Gitiles
Code Review Sign In
spfactory.storpool.com / devstack / 23431f352618372b6204c3a591653784d77effa1 / . / lib / quantum
blob: 480aaa17d81dc2cd51cbc2da33d5919ca844a427 [file] [log] [blame]
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]1# lib/quantum
2# functions - funstions specific to quantum
3
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]4# Dependencies:
5# ``functions`` file
6# ``DEST`` must be defined
7
8
9# Quantum Networking
10# ------------------
11
12# Make sure that quantum is enabled in ``ENABLED_SERVICES``. If you want
13# to run Quantum on this host, make sure that q-svc is also in
14# ``ENABLED_SERVICES``.
15#
16# If you're planning to use the Quantum openvswitch plugin, set
17# ``Q_PLUGIN`` to "openvswitch" and make sure the q-agt service is enabled
18# in ``ENABLED_SERVICES``. If you're planning to use the Quantum
19# linuxbridge plugin, set ``Q_PLUGIN`` to "linuxbridge" and make sure the
20# q-agt service is enabled in ``ENABLED_SERVICES``.
21#
22# See "Quantum Network Configuration" below for additional variables
23# that must be set in localrc for connectivity across hosts with
24# Quantum.
25#
26# With Quantum networking the NET_MAN variable is ignored.
27
28
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]29# Save trace setting
30XTRACE=$(set +o | grep xtrace)
31set +o xtrace
32
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]33
34# Defaults
35# --------
36
37# Set up default directories
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]38QUANTUM_DIR=$DEST/quantum
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]39QUANTUMCLIENT_DIR=$DEST/python-quantumclient
Gary Kotton9343df12012-11-28 10:05:53 +0000[diff] [blame]40QUANTUM_AUTH_CACHE_DIR=${QUANTUM_AUTH_CACHE_DIR:-/var/cache/quantum}
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]41
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]42QUANTUM_CONF_DIR=/etc/quantum
43QUANTUM_CONF=$QUANTUM_CONF_DIR/quantum.conf
44export QUANTUM_TEST_CONFIG_FILE=${QUANTUM_TEST_CONFIG_FILE:-"$QUANTUM_CONF_DIR/debug.ini"}
45
46# Default Quantum Plugin
47Q_PLUGIN=${Q_PLUGIN:-openvswitch}
48# Default Quantum Port
49Q_PORT=${Q_PORT:-9696}
50# Default Quantum Host
51Q_HOST=${Q_HOST:-$HOST_IP}
52# Which Quantum API nova should use
53# Default admin username
54Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-quantum}
55# Default auth strategy
56Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone}
57# Use namespace or not
58Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True}
59Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True}
60# Meta data IP
61Q_META_DATA_IP=${Q_META_DATA_IP:-$HOST_IP}
62# Use quantum-debug command
63Q_USE_DEBUG_COMMAND=${Q_USE_DEBUG_COMMAND:-False}
64
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]65if is_service_enabled quantum; then
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]66 Q_RR_CONF_FILE=$QUANTUM_CONF_DIR/rootwrap.conf
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]67 if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
68 Q_RR_COMMAND="sudo"
69 else
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]70 QUANTUM_ROOTWRAP=$(get_rootwrap_location quantum)
71 Q_RR_COMMAND="sudo $QUANTUM_ROOTWRAP $Q_RR_CONF_FILE"
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]72 fi
73fi
74
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]75
76# Entry Points
77# ------------
78
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]79# configure_quantum_rootwrap() - configure Quantum's rootwrap
80function configure_quantum_rootwrap() {
81 if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
82 return
83 fi
84 # Deploy new rootwrap filters files (owned by root).
85 # Wipe any existing rootwrap.d files first
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]86 Q_CONF_ROOTWRAP_D=$QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]87 if [[ -d $Q_CONF_ROOTWRAP_D ]]; then
88 sudo rm -rf $Q_CONF_ROOTWRAP_D
89 fi
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]90 # Deploy filters to $QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]91 mkdir -p -m 755 $Q_CONF_ROOTWRAP_D
92 cp -pr $QUANTUM_DIR/etc/quantum/rootwrap.d/* $Q_CONF_ROOTWRAP_D/
93 sudo chown -R root:root $Q_CONF_ROOTWRAP_D
94 sudo chmod 644 $Q_CONF_ROOTWRAP_D/*
Dean Troyer60e9c0a2012-12-06 15:52:52 -0600[diff] [blame]95 # Set up rootwrap.conf, pointing to $QUANTUM_CONF_DIR/rootwrap.d
Nachi Uenoeb1aa3d2012-12-06 11:55:29 -0800[diff] [blame]96 sudo cp -p $QUANTUM_DIR/etc/rootwrap.conf $Q_RR_CONF_FILE
97 sudo sed -e "s:^filters_path=.*$:filters_path=$Q_CONF_ROOTWRAP_D:" -i $Q_RR_CONF_FILE
98 sudo chown root:root $Q_RR_CONF_FILE
99 sudo chmod 0644 $Q_RR_CONF_FILE
100 # Specify rootwrap.conf as first parameter to quantum-rootwrap
101 ROOTWRAP_SUDOER_CMD="$QUANTUM_ROOTWRAP $Q_RR_CONF_FILE *"
102
103 # Set up the rootwrap sudoers for quantum
104 TEMPFILE=`mktemp`
105 echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
106 chmod 0440 $TEMPFILE
107 sudo chown root:root $TEMPFILE
108 sudo mv $TEMPFILE /etc/sudoers.d/quantum-rootwrap
109}
110
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]111# Configures keystone integration for quantum service and agents
112function quantum_setup_keystone() {
113 local conf_file=$1
114 local section=$2
115 local use_auth_url=$3
116 if [[ -n $use_auth_url ]]; then
117 iniset $conf_file $section auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0"
118 else
119 iniset $conf_file $section auth_host $KEYSTONE_SERVICE_HOST
120 iniset $conf_file $section auth_port $KEYSTONE_AUTH_PORT
121 iniset $conf_file $section auth_protocol $KEYSTONE_SERVICE_PROTOCOL
122 fi
123 iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
124 iniset $conf_file $section admin_user $Q_ADMIN_USERNAME
125 iniset $conf_file $section admin_password $SERVICE_PASSWORD
Akihiro MOTOKI5e3deb62012-12-11 17:09:02 +0900[diff] [blame]126 iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR
127 # Create cache dir
128 sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR
129 sudo chown `whoami` $QUANTUM_AUTH_CACHE_DIR
Vishvananda Ishaya23431f32012-12-12 15:57:33 -0800[diff] [blame^]130 rm -f $QUANTUM_AUTH_CACHE_DIR/*
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]131}
132
133function quantum_setup_ovs_bridge() {
134 local bridge=$1
135 for PORT in `sudo ovs-vsctl --no-wait list-ports $bridge`; do
136 if [[ "$PORT" =~ tap* ]]; then echo `sudo ip link delete $PORT` > /dev/null; fi
137 sudo ovs-vsctl --no-wait del-port $bridge $PORT
138 done
139 sudo ovs-vsctl --no-wait -- --if-exists del-br $bridge
140 sudo ovs-vsctl --no-wait add-br $bridge
141 sudo ovs-vsctl --no-wait br-set-external-id $bridge bridge-id $bridge
142}
143
Yoshihiro Kaneko602cf9b2012-07-23 06:27:36 +0000[diff] [blame]144function quantum_setup_external_bridge() {
145 local bridge=$1
146 # Create it if it does not exist
147 sudo ovs-vsctl --no-wait -- --may-exist add-br $bridge
148 # remove internal ports
149 for PORT in `sudo ovs-vsctl --no-wait list-ports $bridge`; do
150 TYPE=$(sudo ovs-vsctl get interface $PORT type)
151 if [[ "$TYPE" == "internal" ]]; then
152 echo `sudo ip link delete $PORT` > /dev/null
153 sudo ovs-vsctl --no-wait del-port $bridge $PORT
154 fi
155 done
156 # ensure no IP is configured on the public bridge
157 sudo ip addr flush dev $bridge
158}
159
160function is_quantum_ovs_base_plugin() {
Dean Troyer5a4148d2012-10-23 15:47:01 -0500[diff] [blame]161 local plugin=$1
Yoshihiro Kaneko602cf9b2012-07-23 06:27:36 +0000[diff] [blame]162 if [[ ",openvswitch,ryu," =~ ,${plugin}, ]]; then
163 return 0
164 fi
165 return 1
166}
167
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]168function _get_net_id() {
169 quantum --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD net-list | grep $1 | awk '{print $2}'
170}
171
172function _get_probe_cmd_prefix() {
173 local from_net="$1"
174 net_id=`_get_net_id $from_net`
175 probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1`
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]176 echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]177}
178
179function delete_probe() {
180 local from_net="$1"
181 net_id=`_get_net_id $from_net`
182 probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'`
183 quantum-debug --os-tenant-name admin --os-username admin probe-delete $probe_id
184}
185
186function _ping_check_quantum() {
187 local from_net=$1
188 local ip=$2
189 local timeout_sec=$3
190 local expected=${4:-"True"}
191 local check_command=""
192 probe_cmd=`_get_probe_cmd_prefix $from_net`
193 if [[ "$expected" = "True" ]]; then
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]194 check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]195 else
Nachi Ueno8bc21f62012-11-19 22:04:28 -0800[diff] [blame]196 check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
Nachi Ueno5db5bfa2012-10-29 11:25:29 -0700[diff] [blame]197 fi
198 if ! timeout $timeout_sec sh -c "$check_command"; then
199 if [[ "$expected" = "True" ]]; then
200 echo "[Fail] Couldn't ping server"
201 else
202 echo "[Fail] Could ping server"
203 fi
204 exit 1
205 fi
206}
207
208# ssh check
209function _ssh_check_quantum() {
210 local from_net=$1
211 local key_file=$2
212 local ip=$3
213 local user=$4
214 local timeout_sec=$5
215 local probe_cmd = ""
216 probe_cmd=`_get_probe_cmd_prefix $from_net`
217 if ! timeout $timeout_sec sh -c "while ! $probe_cmd ssh -o StrictHostKeyChecking=no -i $key_file ${user}@$ip echo success ; do sleep 1; done"; then
218 echo "server didn't become ssh-able!"
219 exit 1
220 fi
221}
222
223function setup_quantum() {
224 public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME`
225 quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $public_net_id
226 private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME`
227 quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $private_net_id
228}
229
230function teardown_quantum() {
231 delete_probe $PUBLIC_NETWORK_NAME
232 delete_probe $PRIVATE_NETWORK_NAME
233}
234
Salvatore Orlandod6767d02012-08-31 04:55:20 -0700[diff] [blame]235# Restore xtrace
236$XTRACE