_url ceilometer)
+ iniset $CEILOMETER_CONF DEFAULT collector_workers $API_WORKERS
else
iniset $CEILOMETER_CONF database connection mongodb://localhost:27017/ceilometer
configure_mongodb
@@ -166,6 +196,11 @@
iniset $CEILOMETER_CONF vmware host_username "$VMWAREAPI_USER"
iniset $CEILOMETER_CONF vmware host_password "$VMWAREAPI_PASSWORD"
fi
+
+ if [ "$CEILOMETER_USE_MOD_WSGI" == "True" ]; then
+ iniset $CEILOMETER_CONF api pecan_debug "False"
+ _config_ceilometer_apache_wsgi
+ fi
}
function configure_mongodb {
@@ -207,11 +242,28 @@
fi
}
+# install_redis() - Install the redis server.
+function install_redis {
+ if is_ubuntu; then
+ install_package redis-server
+ else
+ # This will fail (correctly) where a redis package is unavailable
+ install_package redis
+ fi
+
+ restart_service redis
+}
+
# install_ceilometer() - Collect source and prepare
function install_ceilometer {
git_clone $CEILOMETER_REPO $CEILOMETER_DIR $CEILOMETER_BRANCH
setup_develop $CEILOMETER_DIR
+ if echo $CEILOMETER_COORDINATION_URL | grep -q '^memcached:'; then
+ install_package memcached
+ elif echo $CEILOMETER_COORDINATION_URL | grep -q '^redis:'; then
+ install_redis
+ fi
}
# install_ceilometerclient() - Collect source and prepare
@@ -223,16 +275,28 @@
# start_ceilometer() - Start running processes, including screen
function start_ceilometer {
+ run_process ceilometer-acentral "ceilometer-agent-central --config-file $CEILOMETER_CONF"
+ run_process ceilometer-anotification "ceilometer-agent-notification --config-file $CEILOMETER_CONF"
+ run_process ceilometer-collector "ceilometer-collector --config-file $CEILOMETER_CONF"
+
+ if [[ "$CEILOMETER_USE_MOD_WSGI" == "False" ]]; then
+ run_process ceilometer-api "ceilometer-api -d -v --log-dir=$CEILOMETER_API_LOG_DIR --config-file $CEILOMETER_CONF"
+ else
+ enable_apache_site ceilometer
+ restart_apache_server
+ tail_log ceilometer /var/log/$APACHE_NAME/ceilometer.log
+ tail_log ceilometer-api /var/log/$APACHE_NAME/ceilometer_access.log
+ fi
+
+
+ # Start the compute agent last to allow time for the collector to
+ # fully wake up and connect to the message bus. See bug #1355809
if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
- screen_it ceilometer-acompute "cd ; sg $LIBVIRT_GROUP 'ceilometer-agent-compute --config-file $CEILOMETER_CONF'"
+ run_process ceilometer-acompute "ceilometer-agent-compute --config-file $CEILOMETER_CONF" $LIBVIRT_GROUP
fi
if [[ "$VIRT_DRIVER" = 'vsphere' ]]; then
- screen_it ceilometer-acompute "cd ; ceilometer-agent-compute --config-file $CEILOMETER_CONF"
+ run_process ceilometer-acompute "ceilometer-agent-compute --config-file $CEILOMETER_CONF"
fi
- screen_it ceilometer-acentral "cd ; ceilometer-agent-central --config-file $CEILOMETER_CONF"
- screen_it ceilometer-anotification "cd ; ceilometer-agent-notification --config-file $CEILOMETER_CONF"
- screen_it ceilometer-collector "cd ; ceilometer-collector --config-file $CEILOMETER_CONF"
- screen_it ceilometer-api "cd ; ceilometer-api -d -v --log-dir=$CEILOMETER_API_LOG_DIR --config-file $CEILOMETER_CONF"
# only die on API if it was actually intended to be turned on
if is_service_enabled ceilometer-api; then
@@ -242,15 +306,19 @@
fi
fi
- screen_it ceilometer-alarm-notifier "cd ; ceilometer-alarm-notifier --config-file $CEILOMETER_CONF"
- screen_it ceilometer-alarm-evaluator "cd ; ceilometer-alarm-evaluator --config-file $CEILOMETER_CONF"
+ run_process ceilometer-alarm-notifier "ceilometer-alarm-notifier --config-file $CEILOMETER_CONF"
+ run_process ceilometer-alarm-evaluator "ceilometer-alarm-evaluator --config-file $CEILOMETER_CONF"
}
# stop_ceilometer() - Stop running processes
function stop_ceilometer {
+ if [ "$CEILOMETER_USE_MOD_WSGI" == "True" ]; then
+ disable_apache_site ceilometer
+ restart_apache_server
+ fi
# Kill the ceilometer screen windows
for serv in ceilometer-acompute ceilometer-acentral ceilometer-anotification ceilometer-collector ceilometer-api ceilometer-alarm-notifier ceilometer-alarm-evaluator; do
- screen_stop $serv
+ stop_process $serv
done
}
diff --git a/lib/ceph b/lib/ceph
index 32a4760..e55738c 100644
--- a/lib/ceph
+++ b/lib/ceph
@@ -36,7 +36,7 @@
# Ceph data. Set ``CEPH_LOOPBACK_DISK_SIZE`` to the disk size in
# kilobytes.
# Default is 1 gigabyte.
-CEPH_LOOPBACK_DISK_SIZE_DEFAULT=2G
+CEPH_LOOPBACK_DISK_SIZE_DEFAULT=4G
CEPH_LOOPBACK_DISK_SIZE=${CEPH_LOOPBACK_DISK_SIZE:-$CEPH_LOOPBACK_DISK_SIZE_DEFAULT}
# Common
@@ -197,11 +197,16 @@
fi
sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create client.${GLANCE_CEPH_USER} mon "allow r" osd "allow class-read object_prefix rbd_children, allow rwx pool=${GLANCE_CEPH_POOL}" | sudo tee ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring
sudo chown ${STACK_USER}:$(id -g -n $whoami) ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring
+
+ # NOTE(eharney): When Glance has fully migrated to Glance store,
+ # default_store can be removed from [DEFAULT]. (See lib/glance.)
iniset $GLANCE_API_CONF DEFAULT default_store rbd
- iniset $GLANCE_API_CONF DEFAULT rbd_store_ceph_conf $CEPH_CONF_FILE
- iniset $GLANCE_API_CONF DEFAULT rbd_store_user $GLANCE_CEPH_USER
- iniset $GLANCE_API_CONF DEFAULT rbd_store_pool $GLANCE_CEPH_POOL
iniset $GLANCE_API_CONF DEFAULT show_image_direct_url True
+ iniset $GLANCE_API_CONF glance_store default_store rbd
+ iniset $GLANCE_API_CONF glance_store stores "file, http, rbd"
+ iniset $GLANCE_API_CONF glance_store rbd_store_ceph_conf $CEPH_CONF_FILE
+ iniset $GLANCE_API_CONF glance_store rbd_store_user $GLANCE_CEPH_USER
+ iniset $GLANCE_API_CONF glance_store rbd_store_pool $GLANCE_CEPH_POOL
}
# configure_ceph_nova() - Nova config needs to come after Nova is set up
@@ -220,6 +225,11 @@
iniset $NOVA_CONF libvirt images_type rbd
iniset $NOVA_CONF libvirt images_rbd_pool ${NOVA_CEPH_POOL}
iniset $NOVA_CONF libvirt images_rbd_ceph_conf ${CEPH_CONF_FILE}
+
+ if ! is_service_enabled cinder; then
+ sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create client.${CINDER_CEPH_USER} mon "allow r" osd "allow class-read object_prefix rbd_children, allow rwx pool=${CINDER_CEPH_POOL}, allow rwx pool=${NOVA_CEPH_POOL},allow rx pool=${GLANCE_CEPH_POOL}" | sudo tee ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring > /dev/null
+ sudo chown ${STACK_USER}:$(id -g -n $whoami) ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring
+ fi
}
# configure_ceph_cinder() - Cinder config needs to come after Cinder is set up
diff --git a/lib/cinder b/lib/cinder
index 38ce4d6..29cda42 100644
--- a/lib/cinder
+++ b/lib/cinder
@@ -46,6 +46,9 @@
CINDER_API_PASTE_INI=$CINDER_CONF_DIR/api-paste.ini
# Public facing bits
+if is_ssl_enabled_service "cinder" || is_service_enabled tls-proxy; then
+ CINDER_SERVICE_PROTOCOL="https"
+fi
CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST}
CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
CINDER_SERVICE_PORT_INT=${CINDER_SERVICE_PORT_INT:-18776}
@@ -96,10 +99,10 @@
# Source the enabled backends
if is_service_enabled c-vol && [[ -n "$CINDER_ENABLED_BACKENDS" ]]; then
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
- BE_TYPE=${be%%:*}
- BE_NAME=${be##*:}
- if [[ -r $CINDER_BACKENDS/${BE_TYPE} ]]; then
- source $CINDER_BACKENDS/${BE_TYPE}
+ be_type=${be%%:*}
+ be_name=${be##*:}
+ if [[ -r $CINDER_BACKENDS/${be_type} ]]; then
+ source $CINDER_BACKENDS/${be_type}
fi
done
fi
@@ -120,7 +123,7 @@
function cleanup_cinder {
# ensure the volume group is cleared up because fails might
# leave dead volumes in the group
- TARGETS=$(sudo tgtadm --op show --mode target)
+ local targets=$(sudo tgtadm --op show --mode target)
if [ $? -ne 0 ]; then
# If tgt driver isn't running this won't work obviously
# So check the response and restart if need be
@@ -130,11 +133,11 @@
else
restart_service tgtd
fi
- TARGETS=$(sudo tgtadm --op show --mode target)
+ targets=$(sudo tgtadm --op show --mode target)
fi
- if [[ -n "$TARGETS" ]]; then
- iqn_list=( $(grep --no-filename -r iqn $SCSI_PERSIST_DIR | sed 's/<target //' | sed 's/>//') )
+ if [[ -n "$targets" ]]; then
+ local iqn_list=( $(grep --no-filename -r iqn $SCSI_PERSIST_DIR | sed 's/<target //' | sed 's/>//') )
for i in "${iqn_list[@]}"; do
echo removing iSCSI target: $i
sudo tgt-admin --delete $i
@@ -148,11 +151,12 @@
fi
if is_service_enabled c-vol && [[ -n "$CINDER_ENABLED_BACKENDS" ]]; then
+ local be be_name be_type
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
- BE_TYPE=${be%%:*}
- BE_NAME=${be##*:}
- if type cleanup_cinder_backend_${BE_TYPE} >/dev/null 2>&1; then
- cleanup_cinder_backend_${BE_TYPE} ${BE_NAME}
+ be_type=${be%%:*}
+ be_name=${be##*:}
+ if type cleanup_cinder_backend_${be_type} >/dev/null 2>&1; then
+ cleanup_cinder_backend_${be_type} ${be_name}
fi
done
fi
@@ -161,7 +165,7 @@
# configure_cinder_rootwrap() - configure Cinder's rootwrap
function configure_cinder_rootwrap {
# Set the paths of certain binaries
- CINDER_ROOTWRAP=$(get_rootwrap_location cinder)
+ local cinder_rootwrap=$(get_rootwrap_location cinder)
# Deploy new rootwrap filters files (owned by root).
# Wipe any existing rootwrap.d files first
@@ -179,14 +183,14 @@
sudo chown root:root $CINDER_CONF_DIR/rootwrap.conf
sudo chmod 0644 $CINDER_CONF_DIR/rootwrap.conf
# Specify rootwrap.conf as first parameter to rootwrap
- ROOTWRAP_CSUDOER_CMD="$CINDER_ROOTWRAP $CINDER_CONF_DIR/rootwrap.conf *"
+ ROOTWRAP_CSUDOER_CMD="$cinder_rootwrap $CINDER_CONF_DIR/rootwrap.conf *"
# Set up the rootwrap sudoers for cinder
- TEMPFILE=`mktemp`
- echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_CSUDOER_CMD" >$TEMPFILE
- chmod 0440 $TEMPFILE
- sudo chown root:root $TEMPFILE
- sudo mv $TEMPFILE /etc/sudoers.d/cinder-rootwrap
+ local tempfile=`mktemp`
+ echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_CSUDOER_CMD" >$tempfile
+ chmod 0440 $tempfile
+ sudo chown root:root $tempfile
+ sudo mv $tempfile /etc/sudoers.d/cinder-rootwrap
}
# configure_cinder() - Set config files, create data dirs, etc
@@ -211,12 +215,7 @@
inicomment $CINDER_API_PASTE_INI filter:authtoken admin_password
inicomment $CINDER_API_PASTE_INI filter:authtoken signing_dir
- iniset $CINDER_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $CINDER_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
- iniset $CINDER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $CINDER_CONF keystone_authtoken admin_user cinder
- iniset $CINDER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $CINDER_CONF keystone_authtoken signing_dir $CINDER_AUTH_CACHE_DIR
+ configure_auth_token_middleware $CINDER_CONF cinder $CINDER_AUTH_CACHE_DIR
iniset $CINDER_CONF DEFAULT auth_strategy keystone
iniset $CINDER_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
@@ -237,18 +236,19 @@
iniset $CINDER_CONF DEFAULT enable_v1_api true
if is_service_enabled c-vol && [[ -n "$CINDER_ENABLED_BACKENDS" ]]; then
- enabled_backends=""
- default_name=""
+ local enabled_backends=""
+ local default_name=""
+ local be be_name be_type
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
- BE_TYPE=${be%%:*}
- BE_NAME=${be##*:}
- if type configure_cinder_backend_${BE_TYPE} >/dev/null 2>&1; then
- configure_cinder_backend_${BE_TYPE} ${BE_NAME}
+ be_type=${be%%:*}
+ be_name=${be##*:}
+ if type configure_cinder_backend_${be_type} >/dev/null 2>&1; then
+ configure_cinder_backend_${be_type} ${be_name}
fi
if [[ -z "$default_name" ]]; then
- default_name=$BE_NAME
+ default_name=$be_name
fi
- enabled_backends+=$BE_NAME,
+ enabled_backends+=$be_name,
done
iniset $CINDER_CONF DEFAULT enabled_backends ${enabled_backends%,*}
if [[ -n "$default_name" ]]; then
@@ -300,10 +300,22 @@
-e 's/snapshot_autoextend_percent =.*/snapshot_autoextend_percent = 20/' \
/etc/lvm/lvm.conf
fi
- configure_API_version $CINDER_CONF $IDENTITY_API_VERSION
- iniset $CINDER_CONF keystone_authtoken admin_user cinder
- iniset $CINDER_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $CINDER_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
+
+ iniset $CINDER_CONF DEFAULT osapi_volume_workers "$API_WORKERS"
+
+ iniset $CINDER_CONF DEFAULT glance_api_servers "${GLANCE_SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}"
+ if is_ssl_enabled_service glance || is_service_enabled tls-proxy; then
+ iniset $CINDER_CONF DEFAULT glance_protocol https
+ iniset $CINDER_CONF DEFAULT glance_ca_certificates_file $SSL_BUNDLE_FILE
+ fi
+
+ # Register SSL certificates if provided
+ if is_ssl_enabled_service cinder; then
+ ensure_certificates CINDER
+
+ iniset $CINDER_CONF DEFAULT ssl_cert_file "$CINDER_SSL_CERT"
+ iniset $CINDER_CONF DEFAULT ssl_key_file "$CINDER_SSL_KEY"
+ fi
}
@@ -316,28 +328,28 @@
# Migrated from keystone_data.sh
function create_cinder_accounts {
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
# Cinder
if [[ "$ENABLED_SERVICES" =~ "c-api" ]]; then
- CINDER_USER=$(get_or_create_user "cinder" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $CINDER_USER $SERVICE_TENANT
+ local cinder_user=$(get_or_create_user "cinder" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $cinder_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- CINDER_SERVICE=$(get_or_create_service "cinder" \
+ local cinder_service=$(get_or_create_service "cinder" \
"volume" "Cinder Volume Service")
- get_or_create_endpoint $CINDER_SERVICE "$REGION_NAME" \
+ get_or_create_endpoint $cinder_service "$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/\$(tenant_id)s"
- CINDER_V2_SERVICE=$(get_or_create_service "cinderv2" \
+ local cinder_v2_service=$(get_or_create_service "cinderv2" \
"volumev2" "Cinder Volume Service V2")
- get_or_create_endpoint $CINDER_V2_SERVICE "$REGION_NAME" \
+ get_or_create_endpoint $cinder_v2_service "$REGION_NAME" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s" \
"$CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v2/\$(tenant_id)s"
@@ -354,6 +366,7 @@
}
# init_cinder() - Initialize database and volume group
+# Uses global ``NOVA_ENABLED_APIS``
function init_cinder {
# Force nova volumes off
NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/osapi_volume,//")
@@ -367,11 +380,12 @@
fi
if is_service_enabled c-vol && [[ -n "$CINDER_ENABLED_BACKENDS" ]]; then
+ local be be_name be_type
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
- BE_TYPE=${be%%:*}
- BE_NAME=${be##*:}
- if type init_cinder_backend_${BE_TYPE} >/dev/null 2>&1; then
- init_cinder_backend_${BE_TYPE} ${BE_NAME}
+ be_type=${be%%:*}
+ be_name=${be##*:}
+ if type init_cinder_backend_${be_type} >/dev/null 2>&1; then
+ init_cinder_backend_${be_type} ${be_name}
fi
done
fi
@@ -403,6 +417,12 @@
# start_cinder() - Start running processes, including screen
function start_cinder {
+ local service_port=$CINDER_SERVICE_PORT
+ local service_protocol=$CINDER_SERVICE_PROTOCOL
+ if is_service_enabled tls-proxy; then
+ service_port=$CINDER_SERVICE_PORT_INT
+ service_protocol="http"
+ fi
if is_service_enabled c-vol; then
# Delete any old stack.conf
sudo rm -f /etc/tgt/conf.d/stack.conf
@@ -427,15 +447,15 @@
sudo tgtadm --mode system --op update --name debug --value on
fi
- screen_it c-api "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-api --config-file $CINDER_CONF"
+ run_process c-api "$CINDER_BIN_DIR/cinder-api --config-file $CINDER_CONF"
echo "Waiting for Cinder API to start..."
- if ! wait_for_service $SERVICE_TIMEOUT $CINDER_SERVICE_PROTOCOL://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT; then
+ if ! wait_for_service $SERVICE_TIMEOUT $service_protocol://$CINDER_SERVICE_HOST:$service_port; then
die $LINENO "c-api did not start"
fi
- screen_it c-sch "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-scheduler --config-file $CINDER_CONF"
- screen_it c-bak "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-backup --config-file $CINDER_CONF"
- screen_it c-vol "cd $CINDER_DIR && $CINDER_BIN_DIR/cinder-volume --config-file $CINDER_CONF"
+ run_process c-sch "$CINDER_BIN_DIR/cinder-scheduler --config-file $CINDER_CONF"
+ run_process c-bak "$CINDER_BIN_DIR/cinder-backup --config-file $CINDER_CONF"
+ run_process c-vol "$CINDER_BIN_DIR/cinder-volume --config-file $CINDER_CONF"
# NOTE(jdg): For cinder, startup order matters. To ensure that repor_capabilities is received
# by the scheduler start the cinder-volume service last (or restart it) after the scheduler
@@ -450,8 +470,9 @@
# stop_cinder() - Stop running processes
function stop_cinder {
# Kill the cinder screen windows
+ local serv
for serv in c-api c-bak c-sch c-vol; do
- screen_stop $serv
+ stop_process $serv
done
if is_service_enabled c-vol; then
@@ -467,14 +488,13 @@
function create_volume_types {
# Create volume types
if is_service_enabled c-api && [[ -n "$CINDER_ENABLED_BACKENDS" ]]; then
+ local be be_name be_type
for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
- BE_TYPE=${be%%:*}
- BE_NAME=${be##*:}
- if type configure_cinder_backend_${BE_TYPE} >/dev/null 2>&1; then
- # openstack volume type create --property volume_backend_name="${BE_TYPE}" ${BE_NAME}
- cinder type-create ${BE_NAME} && \
- cinder type-key ${BE_NAME} set volume_backend_name="${BE_NAME}"
- fi
+ be_type=${be%%:*}
+ be_name=${be##*:}
+ # openstack volume type create --property volume_backend_name="${be_type}" ${be_name}
+ cinder type-create ${be_name} && \
+ cinder type-key ${be_name} set volume_backend_name="${be_name}"
done
fi
}
diff --git a/lib/cinder_backends/glusterfs b/lib/cinder_backends/glusterfs
new file mode 100644
index 0000000..dd772a8
--- /dev/null
+++ b/lib/cinder_backends/glusterfs
@@ -0,0 +1,46 @@
+# lib/cinder_backends/glusterfs
+# Configure the glusterfs backend
+
+# Enable with:
+#
+# CINDER_ENABLED_BACKENDS+=,glusterfs:<volume-type-name>
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# CINDER_CONF
+# CINDER_CONF_DIR
+# CINDER_GLUSTERFS_SHARES - Contents of glusterfs shares config file
+
+# configure_cinder_backend_glusterfs - Configure Cinder for GlusterFS backends
+
+# Save trace setting
+GLUSTERFS_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_glusterfs - Set config files, create data dirs, etc
+function configure_cinder_backend_glusterfs {
+ local be_name=$1
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver "cinder.volume.drivers.glusterfs.GlusterfsDriver"
+ iniset $CINDER_CONF $be_name glusterfs_shares_config "$CINDER_CONF_DIR/glusterfs-shares-$be_name.conf"
+
+ if [[ -n "$CINDER_GLUSTERFS_SHARES" ]]; then
+ CINDER_GLUSTERFS_SHARES=$(echo $CINDER_GLUSTERFS_SHARES | tr ";" "\n")
+ echo "$CINDER_GLUSTERFS_SHARES" | tee "$CINDER_CONF_DIR/glusterfs-shares-$be_name.conf"
+ fi
+}
+
+
+# Restore xtrace
+$GLUSTERFS_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/cinder_backends/lvm b/lib/cinder_backends/lvm
index 324c323..8f8ab79 100644
--- a/lib/cinder_backends/lvm
+++ b/lib/cinder_backends/lvm
@@ -112,6 +112,7 @@
local lv_prefix=$2
# Clean out existing volumes
+ local lv
for lv in $(sudo lvs --noheadings -o lv_name $vg 2>/dev/null); do
# lv_prefix prefixes the LVs we want
if [[ "${lv#$lv_prefix}" != "$lv" ]]; then
@@ -132,9 +133,9 @@
# of the backing file
if [[ -z "$(sudo lvs --noheadings -o lv_name $vg 2>/dev/null)" ]]; then
# if the backing physical device is a loop device, it was probably setup by devstack
- VG_DEV=$(sudo losetup -j $backing_file | awk -F':' '/backing-file/ { print $1}')
- if [[ -n "$VG_DEV" ]] && [[ -e "$VG_DEV" ]]; then
- sudo losetup -d $VG_DEV
+ local vg_dev=$(sudo losetup -j $backing_file | awk -F':' '/backing-file/ { print $1}')
+ if [[ -n "$vg_dev" ]] && [[ -e "$vg_dev" ]]; then
+ sudo losetup -d $vg_dev
rm -f $backing_file
fi
fi
@@ -159,11 +160,11 @@
if [ -z "$VOLUME_BACKING_DEVICE" ]; then
# Only create if the file doesn't already exists
[[ -f $backing_file ]] || truncate -s $VOLUME_BACKING_FILE_SIZE $backing_file
- DEV=`sudo losetup -f --show $backing_file`
+ local vg_dev=`sudo losetup -f --show $backing_file`
# Only create if the loopback device doesn't contain $VOLUME_GROUP
if ! sudo vgs $vg_name; then
- sudo vgcreate $vg_name $DEV
+ sudo vgcreate $vg_name $vg_dev
fi
else
sudo vgcreate $vg_name $VOLUME_BACKING_DEVICE
diff --git a/lib/cinder_backends/netapp_iscsi b/lib/cinder_backends/netapp_iscsi
new file mode 100644
index 0000000..7a67da7
--- /dev/null
+++ b/lib/cinder_backends/netapp_iscsi
@@ -0,0 +1,64 @@
+# lib/cinder_backends/netapp_iscsi
+# Configure the NetApp iSCSI driver
+
+# Enable with:
+#
+# iSCSI:
+# CINDER_ENABLED_BACKENDS+=,netapp_iscsi:<volume-type-name>
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# ``CINDER_CONF``
+# ``CINDER_CONF_DIR``
+# ``CINDER_ENABLED_BACKENDS``
+
+# configure_cinder_backend_netapp_iscsi - configure iSCSI
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_netapp_iscsi - Set config files, create data dirs, etc
+function configure_cinder_backend_netapp_iscsi {
+ # To use NetApp, set the following in local.conf:
+ # CINDER_ENABLED_BACKENDS+=,netapp_iscsi:<volume-type-name>
+ # NETAPP_MODE=ontap_7mode|ontap_cluster
+ # NETAPP_IP=<mgmt-ip>
+ # NETAPP_LOGIN=<admin-account>
+ # NETAPP_PASSWORD=<admin-password>
+ # NETAPP_ISCSI_VOLUME_LIST=<volumes>
+
+ # In ontap_cluster mode, the following also needs to be defined:
+ # NETAPP_ISCSI_VSERVER=<vserver-name>
+
+ local be_name=$1
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver "cinder.volume.drivers.netapp.common.NetAppDriver"
+ iniset $CINDER_CONF $be_name netapp_storage_family ${NETAPP_MODE:-ontap_7mode}
+ iniset $CINDER_CONF $be_name netapp_server_hostname $NETAPP_IP
+ iniset $CINDER_CONF $be_name netapp_login $NETAPP_LOGIN
+ iniset $CINDER_CONF $be_name netapp_password $NETAPP_PASSWORD
+ iniset $CINDER_CONF $be_name netapp_volume_list $NETAPP_ISCSI_VOLUME_LIST
+
+ iniset $CINDER_CONF $be_name netapp_storage_protocol iscsi
+ iniset $CINDER_CONF $be_name netapp_transport_type https
+
+ if [[ "$NETAPP_MODE" == "ontap_cluster" ]]; then
+ iniset $CINDER_CONF $be_name netapp_vserver $NETAPP_ISCSI_VSERVER
+ fi
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/cinder_backends/netapp_nfs b/lib/cinder_backends/netapp_nfs
new file mode 100644
index 0000000..d90b7f7
--- /dev/null
+++ b/lib/cinder_backends/netapp_nfs
@@ -0,0 +1,75 @@
+# lib/cinder_backends/netapp_nfs
+# Configure the NetApp NFS driver
+
+# Enable with:
+#
+# NFS:
+# CINDER_ENABLED_BACKENDS+=,netapp_nfs:<volume-type-name>
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# ``CINDER_CONF``
+# ``CINDER_CONF_DIR``
+# ``CINDER_ENABLED_BACKENDS``
+
+# configure_cinder_backend_netapp_nfs - configure NFS
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_netapp_nfs - Set config files, create data dirs, etc
+function configure_cinder_backend_netapp_nfs {
+ # To use NetApp, set the following in local.conf:
+ # CINDER_ENABLED_BACKENDS+=,netapp_nfs:<volume-type-name>
+ # NETAPP_MODE=ontap_7mode|ontap_cluster
+ # NETAPP_IP=<mgmt-ip>
+ # NETAPP_LOGIN=<admin-account>
+ # NETAPP_PASSWORD=<admin-password>
+ # NETAPP_NFS_VOLUME_LIST=<export-volumes>
+
+ # In ontap_cluster mode, the following also needs to be defined:
+ # NETAPP_NFS_VSERVER=<vserver-name>
+
+ local be_name=$1
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver "cinder.volume.drivers.netapp.common.NetAppDriver"
+ iniset $CINDER_CONF $be_name netapp_storage_family ${NETAPP_MODE:-ontap_7mode}
+ iniset $CINDER_CONF $be_name netapp_server_hostname $NETAPP_IP
+ iniset $CINDER_CONF $be_name netapp_login $NETAPP_LOGIN
+ iniset $CINDER_CONF $be_name netapp_password $NETAPP_PASSWORD
+
+ iniset $CINDER_CONF $be_name netapp_storage_protocol nfs
+ iniset $CINDER_CONF $be_name netapp_transport_type https
+ iniset $CINDER_CONF $be_name nfs_shares_config $CINDER_CONF_DIR/netapp_shares.conf
+
+ echo "$NETAPP_NFS_VOLUME_LIST" | tee "$CINDER_CONF_DIR/netapp_shares.conf"
+
+ if [[ "$NETAPP_MODE" == "ontap_cluster" ]]; then
+ iniset $CINDER_CONF $be_name netapp_vserver $NETAPP_NFS_VSERVER
+ fi
+}
+
+function cleanup_cinder_backend_netapp_nfs {
+ # Clean up remaining NFS mounts
+ # Be blunt and do them all
+ local m
+ for m in $CINDER_STATE_PATH/mnt/*; do
+ sudo umount $m
+ done
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/cinder_backends/solidfire b/lib/cinder_backends/solidfire
new file mode 100644
index 0000000..95ffce1
--- /dev/null
+++ b/lib/cinder_backends/solidfire
@@ -0,0 +1,47 @@
+# lib/cinder_backends/solidfire
+# Configure the solidfire driver
+
+# Enable with:
+#
+# CINDER_ENABLED_BACKENDS+=,solidfire:<volume-type-name>
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# CINDER_CONF
+
+# configure_cinder_driver - make configuration changes, including those to other services
+
+# Save trace setting
+MY_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_solidfire - Set config files, create data dirs, etc
+function configure_cinder_backend_solidfire {
+ # To use SolidFire, set the following in local.conf:
+ # CINDER_ENABLED_BACKENDS+=,solidfire:<volume-type-name>
+ # SAN_IP=<mvip>
+ # SAN_LOGIN=<cluster-admin-account>
+ # SAN_PASSWORD=<cluster-admin-password>
+
+ local be_name=$1
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver "cinder.volume.drivers.solidfire.SolidFireDriver"
+ iniset $CINDER_CONF $be_name san_ip $SAN_IP
+ iniset $CINDER_CONF $be_name san_login $SAN_LOGIN
+ iniset $CINDER_CONF $be_name san_password $SAN_PASSWORD
+}
+
+
+# Restore xtrace
+$MY_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/cinder_backends/vmdk b/lib/cinder_backends/vmdk
new file mode 100644
index 0000000..b32c4b2
--- /dev/null
+++ b/lib/cinder_backends/vmdk
@@ -0,0 +1,45 @@
+# lib/cinder_backends/vmdk
+# Configure the VMware vmdk backend
+
+# Enable with:
+#
+# CINDER_ENABLED_BACKENDS+=,vmdk:<volume-type-name>
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# configure_cinder_backend_vmdk - Configure Cinder for VMware vmdk backends
+
+# Save trace setting
+VMDK_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_vmdk - Set config files, create data dirs, etc
+function configure_cinder_backend_vmdk {
+ # To use VMware vmdk backend, set the following in local.conf:
+ # CINDER_ENABLED_BACKENDS+=,vmdk:<volume-type-name>
+ # VMWAREAPI_IP=<vcenter-ip>
+ # VMWAREAPI_USER=<vcenter-admin-account>
+ # VMWAREAPI_PASSWORD=<vcenter-admin-password>
+
+ local be_name=$1
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver "cinder.volume.drivers.vmware.vmdk.VMwareVcVmdkDriver"
+ iniset $CINDER_CONF $be_name vmware_host_ip "$VMWAREAPI_IP"
+ iniset $CINDER_CONF $be_name vmware_host_username "$VMWAREAPI_USER"
+ iniset $CINDER_CONF $be_name vmware_host_password "$VMWAREAPI_PASSWORD"
+}
+
+
+# Restore xtrace
+$VMDK_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/lib/cinder_backends/xiv b/lib/cinder_backends/xiv
new file mode 100644
index 0000000..ee5da2d
--- /dev/null
+++ b/lib/cinder_backends/xiv
@@ -0,0 +1,85 @@
+# Copyright 2014 IBM Corp.
+# Copyright (c) 2014 OpenStack Foundation
+# All Rights Reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License"); you may
+# not use this file except in compliance with the License. You may obtain
+# a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
+# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+# License for the specific language governing permissions and limitations
+# under the License.
+#
+# Authors:
+# Alon Marx <alonma@il.ibm.com>
+#
+
+# lib/cinder_plugins/xiv
+# Configure the xiv_ds8k driver for xiv testing
+
+# Enable xiv_ds8k driver for xiv with:
+#
+# CINDER_ENABLED_BACKENDS+=,xiv:<volume-type-name>
+# XIV_DRIVER_VERSION=<version-string>
+# SAN_IP=<storage-ip-or-hostname>
+# SAN_LOGIN=<storage-admin-account>
+# SAN_PASSWORD=<storage-admin-password>
+# SAN_CLUSTERNAME=<cluster-name>
+# CONNECTION_TYPE=<connection-type> iscsi|fc
+# XIV_CHAP=<chap-type> disabled|enabled
+
+# Dependencies:
+#
+# - ``functions`` file
+# - ``cinder`` configurations
+
+# configure_cinder_backend_xiv - Configure Cinder for xiv backends
+
+# Save trace setting
+XIV_XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+# Set up default directories
+
+
+# Entry Points
+# ------------
+
+# configure_cinder_backend_xiv - Set config files, create data dirs, etc
+function configure_cinder_backend_xiv {
+
+ local be_name=$1
+
+ python -c 'from xiv_ds8k_openstack.xiv_nova_proxy import XIVNovaProxy'
+ if [ $? -ne 0 ]; then
+ die $LINENO "XIV_DS8K driver is missing. Please install first"
+ fi
+
+ # For reference:
+ # ``XIV_DS8K_BACKEND='IBM-XIV_'${SAN_IP}'_'${SAN_CLUSTERNAME}'_'${CONNECTION_TYPE}``
+ iniset $CINDER_CONF DEFAULT xiv_ds8k_driver_version $XIV_DRIVER_VERSION
+
+ iniset $CINDER_CONF $be_name san_ip $SAN_IP
+ iniset $CINDER_CONF $be_name san_login $SAN_LOGIN
+ iniset $CINDER_CONF $be_name san_password $SAN_PASSWORD
+ iniset $CINDER_CONF $be_name san_clustername $SAN_CLUSTERNAME
+ iniset $CINDER_CONF $be_name xiv_ds8k_connection_type $CONNECTION_TYPE
+ iniset $CINDER_CONF $be_name volume_backend_name $be_name
+ iniset $CINDER_CONF $be_name volume_driver 'cinder.volume.drivers.ibm.xiv_ds8k.XIVDS8KDriver'
+ iniset $CINDER_CONF $be_name xiv_ds8k_proxy 'xiv_ds8k_openstack.xiv_nova_proxy.XIVNovaProxy'
+ iniset $CINDER_CONF $be_name xiv_chap $XIV_CHAP
+}
+
+# Restore xtrace
+$XIV_XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
+
diff --git a/lib/cinder_plugins/solidfire b/lib/cinder_plugins/solidfire
deleted file mode 100644
index 2c970b5..0000000
--- a/lib/cinder_plugins/solidfire
+++ /dev/null
@@ -1,48 +0,0 @@
-# lib/cinder_plugins/solidfire
-# Configure the solidfire driver
-
-# Enable with:
-#
-# CINDER_DRIVER=solidfire
-
-# Dependencies:
-#
-# - ``functions`` file
-# - ``cinder`` configurations
-
-# configure_cinder_driver - make configuration changes, including those to other services
-
-# Save trace setting
-MY_XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-
-# Defaults
-# --------
-
-# Set up default directories
-
-
-# Entry Points
-# ------------
-
-# configure_cinder_driver - Set config files, create data dirs, etc
-function configure_cinder_driver {
- # To use solidfire, set the following in localrc:
- # CINDER_DRIVER=solidfire
- # SAN_IP=<mvip>
- # SAN_LOGIN=<cluster-admin-account>
- # SAN_PASSWORD=<cluster-admin-password>
-
- iniset $CINDER_CONF DEFAULT volume_driver "cinder.volume.drivers.solidfire.SolidFireDriver"
- iniset $CINDER_CONF DEFAULT san_ip $SAN_IP
- iniset $CINDER_CONF DEFAULT san_login $SAN_LOGIN
- iniset $CINDER_CONF DEFAULT san_password $SAN_PASSWORD
-}
-
-# Restore xtrace
-$MY_XTRACE
-
-# Local variables:
-# mode: shell-script
-# End:
diff --git a/lib/config b/lib/config
index 67d788c..a4d0328 100644
--- a/lib/config
+++ b/lib/config
@@ -84,7 +84,11 @@
get_meta_section $file $matchgroup $configfile | \
$CONFIG_AWK_CMD -v configfile=$configfile '
- BEGIN { section = "" }
+ BEGIN {
+ section = ""
+ last_section = ""
+ section_count = 0
+ }
/^\[.+\]/ {
gsub("[][]", "", $1);
section=$1
@@ -94,11 +98,58 @@
next
}
/^[^ \t]+/ {
- split($0, d, " *= *")
- print "iniset " configfile " " section " " d[1] " \"" d[2] "\""
+ # get offset of first '=' in $0
+ eq_idx = index($0, "=")
+ # extract attr & value from $0
+ attr = substr($0, 1, eq_idx - 1)
+ value = substr($0, eq_idx + 1)
+ # only need to strip trailing whitespace from attr
+ sub(/[ \t]*$/, "", attr)
+ # need to strip leading & trailing whitespace from value
+ sub(/^[ \t]*/, "", value)
+ sub(/[ \t]*$/, "", value)
+
+ # cfg_attr_count: number of config lines per [section, attr]
+ # cfg_attr: three dimensional array to keep all the config lines per [section, attr]
+ # cfg_section: keep the section names in the same order as they appear in local.conf
+ # cfg_sec_attr_name: keep the attr names in the same order as they appear in local.conf
+ if (! (section, attr) in cfg_attr_count) {
+ if (section != last_section) {
+ cfg_section[section_count++] = section
+ last_section = section
+ }
+ attr_count = cfg_sec_attr_count[section_count - 1]++
+ cfg_sec_attr_name[section_count - 1, attr_count] = attr
+
+ cfg_attr[section, attr, 0] = value
+ cfg_attr_count[section, attr] = 1
+ } else {
+ lno = cfg_attr_count[section, attr]++
+ cfg_attr[section, attr, lno] = value
+ }
+ }
+ END {
+ # Process each section in order
+ for (sno = 0; sno < section_count; sno++) {
+ section = cfg_section[sno]
+ # The ini routines simply append a config item immediately
+ # after the section header. To keep the same order as defined
+ # in local.conf, invoke the ini routines in the reverse order
+ for (attr_no = cfg_sec_attr_count[sno] - 1; attr_no >=0; attr_no--) {
+ attr = cfg_sec_attr_name[sno, attr_no]
+ if (cfg_attr_count[section, attr] == 1)
+ print "iniset " configfile " " section " " attr " \"" cfg_attr[section, attr, 0] "\""
+ else {
+ # For multiline, invoke the ini routines in the reverse order
+ count = cfg_attr_count[section, attr]
+ print "iniset " configfile " " section " " attr " \"" cfg_attr[section, attr, count - 1] "\""
+ for (l = count -2; l >= 0; l--)
+ print "iniadd_literal " configfile " " section " " attr " \"" cfg_attr[section, attr, l] "\""
+ }
+ }
+ }
}
' | while read a; do eval "$a"; done
-
}
@@ -110,6 +161,7 @@
[[ -r $localfile ]] || return 0
+ local configfile group
for group in $matchgroups; do
for configfile in $(get_meta_section_files $localfile $group); do
if [[ -d $(dirname $(eval "echo $configfile")) ]]; then
diff --git a/lib/database b/lib/database
index 0661049..e226515 100644
--- a/lib/database
+++ b/lib/database
@@ -89,7 +89,7 @@
# a multi-node DevStack installation.
# NOTE: Don't specify ``/db`` in this string so we can use it for multiple services
- BASE_SQL_CONN=${BASE_SQL_CONN:-${DATABASE_TYPE}://$DATABASE_USER:$DATABASE_PASSWORD@$DATABASE_HOST}
+ BASE_SQL_CONN=${BASE_SQL_CONN:-$(get_database_type)://$DATABASE_USER:$DATABASE_PASSWORD@$DATABASE_HOST}
return 0
}
@@ -120,6 +120,14 @@
database_connection_url_$DATABASE_TYPE $db
}
+function get_database_type {
+ if [[ -n "${SQLALCHEMY_DATABASE_DRIVER}" ]]; then
+ echo "${DATABASE_TYPE}+${SQLALCHEMY_DATABASE_DRIVER}"
+ else
+ echo "${DATABASE_TYPE}"
+ fi
+}
+
# Restore xtrace
$XTRACE
diff --git a/lib/databases/mysql b/lib/databases/mysql
index 0ccfce5..67bf85a 100644
--- a/lib/databases/mysql
+++ b/lib/databases/mysql
@@ -47,22 +47,22 @@
}
function configure_database_mysql {
- local slow_log
+ local my_conf mysql slow_log
echo_summary "Configuring and starting MySQL"
if is_ubuntu; then
- MY_CONF=/etc/mysql/my.cnf
- MYSQL=mysql
+ my_conf=/etc/mysql/my.cnf
+ mysql=mysql
elif is_fedora; then
if [[ $DISTRO =~ (rhel7) ]]; then
- MYSQL=mariadb
+ mysql=mariadb
else
- MYSQL=mysqld
+ mysql=mysqld
fi
- MY_CONF=/etc/my.cnf
+ my_conf=/etc/my.cnf
elif is_suse; then
- MY_CONF=/etc/my.cnf
- MYSQL=mysql
+ my_conf=/etc/my.cnf
+ mysql=mysql
else
exit_distro_not_supported "mysql configuration"
fi
@@ -70,7 +70,7 @@
# Start mysql-server
if is_fedora || is_suse; then
# service is not started by default
- start_service $MYSQL
+ start_service $mysql
fi
# Set the root password - only works the first time. For Ubuntu, we already
@@ -87,9 +87,9 @@
# Change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and
# set default db type to InnoDB
sudo bash -c "source $TOP_DIR/functions && \
- iniset $MY_CONF mysqld bind-address 0.0.0.0 && \
- iniset $MY_CONF mysqld sql_mode STRICT_ALL_TABLES && \
- iniset $MY_CONF mysqld default-storage-engine InnoDB"
+ iniset $my_conf mysqld bind-address 0.0.0.0 && \
+ iniset $my_conf mysqld sql_mode STRICT_ALL_TABLES && \
+ iniset $my_conf mysqld default-storage-engine InnoDB"
if [[ "$DATABASE_QUERY_LOGGING" == "True" ]]; then
@@ -102,19 +102,19 @@
sudo sed -e '/log.slow.queries/d' \
-e '/long.query.time/d' \
-e '/log.queries.not.using.indexes/d' \
- -i $MY_CONF
+ -i $my_conf
# Turn on slow query log, log all queries (any query taking longer than
# 0 seconds) and log all non-indexed queries
sudo bash -c "source $TOP_DIR/functions && \
- iniset $MY_CONF mysqld slow-query-log 1 && \
- iniset $MY_CONF mysqld slow-query-log-file $slow_log && \
- iniset $MY_CONF mysqld long-query-time 0 && \
- iniset $MY_CONF mysqld log-queries-not-using-indexes 1"
+ iniset $my_conf mysqld slow-query-log 1 && \
+ iniset $my_conf mysqld slow-query-log-file $slow_log && \
+ iniset $my_conf mysqld long-query-time 0 && \
+ iniset $my_conf mysqld log-queries-not-using-indexes 1"
fi
- restart_service $MYSQL
+ restart_service $mysql
}
function install_database_mysql {
diff --git a/lib/databases/postgresql b/lib/databases/postgresql
index 6e85d6e..fb6d304 100644
--- a/lib/databases/postgresql
+++ b/lib/databases/postgresql
@@ -42,11 +42,12 @@
}
function configure_database_postgresql {
+ local pg_conf pg_dir pg_hba root_roles
echo_summary "Configuring and starting PostgreSQL"
if is_fedora; then
- PG_HBA=/var/lib/pgsql/data/pg_hba.conf
- PG_CONF=/var/lib/pgsql/data/postgresql.conf
- if ! sudo [ -e $PG_HBA ]; then
+ pg_hba=/var/lib/pgsql/data/pg_hba.conf
+ pg_conf=/var/lib/pgsql/data/postgresql.conf
+ if ! sudo [ -e $pg_hba ]; then
if ! [[ $DISTRO =~ (rhel6) ]]; then
sudo postgresql-setup initdb
else
@@ -54,25 +55,25 @@
fi
fi
elif is_ubuntu; then
- PG_DIR=`find /etc/postgresql -name pg_hba.conf|xargs dirname`
- PG_HBA=$PG_DIR/pg_hba.conf
- PG_CONF=$PG_DIR/postgresql.conf
+ pg_dir=`find /etc/postgresql -name pg_hba.conf|xargs dirname`
+ pg_hba=$pg_dir/pg_hba.conf
+ pg_conf=$pg_dir/postgresql.conf
elif is_suse; then
- PG_HBA=/var/lib/pgsql/data/pg_hba.conf
- PG_CONF=/var/lib/pgsql/data/postgresql.conf
+ pg_hba=/var/lib/pgsql/data/pg_hba.conf
+ pg_conf=/var/lib/pgsql/data/postgresql.conf
# initdb is called when postgresql is first started
- sudo [ -e $PG_HBA ] || start_service postgresql
+ sudo [ -e $pg_hba ] || start_service postgresql
else
exit_distro_not_supported "postgresql configuration"
fi
# Listen on all addresses
- sudo sed -i "/listen_addresses/s/.*/listen_addresses = '*'/" $PG_CONF
+ sudo sed -i "/listen_addresses/s/.*/listen_addresses = '*'/" $pg_conf
# Set max_connections
- sudo sed -i "/max_connections/s/.*/max_connections = $MAX_DB_CONNECTIONS/" $PG_CONF
+ sudo sed -i "/max_connections/s/.*/max_connections = $MAX_DB_CONNECTIONS/" $pg_conf
# Do password auth from all IPv4 clients
- sudo sed -i "/^host/s/all\s\+127.0.0.1\/32\s\+ident/$DATABASE_USER\t0.0.0.0\/0\tpassword/" $PG_HBA
+ sudo sed -i "/^host/s/all\s\+127.0.0.1\/32\s\+ident/$DATABASE_USER\t0.0.0.0\/0\tpassword/" $pg_hba
# Do password auth for all IPv6 clients
- sudo sed -i "/^host/s/all\s\+::1\/128\s\+ident/$DATABASE_USER\t::0\/0\tpassword/" $PG_HBA
+ sudo sed -i "/^host/s/all\s\+::1\/128\s\+ident/$DATABASE_USER\t::0\/0\tpassword/" $pg_hba
restart_service postgresql
# Create the role if it's not here or else alter it.
@@ -86,14 +87,14 @@
function install_database_postgresql {
echo_summary "Installing postgresql"
- PGPASS=$HOME/.pgpass
- if [[ ! -e $PGPASS ]]; then
- cat <<EOF > $PGPASS
+ local pgpass=$HOME/.pgpass
+ if [[ ! -e $pgpass ]]; then
+ cat <<EOF > $pgpass
*:*:*:$DATABASE_USER:$DATABASE_PASSWORD
EOF
- chmod 0600 $PGPASS
+ chmod 0600 $pgpass
else
- sed -i "s/:root:\w\+/:root:$DATABASE_PASSWORD/" $PGPASS
+ sed -i "s/:root:\w\+/:root:$DATABASE_PASSWORD/" $pgpass
fi
if is_ubuntu; then
install_package postgresql
diff --git a/lib/dib b/lib/dib
new file mode 100644
index 0000000..30b31ec
--- /dev/null
+++ b/lib/dib
@@ -0,0 +1,147 @@
+# lib/dib
+# Install and build images with **diskimage-builder**
+
+# Dependencies:
+#
+# - functions
+# - DEST, DATA_DIR must be defined
+
+# stack.sh
+# ---------
+# - install_dib
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+# Defaults
+# --------
+
+# set up default directories
+DIB_DIR=$DEST/diskimage-builder
+TIE_DIR=$DEST/tripleo-image-elements
+
+# NOTE: Setting DIB_APT_SOURCES assumes you will be building
+# Debian/Ubuntu based images. Leave unset for other flavors.
+DIB_APT_SOURCES=${DIB_APT_SOURCES:-""}
+DIB_BUILD_OFFLINE=$(trueorfalse False $DIB_BUILD_OFFLINE)
+DIB_IMAGE_CACHE=$DATA_DIR/diskimage-builder/image-create
+DIB_PIP_REPO=$DATA_DIR/diskimage-builder/pip-repo
+DIB_PIP_REPO_PORT=${DIB_PIP_REPO_PORT:-8899}
+
+OCC_DIR=$DEST/os-collect-config
+ORC_DIR=$DEST/os-refresh-config
+OAC_DIR=$DEST/os-apply-config
+
+# Include the apt-sources element in builds if we have an
+# alternative sources.list specified.
+if [ -n "$DIB_APT_SOURCES" ]; then
+ if [ ! -e "$DIB_APT_SOURCES" ]; then
+ die $LINENO "DIB_APT_SOURCES set but not found at $DIB_APT_SOURCES"
+ fi
+ EXTRA_ELEMENTS="apt-sources"
+fi
+
+# Functions
+# ---------
+
+# install_dib() - Collect source and prepare
+function install_dib {
+ pip_install diskimage-builder
+
+ git_clone $TIE_REPO $TIE_DIR $TIE_BRANCH
+ git_clone $OCC_REPO $OCC_DIR $OCC_BRANCH
+ git_clone $ORC_REPO $ORC_DIR $ORC_BRANCH
+ git_clone $OAC_REPO $OAC_DIR $OAC_BRANCH
+ mkdir -p $DIB_IMAGE_CACHE
+}
+
+# build_dib_pip_repo() - Builds a local pip repo from local projects
+function build_dib_pip_repo {
+ local project_dirs=$1
+ local projpath proj package
+
+ rm -rf $DIB_PIP_REPO
+ mkdir -p $DIB_PIP_REPO
+
+ echo "<html><body>" > $DIB_PIP_REPO/index.html
+ for projpath in $project_dirs; do
+ proj=$(basename $projpath)
+ mkdir -p $DIB_PIP_REPO/$proj
+ pushd $projpath
+ rm -rf dist
+ python setup.py sdist
+ pushd dist
+ package=$(ls *)
+ mv $package $DIB_PIP_REPO/$proj/$package
+ popd
+
+ echo "<html><body><a href=\"$package\">$package</a></body></html>" > $DIB_PIP_REPO/$proj/index.html
+ echo "<a href=\"$proj\">$proj</a><br/>" >> $DIB_PIP_REPO/index.html
+
+ popd
+ done
+
+ echo "</body></html>" >> $DIB_PIP_REPO/index.html
+
+ local dib_pip_repo_apache_conf=$(apache_site_config_for dib_pip_repo)
+
+ sudo cp $FILES/apache-dib-pip-repo.template $dib_pip_repo_apache_conf
+ sudo sed -e "
+ s|%DIB_PIP_REPO%|$DIB_PIP_REPO|g;
+ s|%DIB_PIP_REPO_PORT%|$DIB_PIP_REPO_PORT|g;
+ s|%APACHE_NAME%|$APACHE_NAME|g;
+ " -i $dib_pip_repo_apache_conf
+ enable_apache_site dib_pip_repo
+}
+
+# disk_image_create_upload() - Creates and uploads a diskimage-builder built image
+function disk_image_create_upload {
+
+ local image_name=$1
+ local image_elements=$2
+ local elements_path=$3
+
+ local image_path=$TOP_DIR/files/$image_name.qcow2
+
+ # Set the local pip repo as the primary index mirror so the
+ # image is built with local packages
+ local pypi_mirror_url=http://$SERVICE_HOST:$DIB_PIP_REPO_PORT/
+ local pypi_mirror_url_1
+
+ if [ -a $HOME/.pip/pip.conf ]; then
+ # Add the current pip.conf index-url as an extra-index-url
+ # in the image build
+ pypi_mirror_url_1=$(iniget $HOME/.pip/pip.conf global index-url)
+ else
+ # If no pip.conf, set upstream pypi as an extra mirror
+ # (this also sets the .pydistutils.cfg index-url)
+ pypi_mirror_url_1=http://pypi.python.org/simple
+ fi
+
+ # The disk-image-create command to run
+ ELEMENTS_PATH=$elements_path \
+ DIB_APT_SOURCES=$DIB_APT_SOURCES \
+ DIB_OFFLINE=$DIB_BUILD_OFFLINE \
+ PYPI_MIRROR_URL=$pypi_mirror_url \
+ PYPI_MIRROR_URL_1=$pypi_mirror_url_1 \
+ disk-image-create -a amd64 $image_elements $EXTRA_ELEMENTS \
+ --image-cache $DIB_IMAGE_CACHE \
+ -o $image_path
+
+ local token=$(keystone token-get | grep ' id ' | get_field 2)
+ die_if_not_set $LINENO token "Keystone fail to get token"
+
+ glance --os-auth-token $token --os-image-url http://$GLANCE_HOSTPORT \
+ image-create --name $image_name --is-public True \
+ --container-format=bare --disk-format qcow2 \
+ < $image_path
+}
+
+# Restore xtrace
+$XTRACE
+
+# Tell emacs to use shell-script-mode
+## Local variables:
+## mode: shell-script
+## End:
diff --git a/lib/dstat b/lib/dstat
new file mode 100644
index 0000000..a2c522c
--- /dev/null
+++ b/lib/dstat
@@ -0,0 +1,41 @@
+# lib/apache
+# Functions to start and stop dstat
+
+# Dependencies:
+#
+# - ``functions`` file
+
+# ``stack.sh`` calls the entry points in this order:
+#
+# - start_dstat
+# - stop_dstat
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+# for DSTAT logging
+DSTAT_FILE=${DSTAT_FILE:-"dstat.txt"}
+
+
+# start_dstat() - Start running processes, including screen
+function start_dstat {
+ # A better kind of sysstat, with the top process per time slice
+ DSTAT_OPTS="-tcmndrylp --top-cpu-adv"
+ if [[ -n ${SCREEN_LOGDIR} ]]; then
+ screen_it dstat "cd $TOP_DIR; dstat $DSTAT_OPTS | tee $SCREEN_LOGDIR/$DSTAT_FILE"
+ else
+ screen_it dstat "dstat $DSTAT_OPTS"
+ fi
+}
+
+# stop_dstat() stop dstat process
+function stop_dstat {
+ screen_stop dstat
+}
+
+# Restore xtrace
+$XTRACE
diff --git a/lib/gantt b/lib/gantt
index 8db2ca1..485613f 100644
--- a/lib/gantt
+++ b/lib/gantt
@@ -77,14 +77,14 @@
# start_gantt() - Start running processes, including screen
function start_gantt {
if is_service_enabled gantt; then
- screen_it gantt "cd $GANTT_DIR && $GANTT_BIN_DIR/gantt-scheduler --config-file $GANTT_CONF"
+ run_process gantt "$GANTT_BIN_DIR/gantt-scheduler --config-file $GANTT_CONF"
fi
}
# stop_gantt() - Stop running processes
function stop_gantt {
echo "Stop Gantt"
- screen_stop gantt
+ stop_process gantt
}
# Restore xtrace
diff --git a/lib/glance b/lib/glance
index 92577d9..4194842 100644
--- a/lib/glance
+++ b/lib/glance
@@ -28,12 +28,14 @@
# Set up default directories
GLANCE_DIR=$DEST/glance
+GLANCE_STORE_DIR=$DEST/glance_store
GLANCECLIENT_DIR=$DEST/python-glanceclient
GLANCE_CACHE_DIR=${GLANCE_CACHE_DIR:=$DATA_DIR/glance/cache}
GLANCE_IMAGE_DIR=${GLANCE_IMAGE_DIR:=$DATA_DIR/glance/images}
GLANCE_AUTH_CACHE_DIR=${GLANCE_AUTH_CACHE_DIR:-/var/cache/glance}
GLANCE_CONF_DIR=${GLANCE_CONF_DIR:-/etc/glance}
+GLANCE_METADEF_DIR=$GLANCE_CONF_DIR/metadefs
GLANCE_REGISTRY_CONF=$GLANCE_CONF_DIR/glance-registry.conf
GLANCE_API_CONF=$GLANCE_CONF_DIR/glance-api.conf
GLANCE_REGISTRY_PASTE_INI=$GLANCE_CONF_DIR/glance-registry-paste.ini
@@ -49,8 +51,18 @@
GLANCE_BIN_DIR=$(get_python_exec_prefix)
fi
+if is_ssl_enabled_service "glance" || is_service_enabled tls-proxy; then
+ GLANCE_SERVICE_PROTOCOL="https"
+fi
+
# Glance connection info. Note the port must be specified.
-GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$SERVICE_HOST:9292}
+GLANCE_SERVICE_HOST=${GLANCE_SERVICE_HOST:-$SERVICE_HOST}
+GLANCE_SERVICE_PORT=${GLANCE_SERVICE_PORT:-9292}
+GLANCE_SERVICE_PORT_INT=${GLANCE_SERVICE_PORT_INT:-19292}
+GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$GLANCE_SERVICE_HOST:$GLANCE_SERVICE_PORT}
+GLANCE_SERVICE_PROTOCOL=${GLANCE_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+GLANCE_REGISTRY_PORT=${GLANCE_REGISTRY_PORT:-9191}
+GLANCE_REGISTRY_PORT_INT=${GLANCE_REGISTRY_PORT_INT:-19191}
# Tell Tempest this project is present
TEMPEST_SERVICES+=,glance
@@ -81,6 +93,11 @@
fi
sudo chown $STACK_USER $GLANCE_CONF_DIR
+ if [[ ! -d $GLANCE_METADEF_DIR ]]; then
+ sudo mkdir -p $GLANCE_METADEF_DIR
+ fi
+ sudo chown $STACK_USER $GLANCE_METADEF_DIR
+
# Copy over our glance configurations and update them
cp $GLANCE_DIR/etc/glance-registry.conf $GLANCE_REGISTRY_CONF
iniset $GLANCE_REGISTRY_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
@@ -89,38 +106,38 @@
iniset $GLANCE_REGISTRY_CONF DEFAULT sql_connection $dburl
iniset $GLANCE_REGISTRY_CONF DEFAULT use_syslog $SYSLOG
iniset $GLANCE_REGISTRY_CONF paste_deploy flavor keystone
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
- configure_API_version $GLANCE_REGISTRY_CONF $IDENTITY_API_VERSION
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_user glance
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $GLANCE_REGISTRY_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/registry
+ configure_auth_token_middleware $GLANCE_REGISTRY_CONF glance $GLANCE_AUTH_CACHE_DIR/registry
+ if is_service_enabled qpid || [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
+ iniset $GLANCE_REGISTRY_CONF DEFAULT notification_driver messaging
+ fi
+ iniset_rpc_backend glance $GLANCE_REGISTRY_CONF DEFAULT
cp $GLANCE_DIR/etc/glance-api.conf $GLANCE_API_CONF
iniset $GLANCE_API_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
inicomment $GLANCE_API_CONF DEFAULT log_file
iniset $GLANCE_API_CONF DEFAULT sql_connection $dburl
iniset $GLANCE_API_CONF DEFAULT use_syslog $SYSLOG
- iniset $GLANCE_API_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_API_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniset $GLANCE_API_CONF paste_deploy flavor keystone+cachemanagement
- iniset $GLANCE_API_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $GLANCE_API_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
- configure_API_version $GLANCE_API_CONF $IDENTITY_API_VERSION
- iniset $GLANCE_API_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $GLANCE_API_CONF keystone_authtoken admin_user glance
- iniset $GLANCE_API_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
+ configure_auth_token_middleware $GLANCE_API_CONF glance $GLANCE_AUTH_CACHE_DIR/api
if is_service_enabled qpid || [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
iniset $GLANCE_API_CONF DEFAULT notification_driver messaging
fi
iniset_rpc_backend glance $GLANCE_API_CONF DEFAULT
- iniset $GLANCE_API_CONF keystone_authtoken signing_dir $GLANCE_AUTH_CACHE_DIR/api
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
iniset $GLANCE_API_CONF DEFAULT container_formats "ami,ari,aki,bare,ovf,tgz"
iniset $GLANCE_API_CONF DEFAULT disk_formats "ami,ari,aki,vhd,raw,iso"
fi
+ # Store specific configs
+ iniset $GLANCE_API_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
+
+ # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
+ # sections.
+ iniset $GLANCE_API_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
+
+ iniset $GLANCE_API_CONF DEFAULT workers "$API_WORKERS"
+
# Store the images in swift if enabled.
if is_service_enabled s-proxy; then
iniset $GLANCE_API_CONF DEFAULT default_store swift
@@ -130,6 +147,35 @@
iniset $GLANCE_API_CONF DEFAULT swift_store_create_container_on_put True
iniset $GLANCE_API_CONF DEFAULT known_stores "glance.store.filesystem.Store, glance.store.http.Store, glance.store.swift.Store"
+
+ # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
+ # sections.
+ iniset $GLANCE_API_CONF glance_store default_store swift
+ iniset $GLANCE_API_CONF glance_store swift_store_auth_address $KEYSTONE_SERVICE_URI/v2.0/
+ iniset $GLANCE_API_CONF glance_store swift_store_user $SERVICE_TENANT_NAME:glance-swift
+ iniset $GLANCE_API_CONF glance_store swift_store_key $SERVICE_PASSWORD
+ iniset $GLANCE_API_CONF glance_store swift_store_create_container_on_put True
+ iniset $GLANCE_API_CONF glance_store stores "file, http, swift"
+ fi
+
+ if is_service_enabled tls-proxy; then
+ iniset $GLANCE_API_CONF DEFAULT bind_port $GLANCE_SERVICE_PORT_INT
+ iniset $GLANCE_REGISTRY_CONF DEFAULT bind_port $GLANCE_REGISTRY_PORT_INT
+ fi
+
+ # Register SSL certificates if provided
+ if is_ssl_enabled_service glance; then
+ ensure_certificates GLANCE
+
+ iniset $GLANCE_API_CONF DEFAULT cert_file "$GLANCE_SSL_CERT"
+ iniset $GLANCE_API_CONF DEFAULT key_file "$GLANCE_SSL_KEY"
+
+ iniset $GLANCE_REGISTRY_CONF DEFAULT cert_file "$GLANCE_SSL_CERT"
+ iniset $GLANCE_REGISTRY_CONF DEFAULT key_file "$GLANCE_SSL_KEY"
+ fi
+
+ if is_ssl_enabled_service glance || is_service_enabled tls-proxy; then
+ iniset $GLANCE_API_CONF DEFAULT registry_client_protocol https
fi
cp -p $GLANCE_DIR/etc/glance-registry-paste.ini $GLANCE_REGISTRY_PASTE_INI
@@ -140,7 +186,6 @@
iniset $GLANCE_CACHE_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
inicomment $GLANCE_CACHE_CONF DEFAULT log_file
iniset $GLANCE_CACHE_CONF DEFAULT use_syslog $SYSLOG
- iniset $GLANCE_CACHE_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
iniset $GLANCE_CACHE_CONF DEFAULT image_cache_dir $GLANCE_CACHE_DIR/
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_url
iniset $GLANCE_CACHE_CONF DEFAULT auth_url $KEYSTONE_AUTH_URI/v2.0
@@ -151,8 +196,24 @@
iniuncomment $GLANCE_CACHE_CONF DEFAULT auth_password
iniset $GLANCE_CACHE_CONF DEFAULT admin_password $SERVICE_PASSWORD
+ # Store specific confs
+ # NOTE(flaper87): Until Glance is fully migrated, set these configs in both
+ # sections.
+ iniset $GLANCE_CACHE_CONF DEFAULT filesystem_store_datadir $GLANCE_IMAGE_DIR/
+ iniset $GLANCE_CACHE_CONF glance_store filesystem_store_datadir $GLANCE_IMAGE_DIR/
+
cp -p $GLANCE_DIR/etc/policy.json $GLANCE_POLICY_JSON
cp -p $GLANCE_DIR/etc/schema-image.json $GLANCE_SCHEMA_JSON
+
+ cp -p $GLANCE_DIR/etc/metadefs/*.json $GLANCE_METADEF_DIR
+
+ if is_ssl_enabled_service "cinder" || is_service_enabled tls-proxy; then
+ CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST}
+ CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
+
+ iniset $GLANCE_API_CONF DEFAULT cinder_endpoint_template "https://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/%(project_id)s"
+ iniset $GLANCE_CACHE_CONF DEFAULT cinder_endpoint_template "https://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/%(project_id)s"
+ fi
}
# create_glance_accounts() - Set up common required glance accounts
@@ -165,27 +226,27 @@
function create_glance_accounts {
if is_service_enabled g-api; then
- GLANCE_USER=$(get_or_create_user "glance" \
+ local glance_user=$(get_or_create_user "glance" \
"$SERVICE_PASSWORD" $SERVICE_TENANT_NAME)
- get_or_add_user_role service $GLANCE_USER $SERVICE_TENANT_NAME
+ get_or_add_user_role service $glance_user $SERVICE_TENANT_NAME
# required for swift access
if is_service_enabled s-proxy; then
- GLANCE_SWIFT_USER=$(get_or_create_user "glance-swift" \
+ local glance_swift_user=$(get_or_create_user "glance-swift" \
"$SERVICE_PASSWORD" $SERVICE_TENANT_NAME "glance-swift@example.com")
- get_or_add_user_role "ResellerAdmin" $GLANCE_SWIFT_USER $SERVICE_TENANT_NAME
+ get_or_add_user_role "ResellerAdmin" $glance_swift_user $SERVICE_TENANT_NAME
fi
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- GLANCE_SERVICE=$(get_or_create_service "glance" \
+ local glance_service=$(get_or_create_service "glance" \
"image" "Glance Image Service")
- get_or_create_endpoint $GLANCE_SERVICE \
+ get_or_create_endpoint $glance_service \
"$REGION_NAME" \
- "http://$GLANCE_HOSTPORT" \
- "http://$GLANCE_HOSTPORT" \
- "http://$GLANCE_HOSTPORT"
+ "$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
+ "$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT" \
+ "$GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT"
fi
fi
}
@@ -217,6 +278,9 @@
# Migrate glance database
$GLANCE_BIN_DIR/glance-manage db_sync
+ # Load metadata definitions
+ $GLANCE_BIN_DIR/glance-manage db_load_metadefs
+
create_glance_cache_dir
}
@@ -228,16 +292,28 @@
# install_glance() - Collect source and prepare
function install_glance {
+ # Install glance_store from git so we make sure we're testing
+ # the latest code.
+ git_clone $GLANCE_STORE_REPO $GLANCE_STORE_DIR $GLANCE_STORE_BRANCH
+ setup_develop $GLANCE_STORE_DIR
+
git_clone $GLANCE_REPO $GLANCE_DIR $GLANCE_BRANCH
setup_develop $GLANCE_DIR
}
# start_glance() - Start running processes, including screen
function start_glance {
- screen_it g-reg "cd $GLANCE_DIR; $GLANCE_BIN_DIR/glance-registry --config-file=$GLANCE_CONF_DIR/glance-registry.conf"
- screen_it g-api "cd $GLANCE_DIR; $GLANCE_BIN_DIR/glance-api --config-file=$GLANCE_CONF_DIR/glance-api.conf"
+ local service_protocol=$GLANCE_SERVICE_PROTOCOL
+ if is_service_enabled tls-proxy; then
+ start_tls_proxy '*' $GLANCE_SERVICE_PORT $GLANCE_SERVICE_HOST $GLANCE_SERVICE_PORT_INT &
+ start_tls_proxy '*' $GLANCE_REGISTRY_PORT $GLANCE_SERVICE_HOST $GLANCE_REGISTRY_PORT_INT &
+ fi
+
+ run_process g-reg "$GLANCE_BIN_DIR/glance-registry --config-file=$GLANCE_CONF_DIR/glance-registry.conf"
+ run_process g-api "$GLANCE_BIN_DIR/glance-api --config-file=$GLANCE_CONF_DIR/glance-api.conf"
+
echo "Waiting for g-api ($GLANCE_HOSTPORT) to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$GLANCE_HOSTPORT; do sleep 1; done"; then
+ if ! wait_for_service $SERVICE_TIMEOUT $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT; then
die $LINENO "g-api did not start"
fi
}
@@ -245,8 +321,8 @@
# stop_glance() - Stop running processes
function stop_glance {
# Kill the Glance screen windows
- screen_stop g-api
- screen_stop g-reg
+ stop_process g-api
+ stop_process g-reg
}
diff --git a/lib/heat b/lib/heat
index 510b683..53eca25 100644
--- a/lib/heat
+++ b/lib/heat
@@ -31,6 +31,8 @@
# set up default directories
HEAT_DIR=$DEST/heat
HEATCLIENT_DIR=$DEST/python-heatclient
+HEAT_CFNTOOLS_DIR=$DEST/heat-cfntools
+HEAT_TEMPLATES_REPO_DIR=$DEST/heat-templates
HEAT_AUTH_CACHE_DIR=${HEAT_AUTH_CACHE_DIR:-/var/cache/heat}
HEAT_STANDALONE=`trueorfalse False $HEAT_STANDALONE`
HEAT_CONF_DIR=/etc/heat
@@ -38,6 +40,8 @@
HEAT_ENV_DIR=$HEAT_CONF_DIR/environment.d
HEAT_TEMPLATES_DIR=$HEAT_CONF_DIR/templates
HEAT_STACK_DOMAIN=`trueorfalse True $HEAT_STACK_DOMAIN`
+HEAT_API_HOST=${HEAT_API_HOST:-$HOST_IP}
+HEAT_API_PORT=${HEAT_API_PORT:-8004}
# other default options
HEAT_DEFERRED_AUTH=${HEAT_DEFERRED_AUTH:-trusts}
@@ -67,6 +71,9 @@
# configure_heat() - Set config files, create data dirs, etc
function configure_heat {
setup_develop $HEAT_DIR
+ if [[ "$HEAT_STANDALONE" = "True" ]]; then
+ setup_develop $HEAT_DIR/contrib/heat_keystoneclient_v2
+ fi
if [[ ! -d $HEAT_CONF_DIR ]]; then
sudo mkdir -p $HEAT_CONF_DIR
@@ -81,8 +88,6 @@
HEAT_ENGINE_PORT=${HEAT_ENGINE_PORT:-8001}
HEAT_API_CW_HOST=${HEAT_API_CW_HOST:-$HOST_IP}
HEAT_API_CW_PORT=${HEAT_API_CW_PORT:-8003}
- HEAT_API_HOST=${HEAT_API_HOST:-$HOST_IP}
- HEAT_API_PORT=${HEAT_API_PORT:-8004}
HEAT_API_PASTE_FILE=$HEAT_CONF_DIR/api-paste.ini
HEAT_POLICY_FILE=$HEAT_CONF_DIR/policy.json
@@ -96,7 +101,7 @@
iniset $HEAT_CONF DEFAULT heat_waitcondition_server_url http://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1/waitcondition
iniset $HEAT_CONF DEFAULT heat_watch_server_url http://$HEAT_API_CW_HOST:$HEAT_API_CW_PORT
iniset $HEAT_CONF database connection `database_connection_url heat`
- iniset $HEAT_CONF DEFAULT auth_encryption_key `hexdump -n 16 -v -e '/1 "%02x"' /dev/urandom`
+ iniset $HEAT_CONF DEFAULT auth_encryption_key $(generate_hex_string 16)
iniset $HEAT_CONF DEFAULT region_name_for_services "$REGION_NAME"
@@ -108,24 +113,21 @@
setup_colorized_logging $HEAT_CONF DEFAULT tenant user
fi
- # keystone authtoken
- iniset $HEAT_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- configure_API_version $HEAT_CONF $IDENTITY_API_VERSION
- iniset $HEAT_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
- iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $HEAT_CONF keystone_authtoken admin_user heat
- iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR
+ configure_auth_token_middleware $HEAT_CONF heat $HEAT_AUTH_CACHE_DIR
if is_ssl_enabled_service "key"; then
- iniset $HEAT_CONF clients_keystone ca_file $KEYSTONE_SSL_CA
+ iniset $HEAT_CONF clients_keystone ca_file $SSL_BUNDLE_FILE
fi
# ec2authtoken
iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_URI/v2.0
# paste_deploy
- [[ "$HEAT_STANDALONE" = "True" ]] && iniset $HEAT_CONF paste_deploy flavor standalone
+ if [[ "$HEAT_STANDALONE" = "True" ]]; then
+ iniset $HEAT_CONF paste_deploy flavor standalone
+ iniset $HEAT_CONF DEFAULT keystone_backend heat_keystoneclient_v2.client.KeystoneClientV2
+ iniset $HEAT_CONF clients_heat url "http://$HEAT_API_HOST:$HEAT_API_PORT/v1/%(tenant_id)s"
+ fi
# OpenStack API
iniset $HEAT_CONF heat_api bind_port $HEAT_API_PORT
@@ -136,6 +138,18 @@
# Cloudwatch API
iniset $HEAT_CONF heat_api_cloudwatch bind_port $HEAT_API_CW_PORT
+ if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
+ iniset $HEAT_CONF clients_keystone ca_file $SSL_BUNDLE_FILE
+ fi
+
+ if is_ssl_enabled_service "nova" || is_service_enabled tls-proxy; then
+ iniset $HEAT_CONF clients_nova ca_file $SSL_BUNDLE_FILE
+ fi
+
+ if is_ssl_enabled_service "cinder" || is_service_enabled tls-proxy; then
+ iniset $HEAT_CONF clients_cinder ca_file $SSL_BUNDLE_FILE
+ fi
+
# heat environment
sudo mkdir -p $HEAT_ENV_DIR
sudo chown $STACK_USER $HEAT_ENV_DIR
@@ -179,60 +193,52 @@
git_clone $HEAT_REPO $HEAT_DIR $HEAT_BRANCH
}
+# install_heat_other() - Collect source and prepare
+function install_heat_other {
+ git_clone $HEAT_CFNTOOLS_REPO $HEAT_CFNTOOLS_DIR $HEAT_CFNTOOLS_BRANCH
+ git_clone $HEAT_TEMPLATES_REPO $HEAT_TEMPLATES_REPO_DIR $HEAT_TEMPLATES_BRANCH
+}
+
# start_heat() - Start running processes, including screen
function start_heat {
- screen_it h-eng "cd $HEAT_DIR; bin/heat-engine --config-file=$HEAT_CONF"
- screen_it h-api "cd $HEAT_DIR; bin/heat-api --config-file=$HEAT_CONF"
- screen_it h-api-cfn "cd $HEAT_DIR; bin/heat-api-cfn --config-file=$HEAT_CONF"
- screen_it h-api-cw "cd $HEAT_DIR; bin/heat-api-cloudwatch --config-file=$HEAT_CONF"
+ run_process h-eng "$HEAT_DIR/bin/heat-engine --config-file=$HEAT_CONF"
+ run_process h-api "$HEAT_DIR/bin/heat-api --config-file=$HEAT_CONF"
+ run_process h-api-cfn "$HEAT_DIR/bin/heat-api-cfn --config-file=$HEAT_CONF"
+ run_process h-api-cw "$HEAT_DIR/bin/heat-api-cloudwatch --config-file=$HEAT_CONF"
}
# stop_heat() - Stop running processes
function stop_heat {
# Kill the screen windows
+ local serv
for serv in h-eng h-api h-api-cfn h-api-cw; do
- screen_stop $serv
+ stop_process $serv
done
}
-function disk_image_create {
- local elements_path=$1
- local elements=$2
- local arch=$3
- local output=$TOP_DIR/files/$4
- if [[ -f "$output.qcow2" ]]; then
- echo "Image file already exists: $output_file"
- else
- ELEMENTS_PATH=$elements_path disk-image-create \
- $elements -a $arch -o $output
- fi
- # upload with fake URL so that image in $TOP_DIR/files is used
- upload_image "http://localhost/$output.qcow2" $TOKEN
-}
-
# create_heat_accounts() - Set up common required heat accounts
function create_heat_accounts {
# migrated from files/keystone_data.sh
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
- HEAT_USER=$(get_or_create_user "heat" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $HEAT_USER $SERVICE_TENANT
+ local heat_user=$(get_or_create_user "heat" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $heat_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- HEAT_SERVICE=$(get_or_create_service "heat" \
+ local heat_service=$(get_or_create_service "heat" \
"orchestration" "Heat Orchestration Service")
- get_or_create_endpoint $HEAT_SERVICE \
+ get_or_create_endpoint $heat_service \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s" \
"$SERVICE_PROTOCOL://$HEAT_API_HOST:$HEAT_API_PORT/v1/\$(tenant_id)s"
- HEAT_CFN_SERVICE=$(get_or_create_service "heat-cfn" \
+ local heat_cfn_service=$(get_or_create_service "heat-cfn" \
"cloudformation" "Heat CloudFormation Service")
- get_or_create_endpoint $HEAT_CFN_SERVICE \
+ get_or_create_endpoint $heat_cfn_service \
"$REGION_NAME" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
"$SERVICE_PROTOCOL://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1" \
@@ -247,36 +253,36 @@
# heat_stack_owner role is given to users who create Heat stacks,
# it's the default role used by heat to delegate to the heat service
# user (for performing deferred operations via trusts), see heat.conf
- HEAT_OWNER_ROLE=$(get_or_create_role "heat_stack_owner")
+ local heat_owner_role=$(get_or_create_role "heat_stack_owner")
# Give the role to the demo and admin users so they can create stacks
# in either of the projects created by devstack
- get_or_add_user_role $HEAT_OWNER_ROLE demo demo
- get_or_add_user_role $HEAT_OWNER_ROLE admin demo
- get_or_add_user_role $HEAT_OWNER_ROLE admin admin
+ get_or_add_user_role $heat_owner_role demo demo
+ get_or_add_user_role $heat_owner_role admin demo
+ get_or_add_user_role $heat_owner_role admin admin
iniset $HEAT_CONF DEFAULT deferred_auth_method trusts
fi
if [[ "$HEAT_STACK_DOMAIN" == "True" ]]; then
# Note we have to pass token/endpoint here because the current endpoint and
# version negotiation in OSC means just --os-identity-api-version=3 won't work
- KS_ENDPOINT_V3="$KEYSTONE_SERVICE_URI/v3"
+ local ks_endpoint_v3="$KEYSTONE_SERVICE_URI/v3"
- D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KS_ENDPOINT_V3 \
+ D_ID=$(openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \
--os-identity-api-version=3 domain list | grep ' heat ' | get_field 1)
if [[ -z "$D_ID" ]]; then
- D_ID=$(openstack --os-token $OS_TOKEN --os-url=$KS_ENDPOINT_V3 \
+ D_ID=$(openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \
--os-identity-api-version=3 domain create heat \
--description "Owns users and projects created by heat" \
| grep ' id ' | get_field 2)
- iniset $HEAT_CONF DEFAULT stack_user_domain ${D_ID}
+ iniset $HEAT_CONF DEFAULT stack_user_domain_id ${D_ID}
- openstack --os-token $OS_TOKEN --os-url=$KS_ENDPOINT_V3 \
+ openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \
--os-identity-api-version=3 user create --password $SERVICE_PASSWORD \
--domain $D_ID heat_domain_admin \
--description "Manages users and projects created by heat"
- openstack --os-token $OS_TOKEN --os-url=$KS_ENDPOINT_V3 \
+ openstack --os-token $OS_TOKEN --os-url=$ks_endpoint_v3 \
--os-identity-api-version=3 role add \
--user heat_domain_admin --domain ${D_ID} admin
iniset $HEAT_CONF DEFAULT stack_domain_admin heat_domain_admin
@@ -285,6 +291,23 @@
fi
}
+# build_heat_functional_test_image() - Build and upload functional test image
+function build_heat_functional_test_image {
+ build_dib_pip_repo "$OCC_DIR $OAC_DIR $ORC_DIR $HEAT_CFNTOOLS_DIR"
+ local image_name=heat-functional-tests-image
+
+ # The elements to invoke disk-image-create with
+ local image_elements="vm fedora selinux-permissive pypi \
+ os-collect-config os-refresh-config os-apply-config heat-cfntools \
+ heat-config heat-config-cfn-init heat-config-puppet heat-config-script"
+
+ # Elements path for tripleo-image-elements and heat-templates software-config
+ local elements_path=$TIE_DIR/elements:$HEAT_TEMPLATES_REPO_DIR/hot/software-config/elements
+
+ disk_image_create_upload "$image_name" "$image_elements" "$elements_path"
+ iniset $TEMPEST_CONFIG orchestration image_ref $image_name
+}
+
# Restore xtrace
$XTRACE
diff --git a/lib/horizon b/lib/horizon
index a65b243..0213948 100644
--- a/lib/horizon
+++ b/lib/horizon
@@ -50,7 +50,7 @@
sed -e "/^$option/d" -i $local_settings
echo -e "\n$option=$value" >> $file
elif grep -q "^$section" $file; then
- line=$(sed -ne "/^$section/,/^}/ { /^ *'$option':/ p; }" $file)
+ local line=$(sed -ne "/^$section/,/^}/ { /^ *'$option':/ p; }" $file)
if [ -n "$line" ]; then
sed -i -e "/^$section/,/^}/ s/^\( *'$option'\) *:.*$/\1: $value,/" $file
else
@@ -84,34 +84,27 @@
# configure_horizon() - Set config files, create data dirs, etc
function configure_horizon {
setup_develop $HORIZON_DIR
+
+ # Compile message catalogs.
+ # Horizon is installed as develop mode, so we can compile here.
+ # Message catalog compilation is handled by Django admin script,
+ # so compiling them after the installation avoids Django installation twice.
+ cd $HORIZON_DIR
+ ./run_tests.sh -N --compilemessages
+ cd -
}
# init_horizon() - Initialize databases, etc.
function init_horizon {
# ``local_settings.py`` is used to override horizon default settings.
- local_settings=$HORIZON_DIR/openstack_dashboard/local/local_settings.py
+ local local_settings=$HORIZON_DIR/openstack_dashboard/local/local_settings.py
cp $HORIZON_SETTINGS $local_settings
- if is_service_enabled neutron; then
- _horizon_config_set $local_settings OPENSTACK_NEUTRON_NETWORK enable_security_group $Q_USE_SECGROUP
- fi
- # enable loadbalancer dashboard in case service is enabled
- if is_service_enabled q-lbaas; then
- _horizon_config_set $local_settings OPENSTACK_NEUTRON_NETWORK enable_lb True
- fi
-
- # enable firewall dashboard in case service is enabled
- if is_service_enabled q-fwaas; then
- _horizon_config_set $local_settings OPENSTACK_NEUTRON_NETWORK enable_firewall True
- fi
-
- # enable VPN dashboard in case service is enabled
- if is_service_enabled q-vpn; then
- _horizon_config_set $local_settings OPENSTACK_NEUTRON_NETWORK enable_vpn True
- fi
-
_horizon_config_set $local_settings "" OPENSTACK_HOST \"${KEYSTONE_SERVICE_HOST}\"
_horizon_config_set $local_settings "" OPENSTACK_KEYSTONE_URL "\"${KEYSTONE_SERVICE_PROTOCOL}://${KEYSTONE_SERVICE_HOST}:${KEYSTONE_SERVICE_PORT}/v2.0\""
+ if [[ -n "$KEYSTONE_TOKEN_HASH_ALGORITHM" ]]; then
+ _horizon_config_set $local_settings "" OPENSTACK_TOKEN_HASH_ALGORITHM \""$KEYSTONE_TOKEN_HASH_ALGORITHM"\"
+ fi
if [ -f $SSL_BUNDLE_FILE ]; then
_horizon_config_set $local_settings "" OPENSTACK_SSL_CACERT \"${SSL_BUNDLE_FILE}\"
@@ -120,12 +113,6 @@
# Create an empty directory that apache uses as docroot
sudo mkdir -p $HORIZON_DIR/.blackhole
- # Apache 2.4 uses mod_authz_host for access control now (instead of "Allow")
- HORIZON_REQUIRE=''
- if check_apache_version "2.4" ; then
- HORIZON_REQUIRE='Require all granted'
- fi
-
local horizon_conf=$(apache_site_config_for horizon)
# Configure apache to run horizon
@@ -135,7 +122,6 @@
s,%HORIZON_DIR%,$HORIZON_DIR,g;
s,%APACHE_NAME%,$APACHE_NAME,g;
s,%DEST%,$DEST,g;
- s,%HORIZON_REQUIRE%,$HORIZON_REQUIRE,g;
\" $FILES/apache-horizon.template >$horizon_conf"
if is_ubuntu; then
@@ -152,6 +138,7 @@
# Remove old log files that could mess with how devstack detects whether Horizon
# has been successfully started (see start_horizon() and functions::screen_it())
+ # and run_process
sudo rm -f /var/log/$APACHE_NAME/horizon_*
}
@@ -159,6 +146,13 @@
# install_django_openstack_auth() - Collect source and prepare
function install_django_openstack_auth {
git_clone $HORIZONAUTH_REPO $HORIZONAUTH_DIR $HORIZONAUTH_BRANCH
+
+ # Compile message catalogs before installation
+ _prepare_message_catalog_compilation
+ cd $HORIZONAUTH_DIR
+ python setup.py compile_catalog
+ cd -
+
setup_install $HORIZONAUTH_DIR
}
@@ -173,7 +167,7 @@
# start_horizon() - Start running processes, including screen
function start_horizon {
restart_apache_server
- screen_it horizon "cd $HORIZON_DIR && sudo tail -f /var/log/$APACHE_NAME/horizon_error.log"
+ tail_log horizon /var/log/$APACHE_NAME/horizon_error.log
}
# stop_horizon() - Stop running processes (non-screen)
@@ -181,6 +175,13 @@
stop_apache_server
}
+# NOTE: It can be moved to common functions, but it is only used by compilation
+# of django_openstack_auth catalogs at the moment.
+function _prepare_message_catalog_compilation {
+ local babel_package=$(grep ^Babel $REQUIREMENTS_DIR/global-requirements.txt)
+ pip_install "$babel_package"
+}
+
# Restore xtrace
$XTRACE
diff --git a/lib/infra b/lib/infra
index e18c66e..cd439e7 100644
--- a/lib/infra
+++ b/lib/infra
@@ -19,7 +19,7 @@
# Defaults
# --------
-PBR_DIR=$DEST/pbr
+GITDIR["pbr"]=$DEST/pbr
REQUIREMENTS_DIR=$DEST/requirements
# Entry Points
@@ -31,8 +31,12 @@
git_clone $REQUIREMENTS_REPO $REQUIREMENTS_DIR $REQUIREMENTS_BRANCH
# Install pbr
- git_clone $PBR_REPO $PBR_DIR $PBR_BRANCH
- setup_install $PBR_DIR
+ if use_library_from_git "pbr"; then
+ git_clone_by_name "pbr"
+ setup_lib "pbr"
+ else
+ pip_install "pbr"
+ fi
}
# Restore xtrace
diff --git a/lib/ironic b/lib/ironic
index b56abcb..cf005a7 100644
--- a/lib/ironic
+++ b/lib/ironic
@@ -29,6 +29,7 @@
# Set up default directories
IRONIC_DIR=$DEST/ironic
+IRONIC_PYTHON_AGENT_DIR=$DEST/ironic-python-agent
IRONIC_DATA_DIR=$DATA_DIR/ironic
IRONIC_STATE_PATH=/var/lib/ironic
IRONICCLIENT_DIR=$DEST/python-ironicclient
@@ -66,8 +67,6 @@
IRONIC_VM_LOG_CONSOLE=${IRONIC_VM_LOG_CONSOLE:-True}
IRONIC_VM_LOG_DIR=${IRONIC_VM_LOG_DIR:-$IRONIC_DATA_DIR/logs/}
-DIB_DIR=${DIB_DIR:-$DEST/diskimage-builder}
-
# Use DIB to create deploy ramdisk and kernel.
IRONIC_BUILD_DEPLOY_RAMDISK=`trueorfalse True $IRONIC_BUILD_DEPLOY_RAMDISK`
# If not use DIB, these files are used as deploy ramdisk/kernel.
@@ -76,6 +75,13 @@
IRONIC_DEPLOY_KERNEL=${IRONIC_DEPLOY_KERNEL:-}
IRONIC_DEPLOY_ELEMENT=${IRONIC_DEPLOY_ELEMENT:-deploy-ironic}
+IRONIC_AGENT_KERNEL_URL=${IRONIC_AGENT_KERNEL_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe.vmlinuz}
+IRONIC_AGENT_RAMDISK_URL=${IRONIC_AGENT_RAMDISK_URL:-http://tarballs.openstack.org/ironic-python-agent/coreos/files/coreos_production_pxe_image-oem.cpio.gz}
+
+# Which deploy driver to use - valid choices right now
+# are 'pxe_ssh' and 'agent_ssh'.
+IRONIC_DEPLOY_DRIVER=${IRONIC_DEPLOY_DRIVER:-pxe_ssh}
+
#TODO(agordeev): replace 'ubuntu' with host distro name getting
IRONIC_DEPLOY_FLAVOR=${IRONIC_DEPLOY_FLAVOR:-ubuntu $IRONIC_DEPLOY_ELEMENT}
@@ -89,6 +95,32 @@
# Tell Tempest this project is present
TEMPEST_SERVICES+=,ironic
+# Enable iPXE
+IRONIC_IPXE_ENABLED=$(trueorfalse False $IRONIC_IPXE_ENABLED)
+IRONIC_HTTP_DIR=${IRONIC_HTTP_DIR:-$IRONIC_DATA_DIR/httpboot}
+IRONIC_HTTP_SERVER=${IRONIC_HTTP_SERVER:-$HOST_IP}
+IRONIC_HTTP_PORT=${IRONIC_HTTP_PORT:-8088}
+
+# get_pxe_boot_file() - Get the PXE/iPXE boot file path
+function get_pxe_boot_file {
+ local relpath=syslinux/pxelinux.0
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ relpath=ipxe/undionly.kpxe
+ fi
+
+ local pxe_boot_file
+ if is_ubuntu; then
+ pxe_boot_file=/usr/lib/$relpath
+ elif is_fedora || is_suse; then
+ pxe_boot_file=/usr/share/$relpath
+ fi
+
+ echo $pxe_boot_file
+}
+
+# PXE boot image
+IRONIC_PXE_BOOT_IMAGE=${IRONIC_PXE_BOOT_IMAGE:-$(get_pxe_boot_file)}
+
# Functions
# ---------
@@ -102,8 +134,18 @@
# install_ironic() - Collect source and prepare
function install_ironic {
+ # make sure all needed service were enabled
+ for srv in nova glance key; do
+ if ! is_service_enabled "$srv"; then
+ die $LINENO "$srv should be enabled for Ironic."
+ fi
+ done
git_clone $IRONIC_REPO $IRONIC_DIR $IRONIC_BRANCH
setup_develop $IRONIC_DIR
+
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ install_apache_wsgi
+ fi
}
# install_ironicclient() - Collect sources and prepare
@@ -113,17 +155,60 @@
sudo install -D -m 0644 -o $STACK_USER {$IRONICCLIENT_DIR/tools/,/etc/bash_completion.d/}ironic.bash_completion
}
+# _cleanup_ironic_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
+function _cleanup_ironic_apache_wsgi {
+ sudo rm -rf $IRONIC_HTTP_DIR
+ disable_apache_site ironic
+ sudo rm -f $(apache_site_config_for ironic)
+ restart_apache_server
+}
+
+# _config_ironic_apache_wsgi() - Set WSGI config files of Ironic
+function _config_ironic_apache_wsgi {
+ local ironic_apache_conf=$(apache_site_config_for ironic)
+ sudo cp $FILES/apache-ironic.template $ironic_apache_conf
+ sudo sed -e "
+ s|%PUBLICPORT%|$IRONIC_HTTP_PORT|g;
+ s|%HTTPROOT%|$IRONIC_HTTP_DIR|g;
+ " -i $ironic_apache_conf
+ enable_apache_site ironic
+}
+
# cleanup_ironic() - Remove residual data files, anything left over from previous
# runs that would need to clean up.
function cleanup_ironic {
sudo rm -rf $IRONIC_AUTH_CACHE_DIR
}
-# configure_ironic() - Set config files, create data dirs, etc
-function configure_ironic {
+# configure_ironic_dirs() - Create all directories required by Ironic and
+# associated services.
+function configure_ironic_dirs {
if [[ ! -d $IRONIC_CONF_DIR ]]; then
sudo mkdir -p $IRONIC_CONF_DIR
fi
+
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ sudo mkdir -p $IRONIC_HTTP_DIR
+ sudo chown -R $STACK_USER:$LIBVIRT_GROUP $IRONIC_HTTP_DIR
+ fi
+
+ sudo mkdir -p $IRONIC_DATA_DIR
+ sudo mkdir -p $IRONIC_STATE_PATH
+ sudo mkdir -p $IRONIC_TFTPBOOT_DIR
+ sudo chown -R $STACK_USER $IRONIC_DATA_DIR $IRONIC_STATE_PATH
+ sudo chown -R $STACK_USER:$LIBVIRT_GROUP $IRONIC_TFTPBOOT_DIR
+ mkdir -p $IRONIC_TFTPBOOT_DIR/pxelinux.cfg
+
+ if [ ! -f $IRONIC_PXE_BOOT_IMAGE ]; then
+ die $LINENO "PXE boot file $IRONIC_PXE_BOOT_IMAGE not found."
+ fi
+
+ cp $IRONIC_PXE_BOOT_IMAGE $IRONIC_TFTPBOOT_DIR
+}
+
+# configure_ironic() - Set config files, create data dirs, etc
+function configure_ironic {
+ configure_ironic_dirs
sudo chown $STACK_USER $IRONIC_CONF_DIR
# Copy over ironic configuration file and configure common parameters.
@@ -148,8 +233,8 @@
setup_colorized_logging $IRONIC_CONF_FILE DEFAULT
fi
- if [[ "$IRONIC_BAREMETAL_BASIC_OPS" == "True" ]]; then
- configure_ironic_auxiliary
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]]; then
+ _config_ironic_apache_wsgi
fi
}
@@ -158,14 +243,8 @@
function configure_ironic_api {
iniset $IRONIC_CONF_FILE DEFAULT auth_strategy keystone
iniset $IRONIC_CONF_FILE DEFAULT policy_file $IRONIC_POLICY_JSON
- iniset $IRONIC_CONF_FILE keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $IRONIC_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
- iniset $IRONIC_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_URI
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_user ironic
- iniset $IRONIC_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
+ configure_auth_token_middleware $IRONIC_CONF_FILE ironic $IRONIC_AUTH_CACHE_DIR/api
iniset_rpc_backend ironic $IRONIC_CONF_FILE DEFAULT
- iniset $IRONIC_CONF_FILE keystone_authtoken signing_dir $IRONIC_AUTH_CACHE_DIR/api
cp -p $IRONIC_DIR/etc/ironic/policy.json $IRONIC_POLICY_JSON
}
@@ -175,15 +254,15 @@
function configure_ironic_conductor {
cp $IRONIC_DIR/etc/ironic/rootwrap.conf $IRONIC_ROOTWRAP_CONF
cp -r $IRONIC_DIR/etc/ironic/rootwrap.d $IRONIC_CONF_DIR
- IRONIC_ROOTWRAP=$(get_rootwrap_location ironic)
- ROOTWRAP_ISUDOER_CMD="$IRONIC_ROOTWRAP $IRONIC_CONF_DIR/rootwrap.conf *"
+ local ironic_rootwrap=$(get_rootwrap_location ironic)
+ local rootwrap_isudoer_cmd="$ironic_rootwrap $IRONIC_CONF_DIR/rootwrap.conf *"
# Set up the rootwrap sudoers for ironic
- TEMPFILE=`mktemp`
- echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_ISUDOER_CMD" >$TEMPFILE
- chmod 0440 $TEMPFILE
- sudo chown root:root $TEMPFILE
- sudo mv $TEMPFILE /etc/sudoers.d/ironic-rootwrap
+ local tempfile=`mktemp`
+ echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_isudoer_cmd" >$tempfile
+ chmod 0440 $tempfile
+ sudo chown root:root $tempfile
+ sudo mv $tempfile /etc/sudoers.d/ironic-rootwrap
iniset $IRONIC_CONF_FILE DEFAULT rootwrap_config $IRONIC_ROOTWRAP_CONF
iniset $IRONIC_CONF_FILE DEFAULT enabled_drivers $IRONIC_ENABLED_DRIVERS
@@ -194,6 +273,32 @@
if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then
iniset $IRONIC_CONF_FILE pxe pxe_append_params "nofb nomodeset vga=normal console=ttyS0"
fi
+ if [[ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]] ; then
+ if [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]] ; then
+ iniset $IRONIC_CONF_FILE glance swift_temp_url_key $SWIFT_TEMPURL_KEY
+ else
+ die $LINENO "SWIFT_ENABLE_TEMPURLS must be True to use agent_ssh driver in Ironic."
+ fi
+ iniset $IRONIC_CONF_FILE glance swift_endpoint_url http://${HOST_IP}:${SWIFT_DEFAULT_BIND_PORT:-8080}
+ iniset $IRONIC_CONF_FILE glance swift_api_version v1
+ local tenant_id=$(get_or_create_project $SERVICE_TENANT_NAME)
+ iniset $IRONIC_CONF_FILE glance swift_account AUTH_${tenant_id}
+ iniset $IRONIC_CONF_FILE glance swift_container glance
+ iniset $IRONIC_CONF_FILE glance swift_temp_url_duration 3600
+ iniset $IRONIC_CONF_FILE agent heartbeat_timeout 30
+ if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then
+ iniset $IRONIC_CONF_FILE agent agent_pxe_append_params "nofb nomodeset vga=normal console=ttyS0"
+ fi
+ fi
+
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ local pxebin=`basename $IRONIC_PXE_BOOT_IMAGE`
+ iniset $IRONIC_CONF_FILE pxe ipxe_enabled True
+ iniset $IRONIC_CONF_FILE pxe pxe_config_template '\$pybasedir/drivers/modules/ipxe_config.template'
+ iniset $IRONIC_CONF_FILE pxe pxe_bootfile_name $pxebin
+ iniset $IRONIC_CONF_FILE pxe http_root $IRONIC_HTTP_DIR
+ iniset $IRONIC_CONF_FILE pxe http_url "http://$IRONIC_HTTP_SERVER:$IRONIC_HTTP_PORT"
+ fi
}
# create_ironic_cache_dir() - Part of the init_ironic() process
@@ -214,22 +319,22 @@
# service ironic admin # if enabled
function create_ironic_accounts {
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
# Ironic
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then
# Get ironic user if exists
- IRONIC_USER=$(get_or_create_user "ironic" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $IRONIC_USER $SERVICE_TENANT
+ local ironic_user=$(get_or_create_user "ironic" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $ironic_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- IRONIC_SERVICE=$(get_or_create_service "ironic" \
+ local ironic_service=$(get_or_create_service "ironic" \
"baremetal" "Ironic baremetal provisioning service")
- get_or_create_endpoint $IRONIC_SERVICE \
+ get_or_create_endpoint $ironic_service \
"$REGION_NAME" \
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
@@ -250,6 +355,15 @@
create_ironic_cache_dir
}
+# _ironic_bm_vm_names() - Generates list of names for baremetal VMs.
+function _ironic_bm_vm_names {
+ local idx
+ local num_vms=$(($IRONIC_VM_COUNT - 1))
+ for idx in $(seq 0 $num_vms); do
+ echo "baremetal${IRONIC_VM_NETWORK_BRIDGE}_${idx}"
+ done
+}
+
# start_ironic() - Start running processes, including screen
function start_ironic {
# Start Ironic API server, if enabled.
@@ -261,12 +375,17 @@
if is_service_enabled ir-cond; then
start_ironic_conductor
fi
+
+ # Start Apache if iPXE is enabled
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ restart_apache_server
+ fi
}
# start_ironic_api() - Used by start_ironic().
# Starts Ironic API server.
function start_ironic_api {
- screen_it ir-api "cd $IRONIC_DIR; $IRONIC_BIN_DIR/ironic-api --config-file=$IRONIC_CONF_FILE"
+ run_process ir-api "$IRONIC_BIN_DIR/ironic-api --config-file=$IRONIC_CONF_FILE"
echo "Waiting for ir-api ($IRONIC_HOSTPORT) to start..."
if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$IRONIC_HOSTPORT; do sleep 1; done"; then
die $LINENO "ir-api did not start"
@@ -276,7 +395,7 @@
# start_ironic_conductor() - Used by start_ironic().
# Starts Ironic conductor.
function start_ironic_conductor {
- screen_it ir-cond "cd $IRONIC_DIR; $IRONIC_BIN_DIR/ironic-conductor --config-file=$IRONIC_CONF_FILE"
+ run_process ir-cond "$IRONIC_BIN_DIR/ironic-conductor --config-file=$IRONIC_CONF_FILE"
# TODO(romcheg): Find a way to check whether the conductor has started.
}
@@ -285,6 +404,11 @@
# Kill the Ironic screen windows
screen -S $SCREEN_NAME -p ir-api -X kill
screen -S $SCREEN_NAME -p ir-cond -X kill
+
+ # Cleanup the WSGI files
+ if [[ "$IRONIC_IPXE_ENABLED" == "True" ]] ; then
+ _cleanup_ironic_apache_wsgi
+ fi
}
function is_ironic {
@@ -294,58 +418,75 @@
return 1
}
-function configure_ironic_dirs {
- sudo mkdir -p $IRONIC_DATA_DIR
- sudo mkdir -p $IRONIC_STATE_PATH
- sudo mkdir -p $IRONIC_TFTPBOOT_DIR
- sudo chown -R $STACK_USER $IRONIC_DATA_DIR $IRONIC_STATE_PATH
- sudo chown -R $STACK_USER:$LIBVIRT_GROUP $IRONIC_TFTPBOOT_DIR
- if is_ubuntu; then
- PXEBIN=/usr/lib/syslinux/pxelinux.0
- elif is_fedora; then
- PXEBIN=/usr/share/syslinux/pxelinux.0
- fi
- if [ ! -f $PXEBIN ]; then
- die $LINENO "pxelinux.0 (from SYSLINUX) not found."
- fi
+function create_ovs_taps {
+ local ironic_net_id=$(neutron net-list | grep private | get_field 1)
- cp $PXEBIN $IRONIC_TFTPBOOT_DIR
- mkdir -p $IRONIC_TFTPBOOT_DIR/pxelinux.cfg
+ # Work around: No netns exists on host until a Neutron port is created. We
+ # need to create one in Neutron to know what netns to tap into prior to the
+ # first node booting.
+ local port_id=$(neutron port-create private | grep " id " | get_field 2)
+
+ # intentional sleep to make sure the tag has been set to port
+ sleep 10
+
+ local tapdev=$(sudo ip netns exec qdhcp-${ironic_net_id} ip link list | grep tap | cut -d':' -f2 | cut -b2-)
+ local tag_id=$(sudo ovs-vsctl show |grep ${tapdev} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-)
+
+ # make sure veth pair is not existing, otherwise delete its links
+ sudo ip link show ovs-tap1 && sudo ip link delete ovs-tap1
+ sudo ip link show brbm-tap1 && sudo ip link delete brbm-tap1
+ # create veth pair for future interconnection between br-int and brbm
+ sudo ip link add brbm-tap1 type veth peer name ovs-tap1
+ sudo ip link set dev brbm-tap1 up
+ sudo ip link set dev ovs-tap1 up
+
+ sudo ovs-vsctl -- --if-exists del-port ovs-tap1 -- add-port br-int ovs-tap1 tag=$tag_id
+ sudo ovs-vsctl -- --if-exists del-port brbm-tap1 -- add-port $IRONIC_VM_NETWORK_BRIDGE brbm-tap1
+
+ # Remove the port needed only for workaround.
+ neutron port-delete $port_id
+
+ # Finally, share the fixed tenant network across all tenants. This allows the host
+ # to serve TFTP to a single network namespace via the tap device created above.
+ neutron net-update $ironic_net_id --shared true
}
function create_bridge_and_vms {
# Call libvirt setup scripts in a new shell to ensure any new group membership
sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/setup-network"
if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then
- LOG_ARG="$IRONIC_VM_LOG_DIR"
+ local log_arg="$IRONIC_VM_LOG_DIR"
else
- LOG_ARG=""
+ local log_arg=""
fi
- sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/create-nodes \
- $IRONIC_VM_SPECS_CPU $IRONIC_VM_SPECS_RAM $IRONIC_VM_SPECS_DISK \
- amd64 $IRONIC_VM_COUNT $IRONIC_VM_NETWORK_BRIDGE $IRONIC_VM_EMULATOR \
- $LOG_ARG" >> $IRONIC_VM_MACS_CSV_FILE
+ local vm_name
+ for vm_name in $(_ironic_bm_vm_names); do
+ sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/create-node $vm_name \
+ $IRONIC_VM_SPECS_CPU $IRONIC_VM_SPECS_RAM $IRONIC_VM_SPECS_DISK \
+ amd64 $IRONIC_VM_NETWORK_BRIDGE $IRONIC_VM_EMULATOR \
+ $log_arg" >> $IRONIC_VM_MACS_CSV_FILE
+ done
+ create_ovs_taps
}
function enroll_vms {
-
- CHASSIS_ID=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2)
- IRONIC_NET_ID=$(neutron net-list | grep private | get_field 1)
+ local chassis_id=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2)
local idx=0
- # work around; need to know what netns neutron uses for private network.
- # Without knowing how to interconnect the networks, PXE won't work properly
- # for fake baremetal instances. The network should be configured prior all
- # the instances operation. If we don't do this, the first port creation
- # only happens in the middle of fake baremetal instance's spawning by nova,
- # so we'll end up with unbootable fake baremetal VM due to broken PXE.
- PORT_ID=$(neutron port-create private | grep " id " | get_field 2)
+ if [[ "$IRONIC_DEPLOY_DRIVER" == "pxe_ssh" ]] ; then
+ local _IRONIC_DEPLOY_KERNEL_KEY=pxe_deploy_kernel
+ local _IRONIC_DEPLOY_RAMDISK_KEY=pxe_deploy_ramdisk
+ elif [[ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]] ; then
+ local _IRONIC_DEPLOY_KERNEL_KEY=deploy_kernel
+ local _IRONIC_DEPLOY_RAMDISK_KEY=deploy_ramdisk
+ fi
while read MAC; do
- NODE_ID=$(ironic node-create --chassis_uuid $CHASSIS_ID --driver pxe_ssh \
- -i pxe_deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID \
- -i pxe_deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID \
+ local node_id=$(ironic node-create --chassis_uuid $chassis_id \
+ --driver $IRONIC_DEPLOY_DRIVER \
+ -i $_IRONIC_DEPLOY_KERNEL_KEY=$IRONIC_DEPLOY_KERNEL_ID \
+ -i $_IRONIC_DEPLOY_RAMDISK_KEY=$IRONIC_DEPLOY_RAMDISK_ID \
-i ssh_virt_type=$IRONIC_SSH_VIRT_TYPE \
-i ssh_address=$IRONIC_VM_SSH_ADDRESS \
-i ssh_port=$IRONIC_VM_SSH_PORT \
@@ -357,40 +498,23 @@
-p cpu_arch=x86_64 \
| grep " uuid " | get_field 2)
- ironic port-create --address $MAC --node_uuid $NODE_ID
+ ironic port-create --address $MAC --node_uuid $node_id
idx=$((idx+1))
-
done < $IRONIC_VM_MACS_CSV_FILE
# create the nova flavor
- adjusted_disk=$(($IRONIC_VM_SPECS_DISK - $IRONIC_VM_EPHEMERAL_DISK))
- nova flavor-create --ephemeral $IRONIC_VM_EPHEMERAL_DISK baremetal auto $IRONIC_VM_SPECS_RAM $adjusted_disk $IRONIC_VM_SPECS_CPU
+ # NOTE(adam_g): Attempting to use an autogenerated UUID for flavor id here uncovered
+ # bug (LP: #1333852) in Trove. This can be changed to use an auto flavor id when the
+ # bug is fixed in Juno.
+ local adjusted_disk=$(($IRONIC_VM_SPECS_DISK - $IRONIC_VM_EPHEMERAL_DISK))
+ nova flavor-create --ephemeral $IRONIC_VM_EPHEMERAL_DISK baremetal 551 $IRONIC_VM_SPECS_RAM $adjusted_disk $IRONIC_VM_SPECS_CPU
+
# TODO(lucasagomes): Remove the 'baremetal:deploy_kernel_id'
# and 'baremetal:deploy_ramdisk_id' parameters
# from the flavor after the completion of
# https://blueprints.launchpad.net/ironic/+spec/add-node-instance-info
nova flavor-key baremetal set "cpu_arch"="x86_64" "baremetal:deploy_kernel_id"="$IRONIC_DEPLOY_KERNEL_ID" "baremetal:deploy_ramdisk_id"="$IRONIC_DEPLOY_RAMDISK_ID"
-
- # intentional sleep to make sure the tag has been set to port
- sleep 10
- TAPDEV=$(sudo ip netns exec qdhcp-${IRONIC_NET_ID} ip link list | grep tap | cut -d':' -f2 | cut -b2-)
- TAG_ID=$(sudo ovs-vsctl show |grep ${TAPDEV} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-)
-
- # make sure veth pair is not existing, otherwise delete its links
- sudo ip link show ovs-tap1 && sudo ip link delete ovs-tap1
- sudo ip link show brbm-tap1 && sudo ip link delete brbm-tap1
- # create veth pair for future interconnection between br-int and brbm
- sudo ip link add brbm-tap1 type veth peer name ovs-tap1
- sudo ip link set dev brbm-tap1 up
- sudo ip link set dev ovs-tap1 up
-
- sudo ovs-vsctl -- --if-exists del-port ovs-tap1 -- add-port br-int ovs-tap1 tag=$TAG_ID
- sudo ovs-vsctl -- --if-exists del-port brbm-tap1 -- add-port $IRONIC_VM_NETWORK_BRIDGE brbm-tap1
-
- # Remove the port needed only for workaround. For additional info read the
- # comment at the beginning of this function
- neutron port-delete $PORT_ID
}
function configure_iptables {
@@ -399,19 +523,14 @@
sudo modprobe nf_nat_tftp
# nodes boot from TFTP and callback to the API server listening on $HOST_IP
sudo iptables -I INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true
- sudo iptables -I INPUT -d $HOST_IP -p tcp --dport 6385 -j ACCEPT || true
+ sudo iptables -I INPUT -d $HOST_IP -p tcp --dport $IRONIC_HOSTPORT -j ACCEPT || true
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ # agent ramdisk gets instance image from swift
+ sudo iptables -I INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true
+ fi
}
function configure_tftpd {
- if is_ubuntu; then
- PXEBIN=/usr/lib/syslinux/pxelinux.0
- elif is_fedora; then
- PXEBIN=/usr/share/syslinux/pxelinux.0
- fi
- if [ ! -f $PXEBIN ]; then
- die $LINENO "pxelinux.0 (from SYSLINUX) not found."
- fi
-
# stop tftpd and setup serving via xinetd
stop_service tftpd-hpa || true
[ -f /etc/init/tftpd-hpa.conf ] && echo "manual" | sudo tee /etc/init/tftpd-hpa.override
@@ -441,33 +560,51 @@
}
function ironic_ssh_check {
- local KEY_FILE=$1
- local FLOATING_IP=$2
- local PORT=$3
- local DEFAULT_INSTANCE_USER=$4
- local ACTIVE_TIMEOUT=$5
- if ! timeout $ACTIVE_TIMEOUT sh -c "while ! ssh -p $PORT -o StrictHostKeyChecking=no -i $KEY_FILE ${DEFAULT_INSTANCE_USER}@$FLOATING_IP echo success; do sleep 1; done"; then
+ local key_file=$1
+ local floating_ip=$2
+ local port=$3
+ local default_instance_user=$4
+ local active_timeout=$5
+ if ! timeout $active_timeout sh -c "while ! ssh -p $port -o StrictHostKeyChecking=no -i $key_file ${default_instance_user}@$floating_ip echo success; do sleep 1; done"; then
die $LINENO "server didn't become ssh-able!"
fi
}
function configure_ironic_auxiliary {
- configure_ironic_dirs
configure_ironic_ssh_keypair
ironic_ssh_check $IRONIC_SSH_KEY_DIR/$IRONIC_SSH_KEY_FILENAME $IRONIC_VM_SSH_ADDRESS $IRONIC_VM_SSH_PORT $IRONIC_SSH_USERNAME 10
}
+function build_ipa_coreos_ramdisk {
+ echo "Building ironic-python-agent deploy ramdisk"
+ local kernel_path=$1
+ local ramdisk_path=$2
+ git_clone $IRONIC_PYTHON_AGENT_REPO $IRONIC_PYTHON_AGENT_DIR $IRONIC_PYTHON_AGENT_BRANCH
+ cd $IRONIC_PYTHON_AGENT_DIR
+ imagebuild/coreos/build_coreos_image.sh
+ cp imagebuild/coreos/UPLOAD/coreos_production_pxe_image-oem.cpio.gz $ramdisk_path
+ cp imagebuild/coreos/UPLOAD/coreos_production_pxe.vmlinuz $kernel_path
+ sudo rm -rf UPLOAD
+ cd -
+}
+
# build deploy kernel+ramdisk, then upload them to glance
-# this function sets IRONIC_DEPLOY_KERNEL_ID and IRONIC_DEPLOY_RAMDISK_ID
+# this function sets ``IRONIC_DEPLOY_KERNEL_ID``, ``IRONIC_DEPLOY_RAMDISK_ID``
function upload_baremetal_ironic_deploy {
- token=$1
+ declare -g IRONIC_DEPLOY_KERNEL_ID IRONIC_DEPLOY_RAMDISK_ID
+ echo_summary "Creating and uploading baremetal images for ironic"
+
+ # install diskimage-builder
+ if [[ $(type -P ramdisk-image-create) == "" ]]; then
+ pip_install diskimage_builder
+ fi
if [ -z "$IRONIC_DEPLOY_KERNEL" -o -z "$IRONIC_DEPLOY_RAMDISK" ]; then
- IRONIC_DEPLOY_KERNEL_PATH=$TOP_DIR/files/ir-deploy.kernel
- IRONIC_DEPLOY_RAMDISK_PATH=$TOP_DIR/files/ir-deploy.initramfs
+ local IRONIC_DEPLOY_KERNEL_PATH=$TOP_DIR/files/ir-deploy.kernel
+ local IRONIC_DEPLOY_RAMDISK_PATH=$TOP_DIR/files/ir-deploy.initramfs
else
- IRONIC_DEPLOY_KERNEL_PATH=$IRONIC_DEPLOY_KERNEL
- IRONIC_DEPLOY_RAMDISK_PATH=$IRONIC_DEPLOY_RAMDISK
+ local IRONIC_DEPLOY_KERNEL_PATH=$IRONIC_DEPLOY_KERNEL
+ local IRONIC_DEPLOY_RAMDISK_PATH=$IRONIC_DEPLOY_RAMDISK
fi
if [ ! -e "$IRONIC_DEPLOY_RAMDISK_PATH" -o ! -e "$IRONIC_DEPLOY_KERNEL_PATH" ]; then
@@ -475,78 +612,80 @@
if [ "$IRONIC_BUILD_DEPLOY_RAMDISK" = "True" ]; then
# we can build them only if we're not offline
if [ "$OFFLINE" != "True" ]; then
- $DIB_DIR/bin/ramdisk-image-create $IRONIC_DEPLOY_FLAVOR \
- -o $TOP_DIR/files/ir-deploy
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ build_ipa_coreos_ramdisk $IRONIC_DEPLOY_KERNEL_PATH $IRONIC_DEPLOY_RAMDISK_PATH
+ else
+ ramdisk-image-create $IRONIC_DEPLOY_FLAVOR \
+ -o $TOP_DIR/files/ir-deploy
+ fi
else
die $LINENO "Deploy kernel+ramdisk files don't exist and cannot be build in OFFLINE mode"
fi
else
- die $LINENO "Deploy kernel+ramdisk files don't exist and their building was disabled explicitly by IRONIC_BUILD_DEPLOY_RAMDISK"
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ # download the agent image tarball
+ wget "$IRONIC_AGENT_KERNEL_URL" -O $IRONIC_DEPLOY_KERNEL_PATH
+ wget "$IRONIC_AGENT_RAMDISK_URL" -O $IRONIC_DEPLOY_RAMDISK_PATH
+ else
+ die $LINENO "Deploy kernel+ramdisk files don't exist and their building was disabled explicitly by IRONIC_BUILD_DEPLOY_RAMDISK"
+ fi
fi
fi
+ local token=$(keystone token-get | grep ' id ' | get_field 2)
+ die_if_not_set $LINENO token "Keystone fail to get token"
+
# load them into glance
- IRONIC_DEPLOY_KERNEL_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $(basename $IRONIC_DEPLOY_KERNEL_PATH) \
- --is-public True --disk-format=aki \
+ IRONIC_DEPLOY_KERNEL_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $(basename $IRONIC_DEPLOY_KERNEL_PATH) \
+ --public --disk-format=aki \
+ --container-format=aki \
< $IRONIC_DEPLOY_KERNEL_PATH | grep ' id ' | get_field 2)
- IRONIC_DEPLOY_RAMDISK_ID=$(glance \
- --os-auth-token $token \
- --os-image-url http://$GLANCE_HOSTPORT \
- image-create \
- --name $(basename $IRONIC_DEPLOY_RAMDISK_PATH) \
- --is-public True --disk-format=ari \
+ IRONIC_DEPLOY_RAMDISK_ID=$(openstack \
+ --os-token $token \
+ --os-url http://$GLANCE_HOSTPORT \
+ image create \
+ $(basename $IRONIC_DEPLOY_RAMDISK_PATH) \
+ --public --disk-format=ari \
+ --container-format=ari \
< $IRONIC_DEPLOY_RAMDISK_PATH | grep ' id ' | get_field 2)
}
function prepare_baremetal_basic_ops {
-
- # install diskimage-builder
- git_clone $DIB_REPO $DIB_DIR $DIB_BRANCH
-
- # make sure all needed service were enabled
- for srv in nova glance key neutron; do
- if ! is_service_enabled "$srv"; then
- die $LINENO "$srv should be enabled for ironic tests"
- fi
- done
-
- TOKEN=$(keystone token-get | grep ' id ' | get_field 2)
- die_if_not_set $LINENO TOKEN "Keystone fail to get token"
-
- echo_summary "Creating and uploading baremetal images for ironic"
-
- # build and upload separate deploy kernel & ramdisk
- upload_baremetal_ironic_deploy $TOKEN
-
+ upload_baremetal_ironic_deploy
create_bridge_and_vms
enroll_vms
configure_tftpd
configure_iptables
-
- # restart nova-compute to ensure its resource tracking is up to
- # date with newly enrolled nodes
- stop_nova_compute || true
- start_nova_compute
+ configure_ironic_auxiliary
}
function cleanup_baremetal_basic_ops {
rm -f $IRONIC_VM_MACS_CSV_FILE
if [ -f $IRONIC_KEY_FILE ]; then
- KEY=`cat $IRONIC_KEY_FILE.pub`
+ local key=$(cat $IRONIC_KEY_FILE.pub)
# remove public key from authorized_keys
- grep -v "$KEY" $IRONIC_AUTHORIZED_KEYS_FILE > temp && mv temp $IRONIC_AUTHORIZED_KEYS_FILE
+ grep -v "$key" $IRONIC_AUTHORIZED_KEYS_FILE > temp && mv temp $IRONIC_AUTHORIZED_KEYS_FILE
chmod 0600 $IRONIC_AUTHORIZED_KEYS_FILE
fi
sudo rm -rf $IRONIC_DATA_DIR $IRONIC_STATE_PATH
- sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/cleanup-nodes $IRONIC_VM_COUNT $IRONIC_VM_NETWORK_BRIDGE"
+
+ local vm_name
+ for vm_name in $(_ironic_bm_vm_names); do
+ sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/cleanup-node $vm_name $IRONIC_VM_NETWORK_BRIDGE"
+ done
+
sudo rm -rf /etc/xinetd.d/tftp /etc/init/tftpd-hpa.override
restart_service xinetd
sudo iptables -D INPUT -d $HOST_IP -p udp --dport 69 -j ACCEPT || true
sudo iptables -D INPUT -d $HOST_IP -p tcp --dport 6385 -j ACCEPT || true
+ if [ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]; then
+ # agent ramdisk gets instance image from swift
+ sudo iptables -D INPUT -d $HOST_IP -p tcp --dport ${SWIFT_DEFAULT_BIND_PORT:-8080} -j ACCEPT || true
+ fi
sudo rmmod nf_conntrack_tftp || true
sudo rmmod nf_nat_tftp || true
}
diff --git a/lib/keystone b/lib/keystone
index 547646a..276e971 100644
--- a/lib/keystone
+++ b/lib/keystone
@@ -6,6 +6,7 @@
# - ``functions`` file
# - ``tls`` file
# - ``DEST``, ``STACK_USER``
+# - ``FILES``
# - ``IDENTITY_API_VERSION``
# - ``BASE_SQL_CONN``
# - ``SERVICE_HOST``, ``SERVICE_PROTOCOL``
@@ -37,7 +38,11 @@
KEYSTONE_CONF=$KEYSTONE_CONF_DIR/keystone.conf
KEYSTONE_PASTE_INI=${KEYSTONE_PASTE_INI:-$KEYSTONE_CONF_DIR/keystone-paste.ini}
KEYSTONE_AUTH_CACHE_DIR=${KEYSTONE_AUTH_CACHE_DIR:-/var/cache/keystone}
-KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/var/www/keystone}
+if is_suse; then
+ KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/srv/www/htdocs/keystone}
+else
+ KEYSTONE_WSGI_DIR=${KEYSTONE_WSGI_DIR:-/var/www/keystone}
+fi
KEYSTONEMIDDLEWARE_DIR=$DEST/keystonemiddleware
KEYSTONECLIENT_DIR=$DEST/python-keystoneclient
@@ -90,7 +95,7 @@
KEYSTONE_VALID_ASSIGNMENT_BACKENDS=kvs,ldap,sql
# if we are running with SSL use https protocols
-if is_ssl_enabled_service "key"; then
+if is_ssl_enabled_service "key" || is_service_enabled tls-proxy; then
KEYSTONE_AUTH_PROTOCOL="https"
KEYSTONE_SERVICE_PROTOCOL="https"
fi
@@ -104,18 +109,13 @@
# cleanup_keystone() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_keystone {
- # kill instances (nova)
- # delete image files (glance)
- # This function intentionally left blank
- :
+ _cleanup_keystone_apache_wsgi
}
# _cleanup_keystone_apache_wsgi() - Remove wsgi files, disable and remove apache vhost file
function _cleanup_keystone_apache_wsgi {
sudo rm -f $KEYSTONE_WSGI_DIR/*.wsgi
- disable_apache_site keystone
sudo rm -f $(apache_site_config_for keystone)
- restart_apache_server
}
# _config_keystone_apache_wsgi() - Set WSGI config files of Keystone
@@ -123,6 +123,21 @@
sudo mkdir -p $KEYSTONE_WSGI_DIR
local keystone_apache_conf=$(apache_site_config_for keystone)
+ local keystone_ssl=""
+ local keystone_certfile=""
+ local keystone_keyfile=""
+ local keystone_service_port=$KEYSTONE_SERVICE_PORT
+ local keystone_auth_port=$KEYSTONE_AUTH_PORT
+
+ if is_ssl_enabled_service key; then
+ keystone_ssl="SSLEngine On"
+ keystone_certfile="SSLCertificateFile $KEYSTONE_SSL_CERT"
+ keystone_keyfile="SSLCertificateKeyFile $KEYSTONE_SSL_KEY"
+ fi
+ if is_service_enabled tls-proxy; then
+ keystone_service_port=$KEYSTONE_SERVICE_PORT_INT
+ keystone_auth_port=$KEYSTONE_AUTH_PORT_INT
+ fi
# copy proxy vhost and wsgi file
sudo cp $KEYSTONE_DIR/httpd/keystone.py $KEYSTONE_WSGI_DIR/main
@@ -130,14 +145,16 @@
sudo cp $FILES/apache-keystone.template $keystone_apache_conf
sudo sed -e "
- s|%PUBLICPORT%|$KEYSTONE_SERVICE_PORT|g;
- s|%ADMINPORT%|$KEYSTONE_AUTH_PORT|g;
+ s|%PUBLICPORT%|$keystone_service_port|g;
+ s|%ADMINPORT%|$keystone_auth_port|g;
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%PUBLICWSGI%|$KEYSTONE_WSGI_DIR/main|g;
s|%ADMINWSGI%|$KEYSTONE_WSGI_DIR/admin|g;
+ s|%SSLENGINE%|$keystone_ssl|g;
+ s|%SSLCERTFILE%|$keystone_certfile|g;
+ s|%SSLKEYFILE%|$keystone_keyfile|g;
s|%USER%|$STACK_USER|g
" -i $keystone_apache_conf
- enable_apache_site keystone
}
# configure_keystone() - Set config files, create data dirs, etc
@@ -200,8 +217,13 @@
fi
# Set the URL advertised in the ``versions`` structure returned by the '/' route
- iniset $KEYSTONE_CONF DEFAULT public_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:%(public_port)s/"
- iniset $KEYSTONE_CONF DEFAULT admin_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:%(admin_port)s/"
+ if is_service_enabled tls-proxy; then
+ iniset $KEYSTONE_CONF DEFAULT public_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/"
+ iniset $KEYSTONE_CONF DEFAULT admin_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/"
+ else
+ iniset $KEYSTONE_CONF DEFAULT public_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:%(public_port)s/"
+ iniset $KEYSTONE_CONF DEFAULT admin_endpoint "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:%(admin_port)s/"
+ fi
iniset $KEYSTONE_CONF DEFAULT admin_bind_host "$KEYSTONE_ADMIN_BIND_HOST"
# Register SSL certificates if provided
@@ -229,11 +251,11 @@
iniset $KEYSTONE_CONF ec2 driver "keystone.contrib.ec2.backends.sql.Ec2"
if [[ "$KEYSTONE_TOKEN_BACKEND" = "sql" ]]; then
- iniset $KEYSTONE_CONF token driver keystone.token.backends.sql.Token
+ iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.sql.Token
elif [[ "$KEYSTONE_TOKEN_BACKEND" = "memcache" ]]; then
- iniset $KEYSTONE_CONF token driver keystone.token.backends.memcache.Token
+ iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.memcache.Token
else
- iniset $KEYSTONE_CONF token driver keystone.token.backends.kvs.Token
+ iniset $KEYSTONE_CONF token driver keystone.token.persistence.backends.kvs.Token
fi
if [[ "$KEYSTONE_CATALOG_BACKEND" = "sql" ]]; then
@@ -265,7 +287,7 @@
" -i $KEYSTONE_CATALOG
# Configure ``keystone.conf`` to use templates
- iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.TemplatedCatalog"
+ iniset $KEYSTONE_CONF catalog driver "keystone.catalog.backends.templated.Catalog"
iniset $KEYSTONE_CONF catalog template_file "$KEYSTONE_CATALOG"
fi
@@ -280,7 +302,7 @@
fi
if [ "$KEYSTONE_USE_MOD_WSGI" == "True" ]; then
- iniset $KEYSTONE_CONF DEFAULT debug "True"
+ iniset $KEYSTONE_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
# Eliminate the %(asctime)s.%(msecs)03d from the log format strings
iniset $KEYSTONE_CONF DEFAULT logging_context_format_string "%(process)d %(levelname)s %(name)s [%(request_id)s %(user_identity)s] %(instance)s%(message)s"
iniset $KEYSTONE_CONF DEFAULT logging_default_format_string "%(process)d %(levelname)s %(name)s [-] %(instance)s%(message)s"
@@ -290,6 +312,13 @@
fi
iniset $KEYSTONE_CONF DEFAULT max_token_size 16384
+
+ iniset $KEYSTONE_CONF DEFAULT admin_workers "$API_WORKERS"
+ # Public workers will use the server default, typically number of CPU.
+
+ if [[ -n "$KEYSTONE_TOKEN_HASH_ALGORITHM" ]]; then
+ iniset $KEYSTONE_CONF token hash_algorithm "$KEYSTONE_TOKEN_HASH_ALGORITHM"
+ fi
}
function configure_keystone_extensions {
@@ -328,11 +357,11 @@
function create_keystone_accounts {
# admin
- ADMIN_TENANT=$(get_or_create_project "admin")
- ADMIN_USER=$(get_or_create_user "admin" \
- "$ADMIN_PASSWORD" "$ADMIN_TENANT")
- ADMIN_ROLE=$(get_or_create_role "admin")
- get_or_add_user_role $ADMIN_ROLE $ADMIN_USER $ADMIN_TENANT
+ local admin_tenant=$(get_or_create_project "admin")
+ local admin_user=$(get_or_create_user "admin" \
+ "$ADMIN_PASSWORD" "$admin_tenant")
+ local admin_role=$(get_or_create_role "admin")
+ get_or_add_user_role $admin_role $admin_user $admin_tenant
# Create service project/role
get_or_create_project "$SERVICE_TENANT_NAME"
@@ -347,25 +376,24 @@
get_or_create_role ResellerAdmin
# The Member role is used by Horizon and Swift so we need to keep it:
- MEMBER_ROLE=$(get_or_create_role "Member")
+ local member_role=$(get_or_create_role "Member")
- # ANOTHER_ROLE demonstrates that an arbitrary role may be created and used
+ # another_role demonstrates that an arbitrary role may be created and used
# TODO(sleepsonthefloor): show how this can be used for rbac in the future!
-
- ANOTHER_ROLE=$(get_or_create_role "anotherrole")
+ local another_role=$(get_or_create_role "anotherrole")
# invisible tenant - admin can't see this one
- INVIS_TENANT=$(get_or_create_project "invisible_to_admin")
+ local invis_tenant=$(get_or_create_project "invisible_to_admin")
# demo
- DEMO_TENANT=$(get_or_create_project "demo")
- DEMO_USER=$(get_or_create_user "demo" \
- "$ADMIN_PASSWORD" "$DEMO_TENANT" "demo@example.com")
+ local demo_tenant=$(get_or_create_project "demo")
+ local demo_user=$(get_or_create_user "demo" \
+ "$ADMIN_PASSWORD" "$demo_tenant" "demo@example.com")
- get_or_add_user_role $MEMBER_ROLE $DEMO_USER $DEMO_TENANT
- get_or_add_user_role $ADMIN_ROLE $ADMIN_USER $DEMO_TENANT
- get_or_add_user_role $ANOTHER_ROLE $DEMO_USER $DEMO_TENANT
- get_or_add_user_role $MEMBER_ROLE $DEMO_USER $INVIS_TENANT
+ get_or_add_user_role $member_role $demo_user $demo_tenant
+ get_or_add_user_role $admin_role $admin_user $demo_tenant
+ get_or_add_user_role $another_role $demo_user $demo_tenant
+ get_or_add_user_role $member_role $demo_user $invis_tenant
# Keystone
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
@@ -381,11 +409,40 @@
}
# Configure the API version for the OpenStack projects.
-# configure_API_version conf_file version
+# configure_API_version conf_file version [section]
function configure_API_version {
local conf_file=$1
local api_version=$2
- iniset $conf_file keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$api_version
+ local section=${3:-keystone_authtoken}
+ iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v$api_version
+}
+
+# Configure the service to use the auth token middleware.
+#
+# configure_auth_token_middleware conf_file admin_user signing_dir [section]
+#
+# section defaults to keystone_authtoken, which is where auth_token looks in
+# the .conf file. If the paste config file is used (api-paste.ini) then
+# provide the section name for the auth_token filter.
+function configure_auth_token_middleware {
+ local conf_file=$1
+ local admin_user=$2
+ local signing_dir=$3
+ local section=${4:-keystone_authtoken}
+
+ iniset $conf_file $section auth_host $KEYSTONE_AUTH_HOST
+ iniset $conf_file $section auth_port $KEYSTONE_AUTH_PORT
+ iniset $conf_file $section auth_protocol $KEYSTONE_AUTH_PROTOCOL
+ iniset $conf_file $section identity_uri $KEYSTONE_AUTH_URI
+ iniset $conf_file $section cafile $SSL_BUNDLE_FILE
+ configure_API_version $conf_file $IDENTITY_API_VERSION $section
+ iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
+ iniset $conf_file $section admin_user $admin_user
+ iniset $conf_file $section admin_password $SERVICE_PASSWORD
+ iniset $conf_file $section signing_dir $signing_dir
+ if [[ -n "$KEYSTONE_TOKEN_HASH_ALGORITHM" ]]; then
+ iniset $conf_file keystone_authtoken hash_algorithms "$KEYSTONE_TOKEN_HASH_ALGORITHM"
+ fi
}
# init_keystone() - Initialize databases, etc.
@@ -454,6 +511,9 @@
setup_develop $KEYSTONE_DIR
if [ "$KEYSTONE_USE_MOD_WSGI" == "True" ]; then
install_apache_wsgi
+ if is_ssl_enabled_service "key"; then
+ enable_mod_ssl
+ fi
fi
}
@@ -461,23 +521,31 @@
function start_keystone {
# Get right service port for testing
local service_port=$KEYSTONE_SERVICE_PORT
+ local auth_protocol=$KEYSTONE_AUTH_PROTOCOL
if is_service_enabled tls-proxy; then
service_port=$KEYSTONE_SERVICE_PORT_INT
+ auth_protocol="http"
fi
if [ "$KEYSTONE_USE_MOD_WSGI" == "True" ]; then
+ enable_apache_site keystone
restart_apache_server
- screen_it key "cd $KEYSTONE_DIR && sudo tail -f /var/log/$APACHE_NAME/keystone"
+ tail_log key /var/log/$APACHE_NAME/keystone.log
+ tail_log key-access /var/log/$APACHE_NAME/keystone_access.log
else
+ local EXTRA_PARAMS=""
+ if [ "$ENABLE_DEBUG_LOG_LEVEL" == "True" ]; then
+ EXTRA_PARAMS="--debug"
+ fi
# Start Keystone in a screen window
- screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF --debug"
+ run_process key "$KEYSTONE_DIR/bin/keystone-all --config-file $KEYSTONE_CONF $EXTRA_PARAMS"
fi
echo "Waiting for keystone to start..."
# Check that the keystone service is running. Even if the tls tunnel
# should be enabled, make sure the internal port is checked using
# unencryted traffic at this point.
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! curl --noproxy '*' -k -s http://$KEYSTONE_SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! curl --noproxy '*' -k -s $auth_protocol://$KEYSTONE_SERVICE_HOST:$service_port/v$IDENTITY_API_VERSION/ >/dev/null; do sleep 1; done"; then
die $LINENO "keystone did not start"
fi
@@ -490,10 +558,12 @@
# stop_keystone() - Stop running processes
function stop_keystone {
+ if [ "$KEYSTONE_USE_MOD_WSGI" == "True" ]; then
+ disable_apache_site keystone
+ restart_apache_server
+ fi
# Kill the Keystone screen window
- screen_stop key
- # Cleanup the WSGI files and VHOST
- _cleanup_keystone_apache_wsgi
+ stop_process key
}
function is_keystone_enabled {
diff --git a/lib/ldap b/lib/ldap
index efe2f09..a6fb82f 100644
--- a/lib/ldap
+++ b/lib/ldap
@@ -79,7 +79,7 @@
function init_ldap {
local keystone_ldif
- TMP_LDAP_DIR=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
+ local tmp_ldap_dir=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
# Remove data but not schemas
clear_ldap_state
@@ -91,17 +91,17 @@
printf "Configuring LDAP for $LDAP_BASE_DC\n"
# If BASE_DN is changed, the user may override the default file
if [[ -r $FILES/ldap/${LDAP_BASE_DC}.ldif.in ]]; then
- keystone_ldif=${LDAP_BASE_DC}.ldif
+ local keystone_ldif=${LDAP_BASE_DC}.ldif
else
- keystone_ldif=keystone.ldif
+ local keystone_ldif=keystone.ldif
fi
- _ldap_varsubst $FILES/ldap/${keystone_ldif}.in >$TMP_LDAP_DIR/${keystone_ldif}
- if [[ -r $TMP_LDAP_DIR/${keystone_ldif} ]]; then
- ldapadd -x -w $LDAP_PASSWORD -D "$LDAP_MANAGER_DN" -H $LDAP_URL -c -f $TMP_LDAP_DIR/${keystone_ldif}
+ _ldap_varsubst $FILES/ldap/${keystone_ldif}.in >$tmp_ldap_dir/${keystone_ldif}
+ if [[ -r $tmp_ldap_dir/${keystone_ldif} ]]; then
+ ldapadd -x -w $LDAP_PASSWORD -D "$LDAP_MANAGER_DN" -H $LDAP_URL -c -f $tmp_ldap_dir/${keystone_ldif}
fi
fi
- rm -rf TMP_LDAP_DIR
+ rm -rf $tmp_ldap_dir
}
# install_ldap
@@ -110,7 +110,7 @@
echo "Installing LDAP inside function"
echo "os_VENDOR is $os_VENDOR"
- TMP_LDAP_DIR=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
+ local tmp_ldap_dir=$(mktemp -d -t ldap.$$.XXXXXXXXXX)
printf "installing OpenLDAP"
if is_ubuntu; then
@@ -119,19 +119,19 @@
elif is_fedora; then
start_ldap
elif is_suse; then
- _ldap_varsubst $FILES/ldap/suse-base-config.ldif.in >$TMP_LDAP_DIR/suse-base-config.ldif
- sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $TMP_LDAP_DIR/suse-base-config.ldif
+ _ldap_varsubst $FILES/ldap/suse-base-config.ldif.in >$tmp_ldap_dir/suse-base-config.ldif
+ sudo slapadd -F /etc/openldap/slapd.d/ -bcn=config -l $tmp_ldap_dir/suse-base-config.ldif
sudo sed -i '/^OPENLDAP_START_LDAPI=/s/"no"/"yes"/g' /etc/sysconfig/openldap
start_ldap
fi
echo "LDAP_PASSWORD is $LDAP_PASSWORD"
- SLAPPASS=$(slappasswd -s $LDAP_PASSWORD)
- printf "LDAP secret is $SLAPPASS\n"
+ local slappass=$(slappasswd -s $LDAP_PASSWORD)
+ printf "LDAP secret is $slappass\n"
# Create manager.ldif and add to olcdb
- _ldap_varsubst $FILES/ldap/manager.ldif.in >$TMP_LDAP_DIR/manager.ldif
- sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $TMP_LDAP_DIR/manager.ldif
+ _ldap_varsubst $FILES/ldap/manager.ldif.in >$tmp_ldap_dir/manager.ldif
+ sudo ldapmodify -Y EXTERNAL -H ldapi:/// -f $tmp_ldap_dir/manager.ldif
# On fedora we need to manually add cosine and inetorgperson schemas
if is_fedora; then
@@ -139,7 +139,9 @@
sudo ldapadd -Y EXTERNAL -H ldapi:/// -f /etc/openldap/schema/inetorgperson.ldif
fi
- rm -rf TMP_LDAP_DIR
+ pip_install ldappool
+
+ rm -rf $tmp_ldap_dir
}
# start_ldap() - Start LDAP
diff --git a/lib/marconi b/lib/marconi
deleted file mode 100644
index 063ed3d..0000000
--- a/lib/marconi
+++ /dev/null
@@ -1,204 +0,0 @@
-# lib/marconi
-# Install and start **Marconi** service
-
-# To enable a minimal set of Marconi services, add the following to localrc:
-#
-# enable_service marconi-server
-#
-# Dependencies:
-# - functions
-# - OS_AUTH_URL for auth in api
-# - DEST set to the destination directory
-# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api
-# - STACK_USER service user
-
-# stack.sh
-# ---------
-# install_marconi
-# configure_marconi
-# init_marconi
-# start_marconi
-# stop_marconi
-# cleanup_marconi
-
-# Save trace setting
-XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-
-# Defaults
-# --------
-
-# Set up default directories
-MARCONI_DIR=$DEST/marconi
-MARCONICLIENT_DIR=$DEST/python-marconiclient
-MARCONI_CONF_DIR=/etc/marconi
-MARCONI_CONF=$MARCONI_CONF_DIR/marconi.conf
-MARCONI_API_LOG_DIR=/var/log/marconi
-MARCONI_API_LOG_FILE=$MARCONI_API_LOG_DIR/queues.log
-MARCONI_AUTH_CACHE_DIR=${MARCONI_AUTH_CACHE_DIR:-/var/cache/marconi}
-
-# Support potential entry-points console scripts
-MARCONI_BIN_DIR=$(get_python_exec_prefix)
-
-# Set up database backend
-MARCONI_BACKEND=${MARCONI_BACKEND:-sqlite}
-
-
-# Set Marconi repository
-MARCONI_REPO=${MARCONI_REPO:-${GIT_BASE}/openstack/marconi.git}
-MARCONI_BRANCH=${MARCONI_BRANCH:-master}
-
-# Set client library repository
-MARCONICLIENT_REPO=${MARCONICLIENT_REPO:-${GIT_BASE}/openstack/python-marconiclient.git}
-MARCONICLIENT_BRANCH=${MARCONICLIENT_BRANCH:-master}
-
-# Set Marconi Connection Info
-MARCONI_SERVICE_HOST=${MARCONI_SERVICE_HOST:-$SERVICE_HOST}
-MARCONI_SERVICE_PORT=${MARCONI_SERVICE_PORT:-8888}
-MARCONI_SERVICE_PROTOCOL=${MARCONI_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
-
-# Tell Tempest this project is present
-TEMPEST_SERVICES+=,marconi
-
-
-# Functions
-# ---------
-
-# Test if any Marconi services are enabled
-# is_marconi_enabled
-function is_marconi_enabled {
- [[ ,${ENABLED_SERVICES} =~ ,"marconi-" ]] && return 0
- return 1
-}
-
-# cleanup_marconi() - Remove residual data files, anything left over from previous
-# runs that a clean run would need to clean up
-function cleanup_marconi {
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! mongo marconi --eval 'db.dropDatabase();'; do sleep 1; done"; then
- die $LINENO "Mongo DB did not start"
- fi
-}
-
-# configure_marconiclient() - Set config files, create data dirs, etc
-function configure_marconiclient {
- setup_develop $MARCONICLIENT_DIR
-}
-
-# configure_marconi() - Set config files, create data dirs, etc
-function configure_marconi {
- setup_develop $MARCONI_DIR
-
- [ ! -d $MARCONI_CONF_DIR ] && sudo mkdir -m 755 -p $MARCONI_CONF_DIR
- sudo chown $USER $MARCONI_CONF_DIR
-
- [ ! -d $MARCONI_API_LOG_DIR ] && sudo mkdir -m 755 -p $MARCONI_API_LOG_DIR
- sudo chown $USER $MARCONI_API_LOG_DIR
-
- iniset $MARCONI_CONF DEFAULT verbose True
- iniset $MARCONI_CONF DEFAULT use_syslog $SYSLOG
- iniset $MARCONI_CONF DEFAULT log_file $MARCONI_API_LOG_FILE
- iniset $MARCONI_CONF 'drivers:transport:wsgi' bind $MARCONI_SERVICE_HOST
-
- iniset $MARCONI_CONF keystone_authtoken auth_protocol http
- iniset $MARCONI_CONF keystone_authtoken admin_user marconi
- iniset $MARCONI_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $MARCONI_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $MARCONI_CONF keystone_authtoken signing_dir $MARCONI_AUTH_CACHE_DIR
-
- if [ "$MARCONI_BACKEND" = 'mysql' ] || [ "$MARCONI_BACKEND" = 'postgresql' ] ; then
- iniset $MARCONI_CONF drivers storage sqlalchemy
- iniset $MARCONI_CONF 'drivers:storage:sqlalchemy' uri `database_connection_url marconi`
- elif [ "$MARCONI_BACKEND" = 'mongodb' ] ; then
- iniset $MARCONI_CONF drivers storage mongodb
- iniset $MARCONI_CONF 'drivers:storage:mongodb' uri mongodb://localhost:27017/marconi
- configure_mongodb
- cleanup_marconi
- fi
-}
-
-function configure_mongodb {
- # Set nssize to 2GB. This increases the number of namespaces supported
- # # per database.
- if is_ubuntu; then
- sudo sed -i -e "
- s|[^ \t]*#[ \t]*\(nssize[ \t]*=.*\$\)|\1|
- s|^\(nssize[ \t]*=[ \t]*\).*\$|\1 2047|
- " /etc/mongodb.conf
- restart_service mongodb
- elif is_fedora; then
- sudo sed -i '/--nssize/!s/OPTIONS=\"/OPTIONS=\"--nssize 2047 /' /etc/sysconfig/mongod
- restart_service mongod
- fi
-}
-
-# init_marconi() - Initialize etc.
-function init_marconi {
- # Create cache dir
- sudo mkdir -p $MARCONI_AUTH_CACHE_DIR
- sudo chown $STACK_USER $MARCONI_AUTH_CACHE_DIR
- rm -f $MARCONI_AUTH_CACHE_DIR/*
-}
-
-# install_marconi() - Collect source and prepare
-function install_marconi {
- git_clone $MARCONI_REPO $MARCONI_DIR $MARCONI_BRANCH
- setup_develop $MARCONI_DIR
-}
-
-# install_marconiclient() - Collect source and prepare
-function install_marconiclient {
- git_clone $MARCONICLIENT_REPO $MARCONICLIENT_DIR $MARCONICLIENT_BRANCH
- setup_develop $MARCONICLIENT_DIR
-}
-
-# start_marconi() - Start running processes, including screen
-function start_marconi {
- if [[ "$USE_SCREEN" = "False" ]]; then
- screen_it marconi-server "marconi-server --config-file $MARCONI_CONF --daemon"
- else
- screen_it marconi-server "marconi-server --config-file $MARCONI_CONF"
- fi
-
- echo "Waiting for Marconi to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $MARCONI_SERVICE_PROTOCOL://$MARCONI_SERVICE_HOST:$MARCONI_SERVICE_PORT/v1/health; do sleep 1; done"; then
- die $LINENO "Marconi did not start"
- fi
-}
-
-# stop_marconi() - Stop running processes
-function stop_marconi {
- # Kill the marconi screen windows
- for serv in marconi-server; do
- screen -S $SCREEN_NAME -p $serv -X kill
- done
-}
-
-function create_marconi_accounts {
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
-
- MARCONI_USER=$(get_or_create_user "marconi" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $MARCONI_USER $SERVICE_TENANT
-
- if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
-
- MARCONI_SERVICE=$(get_or_create_service "marconi" \
- "queuing" "Marconi Service")
- get_or_create_endpoint $MARCONI_SERVICE \
- "$REGION_NAME" \
- "$MARCONI_SERVICE_PROTOCOL://$MARCONI_SERVICE_HOST:$MARCONI_SERVICE_PORT" \
- "$MARCONI_SERVICE_PROTOCOL://$MARCONI_SERVICE_HOST:$MARCONI_SERVICE_PORT" \
- "$MARCONI_SERVICE_PROTOCOL://$MARCONI_SERVICE_HOST:$MARCONI_SERVICE_PORT"
- fi
-
-}
-
-
-# Restore xtrace
-$XTRACE
-
-# Local variables:
-# mode: shell-script
-# End:
diff --git a/lib/neutron b/lib/neutron
index 573fd6f..eb07f40 100644
--- a/lib/neutron
+++ b/lib/neutron
@@ -20,13 +20,15 @@
# - create_neutron_cache_dir
# - create_nova_conf_neutron
# - start_neutron_service_and_check
+# - start_neutron_agents
# - create_neutron_initial_network
# - setup_neutron_debug
-# - start_neutron_agents
#
# ``unstack.sh`` calls the entry points in this order:
#
# - stop_neutron
+# - stop_neutron_third_party
+# - cleanup_neutron
# Functions in lib/neutron are classified into the following categories:
#
@@ -43,21 +45,11 @@
# to run Neutron on this host, make sure that q-svc is also in
# ``ENABLED_SERVICES``.
#
-# If you're planning to use the Neutron openvswitch plugin, set
-# ``Q_PLUGIN`` to "openvswitch" and make sure the q-agt service is enabled
-# in ``ENABLED_SERVICES``. If you're planning to use the Neutron
-# linuxbridge plugin, set ``Q_PLUGIN`` to "linuxbridge" and make sure the
-# q-agt service is enabled in ``ENABLED_SERVICES``.
-#
# See "Neutron Network Configuration" below for additional variables
# that must be set in localrc for connectivity across hosts with
# Neutron.
#
# With Neutron networking the NETWORK_MANAGER variable is ignored.
-#
-# To enable specific configuration options for either the Open vSwitch or
-# LinuxBridge plugin, please see the top level README file under the
-# Neutron section.
# Neutron Network Configuration
@@ -69,6 +61,11 @@
PRIVATE_SUBNET_NAME=${PRIVATE_SUBNET_NAME:-"private-subnet"}
PUBLIC_SUBNET_NAME=${PUBLIC_SUBNET_NAME:-"public-subnet"}
+if is_ssl_enabled_service "neutron" || is_service_enabled tls-proxy; then
+ Q_PROTOCOL="https"
+fi
+
+
# Set up default directories
NEUTRON_DIR=$DEST/neutron
NEUTRONCLIENT_DIR=$DEST/python-neutronclient
@@ -85,14 +82,32 @@
NEUTRON_CONF=$NEUTRON_CONF_DIR/neutron.conf
export NEUTRON_TEST_CONFIG_FILE=${NEUTRON_TEST_CONFIG_FILE:-"$NEUTRON_CONF_DIR/debug.ini"}
+# Agent binaries. Note, binary paths for other agents are set in per-service
+# scripts in lib/neutron_plugins/services/
+AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent"
+AGENT_L3_BINARY=${AGENT_L3_BINARY:-"$NEUTRON_BIN_DIR/neutron-l3-agent"}
+AGENT_META_BINARY="$NEUTRON_BIN_DIR/neutron-metadata-agent"
+
+# Agent config files. Note, plugin-specific Q_PLUGIN_CONF_FILE is set and
+# loaded from per-plugin scripts in lib/neutron_plugins/
+Q_DHCP_CONF_FILE=$NEUTRON_CONF_DIR/dhcp_agent.ini
+Q_L3_CONF_FILE=$NEUTRON_CONF_DIR/l3_agent.ini
+Q_FWAAS_CONF_FILE=$NEUTRON_CONF_DIR/fwaas_driver.ini
+Q_VPN_CONF_FILE=$NEUTRON_CONF_DIR/vpn_agent.ini
+Q_META_CONF_FILE=$NEUTRON_CONF_DIR/metadata_agent.ini
+
# Default name for Neutron database
Q_DB_NAME=${Q_DB_NAME:-neutron}
# Default Neutron Plugin
Q_PLUGIN=${Q_PLUGIN:-ml2}
# Default Neutron Port
Q_PORT=${Q_PORT:-9696}
+# Default Neutron Internal Port when using TLS proxy
+Q_PORT_INT=${Q_PORT_INT:-19696}
# Default Neutron Host
Q_HOST=${Q_HOST:-$SERVICE_HOST}
+# Default protocol
+Q_PROTOCOL=${Q_PROTOCOL:-$SERVICE_PROTOCOL}
# Default admin username
Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-neutron}
# Default auth strategy
@@ -120,6 +135,36 @@
## Provider Network Information
PROVIDER_SUBNET_NAME=${PROVIDER_SUBNET_NAME:-"provider_net"}
+# Use flat providernet for public network
+#
+# If Q_USE_PROVIDERNET_FOR_PUBLIC=True, use a flat provider network
+# for external interface of neutron l3-agent. In that case,
+# PUBLIC_PHYSICAL_NETWORK specifies provider:physical_network value
+# used for the network. In case of ofagent, you should add the
+# corresponding entry to your OFAGENT_PHYSICAL_INTERFACE_MAPPINGS.
+# For openvswitch agent, you should add the corresponding entry to
+# your OVS_BRIDGE_MAPPINGS.
+#
+# eg. (ofagent)
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True
+# Q_USE_PUBLIC_VETH=True
+# PUBLIC_PHYSICAL_NETWORK=public
+# OFAGENT_PHYSICAL_INTERFACE_MAPPINGS=public:veth-pub-int
+#
+# eg. (openvswitch agent)
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True
+# PUBLIC_PHYSICAL_NETWORK=public
+# OVS_BRIDGE_MAPPINGS=public:br-ex
+Q_USE_PROVIDERNET_FOR_PUBLIC=${Q_USE_PROVIDERNET_FOR_PUBLIC:-False}
+PUBLIC_PHYSICAL_NETWORK=${PUBLIC_PHYSICAL_NETWORK:-public}
+
+# If Q_USE_PUBLIC_VETH=True, create and use a veth pair instead of
+# PUBLIC_BRIDGE. This is intended to be used with
+# Q_USE_PROVIDERNET_FOR_PUBLIC=True.
+Q_USE_PUBLIC_VETH=${Q_USE_PUBLIC_VETH:-False}
+Q_PUBLIC_VETH_EX=${Q_PUBLIC_VETH_EX:-veth-pub-ex}
+Q_PUBLIC_VETH_INT=${Q_PUBLIC_VETH_INT:-veth-pub-int}
+
# The next two variables are configured by plugin
# e.g. _configure_neutron_l3_agent or lib/neutron_plugins/*
#
@@ -148,9 +193,10 @@
# Distributed Virtual Router (DVR) configuration
# Can be:
-# legacy - No DVR functionality
-# dvr_snat - Controller or single node DVR
-# dvr - Compute node in multi-node DVR
+# - ``legacy`` - No DVR functionality
+# - ``dvr_snat`` - Controller or single node DVR
+# - ``dvr`` - Compute node in multi-node DVR
+#
Q_DVR_MODE=${Q_DVR_MODE:-legacy}
if [[ "$Q_DVR_MODE" != "legacy" ]]; then
Q_ML2_PLUGIN_MECHANISM_DRIVERS=openvswitch,linuxbridge,l2population
@@ -159,12 +205,11 @@
# Provider Network Configurations
# --------------------------------
-# The following variables control the Neutron openvswitch and
-# linuxbridge plugins' allocation of tenant networks and
-# availability of provider networks. If these are not configured
-# in ``localrc``, tenant networks will be local to the host (with no
-# remote connectivity), and no physical resources will be
-# available for the allocation of provider networks.
+# The following variables control the Neutron ML2 plugins' allocation
+# of tenant networks and availability of provider networks. If these
+# are not configured in ``localrc``, tenant networks will be local to
+# the host (with no remote connectivity), and no physical resources
+# will be available for the allocation of provider networks.
# To disable tunnels (GRE or VXLAN) for tenant networks,
# set to False in ``local.conf``.
@@ -177,8 +222,8 @@
TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGES:-1:1000}
# To use VLANs for tenant networks, set to True in localrc. VLANs
-# are supported by the openvswitch and linuxbridge plugins, each
-# requiring additional configuration described below.
+# are supported by the ML2 plugins, requiring additional configuration
+# described below.
ENABLE_TENANT_VLANS=${ENABLE_TENANT_VLANS:-False}
# If using VLANs for tenant networks, set in ``localrc`` to specify
@@ -198,7 +243,7 @@
# Example: ``PHYSICAL_NETWORK=default``
PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-}
-# With the openvswitch plugin, if using VLANs for tenant networks,
+# With the openvswitch agent, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in ``localrc`` to
# the name of the OVS bridge to use for the physical network. The
# bridge will be created if it does not already exist, but a
@@ -208,7 +253,7 @@
# Example: ``OVS_PHYSICAL_BRIDGE=br-eth1``
OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-}
-# With the linuxbridge plugin, if using VLANs for tenant networks,
+# With the linuxbridge agent, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in ``localrc`` to
# the name of the network interface to use for the physical
# network.
@@ -283,6 +328,51 @@
# Functions
# ---------
+function _determine_config_server {
+ local cfg_file
+ local opts="--config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE"
+ for cfg_file in ${Q_PLUGIN_EXTRA_CONF_FILES[@]}; do
+ opts+=" --config-file /$cfg_file"
+ done
+ echo "$opts"
+}
+
+function _determine_config_vpn {
+ local cfg_file
+ local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE --config-file=$Q_VPN_CONF_FILE"
+ if is_service_enabled q-fwaas; then
+ opts+=" --config-file $Q_FWAAS_CONF_FILE"
+ fi
+ for cfg_file in ${Q_VPN_EXTRA_CONF_FILES[@]}; do
+ opts+=" --config-file $cfg_file"
+ done
+ echo "$opts"
+
+}
+
+function _determine_config_l3 {
+ local opts="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE"
+ if is_service_enabled q-fwaas; then
+ opts+=" --config-file $Q_FWAAS_CONF_FILE"
+ fi
+ echo "$opts"
+}
+
+# For services and agents that require it, dynamically construct a list of
+# --config-file arguments that are passed to the binary.
+function determine_config_files {
+ local opts=""
+ case "$1" in
+ "neutron-server") opts="$(_determine_config_server)" ;;
+ "neutron-vpn-agent") opts="$(_determine_config_vpn)" ;;
+ "neutron-l3-agent") opts="$(_determine_config_l3)" ;;
+ esac
+ if [ -z "$opts" ] ; then
+ die $LINENO "Could not determine config files for $1."
+ fi
+ echo "$opts"
+}
+
# Test if any Neutron services are enabled
# is_neutron_enabled
function is_neutron_enabled {
@@ -343,7 +433,7 @@
iniset $NOVA_CONF neutron auth_strategy "$Q_AUTH_STRATEGY"
iniset $NOVA_CONF neutron admin_tenant_name "$SERVICE_TENANT_NAME"
iniset $NOVA_CONF neutron region_name "$REGION_NAME"
- iniset $NOVA_CONF neutron url "http://$Q_HOST:$Q_PORT"
+ iniset $NOVA_CONF neutron url "${Q_PROTOCOL}://$Q_HOST:$Q_PORT"
if [[ "$Q_USE_SECGROUP" == "True" ]]; then
LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver
@@ -357,7 +447,7 @@
iniset $NOVA_CONF libvirt vif_driver "$NOVA_VIF_DRIVER"
iniset $NOVA_CONF DEFAULT linuxnet_interface_driver "$LINUXNET_VIF_DRIVER"
if is_service_enabled q-meta; then
- iniset $NOVA_CONF DEFAULT service_neutron_metadata_proxy "True"
+ iniset $NOVA_CONF neutron service_metadata_proxy "True"
fi
iniset $NOVA_CONF DEFAULT vif_plugging_is_fatal "$VIF_PLUGGING_IS_FATAL"
@@ -381,24 +471,24 @@
# Migrated from keystone_data.sh
function create_neutron_accounts {
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local service_role=$(openstack role list | awk "/ service / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then
- NEUTRON_USER=$(get_or_create_user "neutron" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $NEUTRON_USER $SERVICE_TENANT
+ local neutron_user=$(get_or_create_user "neutron" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $service_role $neutron_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- NEUTRON_SERVICE=$(get_or_create_service "neutron" \
+ local neutron_service=$(get_or_create_service "neutron" \
"network" "Neutron Service")
- get_or_create_endpoint $NEUTRON_SERVICE \
+ get_or_create_endpoint $neutron_service \
"$REGION_NAME" \
- "http://$SERVICE_HOST:$Q_PORT/" \
- "http://$SERVICE_HOST:$Q_PORT/" \
- "http://$SERVICE_HOST:$Q_PORT/"
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/" \
+ "$Q_PROTOCOL://$SERVICE_HOST:$Q_PORT/"
fi
fi
}
@@ -426,9 +516,9 @@
sudo ifconfig $OVS_PHYSICAL_BRIDGE up
sudo route add default gw $NETWORK_GATEWAY dev $OVS_PHYSICAL_BRIDGE
elif is_provider_network; then
- die_if_not_set $LINENO SEGMENTATION_ID "A SEGMENTATION_ID is required to use provider networking"
+ die_if_not_set $LINENO PHYSICAL_NETWORK "You must specify the PHYSICAL_NETWORK"
die_if_not_set $LINENO PROVIDER_NETWORK_TYPE "You must specifiy the PROVIDER_NETWORK_TYPE"
- NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" --provider:segmentation_id "$SEGMENTATION_ID" --shared | grep ' id ' | get_field 2)
+ NET_ID=$(neutron net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type $PROVIDER_NETWORK_TYPE --provider:physical_network "$PHYSICAL_NETWORK" ${SEGMENTATION_ID:+--provider:segmentation_id $SEGMENTATION_ID} --shared | grep ' id ' | get_field 2)
SUBNET_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --name $PROVIDER_SUBNET_NAME $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2)
SUBNET_V6_ID=$(neutron subnet-create --tenant_id $TENANT_ID --ip_version 6 --ipv6-address-mode slaac --gateway $V6_NETWORK_GATEWAY --name $PROVIDER_SUBNET_NAME_V6 $NET_ID $FIXED_RANGE_V6 | grep 'id' | get_field 2)
sudo ip link set $OVS_PHYSICAL_BRIDGE up
@@ -454,7 +544,11 @@
fi
neutron router-interface-add $ROUTER_ID $SUBNET_ID
# Create an external network, and a subnet. Configure the external network as router gw
- EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True | grep ' id ' | get_field 2)
+ if [ "$Q_USE_PROVIDERNET_FOR_PUBLIC" = "True" ]; then
+ EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True --provider:network_type=flat --provider:physical_network=${PUBLIC_PHYSICAL_NETWORK} | grep ' id ' | get_field 2)
+ else
+ EXT_NET_ID=$(neutron net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True | grep ' id ' | get_field 2)
+ fi
die_if_not_set $LINENO EXT_NET_ID "Failure creating EXT_NET_ID for $PUBLIC_NETWORK_NAME"
EXT_GW_IP=$(neutron subnet-create --ip_version 4 ${Q_FLOATING_ALLOCATION_POOL:+--allocation-pool $Q_FLOATING_ALLOCATION_POOL} --gateway $PUBLIC_NETWORK_GATEWAY --name $PUBLIC_SUBNET_NAME $EXT_NET_ID $FLOATING_RANGE -- --enable_dhcp=False | grep 'gateway_ip' | get_field 2)
die_if_not_set $LINENO EXT_GW_IP "Failure creating EXT_GW_IP"
@@ -463,9 +557,20 @@
if is_service_enabled q-l3; then
# logic is specific to using the l3-agent for l3
if is_neutron_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then
+ local ext_gw_interface
+
+ if [[ "$Q_USE_PUBLIC_VETH" = "True" ]]; then
+ ext_gw_interface=$Q_PUBLIC_VETH_EX
+ else
+ # Disable in-band as we are going to use local port
+ # to communicate with VMs
+ sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE \
+ other_config:disable-in-band=true
+ ext_gw_interface=$PUBLIC_BRIDGE
+ fi
CIDR_LEN=${FLOATING_RANGE#*/}
- sudo ip addr add $EXT_GW_IP/$CIDR_LEN dev $PUBLIC_BRIDGE
- sudo ip link set $PUBLIC_BRIDGE up
+ sudo ip addr add $EXT_GW_IP/$CIDR_LEN dev $ext_gw_interface
+ sudo ip link set $ext_gw_interface up
ROUTER_GW_IP=`neutron port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' '{ print $8; }'`
die_if_not_set $LINENO ROUTER_GW_IP "Failure retrieving ROUTER_GW_IP"
sudo route add -net $FIXED_RANGE gw $ROUTER_GW_IP
@@ -489,6 +594,24 @@
function install_neutron {
git_clone $NEUTRON_REPO $NEUTRON_DIR $NEUTRON_BRANCH
setup_develop $NEUTRON_DIR
+
+ if [ "$VIRT_DRIVER" == 'xenserver' ]; then
+ local dom0_ip
+ dom0_ip=$(echo "$XENAPI_CONNECTION_URL" | cut -d "/" -f 3-)
+
+ local ssh_dom0
+ ssh_dom0="sudo -u $DOMZERO_USER ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null root@$dom0_ip"
+
+ # Find where the plugins should go in dom0
+ local xen_functions
+ xen_functions=$(cat $TOP_DIR/tools/xen/functions)
+ local plugin_dir
+ plugin_dir=$($ssh_dom0 "$xen_functions; set -eux; xapi_plugin_location")
+
+ # install neutron plugins to dom0
+ tar -czf - -C $NEUTRON_DIR/neutron/plugins/openvswitch/agent/xenapi/etc/xapi.d/plugins/ ./ |
+ $ssh_dom0 "tar -xzf - -C $plugin_dir && chmod a+x $plugin_dir/*"
+ fi
}
# install_neutronclient() - Collect source and prepare
@@ -500,6 +623,10 @@
# install_neutron_agent_packages() - Collect source and prepare
function install_neutron_agent_packages {
+ # radvd doesn't come with the OS. Install it if the l3 service is enabled.
+ if is_service_enabled q-l3; then
+ install_package radvd
+ fi
# install packages that are specific to plugin agent(s)
if is_service_enabled q-agt q-dhcp q-l3; then
neutron_plugin_install_agent_packages
@@ -512,27 +639,33 @@
# Start running processes, including screen
function start_neutron_service_and_check {
- # build config-file options
- local cfg_file
- local CFG_FILE_OPTIONS="--config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE"
- for cfg_file in ${Q_PLUGIN_EXTRA_CONF_FILES[@]}; do
- CFG_FILE_OPTIONS+=" --config-file /$cfg_file"
- done
+ local cfg_file_options="$(determine_config_files neutron-server)"
+ local service_port=$Q_PORT
+ local service_protocol=$Q_PROTOCOL
+ if is_service_enabled tls-proxy; then
+ service_port=$Q_PORT_INT
+ service_protocol="http"
+ fi
# Start the Neutron service
- screen_it q-svc "cd $NEUTRON_DIR && python $NEUTRON_BIN_DIR/neutron-server $CFG_FILE_OPTIONS"
+ run_process q-svc "python $NEUTRON_BIN_DIR/neutron-server $cfg_file_options"
echo "Waiting for Neutron to start..."
- if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- http://$Q_HOST:$Q_PORT; do sleep 1; done"; then
+ if is_ssl_enabled_service "neutron"; then
+ ssl_ca="--ca-certificate=${SSL_BUNDLE_FILE}"
+ fi
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget ${ssl_ca} --no-proxy -q -O- $service_protocol://$Q_HOST:$service_port; do sleep 1; done"; then
die $LINENO "Neutron did not start"
fi
+ # Start proxy if enabled
+ if is_service_enabled tls-proxy; then
+ start_tls_proxy '*' $Q_PORT $Q_HOST $Q_PORT_INT &
+ fi
}
# Start running processes, including screen
function start_neutron_agents {
# Start up the neutron agents if enabled
- screen_it q-agt "cd $NEUTRON_DIR && python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE"
- screen_it q-dhcp "cd $NEUTRON_DIR && python $AGENT_DHCP_BINARY --config-file $NEUTRON_CONF --config-file=$Q_DHCP_CONF_FILE"
-
- L3_CONF_FILES="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE"
+ run_process q-agt "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE"
+ run_process q-dhcp "python $AGENT_DHCP_BINARY --config-file $NEUTRON_CONF --config-file=$Q_DHCP_CONF_FILE"
if is_provider_network; then
sudo ovs-vsctl add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE
@@ -541,29 +674,25 @@
sudo ip link set $PUBLIC_INTERFACE up
fi
- if is_service_enabled q-fwaas; then
- L3_CONF_FILES="$L3_CONF_FILES --config-file $Q_FWAAS_CONF_FILE"
- VPN_CONF_FILES="$VPN_CONF_FILES --config-file $Q_FWAAS_CONF_FILE"
- fi
if is_service_enabled q-vpn; then
- screen_it q-vpn "cd $NEUTRON_DIR && $AGENT_VPN_BINARY $VPN_CONF_FILES"
+ run_process q-vpn "$AGENT_VPN_BINARY $(determine_config_files neutron-vpn-agent)"
else
- screen_it q-l3 "cd $NEUTRON_DIR && python $AGENT_L3_BINARY $L3_CONF_FILES"
+ run_process q-l3 "python $AGENT_L3_BINARY $(determine_config_files neutron-l3-agent)"
fi
- screen_it q-meta "cd $NEUTRON_DIR && python $AGENT_META_BINARY --config-file $NEUTRON_CONF --config-file=$Q_META_CONF_FILE"
+ run_process q-meta "python $AGENT_META_BINARY --config-file $NEUTRON_CONF --config-file=$Q_META_CONF_FILE"
if [ "$VIRT_DRIVER" = 'xenserver' ]; then
# For XenServer, start an agent for the domU openvswitch
- screen_it q-domua "cd $NEUTRON_DIR && python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE.domU"
+ run_process q-domua "python $AGENT_BINARY --config-file $NEUTRON_CONF --config-file /$Q_PLUGIN_CONF_FILE.domU"
fi
if is_service_enabled q-lbaas; then
- screen_it q-lbaas "cd $NEUTRON_DIR && python $AGENT_LBAAS_BINARY --config-file $NEUTRON_CONF --config-file=$LBAAS_AGENT_CONF_FILENAME"
+ run_process q-lbaas "python $AGENT_LBAAS_BINARY --config-file $NEUTRON_CONF --config-file=$LBAAS_AGENT_CONF_FILENAME"
fi
if is_service_enabled q-metering; then
- screen_it q-metering "cd $NEUTRON_DIR && python $AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME"
+ run_process q-metering "python $AGENT_METERING_BINARY --config-file $NEUTRON_CONF --config-file $METERING_AGENT_CONF_FILENAME"
fi
}
@@ -664,6 +793,23 @@
setup_colorized_logging $NEUTRON_CONF DEFAULT project_id
fi
+ if is_service_enabled tls-proxy; then
+ # Set the service port for a proxy to take the original
+ iniset $NEUTRON_CONF DEFAULT bind_port "$Q_PORT_INT"
+ fi
+
+ if is_ssl_enabled_service "nova"; then
+ iniset $NEUTRON_CONF DEFAULT nova_ca_certificates_file "$SSL_BUNDLE_FILE"
+ fi
+
+ if is_ssl_enabled_service "neutron"; then
+ ensure_certificates NEUTRON
+
+ iniset $NEUTRON_CONF DEFAULT use_ssl True
+ iniset $NEUTRON_CONF DEFAULT ssl_cert_file "$NEUTRON_SSL_CERT"
+ iniset $NEUTRON_CONF DEFAULT ssl_key_file "$NEUTRON_SSL_KEY"
+ fi
+
_neutron_setup_rootwrap
}
@@ -685,8 +831,6 @@
}
function _configure_neutron_dhcp_agent {
- AGENT_DHCP_BINARY="$NEUTRON_BIN_DIR/neutron-dhcp-agent"
- Q_DHCP_CONF_FILE=$NEUTRON_CONF_DIR/dhcp_agent.ini
cp $NEUTRON_DIR/etc/dhcp_agent.ini $Q_DHCP_CONF_FILE
@@ -717,20 +861,8 @@
# for l3-agent, only use per tenant router if we have namespaces
Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE
- AGENT_L3_BINARY=${AGENT_L3_BINARY:-"$NEUTRON_BIN_DIR/neutron-l3-agent"}
- Q_L3_CONF_FILE=$NEUTRON_CONF_DIR/l3_agent.ini
-
- if is_service_enabled q-fwaas; then
- Q_FWAAS_CONF_FILE=$NEUTRON_CONF_DIR/fwaas_driver.ini
- fi
-
if is_service_enabled q-vpn; then
- Q_VPN_CONF_FILE=$NEUTRON_CONF_DIR/vpn_agent.ini
cp $NEUTRON_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE
- VPN_CONF_FILES="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE --config-file=$Q_VPN_CONF_FILE"
- for cfg_file in ${Q_VPN_EXTRA_CONF_FILES[@]}; do
- VPN_CONF_FILES+=" --config-file $cfg_file"
- done
fi
cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE
@@ -746,9 +878,6 @@
}
function _configure_neutron_metadata_agent {
- AGENT_META_BINARY="$NEUTRON_BIN_DIR/neutron-metadata-agent"
- Q_META_CONF_FILE=$NEUTRON_CONF_DIR/metadata_agent.ini
-
cp $NEUTRON_DIR/etc/metadata_agent.ini $Q_META_CONF_FILE
iniset $Q_META_CONF_FILE DEFAULT verbose True
@@ -756,12 +885,12 @@
iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP
iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND"
- _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT True True
+ _neutron_setup_keystone $Q_META_CONF_FILE DEFAULT
}
function _configure_neutron_ceilometer_notifications {
- iniset $NEUTRON_CONF DEFAULT notification_driver neutron.openstack.common.notifier.rpc_notifier
+ iniset $NEUTRON_CONF DEFAULT notification_driver messaging
}
function _configure_neutron_lbaas {
@@ -812,6 +941,9 @@
cp $NEUTRON_DIR/etc/api-paste.ini $Q_API_PASTE_FILE
cp $NEUTRON_DIR/etc/policy.json $Q_POLICY_FILE
+ # allow neutron user to administer neutron to match neutron account
+ sed -i 's/"context_is_admin": "role:admin"/"context_is_admin": "role:admin or user_name:neutron"/g' $Q_POLICY_FILE
+
# Update either configuration file with plugin
iniset $NEUTRON_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS
@@ -898,19 +1030,9 @@
function _neutron_setup_keystone {
local conf_file=$1
local section=$2
- local use_auth_url=$3
- local skip_auth_cache=$4
- iniset $conf_file $section auth_uri $KEYSTONE_SERVICE_URI
- iniset $conf_file $section identity_uri $KEYSTONE_AUTH_URI
- iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
- iniset $conf_file $section admin_user $Q_ADMIN_USERNAME
- iniset $conf_file $section admin_password $SERVICE_PASSWORD
- if [[ -z $skip_auth_cache ]]; then
- iniset $conf_file $section signing_dir $NEUTRON_AUTH_CACHE_DIR
- # Create cache dir
- create_neutron_cache_dir
- fi
+ create_neutron_cache_dir
+ configure_auth_token_middleware $conf_file $Q_ADMIN_USERNAME $NEUTRON_AUTH_CACHE_DIR $section
}
function _neutron_setup_interface_driver {
diff --git a/lib/neutron_plugins/cisco b/lib/neutron_plugins/cisco
index da90ee3..95e0ab3 100644
--- a/lib/neutron_plugins/cisco
+++ b/lib/neutron_plugins/cisco
@@ -20,38 +20,12 @@
# Specify the VLAN range
Q_CISCO_PLUGIN_VLAN_RANGES=${Q_CISCO_PLUGIN_VLAN_RANGES:-vlan:1:4094}
-# Specify ncclient package information
-NCCLIENT_DIR=$DEST/ncclient
-NCCLIENT_VERSION=${NCCLIENT_VERSION:-0.3.1}
-NCCLIENT_REPO=${NCCLIENT_REPO:-git://github.com/CiscoSystems/ncclient.git}
-NCCLIENT_BRANCH=${NCCLIENT_BRANCH:-master}
-
# This routine put a prefix on an existing function name
function _prefix_function {
declare -F $1 > /dev/null || die "$1 doesn't exist"
eval "$(echo "${2}_${1}()"; declare -f ${1} | tail -n +2)"
}
-function _has_ovs_subplugin {
- local subplugin
- for subplugin in ${Q_CISCO_PLUGIN_SUBPLUGINS[@]}; do
- if [[ "$subplugin" == "openvswitch" ]]; then
- return 0
- fi
- done
- return 1
-}
-
-function _has_nexus_subplugin {
- local subplugin
- for subplugin in ${Q_CISCO_PLUGIN_SUBPLUGINS[@]}; do
- if [[ "$subplugin" == "nexus" ]]; then
- return 0
- fi
- done
- return 1
-}
-
function _has_n1kv_subplugin {
local subplugin
for subplugin in ${Q_CISCO_PLUGIN_SUBPLUGINS[@]}; do
@@ -62,27 +36,6 @@
return 1
}
-# This routine populates the cisco config file with the information for
-# a particular nexus switch
-function _config_switch {
- local cisco_cfg_file=$1
- local switch_ip=$2
- local username=$3
- local password=$4
- local ssh_port=$5
- shift 5
-
- local section="NEXUS_SWITCH:$switch_ip"
- iniset $cisco_cfg_file $section username $username
- iniset $cisco_cfg_file $section password $password
- iniset $cisco_cfg_file $section ssh_port $ssh_port
-
- while [[ ${#@} != 0 ]]; do
- iniset $cisco_cfg_file $section $1 $2
- shift 2
- done
-}
-
# Prefix openvswitch plugin routines with "ovs" in order to differentiate from
# cisco plugin routines. This means, ovs plugin routines will coexist with cisco
# plugin routines in this script.
@@ -98,73 +51,17 @@
_prefix_function neutron_plugin_setup_interface_driver ovs
_prefix_function has_neutron_plugin_security_group ovs
-# Check the version of the installed ncclient package
-function check_ncclient_version {
-python << EOF
-version = '$NCCLIENT_VERSION'
-import sys
-try:
- import pkg_resources
- import ncclient
- module_version = pkg_resources.get_distribution('ncclient').version
- if version != module_version:
- sys.exit(1)
-except:
- sys.exit(1)
-EOF
-}
-
-# Install the ncclient package
-function install_ncclient {
- git_clone $NCCLIENT_REPO $NCCLIENT_DIR $NCCLIENT_BRANCH
- (cd $NCCLIENT_DIR; sudo python setup.py install)
-}
-
-# Check if the required version of ncclient has been installed
-function is_ncclient_installed {
- # Check if the Cisco ncclient repository exists
- if [[ -d $NCCLIENT_DIR ]]; then
- remotes=$(cd $NCCLIENT_DIR; git remote -v | grep fetch | awk '{ print $2}')
- for remote in $remotes; do
- if [[ $remote == $NCCLIENT_REPO ]]; then
- break;
- fi
- done
- if [[ $remote != $NCCLIENT_REPO ]]; then
- return 1
- fi
- else
- return 1
- fi
-
- # Check if the ncclient is installed with the right version
- if ! check_ncclient_version; then
- return 1
- fi
- return 0
-}
-
function has_neutron_plugin_security_group {
- if _has_ovs_subplugin; then
- ovs_has_neutron_plugin_security_group
- else
- return 1
- fi
+ return 1
}
function is_neutron_ovs_base_plugin {
- # Cisco uses OVS if openvswitch subplugin is deployed
- _has_ovs_subplugin
return
}
# populate required nova configuration parameters
function neutron_plugin_create_nova_conf {
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_create_nova_conf
- else
- _neutron_ovs_base_configure_nova_vif_driver
- fi
+ _neutron_ovs_base_configure_nova_vif_driver
}
function neutron_plugin_install_agent_packages {
@@ -177,32 +74,15 @@
# setup default subplugins
if [ ! -v Q_CISCO_PLUGIN_SUBPLUGINS ]; then
declare -ga Q_CISCO_PLUGIN_SUBPLUGINS
- Q_CISCO_PLUGIN_SUBPLUGINS=(openvswitch nexus)
+ Q_CISCO_PLUGIN_SUBPLUGINS=(n1kv)
fi
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_configure_common
- Q_PLUGIN_EXTRA_CONF_PATH=etc/neutron/plugins/cisco
- Q_PLUGIN_EXTRA_CONF_FILES=(cisco_plugins.ini)
- # Copy extra config files to /etc so that they can be modified
- # later according to Cisco-specific localrc settings.
- mkdir -p /$Q_PLUGIN_EXTRA_CONF_PATH
- local f
- local extra_conf_file
- for (( f=0; $f < ${#Q_PLUGIN_EXTRA_CONF_FILES[@]}; f+=1 )); do
- extra_conf_file=$Q_PLUGIN_EXTRA_CONF_PATH/${Q_PLUGIN_EXTRA_CONF_FILES[$f]}
- cp $NEUTRON_DIR/$extra_conf_file /$extra_conf_file
- done
- else
- Q_PLUGIN_CONF_PATH=etc/neutron/plugins/cisco
- Q_PLUGIN_CONF_FILENAME=cisco_plugins.ini
- fi
+ Q_PLUGIN_CONF_PATH=etc/neutron/plugins/cisco
+ Q_PLUGIN_CONF_FILENAME=cisco_plugins.ini
Q_PLUGIN_CLASS="neutron.plugins.cisco.network_plugin.PluginV2"
}
function neutron_plugin_configure_debug_command {
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_configure_debug_command
- fi
+ :
}
function neutron_plugin_configure_dhcp_agent {
@@ -210,53 +90,7 @@
}
function neutron_plugin_configure_l3_agent {
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_configure_l3_agent
- fi
-}
-
-function _configure_nexus_subplugin {
- local cisco_cfg_file=$1
-
- # Install a known compatible ncclient from the Cisco repository if necessary
- if ! is_ncclient_installed; then
- # Preserve the two global variables
- local offline=$OFFLINE
- local reclone=$RECLONE
- # Change their values to allow installation
- OFFLINE=False
- RECLONE=yes
- install_ncclient
- # Restore their values
- OFFLINE=$offline
- RECLONE=$reclone
- fi
-
- # Setup default nexus switch information
- if [ ! -v Q_CISCO_PLUGIN_SWITCH_INFO ]; then
- declare -A Q_CISCO_PLUGIN_SWITCH_INFO
- HOST_NAME=$(hostname)
- Q_CISCO_PLUGIN_SWITCH_INFO=([1.1.1.1]=stack:stack:22:${HOST_NAME}:1/10)
- else
- iniset $cisco_cfg_file CISCO nexus_driver neutron.plugins.cisco.nexus.cisco_nexus_network_driver_v2.CiscoNEXUSDriver
- fi
-
- # Setup the switch configurations
- local nswitch
- local sw_info
- local segment
- local sw_info_array
- declare -i count=0
- for nswitch in ${!Q_CISCO_PLUGIN_SWITCH_INFO[@]}; do
- sw_info=${Q_CISCO_PLUGIN_SWITCH_INFO[$nswitch]}
- sw_info_array=${sw_info//:/ }
- sw_info_array=( $sw_info_array )
- count=${#sw_info_array[@]}
- if [[ $count < 5 || $(( ($count-3) % 2 )) != 0 ]]; then
- die $LINENO "Incorrect switch configuration: ${Q_CISCO_PLUGIN_SWITCH_INFO[$nswitch]}"
- fi
- _config_switch $cisco_cfg_file $nswitch ${sw_info_array[@]}
- done
+ :
}
# Configure n1kv plugin
@@ -279,48 +113,30 @@
}
function neutron_plugin_configure_plugin_agent {
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_configure_plugin_agent
- fi
+ :
}
function neutron_plugin_configure_service {
local subplugin
local cisco_cfg_file
- if _has_ovs_subplugin; then
- ovs_neutron_plugin_configure_service
- cisco_cfg_file=/${Q_PLUGIN_EXTRA_CONF_FILES[0]}
- else
- cisco_cfg_file=/$Q_PLUGIN_CONF_FILE
- fi
+ cisco_cfg_file=/$Q_PLUGIN_CONF_FILE
# Setup the [CISCO_PLUGINS] section
if [[ ${#Q_CISCO_PLUGIN_SUBPLUGINS[@]} > 2 ]]; then
die $LINENO "At most two subplugins are supported."
fi
- if _has_ovs_subplugin && _has_n1kv_subplugin; then
- die $LINENO "OVS subplugin and n1kv subplugin cannot coexist"
- fi
-
# Setup the subplugins
- inicomment $cisco_cfg_file CISCO_PLUGINS nexus_plugin
inicomment $cisco_cfg_file CISCO_PLUGINS vswitch_plugin
inicomment $cisco_cfg_file CISCO_TEST host
for subplugin in ${Q_CISCO_PLUGIN_SUBPLUGINS[@]}; do
case $subplugin in
- nexus) iniset $cisco_cfg_file CISCO_PLUGINS nexus_plugin neutron.plugins.cisco.nexus.cisco_nexus_plugin_v2.NexusPlugin;;
- openvswitch) iniset $cisco_cfg_file CISCO_PLUGINS vswitch_plugin neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2;;
n1kv) iniset $cisco_cfg_file CISCO_PLUGINS vswitch_plugin neutron.plugins.cisco.n1kv.n1kv_neutron_plugin.N1kvNeutronPluginV2;;
*) die $LINENO "Unsupported cisco subplugin: $subplugin";;
esac
done
- if _has_nexus_subplugin; then
- _configure_nexus_subplugin $cisco_cfg_file
- fi
-
if _has_n1kv_subplugin; then
_configure_n1kv_subplugin $cisco_cfg_file
fi
diff --git a/lib/neutron_plugins/linuxbridge b/lib/neutron_plugins/linuxbridge
deleted file mode 100644
index 5f989ae..0000000
--- a/lib/neutron_plugins/linuxbridge
+++ /dev/null
@@ -1,55 +0,0 @@
-# Neutron Linux Bridge plugin
-# ---------------------------
-
-# Save trace setting
-LBRIDGE_XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-source $TOP_DIR/lib/neutron_plugins/linuxbridge_agent
-
-function neutron_plugin_configure_common {
- Q_PLUGIN_CONF_PATH=etc/neutron/plugins/linuxbridge
- Q_PLUGIN_CONF_FILENAME=linuxbridge_conf.ini
- Q_PLUGIN_CLASS="neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2"
-}
-
-function neutron_plugin_configure_service {
- if [[ "$ENABLE_TENANT_VLANS" == "True" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE vlans tenant_network_type vlan
- else
- echo "WARNING - The linuxbridge plugin is using local tenant networks, with no connectivity between hosts."
- fi
-
- # Override ``LB_VLAN_RANGES`` and ``LB_INTERFACE_MAPPINGS`` in ``localrc``
- # for more complex physical network configurations.
- if [[ "$LB_VLAN_RANGES" == "" ]] && [[ "$PHYSICAL_NETWORK" != "" ]]; then
- LB_VLAN_RANGES=$PHYSICAL_NETWORK
- if [[ "$TENANT_VLAN_RANGE" != "" ]]; then
- LB_VLAN_RANGES=$LB_VLAN_RANGES:$TENANT_VLAN_RANGE
- fi
- fi
- if [[ "$LB_VLAN_RANGES" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE vlans network_vlan_ranges $LB_VLAN_RANGES
- fi
- if [[ "$Q_USE_SECGROUP" == "True" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
- else
- iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
- fi
-
- # Define extra "LINUX_BRIDGE" configuration options when q-svc is configured by defining
- # the array ``Q_SRV_EXTRA_OPTS``.
- # For Example: ``Q_SRV_EXTRA_OPTS=(foo=true bar=2)``
- for I in "${Q_SRV_EXTRA_OPTS[@]}"; do
- # Replace the first '=' with ' ' for iniset syntax
- iniset /$Q_PLUGIN_CONF_FILE linux_bridge ${I/=/ }
- done
-}
-
-function has_neutron_plugin_security_group {
- # 0 means True here
- return 0
-}
-
-# Restore xtrace
-$LBRIDGE_XTRACE
diff --git a/lib/neutron_plugins/linuxbridge_agent b/lib/neutron_plugins/linuxbridge_agent
deleted file mode 100644
index 82b5fc9..0000000
--- a/lib/neutron_plugins/linuxbridge_agent
+++ /dev/null
@@ -1,76 +0,0 @@
-# Neutron Linux Bridge L2 agent
-# -----------------------------
-
-# Save trace setting
-PLUGIN_XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-function is_neutron_ovs_base_plugin {
- # linuxbridge doesn't use OVS
- return 1
-}
-
-function neutron_plugin_create_nova_conf {
- :
-}
-
-function neutron_plugin_install_agent_packages {
- install_package bridge-utils
-}
-
-function neutron_plugin_configure_debug_command {
- iniset $NEUTRON_TEST_CONFIG_FILE DEFAULT external_network_bridge
-}
-
-function neutron_plugin_configure_dhcp_agent {
- iniset $Q_DHCP_CONF_FILE DEFAULT dhcp_agent_manager neutron.agent.dhcp_agent.DhcpAgentWithStateReport
-}
-
-function neutron_plugin_configure_l3_agent {
- iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge
- iniset $Q_L3_CONF_FILE DEFAULT l3_agent_manager neutron.agent.l3_agent.L3NATAgentWithStateReport
-}
-
-function neutron_plugin_configure_plugin_agent {
- # Setup physical network interface mappings. Override
- # ``LB_VLAN_RANGES`` and ``LB_INTERFACE_MAPPINGS`` in ``localrc`` for more
- # complex physical network configurations.
- if [[ "$LB_INTERFACE_MAPPINGS" == "" ]] && [[ "$PHYSICAL_NETWORK" != "" ]] && [[ "$LB_PHYSICAL_INTERFACE" != "" ]]; then
- LB_INTERFACE_MAPPINGS=$PHYSICAL_NETWORK:$LB_PHYSICAL_INTERFACE
- fi
- if [[ "$LB_INTERFACE_MAPPINGS" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE linux_bridge physical_interface_mappings $LB_INTERFACE_MAPPINGS
- fi
- if [[ "$Q_USE_SECGROUP" == "True" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
- else
- iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
- fi
- AGENT_BINARY="$NEUTRON_BIN_DIR/neutron-linuxbridge-agent"
- # Define extra "AGENT" configuration options when q-agt is configured by defining
- # the array ``Q_AGENT_EXTRA_AGENT_OPTS``.
- # For Example: ``Q_AGENT_EXTRA_AGENT_OPTS=(foo=true bar=2)``
- for I in "${Q_AGENT_EXTRA_AGENT_OPTS[@]}"; do
- # Replace the first '=' with ' ' for iniset syntax
- iniset /$Q_PLUGIN_CONF_FILE agent ${I/=/ }
- done
- # Define extra "LINUX_BRIDGE" configuration options when q-agt is configured by defining
- # the array ``Q_AGENT_EXTRA_SRV_OPTS``.
- # For Example: ``Q_AGENT_EXTRA_SRV_OPTS=(foo=true bar=2)``
- for I in "${Q_AGENT_EXTRA_SRV_OPTS[@]}"; do
- # Replace the first '=' with ' ' for iniset syntax
- iniset /$Q_PLUGIN_CONF_FILE linux_bridge ${I/=/ }
- done
-}
-
-function neutron_plugin_setup_interface_driver {
- local conf_file=$1
- iniset $conf_file DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
-}
-
-function neutron_plugin_check_adv_test_requirements {
- is_service_enabled q-agt && is_service_enabled q-dhcp && return 0
-}
-
-# Restore xtrace
-$PLUGIN_XTRACE
diff --git a/lib/neutron_plugins/ml2 b/lib/neutron_plugins/ml2
index d270015..44b947f 100644
--- a/lib/neutron_plugins/ml2
+++ b/lib/neutron_plugins/ml2
@@ -6,13 +6,13 @@
set +o xtrace
# Enable this to simply and quickly enable tunneling with ML2.
-# Select either 'gre', 'vxlan', or '(gre vxlan)'
+# Select either 'gre', 'vxlan', or 'gre,vxlan'
Q_ML2_TENANT_NETWORK_TYPE=${Q_ML2_TENANT_NETWORK_TYPE:-"vxlan"}
# This has to be set here since the agent will set this in the config file
-if [[ "$Q_ML2_TENANT_NETWORK_TYPE" != "local" ]]; then
- Q_AGENT_EXTRA_AGENT_OPTS+=(tunnel_types=$Q_ML2_TENANT_NETWORK_TYPE)
+if [[ "$Q_ML2_TENANT_NETWORK_TYPE" == "gre" || "$Q_ML2_TENANT_NETWORK_TYPE" == "vxlan" ]]; then
+ Q_TUNNEL_TYPES=$Q_ML2_TENANT_NETWORK_TYPE
elif [[ "$ENABLE_TENANT_TUNNELS" == "True" ]]; then
- Q_AGENT_EXTRA_AGENT_OPTS+=(tunnel_types=gre)
+ Q_TUNNEL_TYPES=gre
fi
# Default openvswitch L2 agent
diff --git a/lib/neutron_plugins/ofagent_agent b/lib/neutron_plugins/ofagent_agent
index 66283ad..55f3f72 100644
--- a/lib/neutron_plugins/ofagent_agent
+++ b/lib/neutron_plugins/ofagent_agent
@@ -34,10 +34,18 @@
iniset $Q_L3_CONF_FILE DEFAULT l3_agent_manager neutron.agent.l3_agent.L3NATAgentWithStateReport
}
+function _neutron_ofagent_configure_firewall_driver {
+ if [[ "$Q_USE_SECGROUP" == "True" ]]; then
+ iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
+ else
+ iniset /$Q_PLUGIN_CONF_FILE securitygroup firewall_driver neutron.agent.firewall.NoopFirewallDriver
+ fi
+}
+
function neutron_plugin_configure_plugin_agent {
# Set up integration bridge
_neutron_ovs_base_setup_bridge $OVS_BRIDGE
- _neutron_ovs_base_configure_firewall_driver
+ _neutron_ofagent_configure_firewall_driver
# Check a supported openflow version
OF_VERSION=`ovs-ofctl --version | grep "OpenFlow versions" | awk '{print $3}' | cut -d':' -f2`
@@ -53,7 +61,6 @@
if [ `vercmp_numbers "$OVS_VERSION" "1.4"` -lt "0" ]; then
die $LINENO "You are running OVS version $OVS_VERSION. OVS 1.4+ is required for tunneling between multiple hosts."
fi
- iniset /$Q_PLUGIN_CONF_FILE ovs enable_tunneling True
iniset /$Q_PLUGIN_CONF_FILE ovs local_ip $TUNNEL_ENDPOINT_IP
fi
@@ -69,8 +76,13 @@
if [[ "$OVS_BRIDGE_MAPPINGS" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE ovs bridge_mappings $OVS_BRIDGE_MAPPINGS
fi
+ if [[ "$OFAGENT_PHYSICAL_INTERFACE_MAPPINGS" != "" ]]; then
+ iniset /$Q_PLUGIN_CONF_FILE agent physical_interface_mappings \
+ $OFAGENT_PHYSICAL_INTERFACE_MAPPINGS
+ fi
AGENT_BINARY="$NEUTRON_BIN_DIR/neutron-ofagent-agent"
+ iniset /$Q_PLUGIN_CONF_FILE agent tunnel_types $Q_TUNNEL_TYPES
# Define extra "AGENT" configuration options when q-agt is configured by defining
# defining the array ``Q_AGENT_EXTRA_AGENT_OPTS``.
# For Example: ``Q_AGENT_EXTRA_AGENT_OPTS=(foo=true bar=2)``
diff --git a/lib/neutron_plugins/oneconvergence b/lib/neutron_plugins/oneconvergence
index e5f0d71..4fd8c7c 100644
--- a/lib/neutron_plugins/oneconvergence
+++ b/lib/neutron_plugins/oneconvergence
@@ -1,5 +1,6 @@
# Neutron One Convergence plugin
-# ---------------------------
+# ------------------------------
+
# Save trace setting
OC_XTRACE=$(set +o | grep xtrace)
set +o xtrace
diff --git a/lib/neutron_plugins/openvswitch b/lib/neutron_plugins/openvswitch
index c468132..3b6567c 100644
--- a/lib/neutron_plugins/openvswitch
+++ b/lib/neutron_plugins/openvswitch
@@ -1,5 +1,8 @@
-# Neutron Open vSwitch plugin
-# ---------------------------
+# Common code used by cisco and embrane plugins
+# ---------------------------------------------
+
+# This module used to be for Open vSwitch monolithic plugin,
+# which has been removed in Juno.
# Save trace setting
OVS_XTRACE=$(set +o | grep xtrace)
@@ -35,11 +38,6 @@
iniset /$Q_PLUGIN_CONF_FILE ovs network_vlan_ranges $OVS_VLAN_RANGES
fi
- # Enable tunnel networks if selected
- if [[ $OVS_ENABLE_TUNNELING == "True" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE ovs enable_tunneling True
- fi
-
_neutron_ovs_base_configure_firewall_driver
# Define extra "OVS" configuration options when q-svc is configured by defining
diff --git a/lib/neutron_plugins/openvswitch_agent b/lib/neutron_plugins/openvswitch_agent
index 5adb0c5..e1a6f4a 100644
--- a/lib/neutron_plugins/openvswitch_agent
+++ b/lib/neutron_plugins/openvswitch_agent
@@ -47,7 +47,6 @@
if [ `vercmp_numbers "$OVS_VERSION" "1.4"` -lt "0" ] && ! is_service_enabled q-svc ; then
die $LINENO "You are running OVS version $OVS_VERSION. OVS 1.4+ is required for tunneling between multiple hosts."
fi
- iniset /$Q_PLUGIN_CONF_FILE ovs enable_tunneling True
iniset /$Q_PLUGIN_CONF_FILE ovs local_ip $TUNNEL_ENDPOINT_IP
fi
@@ -67,7 +66,7 @@
if [ "$VIRT_DRIVER" == 'xenserver' ]; then
# Make a copy of our config for domU
- sudo cp /$Q_PLUGIN_CONF_FILE "/$Q_PLUGIN_CONF_FILE.domu"
+ sudo cp /$Q_PLUGIN_CONF_FILE "/$Q_PLUGIN_CONF_FILE.domU"
# Deal with Dom0's L2 Agent:
Q_RR_DOM0_COMMAND="$NEUTRON_BIN_DIR/neutron-rootwrap-xen-dom0 $Q_RR_CONF_FILE"
@@ -102,6 +101,7 @@
# Set root wrap
iniset "/$Q_PLUGIN_CONF_FILE.domU" agent root_helper "$Q_RR_COMMAND"
fi
+ iniset /$Q_PLUGIN_CONF_FILE agent tunnel_types $Q_TUNNEL_TYPES
# Define extra "AGENT" configuration options when q-agt is configured by defining
# defining the array ``Q_AGENT_EXTRA_AGENT_OPTS``.
# For Example: ``Q_AGENT_EXTRA_AGENT_OPTS=(foo=true bar=2)``
diff --git a/lib/neutron_plugins/ovs_base b/lib/neutron_plugins/ovs_base
index 616a236..f0ef194 100644
--- a/lib/neutron_plugins/ovs_base
+++ b/lib/neutron_plugins/ovs_base
@@ -51,6 +51,7 @@
install_package $(get_packages "openvswitch")
if is_ubuntu; then
_neutron_ovs_base_install_ubuntu_dkms
+ restart_service openvswitch-switch
elif is_fedora; then
restart_service openvswitch
elif is_suse; then
@@ -71,14 +72,27 @@
}
function _neutron_ovs_base_configure_l3_agent {
- iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge $PUBLIC_BRIDGE
+ if [ "$Q_USE_PROVIDERNET_FOR_PUBLIC" = "True" ]; then
+ iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge ""
+ else
+ iniset $Q_L3_CONF_FILE DEFAULT external_network_bridge $PUBLIC_BRIDGE
+ fi
neutron-ovs-cleanup
- # --no-wait causes a race condition if $PUBLIC_BRIDGE is not up when ip addr flush is called
- sudo ovs-vsctl -- --may-exist add-br $PUBLIC_BRIDGE
- sudo ovs-vsctl br-set-external-id $PUBLIC_BRIDGE bridge-id $PUBLIC_BRIDGE
- # ensure no IP is configured on the public bridge
- sudo ip addr flush dev $PUBLIC_BRIDGE
+ if [[ "$Q_USE_PUBLIC_VETH" = "True" ]]; then
+ ip link show $Q_PUBLIC_VETH_INT > /dev/null 2>&1 ||
+ sudo ip link add $Q_PUBLIC_VETH_INT type veth \
+ peer name $Q_PUBLIC_VETH_EX
+ sudo ip link set $Q_PUBLIC_VETH_INT up
+ sudo ip link set $Q_PUBLIC_VETH_EX up
+ sudo ip addr flush dev $Q_PUBLIC_VETH_EX
+ else
+ # --no-wait causes a race condition if $PUBLIC_BRIDGE is not up when ip addr flush is called
+ sudo ovs-vsctl -- --may-exist add-br $PUBLIC_BRIDGE
+ sudo ovs-vsctl br-set-external-id $PUBLIC_BRIDGE bridge-id $PUBLIC_BRIDGE
+ # ensure no IP is configured on the public bridge
+ sudo ip addr flush dev $PUBLIC_BRIDGE
+ fi
}
function _neutron_ovs_base_configure_nova_vif_driver {
diff --git a/lib/neutron_plugins/plumgrid b/lib/neutron_plugins/plumgrid
index 37b9e4c..7950ac0 100644
--- a/lib/neutron_plugins/plumgrid
+++ b/lib/neutron_plugins/plumgrid
@@ -45,8 +45,8 @@
}
function has_neutron_plugin_security_group {
- # False
- return 1
+ # return 0 means enabled
+ return 0
}
function neutron_plugin_check_adv_test_requirements {
diff --git a/lib/neutron_plugins/services/loadbalancer b/lib/neutron_plugins/services/loadbalancer
index 78e7738..f84b710 100644
--- a/lib/neutron_plugins/services/loadbalancer
+++ b/lib/neutron_plugins/services/loadbalancer
@@ -10,11 +10,8 @@
LBAAS_PLUGIN=neutron.services.loadbalancer.plugin.LoadBalancerPlugin
function neutron_agent_lbaas_install_agent_packages {
- if is_ubuntu || is_fedora; then
+ if is_ubuntu || is_fedora || is_suse; then
install_package haproxy
- elif is_suse; then
- ### FIXME: Find out if package can be pushed to Factory
- echo "HAProxy packages can be installed from server:http project in OBS"
fi
}
diff --git a/lib/neutron_plugins/services/vpn b/lib/neutron_plugins/services/vpn
index d920ba6..2478c47 100644
--- a/lib/neutron_plugins/services/vpn
+++ b/lib/neutron_plugins/services/vpn
@@ -7,7 +7,7 @@
AGENT_VPN_BINARY="$NEUTRON_BIN_DIR/neutron-vpn-agent"
-VPN_PLUGIN="neutron.services.vpn.plugin.VPNDriverPlugin"
+VPN_PLUGIN=${VPN_PLUGIN:-"neutron.services.vpn.plugin.VPNDriverPlugin"}
IPSEC_PACKAGE=${IPSEC_PACKAGE:-"openswan"}
function neutron_vpn_install_agent_packages {
diff --git a/lib/neutron_plugins/vmware_nsx b/lib/neutron_plugins/vmware_nsx
index 5802ebf..f4eb82d 100644
--- a/lib/neutron_plugins/vmware_nsx
+++ b/lib/neutron_plugins/vmware_nsx
@@ -105,9 +105,6 @@
if [[ "$NSX_PASSWORD" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE DEFAULT nsx_password $NSX_PASSWORD
fi
- if [[ "$NSX_REQ_TIMEOUT" != "" ]]; then
- iniset /$Q_PLUGIN_CONF_FILE DEFAULT req_timeout $NSX_REQ_TIMEOUT
- fi
if [[ "$NSX_HTTP_TIMEOUT" != "" ]]; then
iniset /$Q_PLUGIN_CONF_FILE DEFAULT http_timeout $NSX_HTTP_TIMEOUT
fi
diff --git a/lib/neutron_thirdparty/README.md b/lib/neutron_thirdparty/README.md
index 2460e5c..5655e0b 100644
--- a/lib/neutron_thirdparty/README.md
+++ b/lib/neutron_thirdparty/README.md
@@ -28,12 +28,14 @@
git clone xxx
* ``start_<third_party>``:
- start running processes, including screen
+ start running processes, including screen if USE_SCREEN=True
e.g.
- screen_it XXXX "cd $XXXXY_DIR && $XXXX_DIR/bin/XXXX-bin"
+ run_process XXXX "$XXXX_DIR/bin/XXXX-bin"
* ``stop_<third_party>``:
stop running processes (non-screen)
+ e.g.
+ stop_process XXXX
* ``check_<third_party>``:
verify that the integration between neutron server and third-party components is sane
diff --git a/lib/neutron_thirdparty/ryu b/lib/neutron_thirdparty/ryu
index c737600..233f3aa 100644
--- a/lib/neutron_thirdparty/ryu
+++ b/lib/neutron_thirdparty/ryu
@@ -64,7 +64,7 @@
}
function start_ryu {
- screen_it ryu "cd $RYU_DIR && $RYU_DIR/bin/ryu-manager --config-file $RYU_CONF"
+ run_process ryu "$RYU_DIR/bin/ryu-manager --config-file $RYU_CONF"
}
function stop_ryu {
diff --git a/lib/neutron_thirdparty/vmware_nsx b/lib/neutron_thirdparty/vmware_nsx
index 7a76570..7a20c64 100644
--- a/lib/neutron_thirdparty/vmware_nsx
+++ b/lib/neutron_thirdparty/vmware_nsx
@@ -8,7 +8,7 @@
# * enable_service vmware_nsx --> to execute this third-party addition
# * PUBLIC_BRIDGE --> bridge used for external connectivity, typically br-ex
# * NSX_GATEWAY_NETWORK_INTERFACE --> interface used to communicate with the NSX Gateway
-# * NSX_GATEWAY_NETWORK_CIDR --> CIDR to configure br-ex, e.g. 172.24.4.211/24
+# * NSX_GATEWAY_NETWORK_CIDR --> CIDR to configure $PUBLIC_BRIDGE, e.g. 172.24.4.211/24
# Save trace setting
NSX3_XTRACE=$(set +o | grep xtrace)
@@ -29,7 +29,7 @@
function init_vmware_nsx {
if ! is_set NSX_GATEWAY_NETWORK_CIDR; then
NSX_GATEWAY_NETWORK_CIDR=$PUBLIC_NETWORK_GATEWAY/${FLOATING_RANGE#*/}
- echo "The IP address to set on br-ex was not specified. "
+ echo "The IP address to set on $PUBLIC_BRIDGE was not specified. "
echo "Defaulting to "$NSX_GATEWAY_NETWORK_CIDR
fi
# Make sure the interface is up, but not configured
@@ -42,14 +42,15 @@
# only with mac learning enabled, portsecurity and security profiles disabled
# The public bridge might not exist for the NSX plugin if Q_USE_DEBUG_COMMAND is off
# Try to create it anyway
- sudo ovs-vsctl --no-wait -- --may-exist add-br $PUBLIC_BRIDGE
- sudo ovs-vsctl -- --may-exist add-port $PUBLIC_BRIDGE $NSX_GATEWAY_NETWORK_INTERFACE
+ sudo ovs-vsctl --may-exist add-br $PUBLIC_BRIDGE
+ sudo ovs-vsctl --may-exist add-port $PUBLIC_BRIDGE $NSX_GATEWAY_NETWORK_INTERFACE
nsx_gw_net_if_mac=$(ip link show $NSX_GATEWAY_NETWORK_INTERFACE | awk '/ether/ {print $2}')
sudo ip link set address $nsx_gw_net_if_mac dev $PUBLIC_BRIDGE
for address in $addresses; do
sudo ip addr add dev $PUBLIC_BRIDGE $address
done
sudo ip addr add dev $PUBLIC_BRIDGE $NSX_GATEWAY_NETWORK_CIDR
+ sudo ip link set $PUBLIC_BRIDGE up
}
function install_vmware_nsx {
@@ -63,7 +64,7 @@
function stop_vmware_nsx {
if ! is_set NSX_GATEWAY_NETWORK_CIDR; then
NSX_GATEWAY_NETWORK_CIDR=$PUBLIC_NETWORK_GATEWAY/${FLOATING_RANGE#*/}
- echo "The IP address expected on br-ex was not specified. "
+ echo "The IP address expected on $PUBLIC_BRIDGE was not specified. "
echo "Defaulting to "$NSX_GATEWAY_NETWORK_CIDR
fi
sudo ip addr del $NSX_GATEWAY_NETWORK_CIDR dev $PUBLIC_BRIDGE
diff --git a/lib/nova b/lib/nova
index 6b1afd9..0f83807 100644
--- a/lib/nova
+++ b/lib/nova
@@ -39,15 +39,25 @@
NOVA_CONF_DIR=/etc/nova
NOVA_CONF=$NOVA_CONF_DIR/nova.conf
NOVA_CELLS_CONF=$NOVA_CONF_DIR/nova-cells.conf
+NOVA_FAKE_CONF=$NOVA_CONF_DIR/nova-fake.conf
NOVA_CELLS_DB=${NOVA_CELLS_DB:-nova_cell}
NOVA_API_PASTE_INI=${NOVA_API_PASTE_INI:-$NOVA_CONF_DIR/api-paste.ini}
+if is_ssl_enabled_service "nova" || is_service_enabled tls-proxy; then
+ NOVA_SERVICE_PROTOCOL="https"
+ EC2_SERVICE_PROTOCOL="https"
+else
+ EC2_SERVICE_PROTOCOL="http"
+fi
+
# Public facing bits
NOVA_SERVICE_HOST=${NOVA_SERVICE_HOST:-$SERVICE_HOST}
NOVA_SERVICE_PORT=${NOVA_SERVICE_PORT:-8774}
NOVA_SERVICE_PORT_INT=${NOVA_SERVICE_PORT_INT:-18774}
NOVA_SERVICE_PROTOCOL=${NOVA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+EC2_SERVICE_PORT=${EC2_SERVICE_PORT:-8773}
+EC2_SERVICE_PORT_INT=${EC2_SERVICE_PORT_INT:-18773}
# Support entry points installation of console scripts
if [[ -d $NOVA_DIR/bin ]]; then
@@ -59,10 +69,6 @@
# Set the paths of certain binaries
NOVA_ROOTWRAP=$(get_rootwrap_location nova)
-# Allow rate limiting to be turned off for testing, like for Tempest
-# NOTE: Set API_RATE_LIMIT="False" to turn OFF rate limiting
-API_RATE_LIMIT=${API_RATE_LIMIT:-"True"}
-
# Option to enable/disable config drive
# NOTE: Set FORCE_CONFIG_DRIVE="False" to turn OFF config drive
FORCE_CONFIG_DRIVE=${FORCE_CONFIG_DRIVE:-"always"}
@@ -88,6 +94,10 @@
| grep ^[ep] \
| head -1)
+# $NOVA_VNC_ENABLED can be used to forcibly enable vnc configuration.
+# In multi-node setups allows compute hosts to not run n-novnc.
+NOVA_VNC_ENABLED=$(trueorfalse False $NOVA_VNC_ENABLED)
+
# Get hypervisor configuration
# ----------------------------
@@ -127,6 +137,10 @@
# running the VM - removing a SPOF and bandwidth bottleneck.
MULTI_HOST=`trueorfalse False $MULTI_HOST`
+# ``NOVA_ALLOW_MOVE_TO_SAME_HOST` can be set to False in multi node devstack,
+# where there are at least two nova-computes.
+NOVA_ALLOW_MOVE_TO_SAME_HOST=`trueorfalse True $NOVA_ALLOW_MOVE_TO_SAME_HOST`
+
# Test floating pool and range are used for testing. They are defined
# here until the admin APIs can replace nova-manage
TEST_FLOATING_POOL=${TEST_FLOATING_POOL:-test}
@@ -320,14 +334,12 @@
}
# create_nova_accounts() - Set up common required nova accounts
-
+#
# Project User Roles
# ------------------------------------------------------------------
# SERVICE_TENANT_NAME nova admin
# SERVICE_TENANT_NAME nova ResellerAdmin (if Swift is enabled)
-
-# Migrated from keystone_data.sh
-create_nova_accounts() {
+function create_nova_accounts {
local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
@@ -349,13 +361,13 @@
"$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s" \
"$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2/\$(tenant_id)s"
- local nova_v3_service=$(get_or_create_service "novav3" \
- "computev3" "Nova Compute Service V3")
- get_or_create_endpoint $nova_v3_service \
+ local nova_v21_service=$(get_or_create_service "novav21" \
+ "computev21" "Nova Compute Service V2.1")
+ get_or_create_endpoint $nova_v21_service \
"$REGION_NAME" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3" \
- "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v3"
+ "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s" \
+ "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s" \
+ "$NOVA_SERVICE_PROTOCOL://$NOVA_SERVICE_HOST:$NOVA_SERVICE_PORT/v2.1/\$(tenant_id)s"
fi
fi
@@ -374,9 +386,9 @@
"ec2" "EC2 Compatibility Layer")
get_or_create_endpoint $ec2_service \
"$REGION_NAME" \
- "http://$SERVICE_HOST:8773/services/Cloud" \
- "http://$SERVICE_HOST:8773/services/Admin" \
- "http://$SERVICE_HOST:8773/services/Cloud"
+ "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/services/Cloud" \
+ "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/services/Admin" \
+ "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/services/Cloud"
fi
fi
@@ -403,14 +415,15 @@
rm -f $NOVA_CONF
iniset $NOVA_CONF DEFAULT verbose "True"
iniset $NOVA_CONF DEFAULT debug "$ENABLE_DEBUG_LOG_LEVEL"
- iniset $NOVA_CONF DEFAULT auth_strategy "keystone"
- iniset $NOVA_CONF DEFAULT allow_resize_to_same_host "True"
+ if [ "$NOVA_ALLOW_MOVE_TO_SAME_HOST" == "True" ]; then
+ iniset $NOVA_CONF DEFAULT allow_resize_to_same_host "True"
+ iniset $NOVA_CONF DEFAULT allow_migrate_to_same_host "True"
+ fi
iniset $NOVA_CONF DEFAULT api_paste_config "$NOVA_API_PASTE_INI"
iniset $NOVA_CONF DEFAULT rootwrap_config "$NOVA_CONF_DIR/rootwrap.conf"
iniset $NOVA_CONF DEFAULT scheduler_driver "$SCHEDULER"
iniset $NOVA_CONF DEFAULT dhcpbridge_flagfile "$NOVA_CONF"
iniset $NOVA_CONF DEFAULT force_dhcp_release "True"
- iniset $NOVA_CONF DEFAULT fixed_range ""
iniset $NOVA_CONF DEFAULT default_floating_pool "$PUBLIC_NETWORK_NAME"
iniset $NOVA_CONF DEFAULT s3_host "$SERVICE_HOST"
iniset $NOVA_CONF DEFAULT s3_port "$S3_SERVICE_PORT"
@@ -436,16 +449,17 @@
iniset $NOVA_CONF DEFAULT osapi_compute_listen_port "$NOVA_SERVICE_PORT_INT"
fi
- # Add keystone authtoken configuration
-
- iniset $NOVA_CONF keystone_authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $NOVA_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $NOVA_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
- iniset $NOVA_CONF keystone_authtoken admin_user nova
- iniset $NOVA_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
+ configure_auth_token_middleware $NOVA_CONF nova $NOVA_AUTH_CACHE_DIR
fi
- iniset $NOVA_CONF keystone_authtoken signing_dir $NOVA_AUTH_CACHE_DIR
+ if is_service_enabled cinder; then
+ if is_ssl_enabled_service "cinder" || is_service_enabled tls-proxy; then
+ CINDER_SERVICE_HOST=${CINDER_SERVICE_HOST:-$SERVICE_HOST}
+ CINDER_SERVICE_PORT=${CINDER_SERVICE_PORT:-8776}
+ iniset $NOVA_CONF cinder endpoint_template "https://$CINDER_SERVICE_HOST:$CINDER_SERVICE_PORT/v1/%(project_id)s"
+ iniset $NOVA_CONF cinder ca_certificates_file $SSL_BUNDLE_FILE
+ fi
+ fi
if [ -n "$NOVA_STATE_PATH" ]; then
iniset $NOVA_CONF DEFAULT state_path "$NOVA_STATE_PATH"
@@ -461,9 +475,6 @@
if [ "$SYSLOG" != "False" ]; then
iniset $NOVA_CONF DEFAULT use_syslog "True"
fi
- if [ "$API_RATE_LIMIT" != "True" ]; then
- iniset $NOVA_CONF DEFAULT api_rate_limit "False"
- fi
if [ "$FORCE_CONFIG_DRIVE" != "False" ]; then
iniset $NOVA_CONF DEFAULT force_config_drive "$FORCE_CONFIG_DRIVE"
fi
@@ -492,7 +503,7 @@
iniset $NOVA_CONF spice html5proxy_base_url "$SPICEHTML5PROXY_URL"
fi
- if is_service_enabled n-novnc || is_service_enabled n-xvnc; then
+ if is_service_enabled n-novnc || is_service_enabled n-xvnc || [ "$NOVA_VNC_ENABLED" != False ]; then
# Address on which instance vncservers will listen on compute hosts.
# For multi-host, this should be the management ip of the compute host.
VNCSERVER_LISTEN=${VNCSERVER_LISTEN=127.0.0.1}
@@ -517,8 +528,31 @@
fi
iniset $NOVA_CONF DEFAULT ec2_dmz_host "$EC2_DMZ_HOST"
+ iniset $NOVA_CONF DEFAULT keystone_ec2_url $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
iniset_rpc_backend nova $NOVA_CONF DEFAULT
- iniset $NOVA_CONF glance api_servers "$GLANCE_HOSTPORT"
+ iniset $NOVA_CONF glance api_servers "${GLANCE_SERVICE_PROTOCOL}://${GLANCE_HOSTPORT}"
+
+ iniset $NOVA_CONF DEFAULT osapi_compute_workers "$API_WORKERS"
+ iniset $NOVA_CONF DEFAULT ec2_workers "$API_WORKERS"
+ iniset $NOVA_CONF DEFAULT metadata_workers "$API_WORKERS"
+
+ if is_ssl_enabled_service glance || is_service_enabled tls-proxy; then
+ iniset $NOVA_CONF DEFAULT glance_protocol https
+ fi
+
+ # Register SSL certificates if provided
+ if is_ssl_enabled_service nova; then
+ ensure_certificates NOVA
+
+ iniset $NOVA_CONF DEFAULT ssl_cert_file "$NOVA_SSL_CERT"
+ iniset $NOVA_CONF DEFAULT ssl_key_file "$NOVA_SSL_KEY"
+
+ iniset $NOVA_CONF DEFAULT enabled_ssl_apis "$NOVA_ENABLED_APIS"
+ fi
+
+ if is_service_enabled tls-proxy; then
+ iniset $NOVA_CONF DEFAULT ec2_listen_port $EC2_SERVICE_PORT_INT
+ fi
}
function init_nova_cells {
@@ -647,19 +681,22 @@
function start_nova_api {
# Get right service port for testing
local service_port=$NOVA_SERVICE_PORT
+ local service_protocol=$NOVA_SERVICE_PROTOCOL
if is_service_enabled tls-proxy; then
service_port=$NOVA_SERVICE_PORT_INT
+ service_protocol="http"
fi
- screen_it n-api "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-api"
+ run_process n-api "$NOVA_BIN_DIR/nova-api"
echo "Waiting for nova-api to start..."
- if ! wait_for_service $SERVICE_TIMEOUT http://$SERVICE_HOST:$service_port; then
+ if ! wait_for_service $SERVICE_TIMEOUT $service_protocol://$SERVICE_HOST:$service_port; then
die $LINENO "nova-api did not start"
fi
# Start proxies if enabled
if is_service_enabled tls-proxy; then
start_tls_proxy '*' $NOVA_SERVICE_PORT $NOVA_SERVICE_HOST $NOVA_SERVICE_PORT_INT &
+ start_tls_proxy '*' $EC2_SERVICE_PORT $NOVA_SERVICE_HOST $EC2_SERVICE_PORT_INT &
fi
}
@@ -673,18 +710,24 @@
if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then
# The group **$LIBVIRT_GROUP** is added to the current user in this script.
- # Use 'sg' to execute nova-compute as a member of the **$LIBVIRT_GROUP** group.
- screen_it n-cpu "cd $NOVA_DIR && sg $LIBVIRT_GROUP '$NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf'"
+ # ``sg`` is used in run_process to execute nova-compute as a member of the
+ # **$LIBVIRT_GROUP** group.
+ run_process n-cpu "$NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf" $LIBVIRT_GROUP
elif [[ "$VIRT_DRIVER" = 'fake' ]]; then
local i
for i in `seq 1 $NUMBER_FAKE_NOVA_COMPUTE`; do
- screen_it n-cpu "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf --config-file <(echo -e '[DEFAULT]\nhost=${HOSTNAME}${i}')"
+ # Avoid process redirection of fake host configurations by
+ # creating or modifying real configurations. Each fake
+ # gets its own configuration and own log file.
+ local fake_conf="${NOVA_FAKE_CONF}-${i}"
+ iniset $fake_conf DEFAULT nhost "${HOSTNAME}${i}"
+ run_process "n-cpu-${i}" "$NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf --config-file $fake_conf"
done
else
if is_service_enabled n-cpu && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
start_nova_hypervisor
fi
- screen_it n-cpu "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf"
+ run_process n-cpu "$NOVA_BIN_DIR/nova-compute --config-file $compute_cell_conf"
fi
}
@@ -697,25 +740,25 @@
local compute_cell_conf=$NOVA_CONF
fi
- # ``screen_it`` checks ``is_service_enabled``, it is not needed here
- screen_it n-cond "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-conductor --config-file $compute_cell_conf"
- screen_it n-cell-region "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-cells --config-file $api_cell_conf"
- screen_it n-cell-child "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-cells --config-file $compute_cell_conf"
+ # ``run_process`` checks ``is_service_enabled``, it is not needed here
+ run_process n-cond "$NOVA_BIN_DIR/nova-conductor --config-file $compute_cell_conf"
+ run_process n-cell-region "$NOVA_BIN_DIR/nova-cells --config-file $api_cell_conf"
+ run_process n-cell-child "$NOVA_BIN_DIR/nova-cells --config-file $compute_cell_conf"
- screen_it n-crt "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-cert --config-file $api_cell_conf"
- screen_it n-net "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf"
- screen_it n-sch "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-scheduler --config-file $compute_cell_conf"
- screen_it n-api-meta "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf"
+ run_process n-crt "$NOVA_BIN_DIR/nova-cert --config-file $api_cell_conf"
+ run_process n-net "$NOVA_BIN_DIR/nova-network --config-file $compute_cell_conf"
+ run_process n-sch "$NOVA_BIN_DIR/nova-scheduler --config-file $compute_cell_conf"
+ run_process n-api-meta "$NOVA_BIN_DIR/nova-api-metadata --config-file $compute_cell_conf"
- screen_it n-novnc "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-novncproxy --config-file $api_cell_conf --web $NOVNC_WEB_DIR"
- screen_it n-xvnc "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-xvpvncproxy --config-file $api_cell_conf"
- screen_it n-spice "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-spicehtml5proxy --config-file $api_cell_conf --web $SPICE_WEB_DIR"
- screen_it n-cauth "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-consoleauth --config-file $api_cell_conf"
+ run_process n-novnc "$NOVA_BIN_DIR/nova-novncproxy --config-file $api_cell_conf --web $NOVNC_WEB_DIR"
+ run_process n-xvnc "$NOVA_BIN_DIR/nova-xvpvncproxy --config-file $api_cell_conf"
+ run_process n-spice "$NOVA_BIN_DIR/nova-spicehtml5proxy --config-file $api_cell_conf --web $SPICE_WEB_DIR"
+ run_process n-cauth "$NOVA_BIN_DIR/nova-consoleauth --config-file $api_cell_conf"
# Starting the nova-objectstore only if swift3 service is not enabled.
# Swift will act as s3 objectstore.
is_service_enabled swift3 || \
- screen_it n-obj "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-objectstore --config-file $api_cell_conf"
+ run_process n-obj "$NOVA_BIN_DIR/nova-objectstore --config-file $api_cell_conf"
}
function start_nova {
@@ -724,7 +767,14 @@
}
function stop_nova_compute {
- screen_stop n-cpu
+ if [ "$VIRT_DRIVER" == "fake" ]; then
+ local i
+ for i in `seq 1 $NUMBER_FAKE_NOVA_COMPUTE`; do
+ stop_process n-cpu-${i}
+ done
+ else
+ stop_process n-cpu
+ fi
if is_service_enabled n-cpu && [[ -r $NOVA_PLUGINS/hypervisor-$VIRT_DRIVER ]]; then
stop_nova_hypervisor
fi
@@ -735,7 +785,7 @@
# Some services are listed here twice since more than one instance
# of a service may be running in certain configs.
for serv in n-api n-crt n-net n-sch n-novnc n-xvnc n-cauth n-spice n-cond n-cell n-cell n-api-meta n-obj; do
- screen_stop $serv
+ stop_process $serv
done
}
diff --git a/lib/nova_plugins/functions-libvirt b/lib/nova_plugins/functions-libvirt
index 6fb5c38..d3c4eab 100644
--- a/lib/nova_plugins/functions-libvirt
+++ b/lib/nova_plugins/functions-libvirt
@@ -10,7 +10,7 @@
set +o xtrace
# Defaults
-# -------
+# --------
# if we should turn on massive libvirt debugging
DEBUG_LIBVIRT=$(trueorfalse False $DEBUG_LIBVIRT)
@@ -37,7 +37,7 @@
# and HP images used in the gate; rackspace has firewalld but hp
# cloud doesn't. RHEL6 doesn't have firewalld either. So we
# don't care if it fails.
- if is_fedora; then
+ if is_fedora && is_package_installed firewalld; then
sudo service firewalld restart || true
fi
}
@@ -57,7 +57,9 @@
EOF
fi
- if is_ubuntu; then
+ # Since the release of Debian Wheezy the libvirt init script is libvirtd
+ # and not libvirtd-bin anymore.
+ if is_ubuntu && [ ! -f /etc/init.d/libvirtd ]; then
LIBVIRT_DAEMON=libvirt-bin
else
LIBVIRT_DAEMON=libvirtd
diff --git a/lib/nova_plugins/hypervisor-fake b/lib/nova_plugins/hypervisor-fake
index e7a833f..dc93633 100644
--- a/lib/nova_plugins/hypervisor-fake
+++ b/lib/nova_plugins/hypervisor-fake
@@ -47,7 +47,7 @@
iniset $NOVA_CONF DEFAULT quota_security_groups -1
iniset $NOVA_CONF DEFAULT quota_security_group_rules -1
iniset $NOVA_CONF DEFAULT quota_key_pairs -1
- iniset $NOVA_CONF DEFAULT scheduler_default_filters "RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter"
+ iniset $NOVA_CONF DEFAULT scheduler_default_filters "RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,CoreFilter,RamFilter,DiskFilter"
}
# install_nova_hypervisor() - Install external components
diff --git a/lib/nova_plugins/hypervisor-ironic b/lib/nova_plugins/hypervisor-ironic
index c068c74..4004cc9 100644
--- a/lib/nova_plugins/hypervisor-ironic
+++ b/lib/nova_plugins/hypervisor-ironic
@@ -37,12 +37,9 @@
configure_libvirt
LIBVIRT_FIREWALL_DRIVER=${LIBVIRT_FIREWALL_DRIVER:-"nova.virt.firewall.NoopFirewallDriver"}
- # NOTE(adam_g): The ironic compute driver currently lives in the ironic
- # tree. We purposely configure Nova to load it from there until it moves
- # back into Nova proper.
- iniset $NOVA_CONF DEFAULT compute_driver ironic.nova.virt.ironic.IronicDriver
+ iniset $NOVA_CONF DEFAULT compute_driver nova.virt.ironic.IronicDriver
iniset $NOVA_CONF DEFAULT firewall_driver $LIBVIRT_FIREWALL_DRIVER
- iniset $NOVA_CONF DEFAULT scheduler_host_manager ironic.nova.scheduler.ironic_host_manager.IronicHostManager
+ iniset $NOVA_CONF DEFAULT scheduler_host_manager nova.scheduler.ironic_host_manager.IronicHostManager
iniset $NOVA_CONF DEFAULT ram_allocation_ratio 1.0
iniset $NOVA_CONF DEFAULT reserved_host_memory_mb 0
# ironic section
@@ -51,11 +48,13 @@
iniset $NOVA_CONF ironic admin_url $KEYSTONE_AUTH_URI/v2.0
iniset $NOVA_CONF ironic admin_tenant_name demo
iniset $NOVA_CONF ironic api_endpoint http://$SERVICE_HOST:6385/v1
- iniset $NOVA_CONF ironic sql_connection `database_connection_url nova_bm`
}
# install_nova_hypervisor() - Install external components
function install_nova_hypervisor {
+ if ! is_service_enabled neutron; then
+ die $LINENO "Neutron should be enabled for usage of the Ironic Nova driver."
+ fi
install_libvirt
}
diff --git a/lib/opendaylight b/lib/opendaylight
index 33b3f0a..374de95 100644
--- a/lib/opendaylight
+++ b/lib/opendaylight
@@ -3,9 +3,9 @@
# Dependencies:
#
-# - ``functions`` file
-# # ``DEST`` must be defined
-# # ``STACK_USER`` must be defined
+# ``functions`` file
+# ``DEST`` must be defined
+# ``STACK_USER`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
@@ -48,23 +48,24 @@
ODL_DIR=$DEST/opendaylight
# The OpenDaylight Package, currently using 'Hydrogen' release
-ODL_PKG=${ODL_PKG:-distributions-virtualization-0.1.1-osgipackage.zip}
+ODL_PKG=${ODL_PKG:-distribution-karaf-0.2.0-Helium.zip}
# The OpenDaylight URL
-ODL_URL=${ODL_URL:-https://nexus.opendaylight.org/content/repositories/opendaylight.release/org/opendaylight/integration/distributions-virtualization/0.1.1}
+ODL_URL=${ODL_URL:-https://nexus.opendaylight.org/content/groups/public/org/opendaylight/integration/distribution-karaf/0.2.0-Helium}
# Default arguments for OpenDaylight. This is typically used to set
# Java memory options.
-# ODL_ARGS=Xmx1024m -XX:MaxPermSize=512m
+# ``ODL_ARGS=Xmx1024m -XX:MaxPermSize=512m``
ODL_ARGS=${ODL_ARGS:-"-XX:MaxPermSize=384m"}
# How long to pause after ODL starts to let it complete booting
-ODL_BOOT_WAIT=${ODL_BOOT_WAIT:-60}
+ODL_BOOT_WAIT=${ODL_BOOT_WAIT:-20}
# The physical provider network to device mapping
ODL_PROVIDER_MAPPINGS=${ODL_PROVIDER_MAPPINGS:-physnet1:eth1}
-# Set up default directories
+# Enable OpenDaylight l3 forwarding
+ODL_L3=${ODL_L3:-False}
# Entry Points
@@ -85,11 +86,26 @@
# configure_opendaylight() - Set config files, create data dirs, etc
function configure_opendaylight {
- # Remove simple forwarder
- rm -f $ODL_DIR/opendaylight/plugins/org.opendaylight.controller.samples.simpleforwarding*
+ # Add odl-ovsdb-openstack if it's not already there
+ local ODLOVSDB=$(cat $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/org.apache.karaf.features.cfg | grep featuresBoot= | grep odl)
+ if [ "$ODLOVSDB" == "" ]; then
+ sed -i '/^featuresBoot=/ s/$/,odl-ovsdb-openstack/' $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/org.apache.karaf.features.cfg
+ fi
- # Configure OpenFlow 1.3
- echo "ovsdb.of.version=1.3" >> $ODL_DIR/opendaylight/configuration/config.ini
+ # Configure OpenFlow 1.3 if it's not there
+ local OFLOW13=$(cat $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/custom.properties | grep ^of.version)
+ if [ "$OFLOW13" == "" ]; then
+ echo "ovsdb.of.version=1.3" >> $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/custom.properties
+ fi
+
+ # Configure L3 if the user wants it
+ if [ "${ODL_L3}" == "True" ]; then
+ # Configure L3 FWD if it's not there
+ local L3FWD=$(cat $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/custom.properties | grep ^ovsdb.l3.fwd.enabled)
+ if [ "$L3FWD" == "" ]; then
+ echo "ovsdb.l3.fwd.enabled=yes" >> $ODL_DIR/distribution-karaf-0.2.0-Helium/etc/custom.properties
+ fi
+ fi
}
function configure_ml2_odl {
@@ -139,7 +155,8 @@
# The flags to ODL have the following meaning:
# -of13: runs ODL using OpenFlow 1.3 protocol support.
# -virt ovsdb: Runs ODL in "virtualization" mode with OVSDB support
- screen_it odl-server "cd $ODL_DIR/opendaylight && JAVA_HOME=$JHOME ./run.sh $ODL_ARGS -of13 -virt ovsdb"
+
+ run_process odl-server "cd $ODL_DIR/distribution-karaf-0.2.0-Helium && JAVA_HOME=$JHOME bin/karaf"
# Sleep a bit to let OpenDaylight finish starting up
sleep $ODL_BOOT_WAIT
@@ -147,7 +164,7 @@
# stop_opendaylight() - Stop running processes (non-screen)
function stop_opendaylight {
- screen_stop odl-server
+ stop_process odl-server
}
# stop_opendaylight-compute() - Remove OVS bridges
diff --git a/lib/oslo b/lib/oslo
index 421fbce..a20aa14 100644
--- a/lib/oslo
+++ b/lib/oslo
@@ -20,16 +20,21 @@
# Defaults
# --------
-CLIFF_DIR=$DEST/cliff
-OSLOCFG_DIR=$DEST/oslo.config
-OSLODB_DIR=$DEST/oslo.db
-OSLOI18N_DIR=$DEST/oslo.i18n
-OSLOMSG_DIR=$DEST/oslo.messaging
-OSLORWRAP_DIR=$DEST/oslo.rootwrap
-OSLOVMWARE_DIR=$DEST/oslo.vmware
-PYCADF_DIR=$DEST/pycadf
-STEVEDORE_DIR=$DEST/stevedore
-TASKFLOW_DIR=$DEST/taskflow
+GITDIR["cliff"]=$DEST/cliff
+GITDIR["oslo.config"]=$DEST/oslo.config
+GITDIR["oslo.concurrency"]=$DEST/oslo.concurrency
+GITDIR["oslo.db"]=$DEST/oslo.db
+GITDIR["oslo.i18n"]=$DEST/oslo.i18n
+GITDIR["oslo.log"]=$DEST/oslo.log
+GITDIR["oslo.middleware"]=$DEST/oslo.middleware
+GITDIR["oslo.messaging"]=$DEST/oslo.messaging
+GITDIR["oslo.rootwrap"]=$DEST/oslo.rootwrap
+GITDIR["oslo.serialization"]=$DEST/oslo.serialization
+GITDIR["oslo.utils"]=$DEST/oslo.utils
+GITDIR["oslo.vmware"]=$DEST/oslo.vmware
+GITDIR["pycadf"]=$DEST/pycadf
+GITDIR["stevedore"]=$DEST/stevedore
+GITDIR["taskflow"]=$DEST/taskflow
# Support entry points installation of console scripts
OSLO_BIN_DIR=$(get_python_exec_prefix)
@@ -37,52 +42,31 @@
# Entry Points
# ------------
-# install_oslo() - Collect source and prepare
-function install_oslo {
- # TODO(sdague): remove this once we get to Icehouse, this just makes
- # for a smoother transition of existing users.
- cleanup_oslo
-
- git_clone $CLIFF_REPO $CLIFF_DIR $CLIFF_BRANCH
- setup_install $CLIFF_DIR
-
- git_clone $OSLOI18N_REPO $OSLOI18N_DIR $OSLOI18N_BRANCH
- setup_install $OSLOI18N_DIR
-
- git_clone $OSLOCFG_REPO $OSLOCFG_DIR $OSLOCFG_BRANCH
- setup_install $OSLOCFG_DIR
-
- git_clone $OSLOMSG_REPO $OSLOMSG_DIR $OSLOMSG_BRANCH
- setup_install $OSLOMSG_DIR
-
- git_clone $OSLORWRAP_REPO $OSLORWRAP_DIR $OSLORWRAP_BRANCH
- setup_install $OSLORWRAP_DIR
-
- git_clone $OSLODB_REPO $OSLODB_DIR $OSLODB_BRANCH
- setup_install $OSLODB_DIR
-
- git_clone $OSLOVMWARE_REPO $OSLOVMWARE_DIR $OSLOVMWARE_BRANCH
- setup_install $OSLOVMWARE_DIR
-
- git_clone $PYCADF_REPO $PYCADF_DIR $PYCADF_BRANCH
- setup_install $PYCADF_DIR
-
- git_clone $STEVEDORE_REPO $STEVEDORE_DIR $STEVEDORE_BRANCH
- setup_install $STEVEDORE_DIR
-
- git_clone $TASKFLOW_REPO $TASKFLOW_DIR $TASKFLOW_BRANCH
- setup_install $TASKFLOW_DIR
+function _do_install_oslo_lib {
+ local name=$1
+ if use_library_from_git "$name"; then
+ git_clone_by_name "$name"
+ setup_lib "$name"
+ fi
}
-# cleanup_oslo() - purge possibly old versions of oslo
-function cleanup_oslo {
- # this means we've got an old oslo installed, lets get rid of it
- if ! python -c 'import oslo.config' 2>/dev/null; then
- echo "Found old oslo.config... removing to ensure consistency"
- local PIP_CMD=$(get_pip_command)
- pip_install oslo.config
- sudo $PIP_CMD uninstall -y oslo.config
- fi
+# install_oslo() - Collect source and prepare
+function install_oslo {
+ _do_install_oslo_lib "cliff"
+ _do_install_oslo_lib "oslo.i18n"
+ _do_install_oslo_lib "oslo.utils"
+ _do_install_oslo_lib "oslo.serialization"
+ _do_install_oslo_lib "oslo.config"
+ _do_install_oslo_lib "oslo.concurrency"
+ _do_install_oslo_lib "oslo.log"
+ _do_install_oslo_lib "oslo.middleware"
+ _do_install_oslo_lib "oslo.messaging"
+ _do_install_oslo_lib "oslo.rootwrap"
+ _do_install_oslo_lib "oslo.db"
+ _do_install_oslo_lib "oslo.vmware"
+ _do_install_oslo_lib "pycadf"
+ _do_install_oslo_lib "stevedore"
+ _do_install_oslo_lib "taskflow"
}
# Restore xtrace
diff --git a/lib/rpc_backend b/lib/rpc_backend
index a62d4e7..14c78fb 100644
--- a/lib/rpc_backend
+++ b/lib/rpc_backend
@@ -6,6 +6,7 @@
#
# - ``functions`` file
# - ``RABBIT_{HOST|PASSWORD}`` must be defined when RabbitMQ is used
+# - ``RPC_MESSAGING_PROTOCOL`` option for configuring the messaging protocol
# ``stack.sh`` calls the entry points in this order:
#
@@ -26,6 +27,8 @@
# Make sure we only have one rpc backend enabled.
# Also check the specified rpc backend is available on your platform.
function check_rpc_backend {
+ local c svc
+
local rpc_needed=1
# We rely on the fact that filenames in lib/* match the service names
# that can be passed as arguments to is_service_enabled.
@@ -41,7 +44,7 @@
local rpc_backend_cnt=0
for svc in qpid zeromq rabbit; do
is_service_enabled $svc &&
- ((rpc_backend_cnt++))
+ (( rpc_backend_cnt++ )) || true
done
if [ "$rpc_backend_cnt" -gt 1 ]; then
echo "ERROR: only one rpc backend may be enabled,"
@@ -88,29 +91,55 @@
exit_distro_not_supported "zeromq installation"
fi
fi
+
+ # Remove the AMQP 1.0 messaging libraries
+ if [ "$RPC_MESSAGING_PROTOCOL" == "AMQP1" ]; then
+ if is_fedora; then
+ uninstall_package qpid-proton-c-devel
+ uninstall_package python-qpid-proton
+ fi
+ # TODO(kgiusti) ubuntu cleanup
+ fi
}
# install rpc backend
function install_rpc_backend {
+ # Regardless of the broker used, if AMQP 1.0 is configured load
+ # the necessary messaging client libraries for oslo.messaging
+ if [ "$RPC_MESSAGING_PROTOCOL" == "AMQP1" ]; then
+ if is_fedora; then
+ install_package qpid-proton-c-devel
+ install_package python-qpid-proton
+ elif is_ubuntu; then
+ # TODO(kgiusti) The QPID AMQP 1.0 protocol libraries
+ # are not yet in the ubuntu repos. Enable these installs
+ # once they are present:
+ #install_package libqpid-proton2-dev
+ #install_package python-qpid-proton
+ # Also add 'uninstall' directives in cleanup_rpc_backend()!
+ exit_distro_not_supported "QPID AMQP 1.0 Proton libraries"
+ else
+ exit_distro_not_supported "QPID AMQP 1.0 Proton libraries"
+ fi
+ # Install pyngus client API
+ # TODO(kgiusti) can remove once python qpid bindings are
+ # available on all supported platforms _and_ pyngus is added
+ # to the requirements.txt file in oslo.messaging
+ pip_install pyngus
+ fi
+
if is_service_enabled rabbit; then
# Install rabbitmq-server
install_package rabbitmq-server
elif is_service_enabled qpid; then
if is_fedora; then
install_package qpid-cpp-server
- if [[ $DISTRO =~ (rhel6) ]]; then
- # RHEL6 leaves "auth=yes" in /etc/qpidd.conf, it needs to
- # be no or you get GSS authentication errors as it
- # attempts to default to this.
- sudo sed -i.bak 's/^auth=yes$/auth=no/' /etc/qpidd.conf
- fi
elif is_ubuntu; then
install_package qpidd
- sudo sed -i '/PLAIN/!s/mech_list: /mech_list: PLAIN /' /etc/sasl2/qpidd.conf
- sudo chmod o+r /etc/qpid/qpidd.sasldb
else
exit_distro_not_supported "qpid installation"
fi
+ _configure_qpid
elif is_service_enabled zeromq; then
# NOTE(ewindisch): Redis is not strictly necessary
# but there is a matchmaker driver that works
@@ -128,6 +157,11 @@
sudo mkdir -p /var/run/openstack
sudo chown $STACK_USER /var/run/openstack
fi
+
+ # If using the QPID broker, install the QPID python client API
+ if is_service_enabled qpid || [ -n "$QPID_HOST" ]; then
+ install_package python-qpid
+ fi
}
# restart the rpc backend
@@ -138,6 +172,7 @@
# NOTE(bnemec): Retry initial rabbitmq configuration to deal with
# the fact that sometimes it fails to start properly.
# Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1059028
+ local i
for i in `seq 10`; do
if is_fedora || is_suse; then
# service is not started by default
@@ -173,12 +208,16 @@
MATCHMAKER_REDIS_HOST=${MATCHMAKER_REDIS_HOST:-127.0.0.1}
iniset $file matchmaker_redis host $MATCHMAKER_REDIS_HOST
elif is_service_enabled qpid || [ -n "$QPID_HOST" ]; then
- iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
+ # For Qpid use the 'amqp' oslo.messaging transport when AMQP 1.0 is used
+ if [ "$RPC_MESSAGING_PROTOCOL" == "AMQP1" ]; then
+ iniset $file $section rpc_backend "amqp"
+ else
+ iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_qpid
+ fi
iniset $file $section qpid_hostname ${QPID_HOST:-$SERVICE_HOST}
- if is_ubuntu; then
- QPID_PASSWORD=`sudo strings /etc/qpid/qpidd.sasldb | grep -B1 admin | head -1`
+ if [ -n "$QPID_USERNAME" ]; then
+ iniset $file $section qpid_username $QPID_USERNAME
iniset $file $section qpid_password $QPID_PASSWORD
- iniset $file $section qpid_username admin
fi
elif is_service_enabled rabbit || { [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; }; then
iniset $file $section rpc_backend ${package}.openstack.common.rpc.impl_kombu
@@ -198,6 +237,83 @@
( ! is_suse )
}
+# Set up the various configuration files used by the qpidd broker
+function _configure_qpid {
+
+ # the location of the configuration files have changed since qpidd 0.14
+ local qpid_conf_file
+ if [ -e /etc/qpid/qpidd.conf ]; then
+ qpid_conf_file=/etc/qpid/qpidd.conf
+ elif [ -e /etc/qpidd.conf ]; then
+ qpid_conf_file=/etc/qpidd.conf
+ else
+ exit_distro_not_supported "qpidd.conf file not found!"
+ fi
+
+ # force the ACL file to a known location
+ local qpid_acl_file=/etc/qpid/qpidd.acl
+ if [ ! -e $qpid_acl_file ]; then
+ sudo mkdir -p -m 755 `dirname $qpid_acl_file`
+ sudo touch $qpid_acl_file
+ sudo chmod o+r $qpid_acl_file
+ fi
+ sudo sed -i.bak '/^acl-file=/d' $qpid_conf_file
+ echo "acl-file=$qpid_acl_file" | sudo tee --append $qpid_conf_file
+
+ sudo sed -i '/^auth=/d' $qpid_conf_file
+ if [ -z "$QPID_USERNAME" ]; then
+ # no QPID user configured, so disable authentication
+ # and access control
+ echo "auth=no" | sudo tee --append $qpid_conf_file
+ cat <<EOF | sudo tee $qpid_acl_file
+acl allow all all
+EOF
+ else
+ # Configure qpidd to use PLAIN authentication, and add
+ # QPID_USERNAME to the ACL:
+ echo "auth=yes" | sudo tee --append $qpid_conf_file
+ if [ -z "$QPID_PASSWORD" ]; then
+ read_password QPID_PASSWORD "ENTER A PASSWORD FOR QPID USER $QPID_USERNAME"
+ fi
+ # Create ACL to allow $QPID_USERNAME full access
+ cat <<EOF | sudo tee $qpid_acl_file
+group admin ${QPID_USERNAME}@QPID
+acl allow admin all
+acl deny all all
+EOF
+ # Add user to SASL database
+ if is_ubuntu; then
+ install_package sasl2-bin
+ elif is_fedora; then
+ install_package cyrus-sasl-lib
+ fi
+ local sasl_conf_file=/etc/sasl2/qpidd.conf
+ sudo sed -i.bak '/PLAIN/!s/mech_list: /mech_list: PLAIN /' $sasl_conf_file
+ local sasl_db=`sudo grep sasldb_path $sasl_conf_file | cut -f 2 -d ":" | tr -d [:blank:]`
+ if [ ! -e $sasl_db ]; then
+ sudo mkdir -p -m 755 `dirname $sasl_db`
+ fi
+ echo $QPID_PASSWORD | sudo saslpasswd2 -c -p -f $sasl_db -u QPID $QPID_USERNAME
+ sudo chmod o+r $sasl_db
+ fi
+
+ # If AMQP 1.0 is specified, ensure that the version of the
+ # broker can support AMQP 1.0 and configure the queue and
+ # topic address patterns used by oslo.messaging.
+ if [ "$RPC_MESSAGING_PROTOCOL" == "AMQP1" ]; then
+ QPIDD=$(type -p qpidd)
+ if ! $QPIDD --help | grep -q "queue-patterns"; then
+ exit_distro_not_supported "qpidd with AMQP 1.0 support"
+ fi
+ if ! grep -q "queue-patterns=exclusive" $qpid_conf_file; then
+ cat <<EOF | sudo tee --append $qpid_conf_file
+queue-patterns=exclusive
+queue-patterns=unicast
+topic-patterns=broadcast
+EOF
+ fi
+ fi
+}
# Restore xtrace
$XTRACE
diff --git a/lib/sahara b/lib/sahara
index 70feacd..6d1bef5 100644
--- a/lib/sahara
+++ b/lib/sahara
@@ -7,6 +7,7 @@
# ``stack.sh`` calls the entry points in this order:
#
# install_sahara
+# install_python_saharaclient
# configure_sahara
# start_sahara
# stop_sahara
@@ -24,8 +25,13 @@
SAHARA_REPO=${SAHARA_REPO:-${GIT_BASE}/openstack/sahara.git}
SAHARA_BRANCH=${SAHARA_BRANCH:-master}
+SAHARA_PYTHONCLIENT_REPO=${SAHARA_PYTHONCLIENT_REPO:-${GIT_BASE}/openstack/python-saharaclient.git}
+SAHARA_PYTHONCLIENT_BRANCH=${SAHARA_PYTHONCLIENT_BRANCH:-master}
+
# Set up default directories
SAHARA_DIR=$DEST/sahara
+SAHARA_PYTHONCLIENT_DIR=$DEST/python-saharaclient
+
SAHARA_CONF_DIR=${SAHARA_CONF_DIR:-/etc/sahara}
SAHARA_CONF_FILE=${SAHARA_CONF_DIR}/sahara.conf
@@ -57,18 +63,18 @@
# service sahara admin
function create_sahara_accounts {
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
- SAHARA_USER=$(get_or_create_user "sahara" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $SAHARA_USER $SERVICE_TENANT
+ local sahara_user=$(get_or_create_user "sahara" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $sahara_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- SAHARA_SERVICE=$(get_or_create_service "sahara" \
+ local sahara_service=$(get_or_create_service "sahara" \
"data_processing" "Sahara Data Processing")
- get_or_create_endpoint $SAHARA_SERVICE \
+ get_or_create_endpoint $sahara_service \
"$REGION_NAME" \
"$SAHARA_SERVICE_PROTOCOL://$SAHARA_SERVICE_HOST:$SAHARA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
"$SAHARA_SERVICE_PROTOCOL://$SAHARA_SERVICE_HOST:$SAHARA_SERVICE_PORT/v1.1/\$(tenant_id)s" \
@@ -92,24 +98,28 @@
fi
sudo chown $STACK_USER $SAHARA_CONF_DIR
+ if [[ -f $SAHARA_DIR/etc/sahara/policy.json ]]; then
+ cp -p $SAHARA_DIR/etc/sahara/policy.json $SAHARA_CONF_DIR
+ fi
+
# Copy over sahara configuration file and configure common parameters.
cp $SAHARA_DIR/etc/sahara/sahara.conf.sample $SAHARA_CONF_FILE
# Create auth cache dir
sudo mkdir -p $SAHARA_AUTH_CACHE_DIR
sudo chown $STACK_USER $SAHARA_AUTH_CACHE_DIR
+ sudo chmod 700 $SAHARA_AUTH_CACHE_DIR
rm -rf $SAHARA_AUTH_CACHE_DIR/*
- # Set actual keystone auth configs
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset $SAHARA_CONF_FILE keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_user sahara
- iniset $SAHARA_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
- iniset $SAHARA_CONF_FILE keystone_authtoken signing_dir $SAHARA_AUTH_CACHE_DIR
- iniset $SAHARA_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
+ configure_auth_token_middleware $SAHARA_CONF_FILE sahara $SAHARA_AUTH_CACHE_DIR
+
+ # Set configuration to send notifications
+
+ if is_service_enabled ceilometer; then
+ iniset $SAHARA_CONF_FILE DEFAULT enable_notifications "true"
+ iniset $SAHARA_CONF_FILE DEFAULT notification_driver "messaging"
+ iniset_rpc_backend sahara $SAHARA_CONF_FILE DEFAULT
+ fi
iniset $SAHARA_CONF_FILE DEFAULT verbose True
iniset $SAHARA_CONF_FILE DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
@@ -146,9 +156,15 @@
setup_develop $SAHARA_DIR
}
+# install_python_saharaclient() - Collect source and prepare
+function install_python_saharaclient {
+ git_clone $SAHARA_PYTHONCLIENT_REPO $SAHARA_PYTHONCLIENT_DIR $SAHARA_PYTHONCLIENT_BRANCH
+ setup_develop $SAHARA_PYTHONCLIENT_DIR
+}
+
# start_sahara() - Start running processes, including screen
function start_sahara {
- screen_it sahara "cd $SAHARA_DIR && $SAHARA_BIN_DIR/sahara-all --config-file $SAHARA_CONF_FILE"
+ run_process sahara "$SAHARA_BIN_DIR/sahara-all --config-file $SAHARA_CONF_FILE"
}
# stop_sahara() - Stop running processes
diff --git a/lib/sahara-dashboard b/lib/sahara-dashboard
deleted file mode 100644
index a81df0f..0000000
--- a/lib/sahara-dashboard
+++ /dev/null
@@ -1,72 +0,0 @@
-# lib/sahara-dashboard
-
-# Dependencies:
-#
-# - ``functions`` file
-# - ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
-# - ``SERVICE_HOST``
-
-# ``stack.sh`` calls the entry points in this order:
-#
-# - install_sahara_dashboard
-# - configure_sahara_dashboard
-# - cleanup_sahara_dashboard
-
-# Save trace setting
-XTRACE=$(set +o | grep xtrace)
-set +o xtrace
-
-source $TOP_DIR/lib/horizon
-
-# Defaults
-# --------
-
-# Set up default repos
-SAHARA_DASHBOARD_REPO=${SAHARA_DASHBOARD_REPO:-${GIT_BASE}/openstack/sahara-dashboard.git}
-SAHARA_DASHBOARD_BRANCH=${SAHARA_DASHBOARD_BRANCH:-master}
-
-SAHARA_PYTHONCLIENT_REPO=${SAHARA_PYTHONCLIENT_REPO:-${GIT_BASE}/openstack/python-saharaclient.git}
-SAHARA_PYTHONCLIENT_BRANCH=${SAHARA_PYTHONCLIENT_BRANCH:-master}
-
-# Set up default directories
-SAHARA_DASHBOARD_DIR=$DEST/sahara-dashboard
-SAHARA_PYTHONCLIENT_DIR=$DEST/python-saharaclient
-
-# Functions
-# ---------
-
-function configure_sahara_dashboard {
-
- echo -e "AUTO_ASSIGNMENT_ENABLED = False" >> $HORIZON_DIR/openstack_dashboard/local/local_settings.py
- echo -e "HORIZON_CONFIG['dashboards'] += ('sahara',)" >> $HORIZON_DIR/openstack_dashboard/settings.py
- echo -e "INSTALLED_APPS += ('saharadashboard',)" >> $HORIZON_DIR/openstack_dashboard/settings.py
-
- if is_service_enabled neutron; then
- echo -e "SAHARA_USE_NEUTRON = True" >> $HORIZON_DIR/openstack_dashboard/local/local_settings.py
- fi
-}
-
-# install_sahara_dashboard() - Collect source and prepare
-function install_sahara_dashboard {
- install_python_saharaclient
- git_clone $SAHARA_DASHBOARD_REPO $SAHARA_DASHBOARD_DIR $SAHARA_DASHBOARD_BRANCH
- setup_develop $SAHARA_DASHBOARD_DIR
-}
-
-function install_python_saharaclient {
- git_clone $SAHARA_PYTHONCLIENT_REPO $SAHARA_PYTHONCLIENT_DIR $SAHARA_PYTHONCLIENT_BRANCH
- setup_develop $SAHARA_PYTHONCLIENT_DIR
-}
-
-# Cleanup file settings.py from Sahara
-function cleanup_sahara_dashboard {
- sed -i '/sahara/d' $HORIZON_DIR/openstack_dashboard/settings.py
-}
-
-# Restore xtrace
-$XTRACE
-
-# Local variables:
-# mode: shell-script
-# End:
-
diff --git a/lib/stackforge b/lib/stackforge
index e6528af..2d80dad 100644
--- a/lib/stackforge
+++ b/lib/stackforge
@@ -29,35 +29,21 @@
# --------
WSME_DIR=$DEST/wsme
PECAN_DIR=$DEST/pecan
+SQLALCHEMY_MIGRATE_DIR=$DEST/sqlalchemy-migrate
# Entry Points
# ------------
# install_stackforge() - Collect source and prepare
function install_stackforge {
- # TODO(sdague): remove this once we get to Icehouse, this just makes
- # for a smoother transition of existing users.
- cleanup_stackforge
-
git_clone $WSME_REPO $WSME_DIR $WSME_BRANCH
setup_package $WSME_DIR
git_clone $PECAN_REPO $PECAN_DIR $PECAN_BRANCH
setup_package $PECAN_DIR
-}
-# cleanup_stackforge() - purge possibly old versions of stackforge libraries
-function cleanup_stackforge {
- # this means we've got an old version installed, lets get rid of it
- # otherwise python hates itself
- for lib in wsme pecan; do
- if ! python -c "import $lib" 2>/dev/null; then
- echo "Found old $lib... removing to ensure consistency"
- local PIP_CMD=$(get_pip_command)
- pip_install $lib
- sudo $PIP_CMD uninstall -y $lib
- fi
- done
+ git_clone $SQLALCHEMY_MIGRATE_REPO $SQLALCHEMY_MIGRATE_DIR $SQLALCHEMY_MIGRATE_BRANCH
+ setup_package $SQLALCHEMY_MIGRATE_DIR
}
# Restore xtrace
diff --git a/lib/swift b/lib/swift
index 84304d3..7ef4496 100644
--- a/lib/swift
+++ b/lib/swift
@@ -29,6 +29,10 @@
# Defaults
# --------
+if is_ssl_enabled_service "s-proxy" || is_service_enabled tls-proxy; then
+ SWIFT_SERVICE_PROTOCOL="https"
+fi
+
# Set up default directories
SWIFT_DIR=$DEST/swift
SWIFTCLIENT_DIR=$DEST/python-swiftclient
@@ -36,6 +40,9 @@
SWIFT_APACHE_WSGI_DIR=${SWIFT_APACHE_WSGI_DIR:-/var/www/swift}
SWIFT3_DIR=$DEST/swift3
+SWIFT_SERVICE_PROTOCOL=${SWIFT_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+SWIFT_DEFAULT_BIND_PORT_INT=${SWIFT_DEFAULT_BIND_PORT_INT:-8081}
+
# TODO: add logging to different location.
# Set ``SWIFT_DATA_DIR`` to the location of swift drives and objects.
@@ -115,6 +122,10 @@
CONTAINER_PORT_BASE=${CONTAINER_PORT_BASE:-6011}
ACCOUNT_PORT_BASE=${ACCOUNT_PORT_BASE:-6012}
+# Enable tempurl feature
+SWIFT_ENABLE_TEMPURLS=${SWIFT_ENABLE_TEMPURLS:-False}
+SWIFT_TEMPURL_KEY=${SWIFT_TEMPURL_KEY}
+
# Tell Tempest this project is present
TEMPEST_SERVICES+=,swift
@@ -150,9 +161,10 @@
function _cleanup_swift_apache_wsgi {
sudo rm -f $SWIFT_APACHE_WSGI_DIR/*.wsgi
disable_apache_site proxy-server
+ local node_number type
for node_number in ${SWIFT_REPLICAS_SEQ}; do
for type in object container account; do
- site_name=${type}-server-${node_number}
+ local site_name=${type}-server-${node_number}
disable_apache_site ${site_name}
sudo rm -f $(apache_site_config_for ${site_name})
done
@@ -182,10 +194,11 @@
" -i ${SWIFT_APACHE_WSGI_DIR}/proxy-server.wsgi
# copy apache vhost file and set name and port
+ local node_number
for node_number in ${SWIFT_REPLICAS_SEQ}; do
- object_port=$[OBJECT_PORT_BASE + 10 * ($node_number - 1)]
- container_port=$[CONTAINER_PORT_BASE + 10 * ($node_number - 1)]
- account_port=$[ACCOUNT_PORT_BASE + 10 * ($node_number - 1)]
+ local object_port=$(( OBJECT_PORT_BASE + 10 * (node_number - 1) ))
+ local container_port=$(( CONTAINER_PORT_BASE + 10 * (node_number - 1) ))
+ local account_port=$(( ACCOUNT_PORT_BASE + 10 * (node_number - 1) ))
sudo cp ${SWIFT_DIR}/examples/apache2/object-server.template $(apache_site_config_for object-server-${node_number})
sudo sed -e "
@@ -238,14 +251,14 @@
# This function generates an object/container/account configuration
# emulating 4 nodes on different ports
-function generate_swift_config {
+function generate_swift_config_services {
local swift_node_config=$1
local node_id=$2
local bind_port=$3
local server_type=$4
- log_facility=$[ node_id - 1 ]
- node_path=${SWIFT_DATA_DIR}/${node_number}
+ log_facility=$(( node_id - 1 ))
+ local node_path=${SWIFT_DATA_DIR}/${node_number}
iniuncomment ${swift_node_config} DEFAULT user
iniset ${swift_node_config} DEFAULT user ${STACK_USER}
@@ -263,7 +276,7 @@
iniset ${swift_node_config} DEFAULT log_facility LOG_LOCAL${log_facility}
iniuncomment ${swift_node_config} DEFAULT workers
- iniset ${swift_node_config} DEFAULT workers 1
+ iniset ${swift_node_config} DEFAULT workers ${API_WORKERS:-1}
iniuncomment ${swift_node_config} DEFAULT disable_fallocate
iniset ${swift_node_config} DEFAULT disable_fallocate true
@@ -273,6 +286,10 @@
iniuncomment ${swift_node_config} ${server_type}-replicator vm_test_mode
iniset ${swift_node_config} ${server_type}-replicator vm_test_mode yes
+
+ # Using a sed and not iniset/iniuncomment because we want to a global
+ # modification and make sure it works for new sections.
+ sed -i -e "s,#[ ]*recon_cache_path .*,recon_cache_path = ${SWIFT_DATA_DIR}/cache," ${swift_node_config}
}
@@ -313,7 +330,12 @@
SWIFT_CONFIG_PROXY_SERVER=${SWIFT_CONF_DIR}/proxy-server.conf
cp ${SWIFT_DIR}/etc/proxy-server.conf-sample ${SWIFT_CONFIG_PROXY_SERVER}
- cp ${SWIFT_DIR}/etc/container-sync-realms.conf-sample ${SWIFT_CONF_DIR}/container-sync-realms.conf
+ # To run container sync feature introduced in Swift ver 1.12.0,
+ # container sync "realm" is added in container-sync-realms.conf
+ local csyncfile=${SWIFT_CONF_DIR}/container-sync-realms.conf
+ cp ${SWIFT_DIR}/etc/container-sync-realms.conf-sample ${csyncfile}
+ iniset ${csyncfile} realm1 key realm1key
+ iniset ${csyncfile} realm1 cluster_name1 "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/"
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user
iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT user ${STACK_USER}
@@ -328,7 +350,18 @@
iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT log_level DEBUG
iniuncomment ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port
- iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080}
+ if is_service_enabled tls-proxy; then
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT_INT}
+ else
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT bind_port ${SWIFT_DEFAULT_BIND_PORT:-8080}
+ fi
+
+ if is_ssl_enabled_service s-proxy; then
+ ensure_certificates SWIFT
+
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT cert_file "$SWIFT_SSL_CERT"
+ iniset ${SWIFT_CONFIG_PROXY_SERVER} DEFAULT key_file "$SWIFT_SSL_KEY"
+ fi
# Devstack is commonly run in a small slow environment, so bump the
# timeouts up.
@@ -376,15 +409,7 @@
# Configure Keystone
sed -i '/^# \[filter:authtoken\]/,/^# \[filter:keystoneauth\]$/ s/^#[ \t]*//' ${SWIFT_CONFIG_PROXY_SERVER}
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_host $KEYSTONE_AUTH_HOST
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_port $KEYSTONE_AUTH_PORT
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken cafile $KEYSTONE_SSL_CA
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_user swift
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken admin_password $SERVICE_PASSWORD
- iniset ${SWIFT_CONFIG_PROXY_SERVER} filter:authtoken signing_dir $SWIFT_AUTH_CACHE_DIR
+ configure_auth_token_middleware ${SWIFT_CONFIG_PROXY_SERVER} swift $SWIFT_AUTH_CACHE_DIR filter:authtoken
# This causes the authtoken middleware to use the same python logging
# adapter provided by the swift proxy-server, so that request transaction
# IDs will included in all of its log messages.
@@ -403,7 +428,7 @@
auth_port = ${KEYSTONE_AUTH_PORT}
auth_host = ${KEYSTONE_AUTH_HOST}
auth_protocol = ${KEYSTONE_AUTH_PROTOCOL}
-cafile = ${KEYSTONE_SSL_CA}
+cafile = ${SSL_BUNDLE_FILE}
auth_token = ${SERVICE_TOKEN}
admin_token = ${SERVICE_TOKEN}
@@ -416,26 +441,22 @@
iniset ${SWIFT_CONF_DIR}/swift.conf swift-hash swift_hash_path_suffix ${SWIFT_HASH}
iniset ${SWIFT_CONF_DIR}/swift.conf swift-constraints max_header_size ${SWIFT_MAX_HEADER_SIZE}
+ local node_number
for node_number in ${SWIFT_REPLICAS_SEQ}; do
- swift_node_config=${SWIFT_CONF_DIR}/object-server/${node_number}.conf
+ local swift_node_config=${SWIFT_CONF_DIR}/object-server/${node_number}.conf
cp ${SWIFT_DIR}/etc/object-server.conf-sample ${swift_node_config}
- generate_swift_config ${swift_node_config} ${node_number} $[OBJECT_PORT_BASE + 10 * (node_number - 1)] object
+ generate_swift_config_services ${swift_node_config} ${node_number} $(( OBJECT_PORT_BASE + 10 * (node_number - 1) )) object
iniset ${swift_node_config} filter:recon recon_cache_path ${SWIFT_DATA_DIR}/cache
- # Using a sed and not iniset/iniuncomment because we want to a global
- # modification and make sure it works for new sections.
- sed -i -e "s,#[ ]*recon_cache_path .*,recon_cache_path = ${SWIFT_DATA_DIR}/cache," ${swift_node_config}
swift_node_config=${SWIFT_CONF_DIR}/container-server/${node_number}.conf
cp ${SWIFT_DIR}/etc/container-server.conf-sample ${swift_node_config}
- generate_swift_config ${swift_node_config} ${node_number} $[CONTAINER_PORT_BASE + 10 * (node_number - 1)] container
+ generate_swift_config_services ${swift_node_config} ${node_number} $(( CONTAINER_PORT_BASE + 10 * (node_number - 1) )) container
iniuncomment ${swift_node_config} app:container-server allow_versions
iniset ${swift_node_config} app:container-server allow_versions "true"
- sed -i -e "s,#[ ]*recon_cache_path .*,recon_cache_path = ${SWIFT_DATA_DIR}/cache," ${swift_node_config}
swift_node_config=${SWIFT_CONF_DIR}/account-server/${node_number}.conf
cp ${SWIFT_DIR}/etc/account-server.conf-sample ${swift_node_config}
- generate_swift_config ${swift_node_config} ${node_number} $[ACCOUNT_PORT_BASE + 10 * (node_number - 1)] account
- sed -i -e "s,#[ ]*recon_cache_path .*,recon_cache_path = ${SWIFT_DATA_DIR}/cache," ${swift_node_config}
+ generate_swift_config_services ${swift_node_config} ${node_number} $(( ACCOUNT_PORT_BASE + 10 * (node_number - 1) )) account
done
# Set new accounts in tempauth to match keystone tenant/user (to make testing easier)
@@ -452,15 +473,24 @@
iniset ${testfile} func_test username3 swiftusertest3
iniset ${testfile} func_test account2 swifttenanttest2
iniset ${testfile} func_test username2 swiftusertest2
+ iniset ${testfile} func_test account4 swifttenanttest4
+ iniset ${testfile} func_test username4 swiftusertest4
+ iniset ${testfile} func_test password4 testing4
+ iniset ${testfile} func_test domain4 swift_test
if is_service_enabled key;then
iniuncomment ${testfile} func_test auth_version
+ local auth_vers=$(iniget ${testfile} func_test auth_version)
iniset ${testfile} func_test auth_host ${KEYSTONE_SERVICE_HOST}
iniset ${testfile} func_test auth_port ${KEYSTONE_AUTH_PORT}
- iniset ${testfile} func_test auth_prefix /v2.0/
+ if [[ $auth_vers == "3" ]]; then
+ iniset ${testfile} func_test auth_prefix /v3/
+ else
+ iniset ${testfile} func_test auth_prefix /v2.0/
+ fi
fi
- swift_log_dir=${SWIFT_DATA_DIR}/logs
+ local swift_log_dir=${SWIFT_DATA_DIR}/logs
rm -rf ${swift_log_dir}
mkdir -p ${swift_log_dir}/hourly
sudo chown -R ${STACK_USER}:adm ${swift_log_dir}
@@ -484,9 +514,9 @@
# First do a bit of setup by creating the directories and
# changing the permissions so we can run it as our user.
- USER_GROUP=$(id -g ${STACK_USER})
+ local user_group=$(id -g ${STACK_USER})
sudo mkdir -p ${SWIFT_DATA_DIR}/{drives,cache,run,logs}
- sudo chown -R ${STACK_USER}:${USER_GROUP} ${SWIFT_DATA_DIR}
+ sudo chown -R ${STACK_USER}:${user_group} ${SWIFT_DATA_DIR}
# Create a loopback disk and format it to XFS.
if [[ -e ${SWIFT_DISK_IMAGE} ]]; then
@@ -514,15 +544,16 @@
# Create a link to the above mount and
# create all of the directories needed to emulate a few different servers
+ local node_number
for node_number in ${SWIFT_REPLICAS_SEQ}; do
sudo ln -sf ${SWIFT_DATA_DIR}/drives/sdb1/$node_number ${SWIFT_DATA_DIR}/$node_number;
- drive=${SWIFT_DATA_DIR}/drives/sdb1/${node_number}
- node=${SWIFT_DATA_DIR}/${node_number}/node
- node_device=${node}/sdb1
+ local drive=${SWIFT_DATA_DIR}/drives/sdb1/${node_number}
+ local node=${SWIFT_DATA_DIR}/${node_number}/node
+ local node_device=${node}/sdb1
[[ -d $node ]] && continue
[[ -d $drive ]] && continue
- sudo install -o ${STACK_USER} -g $USER_GROUP -d $drive
- sudo install -o ${STACK_USER} -g $USER_GROUP -d $node_device
+ sudo install -o ${STACK_USER} -g $user_group -d $drive
+ sudo install -o ${STACK_USER} -g $user_group -d $node_device
sudo chown -R ${STACK_USER}: ${node}
done
}
@@ -531,58 +562,73 @@
# since we want to make it compatible with tempauth which use
# underscores for separators.
-# Tenant User Roles
+# Tenant User Roles Domain
# ------------------------------------------------------------------
-# service swift service
-# swifttenanttest1 swiftusertest1 admin
-# swifttenanttest1 swiftusertest3 anotherrole
-# swifttenanttest2 swiftusertest2 admin
+# service swift service default
+# swifttenanttest1 swiftusertest1 admin default
+# swifttenanttest1 swiftusertest3 anotherrole default
+# swifttenanttest2 swiftusertest2 admin default
+# swifttenanttest4 swiftusertest4 admin swift_test
function create_swift_accounts {
# Defines specific passwords used by tools/create_userrc.sh
- SWIFTUSERTEST1_PASSWORD=testing
- SWIFTUSERTEST2_PASSWORD=testing2
- SWIFTUSERTEST3_PASSWORD=testing3
+ # As these variables are used by create_userrc.sh, they must be exported
+ # The _password suffix is expected by create_userrc.sh
+ export swiftusertest1_password=testing
+ export swiftusertest2_password=testing2
+ export swiftusertest3_password=testing3
+ export swiftusertest4_password=testing4
KEYSTONE_CATALOG_BACKEND=${KEYSTONE_CATALOG_BACKEND:-sql}
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
+ local another_role=$(openstack role list | awk "/ anotherrole / { print \$2 }")
- SWIFT_USER=$(get_or_create_user "swift" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $ADMIN_ROLE $SWIFT_USER $SERVICE_TENANT
+ local swift_user=$(get_or_create_user "swift" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $admin_role $swift_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- SWIFT_SERVICE=$(get_or_create_service "swift" \
+ local swift_service=$(get_or_create_service "swift" \
"object-store" "Swift Service")
- get_or_create_endpoint $SWIFT_SERVICE \
+ get_or_create_endpoint $swift_service \
"$REGION_NAME" \
- "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \
- "http://$SERVICE_HOST:8080" \
- "http://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s"
+ "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s" \
+ "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080" \
+ "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:8080/v1/AUTH_\$(tenant_id)s"
fi
- SWIFT_TENANT_TEST1=$(get_or_create_project swifttenanttest1)
- die_if_not_set $LINENO SWIFT_TENANT_TEST1 "Failure creating SWIFT_TENANT_TEST1"
- SWIFT_USER_TEST1=$(get_or_create_user swiftusertest1 $SWIFTUSERTEST1_PASSWORD \
- "$SWIFT_TENANT_TEST1" "test@example.com")
+ local swift_tenant_test1=$(get_or_create_project swifttenanttest1)
+ die_if_not_set $LINENO swift_tenant_test1 "Failure creating swift_tenant_test1"
+ SWIFT_USER_TEST1=$(get_or_create_user swiftusertest1 $swiftusertest1_password \
+ "$swift_tenant_test1" "test@example.com")
die_if_not_set $LINENO SWIFT_USER_TEST1 "Failure creating SWIFT_USER_TEST1"
- get_or_add_user_role $ADMIN_ROLE $SWIFT_USER_TEST1 $SWIFT_TENANT_TEST1
+ get_or_add_user_role $admin_role $SWIFT_USER_TEST1 $swift_tenant_test1
- SWIFT_USER_TEST3=$(get_or_create_user swiftusertest3 $SWIFTUSERTEST3_PASSWORD \
- "$SWIFT_TENANT_TEST1" "test3@example.com")
- die_if_not_set $LINENO SWIFT_USER_TEST3 "Failure creating SWIFT_USER_TEST3"
- get_or_add_user_role $ANOTHER_ROLE $SWIFT_USER_TEST3 $SWIFT_TENANT_TEST1
+ local swift_user_test3=$(get_or_create_user swiftusertest3 $swiftusertest3_password \
+ "$swift_tenant_test1" "test3@example.com")
+ die_if_not_set $LINENO swift_user_test3 "Failure creating swift_user_test3"
+ get_or_add_user_role $another_role $swift_user_test3 $swift_tenant_test1
- SWIFT_TENANT_TEST2=$(get_or_create_project swifttenanttest2)
- die_if_not_set $LINENO SWIFT_TENANT_TEST2 "Failure creating SWIFT_TENANT_TEST2"
+ local swift_tenant_test2=$(get_or_create_project swifttenanttest2)
+ die_if_not_set $LINENO swift_tenant_test2 "Failure creating swift_tenant_test2"
- SWIFT_USER_TEST2=$(get_or_create_user swiftusertest2 $SWIFTUSERTEST2_PASSWORD \
- "$SWIFT_TENANT_TEST2" "test2@example.com")
- die_if_not_set $LINENO SWIFT_USER_TEST2 "Failure creating SWIFT_USER_TEST2"
- get_or_add_user_role $ADMIN_ROLE $SWIFT_USER_TEST2 $SWIFT_TENANT_TEST2
+ local swift_user_test2=$(get_or_create_user swiftusertest2 $swiftusertest2_password \
+ "$swift_tenant_test2" "test2@example.com")
+ die_if_not_set $LINENO swift_user_test2 "Failure creating swift_user_test2"
+ get_or_add_user_role $admin_role $swift_user_test2 $swift_tenant_test2
+
+ local swift_domain=$(get_or_create_domain swift_test 'Used for swift functional testing')
+ die_if_not_set $LINENO swift_domain "Failure creating swift_test domain"
+
+ local swift_tenant_test4=$(get_or_create_project swifttenanttest4 $swift_domain)
+ die_if_not_set $LINENO swift_tenant_test4 "Failure creating swift_tenant_test4"
+ local swift_user_test4=$(get_or_create_user swiftusertest4 $swiftusertest4_password \
+ $swift_tenant_test4 "test4@example.com" $swift_domain)
+ die_if_not_set $LINENO swift_user_test4 "Failure creating swift_user_test4"
+ get_or_add_user_role $admin_role $swift_user_test4 $swift_tenant_test4
}
# init_swift() - Initialize rings
@@ -605,9 +651,9 @@
swift-ring-builder account.builder create ${SWIFT_PARTITION_POWER_SIZE} ${SWIFT_REPLICAS} 1
for node_number in ${SWIFT_REPLICAS_SEQ}; do
- swift-ring-builder object.builder add z${node_number}-127.0.0.1:$[OBJECT_PORT_BASE + 10 * (node_number - 1)]/sdb1 1
- swift-ring-builder container.builder add z${node_number}-127.0.0.1:$[CONTAINER_PORT_BASE + 10 * (node_number - 1)]/sdb1 1
- swift-ring-builder account.builder add z${node_number}-127.0.0.1:$[ACCOUNT_PORT_BASE + 10 * (node_number - 1)]/sdb1 1
+ swift-ring-builder object.builder add z${node_number}-127.0.0.1:$(( OBJECT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
+ swift-ring-builder container.builder add z${node_number}-127.0.0.1:$(( CONTAINER_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
+ swift-ring-builder account.builder add z${node_number}-127.0.0.1:$(( ACCOUNT_PORT_BASE + 10 * (node_number - 1) ))/sdb1 1
done
swift-ring-builder object.builder rebalance
swift-ring-builder container.builder rebalance
@@ -650,10 +696,10 @@
if [ "$SWIFT_USE_MOD_WSGI" == "True" ]; then
restart_apache_server
swift-init --run-dir=${SWIFT_DATA_DIR}/run rest start
- screen_it s-proxy "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/proxy-server"
+ tail_log s-proxy /var/log/$APACHE_NAME/proxy-server
if [[ ${SWIFT_REPLICAS} == 1 ]]; then
for type in object container account; do
- screen_it s-${type} "cd $SWIFT_DIR && sudo tail -f /var/log/$APACHE_NAME/${type}-server-1"
+ tail_log s-${type} /var/log/$APACHE_NAME/${type}-server-1
done
fi
return 0
@@ -666,6 +712,7 @@
# service so we can run it in foreground in screen. ``swift-init ...
# {stop|restart}`` exits with '1' if no servers are running, ignore it just
# in case
+ local todo type
swift-init --run-dir=${SWIFT_DATA_DIR}/run all restart || true
if [[ ${SWIFT_REPLICAS} == 1 ]]; then
todo="object container account"
@@ -673,16 +720,25 @@
for type in proxy ${todo}; do
swift-init --run-dir=${SWIFT_DATA_DIR}/run ${type} stop || true
done
- screen_it s-proxy "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v"
+ if is_service_enabled tls-proxy; then
+ local proxy_port=${SWIFT_DEFAULT_BIND_PORT:-8080}
+ start_tls_proxy '*' $proxy_port $SERVICE_HOST $SWIFT_DEFAULT_BIND_PORT_INT &
+ fi
+ run_process s-proxy "$SWIFT_DIR/bin/swift-proxy-server ${SWIFT_CONF_DIR}/proxy-server.conf -v"
if [[ ${SWIFT_REPLICAS} == 1 ]]; then
for type in object container account; do
- screen_it s-${type} "cd $SWIFT_DIR && $SWIFT_DIR/bin/swift-${type}-server ${SWIFT_CONF_DIR}/${type}-server/1.conf -v"
+ run_process s-${type} "$SWIFT_DIR/bin/swift-${type}-server ${SWIFT_CONF_DIR}/${type}-server/1.conf -v"
done
fi
+
+ if [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]]; then
+ swift_configure_tempurls
+ fi
}
# stop_swift() - Stop running processes (non-screen)
function stop_swift {
+ local type
if [ "$SWIFT_USE_MOD_WSGI" == "True" ]; then
swift-init --run-dir=${SWIFT_DATA_DIR}/run rest stop && return 0
@@ -693,14 +749,21 @@
swift-init --run-dir=${SWIFT_DATA_DIR}/run all stop || true
fi
# Dump all of the servers
- # Maintain the iteration as screen_stop() has some desirable side-effects
+ # Maintain the iteration as stop_process() has some desirable side-effects
for type in proxy object container account; do
- screen_stop s-${type}
+ stop_process s-${type}
done
# Blast out any stragglers
pkill -f swift-
}
+function swift_configure_tempurls {
+ OS_USERNAME=swift \
+ OS_TENANT_NAME=$SERVICE_TENANT_NAME \
+ OS_PASSWORD=$SERVICE_PASSWORD \
+ swift post -m "Temp-URL-Key: $SWIFT_TEMPURL_KEY"
+}
+
# Restore xtrace
$XTRACE
diff --git a/lib/tempest b/lib/tempest
index 5ad2572..66f1a78 100644
--- a/lib/tempest
+++ b/lib/tempest
@@ -28,6 +28,7 @@
# - ``DEFAULT_INSTANCE_TYPE``
# - ``DEFAULT_INSTANCE_USER``
# - ``CINDER_MULTI_LVM_BACKEND``
+# - ``CINDER_ENABLED_BACKENDS``
#
# ``stack.sh`` calls the entry points in this order:
#
@@ -48,19 +49,26 @@
TEMPEST_CONFIG_DIR=${TEMPEST_CONFIG_DIR:-$TEMPEST_DIR/etc}
TEMPEST_CONFIG=$TEMPEST_CONFIG_DIR/tempest.conf
TEMPEST_STATE_PATH=${TEMPEST_STATE_PATH:=$DATA_DIR/tempest}
+TEMPEST_LIB_DIR=$DEST/tempest-lib
NOVA_SOURCE_DIR=$DEST/nova
BUILD_INTERVAL=1
-BUILD_TIMEOUT=196
+
+# This is the timeout that tempest will wait for a VM to change state,
+# spawn, delete, etc.
+# The default is set to 196 seconds.
+BUILD_TIMEOUT=${BUILD_TIMEOUT:-196}
BOTO_MATERIALS_PATH="$FILES/images/s3-materials/cirros-${CIRROS_VERSION}"
# Cinder/Volume variables
TEMPEST_VOLUME_DRIVER=${TEMPEST_VOLUME_DRIVER:-default}
-TEMPEST_VOLUME_VENDOR=${TEMPEST_VOLUME_VENDOR:-"Open Source"}
-TEMPEST_STORAGE_PROTOCOL=${TEMPEST_STORAGE_PROTOCOL:-iSCSI}
+TEMPEST_DEFAULT_VOLUME_VENDOR="Open Source"
+TEMPEST_VOLUME_VENDOR=${TEMPEST_VOLUME_VENDOR:-$TEMPEST_DEFAULT_VOLUME_VENDOR}
+TEMPEST_DEFAULT_STORAGE_PROTOCOL="iSCSI"
+TEMPEST_STORAGE_PROTOCOL=${TEMPEST_STORAGE_PROTOCOL:-$TEMPEST_DEFAULT_STORAGE_PROTOCOL}
# Neutron/Network variables
IPV6_ENABLED=$(trueorfalse True $IPV6_ENABLED)
@@ -108,6 +116,8 @@
image_uuid_alt="$IMAGE_UUID"
fi
images+=($IMAGE_UUID)
+ # TODO(stevemar): update this command to use openstackclient's `openstack image list`
+ # when it supports listing by status.
done < <(glance image-list --status=active | awk -F'|' '!/^(+--)|ID|aki|ari/ { print $3,$2 }')
case "${#images[*]}" in
@@ -277,17 +287,18 @@
iniset $TEMPEST_CONFIG compute image_ref $image_uuid
iniset $TEMPEST_CONFIG compute image_ssh_user ${DEFAULT_INSTANCE_USER:-cirros}
iniset $TEMPEST_CONFIG compute image_ref_alt $image_uuid_alt
- iniset $TEMPEST_CONFIG compute image_alt_ssh_user ${DEFAULT_INSTANCE_USER:-cirros}
+ iniset $TEMPEST_CONFIG compute image_alt_ssh_user ${ALT_INSTANCE_USER:-cirros}
iniset $TEMPEST_CONFIG compute flavor_ref $flavor_ref
iniset $TEMPEST_CONFIG compute flavor_ref_alt $flavor_ref_alt
iniset $TEMPEST_CONFIG compute ssh_connect_method $ssh_connect_method
# Compute Features
- iniset $TEMPEST_CONFIG compute-feature-enabled api_v3 ${TEMPEST_NOVA_API_V3:-False}
iniset $TEMPEST_CONFIG compute-feature-enabled resize True
iniset $TEMPEST_CONFIG compute-feature-enabled live_migration ${LIVE_MIGRATION_AVAILABLE:-False}
iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
iniset $TEMPEST_CONFIG compute-feature-enabled block_migration_for_live_migration ${USE_BLOCK_MIGRATION_FOR_LIVE_MIGRATION:-False}
+ iniset $TEMPEST_CONFIG compute-feature-enabled api_extensions ${COMPUTE_API_EXTENSIONS:-"all"}
+ iniset $TEMPEST_CONFIG compute-feature-disabled api_extensions ${DISABLE_COMPUTE_API_EXTENSIONS}
# Compute admin
iniset $TEMPEST_CONFIG "compute-admin" username $ADMIN_USERNAME
@@ -302,9 +313,11 @@
iniset $TEMPEST_CONFIG network default_network "$FIXED_RANGE"
iniset $TEMPEST_CONFIG network-feature-enabled ipv6 "$IPV6_ENABLED"
iniset $TEMPEST_CONFIG network-feature-enabled ipv6_subnet_attributes "$IPV6_SUBNET_ATTRIBUTES_ENABLED"
+ iniset $TEMPEST_CONFIG network-feature-enabled api_extensions ${NETWORK_API_EXTENSIONS:-"all"}
+ iniset $TEMPEST_CONFIG network-feature-disabled api_extensions ${DISABLE_NETWORK_API_EXTENSIONS}
# boto
- iniset $TEMPEST_CONFIG boto ec2_url "http://$SERVICE_HOST:8773/services/Cloud"
+ iniset $TEMPEST_CONFIG boto ec2_url "$EC2_SERVICE_PROTOCOL://$SERVICE_HOST:8773/services/Cloud"
iniset $TEMPEST_CONFIG boto s3_url "http://$SERVICE_HOST:${S3_SERVICE_PORT:-3333}"
iniset $TEMPEST_CONFIG boto s3_materials_path "$BOTO_MATERIALS_PATH"
iniset $TEMPEST_CONFIG boto ari_manifest cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-initrd.manifest.xml
@@ -342,19 +355,35 @@
# Once Tempest retires support for icehouse this flag can be removed.
iniset $TEMPEST_CONFIG telemetry too_slow_to_test "False"
+ # Object storage
+ iniset $TEMPEST_CONFIG object-storage-feature-enabled discoverable_apis ${OBJECT_STORAGE_API_EXTENSIONS:-"all"}
+ iniset $TEMPEST_CONFIG object-storage-feature-disabled discoverable_apis ${OBJECT_STORAGE_DISABLE_API_EXTENSIONS}
+
# Volume
+ iniset $TEMPEST_CONFIG volume-feature-enabled api_extensions ${VOLUME_API_EXTENSIONS:-"all"}
+ iniset $TEMPEST_CONFIG volume-feature-disabled api_extensions ${DISABLE_VOLUME_API_EXTENSIONS}
if ! is_service_enabled c-bak; then
iniset $TEMPEST_CONFIG volume-feature-enabled backup False
fi
- CINDER_MULTI_LVM_BACKEND=$(trueorfalse False $CINDER_MULTI_LVM_BACKEND)
- if [ $CINDER_MULTI_LVM_BACKEND == "True" ]; then
+
+ # Using CINDER_ENABLED_BACKENDS
+ if [[ -n "$CINDER_ENABLED_BACKENDS" ]] && [[ $CINDER_ENABLED_BACKENDS =~ .*,.* ]]; then
iniset $TEMPEST_CONFIG volume-feature-enabled multi_backend "True"
- iniset $TEMPEST_CONFIG volume backend1_name "LVM_iSCSI"
- iniset $TEMPEST_CONFIG volume backend2_name "LVM_iSCSI_2"
+ local i=1
+ local be
+ for be in ${CINDER_ENABLED_BACKENDS//,/ }; do
+ local be_name=${be##*:}
+ iniset $TEMPEST_CONFIG volume "backend${i}_name" "$be_name"
+ i=$(( i + 1 ))
+ done
fi
- if [ $TEMPEST_VOLUME_DRIVER != "default" ]; then
- iniset $TEMPEST_CONFIG volume vendor_name $TEMPEST_VOLUME_VENDOR
+ if [ $TEMPEST_VOLUME_DRIVER != "default" -o \
+ "$TEMPEST_VOLUME_VENDOR" != "$TEMPEST_DEFAULT_VOLUME_VENDOR" ]; then
+ iniset $TEMPEST_CONFIG volume vendor_name "$TEMPEST_VOLUME_VENDOR"
+ fi
+ if [ $TEMPEST_VOLUME_DRIVER != "default" -o \
+ $TEMPEST_STORAGE_PROTOCOL != $TEMPEST_DEFAULT_STORAGE_PROTOCOL ]; then
iniset $TEMPEST_CONFIG volume storage_protocol $TEMPEST_STORAGE_PROTOCOL
fi
@@ -365,12 +394,19 @@
# cli
iniset $TEMPEST_CONFIG cli cli_dir $NOVA_BIN_DIR
- # Networking
- iniset $TEMPEST_CONFIG network-feature-enabled api_extensions "${NETWORK_API_EXTENSIONS:-all}"
-
# Baremetal
if [ "$VIRT_DRIVER" = "ironic" ] ; then
iniset $TEMPEST_CONFIG baremetal driver_enabled True
+ iniset $TEMPEST_CONFIG compute-feature-enabled change_password False
+ iniset $TEMPEST_CONFIG compute-feature-enabled console_output False
+ iniset $TEMPEST_CONFIG compute-feature-enabled interface_attach False
+ iniset $TEMPEST_CONFIG compute-feature-enabled live_migration False
+ iniset $TEMPEST_CONFIG compute-feature-enabled pause False
+ iniset $TEMPEST_CONFIG compute-feature-enabled rescue False
+ iniset $TEMPEST_CONFIG compute-feature-enabled resize False
+ iniset $TEMPEST_CONFIG compute-feature-enabled shelve False
+ iniset $TEMPEST_CONFIG compute-feature-enabled snapshot False
+ iniset $TEMPEST_CONFIG compute-feature-enabled suspend False
fi
# service_available
@@ -403,10 +439,17 @@
fi
}
+# install_tempest_lib() - Collect source, prepare, and install tempest-lib
+function install_tempest_lib {
+ git_clone $TEMPEST_LIB_REPO $TEMPEST_LIB_DIR $TEMPEST_LIB_BRANCH
+ setup_develop $TEMPEST_LIB_DIR
+}
+
# install_tempest() - Collect source and prepare
function install_tempest {
+ install_tempest_lib
git_clone $TEMPEST_REPO $TEMPEST_DIR $TEMPEST_BRANCH
- pip_install "tox<1.7"
+ pip_install tox
}
# init_tempest() - Initialize ec2 images
@@ -421,6 +464,7 @@
if [ -f "$kernel" -a -f "$ramdisk" -a -f "$disk_image" -a "$VIRT_DRIVER" != "openvz" \
-a \( "$LIBVIRT_TYPE" != "lxc" -o "$VIRT_DRIVER" != "libvirt" \) ]; then
echo "Prepare aki/ari/ami Images"
+ mkdir -p $BOTO_MATERIALS_PATH
( #new namespace
# tenant:demo ; user: demo
source $TOP_DIR/accrc/demo/demo
diff --git a/lib/template b/lib/template
index efe5826..f77409b 100644
--- a/lib/template
+++ b/lib/template
@@ -75,13 +75,17 @@
# start_XXXX() - Start running processes, including screen
function start_XXXX {
- # screen_it XXXX "cd $XXXX_DIR && $XXXX_DIR/bin/XXXX-bin"
+ # The quoted command must be a single command and not include an
+ # shell metacharacters, redirections or shell builtins.
+ # run_process XXXX "$XXXX_DIR/bin/XXXX-bin"
:
}
# stop_XXXX() - Stop running processes (non-screen)
function stop_XXXX {
- # FIXME(dtroyer): stop only our screen screen window?
+ # for serv in serv-a serv-b; do
+ # stop_process $serv
+ # done
:
}
diff --git a/lib/tls b/lib/tls
index e58e513..fdb798f 100644
--- a/lib/tls
+++ b/lib/tls
@@ -14,6 +14,7 @@
#
# - configure_CA
# - init_CA
+# - cleanup_CA
# - configure_proxy
# - start_tls_proxy
@@ -27,6 +28,7 @@
# - start_tls_proxy HOST_IP 5000 localhost 5000
# - ensure_certificates
# - is_ssl_enabled_service
+# - enable_mod_ssl
# Defaults
# --------
@@ -34,14 +36,9 @@
if is_service_enabled tls-proxy; then
# TODO(dtroyer): revisit this below after the search for HOST_IP has been done
TLS_IP=${TLS_IP:-$SERVICE_IP}
-
- # Set the default ``SERVICE_PROTOCOL`` for TLS
- SERVICE_PROTOCOL=https
fi
-# Make up a hostname for cert purposes
-# will be added to /etc/hosts?
-DEVSTACK_HOSTNAME=secure.devstack.org
+DEVSTACK_HOSTNAME=$(hostname -f)
DEVSTACK_CERT_NAME=devstack-cert
DEVSTACK_CERT=$DATA_DIR/$DEVSTACK_CERT_NAME.pem
@@ -84,6 +81,7 @@
return 0
fi
+ local i
for i in certs crl newcerts private; do
mkdir -p $ca_dir/$i
done
@@ -208,6 +206,29 @@
# Create the CA bundle
cat $ROOT_CA_DIR/cacert.pem $INT_CA_DIR/cacert.pem >>$INT_CA_DIR/ca-chain.pem
+ cat $INT_CA_DIR/ca-chain.pem >> $SSL_BUNDLE_FILE
+
+ if is_fedora; then
+ sudo cp $INT_CA_DIR/ca-chain.pem /usr/share/pki/ca-trust-source/anchors/devstack-chain.pem
+ sudo update-ca-trust
+ elif is_ubuntu; then
+ sudo cp $INT_CA_DIR/ca-chain.pem /usr/local/share/ca-certificates/devstack-int.crt
+ sudo cp $ROOT_CA_DIR/cacert.pem /usr/local/share/ca-certificates/devstack-root.crt
+ sudo update-ca-certificates
+ fi
+}
+
+# Clean up the CA files
+# cleanup_CA
+function cleanup_CA {
+ if is_fedora; then
+ sudo rm -f /usr/share/pki/ca-trust-source/anchors/devstack-chain.pem
+ sudo update-ca-trust
+ elif is_ubuntu; then
+ sudo rm -f /usr/local/share/ca-certificates/devstack-int.crt
+ sudo rm -f /usr/local/share/ca-certificates/devstack-root.crt
+ sudo update-ca-certificates
+ fi
}
# Create an initial server cert
@@ -234,31 +255,34 @@
local common_name=$3
local alt_names=$4
- # Generate a signing request
- $OPENSSL req \
- -sha1 \
- -newkey rsa \
- -nodes \
- -keyout $ca_dir/private/$cert_name.key \
- -out $ca_dir/$cert_name.csr \
- -subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}"
+ # Only generate the certificate if it doesn't exist yet on the disk
+ if [ ! -r "$ca_dir/$cert_name.crt" ]; then
+ # Generate a signing request
+ $OPENSSL req \
+ -sha1 \
+ -newkey rsa \
+ -nodes \
+ -keyout $ca_dir/private/$cert_name.key \
+ -out $ca_dir/$cert_name.csr \
+ -subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}"
- if [[ -z "$alt_names" ]]; then
- alt_names="DNS:${common_name}"
- else
- alt_names="DNS:${common_name},${alt_names}"
+ if [[ -z "$alt_names" ]]; then
+ alt_names="DNS:${common_name}"
+ else
+ alt_names="DNS:${common_name},${alt_names}"
+ fi
+
+ # Sign the request valid for 1 year
+ SUBJECT_ALT_NAME="$alt_names" \
+ $OPENSSL ca -config $ca_dir/signing.conf \
+ -extensions req_extensions \
+ -days 365 \
+ -notext \
+ -in $ca_dir/$cert_name.csr \
+ -out $ca_dir/$cert_name.crt \
+ -subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}" \
+ -batch
fi
-
- # Sign the request valid for 1 year
- SUBJECT_ALT_NAME="$alt_names" \
- $OPENSSL ca -config $ca_dir/signing.conf \
- -extensions req_extensions \
- -days 365 \
- -notext \
- -in $ca_dir/$cert_name.csr \
- -out $ca_dir/$cert_name.crt \
- -subj "/O=${ORG_NAME}/OU=${ORG_UNIT_NAME} Servers/CN=${common_name}" \
- -batch
}
@@ -273,23 +297,25 @@
create_CA_config $ca_dir 'Intermediate CA'
create_signing_config $ca_dir
- # Create a signing certificate request
- $OPENSSL req -config $ca_dir/ca.conf \
- -sha1 \
- -newkey rsa \
- -nodes \
- -keyout $ca_dir/private/cacert.key \
- -out $ca_dir/cacert.csr \
- -outform PEM
+ if [ ! -r "$ca_dir/cacert.pem" ]; then
+ # Create a signing certificate request
+ $OPENSSL req -config $ca_dir/ca.conf \
+ -sha1 \
+ -newkey rsa \
+ -nodes \
+ -keyout $ca_dir/private/cacert.key \
+ -out $ca_dir/cacert.csr \
+ -outform PEM
- # Sign the intermediate request valid for 1 year
- $OPENSSL ca -config $signing_ca_dir/ca.conf \
- -extensions ca_extensions \
- -days 365 \
- -notext \
- -in $ca_dir/cacert.csr \
- -out $ca_dir/cacert.pem \
- -batch
+ # Sign the intermediate request valid for 1 year
+ $OPENSSL ca -config $signing_ca_dir/ca.conf \
+ -extensions ca_extensions \
+ -days 365 \
+ -notext \
+ -in $ca_dir/cacert.csr \
+ -out $ca_dir/cacert.pem \
+ -batch
+ fi
}
# Make a root CA to sign other CAs
@@ -325,6 +351,9 @@
function is_ssl_enabled_service {
local services=$@
local service=""
+ if [ "$USE_SSL" == "False" ]; then
+ return 1
+ fi
for service in ${services}; do
[[ ,${SSL_ENABLED_SERVICES}, =~ ,${service}, ]] && return 0
done
@@ -339,8 +368,12 @@
# The function expects to find a certificate, key and CA certificate in the
# variables {service}_SSL_CERT, {service}_SSL_KEY and {service}_SSL_CA. For
# example for keystone this would be KEYSTONE_SSL_CERT, KEYSTONE_SSL_KEY and
-# KEYSTONE_SSL_CA. If it does not find these certificates the program will
-# quit.
+# KEYSTONE_SSL_CA.
+#
+# If it does not find these certificates then the devstack-issued server
+# certificate, key and CA certificate will be associated with the service.
+#
+# If only some of the variables are provided then the function will quit.
function ensure_certificates {
local service=$1
@@ -352,7 +385,15 @@
local key=${!key_var}
local ca=${!ca_var}
- if [[ -z "$cert" || -z "$key" || -z "$ca" ]]; then
+ if [[ -z "$cert" && -z "$key" && -z "$ca" ]]; then
+ local cert="$INT_CA_DIR/$DEVSTACK_CERT_NAME.crt"
+ local key="$INT_CA_DIR/private/$DEVSTACK_CERT_NAME.key"
+ local ca="$INT_CA_DIR/ca-chain.pem"
+ eval ${service}_SSL_CERT=\$cert
+ eval ${service}_SSL_KEY=\$key
+ eval ${service}_SSL_CA=\$ca
+ return # the CA certificate is already in the bundle
+ elif [[ -z "$cert" || -z "$key" || -z "$ca" ]]; then
die $LINENO "Missing either the ${cert_var} ${key_var} or ${ca_var}" \
"variable to enable SSL for ${service}"
fi
@@ -360,6 +401,21 @@
cat $ca >> $SSL_BUNDLE_FILE
}
+# Enable the mod_ssl plugin in Apache
+function enable_mod_ssl {
+ echo "Enabling mod_ssl"
+
+ if is_ubuntu; then
+ sudo a2enmod ssl
+ elif is_fedora; then
+ # Fedora enables mod_ssl by default
+ :
+ fi
+ if ! sudo `which httpd || which apache2ctl` -M | grep -w -q ssl_module; then
+ die $LINENO "mod_ssl is not enabled in apache2/httpd, please check for it manually and run stack.sh again"
+ fi
+}
+
# Proxy Functions
# ===============
@@ -377,7 +433,7 @@
# Cleanup Functions
-# ===============
+# =================
# Stops all stud processes. This should be done only after all services
diff --git a/lib/trove b/lib/trove
index 6877d0f..4ac7293 100644
--- a/lib/trove
+++ b/lib/trove
@@ -76,21 +76,20 @@
# service trove admin # if enabled
function create_trove_accounts {
- # Trove
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
- SERVICE_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ local service_role=$(openstack role list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "trove" ]]; then
- TROVE_USER=$(get_or_create_user "trove" \
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
- get_or_add_user_role $SERVICE_ROLE $TROVE_USER $SERVICE_TENANT
+ local trove_user=$(get_or_create_user "trove" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $service_role $trove_user $service_tenant
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
- TROVE_SERVICE=$(get_or_create_service "trove" \
+ local trove_service=$(get_or_create_service "trove" \
"database" "Trove Service")
- get_or_create_endpoint $TROVE_SERVICE \
+ get_or_create_endpoint $trove_service \
"$REGION_NAME" \
"http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
"http://$SERVICE_HOST:8779/v1.0/\$(tenant_id)s" \
@@ -129,12 +128,7 @@
cp $TROVE_LOCAL_CONF_DIR/api-paste.ini $TROVE_CONF_DIR/api-paste.ini
TROVE_API_PASTE_INI=$TROVE_CONF_DIR/api-paste.ini
- iniset $TROVE_API_PASTE_INI filter:authtoken identity_uri $KEYSTONE_AUTH_URI
- iniset $TROVE_API_PASTE_INI filter:authtoken cafile $KEYSTONE_SSL_CA
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_user trove
- iniset $TROVE_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD
- iniset $TROVE_API_PASTE_INI filter:authtoken signing_dir $TROVE_AUTH_CACHE_DIR
+ configure_auth_token_middleware $TROVE_API_PASTE_INI trove $TROVE_AUTH_CACHE_DIR filter:authtoken
# (Re)create trove conf files
rm -f $TROVE_CONF_DIR/trove.conf
@@ -145,6 +139,8 @@
iniset $TROVE_CONF_DIR/trove.conf DEFAULT sql_connection `database_connection_url trove`
iniset $TROVE_CONF_DIR/trove.conf DEFAULT default_datastore $TROVE_DATASTORE_TYPE
setup_trove_logging $TROVE_CONF_DIR/trove.conf
+ iniset $TROVE_CONF_DIR/trove.conf DEFAULT trove_api_workers "$API_WORKERS"
+
# (Re)create trove taskmanager conf file if needed
if is_service_enabled tr-tmgr; then
@@ -211,7 +207,7 @@
# The image is uploaded by stack.sh -- see $IMAGE_URLS handling
GUEST_IMAGE_NAME=$(basename "$TROVE_GUEST_IMAGE_URL")
GUEST_IMAGE_NAME=${GUEST_IMAGE_NAME%.*}
- TROVE_GUEST_IMAGE_ID=$(glance --os-auth-token $TOKEN --os-image-url http://$GLANCE_HOSTPORT image-list | grep "${GUEST_IMAGE_NAME}" | get_field 1)
+ TROVE_GUEST_IMAGE_ID=$(openstack --os-token $TOKEN --os-url $GLANCE_SERVICE_PROTOCOL://$GLANCE_HOSTPORT image list | grep "${GUEST_IMAGE_NAME}" | get_field 1)
if [ -z "$TROVE_GUEST_IMAGE_ID" ]; then
# If no glance id is found, skip remaining setup
echo "Datastore ${TROVE_DATASTORE_TYPE} will not be created: guest image ${GUEST_IMAGE_NAME} not found."
@@ -229,16 +225,17 @@
# start_trove() - Start running processes, including screen
function start_trove {
- screen_it tr-api "cd $TROVE_DIR; $TROVE_BIN_DIR/trove-api --config-file=$TROVE_CONF_DIR/trove.conf --debug 2>&1"
- screen_it tr-tmgr "cd $TROVE_DIR; $TROVE_BIN_DIR/trove-taskmanager --config-file=$TROVE_CONF_DIR/trove-taskmanager.conf --debug 2>&1"
- screen_it tr-cond "cd $TROVE_DIR; $TROVE_BIN_DIR/trove-conductor --config-file=$TROVE_CONF_DIR/trove-conductor.conf --debug 2>&1"
+ run_process tr-api "$TROVE_BIN_DIR/trove-api --config-file=$TROVE_CONF_DIR/trove.conf --debug"
+ run_process tr-tmgr "$TROVE_BIN_DIR/trove-taskmanager --config-file=$TROVE_CONF_DIR/trove-taskmanager.conf --debug"
+ run_process tr-cond "$TROVE_BIN_DIR/trove-conductor --config-file=$TROVE_CONF_DIR/trove-conductor.conf --debug"
}
# stop_trove() - Stop running processes
function stop_trove {
# Kill the trove screen windows
+ local serv
for serv in tr-api tr-tmgr tr-cond; do
- screen_stop $serv
+ stop_process $serv
done
}
diff --git a/lib/zaqar b/lib/zaqar
new file mode 100644
index 0000000..b8570eb
--- /dev/null
+++ b/lib/zaqar
@@ -0,0 +1,234 @@
+# lib/zaqar
+# Install and start **Zaqar** service
+
+# To enable a minimal set of Zaqar services, add the following to localrc:
+#
+# enable_service zaqar-server
+#
+# Dependencies:
+# - functions
+# - OS_AUTH_URL for auth in api
+# - DEST set to the destination directory
+# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api
+# - STACK_USER service user
+
+# stack.sh
+# ---------
+# install_zaqar
+# configure_zaqar
+# init_zaqar
+# start_zaqar
+# stop_zaqar
+# cleanup_zaqar
+# cleanup_zaqar_mongodb
+
+# Save trace setting
+XTRACE=$(set +o | grep xtrace)
+set +o xtrace
+
+
+# Defaults
+# --------
+
+# Set up default directories
+ZAQAR_DIR=$DEST/zaqar
+ZAQARCLIENT_DIR=$DEST/python-zaqarclient
+ZAQAR_CONF_DIR=/etc/zaqar
+ZAQAR_CONF=$ZAQAR_CONF_DIR/zaqar.conf
+ZAQAR_API_LOG_DIR=/var/log/zaqar
+ZAQAR_API_LOG_FILE=$ZAQAR_API_LOG_DIR/queues.log
+ZAQAR_AUTH_CACHE_DIR=${ZAQAR_AUTH_CACHE_DIR:-/var/cache/zaqar}
+
+# Support potential entry-points console scripts
+ZAQAR_BIN_DIR=$(get_python_exec_prefix)
+
+# Set up database backend
+ZAQAR_BACKEND=${ZAQAR_BACKEND:-mongodb}
+
+
+# Set Zaqar repository
+ZAQAR_REPO=${ZAQAR_REPO:-${GIT_BASE}/openstack/zaqar.git}
+ZAQAR_BRANCH=${ZAQAR_BRANCH:-master}
+
+# Set client library repository
+ZAQARCLIENT_REPO=${ZAQARCLIENT_REPO:-${GIT_BASE}/openstack/python-zaqarclient.git}
+ZAQARCLIENT_BRANCH=${ZAQARCLIENT_BRANCH:-master}
+
+# Set Zaqar Connection Info
+ZAQAR_SERVICE_HOST=${ZAQAR_SERVICE_HOST:-$SERVICE_HOST}
+ZAQAR_SERVICE_PORT=${ZAQAR_SERVICE_PORT:-8888}
+ZAQAR_SERVICE_PROTOCOL=${ZAQAR_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
+
+# Tell Tempest this project is present
+TEMPEST_SERVICES+=,zaqar
+
+
+# Functions
+# ---------
+
+# Test if any Zaqar services are enabled
+# is_zaqar_enabled
+function is_zaqar_enabled {
+ [[ ,${ENABLED_SERVICES} =~ ,"zaqar-" ]] && return 0
+ return 1
+}
+
+# cleanup_zaqar() - Cleans up general things from previous
+# runs and storage specific left overs.
+function cleanup_zaqar {
+ if [ "$ZAQAR_BACKEND" = 'mongodb' ] ; then
+ cleanup_zaqar_mongodb
+ fi
+}
+
+# cleanup_zaqar_mongodb() - Remove residual data files, anything left over from previous
+# runs that a clean run would need to clean up
+function cleanup_zaqar_mongodb {
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! mongo zaqar --eval 'db.dropDatabase();'; do sleep 1; done"; then
+ die $LINENO "Mongo DB did not start"
+ else
+ full_version=$(mongo zaqar --eval 'db.dropDatabase();')
+ mongo_version=`echo $full_version | cut -d' ' -f4`
+ required_mongo_version='2.2'
+ if [[ $mongo_version < $required_mongo_version ]]; then
+ die $LINENO "Zaqar needs Mongo DB version >= 2.2 to run."
+ fi
+ fi
+}
+
+# configure_zaqarclient() - Set config files, create data dirs, etc
+function configure_zaqarclient {
+ setup_develop $ZAQARCLIENT_DIR
+}
+
+# configure_zaqar() - Set config files, create data dirs, etc
+function configure_zaqar {
+ setup_develop $ZAQAR_DIR
+
+ [ ! -d $ZAQAR_CONF_DIR ] && sudo mkdir -m 755 -p $ZAQAR_CONF_DIR
+ sudo chown $USER $ZAQAR_CONF_DIR
+
+ [ ! -d $ZAQAR_API_LOG_DIR ] && sudo mkdir -m 755 -p $ZAQAR_API_LOG_DIR
+ sudo chown $USER $ZAQAR_API_LOG_DIR
+
+ iniset $ZAQAR_CONF DEFAULT verbose True
+ iniset $ZAQAR_CONF DEFAULT use_syslog $SYSLOG
+ iniset $ZAQAR_CONF DEFAULT log_file $ZAQAR_API_LOG_FILE
+ iniset $ZAQAR_CONF 'drivers:transport:wsgi' bind $ZAQAR_SERVICE_HOST
+
+ configure_auth_token_middleware $ZAQAR_CONF zaqar $ZAQAR_AUTH_CACHE_DIR
+
+ if [ "$ZAQAR_BACKEND" = 'mysql' ] || [ "$ZAQAR_BACKEND" = 'postgresql' ] ; then
+ iniset $ZAQAR_CONF drivers storage sqlalchemy
+ iniset $ZAQAR_CONF 'drivers:storage:sqlalchemy' uri `database_connection_url zaqar`
+ elif [ "$ZAQAR_BACKEND" = 'mongodb' ] ; then
+ iniset $ZAQAR_CONF drivers storage mongodb
+ iniset $ZAQAR_CONF 'drivers:storage:mongodb' uri mongodb://localhost:27017/zaqar
+ configure_mongodb
+ elif [ "$ZAQAR_BACKEND" = 'redis' ] ; then
+ iniset $ZAQAR_CONF drivers storage redis
+ iniset $ZAQAR_CONF 'drivers:storage:redis' uri redis://localhost:6379
+ configure_redis
+ fi
+
+ cleanup_zaqar
+}
+
+function configure_redis {
+ if is_ubuntu; then
+ install_package redis-server
+ elif is_fedora; then
+ install_package redis
+ else
+ exit_distro_not_supported "redis installation"
+ fi
+
+ install_package python-redis
+}
+
+function configure_mongodb {
+ # Set nssize to 2GB. This increases the number of namespaces supported
+ # # per database.
+ if is_ubuntu; then
+ sudo sed -i -e "
+ s|[^ \t]*#[ \t]*\(nssize[ \t]*=.*\$\)|\1|
+ s|^\(nssize[ \t]*=[ \t]*\).*\$|\1 2047|
+ " /etc/mongodb.conf
+ restart_service mongodb
+ elif is_fedora; then
+ sudo sed -i '/--nssize/!s/OPTIONS=\"/OPTIONS=\"--nssize 2047 /' /etc/sysconfig/mongod
+ restart_service mongod
+ fi
+}
+
+# init_zaqar() - Initialize etc.
+function init_zaqar {
+ # Create cache dir
+ sudo mkdir -p $ZAQAR_AUTH_CACHE_DIR
+ sudo chown $STACK_USER $ZAQAR_AUTH_CACHE_DIR
+ rm -f $ZAQAR_AUTH_CACHE_DIR/*
+}
+
+# install_zaqar() - Collect source and prepare
+function install_zaqar {
+ git_clone $ZAQAR_REPO $ZAQAR_DIR $ZAQAR_BRANCH
+ setup_develop $ZAQAR_DIR
+}
+
+# install_zaqarclient() - Collect source and prepare
+function install_zaqarclient {
+ git_clone $ZAQARCLIENT_REPO $ZAQARCLIENT_DIR $ZAQARCLIENT_BRANCH
+ setup_develop $ZAQARCLIENT_DIR
+}
+
+# start_zaqar() - Start running processes, including screen
+function start_zaqar {
+ if [[ "$USE_SCREEN" = "False" ]]; then
+ run_process zaqar-server "zaqar-server --config-file $ZAQAR_CONF --daemon"
+ else
+ run_process zaqar-server "zaqar-server --config-file $ZAQAR_CONF"
+ fi
+
+ echo "Waiting for Zaqar to start..."
+ if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT/v1/health; do sleep 1; done"; then
+ die $LINENO "Zaqar did not start"
+ fi
+}
+
+# stop_zaqar() - Stop running processes
+function stop_zaqar {
+ local serv
+ # Kill the zaqar screen windows
+ for serv in zaqar-server; do
+ screen -S $SCREEN_NAME -p $serv -X kill
+ done
+}
+
+function create_zaqar_accounts {
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
+ ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
+
+ local zaqar_user=$(get_or_create_user "zaqar" \
+ "$SERVICE_PASSWORD" $service_tenant)
+ get_or_add_user_role $ADMIN_ROLE $zaqar_user $service_tenant
+
+ if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
+
+ local zaqar_service=$(get_or_create_service "zaqar" \
+ "messaging" "Zaqar Service")
+ get_or_create_endpoint $zaqar_service \
+ "$REGION_NAME" \
+ "$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \
+ "$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \
+ "$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT"
+ fi
+
+}
+
+
+# Restore xtrace
+$XTRACE
+
+# Local variables:
+# mode: shell-script
+# End:
diff --git a/run_tests.sh b/run_tests.sh
index b1aef4f..bf90332 100755
--- a/run_tests.sh
+++ b/run_tests.sh
@@ -43,7 +43,7 @@
echo "Running bash8..."
-./tools/bash8.py -v $FILES
+tox -ebashate
pass_fail $? 0 bash8
diff --git a/setup.cfg b/setup.cfg
new file mode 100644
index 0000000..5887134
--- /dev/null
+++ b/setup.cfg
@@ -0,0 +1,23 @@
+[metadata]
+name = DevStack
+summary = OpenStack DevStack
+description-file =
+ README.md
+author = OpenStack
+author-email = openstack-dev@lists.openstack.org
+home-page = http://devstack.org
+classifier =
+ Intended Audience :: Developers
+ License :: OSI Approved :: Apache Software License
+ Operating System :: POSIX :: Linux
+
+[build_sphinx]
+all_files = 1
+build-dir = doc/build
+source-dir = doc/source
+
+[pbr]
+warnerrors = True
+
+[wheel]
+universal = 1
diff --git a/setup.py b/setup.py
new file mode 100755
index 0000000..70c2b3f
--- /dev/null
+++ b/setup.py
@@ -0,0 +1,22 @@
+#!/usr/bin/env python
+# Copyright (c) 2013 Hewlett-Packard Development Company, L.P.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+# implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+# THIS FILE IS MANAGED BY THE GLOBAL REQUIREMENTS REPO - DO NOT EDIT
+import setuptools
+
+setuptools.setup(
+ setup_requires=['pbr'],
+ pbr=True)
diff --git a/stack.sh b/stack.sh
index 03ecf28..ec13338 100755
--- a/stack.sh
+++ b/stack.sh
@@ -34,9 +34,51 @@
# Make sure umask is sane
umask 022
+# Not all distros have sbin in PATH for regular users.
+PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin
+
# Keep track of the devstack directory
TOP_DIR=$(cd $(dirname "$0") && pwd)
+# Sanity Checks
+# -------------
+
+# Clean up last environment var cache
+if [[ -r $TOP_DIR/.stackenv ]]; then
+ rm $TOP_DIR/.stackenv
+fi
+
+# ``stack.sh`` keeps the list of ``apt`` and ``rpm`` dependencies and config
+# templates and other useful files in the ``files`` subdirectory
+FILES=$TOP_DIR/files
+if [ ! -d $FILES ]; then
+ die $LINENO "missing devstack/files"
+fi
+
+# ``stack.sh`` keeps function libraries here
+# Make sure ``$TOP_DIR/lib`` directory is present
+if [ ! -d $TOP_DIR/lib ]; then
+ die $LINENO "missing devstack/lib"
+fi
+
+# Check if run as root
+# OpenStack is designed to be run as a non-root user; Horizon will fail to run
+# as **root** since Apache will not serve content from **root** user).
+# ``stack.sh`` must not be run as **root**. It aborts and suggests one course of
+# action to create a suitable user account.
+
+if [[ $EUID -eq 0 ]]; then
+ echo "You are running this script as root."
+ echo "Cut it out."
+ echo "Really."
+ echo "If you need an account to run DevStack, do this (as root, heh) to create a non-root account:"
+ echo "$TOP_DIR/tools/create-stack-user.sh"
+ exit 1
+fi
+
+# Prepare the environment
+# -----------------------
+
# Import common functions
source $TOP_DIR/functions
@@ -48,9 +90,18 @@
# and ``DISTRO``
GetDistro
+# Warn users who aren't on an explicitly supported distro, but allow them to
+# override check and attempt installation with ``FORCE=yes ./stack``
+if [[ ! ${DISTRO} =~ (precise|trusty|7.0|wheezy|sid|testing|jessie|f19|f20|rhel6|rhel7) ]]; then
+ echo "WARNING: this script has not been tested on $DISTRO"
+ if [[ "$FORCE" != "yes" ]]; then
+ die $LINENO "If you wish to run this script anyway run with FORCE=yes"
+ fi
+fi
+
# Global Settings
-# ===============
+# ---------------
# Check for a ``localrc`` section embedded in ``local.conf`` and extract if
# ``localrc`` does not already exist
@@ -71,6 +122,7 @@
done
fi
+
# ``stack.sh`` is customizable by setting environment variables. Override a
# default setting via export::
#
@@ -99,6 +151,15 @@
fi
source $TOP_DIR/stackrc
+# Check to see if we are already running DevStack
+# Note that this may fail if USE_SCREEN=False
+if type -p screen > /dev/null && screen -ls | egrep -q "[0-9]\.$SCREEN_NAME"; then
+ echo "You are already running a stack.sh session."
+ echo "To rejoin this session type 'screen -x stack'."
+ echo "To destroy this session, type './unstack.sh'."
+ exit 1
+fi
+
# Local Settings
# --------------
@@ -106,49 +167,11 @@
# Make sure the proxy config is visible to sub-processes
export_proxy_variables
-# Destination path for installation ``DEST``
-DEST=${DEST:-/opt/stack}
-
-
-# Sanity Check
-# ------------
-
-# Clean up last environment var cache
-if [[ -r $TOP_DIR/.stackenv ]]; then
- rm $TOP_DIR/.stackenv
-fi
-
-# ``stack.sh`` keeps the list of ``apt`` and ``rpm`` dependencies and config
-# templates and other useful files in the ``files`` subdirectory
-FILES=$TOP_DIR/files
-if [ ! -d $FILES ]; then
- die $LINENO "missing devstack/files"
-fi
-
-# ``stack.sh`` keeps function libraries here
-# Make sure ``$TOP_DIR/lib`` directory is present
-if [ ! -d $TOP_DIR/lib ]; then
- die $LINENO "missing devstack/lib"
-fi
-
-# Import common services (database, message queue) configuration
-source $TOP_DIR/lib/database
-source $TOP_DIR/lib/rpc_backend
-
# Remove services which were negated in ENABLED_SERVICES
# using the "-" prefix (e.g., "-rabbit") instead of
# calling disable_service().
disable_negated_services
-# Warn users who aren't on an explicitly supported distro, but allow them to
-# override check and attempt installation with ``FORCE=yes ./stack``
-if [[ ! ${DISTRO} =~ (precise|saucy|trusty|7.0|wheezy|sid|testing|jessie|f19|f20|rhel6|rhel7) ]]; then
- echo "WARNING: this script has not been tested on $DISTRO"
- if [[ "$FORCE" != "yes" ]]; then
- die $LINENO "If you wish to run this script anyway run with FORCE=yes"
- fi
-fi
-
# Look for obsolete stuff
if [[ ,${ENABLED_SERVICES}, =~ ,"swift", ]]; then
echo "FATAL: 'swift' is not supported as a service name"
@@ -157,38 +180,8 @@
exit 1
fi
-# Make sure we only have one rpc backend enabled,
-# and the specified rpc backend is available on your platform.
-check_rpc_backend
-
-# Check to see if we are already running DevStack
-# Note that this may fail if USE_SCREEN=False
-if type -p screen >/dev/null && screen -ls | egrep -q "[0-9].$SCREEN_NAME"; then
- echo "You are already running a stack.sh session."
- echo "To rejoin this session type 'screen -x stack'."
- echo "To destroy this session, type './unstack.sh'."
- exit 1
-fi
-
-# Set up logging level
-VERBOSE=$(trueorfalse True $VERBOSE)
-
-# root Access
-# -----------
-
-# OpenStack is designed to be run as a non-root user; Horizon will fail to run
-# as **root** since Apache will not serve content from **root** user).
-# ``stack.sh`` must not be run as **root**. It aborts and suggests one course of
-# action to create a suitable user account.
-
-if [[ $EUID -eq 0 ]]; then
- echo "You are running this script as root."
- echo "Cut it out."
- echo "Really."
- echo "If you need an account to run DevStack, do this (as root, heh) to create $STACK_USER:"
- echo "$TOP_DIR/tools/create-stack-user.sh"
- exit 1
-fi
+# Configure sudo
+# --------------
# We're not **root**, make sure ``sudo`` is available
is_package_installed sudo || install_package sudo
@@ -208,18 +201,27 @@
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
-# Additional repos
-# ----------------
+
+# Configure Distro Repositories
+# -----------------------------
# For debian/ubuntu make apt attempt to retry network ops on it's own
if is_ubuntu; then
- echo 'APT::Acquire::Retries "20";' | sudo tee /etc/apt/apt.conf.d/80retry
+ echo 'APT::Acquire::Retries "20";' | sudo tee /etc/apt/apt.conf.d/80retry >/dev/null
+fi
+
+# upstream Rackspace centos7 images have an issue where cloud-init is
+# installed via pip because there were not official packages when the
+# image was created (fix in the works). Remove all pip packages
+# before we do anything else
+if [[ $DISTRO = "rhel7" && is_rackspace ]]; then
+ (sudo pip freeze | xargs sudo pip uninstall -y) || true
fi
# Some distros need to add repos beyond the defaults provided by the vendor
# to pick up required packages.
-if [[ is_fedora && $DISTRO =~ (rhel) ]]; then
+if [[ is_fedora && $DISTRO == "rhel6" ]]; then
# Installing Open vSwitch on RHEL requires enabling the RDO repo.
RHEL6_RDO_REPO_RPM=${RHEL6_RDO_REPO_RPM:-"http://rdo.fedorapeople.org/openstack-icehouse/rdo-release-icehouse.rpm"}
RHEL6_RDO_REPO_ID=${RHEL6_RDO_REPO_ID:-"openstack-icehouse"}
@@ -228,31 +230,62 @@
yum_install $RHEL6_RDO_REPO_RPM || \
die $LINENO "Error installing RDO repo, cannot continue"
fi
+fi
+
+if [[ is_fedora && ( $DISTRO == "rhel6" || $DISTRO == "rhel7" ) ]]; then
# RHEL requires EPEL for many Open Stack dependencies
- if [[ $DISTRO =~ (rhel7) ]]; then
- EPEL_RPM=${RHEL7_EPEL_RPM:-"http://dl.fedoraproject.org/pub/epel/beta/7/x86_64/epel-release-7-0.2.noarch.rpm"}
- else
- EPEL_RPM=${RHEL6_EPEL_RPM:-"http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm"}
+
+ # note we always remove and install latest -- some environments
+ # use snapshot images, and if EPEL version updates they break
+ # unless we update them to latest version.
+ if sudo yum repolist enabled epel | grep -q 'epel'; then
+ uninstall_package epel-release || true
fi
- if ! sudo yum repolist enabled epel | grep -q 'epel'; then
- echo "EPEL not detected; installing"
- yum_install ${EPEL_RPM} || \
- die $LINENO "Error installing EPEL repo, cannot continue"
+
+ # This trick installs the latest epel-release from a bootstrap
+ # repo, then removes itself (as epel-release installed the
+ # "real" repo).
+ #
+ # you would think that rather than this, you could use
+ # $releasever directly in .repo file we create below. However
+ # RHEL gives a $releasever of "6Server" which breaks the path;
+ # see https://bugzilla.redhat.com/show_bug.cgi?id=1150759
+ if [[ $DISTRO == "rhel7" ]]; then
+ epel_ver="7"
+ elif [[ $DISTRO == "rhel6" ]]; then
+ epel_ver="6"
fi
+ cat <<EOF | sudo tee /etc/yum.repos.d/epel-bootstrap.repo
+[epel-bootstrap]
+name=Bootstrap EPEL
+mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-$epel_ver&arch=\$basearch
+failovermethod=priority
+enabled=0
+gpgcheck=0
+EOF
+ # bare yum call due to --enablerepo
+ sudo yum --enablerepo=epel-bootstrap -y install epel-release || \
+ die $LINENO "Error installing EPEL repo, cannot continue"
+ # epel rpm has installed it's version
+ sudo rm -f /etc/yum.repos.d/epel-bootstrap.repo
+
# ... and also optional to be enabled
is_package_installed yum-utils || install_package yum-utils
- if [[ $DISTRO =~ (rhel7) ]]; then
+ if [[ $DISTRO == "rhel7" ]]; then
OPTIONAL_REPO=rhel-7-server-optional-rpms
- else
+ elif [[ $DISTRO == "rhel6" ]]; then
OPTIONAL_REPO=rhel-6-server-optional-rpms
fi
sudo yum-config-manager --enable ${OPTIONAL_REPO}
-
fi
-# Filesystem setup
-# ----------------
+
+# Configure Target Directories
+# ----------------------------
+
+# Destination path for installation ``DEST``
+DEST=${DEST:-/opt/stack}
# Create the destination directory and ensure it is writable by the user
# and read/executable by everybody for daemons (e.g. apache run for horizon)
@@ -263,6 +296,12 @@
# a basic test for $DEST path permissions (fatal on error unless skipped)
check_path_perm_sanity ${DEST}
+# Destination path for service data
+DATA_DIR=${DATA_DIR:-${DEST}/data}
+sudo mkdir -p $DATA_DIR
+safe_chown -R $STACK_USER $DATA_DIR
+
+# Configure proper hostname
# Certain services such as rabbitmq require that the local hostname resolves
# correctly. Make sure it exists in /etc/hosts so that is always true.
LOCAL_HOSTNAME=`hostname -s`
@@ -270,214 +309,13 @@
sudo sed -i "s/\(^127.0.0.1.*\)/\1 $LOCAL_HOSTNAME/" /etc/hosts
fi
-# Destination path for service data
-DATA_DIR=${DATA_DIR:-${DEST}/data}
-sudo mkdir -p $DATA_DIR
-safe_chown -R $STACK_USER $DATA_DIR
-
-# Common Configuration
-# --------------------
-
-# Set ``OFFLINE`` to ``True`` to configure ``stack.sh`` to run cleanly without
-# Internet access. ``stack.sh`` must have been previously run with Internet
-# access to install prerequisites and fetch repositories.
-OFFLINE=`trueorfalse False $OFFLINE`
-
-# Set ``ERROR_ON_CLONE`` to ``True`` to configure ``stack.sh`` to exit if
-# the destination git repository does not exist during the ``git_clone``
-# operation.
-ERROR_ON_CLONE=`trueorfalse False $ERROR_ON_CLONE`
-
-# Whether to enable the debug log level in OpenStack services
-ENABLE_DEBUG_LOG_LEVEL=`trueorfalse True $ENABLE_DEBUG_LOG_LEVEL`
-
-# Set fixed and floating range here so we can make sure not to use addresses
-# from either range when attempting to guess the IP to use for the host.
-# Note that setting FIXED_RANGE may be necessary when running DevStack
-# in an OpenStack cloud that uses either of these address ranges internally.
-FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.0/24}
-FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
-FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
-
-HOST_IP=$(get_default_host_ip $FIXED_RANGE $FLOATING_RANGE "$HOST_IP_IFACE" "$HOST_IP")
-if [ "$HOST_IP" == "" ]; then
- die $LINENO "Could not determine host ip address. See local.conf for suggestions on setting HOST_IP."
-fi
-
-# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for service endpoints.
-SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
-
-# Configure services to use syslog instead of writing to individual log files
-SYSLOG=`trueorfalse False $SYSLOG`
-SYSLOG_HOST=${SYSLOG_HOST:-$HOST_IP}
-SYSLOG_PORT=${SYSLOG_PORT:-516}
-
-# for DSTAT logging
-DSTAT_FILE=${DSTAT_FILE:-"dstat.txt"}
-
-# Use color for logging output (only available if syslog is not used)
-LOG_COLOR=`trueorfalse True $LOG_COLOR`
-
-# Service startup timeout
-SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60}
-
-# Reset the bundle of CA certificates
-SSL_BUNDLE_FILE="$DATA_DIR/ca-bundle.pem"
-rm -f $SSL_BUNDLE_FILE
-
-
-# Configure Projects
-# ==================
-
-# Import apache functions
-source $TOP_DIR/lib/apache
-
-# Import TLS functions
-source $TOP_DIR/lib/tls
-
-# Source project function libraries
-source $TOP_DIR/lib/infra
-source $TOP_DIR/lib/oslo
-source $TOP_DIR/lib/stackforge
-source $TOP_DIR/lib/horizon
-source $TOP_DIR/lib/keystone
-source $TOP_DIR/lib/glance
-source $TOP_DIR/lib/nova
-source $TOP_DIR/lib/cinder
-source $TOP_DIR/lib/swift
-source $TOP_DIR/lib/ceilometer
-source $TOP_DIR/lib/heat
-source $TOP_DIR/lib/neutron
-source $TOP_DIR/lib/baremetal
-source $TOP_DIR/lib/ldap
-
-# Extras Source
-# --------------
-
-# Phase: source
-if [[ -d $TOP_DIR/extras.d ]]; then
- for i in $TOP_DIR/extras.d/*.sh; do
- [[ -r $i ]] && source $i source
- done
-fi
-
-# Set the destination directories for other OpenStack projects
-OPENSTACKCLIENT_DIR=$DEST/python-openstackclient
-
-# Interactive Configuration
-# -------------------------
-
-# Do all interactive config up front before the logging spew begins
-
-# Generic helper to configure passwords
-function read_password {
- XTRACE=$(set +o | grep xtrace)
- set +o xtrace
- var=$1; msg=$2
- pw=${!var}
-
- if [[ -f $RC_DIR/localrc ]]; then
- localrc=$TOP_DIR/localrc
- else
- localrc=$TOP_DIR/.localrc.auto
- fi
-
- # If the password is not defined yet, proceed to prompt user for a password.
- if [ ! $pw ]; then
- # If there is no localrc file, create one
- if [ ! -e $localrc ]; then
- touch $localrc
- fi
-
- # Presumably if we got this far it can only be that our localrc is missing
- # the required password. Prompt user for a password and write to localrc.
- echo ''
- echo '################################################################################'
- echo $msg
- echo '################################################################################'
- echo "This value will be written to your localrc file so you don't have to enter it "
- echo "again. Use only alphanumeric characters."
- echo "If you leave this blank, a random default value will be used."
- pw=" "
- while true; do
- echo "Enter a password now:"
- read -e $var
- pw=${!var}
- [[ "$pw" = "`echo $pw | tr -cd [:alnum:]`" ]] && break
- echo "Invalid chars in password. Try again:"
- done
- if [ ! $pw ]; then
- pw=$(cat /dev/urandom | tr -cd 'a-f0-9' | head -c 20)
- fi
- eval "$var=$pw"
- echo "$var=$pw" >> $localrc
- fi
- $XTRACE
-}
-
-
-# Database Configuration
-
-# To select between database backends, add the following to ``localrc``:
-#
-# disable_service mysql
-# enable_service postgresql
-#
-# The available database backends are listed in ``DATABASE_BACKENDS`` after
-# ``lib/database`` is sourced. ``mysql`` is the default.
-
-initialize_database_backends && echo "Using $DATABASE_TYPE database backend" || echo "No database enabled"
-
-
-# Queue Configuration
-
-# Rabbit connection info
-if is_service_enabled rabbit; then
- RABBIT_HOST=${RABBIT_HOST:-$SERVICE_HOST}
- read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
-fi
-
-
-# Keystone
-
-if is_service_enabled key; then
- # The ``SERVICE_TOKEN`` is used to bootstrap the Keystone database. It is
- # just a string and is not a 'real' Keystone token.
- read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."
- # Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
- read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
- # Horizon currently truncates usernames and passwords at 20 characters
- read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
-
- # Keystone can now optionally install OpenLDAP by enabling the ``ldap``
- # service in ``localrc`` (e.g. ``enable_service ldap``).
- # To clean out the Keystone contents in OpenLDAP set ``KEYSTONE_CLEAR_LDAP``
- # to ``yes`` (e.g. ``KEYSTONE_CLEAR_LDAP=yes``) in ``localrc``. To enable the
- # Keystone Identity Driver (``keystone.identity.backends.ldap.Identity``)
- # set ``KEYSTONE_IDENTITY_BACKEND`` to ``ldap`` (e.g.
- # ``KEYSTONE_IDENTITY_BACKEND=ldap``) in ``localrc``.
-
- # only request ldap password if the service is enabled
- if is_service_enabled ldap; then
- read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
- fi
-fi
-
-
-# Swift
-
-if is_service_enabled s-proxy; then
- # We only ask for Swift Hash if we have enabled swift service.
- # ``SWIFT_HASH`` is a random unique string for a swift cluster that
- # can never change.
- read_password SWIFT_HASH "ENTER A RANDOM SWIFT HASH."
-fi
-
-
-# Configure logging
+# Configure Logging
# -----------------
+# Set up logging level
+VERBOSE=$(trueorfalse True $VERBOSE)
+
# Draw a spinner so the user knows something is happening
function spinner {
local delay=0.75
@@ -518,7 +356,7 @@
echo $@ >&3
}
-if [[ is_fedora && $DISTRO =~ (rhel) ]]; then
+if [[ is_fedora && $DISTRO == "rhel6" ]]; then
# poor old python2.6 doesn't have argparse by default, which
# outfilter.py uses
is_package_installed python-argparse || install_package python-argparse
@@ -597,8 +435,8 @@
fi
-# Set Up Script Execution
-# -----------------------
+# Configure Error Traps
+# ---------------------
# Kill background processes on exit
trap exit_trap EXIT
@@ -617,7 +455,11 @@
if [[ $r -ne 0 ]]; then
echo "Error on exit"
- ./tools/worlddump.py -d $LOGDIR
+ if [[ -z $LOGDIR ]]; then
+ $TOP_DIR/tools/worlddump.py
+ else
+ $TOP_DIR/tools/worlddump.py -d $LOGDIR
+ fi
fi
exit $r
@@ -636,7 +478,7 @@
exit $r
}
-
+# Begin trapping error exit codes
set -o errexit
# Print the commands being run so that we can see the command that triggers
@@ -644,6 +486,221 @@
set -o xtrace
+# Common Configuration
+# --------------------
+
+# Set ``OFFLINE`` to ``True`` to configure ``stack.sh`` to run cleanly without
+# Internet access. ``stack.sh`` must have been previously run with Internet
+# access to install prerequisites and fetch repositories.
+OFFLINE=`trueorfalse False $OFFLINE`
+
+# Set ``ERROR_ON_CLONE`` to ``True`` to configure ``stack.sh`` to exit if
+# the destination git repository does not exist during the ``git_clone``
+# operation.
+ERROR_ON_CLONE=`trueorfalse False $ERROR_ON_CLONE`
+
+# Whether to enable the debug log level in OpenStack services
+ENABLE_DEBUG_LOG_LEVEL=`trueorfalse True $ENABLE_DEBUG_LOG_LEVEL`
+
+# Set fixed and floating range here so we can make sure not to use addresses
+# from either range when attempting to guess the IP to use for the host.
+# Note that setting FIXED_RANGE may be necessary when running DevStack
+# in an OpenStack cloud that uses either of these address ranges internally.
+FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.0/24}
+FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
+FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
+
+HOST_IP=$(get_default_host_ip $FIXED_RANGE $FLOATING_RANGE "$HOST_IP_IFACE" "$HOST_IP")
+if [ "$HOST_IP" == "" ]; then
+ die $LINENO "Could not determine host ip address. See local.conf for suggestions on setting HOST_IP."
+fi
+
+# Allow the use of an alternate hostname (such as localhost/127.0.0.1) for service endpoints.
+SERVICE_HOST=${SERVICE_HOST:-$HOST_IP}
+
+# Configure services to use syslog instead of writing to individual log files
+SYSLOG=`trueorfalse False $SYSLOG`
+SYSLOG_HOST=${SYSLOG_HOST:-$HOST_IP}
+SYSLOG_PORT=${SYSLOG_PORT:-516}
+
+# Use color for logging output (only available if syslog is not used)
+LOG_COLOR=`trueorfalse True $LOG_COLOR`
+
+# Reset the bundle of CA certificates
+SSL_BUNDLE_FILE="$DATA_DIR/ca-bundle.pem"
+rm -f $SSL_BUNDLE_FILE
+
+# Import common services (database, message queue) configuration
+source $TOP_DIR/lib/database
+source $TOP_DIR/lib/rpc_backend
+
+# Make sure we only have one rpc backend enabled,
+# and the specified rpc backend is available on your platform.
+check_rpc_backend
+
+# Use native SSL for servers in SSL_ENABLED_SERVICES
+USE_SSL=$(trueorfalse False $USE_SSL)
+
+# Service to enable with SSL if USE_SSL is True
+SSL_ENABLED_SERVICES="key,nova,cinder,glance,s-proxy,neutron"
+
+if is_service_enabled tls-proxy && [ "$USE_SSL" == "True" ]; then
+ die $LINENO "tls-proxy and SSL are mutually exclusive"
+fi
+
+# Configure Projects
+# ==================
+
+# Import apache functions
+source $TOP_DIR/lib/apache
+
+# Import TLS functions
+source $TOP_DIR/lib/tls
+
+# Source project function libraries
+source $TOP_DIR/lib/infra
+source $TOP_DIR/lib/oslo
+source $TOP_DIR/lib/stackforge
+source $TOP_DIR/lib/horizon
+source $TOP_DIR/lib/keystone
+source $TOP_DIR/lib/glance
+source $TOP_DIR/lib/nova
+source $TOP_DIR/lib/cinder
+source $TOP_DIR/lib/swift
+source $TOP_DIR/lib/ceilometer
+source $TOP_DIR/lib/heat
+source $TOP_DIR/lib/neutron
+source $TOP_DIR/lib/baremetal
+source $TOP_DIR/lib/ldap
+source $TOP_DIR/lib/dstat
+
+# Extras Source
+# --------------
+
+# Phase: source
+if [[ -d $TOP_DIR/extras.d ]]; then
+ for i in $TOP_DIR/extras.d/*.sh; do
+ [[ -r $i ]] && source $i source
+ done
+fi
+
+# Set the destination directories for other OpenStack projects
+OPENSTACKCLIENT_DIR=$DEST/python-openstackclient
+
+# Interactive Configuration
+# -------------------------
+
+# Do all interactive config up front before the logging spew begins
+
+# Generic helper to configure passwords
+function read_password {
+ XTRACE=$(set +o | grep xtrace)
+ set +o xtrace
+ var=$1; msg=$2
+ pw=${!var}
+
+ if [[ -f $RC_DIR/localrc ]]; then
+ localrc=$TOP_DIR/localrc
+ else
+ localrc=$TOP_DIR/.localrc.auto
+ fi
+
+ # If the password is not defined yet, proceed to prompt user for a password.
+ if [ ! $pw ]; then
+ # If there is no localrc file, create one
+ if [ ! -e $localrc ]; then
+ touch $localrc
+ fi
+
+ # Presumably if we got this far it can only be that our localrc is missing
+ # the required password. Prompt user for a password and write to localrc.
+ echo ''
+ echo '################################################################################'
+ echo $msg
+ echo '################################################################################'
+ echo "This value will be written to your localrc file so you don't have to enter it "
+ echo "again. Use only alphanumeric characters."
+ echo "If you leave this blank, a random default value will be used."
+ pw=" "
+ while true; do
+ echo "Enter a password now:"
+ read -e $var
+ pw=${!var}
+ [[ "$pw" = "`echo $pw | tr -cd [:alnum:]`" ]] && break
+ echo "Invalid chars in password. Try again:"
+ done
+ if [ ! $pw ]; then
+ pw=$(generate_hex_string 10)
+ fi
+ eval "$var=$pw"
+ echo "$var=$pw" >> $localrc
+ fi
+ $XTRACE
+}
+
+
+# Database Configuration
+
+# To select between database backends, add the following to ``localrc``:
+#
+# disable_service mysql
+# enable_service postgresql
+#
+# The available database backends are listed in ``DATABASE_BACKENDS`` after
+# ``lib/database`` is sourced. ``mysql`` is the default.
+
+initialize_database_backends && echo "Using $DATABASE_TYPE database backend" || echo "No database enabled"
+
+
+# Queue Configuration
+
+# Rabbit connection info
+if is_service_enabled rabbit; then
+ RABBIT_HOST=${RABBIT_HOST:-$SERVICE_HOST}
+ read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
+fi
+
+
+# Keystone
+
+if is_service_enabled key; then
+ # The ``SERVICE_TOKEN`` is used to bootstrap the Keystone database. It is
+ # just a string and is not a 'real' Keystone token.
+ read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."
+ # Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
+ read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
+ # Horizon currently truncates usernames and passwords at 20 characters
+ read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
+
+ # Keystone can now optionally install OpenLDAP by enabling the ``ldap``
+ # service in ``localrc`` (e.g. ``enable_service ldap``).
+ # To clean out the Keystone contents in OpenLDAP set ``KEYSTONE_CLEAR_LDAP``
+ # to ``yes`` (e.g. ``KEYSTONE_CLEAR_LDAP=yes``) in ``localrc``. To enable the
+ # Keystone Identity Driver (``keystone.identity.backends.ldap.Identity``)
+ # set ``KEYSTONE_IDENTITY_BACKEND`` to ``ldap`` (e.g.
+ # ``KEYSTONE_IDENTITY_BACKEND=ldap``) in ``localrc``.
+
+ # only request ldap password if the service is enabled
+ if is_service_enabled ldap; then
+ read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
+ fi
+fi
+
+
+# Swift
+
+if is_service_enabled s-proxy; then
+ # We only ask for Swift Hash if we have enabled swift service.
+ # ``SWIFT_HASH`` is a random unique string for a swift cluster that
+ # can never change.
+ read_password SWIFT_HASH "ENTER A RANDOM SWIFT HASH."
+
+ if [[ -z "$SWIFT_TEMPURL_KEY" ]] && [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]]; then
+ read_password SWIFT_TEMPURL_KEY "ENTER A KEY FOR SWIFT TEMPURLS."
+ fi
+fi
+
+
# Install Packages
# ================
@@ -660,7 +717,7 @@
fi
# Do the ugly hacks for broken packages and distros
-$TOP_DIR/tools/fixup_stuff.sh
+source $TOP_DIR/tools/fixup_stuff.sh
# Extras Pre-install
@@ -794,11 +851,12 @@
if is_service_enabled heat; then
install_heat
+ install_heat_other
cleanup_heat
configure_heat
fi
-if is_service_enabled tls-proxy; then
+if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then
configure_CA
init_CA
init_cert
@@ -921,12 +979,7 @@
# -------
# A better kind of sysstat, with the top process per time slice
-DSTAT_OPTS="-tcmndrylp --top-cpu-adv"
-if [[ -n ${SCREEN_LOGDIR} ]]; then
- screen_it dstat "cd $TOP_DIR; dstat $DSTAT_OPTS | tee $SCREEN_LOGDIR/$DSTAT_FILE"
-else
- screen_it dstat "dstat $DSTAT_OPTS"
-fi
+start_dstat
# Start Services
# ==============
@@ -969,7 +1022,7 @@
create_swift_accounts
fi
- if is_service_enabled heat; then
+ if is_service_enabled heat && [[ "$HEAT_STANDALONE" != "True" ]]; then
create_heat_accounts
fi
@@ -1184,16 +1237,12 @@
# Create a randomized default value for the keymgr's fixed_key
if is_service_enabled nova; then
- FIXED_KEY=""
- for i in $(seq 1 64); do
- FIXED_KEY+=$(echo "obase=16; $(($RANDOM % 16))" | bc);
- done;
- iniset $NOVA_CONF keymgr fixed_key "$FIXED_KEY"
+ iniset $NOVA_CONF keymgr fixed_key $(generate_hex_string 32)
fi
if is_service_enabled zeromq; then
echo_summary "Starting zermomq receiver"
- screen_it zeromq "cd $NOVA_DIR && $OSLO_BIN_DIR/oslo-messaging-zmq-receiver"
+ run_process zeromq "$OSLO_BIN_DIR/oslo-messaging-zmq-receiver"
fi
# Launch the nova-api and wait for it to answer before continuing
@@ -1253,6 +1302,10 @@
init_heat
echo_summary "Starting Heat"
start_heat
+ if [ "$HEAT_CREATE_TEST_IMAGE" = "True" ]; then
+ echo_summary "Building Heat functional test image"
+ build_heat_functional_test_image
+ fi
fi
@@ -1270,6 +1323,10 @@
USERRC_PARAMS="$USERRC_PARAMS --os-cacert $SSL_BUNDLE_FILE"
fi
+ if [[ "$HEAT_STANDALONE" = "True" ]]; then
+ USERRC_PARAMS="$USERRC_PARAMS --heat-url http://$HEAT_API_HOST:$HEAT_API_PORT/v1"
+ fi
+
$TOP_DIR/tools/create_userrc.sh $USERRC_PARAMS
fi
@@ -1297,7 +1354,7 @@
fi
# ensure callback daemon is running
sudo pkill nova-baremetal-deploy-helper || true
- screen_it baremetal "cd ; nova-baremetal-deploy-helper"
+ run_process baremetal "nova-baremetal-deploy-helper"
fi
# Save some values we generated for later use
@@ -1392,51 +1449,55 @@
echo_summary "WARNING: $DEPRECATED_TEXT"
fi
-# TODO(dtroyer): Remove Q_AGENT_EXTRA_AGENT_OPTS after stable/juno branch is cut
-if [[ -n "$Q_AGENT_EXTRA_AGENT_OPTS" ]]; then
- echo ""
- echo_summary "WARNING: Q_AGENT_EXTRA_AGENT_OPTS is used"
- echo "You are using Q_AGENT_EXTRA_AGENT_OPTS to pass configuration into $NEUTRON_CONF."
- echo "Please convert that configuration in localrc to a $NEUTRON_CONF section in local.conf:"
- echo "Q_AGENT_EXTRA_AGENT_OPTS will be removed early in the 'K' development cycle"
- echo "
+if is_service_enabled neutron; then
+ # TODO(dtroyer): Remove Q_AGENT_EXTRA_AGENT_OPTS after stable/juno branch is cut
+ if [[ -n "$Q_AGENT_EXTRA_AGENT_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: Q_AGENT_EXTRA_AGENT_OPTS is used"
+ echo "You are using Q_AGENT_EXTRA_AGENT_OPTS to pass configuration into $NEUTRON_CONF."
+ echo "Please convert that configuration in localrc to a $NEUTRON_CONF section in local.conf:"
+ echo "Q_AGENT_EXTRA_AGENT_OPTS will be removed early in the 'K' development cycle"
+ echo "
[[post-config|/\$Q_PLUGIN_CONF_FILE]]
[DEFAULT]
"
- for I in "${Q_AGENT_EXTRA_AGENT_OPTS[@]}"; do
- # Replace the first '=' with ' ' for iniset syntax
- echo ${I}
- done
-fi
+ for I in "${Q_AGENT_EXTRA_AGENT_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+ fi
-# TODO(dtroyer): Remove Q_AGENT_EXTRA_SRV_OPTS after stable/juno branch is cut
-if [[ -n "$Q_AGENT_EXTRA_SRV_OPTS" ]]; then
- echo ""
- echo_summary "WARNING: Q_AGENT_EXTRA_SRV_OPTS is used"
- echo "You are using Q_AGENT_EXTRA_SRV_OPTS to pass configuration into $NEUTRON_CONF."
- echo "Please convert that configuration in localrc to a $NEUTRON_CONF section in local.conf:"
- echo "Q_AGENT_EXTRA_AGENT_OPTS will be removed early in the 'K' development cycle"
- echo "
+ # TODO(dtroyer): Remove Q_AGENT_EXTRA_SRV_OPTS after stable/juno branch is cut
+ if [[ -n "$Q_AGENT_EXTRA_SRV_OPTS" ]]; then
+ echo ""
+ echo_summary "WARNING: Q_AGENT_EXTRA_SRV_OPTS is used"
+ echo "You are using Q_AGENT_EXTRA_SRV_OPTS to pass configuration into $NEUTRON_CONF."
+ echo "Please convert that configuration in localrc to a $NEUTRON_CONF section in local.conf:"
+ echo "Q_AGENT_EXTRA_AGENT_OPTS will be removed early in the 'K' development cycle"
+ echo "
[[post-config|/\$Q_PLUGIN_CONF_FILE]]
[DEFAULT]
"
- for I in "${Q_AGENT_EXTRA_SRV_OPTS[@]}"; do
- # Replace the first '=' with ' ' for iniset syntax
- echo ${I}
- done
+ for I in "${Q_AGENT_EXTRA_SRV_OPTS[@]}"; do
+ # Replace the first '=' with ' ' for iniset syntax
+ echo ${I}
+ done
+ fi
fi
-# TODO(dtroyer): Remove CINDER_MULTI_LVM_BACKEND after stable/juno branch is cut
-if [[ "$CINDER_MULTI_LVM_BACKEND" = "True" ]]; then
- echo ""
- echo_summary "WARNING: CINDER_MULTI_LVM_BACKEND is used"
- echo "You are using CINDER_MULTI_LVM_BACKEND to configure Cinder's multiple LVM backends"
- echo "Please convert that configuration in local.conf to use CINDER_ENABLED_BACKENDS."
- echo "CINDER_ENABLED_BACKENDS will be removed early in the 'K' development cycle"
- echo "
+if is_service_enabled cinder; then
+ # TODO(dtroyer): Remove CINDER_MULTI_LVM_BACKEND after stable/juno branch is cut
+ if [[ "$CINDER_MULTI_LVM_BACKEND" = "True" ]]; then
+ echo ""
+ echo_summary "WARNING: CINDER_MULTI_LVM_BACKEND is used"
+ echo "You are using CINDER_MULTI_LVM_BACKEND to configure Cinder's multiple LVM backends"
+ echo "Please convert that configuration in local.conf to use CINDER_ENABLED_BACKENDS."
+ echo "CINDER_MULTI_LVM_BACKEND will be removed early in the 'K' development cycle"
+ echo "
[[local|localrc]]
CINDER_ENABLED_BACKENDS=lvm:lvmdriver-1,lvm:lvmdriver-2
"
+ fi
fi
# Indicate how long this took to run (bash maintained variable ``SECONDS``)
diff --git a/stackrc b/stackrc
index fb84366..15b0951 100644
--- a/stackrc
+++ b/stackrc
@@ -3,6 +3,9 @@
# Find the other rc files
RC_DIR=$(cd $(dirname "${BASH_SOURCE:-$0}") && pwd)
+# Source required devstack functions and globals
+source $RC_DIR/functions
+
# Destination path for installation
DEST=/opt/stack
@@ -52,6 +55,18 @@
ENABLED_SERVICES+=,rabbit,tempest,mysql
fi
+# SQLAlchemy supports multiple database drivers for each database server
+# type. For example, deployer may use MySQLdb, MySQLConnector, or oursql
+# to access MySQL database.
+#
+# When defined, the variable controls which database driver is used to
+# connect to database server. Otherwise using default driver defined for
+# each database type.
+#
+# You can find the list of currently supported drivers for each database
+# type at: http://docs.sqlalchemy.org/en/rel_0_9/core/engines.html
+# SQLALCHEMY_DATABASE_DRIVER="mysqldb"
+
# Global toggle for enabling services under mod_wsgi. If this is set to
# ``True`` all services that use HTTPD + mod_wsgi as the preferred method of
# deployment, will be deployed under Apache. If this is set to ``False`` all
@@ -101,160 +116,302 @@
# Zero disables timeouts
GIT_TIMEOUT=${GIT_TIMEOUT:-0}
+# Requirements enforcing mode
+#
+# - strict (default) : ensure all project requirements files match
+# what's in global requirements.
+#
+# - soft : enforce requirements on everything in
+# requirements/projects.txt, but do soft updates on all other
+# repositories (i.e. sync versions for requirements that are in g-r,
+# but pass through any extras)
+REQUIREMENTS_MODE=${REQUIREMENTS_MODE:-strict}
+
# Repositories
# ------------
# Base GIT Repo URL
-# Another option is http://review.openstack.org/p
+# Another option is https://git.openstack.org
GIT_BASE=${GIT_BASE:-git://git.openstack.org}
+##############
+#
+# OpenStack Server Components
+#
+##############
+
# metering service
CEILOMETER_REPO=${CEILOMETER_REPO:-${GIT_BASE}/openstack/ceilometer.git}
CEILOMETER_BRANCH=${CEILOMETER_BRANCH:-master}
-# ceilometer client library
-CEILOMETERCLIENT_REPO=${CEILOMETERCLIENT_REPO:-${GIT_BASE}/openstack/python-ceilometerclient.git}
-CEILOMETERCLIENT_BRANCH=${CEILOMETERCLIENT_BRANCH:-master}
-
# volume service
CINDER_REPO=${CINDER_REPO:-${GIT_BASE}/openstack/cinder.git}
CINDER_BRANCH=${CINDER_BRANCH:-master}
-# volume client
-CINDERCLIENT_REPO=${CINDERCLIENT_REPO:-${GIT_BASE}/openstack/python-cinderclient.git}
-CINDERCLIENT_BRANCH=${CINDERCLIENT_BRANCH:-master}
-
# image catalog service
GLANCE_REPO=${GLANCE_REPO:-${GIT_BASE}/openstack/glance.git}
GLANCE_BRANCH=${GLANCE_BRANCH:-master}
-# python glance client library
-GLANCECLIENT_REPO=${GLANCECLIENT_REPO:-${GIT_BASE}/openstack/python-glanceclient.git}
-GLANCECLIENT_BRANCH=${GLANCECLIENT_BRANCH:-master}
-
# heat service
HEAT_REPO=${HEAT_REPO:-${GIT_BASE}/openstack/heat.git}
HEAT_BRANCH=${HEAT_BRANCH:-master}
-# python heat client library
-HEATCLIENT_REPO=${HEATCLIENT_REPO:-${GIT_BASE}/openstack/python-heatclient.git}
-HEATCLIENT_BRANCH=${HEATCLIENT_BRANCH:-master}
-
# django powered web control panel for openstack
HORIZON_REPO=${HORIZON_REPO:-${GIT_BASE}/openstack/horizon.git}
HORIZON_BRANCH=${HORIZON_BRANCH:-master}
-# django openstack_auth library
-HORIZONAUTH_REPO=${HORIZONAUTH_REPO:-${GIT_BASE}/openstack/django_openstack_auth.git}
-HORIZONAUTH_BRANCH=${HORIZONAUTH_BRANCH:-master}
-
-# baremetal provisionint service
+# baremetal provisioning service
IRONIC_REPO=${IRONIC_REPO:-${GIT_BASE}/openstack/ironic.git}
IRONIC_BRANCH=${IRONIC_BRANCH:-master}
-# ironic client
-IRONICCLIENT_REPO=${IRONICCLIENT_REPO:-${GIT_BASE}/openstack/python-ironicclient.git}
-IRONICCLIENT_BRANCH=${IRONICCLIENT_BRANCH:-master}
-
# unified auth system (manages accounts/tokens)
KEYSTONE_REPO=${KEYSTONE_REPO:-${GIT_BASE}/openstack/keystone.git}
KEYSTONE_BRANCH=${KEYSTONE_BRANCH:-master}
-# python keystone client library to nova that horizon uses
-KEYSTONECLIENT_REPO=${KEYSTONECLIENT_REPO:-${GIT_BASE}/openstack/python-keystoneclient.git}
-KEYSTONECLIENT_BRANCH=${KEYSTONECLIENT_BRANCH:-master}
-
-# keystone middleware
-KEYSTONEMIDDLEWARE_REPO=${KEYSTONEMIDDLEWARE_REPO:-${GIT_BASE}/openstack/keystonemiddleware.git}
-KEYSTONEMIDDLEWARE_BRANCH=${KEYSTONEMIDDLEWARE_BRANCH:-master}
+# neutron service
+NEUTRON_REPO=${NEUTRON_REPO:-${GIT_BASE}/openstack/neutron.git}
+NEUTRON_BRANCH=${NEUTRON_BRANCH:-master}
# compute service
NOVA_REPO=${NOVA_REPO:-${GIT_BASE}/openstack/nova.git}
NOVA_BRANCH=${NOVA_BRANCH:-master}
-# python client library to nova that horizon (and others) use
-NOVACLIENT_REPO=${NOVACLIENT_REPO:-${GIT_BASE}/openstack/python-novaclient.git}
-NOVACLIENT_BRANCH=${NOVACLIENT_BRANCH:-master}
+# storage service
+SWIFT_REPO=${SWIFT_REPO:-${GIT_BASE}/openstack/swift.git}
+SWIFT_BRANCH=${SWIFT_BRANCH:-master}
-# consolidated openstack python client
-OPENSTACKCLIENT_REPO=${OPENSTACKCLIENT_REPO:-${GIT_BASE}/openstack/python-openstackclient.git}
-OPENSTACKCLIENT_BRANCH=${OPENSTACKCLIENT_BRANCH:-master}
+# trove service
+TROVE_REPO=${TROVE_REPO:-${GIT_BASE}/openstack/trove.git}
+TROVE_BRANCH=${TROVE_BRANCH:-master}
-# cliff command line framework
-CLIFF_REPO=${CLIFF_REPO:-${GIT_BASE}/openstack/cliff.git}
-CLIFF_BRANCH=${CLIFF_BRANCH:-master}
-
-# oslo.config
-OSLOCFG_REPO=${OSLOCFG_REPO:-${GIT_BASE}/openstack/oslo.config.git}
-OSLOCFG_BRANCH=${OSLOCFG_BRANCH:-master}
-
-# oslo.db
-OSLODB_REPO=${OSLODB_REPO:-${GIT_BASE}/openstack/oslo.db.git}
-OSLODB_BRANCH=${OSLODB_BRANCH:-master}
-
-# oslo.i18n
-OSLOI18N_REPO=${OSLOI18N_REPO:-${GIT_BASE}/openstack/oslo.i18n.git}
-OSLOI18N_BRANCH=${OSLOI18N_BRANCH:-master}
-
-# oslo.messaging
-OSLOMSG_REPO=${OSLOMSG_REPO:-${GIT_BASE}/openstack/oslo.messaging.git}
-OSLOMSG_BRANCH=${OSLOMSG_BRANCH:-master}
-
-# oslo.rootwrap
-OSLORWRAP_REPO=${OSLORWRAP_REPO:-${GIT_BASE}/openstack/oslo.rootwrap.git}
-OSLORWRAP_BRANCH=${OSLORWRAP_BRANCH:-master}
-
-# oslo.vmware
-OSLOVMWARE_REPO=${OSLOVMWARE_REPO:-${GIT_BASE}/openstack/oslo.vmware.git}
-OSLOVMWARE_BRANCH=${OSLOVMWARE_BRANCH:-master}
-
-# pycadf auditing library
-PYCADF_REPO=${PYCADF_REPO:-${GIT_BASE}/openstack/pycadf.git}
-PYCADF_BRANCH=${PYCADF_BRANCH:-master}
-
-# stevedore plugin manager
-STEVEDORE_REPO=${STEVEDORE_REPO:-${GIT_BASE}/openstack/stevedore.git}
-STEVEDORE_BRANCH=${STEVEDORE_BRANCH:-master}
-
-# taskflow plugin manager
-TASKFLOW_REPO=${TASKFLOW_REPO:-${GIT_BASE}/openstack/taskflow.git}
-TASKFLOW_BRANCH=${TASKFLOW_BRANCH:-master}
-
-# pbr drives the setuptools configs
-PBR_REPO=${PBR_REPO:-${GIT_BASE}/openstack-dev/pbr.git}
-PBR_BRANCH=${PBR_BRANCH:-master}
-
-# neutron service
-NEUTRON_REPO=${NEUTRON_REPO:-${GIT_BASE}/openstack/neutron.git}
-NEUTRON_BRANCH=${NEUTRON_BRANCH:-master}
-
-# neutron client
-NEUTRONCLIENT_REPO=${NEUTRONCLIENT_REPO:-${GIT_BASE}/openstack/python-neutronclient.git}
-NEUTRONCLIENT_BRANCH=${NEUTRONCLIENT_BRANCH:-master}
+##############
+#
+# Testing Components
+#
+##############
# consolidated openstack requirements
REQUIREMENTS_REPO=${REQUIREMENTS_REPO:-${GIT_BASE}/openstack/requirements.git}
REQUIREMENTS_BRANCH=${REQUIREMENTS_BRANCH:-master}
-# storage service
-SWIFT_REPO=${SWIFT_REPO:-${GIT_BASE}/openstack/swift.git}
-SWIFT_BRANCH=${SWIFT_BRANCH:-master}
-SWIFT3_REPO=${SWIFT3_REPO:-${GIT_BASE}/stackforge/swift3.git}
-SWIFT3_BRANCH=${SWIFT3_BRANCH:-master}
+# Tempest test suite
+TEMPEST_REPO=${TEMPEST_REPO:-${GIT_BASE}/openstack/tempest.git}
+TEMPEST_BRANCH=${TEMPEST_BRANCH:-master}
+
+# TODO(sdague): this should end up as a library component like below
+TEMPEST_LIB_REPO=${TEMPEST_LIB_REPO:-${GIT_BASE}/openstack/tempest-lib.git}
+TEMPEST_LIB_BRANCH=${TEMPEST_LIB_BRANCH:-master}
+
+
+##############
+#
+# OpenStack Client Library Componets
+#
+##############
+
+# ceilometer client library
+CEILOMETERCLIENT_REPO=${CEILOMETERCLIENT_REPO:-${GIT_BASE}/openstack/python-ceilometerclient.git}
+CEILOMETERCLIENT_BRANCH=${CEILOMETERCLIENT_BRANCH:-master}
+
+# volume client
+CINDERCLIENT_REPO=${CINDERCLIENT_REPO:-${GIT_BASE}/openstack/python-cinderclient.git}
+CINDERCLIENT_BRANCH=${CINDERCLIENT_BRANCH:-master}
+
+# python glance client library
+GLANCECLIENT_REPO=${GLANCECLIENT_REPO:-${GIT_BASE}/openstack/python-glanceclient.git}
+GLANCECLIENT_BRANCH=${GLANCECLIENT_BRANCH:-master}
+
+# python heat client library
+HEATCLIENT_REPO=${HEATCLIENT_REPO:-${GIT_BASE}/openstack/python-heatclient.git}
+HEATCLIENT_BRANCH=${HEATCLIENT_BRANCH:-master}
+
+# ironic client
+IRONICCLIENT_REPO=${IRONICCLIENT_REPO:-${GIT_BASE}/openstack/python-ironicclient.git}
+IRONICCLIENT_BRANCH=${IRONICCLIENT_BRANCH:-master}
+
+# python keystone client library to nova that horizon uses
+KEYSTONECLIENT_REPO=${KEYSTONECLIENT_REPO:-${GIT_BASE}/openstack/python-keystoneclient.git}
+KEYSTONECLIENT_BRANCH=${KEYSTONECLIENT_BRANCH:-master}
+
+# neutron client
+NEUTRONCLIENT_REPO=${NEUTRONCLIENT_REPO:-${GIT_BASE}/openstack/python-neutronclient.git}
+NEUTRONCLIENT_BRANCH=${NEUTRONCLIENT_BRANCH:-master}
+
+# python client library to nova that horizon (and others) use
+NOVACLIENT_REPO=${NOVACLIENT_REPO:-${GIT_BASE}/openstack/python-novaclient.git}
+NOVACLIENT_BRANCH=${NOVACLIENT_BRANCH:-master}
# python swift client library
SWIFTCLIENT_REPO=${SWIFTCLIENT_REPO:-${GIT_BASE}/openstack/python-swiftclient.git}
SWIFTCLIENT_BRANCH=${SWIFTCLIENT_BRANCH:-master}
-# Tempest test suite
-TEMPEST_REPO=${TEMPEST_REPO:-${GIT_BASE}/openstack/tempest.git}
-TEMPEST_BRANCH=${TEMPEST_BRANCH:-master}
+# trove client library test
+TROVECLIENT_REPO=${TROVECLIENT_REPO:-${GIT_BASE}/openstack/python-troveclient.git}
+TROVECLIENT_BRANCH=${TROVECLIENT_BRANCH:-master}
+# consolidated openstack python client
+OPENSTACKCLIENT_REPO=${OPENSTACKCLIENT_REPO:-${GIT_BASE}/openstack/python-openstackclient.git}
+OPENSTACKCLIENT_BRANCH=${OPENSTACKCLIENT_BRANCH:-master}
+
+###################
+#
+# Oslo Libraries
+#
+###################
+
+# cliff command line framework
+GITREPO["cliff"]=${CLIFF_REPO:-${GIT_BASE}/openstack/cliff.git}
+GITBRANCH["cliff"]=${CLIFF_BRANCH:-master}
+
+# oslo.concurrency
+GITREPO["oslo.concurrency"]=${OSLOCON_REPO:-${GIT_BASE}/openstack/oslo.concurrency.git}
+GITBRANCH["oslo.concurrency"]=${OSLOCON_BRANCH:-master}
+
+# oslo.config
+GITREPO["oslo.config"]=${OSLOCFG_REPO:-${GIT_BASE}/openstack/oslo.config.git}
+GITBRANCH["oslo.config"]=${OSLOCFG_BRANCH:-master}
+
+# oslo.db
+GITREPO["oslo.db"]=${OSLODB_REPO:-${GIT_BASE}/openstack/oslo.db.git}
+GITBRANCH["oslo.db"]=${OSLODB_BRANCH:-master}
+
+# oslo.i18n
+GITREPO["oslo.i18n"]=${OSLOI18N_REPO:-${GIT_BASE}/openstack/oslo.i18n.git}
+GITBRANCH["oslo.i18n"]=${OSLOI18N_BRANCH:-master}
+
+# oslo.log
+GITREPO["oslo.log"]=${OSLOLOG_REPO:-${GIT_BASE}/openstack/oslo.log.git}
+GITBRANCH["oslo.log"]=${OSLOLOG_BRANCH:-master}
+
+# oslo.messaging
+GITREPO["oslo.messaging"]=${OSLOMSG_REPO:-${GIT_BASE}/openstack/oslo.messaging.git}
+GITBRANCH["oslo.messaging"]=${OSLOMSG_BRANCH:-master}
+
+# oslo.middleware
+GITREPO["oslo.middleware"]=${OSLOMID_REPO:-${GIT_BASE}/openstack/oslo.middleware.git}
+GITBRANCH["oslo.middleware"]=${OSLOMID_BRANCH:-master}
+
+# oslo.rootwrap
+GITREPO["oslo.rootwrap"]=${OSLORWRAP_REPO:-${GIT_BASE}/openstack/oslo.rootwrap.git}
+GITBRANCH["oslo.rootwrap"]=${OSLORWRAP_BRANCH:-master}
+
+# oslo.serialization
+GITREPO["oslo.serialization"]=${OSLOSERIALIZATION_REPO:-${GIT_BASE}/openstack/oslo.serialization.git}
+GITBRANCH["oslo.serialization"]=${OSLOSERIALIZATION_BRANCH:-master}
+
+# oslo.utils
+GITREPO["oslo.utils"]=${OSLOUTILS_REPO:-${GIT_BASE}/openstack/oslo.utils.git}
+GITBRANCH["oslo.utils"]=${OSLOUTILS_BRANCH:-master}
+
+# oslo.vmware
+GITREPO["oslo.vmware"]=${OSLOVMWARE_REPO:-${GIT_BASE}/openstack/oslo.vmware.git}
+GITBRANCH["oslo.vmware"]=${OSLOVMWARE_BRANCH:-master}
+
+# pycadf auditing library
+GITREPO["pycadf"]=${PYCADF_REPO:-${GIT_BASE}/openstack/pycadf.git}
+GITBRANCH["pycadf"]=${PYCADF_BRANCH:-master}
+
+# stevedore plugin manager
+GITREPO["stevedore"]=${STEVEDORE_REPO:-${GIT_BASE}/openstack/stevedore.git}
+GITBRANCH["stevedore"]=${STEVEDORE_BRANCH:-master}
+
+# taskflow plugin manager
+GITREPO["taskflow"]=${TASKFLOW_REPO:-${GIT_BASE}/openstack/taskflow.git}
+GITBRANCH["taskflow"]=${TASKFLOW_BRANCH:-master}
+
+# pbr drives the setuptools configs
+GITREPO["pbr"]=${PBR_REPO:-${GIT_BASE}/openstack-dev/pbr.git}
+GITBRANCH["pbr"]=${PBR_BRANCH:-master}
+
+##################
+#
+# Libraries managed by OpenStack programs (non oslo)
+#
+##################
+
+# glance store library
+GLANCE_STORE_REPO=${GLANCE_STORE_REPO:-${GIT_BASE}/openstack/glance_store.git}
+GLANCE_STORE_BRANCH=${GLANCE_STORE_BRANCH:-master}
+
+# heat-cfntools server agent
+HEAT_CFNTOOLS_REPO=${HEAT_CFNTOOLS_REPO:-${GIT_BASE}/openstack/heat-cfntools.git}
+HEAT_CFNTOOLS_BRANCH=${HEAT_CFNTOOLS_BRANCH:-master}
+
+# heat example templates and elements
+HEAT_TEMPLATES_REPO=${HEAT_TEMPLATES_REPO:-${GIT_BASE}/openstack/heat-templates.git}
+HEAT_TEMPLATES_BRANCH=${HEAT_TEMPLATES_BRANCH:-master}
+
+# django openstack_auth library
+HORIZONAUTH_REPO=${HORIZONAUTH_REPO:-${GIT_BASE}/openstack/django_openstack_auth.git}
+HORIZONAUTH_BRANCH=${HORIZONAUTH_BRANCH:-master}
+
+# keystone middleware
+KEYSTONEMIDDLEWARE_REPO=${KEYSTONEMIDDLEWARE_REPO:-${GIT_BASE}/openstack/keystonemiddleware.git}
+KEYSTONEMIDDLEWARE_BRANCH=${KEYSTONEMIDDLEWARE_BRANCH:-master}
+
+# s3 support for swift
+SWIFT3_REPO=${SWIFT3_REPO:-${GIT_BASE}/stackforge/swift3.git}
+SWIFT3_BRANCH=${SWIFT3_BRANCH:-master}
+
+
+##################
+#
+# TripleO Components
+#
+##################
# diskimage-builder
DIB_REPO=${DIB_REPO:-${GIT_BASE}/openstack/diskimage-builder.git}
DIB_BRANCH=${DIB_BRANCH:-master}
+# os-apply-config configuration template tool
+OAC_REPO=${OAC_REPO:-${GIT_BASE}/openstack/os-apply-config.git}
+OAC_BRANCH=${OAC_BRANCH:-master}
+
+# os-collect-config configuration agent
+OCC_REPO=${OCC_REPO:-${GIT_BASE}/openstack/os-collect-config.git}
+OCC_BRANCH=${OCC_BRANCH:-master}
+
+# os-refresh-config configuration run-parts tool
+ORC_REPO=${ORC_REPO:-${GIT_BASE}/openstack/os-refresh-config.git}
+ORC_BRANCH=${ORC_BRANCH:-master}
+
+# Tripleo elements for diskimage-builder images
+TIE_REPO=${TIE_REPO:-${GIT_BASE}/openstack/tripleo-image-elements.git}
+TIE_BRANCH=${TIE_BRANCH:-master}
+
+#################
+#
+# Additional Libraries
+#
+#################
+
+# stackforge libraries that are used by OpenStack core services
+# wsme
+WSME_REPO=${WSME_REPO:-${GIT_BASE}/stackforge/wsme.git}
+WSME_BRANCH=${WSME_BRANCH:-master}
+
+# pecan
+PECAN_REPO=${PECAN_REPO:-${GIT_BASE}/stackforge/pecan.git}
+PECAN_BRANCH=${PECAN_BRANCH:-master}
+
+# sqlalchemy-migrate
+SQLALCHEMY_MIGRATE_REPO=${SQLALCHEMY_MIGRATE_REPO:-${GIT_BASE}/stackforge/sqlalchemy-migrate.git}
+SQLALCHEMY_MIGRATE_BRANCH=${SQLALCHEMY_MIGRATE_BRANCH:-master}
+
+
+#################
+#
+# 3rd Party Components (non pip installable)
+#
+# NOTE(sdague): these should be converted to release version installs or removed
+#
+#################
+
+# ironic python agent
+IRONIC_PYTHON_AGENT_REPO=${IRONIC_PYTHON_AGENT_REPO:-${GIT_BASE}/openstack/ironic-python-agent.git}
+IRONIC_PYTHON_AGENT_BRANCH=${IRONIC_PYTHON_AGENT_BRANCH:-master}
+
# a websockets/html5 or flash powered VNC console for vm instances
NOVNC_REPO=${NOVNC_REPO:-https://github.com/kanaka/noVNC.git}
NOVNC_BRANCH=${NOVNC_BRANCH:-master}
@@ -267,22 +424,6 @@
SPICE_REPO=${SPICE_REPO:-http://anongit.freedesktop.org/git/spice/spice-html5.git}
SPICE_BRANCH=${SPICE_BRANCH:-master}
-# trove service
-TROVE_REPO=${TROVE_REPO:-${GIT_BASE}/openstack/trove.git}
-TROVE_BRANCH=${TROVE_BRANCH:-master}
-
-# trove client library test
-TROVECLIENT_REPO=${TROVECLIENT_REPO:-${GIT_BASE}/openstack/python-troveclient.git}
-TROVECLIENT_BRANCH=${TROVECLIENT_BRANCH:-master}
-
-# stackforge libraries that are used by OpenStack core services
-# wsme
-WSME_REPO=${WSME_REPO:-${GIT_BASE}/stackforge/wsme.git}
-WSME_BRANCH=${WSME_BRANCH:-master}
-
-# pecan
-PECAN_REPO=${PECAN_REPO:-${GIT_BASE}/stackforge/pecan.git}
-PECAN_BRANCH=${PECAN_BRANCH:-master}
# Nova hypervisor configuration. We default to libvirt with **kvm** but will
@@ -366,6 +507,15 @@
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-0.3.0-x86_64-disk}
IMAGE_URLS=${IMAGE_URLS:-"https://github.com/downloads/citrix-openstack/warehouse/cirros-0.3.0-x86_64-disk.vhd.tgz"}
IMAGE_URLS+=",http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-x86_64-uec.tar.gz";;
+ ironic)
+ # Ironic can do both partition and full disk images, depending on the driver
+ if [[ "$IRONIC_DEPLOY_DRIVER" == "agent_ssh" ]]; then
+ DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-x86_64-disk}
+ else
+ DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-x86_64-uec}
+ fi
+ IMAGE_URLS=${IMAGE_URLS:-"http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-x86_64-uec.tar.gz"}
+ IMAGE_URLS+=",http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-x86_64-disk.img";;
*) # Default to Cirros with kernel, ramdisk and disk image
DEFAULT_IMAGE_NAME=${DEFAULT_IMAGE_NAME:-cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec}
IMAGE_URLS=${IMAGE_URLS:-"http://download.cirros-cloud.net/${CIRROS_VERSION}/cirros-${CIRROS_VERSION}-${CIRROS_ARCH}-uec.tar.gz"};;
@@ -375,7 +525,7 @@
if [[ "$ENABLED_SERVICES" =~ 'h-api' ]]; then
case "$VIRT_DRIVER" in
libvirt|baremetal|ironic)
- HEAT_CFN_IMAGE_URL=${HEAT_CFN_IMAGE_URL:-"http://dl.fedoraproject.org/pub/alt/openstack/20/x86_64/Fedora-x86_64-20-20140618-sda.qcow2"}
+ HEAT_CFN_IMAGE_URL=${HEAT_CFN_IMAGE_URL:-"https://download.fedoraproject.org/pub/alt/openstack/20/x86_64/Fedora-x86_64-20-20140618-sda.qcow2"}
IMAGE_URLS+=",$HEAT_CFN_IMAGE_URL"
;;
*)
@@ -383,11 +533,11 @@
esac
fi
-# Trove needs a custom image for it's work
+# Trove needs a custom image for its work
if [[ "$ENABLED_SERVICES" =~ 'tr-api' ]]; then
case "$VIRT_DRIVER" in
libvirt|baremetal|ironic|xenapi)
- TROVE_GUEST_IMAGE_URL=${TROVE_GUEST_IMAGE_URL:-"http://tarballs.openstack.org/trove/images/ubuntu_mysql.qcow2/ubuntu_mysql.qcow2"}
+ TROVE_GUEST_IMAGE_URL=${TROVE_GUEST_IMAGE_URL:-"http://tarballs.openstack.org/trove/images/ubuntu/mysql.qcow2"}
IMAGE_URLS+=",${TROVE_GUEST_IMAGE_URL}"
;;
*)
@@ -400,7 +550,7 @@
PRECACHE_IMAGES=$(trueorfalse False $PRECACHE_IMAGES)
if [[ "$PRECACHE_IMAGES" == "True" ]]; then
# staging in update for nodepool
- IMAGE_URL="http://dl.fedoraproject.org/pub/alt/openstack/20/x86_64/Fedora-x86_64-20-20140618-sda.qcow2"
+ IMAGE_URL="https://download.fedoraproject.org/pub/alt/openstack/20/x86_64/Fedora-x86_64-20-20140618-sda.qcow2"
if ! [[ "$IMAGE_URLS" =~ "$IMAGE_URL" ]]; then
IMAGE_URLS+=",$IMAGE_URL"
fi
@@ -435,6 +585,17 @@
# Allow the use of an alternate protocol (such as https) for service endpoints
SERVICE_PROTOCOL=${SERVICE_PROTOCOL:-http}
+# Sets the maximum number of workers for most services to reduce
+# the memory used where there are a large number of CPUs present
+# (the default number of workers for many services is the number of CPUs)
+# Also sets the minimum number of workers to 2.
+API_WORKERS=${API_WORKERS:=$(( ($(nproc)/2)<2 ? 2 : ($(nproc)/2) ))}
+
+# Service startup timeout
+SERVICE_TIMEOUT=${SERVICE_TIMEOUT:-60}
+
+# Following entries need to be last items in file
+
# Local variables:
# mode: shell-script
# End:
diff --git a/tests/fake-service.sh b/tests/fake-service.sh
new file mode 100755
index 0000000..d4b9b56
--- /dev/null
+++ b/tests/fake-service.sh
@@ -0,0 +1,19 @@
+#!/bin/bash
+# fake-service.sh - a fake service for start/stop testing
+# $1 - sleep time
+
+SLEEP_TIME=${1:-3}
+
+LOG=/tmp/fake-service.log
+TIMESTAMP_FORMAT=${TIMESTAMP_FORMAT:-"%F-%H%M%S"}
+
+# duplicate output
+exec 1> >(tee -a ${LOG})
+
+echo ""
+echo "Starting fake-service for ${SLEEP_TIME}"
+while true; do
+ echo "$(date +${TIMESTAMP_FORMAT}) [$$]"
+ sleep ${SLEEP_TIME}
+done
+
diff --git a/tests/run-process.sh b/tests/run-process.sh
new file mode 100755
index 0000000..bdf1395
--- /dev/null
+++ b/tests/run-process.sh
@@ -0,0 +1,109 @@
+#!/bin/bash
+# tests/exec.sh - Test DevStack run_process() and stop_process()
+#
+# exec.sh start|stop|status
+#
+# Set USE_SCREEN True|False to change use of screen.
+#
+# This script emulates the basic exec envirnment in ``stack.sh`` to test
+# the process spawn and kill operations.
+
+if [[ -z $1 ]]; then
+ echo "$0 start|stop"
+ exit 1
+fi
+
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+source $TOP_DIR/functions
+
+USE_SCREEN=${USE_SCREEN:-False}
+
+ENABLED_SERVICES=fake-service
+
+SERVICE_DIR=/tmp
+SCREEN_NAME=test
+SCREEN_LOGDIR=${SERVICE_DIR}/${SCREEN_NAME}
+
+
+# Kill background processes on exit
+trap clean EXIT
+clean() {
+ local r=$?
+ jobs -p
+ kill >/dev/null 2>&1 $(jobs -p)
+ exit $r
+}
+
+
+# Exit on any errors so that errors don't compound
+trap failed ERR
+failed() {
+ local r=$?
+ jobs -p
+ kill >/dev/null 2>&1 $(jobs -p)
+ set +o xtrace
+ [ -n "$LOGFILE" ] && echo "${0##*/} failed: full log in $LOGFILE"
+ exit $r
+}
+
+function status {
+ if [[ -r $SERVICE_DIR/$SCREEN_NAME/fake-service.pid ]]; then
+ pstree -pg $(cat $SERVICE_DIR/$SCREEN_NAME/fake-service.pid)
+ fi
+ ps -ef | grep fake
+}
+
+function setup_screen {
+if [[ ! -d $SERVICE_DIR/$SCREEN_NAME ]]; then
+ rm -rf $SERVICE_DIR/$SCREEN_NAME
+ mkdir -p $SERVICE_DIR/$SCREEN_NAME
+fi
+
+if [[ "$USE_SCREEN" == "True" ]]; then
+ # Create a new named screen to run processes in
+ screen -d -m -S $SCREEN_NAME -t shell -s /bin/bash
+ sleep 1
+
+ # Set a reasonable status bar
+ if [ -z "$SCREEN_HARDSTATUS" ]; then
+ SCREEN_HARDSTATUS='%{= .} %-Lw%{= .}%> %n%f %t*%{= .}%+Lw%< %-=%{g}(%{d}%H/%l%{g})'
+ fi
+ screen -r $SCREEN_NAME -X hardstatus alwayslastline "$SCREEN_HARDSTATUS"
+fi
+
+# Clear screen rc file
+SCREENRC=$TOP_DIR/tests/$SCREEN_NAME-screenrc
+if [[ -e $SCREENRC ]]; then
+ echo -n > $SCREENRC
+fi
+}
+
+# Mimic logging
+ # Set up output redirection without log files
+ # Copy stdout to fd 3
+ exec 3>&1
+ if [[ "$VERBOSE" != "True" ]]; then
+ # Throw away stdout and stderr
+ #exec 1>/dev/null 2>&1
+ :
+ fi
+ # Always send summary fd to original stdout
+ exec 6>&3
+
+
+if [[ "$1" == "start" ]]; then
+ echo "Start service"
+ setup_screen
+ run_process fake-service "$TOP_DIR/tests/fake-service.sh"
+ sleep 1
+ status
+elif [[ "$1" == "stop" ]]; then
+ echo "Stop service"
+ stop_process fake-service
+ status
+elif [[ "$1" == "status" ]]; then
+ status
+else
+ echo "Unknown command"
+ exit 1
+fi
diff --git a/tests/test_config.sh b/tests/test_config.sh
index 2634ce0..3252104 100755
--- a/tests/test_config.sh
+++ b/tests/test_config.sh
@@ -91,6 +91,46 @@
[[test4|\$TEST4_DIR/\$TEST4_FILE]]
[fff]
type=new
+
+[[test-env|test-env.conf]]
+[foo]
+foo=\${FOO_BAR_BAZ}
+
+[[test5|test-equals.conf]]
+[DEFAULT]
+drivers = driver=python.import.path.Driver
+
+[[test6|test-strip.conf]]
+[DEFAULT]
+# next line has trailing space
+attr = strip_trailing_space
+
+[[test7|test-colon.conf]]
+[DEFAULT]
+servers=10.11.12.13:80
+
+[[test-multi-sections|test-multi-sections.conf]]
+[sec-1]
+cfg_item1 = abcd
+cfg_item2 = efgh
+
+[sec-2]
+cfg_item1 = abcd
+cfg_item3 = /1/2/3/4:5
+cfg_item4 = end
+
+[sec-3]
+cfg_item5 = 5555
+cfg_item6 = 6666
+cfg_item5 = 5555another
+
+[[test-multiline|test-multiline.conf]]
+[multi]
+cfg_item1 = ab:cd:ef:gh
+cfg_item1 = abcd
+cfg_item2 = efgh
+cfg_item2 = \${FOO_BAR_BAZ}
+
EOF
echo -n "get_meta_section_files: test0 doesn't exist: "
@@ -172,10 +212,44 @@
# iniset adds a blank line if it creates the file...
EXPECT_VAL="
[ddd]
-additional = true
-type = new"
+type = new
+additional = true"
check_result "$VAL" "$EXPECT_VAL"
+echo -n "merge_config_file test-multi-sections: "
+rm -f test-multi-sections.conf
+merge_config_file test.conf test-multi-sections test-multi-sections.conf
+VAL=$(cat test-multi-sections.conf)
+EXPECT_VAL='
+[sec-1]
+cfg_item1 = abcd
+cfg_item2 = efgh
+
+[sec-2]
+cfg_item1 = abcd
+cfg_item3 = /1/2/3/4:5
+cfg_item4 = end
+
+[sec-3]
+cfg_item5 = 5555
+cfg_item5 = 5555another
+cfg_item6 = 6666'
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_file test-multiline: "
+rm -f test-multiline.conf
+FOO_BAR_BAZ="foo bar baz"
+merge_config_file test.conf test-multiline test-multiline.conf
+VAL=$(cat test-multiline.conf)
+EXPECT_VAL='
+[multi]
+cfg_item1 = ab:cd:ef:gh
+cfg_item1 = abcd
+cfg_item2 = efgh
+cfg_item2 = foo bar baz'
+check_result "$VAL" "$EXPECT_VAL"
+unset FOO_BAR_BAZ
+
echo -n "merge_config_group test2: "
rm test2a.conf
merge_config_group test.conf test2
@@ -183,8 +257,8 @@
# iniset adds a blank line if it creates the file...
EXPECT_VAL="
[ddd]
-additional = true
-type = new"
+type = new
+additional = true"
check_result "$VAL" "$EXPECT_VAL"
echo -n "merge_config_group test2 no conf file: "
@@ -206,6 +280,17 @@
attribute = value"
check_result "$VAL" "$EXPECT_VAL"
+echo -n "merge_config_file test-env: "
+rm -f test-env.conf
+FOO_BAR_BAZ="foo bar baz"
+merge_config_file test.conf test-env test-env.conf
+VAL=$(cat test-env.conf)
+EXPECT_VAL='
+[foo]
+foo = foo bar baz'
+check_result "$VAL" "$EXPECT_VAL"
+unset FOO_BAR_BAZ
+
echo -n "merge_config_group test4 variable filename: "
setup_test4
merge_config_group test.conf test4
@@ -225,5 +310,37 @@
type = new"
check_result "$VAL" "$EXPECT_VAL"
-rm -f test.conf test1c.conf test2a.conf test-space.conf
+echo -n "merge_config_file test5 equals in value: "
+rm -f test-equals.conf
+merge_config_file test.conf test5 test-equals.conf
+VAL=$(cat test-equals.conf)
+# iniset adds a blank line if it creates the file...
+EXPECT_VAL="
+[DEFAULT]
+drivers = driver=python.import.path.Driver"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_file test6 value stripped: "
+rm -f test-strip.conf
+merge_config_file test.conf test6 test-strip.conf
+VAL=$(cat test-strip.conf)
+# iniset adds a blank line if it creates the file...
+EXPECT_VAL="
+[DEFAULT]
+attr = strip_trailing_space"
+check_result "$VAL" "$EXPECT_VAL"
+
+echo -n "merge_config_file test7 colon in value: "
+rm -f test-colon.conf
+merge_config_file test.conf test7 test-colon.conf
+VAL=$(cat test-colon.conf)
+EXPECT_VAL="
+[DEFAULT]
+servers = 10.11.12.13:80"
+check_result "$VAL" "$EXPECT_VAL"
+
+rm -f test.conf test1c.conf test2a.conf \
+ test-space.conf test-equals.conf test-strip.conf \
+ test-colon.conf test-env.conf test-multiline.conf \
+ test-multi-sections.conf
rm -rf test-etc
diff --git a/tools/bash8.py b/tools/bash8.py
deleted file mode 100755
index 3abf87b..0000000
--- a/tools/bash8.py
+++ /dev/null
@@ -1,215 +0,0 @@
-#!/usr/bin/env python
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-# bash8 - a pep8 equivalent for bash scripts
-#
-# this program attempts to be an automated style checker for bash scripts
-# to fill the same part of code review that pep8 does in most OpenStack
-# projects. It starts from humble beginnings, and will evolve over time.
-#
-# Currently Supported checks
-#
-# Errors
-# Basic white space errors, for consistent indenting
-# - E001: check that lines do not end with trailing whitespace
-# - E002: ensure that indents are only spaces, and not hard tabs
-# - E003: ensure all indents are a multiple of 4 spaces
-# - E004: file did not end with a newline
-#
-# Structure errors
-#
-# A set of rules that help keep things consistent in control blocks.
-# These are ignored on long lines that have a continuation, because
-# unrolling that is kind of "interesting"
-#
-# - E010: *do* not on the same line as *for*
-# - E011: *then* not on the same line as *if*
-# - E012: heredoc didn't end before EOF
-
-import argparse
-import fileinput
-import re
-import sys
-
-ERRORS = 0
-IGNORE = None
-
-
-def register_ignores(ignores):
- global IGNORE
- if ignores:
- IGNORE = '^(' + '|'.join(ignores.split(',')) + ')'
-
-
-def should_ignore(error):
- return IGNORE and re.search(IGNORE, error)
-
-
-def print_error(error, line,
- filename=None, filelineno=None):
- if not filename:
- filename = fileinput.filename()
- if not filelineno:
- filelineno = fileinput.filelineno()
- global ERRORS
- ERRORS = ERRORS + 1
- print("%s: '%s'" % (error, line.rstrip('\n')))
- print(" - %s: L%s" % (filename, filelineno))
-
-
-def not_continuation(line):
- return not re.search('\\\\$', line)
-
-
-def check_for_do(line):
- if not_continuation(line):
- match = re.match('^\s*(for|while|until)\s', line)
- if match:
- operator = match.group(1).strip()
- if not re.search(';\s*do(\b|$)', line):
- print_error('E010: Do not on same line as %s' % operator,
- line)
-
-
-def check_if_then(line):
- if not_continuation(line):
- if re.search('^\s*if \[', line):
- if not re.search(';\s*then(\b|$)', line):
- print_error('E011: Then non on same line as if', line)
-
-
-def check_no_trailing_whitespace(line):
- if re.search('[ \t]+$', line):
- print_error('E001: Trailing Whitespace', line)
-
-
-def check_indents(line):
- m = re.search('^(?P<indent>[ \t]+)', line)
- if m:
- if re.search('\t', m.group('indent')):
- print_error('E002: Tab indents', line)
- if (len(m.group('indent')) % 4) != 0:
- print_error('E003: Indent not multiple of 4', line)
-
-def check_function_decl(line):
- failed = False
- if line.startswith("function"):
- if not re.search('^function [\w-]* \{$', line):
- failed = True
- else:
- # catch the case without "function", e.g.
- # things like '^foo() {'
- if re.search('^\s*?\(\)\s*?\{', line):
- failed = True
-
- if failed:
- print_error('E020: Function declaration not in format '
- ' "^function name {$"', line)
-
-
-def starts_multiline(line):
- m = re.search("[^<]<<\s*(?P<token>\w+)", line)
- if m:
- return m.group('token')
- else:
- return False
-
-
-def end_of_multiline(line, token):
- if token:
- return re.search("^%s\s*$" % token, line) is not None
- return False
-
-
-def check_files(files, verbose):
- in_multiline = False
- multiline_start = 0
- multiline_line = ""
- logical_line = ""
- token = False
- prev_file = None
- prev_line = ""
- prev_lineno = 0
-
- for line in fileinput.input(files):
- if fileinput.isfirstline():
- # if in_multiline when the new file starts then we didn't
- # find the end of a heredoc in the last file.
- if in_multiline:
- print_error('E012: heredoc did not end before EOF',
- multiline_line,
- filename=prev_file, filelineno=multiline_start)
- in_multiline = False
-
- # last line of a previous file should always end with a
- # newline
- if prev_file and not prev_line.endswith('\n'):
- print_error('E004: file did not end with a newline',
- prev_line,
- filename=prev_file, filelineno=prev_lineno)
-
- prev_file = fileinput.filename()
-
- if verbose:
- print "Running bash8 on %s" % fileinput.filename()
-
- # NOTE(sdague): multiline processing of heredocs is interesting
- if not in_multiline:
- logical_line = line
- token = starts_multiline(line)
- if token:
- in_multiline = True
- multiline_start = fileinput.filelineno()
- multiline_line = line
- continue
- else:
- logical_line = logical_line + line
- if not end_of_multiline(line, token):
- continue
- else:
- in_multiline = False
-
- check_no_trailing_whitespace(logical_line)
- check_indents(logical_line)
- check_for_do(logical_line)
- check_if_then(logical_line)
- check_function_decl(logical_line)
-
- prev_line = logical_line
- prev_lineno = fileinput.filelineno()
-
-def get_options():
- parser = argparse.ArgumentParser(
- description='A bash script style checker')
- parser.add_argument('files', metavar='file', nargs='+',
- help='files to scan for errors')
- parser.add_argument('-i', '--ignore', help='Rules to ignore')
- parser.add_argument('-v', '--verbose', action='store_true', default=False)
- return parser.parse_args()
-
-
-def main():
- opts = get_options()
- register_ignores(opts.ignore)
- check_files(opts.files, opts.verbose)
-
- if ERRORS > 0:
- print("%d bash8 error(s) found" % ERRORS)
- return 1
- else:
- return 0
-
-
-if __name__ == "__main__":
- sys.exit(main())
diff --git a/tools/build_bm.sh b/tools/build_bm.sh
deleted file mode 100755
index ab0ba0e..0000000
--- a/tools/build_bm.sh
+++ /dev/null
@@ -1,38 +0,0 @@
-#!/usr/bin/env bash
-
-# **build_bm.sh**
-
-# Build an OpenStack install on a bare metal machine.
-set +x
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-
-# Import common functions
-source $TOP_DIR/functions
-
-# Source params
-source ./stackrc
-
-# Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova"
-STACKSH_PARAMS=${STACKSH_PARAMS:-}
-
-# Option to use the version of devstack on which we are currently working
-USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}
-
-# Configure the runner
-RUN_SH=`mktemp`
-cat > $RUN_SH <<EOF
-#!/usr/bin/env bash
-# Install and run stack.sh
-cd devstack
-$STACKSH_PARAMS ./stack.sh
-EOF
-
-# Make the run.sh executable
-chmod 755 $RUN_SH
-
-scp -r . root@$CONTAINER_IP:devstack
-scp $RUN_SH root@$CONTAINER_IP:$RUN_SH
-ssh root@$CONTAINER_IP $RUN_SH
diff --git a/tools/build_bm_multi.sh b/tools/build_bm_multi.sh
deleted file mode 100755
index 328d576..0000000
--- a/tools/build_bm_multi.sh
+++ /dev/null
@@ -1,40 +0,0 @@
-#!/usr/bin/env bash
-
-# **build_bm_multi.sh**
-
-# Build an OpenStack install on several bare metal machines.
-SHELL_AFTER_RUN=no
-
-# Variables common amongst all hosts in the cluster
-COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NETWORK_MANAGER=FlatDHCPManager FLAT_INTERFACE=eth0 FLOATING_RANGE=$FLOATING_RANGE MULTI_HOST=1 SHELL_AFTER_RUN=$SHELL_AFTER_RUN"
-
-# Helper to launch containers
-function run_bm {
- # For some reason container names with periods can cause issues :/
- CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_NETMASK=$NETMASK CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $3" ./tools/build_bm.sh
-}
-
-# Launch the head node - headnode uses a non-ip domain name,
-# because rabbit won't launch with an ip addr hostname :(
-run_bm STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,horizon,mysql,rabbit"
-
-# Wait till the head node is up
-if [ ! "$TERMINATE" = "1" ]; then
- echo "Waiting for head node ($HEAD_HOST) to start..."
- if ! timeout 60 sh -c "while ! wget -q -O- http://$HEAD_HOST | grep -q username; do sleep 1; done"; then
- echo "Head node did not start"
- exit 1
- fi
-fi
-
-PIDS=""
-# Launch the compute hosts in parallel
-for compute_host in ${COMPUTE_HOSTS//,/ }; do
- run_bm $compute_host $compute_host "ENABLED_SERVICES=n-cpu,n-net,n-api" &
- PIDS="$PIDS $!"
-done
-
-for x in $PIDS; do
- wait $x
-done
-echo "build_bm_multi complete"
diff --git a/tools/build_docs.sh b/tools/build_docs.sh
index e999eff..f52b179 100755
--- a/tools/build_docs.sh
+++ b/tools/build_docs.sh
@@ -4,7 +4,7 @@
#
# - Install shocco if not found on PATH and INSTALL_SHOCCO is set
# - Clone MASTER_REPO branch MASTER_BRANCH
-# - Re-creates ``docs/html`` directory from existing repo + new generated script docs
+# - Re-creates ``doc/build/html`` directory from existing repo + new generated script docs
# Usage:
## build_docs.sh [-o <out-dir>] [-g] [master|<repo> [<branch>]]
@@ -17,7 +17,7 @@
## prevent stray files in the workspace being added tot he docs)
## -o <out-dir> Write the static HTML output to <out-dir>
## (Note that <out-dir> will be deleted and re-created to ensure it is clean)
-## -g Update the old gh-pages repo (set PUSH=1 to actualy push up to RCB)
+## -g Update the old gh-pages repo (set PUSH=1 to actually push up to RCB)
# Defaults
# --------
@@ -29,8 +29,8 @@
# http://devstack.org is a GitHub gh-pages site in the https://github.com/cloudbuilders/devtack.git repo
GH_PAGES_REPO=git@github.com:cloudbuilders/devstack.git
-DOCS_SOURCE=docs/source
-HTML_BUILD=docs/html
+DOCS_SOURCE=doc/source
+HTML_BUILD=doc/build/html
# Keep track of the devstack directory
TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
@@ -136,7 +136,7 @@
mkdir -p $FQ_HTML_BUILD/`dirname $f`;
$SHOCCO $f > $FQ_HTML_BUILD/$f.html
done
-echo "$FILES" >docs/files
+echo "$FILES" >doc/files
if [[ -n $GH_UPDATE ]]; then
GH_ROOT=$(mktemp -d work-gh-XXXX)
diff --git a/tools/build_pxe_env.sh b/tools/build_pxe_env.sh
deleted file mode 100755
index 50d91d0..0000000
--- a/tools/build_pxe_env.sh
+++ /dev/null
@@ -1,120 +0,0 @@
-#!/bin/bash -e
-
-# **build_pxe_env.sh**
-
-# Create a PXE boot environment
-#
-# build_pxe_env.sh destdir
-#
-# Requires Ubuntu Oneiric
-#
-# Only needs to run as root if the destdir permissions require it
-
-dpkg -l syslinux || apt-get install -y syslinux
-
-DEST_DIR=${1:-/tmp}/tftpboot
-PXEDIR=${PXEDIR:-/opt/ramstack/pxe}
-PROGDIR=`dirname $0`
-
-# Clean up any resources that may be in use
-function cleanup {
- set +o errexit
-
- # Mop up temporary files
- if [ -n "$MNTDIR" -a -d "$MNTDIR" ]; then
- umount $MNTDIR
- rmdir $MNTDIR
- fi
-
- # Kill ourselves to signal any calling process
- trap 2; kill -2 $$
-}
-
-trap cleanup SIGHUP SIGINT SIGTERM SIGQUIT EXIT
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=`cd $TOOLS_DIR/..; pwd`
-
-mkdir -p $DEST_DIR/pxelinux.cfg
-cd $DEST_DIR
-for i in memdisk menu.c32 pxelinux.0; do
- cp -pu /usr/lib/syslinux/$i $DEST_DIR
-done
-
-CFG=$DEST_DIR/pxelinux.cfg/default
-cat >$CFG <<EOF
-default menu.c32
-prompt 0
-timeout 0
-
-MENU TITLE devstack PXE Boot Menu
-
-EOF
-
-# Setup devstack boot
-mkdir -p $DEST_DIR/ubuntu
-if [ ! -d $PXEDIR ]; then
- mkdir -p $PXEDIR
-fi
-
-# Get image into place
-if [ ! -r $PXEDIR/stack-initrd.img ]; then
- cd $TOP_DIR
- $PROGDIR/build_ramdisk.sh $PXEDIR/stack-initrd.img
-fi
-if [ ! -r $PXEDIR/stack-initrd.gz ]; then
- gzip -1 -c $PXEDIR/stack-initrd.img >$PXEDIR/stack-initrd.gz
-fi
-cp -pu $PXEDIR/stack-initrd.gz $DEST_DIR/ubuntu
-
-if [ ! -r $PXEDIR/vmlinuz-*-generic ]; then
- MNTDIR=`mktemp -d --tmpdir mntXXXXXXXX`
- mount -t ext4 -o loop $PXEDIR/stack-initrd.img $MNTDIR
-
- if [ ! -r $MNTDIR/boot/vmlinuz-*-generic ]; then
- echo "No kernel found"
- umount $MNTDIR
- rmdir $MNTDIR
- exit 1
- else
- cp -pu $MNTDIR/boot/vmlinuz-*-generic $PXEDIR
- fi
- umount $MNTDIR
- rmdir $MNTDIR
-fi
-
-# Get generic kernel version
-KNAME=`basename $PXEDIR/vmlinuz-*-generic`
-KVER=${KNAME#vmlinuz-}
-cp -pu $PXEDIR/vmlinuz-$KVER $DEST_DIR/ubuntu
-cat >>$CFG <<EOF
-
-LABEL devstack
- MENU LABEL ^devstack
- MENU DEFAULT
- KERNEL ubuntu/vmlinuz-$KVER
- APPEND initrd=ubuntu/stack-initrd.gz ramdisk_size=2109600 root=/dev/ram0
-EOF
-
-# Get Ubuntu
-if [ -d $PXEDIR -a -r $PXEDIR/natty-base-initrd.gz ]; then
- cp -pu $PXEDIR/natty-base-initrd.gz $DEST_DIR/ubuntu
- cat >>$CFG <<EOF
-
-LABEL ubuntu
- MENU LABEL ^Ubuntu Natty
- KERNEL ubuntu/vmlinuz-$KVER
- APPEND initrd=ubuntu/natty-base-initrd.gz ramdisk_size=419600 root=/dev/ram0
-EOF
-fi
-
-# Local disk boot
-cat >>$CFG <<EOF
-
-LABEL local
- MENU LABEL ^Local disk
- LOCALBOOT 0
-EOF
-
-trap cleanup SIGHUP SIGINT SIGTERM SIGQUIT EXIT
diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh
deleted file mode 100755
index 50ba8ef..0000000
--- a/tools/build_ramdisk.sh
+++ /dev/null
@@ -1,230 +0,0 @@
-#!/bin/bash
-
-# **build_ramdisk.sh**
-
-# Build RAM disk images
-
-# Exit on error to stop unexpected errors
-set -o errexit
-
-if [ ! "$#" -eq "1" ]; then
- echo "$0 builds a gziped Ubuntu OpenStack install"
- echo "usage: $0 dest"
- exit 1
-fi
-
-# Clean up any resources that may be in use
-function cleanup {
- set +o errexit
-
- # Mop up temporary files
- if [ -n "$MNTDIR" -a -d "$MNTDIR" ]; then
- umount $MNTDIR
- rmdir $MNTDIR
- fi
- if [ -n "$DEV_FILE_TMP" -a -e "$DEV_FILE_TMP" ]; then
- rm -f $DEV_FILE_TMP
- fi
- if [ -n "$IMG_FILE_TMP" -a -e "$IMG_FILE_TMP" ]; then
- rm -f $IMG_FILE_TMP
- fi
-
- # Release NBD devices
- if [ -n "$NBD" ]; then
- qemu-nbd -d $NBD
- fi
-
- # Kill ourselves to signal any calling process
- trap 2; kill -2 $$
-}
-
-trap cleanup SIGHUP SIGINT SIGTERM
-
-# Set up nbd
-modprobe nbd max_part=63
-
-# Echo commands
-set -o xtrace
-
-IMG_FILE=$1
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-
-# Import common functions
-. $TOP_DIR/functions
-
-# Store cwd
-CWD=`pwd`
-
-cd $TOP_DIR
-
-# Source params
-source ./stackrc
-
-CACHEDIR=${CACHEDIR:-/opt/stack/cache}
-
-DEST=${DEST:-/opt/stack}
-
-# Configure the root password of the vm to be the same as ``ADMIN_PASSWORD``
-ROOT_PASSWORD=${ADMIN_PASSWORD:-password}
-
-# Base image (natty by default)
-DIST_NAME=${DIST_NAME:-natty}
-
-# Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova"
-STACKSH_PARAMS=${STACKSH_PARAMS:-}
-
-# Option to use the version of devstack on which we are currently working
-USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}
-
-# clean install
-if [ ! -r $CACHEDIR/$DIST_NAME-base.img ]; then
- $TOOLS_DIR/get_uec_image.sh $DIST_NAME $CACHEDIR/$DIST_NAME-base.img
-fi
-
-# Finds and returns full device path for the next available NBD device.
-# Exits script if error connecting or none free.
-# map_nbd image
-function map_nbd {
- for i in `seq 0 15`; do
- if [ ! -e /sys/block/nbd$i/pid ]; then
- NBD=/dev/nbd$i
- # Connect to nbd and wait till it is ready
- qemu-nbd -c $NBD $1
- if ! timeout 60 sh -c "while ! [ -e ${NBD}p1 ]; do sleep 1; done"; then
- echo "Couldn't connect $NBD"
- exit 1
- fi
- break
- fi
- done
- if [ -z "$NBD" ]; then
- echo "No free NBD slots"
- exit 1
- fi
- echo $NBD
-}
-
-# Prime image with as many apt as we can
-DEV_FILE=$CACHEDIR/$DIST_NAME-dev.img
-DEV_FILE_TMP=`mktemp $DEV_FILE.XXXXXX`
-if [ ! -r $DEV_FILE ]; then
- cp -p $CACHEDIR/$DIST_NAME-base.img $DEV_FILE_TMP
-
- NBD=`map_nbd $DEV_FILE_TMP`
- MNTDIR=`mktemp -d --tmpdir mntXXXXXXXX`
- mount -t ext4 ${NBD}p1 $MNTDIR
- cp -p /etc/resolv.conf $MNTDIR/etc/resolv.conf
-
- chroot $MNTDIR apt-get install -y --download-only `cat files/apts/* | grep NOPRIME | cut -d\# -f1`
- chroot $MNTDIR apt-get install -y --force-yes `cat files/apts/* | grep -v NOPRIME | cut -d\# -f1`
-
- # Create a stack user that is a member of the libvirtd group so that stack
- # is able to interact with libvirt.
- chroot $MNTDIR groupadd libvirtd
- chroot $MNTDIR useradd $STACK_USER -s /bin/bash -d $DEST -G libvirtd
- mkdir -p $MNTDIR/$DEST
- chroot $MNTDIR chown $STACK_USER $DEST
-
- # A simple password - pass
- echo $STACK_USER:pass | chroot $MNTDIR chpasswd
- echo root:$ROOT_PASSWORD | chroot $MNTDIR chpasswd
-
- # And has sudo ability (in the future this should be limited to only what
- # stack requires)
- echo "$STACK_USER ALL=(ALL) NOPASSWD: ALL" >> $MNTDIR/etc/sudoers
-
- umount $MNTDIR
- rmdir $MNTDIR
- qemu-nbd -d $NBD
- NBD=""
- mv $DEV_FILE_TMP $DEV_FILE
-fi
-rm -f $DEV_FILE_TMP
-
-
-# Clone git repositories onto the system
-# ======================================
-
-IMG_FILE_TMP=`mktemp $IMG_FILE.XXXXXX`
-
-if [ ! -r $IMG_FILE ]; then
- NBD=`map_nbd $DEV_FILE`
-
- # Pre-create the image file
- # FIXME(dt): This should really get the partition size to
- # pre-create the image file
- dd if=/dev/zero of=$IMG_FILE_TMP bs=1 count=1 seek=$((2*1024*1024*1024))
- # Create filesystem image for RAM disk
- dd if=${NBD}p1 of=$IMG_FILE_TMP bs=1M
-
- qemu-nbd -d $NBD
- NBD=""
- mv $IMG_FILE_TMP $IMG_FILE
-fi
-rm -f $IMG_FILE_TMP
-
-MNTDIR=`mktemp -d --tmpdir mntXXXXXXXX`
-mount -t ext4 -o loop $IMG_FILE $MNTDIR
-cp -p /etc/resolv.conf $MNTDIR/etc/resolv.conf
-
-# We need to install a non-virtual kernel and modules to boot from
-if [ ! -r "`ls $MNTDIR/boot/vmlinuz-*-generic | head -1`" ]; then
- chroot $MNTDIR apt-get install -y linux-generic
-fi
-
-git_clone $NOVA_REPO $DEST/nova $NOVA_BRANCH
-git_clone $GLANCE_REPO $DEST/glance $GLANCE_BRANCH
-git_clone $KEYSTONE_REPO $DEST/keystone $KEYSTONE_BRANCH
-git_clone $NOVNC_REPO $DEST/novnc $NOVNC_BRANCH
-git_clone $HORIZON_REPO $DEST/horizon $HORIZON_BRANCH
-git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH
-git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH
-
-# Use this version of devstack
-rm -rf $MNTDIR/$DEST/devstack
-cp -pr $CWD $MNTDIR/$DEST/devstack
-chroot $MNTDIR chown -R $STACK_USER $DEST/devstack
-
-# Configure host network for DHCP
-mkdir -p $MNTDIR/etc/network
-cat > $MNTDIR/etc/network/interfaces <<EOF
-auto lo
-iface lo inet loopback
-
-auto eth0
-iface eth0 inet dhcp
-EOF
-
-# Set hostname
-echo "ramstack" >$MNTDIR/etc/hostname
-echo "127.0.0.1 localhost ramstack" >$MNTDIR/etc/hosts
-
-# Configure the runner
-RUN_SH=$MNTDIR/$DEST/run.sh
-cat > $RUN_SH <<EOF
-#!/usr/bin/env bash
-
-# Get IP range
-set \`ip addr show dev eth0 | grep inet\`
-PREFIX=\`echo \$2 | cut -d. -f1,2,3\`
-export FLOATING_RANGE="\$PREFIX.224/27"
-
-# Kill any existing screens
-killall screen
-
-# Run stack.sh
-cd $DEST/devstack && \$STACKSH_PARAMS ./stack.sh > $DEST/run.sh.log
-echo >> $DEST/run.sh.log
-echo >> $DEST/run.sh.log
-echo "All done! Time to start clicking." >> $DEST/run.sh.log
-EOF
-
-# Make the run.sh executable
-chmod 755 $RUN_SH
-chroot $MNTDIR chown $STACK_USER $DEST/run.sh
-
-umount $MNTDIR
-rmdir $MNTDIR
diff --git a/tools/build_uec_ramdisk.sh b/tools/build_uec_ramdisk.sh
deleted file mode 100755
index 5f3acc5..0000000
--- a/tools/build_uec_ramdisk.sh
+++ /dev/null
@@ -1,180 +0,0 @@
-#!/usr/bin/env bash
-
-# **build_uec_ramdisk.sh**
-
-# Build RAM disk images based on UEC image
-
-# Exit on error to stop unexpected errors
-set -o errexit
-
-if [ ! "$#" -eq "1" ]; then
- echo "$0 builds a gziped Ubuntu OpenStack install"
- echo "usage: $0 dest"
- exit 1
-fi
-
-# Make sure that we have the proper version of ubuntu (only works on oneiric)
-if ! egrep -q "oneiric" /etc/lsb-release; then
- echo "This script only works with ubuntu oneiric."
- exit 1
-fi
-
-# Clean up resources that may be in use
-function cleanup {
- set +o errexit
-
- if [ -n "$MNT_DIR" ]; then
- umount $MNT_DIR/dev
- umount $MNT_DIR
- fi
-
- if [ -n "$DEST_FILE_TMP" ]; then
- rm $DEST_FILE_TMP
- fi
-
- # Kill ourselves to signal parents
- trap 2; kill -2 $$
-}
-
-trap cleanup SIGHUP SIGINT SIGTERM SIGQUIT EXIT
-
-# Output dest image
-DEST_FILE=$1
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-
-# Import common functions
-. $TOP_DIR/functions
-
-cd $TOP_DIR
-
-# Source params
-source ./stackrc
-
-DEST=${DEST:-/opt/stack}
-
-# Ubuntu distro to install
-DIST_NAME=${DIST_NAME:-oneiric}
-
-# Configure how large the VM should be
-GUEST_SIZE=${GUEST_SIZE:-2G}
-
-# Exit on error to stop unexpected errors
-set -o errexit
-set -o xtrace
-
-# Abort if localrc is not set
-if [ ! -e $TOP_DIR/localrc ]; then
- echo "You must have a localrc with ALL necessary passwords defined before proceeding."
- echo "See stack.sh for required passwords."
- exit 1
-fi
-
-# Install deps if needed
-DEPS="kvm libvirt-bin kpartx cloud-utils curl"
-apt_get install -y --force-yes $DEPS
-
-# Where to store files and instances
-CACHEDIR=${CACHEDIR:-/opt/stack/cache}
-WORK_DIR=${WORK_DIR:-/opt/ramstack}
-
-# Where to store images
-image_dir=$WORK_DIR/images/$DIST_NAME
-mkdir -p $image_dir
-
-# Get the base image if it does not yet exist
-if [ ! -e $image_dir/disk ]; then
- $TOOLS_DIR/get_uec_image.sh -r 2000M $DIST_NAME $image_dir/disk
-fi
-
-# Configure the root password of the vm to be the same as ``ADMIN_PASSWORD``
-ROOT_PASSWORD=${ADMIN_PASSWORD:-password}
-
-# Name of our instance, used by libvirt
-GUEST_NAME=${GUEST_NAME:-devstack}
-
-# Pre-load the image with basic environment
-if [ ! -e $image_dir/disk-primed ]; then
- cp $image_dir/disk $image_dir/disk-primed
- $TOOLS_DIR/warm_apts_for_uec.sh $image_dir/disk-primed
- $TOOLS_DIR/copy_dev_environment_to_uec.sh $image_dir/disk-primed
-fi
-
-# Back to devstack
-cd $TOP_DIR
-
-DEST_FILE_TMP=`mktemp $DEST_FILE.XXXXXX`
-MNT_DIR=`mktemp -d --tmpdir mntXXXXXXXX`
-cp $image_dir/disk-primed $DEST_FILE_TMP
-mount -t ext4 -o loop $DEST_FILE_TMP $MNT_DIR
-mount -o bind /dev /$MNT_DIR/dev
-cp -p /etc/resolv.conf $MNT_DIR/etc/resolv.conf
-echo root:$ROOT_PASSWORD | chroot $MNT_DIR chpasswd
-touch $MNT_DIR/$DEST/.ramdisk
-
-# We need to install a non-virtual kernel and modules to boot from
-if [ ! -r "`ls $MNT_DIR/boot/vmlinuz-*-generic | head -1`" ]; then
- chroot $MNT_DIR apt-get install -y linux-generic
-fi
-
-git_clone $NOVA_REPO $DEST/nova $NOVA_BRANCH
-git_clone $GLANCE_REPO $DEST/glance $GLANCE_BRANCH
-git_clone $KEYSTONE_REPO $DEST/keystone $KEYSTONE_BRANCH
-git_clone $NOVNC_REPO $DEST/novnc $NOVNC_BRANCH
-git_clone $HORIZON_REPO $DEST/horizon $HORIZON_BRANCH
-git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH
-git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH
-git_clone $TEMPEST_REPO $DEST/tempest $TEMPEST_BRANCH
-
-# Use this version of devstack
-rm -rf $MNT_DIR/$DEST/devstack
-cp -pr $TOP_DIR $MNT_DIR/$DEST/devstack
-chroot $MNT_DIR chown -R stack $DEST/devstack
-
-# Configure host network for DHCP
-mkdir -p $MNT_DIR/etc/network
-cat > $MNT_DIR/etc/network/interfaces <<EOF
-auto lo
-iface lo inet loopback
-
-auto eth0
-iface eth0 inet dhcp
-EOF
-
-# Set hostname
-echo "ramstack" >$MNT_DIR/etc/hostname
-echo "127.0.0.1 localhost ramstack" >$MNT_DIR/etc/hosts
-
-# Configure the runner
-RUN_SH=$MNT_DIR/$DEST/run.sh
-cat > $RUN_SH <<EOF
-#!/usr/bin/env bash
-
-# Get IP range
-set \`ip addr show dev eth0 | grep inet\`
-PREFIX=\`echo \$2 | cut -d. -f1,2,3\`
-export FLOATING_RANGE="\$PREFIX.224/27"
-
-# Kill any existing screens
-killall screen
-
-# Run stack.sh
-cd $DEST/devstack && \$STACKSH_PARAMS ./stack.sh > $DEST/run.sh.log
-echo >> $DEST/run.sh.log
-echo >> $DEST/run.sh.log
-echo "All done! Time to start clicking." >> $DEST/run.sh.log
-EOF
-
-# Make the run.sh executable
-chmod 755 $RUN_SH
-chroot $MNT_DIR chown stack $DEST/run.sh
-
-umount $MNT_DIR/dev
-umount $MNT_DIR
-rmdir $MNT_DIR
-mv $DEST_FILE_TMP $DEST_FILE
-rm -f $DEST_FILE_TMP
-
-trap - SIGHUP SIGINT SIGTERM SIGQUIT EXIT
diff --git a/tools/build_usb_boot.sh b/tools/build_usb_boot.sh
deleted file mode 100755
index c97e0a1..0000000
--- a/tools/build_usb_boot.sh
+++ /dev/null
@@ -1,148 +0,0 @@
-#!/bin/bash -e
-
-# **build_usb_boot.sh**
-
-# Create a syslinux boot environment
-#
-# build_usb_boot.sh destdev
-#
-# Assumes syslinux is installed
-# Needs to run as root
-
-DEST_DIR=${1:-/tmp/syslinux-boot}
-PXEDIR=${PXEDIR:-/opt/ramstack/pxe}
-
-# Clean up any resources that may be in use
-function cleanup {
- set +o errexit
-
- # Mop up temporary files
- if [ -n "$DEST_DEV" ]; then
- umount $DEST_DIR
- rmdir $DEST_DIR
- fi
- if [ -n "$MNTDIR" -a -d "$MNTDIR" ]; then
- umount $MNTDIR
- rmdir $MNTDIR
- fi
-
- # Kill ourselves to signal any calling process
- trap 2; kill -2 $$
-}
-
-trap cleanup SIGHUP SIGINT SIGTERM SIGQUIT EXIT
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=`cd $TOOLS_DIR/..; pwd`
-
-if [ -b $DEST_DIR ]; then
- # We have a block device, install syslinux and mount it
- DEST_DEV=$DEST_DIR
- DEST_DIR=`mktemp -d --tmpdir mntXXXXXX`
- mount $DEST_DEV $DEST_DIR
-
- if [ ! -d $DEST_DIR/syslinux ]; then
- mkdir -p $DEST_DIR/syslinux
- fi
-
- # Install syslinux on the device
- syslinux --install --directory syslinux $DEST_DEV
-else
- # We have a directory (for sanity checking output)
- DEST_DEV=""
- if [ ! -d $DEST_DIR/syslinux ]; then
- mkdir -p $DEST_DIR/syslinux
- fi
-fi
-
-# Get some more stuff from syslinux
-for i in memdisk menu.c32; do
- cp -pu /usr/lib/syslinux/$i $DEST_DIR/syslinux
-done
-
-CFG=$DEST_DIR/syslinux/syslinux.cfg
-cat >$CFG <<EOF
-default /syslinux/menu.c32
-prompt 0
-timeout 0
-
-MENU TITLE devstack Boot Menu
-
-EOF
-
-# Setup devstack boot
-mkdir -p $DEST_DIR/ubuntu
-if [ ! -d $PXEDIR ]; then
- mkdir -p $PXEDIR
-fi
-
-# Get image into place
-if [ ! -r $PXEDIR/stack-initrd.img ]; then
- cd $TOP_DIR
- $TOOLS_DIR/build_uec_ramdisk.sh $PXEDIR/stack-initrd.img
-fi
-if [ ! -r $PXEDIR/stack-initrd.gz ]; then
- gzip -1 -c $PXEDIR/stack-initrd.img >$PXEDIR/stack-initrd.gz
-fi
-cp -pu $PXEDIR/stack-initrd.gz $DEST_DIR/ubuntu
-
-if [ ! -r $PXEDIR/vmlinuz-*-generic ]; then
- MNTDIR=`mktemp -d --tmpdir mntXXXXXXXX`
- mount -t ext4 -o loop $PXEDIR/stack-initrd.img $MNTDIR
-
- if [ ! -r $MNTDIR/boot/vmlinuz-*-generic ]; then
- echo "No kernel found"
- umount $MNTDIR
- rmdir $MNTDIR
- if [ -n "$DEST_DEV" ]; then
- umount $DEST_DIR
- rmdir $DEST_DIR
- fi
- exit 1
- else
- cp -pu $MNTDIR/boot/vmlinuz-*-generic $PXEDIR
- fi
- umount $MNTDIR
- rmdir $MNTDIR
-fi
-
-# Get generic kernel version
-KNAME=`basename $PXEDIR/vmlinuz-*-generic`
-KVER=${KNAME#vmlinuz-}
-cp -pu $PXEDIR/vmlinuz-$KVER $DEST_DIR/ubuntu
-cat >>$CFG <<EOF
-
-LABEL devstack
- MENU LABEL ^devstack
- MENU DEFAULT
- KERNEL /ubuntu/vmlinuz-$KVER
- APPEND initrd=/ubuntu/stack-initrd.gz ramdisk_size=2109600 root=/dev/ram0
-EOF
-
-# Get Ubuntu
-if [ -d $PXEDIR -a -r $PXEDIR/natty-base-initrd.gz ]; then
- cp -pu $PXEDIR/natty-base-initrd.gz $DEST_DIR/ubuntu
- cat >>$CFG <<EOF
-
-LABEL ubuntu
- MENU LABEL ^Ubuntu Natty
- KERNEL /ubuntu/vmlinuz-$KVER
- APPEND initrd=/ubuntu/natty-base-initrd.gz ramdisk_size=419600 root=/dev/ram0
-EOF
-fi
-
-# Local disk boot
-cat >>$CFG <<EOF
-
-LABEL local
- MENU LABEL ^Local disk
- LOCALBOOT 0
-EOF
-
-if [ -n "$DEST_DEV" ]; then
- umount $DEST_DIR
- rmdir $DEST_DIR
-fi
-
-trap - SIGHUP SIGINT SIGTERM SIGQUIT EXIT
diff --git a/tools/copy_dev_environment_to_uec.sh b/tools/copy_dev_environment_to_uec.sh
deleted file mode 100755
index 94a4926..0000000
--- a/tools/copy_dev_environment_to_uec.sh
+++ /dev/null
@@ -1,73 +0,0 @@
-#!/usr/bin/env bash
-
-# **copy_dev_environment_to_uec.sh**
-
-# Echo commands
-set -o xtrace
-
-# Exit on error to stop unexpected errors
-set -o errexit
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-
-# Import common functions
-. $TOP_DIR/functions
-
-# Change dir to top of devstack
-cd $TOP_DIR
-
-# Source params
-source ./stackrc
-
-# Echo usage
-function usage {
- echo "Add stack user and keys"
- echo ""
- echo "Usage: $0 [full path to raw uec base image]"
-}
-
-# Make sure this is a raw image
-if ! qemu-img info $1 | grep -q "file format: raw"; then
- usage
- exit 1
-fi
-
-# Mount the image
-DEST=/opt/stack
-STAGING_DIR=/tmp/`echo $1 | sed "s/\//_/g"`.stage.user
-mkdir -p $STAGING_DIR
-umount $STAGING_DIR || true
-sleep 1
-mount -t ext4 -o loop $1 $STAGING_DIR
-mkdir -p $STAGING_DIR/$DEST
-
-# Create a stack user that is a member of the libvirtd group so that stack
-# is able to interact with libvirt.
-chroot $STAGING_DIR groupadd libvirtd || true
-chroot $STAGING_DIR useradd $STACK_USER -s /bin/bash -d $DEST -G libvirtd || true
-
-# Add a simple password - pass
-echo $STACK_USER:pass | chroot $STAGING_DIR chpasswd
-
-# Configure sudo
-( umask 226 && echo "$STACK_USER ALL=(ALL) NOPASSWD:ALL" \
- > $STAGING_DIR/etc/sudoers.d/50_stack_sh )
-
-# Copy over your ssh keys and env if desired
-cp_it ~/.ssh $STAGING_DIR/$DEST/.ssh
-cp_it ~/.ssh/id_rsa.pub $STAGING_DIR/$DEST/.ssh/authorized_keys
-cp_it ~/.gitconfig $STAGING_DIR/$DEST/.gitconfig
-cp_it ~/.vimrc $STAGING_DIR/$DEST/.vimrc
-cp_it ~/.bashrc $STAGING_DIR/$DEST/.bashrc
-
-# Copy devstack
-rm -rf $STAGING_DIR/$DEST/devstack
-cp_it . $STAGING_DIR/$DEST/devstack
-
-# Give stack ownership over $DEST so it may do the work needed
-chroot $STAGING_DIR chown -R $STACK_USER $DEST
-
-# Unmount
-umount $STAGING_DIR
diff --git a/tools/create_userrc.sh b/tools/create_userrc.sh
index 5b1111a..b43fd88 100755
--- a/tools/create_userrc.sh
+++ b/tools/create_userrc.sh
@@ -37,6 +37,7 @@
-C <tenant_name> create user and tenant, the specifid tenant will be the user's tenant
-r <name> when combined with -C and the (-u) user exists it will be the user's tenant role in the (-C)tenant (default: Member)
-p <userpass> password for the user
+--heat-url <heat_url>
--os-username <username>
--os-password <admin password>
--os-tenant-name <tenant_name>
@@ -53,12 +54,13 @@
EOF
}
-if ! options=$(getopt -o hPAp:u:r:C: -l os-username:,os-password:,os-tenant-name:,os-tenant-id:,os-auth-url:,target-dir:,skip-tenant:,os-cacert:,help,debug -- "$@"); then
+if ! options=$(getopt -o hPAp:u:r:C: -l os-username:,os-password:,os-tenant-name:,os-tenant-id:,os-auth-url:,target-dir:,heat-url:,skip-tenant:,os-cacert:,help,debug -- "$@"); then
display_help
exit 1
fi
eval set -- $options
ADDPASS=""
+HEAT_URL=""
# The services users usually in the service tenant.
# rc files for service users, is out of scope.
@@ -79,6 +81,7 @@
--os-auth-url) export OS_AUTH_URL=$2; shift ;;
--os-cacert) export OS_CACERT=$2; shift ;;
--target-dir) ACCOUNT_DIR=$2; shift ;;
+ --heat-url) HEAT_URL=$2; shift ;;
--debug) set -o xtrace ;;
-u) MODE=${MODE:-one}; USER_NAME=$2; shift ;;
-p) USER_PASS=$2; shift ;;
@@ -209,6 +212,10 @@
if [ -n "$ADDPASS" ]; then
echo "export OS_PASSWORD=\"$user_passwd\"" >>"$rcfile"
fi
+ if [ -n "$HEAT_URL" ]; then
+ echo "export HEAT_URL=\"$HEAT_URL/$tenant_id\"" >>"$rcfile"
+ echo "export OS_NO_CLIENT_AUTH=True" >>"$rcfile"
+ fi
}
#admin users expected
@@ -238,7 +245,7 @@
}
if [ $MODE != "create" ]; then
-# looks like I can't ask for all tenant related to a specified user
+ # looks like I can't ask for all tenant related to a specified user
openstack project list --long --quote none -f csv | grep ',True' | grep -v "${SKIP_TENANT}" | while IFS=, read tenant_id tenant_name desc enabled; do
openstack user list --project $tenant_id --long --quote none -f csv | grep ',True' | while IFS=, read user_id user_name project email enabled; do
if [ $MODE = one -a "$user_name" != "$USER_NAME" ]; then
@@ -246,9 +253,9 @@
fi
# Checks for a specific password defined for an user.
- # Example for an username johndoe:
- # JOHNDOE_PASSWORD=1234
- eval SPECIFIC_UPASSWORD="\$${USER_NAME^^}_PASSWORD"
+ # Example for an username johndoe: JOHNDOE_PASSWORD=1234
+ # This mechanism is used by lib/swift
+ eval SPECIFIC_UPASSWORD="\$${user_name}_password"
if [ -n "$SPECIFIC_UPASSWORD" ]; then
USER_PASS=$SPECIFIC_UPASSWORD
fi
diff --git a/tools/fixup_stuff.sh b/tools/fixup_stuff.sh
index f1dc76a..b8beb01 100755
--- a/tools/fixup_stuff.sh
+++ b/tools/fixup_stuff.sh
@@ -20,20 +20,24 @@
# - pre-install hgtools to work around a bug in RHEL6 distribute
# - install nose 1.1 from EPEL
-set -o errexit
-set -o xtrace
+# If TOP_DIR is set we're being sourced rather than running stand-alone
+# or in a sub-shell
+if [[ -z "$TOP_DIR" ]]; then
+ set -o errexit
+ set -o xtrace
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
+ # Keep track of the current directory
+ TOOLS_DIR=$(cd $(dirname "$0") && pwd)
+ TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-# Change dir to top of devstack
-cd $TOP_DIR
+ # Change dir to top of devstack
+ cd $TOP_DIR
-# Import common functions
-source $TOP_DIR/functions
+ # Import common functions
+ source $TOP_DIR/functions
-FILES=$TOP_DIR/files
+ FILES=$TOP_DIR/files
+fi
# Keystone Port Reservation
# -------------------------
@@ -46,17 +50,24 @@
# exception into the Kernel for the Keystone AUTH ports.
keystone_ports=${KEYSTONE_AUTH_PORT:-35357},${KEYSTONE_AUTH_PORT_INT:-35358}
-# Get any currently reserved ports, strip off leading whitespace
-reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
+# only do the reserved ports when available, on some system (like containers)
+# where it's not exposed we are almost pretty sure these ports would be
+# exclusive for our devstack.
+if sysctl net.ipv4.ip_local_reserved_ports >/dev/null 2>&1; then
+ # Get any currently reserved ports, strip off leading whitespace
+ reserved_ports=$(sysctl net.ipv4.ip_local_reserved_ports | awk -F'=' '{print $2;}' | sed 's/^ //')
-if [[ -z "${reserved_ports}" ]]; then
- # If there are no currently reserved ports, reserve the keystone ports
- sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports}
+ if [[ -z "${reserved_ports}" ]]; then
+ # If there are no currently reserved ports, reserve the keystone ports
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports}
+ else
+ # If there are currently reserved ports, keep those and also reserve the
+ # keystone specific ports. Duplicate reservations are merged into a single
+ # reservation (or range) automatically by the kernel.
+ sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports},${reserved_ports}
+ fi
else
- # If there are currently reserved ports, keep those and also reserve the
- # keystone specific ports. Duplicate reservations are merged into a single
- # reservation (or range) automatically by the kernel.
- sudo sysctl -w net.ipv4.ip_local_reserved_ports=${keystone_ports},${reserved_ports}
+ echo_summary "WARNING: unable to reserve keystone ports"
fi
@@ -93,30 +104,27 @@
sudo chmod +r $dir/*
fi
-# Ubuntu 12.04
-# ------------
-
-# We can regularly get kernel crashes on the 12.04 default kernel, so attempt
-# to install a new kernel
-if [[ ${DISTRO} =~ (precise) ]]; then
- # Finally, because we suspect the Precise kernel is problematic, install a new kernel
- UPGRADE_KERNEL=$(trueorfalse False $UPGRADE_KERNEL)
- if [[ $UPGRADE_KERNEL == "True" ]]; then
- if [[ ! `uname -r` =~ (^3\.11) ]]; then
- apt_get install linux-generic-lts-saucy
- echo "Installing Saucy LTS kernel, please reboot before proceeding"
- exit 1
- fi
- fi
-fi
-
-
if is_fedora; then
# Disable selinux to avoid configuring to allow Apache access
# to Horizon files (LP#1175444)
if selinuxenabled; then
sudo setenforce 0
fi
+
+ FORCE_FIREWALLD=$(trueorfalse False $FORCE_FIREWALLD)
+ if [[ ${DISTRO} =~ (f19|f20) && $FORCE_FIREWALLD == "False" ]]; then
+ # On Fedora 19 and 20 firewalld interacts badly with libvirt and
+ # slows things down significantly. However, for those cases
+ # where that combination is desired, allow this fix to be skipped.
+
+ # There was also an additional issue with firewalld hanging
+ # after install of libvirt with polkit. See
+ # https://bugzilla.redhat.com/show_bug.cgi?id=1099031
+ if is_package_installed firewalld; then
+ uninstall_package firewalld
+ fi
+ fi
+
fi
# RHEL6
@@ -124,6 +132,14 @@
if [[ $DISTRO =~ (rhel6) ]]; then
+ # install_pip.sh installs the latest setuptools over the packaged
+ # version. We can't really uninstall the packaged version if it
+ # is there, because it may remove other important things like
+ # cloud-init. Things work, but there can be an old egg file left
+ # around from the package that causes some really strange
+ # setuptools errors. Remove it, if it is there
+ sudo rm -f /usr/lib/python2.6/site-packages/setuptools-0.6*.egg-info
+
# If the ``dbus`` package was installed by DevStack dependencies the
# uuid may not be generated because the service was never started (PR#598200),
# causing Nova to stop later on complaining that ``/var/lib/dbus/machine-id``
diff --git a/tools/get_uec_image.sh b/tools/get_uec_image.sh
deleted file mode 100755
index 225742c..0000000
--- a/tools/get_uec_image.sh
+++ /dev/null
@@ -1,109 +0,0 @@
-#!/bin/bash
-
-# **get_uec_image.sh**
-
-# Download and prepare Ubuntu UEC images
-
-CACHEDIR=${CACHEDIR:-/opt/stack/cache}
-ROOTSIZE=${ROOTSIZE:-2000M}
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/..; pwd)
-
-# Import common functions
-. $TOP_DIR/functions
-
-# Exit on error to stop unexpected errors
-set -o errexit
-set -o xtrace
-
-function usage {
- echo "Usage: $0 - Download and prepare Ubuntu UEC images"
- echo ""
- echo "$0 [-r rootsize] release imagefile [kernel]"
- echo ""
- echo "-r size - root fs size (min 2000MB)"
- echo "release - Ubuntu release: lucid - quantal"
- echo "imagefile - output image file"
- echo "kernel - output kernel"
- exit 1
-}
-
-# Clean up any resources that may be in use
-function cleanup {
- set +o errexit
-
- # Mop up temporary files
- if [ -n "$IMG_FILE_TMP" -a -e "$IMG_FILE_TMP" ]; then
- rm -f $IMG_FILE_TMP
- fi
-
- # Kill ourselves to signal any calling process
- trap 2; kill -2 $$
-}
-
-while getopts hr: c; do
- case $c in
- h) usage
- ;;
- r) ROOTSIZE=$OPTARG
- ;;
- esac
-done
-shift `expr $OPTIND - 1`
-
-if [[ ! "$#" -eq "2" && ! "$#" -eq "3" ]]; then
- usage
-fi
-
-# Default args
-DIST_NAME=$1
-IMG_FILE=$2
-IMG_FILE_TMP=`mktemp $IMG_FILE.XXXXXX`
-KERNEL=$3
-
-case $DIST_NAME in
- saucy) ;;
- raring) ;;
- quantal) ;;
- precise) ;;
- *) echo "Unknown release: $DIST_NAME"
- usage
- ;;
-esac
-
-trap cleanup SIGHUP SIGINT SIGTERM SIGQUIT EXIT
-
-# Check dependencies
-if [ ! -x "`which qemu-img`" -o -z "`dpkg -l | grep cloud-utils`" ]; then
- # Missing KVM?
- apt_get install qemu-kvm cloud-utils
-fi
-
-# Find resize script
-RESIZE=`which resize-part-image || which uec-resize-image`
-if [ -z "$RESIZE" ]; then
- echo "resize tool from cloud-utils not found"
- exit 1
-fi
-
-# Get the UEC image
-UEC_NAME=$DIST_NAME-server-cloudimg-amd64
-if [ ! -d $CACHEDIR/$DIST_NAME ]; then
- mkdir -p $CACHEDIR/$DIST_NAME
-fi
-if [ ! -e $CACHEDIR/$DIST_NAME/$UEC_NAME.tar.gz ]; then
- (cd $CACHEDIR/$DIST_NAME && wget -N http://uec-images.ubuntu.com/$DIST_NAME/current/$UEC_NAME.tar.gz)
- (cd $CACHEDIR/$DIST_NAME && tar Sxvzf $UEC_NAME.tar.gz)
-fi
-
-$RESIZE $CACHEDIR/$DIST_NAME/$UEC_NAME.img ${ROOTSIZE} $IMG_FILE_TMP
-mv $IMG_FILE_TMP $IMG_FILE
-
-# Copy kernel to destination
-if [ -n "$KERNEL" ]; then
- cp -p $CACHEDIR/$DIST_NAME/*-vmlinuz-virtual $KERNEL
-fi
-
-trap - SIGHUP SIGINT SIGTERM SIGQUIT EXIT
diff --git a/tools/install_openvpn.sh b/tools/install_openvpn.sh
deleted file mode 100755
index 9a4f036..0000000
--- a/tools/install_openvpn.sh
+++ /dev/null
@@ -1,221 +0,0 @@
-#!/bin/bash
-
-# **install_openvpn.sh**
-
-# Install OpenVPN and generate required certificates
-#
-# install_openvpn.sh --client name
-# install_openvpn.sh --server [name]
-#
-# name is used on the CN of the generated cert, and the filename of
-# the configuration, certificate and key files.
-#
-# --server mode configures the host with a running OpenVPN server instance
-# --client mode creates a tarball of a client configuration for this server
-
-# Get config file
-if [ -e localrc ]; then
- . localrc
-fi
-if [ -e vpnrc ]; then
- . vpnrc
-fi
-
-# Do some IP manipulation
-function cidr2netmask {
- set -- $(( 5 - ($1 / 8) )) 255 255 255 255 $(( (255 << (8 - ($1 % 8))) & 255 )) 0 0 0
- if [[ $1 -gt 1 ]]; then
- shift $1
- else
- shift
- fi
- echo ${1-0}.${2-0}.${3-0}.${4-0}
-}
-
-FIXED_NET=`echo $FIXED_RANGE | cut -d'/' -f1`
-FIXED_CIDR=`echo $FIXED_RANGE | cut -d'/' -f2`
-FIXED_MASK=`cidr2netmask $FIXED_CIDR`
-
-# VPN Config
-VPN_SERVER=${VPN_SERVER:-`ifconfig eth0 | awk "/inet addr:/ { print \$2 }" | cut -d: -f2`} # 50.56.12.212
-VPN_PROTO=${VPN_PROTO:-tcp}
-VPN_PORT=${VPN_PORT:-6081}
-VPN_DEV=${VPN_DEV:-tap0}
-VPN_BRIDGE=${VPN_BRIDGE:-br100}
-VPN_BRIDGE_IF=${VPN_BRIDGE_IF:-$FLAT_INTERFACE}
-VPN_CLIENT_NET=${VPN_CLIENT_NET:-$FIXED_NET}
-VPN_CLIENT_MASK=${VPN_CLIENT_MASK:-$FIXED_MASK}
-VPN_CLIENT_DHCP="${VPN_CLIENT_DHCP:-net.1 net.254}"
-
-VPN_DIR=/etc/openvpn
-CA_DIR=$VPN_DIR/easy-rsa
-
-function usage {
- echo "$0 - OpenVPN install and certificate generation"
- echo ""
- echo "$0 --client name"
- echo "$0 --server [name]"
- echo ""
- echo " --server mode configures the host with a running OpenVPN server instance"
- echo " --client mode creates a tarball of a client configuration for this server"
- exit 1
-}
-
-if [ -z $1 ]; then
- usage
-fi
-
-# Install OpenVPN
-VPN_EXEC=`which openvpn`
-if [ -z "$VPN_EXEC" -o ! -x "$VPN_EXEC" ]; then
- apt-get install -y openvpn bridge-utils
-fi
-if [ ! -d $CA_DIR ]; then
- cp -pR /usr/share/doc/openvpn/examples/easy-rsa/2.0/ $CA_DIR
-fi
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=$(cd $TOOLS_DIR/.. && pwd)
-
-WEB_DIR=$TOP_DIR/../vpn
-if [[ ! -d $WEB_DIR ]]; then
- mkdir -p $WEB_DIR
-fi
-WEB_DIR=$(cd $TOP_DIR/../vpn && pwd)
-
-cd $CA_DIR
-source ./vars
-
-# Override the defaults
-export KEY_COUNTRY="US"
-export KEY_PROVINCE="TX"
-export KEY_CITY="SanAntonio"
-export KEY_ORG="Cloudbuilders"
-export KEY_EMAIL="rcb@lists.rackspace.com"
-
-if [ ! -r $CA_DIR/keys/dh1024.pem ]; then
- # Initialize a new CA
- $CA_DIR/clean-all
- $CA_DIR/build-dh
- $CA_DIR/pkitool --initca
- openvpn --genkey --secret $CA_DIR/keys/ta.key ## Build a TLS key
-fi
-
-function do_server {
- NAME=$1
- # Generate server certificate
- $CA_DIR/pkitool --server $NAME
-
- (cd $CA_DIR/keys;
- cp $NAME.crt $NAME.key ca.crt dh1024.pem ta.key $VPN_DIR
- )
- cat >$VPN_DIR/br-up <<EOF
-#!/bin/bash
-
-BR="$VPN_BRIDGE"
-TAP="\$1"
-
-if [[ ! -d /sys/class/net/\$BR ]]; then
- brctl addbr \$BR
-fi
-
-for t in \$TAP; do
- openvpn --mktun --dev \$t
- brctl addif \$BR \$t
- ifconfig \$t 0.0.0.0 promisc up
-done
-EOF
- chmod +x $VPN_DIR/br-up
- cat >$VPN_DIR/br-down <<EOF
-#!/bin/bash
-
-BR="$VPN_BRIDGE"
-TAP="\$1"
-
-for i in \$TAP; do
- brctl delif \$BR $t
- openvpn --rmtun --dev \$i
-done
-EOF
- chmod +x $VPN_DIR/br-down
- cat >$VPN_DIR/$NAME.conf <<EOF
-proto $VPN_PROTO
-port $VPN_PORT
-dev $VPN_DEV
-up $VPN_DIR/br-up
-down $VPN_DIR/br-down
-cert $NAME.crt
-key $NAME.key # This file should be kept secret
-ca ca.crt
-dh dh1024.pem
-duplicate-cn
-server-bridge $VPN_CLIENT_NET $VPN_CLIENT_MASK $VPN_CLIENT_DHCP
-ifconfig-pool-persist ipp.txt
-comp-lzo
-user nobody
-group nogroup
-persist-key
-persist-tun
-status openvpn-status.log
-EOF
- /etc/init.d/openvpn restart
-}
-
-function do_client {
- NAME=$1
- # Generate a client certificate
- $CA_DIR/pkitool $NAME
-
- TMP_DIR=`mktemp -d`
- (cd $CA_DIR/keys;
- cp -p ca.crt ta.key $NAME.key $NAME.crt $TMP_DIR
- )
- if [ -r $VPN_DIR/hostname ]; then
- HOST=`cat $VPN_DIR/hostname`
- else
- HOST=`hostname`
- fi
- cat >$TMP_DIR/$HOST.conf <<EOF
-proto $VPN_PROTO
-port $VPN_PORT
-dev $VPN_DEV
-cert $NAME.crt
-key $NAME.key # This file should be kept secret
-ca ca.crt
-client
-remote $VPN_SERVER $VPN_PORT
-resolv-retry infinite
-nobind
-user nobody
-group nogroup
-persist-key
-persist-tun
-comp-lzo
-verb 3
-EOF
- (cd $TMP_DIR; tar cf $WEB_DIR/$NAME.tar *)
- rm -rf $TMP_DIR
- echo "Client certificate and configuration is in $WEB_DIR/$NAME.tar"
-}
-
-# Process command line args
-case $1 in
- --client) if [ -z $2 ]; then
- usage
- fi
- do_client $2
- ;;
- --server) if [ -z $2 ]; then
- NAME=`hostname`
- else
- NAME=$2
- # Save for --client use
- echo $NAME >$VPN_DIR/hostname
- fi
- do_server $NAME
- ;;
- --clean) $CA_DIR/clean-all
- ;;
- *) usage
-esac
diff --git a/tools/ironic/scripts/cleanup-node b/tools/ironic/scripts/cleanup-node
new file mode 100755
index 0000000..c4e4e70
--- /dev/null
+++ b/tools/ironic/scripts/cleanup-node
@@ -0,0 +1,25 @@
+#!/usr/bin/env bash
+
+# **cleanup-nodes**
+
+# Cleans up baremetal poseur nodes and volumes created during ironic setup
+# Assumes calling user has proper libvirt group membership and access.
+
+set -exu
+
+LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"}
+LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"}
+
+NAME=$1
+NETWORK_BRIDGE=$2
+
+export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI
+
+VOL_NAME="$NAME.qcow2"
+virsh list | grep -q $NAME && virsh destroy $NAME
+virsh list --inactive | grep -q $NAME && virsh undefine $NAME
+
+if virsh pool-list | grep -q $LIBVIRT_STORAGE_POOL ; then
+ virsh vol-list $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME &&
+ virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL
+fi
diff --git a/tools/ironic/scripts/cleanup-nodes b/tools/ironic/scripts/cleanup-nodes
deleted file mode 100755
index adeca5c..0000000
--- a/tools/ironic/scripts/cleanup-nodes
+++ /dev/null
@@ -1,28 +0,0 @@
-#!/usr/bin/env bash
-
-# **cleanup-nodes**
-
-# Cleans up baremetal poseur nodes and volumes created during ironic setup
-# Assumes calling user has proper libvirt group membership and access.
-
-set -exu
-
-LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"}
-LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"}
-
-VM_COUNT=$1
-NETWORK_BRIDGE=$2
-
-export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI
-
-for (( idx=0; idx<$VM_COUNT; idx++ )); do
- NAME="baremetal${NETWORK_BRIDGE}_${idx}"
- VOL_NAME="baremetal${NETWORK_BRIDGE}-${idx}.qcow2"
- virsh list | grep -q $NAME && virsh destroy $NAME
- virsh list --inactive | grep -q $NAME && virsh undefine $NAME
-
- if virsh pool-list | grep -q $LIBVIRT_STORAGE_POOL ; then
- virsh vol-list $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME &&
- virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL
- fi
-done
diff --git a/tools/ironic/scripts/create-node b/tools/ironic/scripts/create-node
new file mode 100755
index 0000000..25b53d4
--- /dev/null
+++ b/tools/ironic/scripts/create-node
@@ -0,0 +1,79 @@
+#!/usr/bin/env bash
+
+# **create-nodes**
+
+# Creates baremetal poseur nodes for ironic testing purposes
+
+set -ex
+
+# Keep track of the devstack directory
+TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
+
+NAME=$1
+CPU=$2
+MEM=$(( 1024 * $3 ))
+# extra G to allow fuzz for partition table : flavor size and registered size
+# need to be different to actual size.
+DISK=$(( $4 + 1))
+
+case $5 in
+ i386) ARCH='i686' ;;
+ amd64) ARCH='x86_64' ;;
+ *) echo "Unsupported arch $4!" ; exit 1 ;;
+esac
+
+BRIDGE=$6
+EMULATOR=$7
+LOGDIR=$8
+
+LIBVIRT_NIC_DRIVER=${LIBVIRT_NIC_DRIVER:-"e1000"}
+LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"}
+LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"}
+
+export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI
+
+if ! virsh pool-list --all | grep -q $LIBVIRT_STORAGE_POOL; then
+ virsh pool-define-as --name $LIBVIRT_STORAGE_POOL dir --target /var/lib/libvirt/images >&2
+ virsh pool-autostart $LIBVIRT_STORAGE_POOL >&2
+ virsh pool-start $LIBVIRT_STORAGE_POOL >&2
+fi
+
+pool_state=$(virsh pool-info $LIBVIRT_STORAGE_POOL | grep State | awk '{ print $2 }')
+if [ "$pool_state" != "running" ] ; then
+ [ ! -d /var/lib/libvirt/images ] && sudo mkdir /var/lib/libvirt/images
+ virsh pool-start $LIBVIRT_STORAGE_POOL >&2
+fi
+
+if [ -n "$LOGDIR" ] ; then
+ mkdir -p "$LOGDIR"
+fi
+
+PREALLOC=
+if [ -f /etc/debian_version ]; then
+ PREALLOC="--prealloc-metadata"
+fi
+
+if [ -n "$LOGDIR" ] ; then
+ VM_LOGGING="--console-log $LOGDIR/${NAME}_console.log"
+else
+ VM_LOGGING=""
+fi
+VOL_NAME="${NAME}.qcow2"
+
+if ! virsh list --all | grep -q $NAME; then
+ virsh vol-list --pool $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME &&
+ virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL >&2
+ virsh vol-create-as $LIBVIRT_STORAGE_POOL ${VOL_NAME} ${DISK}G --format qcow2 $PREALLOC >&2
+ volume_path=$(virsh vol-path --pool $LIBVIRT_STORAGE_POOL $VOL_NAME)
+ # Pre-touch the VM to set +C, as it can only be set on empty files.
+ sudo touch "$volume_path"
+ sudo chattr +C "$volume_path" || true
+ $TOP_DIR/scripts/configure-vm \
+ --bootdev network --name $NAME --image "$volume_path" \
+ --arch $ARCH --cpus $CPU --memory $MEM --libvirt-nic-driver $LIBVIRT_NIC_DRIVER \
+ --emulator $EMULATOR --network $BRIDGE $VM_LOGGING >&2
+
+fi
+
+# echo mac
+virsh dumpxml $NAME | grep "mac address" | head -1 | cut -d\' -f2
diff --git a/tools/ironic/scripts/create-nodes b/tools/ironic/scripts/create-nodes
deleted file mode 100755
index 140bffe..0000000
--- a/tools/ironic/scripts/create-nodes
+++ /dev/null
@@ -1,84 +0,0 @@
-#!/usr/bin/env bash
-
-# **create-nodes**
-
-# Creates baremetal poseur nodes for ironic testing purposes
-
-set -ex
-
-# Keep track of the devstack directory
-TOP_DIR=$(cd $(dirname "$0")/.. && pwd)
-
-CPU=$1
-MEM=$(( 1024 * $2 ))
-# extra G to allow fuzz for partition table : flavor size and registered size
-# need to be different to actual size.
-DISK=$(( $3 + 1))
-
-case $4 in
- i386) ARCH='i686' ;;
- amd64) ARCH='x86_64' ;;
- *) echo "Unsupported arch $4!" ; exit 1 ;;
-esac
-
-TOTAL=$(($5 - 1))
-BRIDGE=$6
-EMULATOR=$7
-LOGDIR=$8
-
-LIBVIRT_NIC_DRIVER=${LIBVIRT_NIC_DRIVER:-"e1000"}
-LIBVIRT_STORAGE_POOL=${LIBVIRT_STORAGE_POOL:-"default"}
-LIBVIRT_CONNECT_URI=${LIBVIRT_CONNECT_URI:-"qemu:///system"}
-
-export VIRSH_DEFAULT_CONNECT_URI=$LIBVIRT_CONNECT_URI
-
-if ! virsh pool-list --all | grep -q $LIBVIRT_STORAGE_POOL; then
- virsh pool-define-as --name $LIBVIRT_STORAGE_POOL dir --target /var/lib/libvirt/images >&2
- virsh pool-autostart $LIBVIRT_STORAGE_POOL >&2
- virsh pool-start $LIBVIRT_STORAGE_POOL >&2
-fi
-
-pool_state=$(virsh pool-info $LIBVIRT_STORAGE_POOL | grep State | awk '{ print $2 }')
-if [ "$pool_state" != "running" ] ; then
- [ ! -d /var/lib/libvirt/images ] && sudo mkdir /var/lib/libvirt/images
- virsh pool-start $LIBVIRT_STORAGE_POOL >&2
-fi
-
-if [ -n "$LOGDIR" ] ; then
- mkdir -p "$LOGDIR"
-fi
-
-PREALLOC=
-if [ -f /etc/debian_version ]; then
- PREALLOC="--prealloc-metadata"
-fi
-
-DOMS=""
-for idx in $(seq 0 $TOTAL) ; do
- NAME="baremetal${BRIDGE}_${idx}"
- if [ -n "$LOGDIR" ] ; then
- VM_LOGGING="--console-log $LOGDIR/${NAME}_console.log"
- else
- VM_LOGGING=""
- fi
- DOMS="$DOMS $NAME"
- VOL_NAME="baremetal${BRIDGE}-${idx}.qcow2"
- (virsh list --all | grep -q $NAME) && continue
-
- virsh vol-list --pool $LIBVIRT_STORAGE_POOL | grep -q $VOL_NAME &&
- virsh vol-delete $VOL_NAME --pool $LIBVIRT_STORAGE_POOL >&2
- virsh vol-create-as $LIBVIRT_STORAGE_POOL ${VOL_NAME} ${DISK}G --format qcow2 $PREALLOC >&2
- volume_path=$(virsh vol-path --pool $LIBVIRT_STORAGE_POOL $VOL_NAME)
- # Pre-touch the VM to set +C, as it can only be set on empty files.
- sudo touch "$volume_path"
- sudo chattr +C "$volume_path" || true
- $TOP_DIR/scripts/configure-vm \
- --bootdev network --name $NAME --image "$volume_path" \
- --arch $ARCH --cpus $CPU --memory $MEM --libvirt-nic-driver $LIBVIRT_NIC_DRIVER \
- --emulator $EMULATOR --network $BRIDGE $VM_LOGGING >&2
-done
-
-for dom in $DOMS ; do
- # echo mac
- virsh dumpxml $dom | grep "mac address" | head -1 | cut -d\' -f2
-done
diff --git a/tools/jenkins/README.md b/tools/jenkins/README.md
deleted file mode 100644
index 3586da9..0000000
--- a/tools/jenkins/README.md
+++ /dev/null
@@ -1,38 +0,0 @@
-Getting Started With Jenkins and Devstack
-=========================================
-This little corner of devstack is to show how to get an OpenStack jenkins
-environment up and running quickly, using the rcb configuration methodology.
-
-
-To create a jenkins server
---------------------------
-
- cd tools/jenkins/jenkins_home
- ./build_jenkins.sh
-
-This will create a jenkins environment configured with sample test scripts that run against xen and kvm.
-
-Configuring XS
---------------
-In order to make the tests for XS work, you must install xs 5.6 on a separate machine,
-and install the the jenkins public key on that server. You then need to create the
-/var/lib/jenkins/xenrc on your jenkins server like so:
-
- MYSQL_PASSWORD=secrete
- SERVICE_TOKEN=secrete
- ADMIN_PASSWORD=secrete
- RABBIT_PASSWORD=secrete
- # This is the password for your guest (for both stack and root users)
- GUEST_PASSWORD=secrete
- # Do not download the usual images yet!
- IMAGE_URLS=""
- FLOATING_RANGE=192.168.1.224/28
- VIRT_DRIVER=xenserver
- # Explicitly set multi-host
- MULTI_HOST=1
- # Give extra time for boot
- ACTIVE_TIMEOUT=45
- # IMPORTANT: This is the ip of your xenserver
- XEN_IP=10.5.5.1
- # IMPORTANT: The following must be set to your dom0 root password!
- XENAPI_PASSWORD='MY_XEN_ROOT_PW'
diff --git a/tools/jenkins/adapters/euca.sh b/tools/jenkins/adapters/euca.sh
deleted file mode 100755
index a7e635c..0000000
--- a/tools/jenkins/adapters/euca.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-# Echo commands, exit on error
-set -o xtrace
-set -o errexit
-
-TOP_DIR=$(cd ../../.. && pwd)
-HEAD_IP=`cat $TOP_DIR/addresses | grep HEAD | cut -d "=" -f2`
-die_if_not_set $LINENO HEAD_IP "Failure retrieving HEAD_IP"
-ssh stack@$HEAD_IP 'cd devstack && source openrc && cd exercises && ./euca.sh'
diff --git a/tools/jenkins/adapters/floating_ips.sh b/tools/jenkins/adapters/floating_ips.sh
deleted file mode 100755
index 8da1eeb..0000000
--- a/tools/jenkins/adapters/floating_ips.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-# Echo commands, exit on error
-set -o xtrace
-set -o errexit
-
-TOP_DIR=$(cd ../../.. && pwd)
-HEAD_IP=`cat $TOP_DIR/addresses | grep HEAD | cut -d "=" -f2`
-die_if_not_set $LINENO HEAD_IP "Failure retrieving HEAD_IP"
-ssh stack@$HEAD_IP 'cd devstack && source openrc && cd exercises && ./floating_ips.sh'
diff --git a/tools/jenkins/adapters/swift.sh b/tools/jenkins/adapters/swift.sh
deleted file mode 100755
index c1362ee..0000000
--- a/tools/jenkins/adapters/swift.sh
+++ /dev/null
@@ -1,8 +0,0 @@
-#!/bin/bash
-# Echo commands, exit on error
-set -o xtrace
-set -o errexit
-
-TOP_DIR=$(cd ../../.. && pwd)
-HEAD_IP=`cat $TOP_DIR/addresses | grep HEAD | cut -d "=" -f2`
-ssh stack@$HEAD_IP 'cd devstack && source openrc && cd exercises && ./swift.sh'
diff --git a/tools/jenkins/adapters/volumes.sh b/tools/jenkins/adapters/volumes.sh
deleted file mode 100755
index 0a0b6c0..0000000
--- a/tools/jenkins/adapters/volumes.sh
+++ /dev/null
@@ -1,9 +0,0 @@
-#!/bin/bash
-# Echo commands, exit on error
-set -o xtrace
-set -o errexit
-
-TOP_DIR=$(cd ../../.. && pwd)
-HEAD_IP=`cat $TOP_DIR/addresses | grep HEAD | cut -d "=" -f2`
-die_if_not_set $LINENO HEAD_IP "Failure retrieving HEAD_IP"
-ssh stack@$HEAD_IP 'cd devstack && source openrc && cd exercises && ./volumes.sh'
diff --git a/tools/jenkins/build_configuration.sh b/tools/jenkins/build_configuration.sh
deleted file mode 100755
index 64ee159..0000000
--- a/tools/jenkins/build_configuration.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-
-EXECUTOR_NUMBER=$1
-CONFIGURATION=$2
-ADAPTER=$3
-RC=$4
-
-function usage {
- echo "Usage: $0 - Build a configuration"
- echo ""
- echo "$0 [EXECUTOR_NUMBER] [CONFIGURATION] [ADAPTER] [RC (optional)]"
- exit 1
-}
-
-# Validate inputs
-if [[ "$EXECUTOR_NUMBER" = "" || "$CONFIGURATION" = "" || "$ADAPTER" = "" ]]; then
- usage
-fi
-
-# Execute configuration script
-cd configurations && ./$CONFIGURATION.sh $EXECUTOR_NUMBER $CONFIGURATION $ADAPTER "$RC"
diff --git a/tools/jenkins/configurations/kvm.sh b/tools/jenkins/configurations/kvm.sh
deleted file mode 100755
index 6927fd7..0000000
--- a/tools/jenkins/configurations/kvm.sh
+++ /dev/null
@@ -1,64 +0,0 @@
-#!/bin/bash
-
-# exit on error to stop unexpected errors
-set -o errexit
-set -o xtrace
-
-EXECUTOR_NUMBER=$1
-CONFIGURATION=$2
-ADAPTER=$3
-RC=$4
-
-function usage {
- echo "Usage: $0 - Build a test configuration"
- echo ""
- echo "$0 [EXECUTOR_NUMBER] [CONFIGURATION] [ADAPTER] [RC (optional)]"
- exit 1
-}
-
-# Validate inputs
-if [[ "$EXECUTOR_NUMBER" = "" || "$CONFIGURATION" = "" || "$ADAPTER" = "" ]]; then
- usage
-fi
-
-# This directory
-CUR_DIR=$(cd $(dirname "$0") && pwd)
-
-# devstack directory
-cd ../../..
-TOP_DIR=$(pwd)
-
-# Deps
-apt-get install -y --force-yes libvirt-bin || true
-
-# Name test instance based on executor
-BASE_NAME=executor-`printf "%02d" $EXECUTOR_NUMBER`
-GUEST_NAME=$BASE_NAME.$ADAPTER
-virsh list | grep $BASE_NAME | cut -d " " -f1 | xargs -n 1 virsh destroy || true
-virsh net-list | grep $BASE_NAME | cut -d " " -f1 | xargs -n 1 virsh net-destroy || true
-
-# Configure localrc
-cat <<EOF >localrc
-RECLONE=yes
-GUEST_NETWORK=$EXECUTOR_NUMBER
-GUEST_NAME=$GUEST_NAME
-FLOATING_RANGE=192.168.$EXECUTOR_NUMBER.128/27
-GUEST_CORES=1
-GUEST_RAM=12574720
-MYSQL_PASSWORD=chicken
-RABBIT_PASSWORD=chicken
-SERVICE_TOKEN=chicken
-SERVICE_PASSWORD=chicken
-ADMIN_PASSWORD=chicken
-USERNAME=admin
-TENANT=admin
-NET_NAME=$BASE_NAME
-ACTIVE_TIMEOUT=45
-BOOT_TIMEOUT=45
-$RC
-EOF
-cd tools
-sudo ./build_uec.sh
-
-# Make the address of the instances available to test runners
-echo HEAD=`cat /var/lib/libvirt/dnsmasq/$BASE_NAME.leases | cut -d " " -f3` > $TOP_DIR/addresses
diff --git a/tools/jenkins/configurations/xs.sh b/tools/jenkins/configurations/xs.sh
deleted file mode 100755
index 7b671e9..0000000
--- a/tools/jenkins/configurations/xs.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/bin/bash
-set -o errexit
-set -o xtrace
-
-
-EXECUTOR_NUMBER=$1
-CONFIGURATION=$2
-ADAPTER=$3
-RC=$4
-
-function usage {
- echo "Usage: $0 - Build a test configuration"
- echo ""
- echo "$0 [EXECUTOR_NUMBER] [CONFIGURATION] [ADAPTER] [RC (optional)]"
- exit 1
-}
-
-# Validate inputs
-if [[ "$EXECUTOR_NUMBER" = "" || "$CONFIGURATION" = "" || "$ADAPTER" = "" ]]; then
- usage
-fi
-
-# Configuration of xenrc
-XENRC=/var/lib/jenkins/xenrc
-if [ ! -e $XENRC ]; then
- echo "/var/lib/jenkins/xenrc is not present! See README.md"
- exit 1
-fi
-
-# Move to top of devstack
-cd ../../..
-
-# Use xenrc as the start of our localrc
-cp $XENRC localrc
-
-# Set the PUB_IP
-PUB_IP=192.168.1.1$EXECUTOR_NUMBER
-echo "PUB_IP=$PUB_IP" >> localrc
-
-# Overrides
-echo "$RC" >> localrc
-
-# Source localrc
-. localrc
-
-# Make host ip available to tester
-echo "HEAD=$PUB_IP" > addresses
-
-# Build configuration
-REMOTE_DEVSTACK=/root/devstack
-ssh root@$XEN_IP "rm -rf $REMOTE_DEVSTACK"
-scp -pr . root@$XEN_IP:$REMOTE_DEVSTACK
-ssh root@$XEN_IP "cd $REMOTE_DEVSTACK/tools/xen && ./build_domU.sh"
diff --git a/tools/jenkins/jenkins_home/.gitignore b/tools/jenkins/jenkins_home/.gitignore
deleted file mode 100644
index d831d01..0000000
--- a/tools/jenkins/jenkins_home/.gitignore
+++ /dev/null
@@ -1,3 +0,0 @@
-builds
-workspace
-*.sw*
diff --git a/tools/jenkins/jenkins_home/build_jenkins.sh b/tools/jenkins/jenkins_home/build_jenkins.sh
deleted file mode 100755
index a556db0..0000000
--- a/tools/jenkins/jenkins_home/build_jenkins.sh
+++ /dev/null
@@ -1,108 +0,0 @@
-#!/bin/bash
-
-# Echo commands, exit on error
-set -o xtrace
-set -o errexit
-
-# Make sure only root can run our script
-if [[ $EUID -ne 0 ]]; then
- echo "This script must be run as root"
- exit 1
-fi
-
-# This directory
-CUR_DIR=$(cd $(dirname "$0") && pwd)
-
-# Configure trunk jenkins!
-echo "deb http://pkg.jenkins-ci.org/debian binary/" > /etc/apt/sources.list.d/jenkins.list
-wget -q -O - http://pkg.jenkins-ci.org/debian/jenkins-ci.org.key | sudo apt-key add -
-apt-get update
-
-
-# Clean out old jenkins - useful if you are having issues upgrading
-CLEAN_JENKINS=${CLEAN_JENKINS:-no}
-if [ "$CLEAN_JENKINS" = "yes" ]; then
- apt-get remove jenkins jenkins-common
-fi
-
-# Install software
-DEPS="jenkins cloud-utils"
-apt-get install -y --force-yes $DEPS
-
-# Install jenkins
-if [ ! -e /var/lib/jenkins ]; then
- echo "Jenkins installation failed"
- exit 1
-fi
-
-# Make sure user has configured a jenkins ssh pubkey
-if [ ! -e /var/lib/jenkins/.ssh/id_rsa.pub ]; then
- echo "Public key for jenkins is missing. This is used to ssh into your instances."
- echo "Please run "su -c ssh-keygen jenkins" before proceeding"
- exit 1
-fi
-
-# Setup sudo
-JENKINS_SUDO=/etc/sudoers.d/jenkins
-cat > $JENKINS_SUDO <<EOF
-jenkins ALL = NOPASSWD: ALL
-EOF
-chmod 440 $JENKINS_SUDO
-
-# Setup .gitconfig
-JENKINS_GITCONF=/var/lib/jenkins/hudson.plugins.git.GitSCM.xml
-cat > $JENKINS_GITCONF <<EOF
-<?xml version='1.0' encoding='UTF-8'?>
-<hudson.plugins.git.GitSCM_-DescriptorImpl>
- <generation>4</generation>
- <globalConfigName>Jenkins</globalConfigName>
- <globalConfigEmail>jenkins@rcb.me</globalConfigEmail>
-</hudson.plugins.git.GitSCM_-DescriptorImpl>
-EOF
-
-# Add build numbers
-JOBS=`ls jobs`
-for job in ${JOBS// / }; do
- if [ ! -e jobs/$job/nextBuildNumber ]; then
- echo 1 > jobs/$job/nextBuildNumber
- fi
-done
-
-# Set ownership to jenkins
-chown -R jenkins $CUR_DIR
-
-# Make sure this directory is accessible to jenkins
-if ! su -c "ls $CUR_DIR" jenkins; then
- echo "Your devstack directory is not accessible by jenkins."
- echo "There is a decent chance you are trying to run this from a directory in /root."
- echo "If so, try moving devstack elsewhere (eg. /opt/devstack)."
- exit 1
-fi
-
-# Move aside old jobs, if present
-if [ ! -h /var/lib/jenkins/jobs ]; then
- echo "Installing jobs symlink"
- if [ -d /var/lib/jenkins/jobs ]; then
- mv /var/lib/jenkins/jobs /var/lib/jenkins/jobs.old
- fi
-fi
-
-# Set up jobs symlink
-rm -f /var/lib/jenkins/jobs
-ln -s $CUR_DIR/jobs /var/lib/jenkins/jobs
-
-# List of plugins
-PLUGINS=http://hudson-ci.org/downloads/plugins/build-timeout/1.6/build-timeout.hpi,http://mirrors.jenkins-ci.org/plugins/git/1.1.12/git.hpi,http://hudson-ci.org/downloads/plugins/global-build-stats/1.2/global-build-stats.hpi,http://hudson-ci.org/downloads/plugins/greenballs/1.10/greenballs.hpi,http://download.hudson-labs.org/plugins/console-column-plugin/1.0/console-column-plugin.hpi
-
-# Configure plugins
-for plugin in ${PLUGINS//,/ }; do
- name=`basename $plugin`
- dest=/var/lib/jenkins/plugins/$name
- if [ ! -e $dest ]; then
- curl -L $plugin -o $dest
- fi
-done
-
-# Restart jenkins
-/etc/init.d/jenkins stop || true
-/etc/init.d/jenkins start
diff --git a/tools/jenkins/jenkins_home/clean.sh b/tools/jenkins/jenkins_home/clean.sh
deleted file mode 100755
index eb03022..0000000
--- a/tools/jenkins/jenkins_home/clean.sh
+++ /dev/null
@@ -1,21 +0,0 @@
-#!/bin/bash
-# This script is not yet for general consumption.
-
-set -o errexit
-
-if [ ! "$FORCE" = "yes" ]; then
- echo "FORCE not set to 'yes'. Make sure this is something you really want to do. Exiting."
- exit 1
-fi
-
-virsh list | cut -d " " -f1 | grep -v "-" | egrep -e "[0-9]" | xargs -n 1 virsh destroy || true
-virsh net-list | grep active | cut -d " " -f1 | xargs -n 1 virsh net-destroy || true
-killall dnsmasq || true
-if [ "$CLEAN" = "yes" ]; then
- rm -rf jobs
-fi
-rm /var/lib/jenkins/jobs
-git checkout -f
-git fetch
-git merge origin/jenkins
-./build_jenkins.sh
diff --git a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/config.xml b/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/config.xml
deleted file mode 100644
index 94c51f5..0000000
--- a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/config.xml
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<matrix-project>
- <actions/>
- <description></description>
- <keepDependencies>false</keepDependencies>
- <properties>
- <hudson.model.ParametersDefinitionProperty>
- <parameterDefinitions>
- <hudson.model.StringParameterDefinition>
- <name>RC</name>
- <description></description>
- <defaultValue></defaultValue>
- </hudson.model.StringParameterDefinition>
- </parameterDefinitions>
- </hudson.model.ParametersDefinitionProperty>
- </properties>
- <scm class="hudson.plugins.git.GitSCM">
- <configVersion>2</configVersion>
- <userRemoteConfigs>
- <hudson.plugins.git.UserRemoteConfig>
- <name>origin</name>
- <refspec>+refs/heads/*:refs/remotes/origin/*</refspec>
- <url>git://github.com/cloudbuilders/devstack.git</url>
- </hudson.plugins.git.UserRemoteConfig>
- </userRemoteConfigs>
- <branches>
- <hudson.plugins.git.BranchSpec>
- <name>master</name>
- </hudson.plugins.git.BranchSpec>
- </branches>
- <recursiveSubmodules>false</recursiveSubmodules>
- <doGenerateSubmoduleConfigurations>false</doGenerateSubmoduleConfigurations>
- <authorOrCommitter>false</authorOrCommitter>
- <clean>false</clean>
- <wipeOutWorkspace>false</wipeOutWorkspace>
- <pruneBranches>false</pruneBranches>
- <remotePoll>false</remotePoll>
- <buildChooser class="hudson.plugins.git.util.DefaultBuildChooser"/>
- <gitTool>Default</gitTool>
- <submoduleCfg class="list"/>
- <relativeTargetDir></relativeTargetDir>
- <excludedRegions></excludedRegions>
- <excludedUsers></excludedUsers>
- <gitConfigName></gitConfigName>
- <gitConfigEmail></gitConfigEmail>
- <skipTag>false</skipTag>
- <scmName></scmName>
- </scm>
- <canRoam>true</canRoam>
- <disabled>false</disabled>
- <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
- <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
- <triggers class="vector"/>
- <concurrentBuild>false</concurrentBuild>
- <axes>
- <hudson.matrix.TextAxis>
- <name>ADAPTER</name>
- <values>
- <string>euca</string>
- <string>floating_ips</string>
- </values>
- </hudson.matrix.TextAxis>
- </axes>
- <builders>
- <hudson.tasks.Shell>
- <command>sed -i 's/) 2>&1 | tee "${LOGFILE}"/)/' stack.sh</command>
- </hudson.tasks.Shell>
- <hudson.tasks.Shell>
- <command>set -o errexit
-cd tools/jenkins
-sudo ./build_configuration.sh $EXECUTOR_NUMBER kvm $ADAPTER "$RC"</command>
- </hudson.tasks.Shell>
- <hudson.tasks.Shell>
- <command>set -o errexit
-cd tools/jenkins
-./run_test.sh $EXECUTOR_NUMBER $ADAPTER $RC "$RC"</command>
- </hudson.tasks.Shell>
- </builders>
- <publishers/>
- <buildWrappers/>
- <runSequentially>false</runSequentially>
-</matrix-project>
diff --git a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/euca/config.xml b/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/euca/config.xml
deleted file mode 100644
index 0be70a5..0000000
--- a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/euca/config.xml
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<matrix-config>
- <keepDependencies>false</keepDependencies>
- <properties/>
- <scm class="hudson.scm.NullSCM"/>
- <canRoam>false</canRoam>
- <disabled>false</disabled>
- <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
- <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
- <triggers class="vector"/>
- <concurrentBuild>false</concurrentBuild>
- <builders/>
- <publishers/>
- <buildWrappers/>
-</matrix-config>
\ No newline at end of file
diff --git a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/floatingips/config.xml b/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/floatingips/config.xml
deleted file mode 100644
index 0be70a5..0000000
--- a/tools/jenkins/jenkins_home/jobs/diablo-kvm_ha/configurations/axis-ADAPTER/floatingips/config.xml
+++ /dev/null
@@ -1,15 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<matrix-config>
- <keepDependencies>false</keepDependencies>
- <properties/>
- <scm class="hudson.scm.NullSCM"/>
- <canRoam>false</canRoam>
- <disabled>false</disabled>
- <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
- <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
- <triggers class="vector"/>
- <concurrentBuild>false</concurrentBuild>
- <builders/>
- <publishers/>
- <buildWrappers/>
-</matrix-config>
\ No newline at end of file
diff --git a/tools/jenkins/jenkins_home/jobs/diablo-xs_ha/config.xml b/tools/jenkins/jenkins_home/jobs/diablo-xs_ha/config.xml
deleted file mode 100644
index 49a57f0..0000000
--- a/tools/jenkins/jenkins_home/jobs/diablo-xs_ha/config.xml
+++ /dev/null
@@ -1,88 +0,0 @@
-<?xml version='1.0' encoding='UTF-8'?>
-<matrix-project>
- <actions/>
- <description>In order for this to work, you must create a /var/lib/jenkins/xenrc file as described in README.md</description>
- <keepDependencies>false</keepDependencies>
- <properties>
- <hudson.model.ParametersDefinitionProperty>
- <parameterDefinitions>
- <hudson.model.StringParameterDefinition>
- <name>RC</name>
- <description></description>
- <defaultValue></defaultValue>
- </hudson.model.StringParameterDefinition>
- </parameterDefinitions>
- </hudson.model.ParametersDefinitionProperty>
- </properties>
- <scm class="hudson.plugins.git.GitSCM">
- <configVersion>2</configVersion>
- <userRemoteConfigs>
- <hudson.plugins.git.UserRemoteConfig>
- <name>origin</name>
- <refspec>+refs/heads/*:refs/remotes/origin/*</refspec>
- <url>git://github.com/cloudbuilders/devstack.git</url>
- </hudson.plugins.git.UserRemoteConfig>
- </userRemoteConfigs>
- <branches>
- <hudson.plugins.git.BranchSpec>
- <name>master</name>
- </hudson.plugins.git.BranchSpec>
- </branches>
- <recursiveSubmodules>false</recursiveSubmodules>
- <doGenerateSubmoduleConfigurations>false</doGenerateSubmoduleConfigurations>
- <authorOrCommitter>false</authorOrCommitter>
- <clean>false</clean>
- <wipeOutWorkspace>false</wipeOutWorkspace>
- <pruneBranches>false</pruneBranches>
- <remotePoll>false</remotePoll>
- <buildChooser class="hudson.plugins.git.util.DefaultBuildChooser"/>
- <gitTool>Default</gitTool>
- <submoduleCfg class="list"/>
- <relativeTargetDir></relativeTargetDir>
- <excludedRegions></excludedRegions>
- <excludedUsers></excludedUsers>
- <gitConfigName></gitConfigName>
- <gitConfigEmail></gitConfigEmail>
- <skipTag>false</skipTag>
- <scmName></scmName>
- </scm>
- <canRoam>true</canRoam>
- <disabled>false</disabled>
- <blockBuildWhenDownstreamBuilding>false</blockBuildWhenDownstreamBuilding>
- <blockBuildWhenUpstreamBuilding>false</blockBuildWhenUpstreamBuilding>
- <triggers class="vector"/>
- <concurrentBuild>false</concurrentBuild>
- <axes>
- <hudson.matrix.TextAxis>
- <name>ADAPTER</name>
- <values>
- <string>euca</string>
- <string>floating_ips</string>
- </values>
- </hudson.matrix.TextAxis>
- </axes>
- <builders>
- <hudson.tasks.Shell>
- <command>sed -i 's/) 2>&1 | tee "${LOGFILE}"/)/' stack.sh</command>
- </hudson.tasks.Shell>
- <hudson.tasks.Shell>
- <command>set -o errexit
-cd tools/jenkins
-sudo ./build_configuration.sh $EXECUTOR_NUMBER xs $ADAPTER "$RC"</command>
- </hudson.tasks.Shell>
- <hudson.tasks.Shell>
- <command>#!/bin/bash
-set -o errexit
-set -o xtrace
-
-. localrc
-
-# Unlike kvm, ssh to the xen host to run tests, in case the test instance is launch with a host only network
-ssh root@$XEN_IP "cd devstack && . localrc && cd tools/jenkins && ./run_test.sh $EXECUTOR_NUMBER $ADAPTER '$RC'"
-</command>
- </hudson.tasks.Shell>
- </builders>
- <publishers/>
- <buildWrappers/>
- <runSequentially>true</runSequentially>
-</matrix-project>
diff --git a/tools/jenkins/jenkins_home/print_summary.py b/tools/jenkins/jenkins_home/print_summary.py
deleted file mode 100755
index 8be500b..0000000
--- a/tools/jenkins/jenkins_home/print_summary.py
+++ /dev/null
@@ -1,58 +0,0 @@
-#!/usr/bin/python
-
-# Licensed under the Apache License, Version 2.0 (the "License"); you may
-# not use this file except in compliance with the License. You may obtain
-# a copy of the License at
-#
-# http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
-# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
-# License for the specific language governing permissions and limitations
-# under the License.
-
-import json
-import sys
-import urllib
-
-
-def print_usage():
- print("Usage: %s [jenkins_url (eg. http://50.56.12.202:8080/)]"
- % sys.argv[0])
- sys.exit()
-
-
-def fetch_blob(url):
- return json.loads(urllib.urlopen(url + '/api/json').read())
-
-
-if len(sys.argv) < 2:
- print_usage()
-
-BASE_URL = sys.argv[1]
-
-root = fetch_blob(BASE_URL)
-results = {}
-for job_url in root['jobs']:
- job = fetch_blob(job_url['url'])
- if job.get('activeConfigurations'):
- (tag, name) = job['name'].split('-')
- if not results.get(tag):
- results[tag] = {}
- if not results[tag].get(name):
- results[tag][name] = []
-
- for config_url in job['activeConfigurations']:
- config = fetch_blob(config_url['url'])
-
- log_url = ''
- if config.get('lastBuild'):
- log_url = config['lastBuild']['url'] + 'console'
-
- results[tag][name].append({'test': config['displayName'],
- 'status': config['color'],
- 'logUrl': log_url,
- 'healthReport': config['healthReport']})
-
-print(json.dumps(results))
diff --git a/tools/jenkins/run_test.sh b/tools/jenkins/run_test.sh
deleted file mode 100755
index d2b8284..0000000
--- a/tools/jenkins/run_test.sh
+++ /dev/null
@@ -1,20 +0,0 @@
-#!/bin/bash
-
-EXECUTOR_NUMBER=$1
-ADAPTER=$2
-RC=$3
-
-function usage {
- echo "Usage: $0 - Run a test"
- echo ""
- echo "$0 [EXECUTOR_NUMBER] [ADAPTER] [RC (optional)]"
- exit 1
-}
-
-# Validate inputs
-if [[ "$EXECUTOR_NUMBER" = "" || "$ADAPTER" = "" ]]; then
- usage
-fi
-
-# Execute configuration script
-cd adapters && ./$ADAPTER.sh $EXECUTOR_NUMBER $ADAPTER "$RC"
diff --git a/tools/warm_apts_for_uec.sh b/tools/warm_apts_for_uec.sh
deleted file mode 100755
index c57fc2e..0000000
--- a/tools/warm_apts_for_uec.sh
+++ /dev/null
@@ -1,53 +0,0 @@
-#!/usr/bin/env bash
-
-# **warm_apts_for_uec.sh**
-
-# Echo commands
-set -o xtrace
-
-# Exit on error to stop unexpected errors
-set -o errexit
-
-# Keep track of the current directory
-TOOLS_DIR=$(cd $(dirname "$0") && pwd)
-TOP_DIR=`cd $TOOLS_DIR/..; pwd`
-
-# Change dir to top of devstack
-cd $TOP_DIR
-
-# Echo usage
-function usage {
- echo "Cache OpenStack dependencies on a uec image to speed up performance."
- echo ""
- echo "Usage: $0 [full path to raw uec base image]"
-}
-
-# Make sure this is a raw image
-if ! qemu-img info $1 | grep -q "file format: raw"; then
- usage
- exit 1
-fi
-
-# Make sure we are in the correct dir
-if [ ! -d files/apts ]; then
- echo "Please run this script from devstack/tools/"
- exit 1
-fi
-
-# Mount the image
-STAGING_DIR=/tmp/`echo $1 | sed "s/\//_/g"`.stage
-mkdir -p $STAGING_DIR
-umount $STAGING_DIR || true
-sleep 1
-mount -t ext4 -o loop $1 $STAGING_DIR
-
-# Make sure that base requirements are installed
-cp /etc/resolv.conf $STAGING_DIR/etc/resolv.conf
-
-# Perform caching on the base image to speed up subsequent runs
-chroot $STAGING_DIR apt-get update
-chroot $STAGING_DIR apt-get install -y --download-only `cat files/apts/* | grep NOPRIME | cut -d\# -f1`
-chroot $STAGING_DIR apt-get install -y --force-yes `cat files/apts/* | grep -v NOPRIME | cut -d\# -f1` || true
-
-# Unmount
-umount $STAGING_DIR
diff --git a/tools/xen/build_xva.sh b/tools/xen/build_xva.sh
index cc3cbe1..7c8e620 100755
--- a/tools/xen/build_xva.sh
+++ b/tools/xen/build_xva.sh
@@ -21,19 +21,12 @@
# This directory
TOP_DIR=$(cd $(dirname "$0") && pwd)
-# Source lower level functions
-. $TOP_DIR/../../functions
-
# Include onexit commands
. $TOP_DIR/scripts/on_exit.sh
# xapi functions
. $TOP_DIR/functions
-# Determine what system we are running on.
-# Might not be XenServer if we're using xenserver-core
-GetDistro
-
# Source params - override xenrc params in your localrc to suite your taste
source xenrc
diff --git a/tools/xen/devstackubuntupreseed.cfg b/tools/xen/devstackubuntupreseed.cfg
index 6a1ae89..94e6e96 100644
--- a/tools/xen/devstackubuntupreseed.cfg
+++ b/tools/xen/devstackubuntupreseed.cfg
@@ -297,9 +297,9 @@
### Apt setup
# You can choose to install restricted and universe software, or to install
# software from the backports repository.
-#d-i apt-setup/restricted boolean true
-#d-i apt-setup/universe boolean true
-#d-i apt-setup/backports boolean true
+d-i apt-setup/restricted boolean true
+d-i apt-setup/universe boolean true
+d-i apt-setup/backports boolean true
# Uncomment this if you don't want to use a network mirror.
#d-i apt-setup/use_mirror boolean false
# Select which update services to use; define the mirrors to be used.
@@ -366,7 +366,7 @@
# With a few exceptions for unusual partitioning setups, GRUB 2 is now the
# default. If you need GRUB Legacy for some particular reason, then
# uncomment this:
-#d-i grub-installer/grub2_instead_of_grub_legacy boolean false
+d-i grub-installer/grub2_instead_of_grub_legacy boolean false
# This is fairly safe to set, it makes grub install automatically to the MBR
# if no other operating system is detected on the machine.
diff --git a/tools/xen/functions b/tools/xen/functions
index ab0be84..c8efd57 100644
--- a/tools/xen/functions
+++ b/tools/xen/functions
@@ -19,10 +19,6 @@
return 1
}
-function zip_snapshot_location {
- echo $1 | sed "s,^git://,http://,g;s:\.git$::;s:$:/zipball/$2:g"
-}
-
function create_directory_for_kernels {
if [ -d "/boot/guest" ]; then
echo "INFO: /boot/guest directory already exists, using that" >&2
@@ -43,42 +39,6 @@
fi
}
-function extract_remote_zipball {
- local ZIPBALL_URL=$1
-
- local LOCAL_ZIPBALL=$(mktemp)
- local EXTRACTED_FILES=$(mktemp -d)
-
- {
- if ! wget -nv $ZIPBALL_URL -O $LOCAL_ZIPBALL --no-check-certificate; then
- die_with_error "Failed to download [$ZIPBALL_URL]"
- fi
- unzip -q -o $LOCAL_ZIPBALL -d $EXTRACTED_FILES
- rm -f $LOCAL_ZIPBALL
- } >&2
-
- echo "$EXTRACTED_FILES"
-}
-
-function find_xapi_plugins_dir {
- find $1 -path '*/xapi.d/plugins' -type d -print
-}
-
-function install_xapi_plugins_from {
- local XAPI_PLUGIN_DIR
- local EXTRACTED_FILES
- local EXTRACTED_PLUGINS_DIR
-
- EXTRACTED_FILES="$1"
-
- XAPI_PLUGIN_DIR=$(xapi_plugin_location)
-
- EXTRACTED_PLUGINS_DIR=$(find_xapi_plugins_dir $EXTRACTED_FILES)
-
- cp -pr $EXTRACTED_PLUGINS_DIR/* $XAPI_PLUGIN_DIR
- chmod a+x ${XAPI_PLUGIN_DIR}*
-}
-
function get_local_sr {
xe pool-list params=default-SR minimal=true
}
@@ -93,7 +53,7 @@
echo $pbd_path
}
-function find_ip_by_name() {
+function find_ip_by_name {
local guest_name="$1"
local interface="$2"
@@ -121,7 +81,7 @@
done
}
-function _vm_uuid() {
+function _vm_uuid {
local vm_name_label
vm_name_label="$1"
@@ -129,14 +89,14 @@
xe vm-list name-label="$vm_name_label" --minimal
}
-function _create_new_network() {
+function _create_new_network {
local name_label
name_label=$1
xe network-create name-label="$name_label"
}
-function _multiple_networks_with_name() {
+function _multiple_networks_with_name {
local name_label
name_label=$1
@@ -144,21 +104,21 @@
xe network-list name-label="$name_label" --minimal | grep -q ","
}
-function _network_exists() {
+function _network_exists {
local name_label
name_label=$1
! [ -z "$(xe network-list name-label="$name_label" --minimal)" ]
}
-function _bridge_exists() {
+function _bridge_exists {
local bridge
bridge=$1
! [ -z "$(xe network-list bridge="$bridge" --minimal)" ]
}
-function _network_uuid() {
+function _network_uuid {
local bridge_or_net_name
bridge_or_net_name=$1
@@ -169,7 +129,7 @@
fi
}
-function add_interface() {
+function add_interface {
local vm_name_label
local bridge_or_network_name
@@ -185,7 +145,7 @@
xe vif-create network-uuid=$net vm-uuid=$vm device=$device_number
}
-function setup_network() {
+function setup_network {
local bridge_or_net_name
bridge_or_net_name=$1
@@ -204,7 +164,7 @@
fi
}
-function bridge_for() {
+function bridge_for {
local bridge_or_net_name
bridge_or_net_name=$1
@@ -215,29 +175,28 @@
fi
}
-function xenapi_ip_on() {
+function xenapi_ip_on {
local bridge_or_net_name
bridge_or_net_name=$1
ifconfig $(bridge_for "$bridge_or_net_name") | grep "inet addr" | cut -d ":" -f2 | sed "s/ .*//"
}
-function xenapi_is_listening_on() {
+function xenapi_is_listening_on {
local bridge_or_net_name
bridge_or_net_name=$1
! [ -z $(xenapi_ip_on "$bridge_or_net_name") ]
}
-function parameter_is_specified() {
+function parameter_is_specified {
local parameter_name
parameter_name=$1
compgen -v | grep "$parameter_name"
}
-function append_kernel_cmdline()
-{
+function append_kernel_cmdline {
local vm_name_label
local kernel_args
@@ -252,8 +211,7 @@
xe vm-param-set PV-args="$pv_args $kernel_args" uuid=$vm
}
-function destroy_all_vifs_of()
-{
+function destroy_all_vifs_of {
local vm_name_label
vm_name_label="$1"
@@ -268,11 +226,11 @@
unset IFS
}
-function have_multiple_hosts() {
+function have_multiple_hosts {
xe host-list --minimal | grep -q ","
}
-function attach_network() {
+function attach_network {
local bridge_or_net_name
bridge_or_net_name="$1"
@@ -286,7 +244,7 @@
xe network-attach uuid=$net host-uuid=$host
}
-function set_vm_memory() {
+function set_vm_memory {
local vm_name_label
local memory
@@ -305,7 +263,7 @@
uuid=$vm
}
-function max_vcpus() {
+function max_vcpus {
local vm_name_label
vm_name_label="$1"
@@ -337,7 +295,7 @@
xe vm-param-set uuid=$vm VCPUs-at-startup=$cpu_count
}
-function get_domid() {
+function get_domid {
local vm_name_label
vm_name_label="$1"
diff --git a/tools/xen/install_os_domU.sh b/tools/xen/install_os_domU.sh
index 12e861e..3a63473 100755
--- a/tools/xen/install_os_domU.sh
+++ b/tools/xen/install_os_domU.sh
@@ -22,19 +22,12 @@
# This directory
THIS_DIR=$(cd $(dirname "$0") && pwd)
-# Source lower level functions
-. $THIS_DIR/../../functions
-
# Include onexit commands
. $THIS_DIR/scripts/on_exit.sh
# xapi functions
. $THIS_DIR/functions
-# Determine what system we are running on.
-# Might not be XenServer if we're using xenserver-core
-GetDistro
-
#
# Get Settings
#
@@ -65,16 +58,6 @@
exit 1
fi
-# Install plugins
-
-## Install the netwrap xapi plugin to support agent control of dom0 networking
-if [[ "$ENABLED_SERVICES" =~ "q-agt" && "$Q_PLUGIN" = "openvswitch" ]]; then
- NEUTRON_ZIPBALL_URL=${NEUTRON_ZIPBALL_URL:-$(zip_snapshot_location $NEUTRON_REPO $NEUTRON_BRANCH)}
- EXTRACTED_NEUTRON=$(extract_remote_zipball "$NEUTRON_ZIPBALL_URL")
- install_xapi_plugins_from "$EXTRACTED_NEUTRON"
- rm -rf "$EXTRACTED_NEUTRON"
-fi
-
#
# Configure Networking
#
@@ -88,9 +71,7 @@
# With neutron, one more network is required, which is internal to the
# hypervisor, and used by the VMs
-if is_service_enabled neutron; then
- setup_network "$XEN_INT_BRIDGE_OR_NET_NAME"
-fi
+setup_network "$XEN_INT_BRIDGE_OR_NET_NAME"
if parameter_is_specified "FLAT_NETWORK_BRIDGE"; then
if [ "$(bridge_for "$VM_BRIDGE_OR_NET_NAME")" != "$(bridge_for "$FLAT_NETWORK_BRIDGE")" ]; then
@@ -171,6 +152,7 @@
echo "Waiting for the VM to halt. Progress in-VM can be checked with vncviewer:"
mgmt_ip=$(echo $XENAPI_CONNECTION_URL | tr -d -c '1234567890.')
domid=$(get_domid "$GUEST_NAME")
+ sleep 20 # Wait for the vnc-port to be written
port=$(xenstore-read /local/domain/$domid/console/vnc-port)
echo "vncviewer -via root@$mgmt_ip localhost:${port:2}"
while true; do
@@ -243,6 +225,11 @@
vm_uuid=$(xe vm-install template="$TNAME" new-name-label="$GUEST_NAME")
fi
+if [ -n "${EXIT_AFTER_JEOS_INSTALLATION:-}" ]; then
+ echo "User requested to quit after JEOS instalation"
+ exit 0
+fi
+
#
# Prepare VM for DevStack
#
@@ -286,14 +273,12 @@
# Attach a network interface for the integration network (so that the bridge
# is created by XenServer). This is required for Neutron. Also pass that as a
# kernel parameter for DomU
-if is_service_enabled neutron; then
- attach_network "$XEN_INT_BRIDGE_OR_NET_NAME"
+attach_network "$XEN_INT_BRIDGE_OR_NET_NAME"
- XEN_INTEGRATION_BRIDGE=$(bridge_for "$XEN_INT_BRIDGE_OR_NET_NAME")
- append_kernel_cmdline \
- "$GUEST_NAME" \
- "xen_integration_bridge=${XEN_INTEGRATION_BRIDGE}"
-fi
+XEN_INTEGRATION_BRIDGE=$(bridge_for "$XEN_INT_BRIDGE_OR_NET_NAME")
+append_kernel_cmdline \
+ "$GUEST_NAME" \
+ "xen_integration_bridge=${XEN_INTEGRATION_BRIDGE}"
FLAT_NETWORK_BRIDGE="${FLAT_NETWORK_BRIDGE:-$(bridge_for "$VM_BRIDGE_OR_NET_NAME")}"
append_kernel_cmdline "$GUEST_NAME" "flat_network_bridge=${FLAT_NETWORK_BRIDGE}"
@@ -393,7 +378,7 @@
# Watch devstack's output (which doesn't start until stack.sh is running,
# but wait for run.sh (which starts stack.sh) to exit as that is what
- # hopefully writes the succeded cookie.
+ # hopefully writes the succeeded cookie.
pid=`ssh_no_check -q stack@$OS_VM_MANAGEMENT_ADDRESS pgrep run.sh`
ssh_no_check -q stack@$OS_VM_MANAGEMENT_ADDRESS "tail --pid $pid -n +1 -f /tmp/devstack/log/stack.log"
diff --git a/tools/xen/prepare_guest.sh b/tools/xen/prepare_guest.sh
index 2b5e418..7383c91 100755
--- a/tools/xen/prepare_guest.sh
+++ b/tools/xen/prepare_guest.sh
@@ -74,6 +74,7 @@
apt-get update
apt-get install -y cracklib-runtime curl wget ssh openssh-server tcpdump ethtool
apt-get install -y curl wget ssh openssh-server python-pip git sudo python-netaddr
+apt-get install -y coreutils
pip install xenapi
# Install XenServer guest utilities
@@ -113,7 +114,6 @@
if [ ! -e $1 ]; then
# Simple but usable vimrc
cat > $1 <<EOF
-syntax on
se ts=4
se expandtab
se shiftwidth=4
diff --git a/tools/xen/prepare_guest_template.sh b/tools/xen/prepare_guest_template.sh
index e6a7e02..6cb2ca7 100755
--- a/tools/xen/prepare_guest_template.sh
+++ b/tools/xen/prepare_guest_template.sh
@@ -22,19 +22,12 @@
# This directory
TOP_DIR=$(cd $(dirname "$0") && pwd)
-# Source lower level functions
-. $TOP_DIR/../../functions
-
# Include onexit commands
. $TOP_DIR/scripts/on_exit.sh
# xapi functions
. $TOP_DIR/functions
-# Determine what system we are running on.
-# Might not be XenServer if we're using xenserver-core
-GetDistro
-
# Source params - override xenrc params in your localrc to suite your taste
source xenrc
@@ -93,3 +86,35 @@
# Need to set barrier=0 to avoid a Xen bug
# https://bugs.launchpad.net/ubuntu/+source/linux/+bug/824089
sed -i -e 's/errors=/barrier=0,errors=/' $STAGING_DIR/etc/fstab
+
+# Update ubuntu repositories
+cat > $STAGING_DIR/etc/apt/sources.list << EOF
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} main restricted
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} main restricted
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates main restricted
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates main restricted
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} universe
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} universe
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates universe
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates universe
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} multiverse
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE} multiverse
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates multiverse
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-updates multiverse
+deb http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-backports main restricted universe multiverse
+deb-src http://${UBUNTU_INST_HTTP_HOSTNAME}${UBUNTU_INST_HTTP_DIRECTORY} ${UBUNTU_INST_RELEASE}-backports main restricted universe multiverse
+
+deb http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security main restricted
+deb-src http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security main restricted
+deb http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security universe
+deb-src http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security universe
+deb http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security multiverse
+deb-src http://security.ubuntu.com/ubuntu ${UBUNTU_INST_RELEASE}-security multiverse
+EOF
+
+rm -f $STAGING_DIR/etc/apt/apt.conf
+if [ -n "$UBUNTU_INST_HTTP_PROXY" ]; then
+ cat > $STAGING_DIR/etc/apt/apt.conf << EOF
+Acquire::http::Proxy "$UBUNTU_INST_HTTP_PROXY";
+EOF
+fi
diff --git a/tools/xen/scripts/install_ubuntu_template.sh b/tools/xen/scripts/install_ubuntu_template.sh
index d4d6567..d80ed09 100755
--- a/tools/xen/scripts/install_ubuntu_template.sh
+++ b/tools/xen/scripts/install_ubuntu_template.sh
@@ -14,9 +14,6 @@
# This directory
BASE_DIR=$(cd $(dirname "$0") && pwd)
-# Source the top level functions
-source $BASE_DIR/../../../functions
-
# For default setings see xenrc
source $BASE_DIR/../xenrc
diff --git a/tools/xen/test_functions.sh b/tools/xen/test_functions.sh
index 838f86a..924e773 100755
--- a/tools/xen/test_functions.sh
+++ b/tools/xen/test_functions.sh
@@ -116,18 +116,6 @@
grep "[ -d /usr/lib/xcp/plugins/ ]" $LIST_OF_ACTIONS
}
-function test_zip_snapshot_location_http {
- diff \
- <(zip_snapshot_location "http://github.com/openstack/nova.git" "master") \
- <(echo "http://github.com/openstack/nova/zipball/master")
-}
-
-function test_zip_snapsot_location_git {
- diff \
- <(zip_snapshot_location "git://github.com/openstack/nova.git" "master") \
- <(echo "http://github.com/openstack/nova/zipball/master")
-}
-
function test_create_directory_for_kernels {
(
. mocks
@@ -174,37 +162,6 @@
EOF
}
-function test_extract_remote_zipball {
- local RESULT=$(. mocks && extract_remote_zipball "someurl")
-
- diff <(cat $LIST_OF_ACTIONS) - << EOF
-wget -nv someurl -O tempfile --no-check-certificate
-unzip -q -o tempfile -d tempdir
-rm -f tempfile
-EOF
-
- [ "$RESULT" = "tempdir" ]
-}
-
-function test_extract_remote_zipball_wget_fail {
- set +e
-
- local IGNORE
- IGNORE=$(. mocks && extract_remote_zipball "failurl")
-
- assert_died_with "Failed to download [failurl]"
-}
-
-function test_find_nova_plugins {
- local tmpdir=$(mktemp -d)
-
- mkdir -p "$tmpdir/blah/blah/u/xapi.d/plugins"
-
- [ "$tmpdir/blah/blah/u/xapi.d/plugins" = $(find_xapi_plugins_dir $tmpdir) ]
-
- rm -rf $tmpdir
-}
-
function test_get_local_sr {
setup_xe_response "uuid123"
diff --git a/tools/xen/xenrc b/tools/xen/xenrc
index 278bb9b..0cbf861 100644
--- a/tools/xen/xenrc
+++ b/tools/xen/xenrc
@@ -63,15 +63,15 @@
PUB_NETMASK=${PUB_NETMASK:-255.255.255.0}
# Ubuntu install settings
-UBUNTU_INST_RELEASE="saucy"
-UBUNTU_INST_TEMPLATE_NAME="Ubuntu 13.10 (64-bit) for DevStack"
+UBUNTU_INST_RELEASE="trusty"
+UBUNTU_INST_TEMPLATE_NAME="Ubuntu 14.04 (64-bit) for DevStack"
# For 12.04 use "precise" and update template name
# However, for 12.04, you should be using
# XenServer 6.1 and later or XCP 1.6 or later
# 11.10 is only really supported with XenServer 6.0.2 and later
UBUNTU_INST_ARCH="amd64"
-UBUNTU_INST_HTTP_HOSTNAME="archive.ubuntu.net"
-UBUNTU_INST_HTTP_DIRECTORY="/ubuntu"
+UBUNTU_INST_HTTP_HOSTNAME="mirror.anl.gov"
+UBUNTU_INST_HTTP_DIRECTORY="/pub/ubuntu"
UBUNTU_INST_HTTP_PROXY=""
UBUNTU_INST_LOCALE="en_US"
UBUNTU_INST_KEYBOARD="us"
@@ -91,7 +91,24 @@
# Set the size to 0 to avoid creation of additional disk.
XEN_XVDB_SIZE_GB=0
-restore_nounset=`set +o | grep nounset`
+STACK_USER=stack
+DOMZERO_USER=domzero
+
+RC_DIR="../.."
+
+restore_nounset=$(set +o | grep nounset)
set +u
-source ../../stackrc
+
+## Note that the lines below are coming from stackrc to support
+## new-style config files
+
+# allow local overrides of env variables, including repo config
+if [[ -f $RC_DIR/localrc ]]; then
+ # Old-style user-supplied config
+ source $RC_DIR/localrc
+elif [[ -f $RC_DIR/.localrc.auto ]]; then
+ # New-style user-supplied config extracted from local.conf
+ source $RC_DIR/.localrc.auto
+fi
+
$restore_nounset
diff --git a/tox.ini b/tox.ini
new file mode 100644
index 0000000..c8d3909
--- /dev/null
+++ b/tox.ini
@@ -0,0 +1,40 @@
+[tox]
+minversion = 1.6
+skipsdist = True
+envlist = bashate
+
+[testenv]
+usedevelop = False
+install_command = pip install {opts} {packages}
+
+[testenv:bashate]
+deps = bashate
+whitelist_externals = bash
+commands = bash -c "find {toxinidir} \
+ -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs
+ -not \( -type d -name doc -prune \) \ # skip documentation
+ -type f \ # only files
+ -not -name \*~ \ # skip editors, readme, etc
+ -not -name \*.md \
+ \( \
+ -name \*.sh -or \
+ -name \*rc -or \
+ -name functions\* -or \
+ -wholename \*/lib/\* \ # /lib files are shell, but
+ \) \ # have no extension
+ -print0 | xargs -0 bashate -v"
+
+[testenv:docs]
+deps =
+ Pygments
+ docutils
+ sphinx>=1.1.2,<1.2
+ pbr>=0.6,!=0.7,<1.0
+ oslosphinx
+whitelist_externals = bash
+setenv =
+ TOP_DIR={toxinidir}
+ INSTALL_SHOCCO=true
+commands =
+ bash tools/build_docs.sh
+ python setup.py build_sphinx
diff --git a/unstack.sh b/unstack.sh
index fe5fc77..fee608e 100755
--- a/unstack.sh
+++ b/unstack.sh
@@ -55,6 +55,7 @@
source $TOP_DIR/lib/neutron
source $TOP_DIR/lib/baremetal
source $TOP_DIR/lib/ldap
+source $TOP_DIR/lib/dstat
# Extras Source
# --------------
@@ -162,6 +163,8 @@
cleanup_trove
fi
+stop_dstat
+
# Clean up the remainder of the screen processes
SCREEN=$(which screen)
if [[ -n "$SCREEN" ]]; then
@@ -170,5 +173,3 @@
screen -X -S $SESSION quit
fi
fi
-
-cleanup_tmp
