Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 1bd2a1b18601fa4f896160c348f2f5988d8b0106 / . / lib / quantum
blob: 288a3279a005fd80d6fbe09832da6a0a57b93d65 [file] [log] [blame]
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]1# lib/quantum
2# functions - funstions specific to quantum
3
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]4# Dependencies:
5# ``functions`` file
6# ``DEST`` must be defined
7
8
9# Quantum Networking
10# ------------------
11
12# Make sure that quantum is enabled in ``ENABLED_SERVICES``. If you want
13# to run Quantum on this host, make sure that q-svc is also in
14# ``ENABLED_SERVICES``.
15#
16# If you're planning to use the Quantum openvswitch plugin, set
17# ``Q_PLUGIN`` to "openvswitch" and make sure the q-agt service is enabled
18# in ``ENABLED_SERVICES``. If you're planning to use the Quantum
19# linuxbridge plugin, set ``Q_PLUGIN`` to "linuxbridge" and make sure the
20# q-agt service is enabled in ``ENABLED_SERVICES``.
21#
22# See "Quantum Network Configuration" below for additional variables
23# that must be set in localrc for connectivity across hosts with
24# Quantum.
25#
26# With Quantum networking the NET_MAN variable is ignored.
27
28
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]29# Save trace setting
30XTRACE=$(set +o | grep xtrace)
31set +o xtrace
32
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]33
34# Defaults
35# --------
36
37# Set up default directories
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]38QUANTUM_DIR=$DEST/quantum
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]39QUANTUMCLIENT_DIR=$DEST/python-quantumclient
Gary Kotton9343df12012-11-28 10:05:53 +0000[diff] [blame]40QUANTUM_AUTH_CACHE_DIR=${QUANTUM_AUTH_CACHE_DIR:-/var/cache/quantum}
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]41
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]42QUANTUM_CONF_DIR=/etc/quantum
43QUANTUM_CONF=$QUANTUM_CONF_DIR/quantum.conf
44export QUANTUM_TEST_CONFIG_FILE=${QUANTUM_TEST_CONFIG_FILE:-"$QUANTUM_CONF_DIR/debug.ini"}
45
46# Default Quantum Plugin
47Q_PLUGIN=${Q_PLUGIN:-openvswitch}
48# Default Quantum Port
49Q_PORT=${Q_PORT:-9696}
50# Default Quantum Host
51Q_HOST=${Q_HOST:-$HOST_IP}
52# Which Quantum API nova should use
53# Default admin username
54Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-quantum}
55# Default auth strategy
56Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone}
57# Use namespace or not
58Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True}
59Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True}
60# Meta data IP
61Q_META_DATA_IP=${Q_META_DATA_IP:-$HOST_IP}
62# Use quantum-debug command
63Q_USE_DEBUG_COMMAND=${Q_USE_DEBUG_COMMAND:-False}
64
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]65if is_service_enabled quantum; then
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]66 Q_RR_CONF_FILE=$QUANTUM_CONF_DIR/rootwrap.conf
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]67 if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
68 Q_RR_COMMAND="sudo"
69 else
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]70 QUANTUM_ROOTWRAP=$(get_rootwrap_location quantum)
71 Q_RR_COMMAND="sudo $QUANTUM_ROOTWRAP $Q_RR_CONF_FILE"
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]72 fi
73fi
74
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]75
76# Entry Points
77# ------------
78
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]79# configure_quantum_rootwrap() - configure Quantum's rootwrap
80function configure_quantum_rootwrap() {
81 if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
82 return
83 fi
84 # Deploy new rootwrap filters files (owned by root).
85 # Wipe any existing rootwrap.d files first
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]86 Q_CONF_ROOTWRAP_D=$QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]87 if [[ -d $Q_CONF_ROOTWRAP_D ]]; then
88 sudo rm -rf $Q_CONF_ROOTWRAP_D
89 fi
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]90 # Deploy filters to $QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]91 mkdir -p -m 755 $Q_CONF_ROOTWRAP_D
92 cp -pr $QUANTUM_DIR/etc/quantum/rootwrap.d/* $Q_CONF_ROOTWRAP_D/
93 sudo chown -R root:root $Q_CONF_ROOTWRAP_D
94 sudo chmod 644 $Q_CONF_ROOTWRAP_D/*
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]95 # Set up rootwrap.conf, pointing to $QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]96 sudo cp -p $QUANTUM_DIR/etc/rootwrap.conf $Q_RR_CONF_FILE
97 sudo sed -e "s:^filters_path=.*$:filters_path=$Q_CONF_ROOTWRAP_D:" -i $Q_RR_CONF_FILE
98 sudo chown root:root $Q_RR_CONF_FILE
99 sudo chmod 0644 $Q_RR_CONF_FILE
100 # Specify rootwrap.conf as first parameter to quantum-rootwrap
101 ROOTWRAP_SUDOER_CMD="$QUANTUM_ROOTWRAP $Q_RR_CONF_FILE *"
102
103 # Set up the rootwrap sudoers for quantum
104 TEMPFILE=`mktemp`
105 echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
106 chmod 0440 $TEMPFILE
107 sudo chown root:root $TEMPFILE
108 sudo mv $TEMPFILE /etc/sudoers.d/quantum-rootwrap
109}
110
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]111# Configures keystone integration for quantum service and agents
112function quantum_setup_keystone() {
113 local conf_file=$1
114 local section=$2
115 local use_auth_url=$3
116 if [[ -n $use_auth_url ]]; then
117 iniset $conf_file $section auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0"
118 else
119 iniset $conf_file $section auth_host $KEYSTONE_SERVICE_HOST
120 iniset $conf_file $section auth_port $KEYSTONE_AUTH_PORT
121 iniset $conf_file $section auth_protocol $KEYSTONE_SERVICE_PROTOCOL
122 fi
123 iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
124 iniset $conf_file $section admin_user $Q_ADMIN_USERNAME
125 iniset $conf_file $section admin_password $SERVICE_PASSWORD
Akihiro MOTOKI5e3deb62012-12-11 17:09:02 +0900[diff] [blame]126 iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR
127 # Create cache dir
128 sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR
129 sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]130}
131
132function quantum_setup_ovs_bridge() {
133 local bridge=$1
134 for PORT in `sudo ovs-vsctl --no-wait list-ports $bridge`; do
135 if [[ "$PORT" =~ tap* ]]; then echo `sudo ip link delete $PORT` > /dev/null; fi
136 sudo ovs-vsctl --no-wait del-port $bridge $PORT
137 done
138 sudo ovs-vsctl --no-wait -- --if-exists del-br $bridge
139 sudo ovs-vsctl --no-wait add-br $bridge
140 sudo ovs-vsctl --no-wait br-set-external-id $bridge bridge-id $bridge
141}
142
Yoshihiro Kaneko602cf9b2012-07-23 06:27:36 +0000[diff] [blame]143function quantum_setup_external_bridge() {
144 local bridge=$1
145 # Create it if it does not exist
146 sudo ovs-vsctl --no-wait -- --may-exist add-br $bridge
147 # remove internal ports
148 for PORT in `sudo ovs-vsctl --no-wait list-ports $bridge`; do
149 TYPE=$(sudo ovs-vsctl get interface $PORT type)
150 if [[ "$TYPE" == "internal" ]]; then
151 echo `sudo ip link delete $PORT` > /dev/null
152 sudo ovs-vsctl --no-wait del-port $bridge $PORT
153 fi
154 done
155 # ensure no IP is configured on the public bridge
156 sudo ip addr flush dev $bridge
157}
158
159function is_quantum_ovs_base_plugin() {
Dean Troyer5a4148d2012-10-23 15:47:01 -0500[diff] [blame]160 local plugin=$1
Yoshihiro Kaneko602cf9b2012-07-23 06:27:36 +0000[diff] [blame]161 if [[ ",openvswitch,ryu," =~ ,${plugin}, ]]; then
162 return 0
163 fi
164 return 1
165}
166
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]167function _get_net_id() {
168 quantum --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD net-list | grep $1 | awk '{print $2}'
169}
170
171function _get_probe_cmd_prefix() {
172 local from_net="$1"
173 net_id=`_get_net_id $from_net`
174 probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1`
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]175 echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]176}
177
178function delete_probe() {
179 local from_net="$1"
180 net_id=`_get_net_id $from_net`
181 probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'`
182 quantum-debug --os-tenant-name admin --os-username admin probe-delete $probe_id
183}
184
185function _ping_check_quantum() {
186 local from_net=$1
187 local ip=$2
188 local timeout_sec=$3
189 local expected=${4:-"True"}
190 local check_command=""
191 probe_cmd=`_get_probe_cmd_prefix $from_net`
192 if [[ "$expected" = "True" ]]; then
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]193 check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]194 else
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]195 check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]196 fi
197 if ! timeout $timeout_sec sh -c "$check_command"; then
198 if [[ "$expected" = "True" ]]; then
199 echo "[Fail] Couldn't ping server"
200 else
201 echo "[Fail] Could ping server"
202 fi
203 exit 1
204 fi
205}
206
207# ssh check
208function _ssh_check_quantum() {
209 local from_net=$1
210 local key_file=$2
211 local ip=$3
212 local user=$4
213 local timeout_sec=$5
214 local probe_cmd = ""
215 probe_cmd=`_get_probe_cmd_prefix $from_net`
216 if ! timeout $timeout_sec sh -c "while ! $probe_cmd ssh -o StrictHostKeyChecking=no -i $key_file ${user}@$ip echo success ; do sleep 1; done"; then
217 echo "server didn't become ssh-able!"
218 exit 1
219 fi
220}
221
222function setup_quantum() {
223 public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME`
224 quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $public_net_id
225 private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME`
226 quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $private_net_id
227}
228
229function teardown_quantum() {
230 delete_probe $PUBLIC_NETWORK_NAME
231 delete_probe $PRIVATE_NETWORK_NAME
232}
233
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]234# Restore xtrace
235$XTRACE