A self-contained one-node baremetal openstack.
The 'boot-stack' element is a self-contained, baremetal openstack. Upon first boot, it will initialize itself with default keystone users, nova flavors, etc. Change-Id: Ib0c411627154a3d666f74513c6b8edfbfbf6c07e
This commit is contained in:
parent
a256d77ccb
commit
08f27d3556
|
@ -0,0 +1,36 @@
|
|||
A self-contained one-node baremetal openstack.
|
||||
|
||||
## instructions for use:
|
||||
|
||||
- Edit "virtual_power_user" in config.json, if using the VirtualPowerDriver.
|
||||
|
||||
- Build this element into an image and boot it. (see https://github.com/tripleo/incubator)
|
||||
|
||||
- SSH in as `root`.
|
||||
|
||||
- Upon first boot, it will take a couple minutes to initialize nova and glance. Progress can be observed in `/var/log/first-boot.d.log`. `/opt/stack/boot-stack/ok` will be touched upon completion
|
||||
|
||||
- `source` OpenStack credentials from /root/stackrc.
|
||||
|
||||
- Allow nova ssh access to your host, if using VirtualPowerDriver:
|
||||
```bash
|
||||
ssh -o StrictHostKeyChecking=no \
|
||||
-o UserKnownHostsFile=/dev/null \
|
||||
root@192.168.122.144 cat /opt/stack/boot-stack/virtual-power-key.pub >> ~/.ssh/authorized_keys
|
||||
```
|
||||
|
||||
- Add some baremetal nodes to nova. e.g.:
|
||||
|
||||
```bash
|
||||
nova baremetal-node-create ubuntu 1 2 10 52:54:00:bc:2c:1a --pm_address 192.168.122.1 --pm_user $USER --pm_password $PASS
|
||||
nova baremetal-interface-add $id 52:54:00:bc:2c:1a
|
||||
# in a few seconds, an entry will appear in the nova.compute_nodes table, after which the bm node is ready.
|
||||
```
|
||||
|
||||
- If a disk image existed at `/root/demo.qcow2` during first boot, it will already be in glance. Else, or if you wish to install more images, see /usr/local/bin/reset-nova for an example.
|
||||
|
||||
- Perform a baremetal-boot: `nova boot --image demo --flavor baremetal test"
|
||||
|
||||
- See progress in the logs: `boot-stack-logs`
|
||||
|
||||
- At any time, you may completely reset OpenStack state: `sudo wipe-openstack`
|
|
@ -0,0 +1,34 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
if [[ $EUID -ne 0 ]]; then
|
||||
echo "ERROR: you must be root to run this" 1>&2
|
||||
exit 1
|
||||
fi
|
||||
|
||||
scr_name=os-logs
|
||||
scr_file=$(mktemp)
|
||||
this_dir=$(cd `dirname "${BASH_SOURCE[0]}"` && pwd)
|
||||
|
||||
cat > $scr_file <<eof
|
||||
startup_message off
|
||||
hardstatus alwayslastline "%w"
|
||||
caption always "%{-b ..}%-w%{+b ..}[[%n%f*%t]]%{-}%+w"
|
||||
source $this_dir/../stackrc
|
||||
eof
|
||||
|
||||
for f in \
|
||||
/var/log/upstart/nova-compute.log \
|
||||
/var/log/upstart/nova-scheduler.log; do
|
||||
if [ -e $f ]; then
|
||||
echo "screen -t $(basename $f) sh -c \"tail -f $f | ccze\"" >> $scr_file
|
||||
fi
|
||||
done
|
||||
|
||||
echo "screen -t dnsmasq sh -c \"tail -f /var/log/syslog | grep dnsmasq\"" >> $scr_file
|
||||
echo "screen -t nova-list sh -c \"watch nova list\"" >> $scr_file
|
||||
|
||||
exec screen -c $scr_file
|
|
@ -0,0 +1,27 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
db_pass=$(os-config-applier --key db-password)
|
||||
|
||||
service mysql restart
|
||||
|
||||
PATH=/usr/local/bin:$PATH
|
||||
venvs=/opt/stack/venvs
|
||||
|
||||
os-db-create keystone keystone $db_pass
|
||||
$venvs/keystone/bin/keystone-manage db_sync
|
||||
|
||||
os-db-create cinder cinder $db_pass
|
||||
$venvs/cinder/bin/cinder-manage db sync
|
||||
|
||||
os-db-create nova nova $db_pass
|
||||
$venvs/nova/bin/nova-manage db sync
|
||||
|
||||
os-db-create nova_bm nova $db_pass
|
||||
$venvs/nova/bin/nova-baremetal-manage db sync
|
||||
|
||||
os-db-create glance glance $db_pass
|
||||
$venvs/glance/bin/glance-manage db_sync
|
||||
|
||||
os-db-create ovs_quantum quantum $db_pass
|
||||
|
|
@ -0,0 +1,274 @@
|
|||
#!/usr/bin/env bash
|
||||
|
||||
# Copyright 2012 OpenStack LLC
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
# Sample initial data for Keystone using python-keystoneclient
|
||||
#
|
||||
# This script is based on the original DevStack keystone_data.sh script.
|
||||
#
|
||||
# It demonstrates how to bootstrap Keystone with an administrative user
|
||||
# using the SERVICE_TOKEN and SERVICE_ENDPOINT environment variables
|
||||
# and the administrative API. It will get the admin_token (SERVICE_TOKEN)
|
||||
# and admin_port from keystone.conf if available.
|
||||
#
|
||||
# There are two environment variables to set passwords that should be set
|
||||
# prior to running this script. Warnings will appear if they are unset.
|
||||
# * ADMIN_PASSWORD is used to set the password for the admin and demo accounts.
|
||||
# * SERVICE_PASSWORD is used to set the password for the service accounts.
|
||||
#
|
||||
# Enable the Swift and Quantum accounts by setting ENABLE_SWIFT and/or
|
||||
# ENABLE_QUANTUM environment variables.
|
||||
#
|
||||
# Enable creation of endpoints by setting ENABLE_ENDPOINTS environment variable.
|
||||
# Works with Catalog SQL backend. Do not use with Catalog Templated backend
|
||||
# (default).
|
||||
#
|
||||
# A set of EC2-compatible credentials is created for both admin and demo
|
||||
# users and placed in etc/ec2rc.
|
||||
#
|
||||
# Tenant User Roles
|
||||
# -------------------------------------------------------
|
||||
# admin admin admin
|
||||
# service glance admin
|
||||
# service nova admin
|
||||
# service quantum admin # if enabled
|
||||
# service swift admin # if enabled
|
||||
# demo admin admin
|
||||
# demo demo Member,sysadmin,netadmin
|
||||
# invisible_to_admin demo Member
|
||||
set -eux
|
||||
|
||||
PATH=/opt/stack/venvs/keystone/bin:/usr/local/bin:$PATH
|
||||
|
||||
# keystone ssl certs
|
||||
keystone-manage pki_setup
|
||||
chown -R keystone:keystone /etc/keystone/ssl
|
||||
|
||||
ADMIN_PASSWORD=$(os-config-applier --key admin-password)
|
||||
SERVICE_PASSWORD=$(os-config-applier --key service-password)
|
||||
|
||||
# default boot-stack node credentials
|
||||
source /root/stackrc
|
||||
|
||||
ENABLE_ENDPOINTS=yes
|
||||
ENABLE_QUANTUM=yes
|
||||
ENABLE_SWIFT=yes
|
||||
CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
|
||||
CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
|
||||
CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}
|
||||
|
||||
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
|
||||
KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
|
||||
if [[ -r "$KEYSTONE_CONF" ]]; then
|
||||
EC2RC="$(dirname "$KEYSTONE_CONF")/ec2rc"
|
||||
elif [[ -r "$TOOLS_DIR/../etc/keystone.conf" ]]; then
|
||||
# assume git checkout
|
||||
KEYSTONE_CONF="$TOOLS_DIR/../etc/keystone.conf"
|
||||
EC2RC="$TOOLS_DIR/../etc/ec2rc"
|
||||
else
|
||||
KEYSTONE_CONF=""
|
||||
EC2RC="ec2rc"
|
||||
fi
|
||||
|
||||
# Extract some info from Keystone's configuration file
|
||||
if [[ -r "$KEYSTONE_CONF" ]]; then
|
||||
CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
|
||||
CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
|
||||
fi
|
||||
|
||||
export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
|
||||
if [[ -z "$SERVICE_TOKEN" ]]; then
|
||||
echo "No service token found."
|
||||
echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
export SERVICE_ENDPOINT=${SERVICE_ENDPOINT:-http://$CONTROLLER_PUBLIC_ADDRESS:${CONFIG_ADMIN_PORT:-35357}/v2.0}
|
||||
|
||||
function get_id () {
|
||||
echo `"$@" | grep ' id ' | awk '{print $4}'`
|
||||
}
|
||||
|
||||
|
||||
# Tenants
|
||||
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
|
||||
SERVICE_TENANT=$(get_id keystone tenant-create --name=service)
|
||||
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
|
||||
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
|
||||
|
||||
|
||||
# Users
|
||||
ADMIN_USER=$(get_id keystone user-create --name=admin \
|
||||
--pass="$ADMIN_PASSWORD" \
|
||||
--email=admin@example.com)
|
||||
DEMO_USER=$(get_id keystone user-create --name=demo \
|
||||
--pass="$ADMIN_PASSWORD" \
|
||||
--email=admin@example.com)
|
||||
|
||||
|
||||
# Roles
|
||||
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
|
||||
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
|
||||
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
|
||||
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
|
||||
SYSADMIN_ROLE=$(get_id keystone role-create --name=sysadmin)
|
||||
NETADMIN_ROLE=$(get_id keystone role-create --name=netadmin)
|
||||
|
||||
|
||||
# Add Roles to Users in Tenants
|
||||
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
|
||||
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
|
||||
keystone user-role-add --user-id $DEMO_USER --role-id $SYSADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||
keystone user-role-add --user-id $DEMO_USER --role-id $NETADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT
|
||||
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||
|
||||
# TODO(termie): these two might be dubious
|
||||
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
|
||||
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
|
||||
|
||||
|
||||
# Services
|
||||
NOVA_SERVICE=$(get_id \
|
||||
keystone service-create --name=nova \
|
||||
--type=compute \
|
||||
--description="Nova Compute Service")
|
||||
NOVA_USER=$(get_id keystone user-create --name=nova \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant-id $SERVICE_TENANT \
|
||||
--email=nova@example.com)
|
||||
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||
--user-id $NOVA_USER \
|
||||
--role-id $ADMIN_ROLE
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s"
|
||||
fi
|
||||
|
||||
EC2_SERVICE=$(get_id \
|
||||
keystone service-create --name=ec2 \
|
||||
--type=ec2 \
|
||||
--description="EC2 Compatibility Layer")
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud"
|
||||
fi
|
||||
|
||||
GLANCE_SERVICE=$(get_id \
|
||||
keystone service-create --name=glance \
|
||||
--type=image \
|
||||
--description="Glance Image Service")
|
||||
GLANCE_USER=$(get_id keystone user-create --name=glance \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant-id $SERVICE_TENANT \
|
||||
--email=glance@example.com)
|
||||
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||
--user-id $GLANCE_USER \
|
||||
--role-id $ADMIN_ROLE
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292/v1" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292/v1" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292/v1"
|
||||
fi
|
||||
|
||||
KEYSTONE_SERVICE=$(get_id \
|
||||
keystone service-create --name=keystone \
|
||||
--type=identity \
|
||||
--description="Keystone Identity Service")
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $KEYSTONE_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(public_port)s/v2.0" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(admin_port)s/v2.0" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(public_port)s/v2.0"
|
||||
fi
|
||||
|
||||
VOLUME_SERVICE=$(get_id \
|
||||
keystone service-create --name="nova-volume" \
|
||||
--type=volume \
|
||||
--description="Nova Volume Service")
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
|
||||
fi
|
||||
|
||||
keystone service-create --name="horizon" \
|
||||
--type=dashboard \
|
||||
--description="OpenStack Dashboard"
|
||||
|
||||
if [[ -n "$ENABLE_SWIFT" ]]; then
|
||||
SWIFT_SERVICE=$(get_id \
|
||||
keystone service-create --name=swift \
|
||||
--type="object-store" \
|
||||
--description="Swift Service")
|
||||
SWIFT_USER=$(get_id keystone user-create --name=swift \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant-id $SERVICE_TENANT \
|
||||
--email=swift@example.com)
|
||||
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||
--user-id $SWIFT_USER \
|
||||
--role-id $ADMIN_ROLE
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
|
||||
fi
|
||||
fi
|
||||
|
||||
if [[ -n "$ENABLE_QUANTUM" ]]; then
|
||||
QUANTUM_SERVICE=$(get_id \
|
||||
keystone service-create --name=quantum \
|
||||
--type=network \
|
||||
--description="Quantum Service")
|
||||
QUANTUM_USER=$(get_id keystone user-create --name=quantum \
|
||||
--pass="$SERVICE_PASSWORD" \
|
||||
--tenant-id $SERVICE_TENANT \
|
||||
--email=quantum@example.com)
|
||||
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||
--user-id $QUANTUM_USER \
|
||||
--role-id $ADMIN_ROLE
|
||||
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||
keystone endpoint-create --region RegionOne --service-id $QUANTUM_SERVICE \
|
||||
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9696" \
|
||||
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9696" \
|
||||
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9696"
|
||||
fi
|
||||
fi
|
||||
|
||||
|
||||
# create ec2 creds and parse the secret and access key returned
|
||||
RESULT=$(keystone ec2-credentials-create --tenant-id=$ADMIN_TENANT --user-id=$ADMIN_USER)
|
||||
ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||
ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||
|
||||
RESULT=$(keystone ec2-credentials-create --tenant-id=$DEMO_TENANT --user-id=$DEMO_USER)
|
||||
DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||
DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||
|
||||
|
||||
# write the secret and access to ec2rc
|
||||
cat > $EC2RC <<EOF
|
||||
ADMIN_ACCESS=$ADMIN_ACCESS
|
||||
ADMIN_SECRET=$ADMIN_SECRET
|
||||
DEMO_ACCESS=$DEMO_ACCESS
|
||||
DEMO_SECRET=$DEMO_SECRET
|
||||
EOF
|
|
@ -0,0 +1,53 @@
|
|||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
PATH=/usr/local/bin:$PATH
|
||||
|
||||
source /root/stackrc
|
||||
|
||||
arch=amd64
|
||||
|
||||
boot_stack=/opt/stack/boot-stack
|
||||
dib=/opt/stack/diskimage-builder
|
||||
|
||||
deploy_kernel=bm-deploy-kernel
|
||||
deploy_ramdisk=bm-deploy-ramdisk
|
||||
ls $boot_stack/$deploy_kernel || cp /boot/vmlinuz-$(uname -r) $boot_stack/$deploy_kernel
|
||||
chmod a+r $boot_stack/$deploy_kernel
|
||||
|
||||
ls $boot_stack/$deploy_ramdisk || $dib/bin/ramdisk-image-create deploy -o $boot_stack/$deploy_ramdisk
|
||||
|
||||
deploy_kernel_id=$(glance image-create --name $deploy_kernel --public --disk-format aki < "$boot_stack/$deploy_kernel" \
|
||||
| grep ' id ' | awk '{print $4}')
|
||||
deploy_ramdisk_id=$(glance image-create --name $deploy_ramdisk --public --disk-format ari < "$boot_stack/$deploy_ramdisk" \
|
||||
| grep ' id ' | awk '{print $4}')
|
||||
|
||||
nova flavor-create baremetal 256 512 10 1
|
||||
nova flavor-key baremetal set "cpu_arch"="$arch" \
|
||||
"baremetal:deploy_kernel_id"="$deploy_kernel_id" \
|
||||
"baremetal:deploy_ramdisk_id"="$deploy_ramdisk_id"
|
||||
|
||||
|
||||
# upload demo image to glance.
|
||||
image_name=demo
|
||||
kernel_image_name="$image_name-kernel"
|
||||
ramdisk_image_name="$image_name-ramdisk"
|
||||
|
||||
# upload /root/demo.qcow2 to glance, if it exists
|
||||
if [ -e /root/$image_name.qcow2 ]; then
|
||||
/opt/stack/diskimage-builder/bin/disk-image-get-kernel -x -d /root -o $image_name -i /root/$image_name.qcow2
|
||||
|
||||
kernel_id=$(glance image-create --name $kernel_image_name --public --disk-format aki < "/root/$image_name-initrd" \
|
||||
| grep ' id ' | awk '{print $4}')
|
||||
ramdisk_id=$(glance image-create --name $ramdisk_image_name --public --disk-format ari < "/root/$image_name-vmlinuz" \
|
||||
| grep ' id ' | awk '{print $4}')
|
||||
|
||||
glance image-create --name $image_name \
|
||||
--public \
|
||||
--disk-format qcow2 \
|
||||
--container-format bare \
|
||||
--property kernel_id=$kernel_id \
|
||||
--property ramdisk_id=$ramdisk_id < /root/$image_name.qcow2
|
||||
fi
|
||||
|
||||
|
|
@ -0,0 +1,56 @@
|
|||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
PATH=/usr/local/bin:$PATH
|
||||
source /root/stackrc
|
||||
|
||||
if ! grep boot-stack /etc/network/interfaces; then
|
||||
cat >> /etc/network/interfaces <<eof
|
||||
|
||||
# This interface was installed by the diskimage-builder boot-stack element.
|
||||
auto eth1
|
||||
iface eth1 inet static
|
||||
address 192.0.2.1
|
||||
netmask 255.255.255.0
|
||||
up iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775
|
||||
up iptables -t nat -A POSTROUTING -s 192.0.2.0/24 -o eth0 -j MASQUERADE
|
||||
up ip addr add 192.0.2.33/29 dev eth1
|
||||
|
||||
# Public Bridge
|
||||
# auto eth2
|
||||
# iface eth2 inet manual
|
||||
# up ifconfig \$IFACE 0.0.0.0 up
|
||||
# up ip link set \$IFACE promisc on
|
||||
# down ifconfig \$IFACE down
|
||||
eof
|
||||
fi
|
||||
|
||||
service networking restart
|
||||
service openvswitch-switch restart
|
||||
service quantum-server restart
|
||||
|
||||
OVS_PHYSICAL_BRIDGE=br-ctlplane
|
||||
PHYSICAL_NETWORK=ctlplane
|
||||
PUBLIC_INTERFACE=eth1
|
||||
|
||||
ovs-vsctl --no-wait -- --may-exist add-br br-int
|
||||
ovs-vsctl --no-wait br-set-external-id br-int bridge-id br-int
|
||||
ovs-vsctl --no-wait -- --may-exist add-br br-ctlplane
|
||||
ovs-vsctl add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE || echo "port already added?"
|
||||
|
||||
for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do
|
||||
ip addr del $IP dev $PUBLIC_INTERFACE
|
||||
ip addr add $IP dev $OVS_PHYSICAL_BRIDGE
|
||||
done
|
||||
ifconfig $OVS_PHYSICAL_BRIDGE up
|
||||
|
||||
# TODO: configurable
|
||||
ALLOCATION_POOL="start=192.0.2.34,end=192.0.2.38"
|
||||
NETWORK_GATEWAY=192.168.122.1
|
||||
FIXED_RANGE=192.0.2.33/29
|
||||
TENANT_ID=$(keystone tenant-list | grep ' admin ' | awk '{print $2}')
|
||||
|
||||
NET_ID=$(quantum net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type flat --provider:physical_network "$PHYSICAL_NETWORK" | grep ' id ' | awk '{print $4}')
|
||||
SUBNET_ID=$(quantum subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | awk '{print $4}')
|
||||
|
||||
ifconfig $OVS_PHYSICAL_BRIDGE up
|
|
@ -0,0 +1,11 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
PATH=/usr/local/bin:$PATH
|
||||
|
||||
reset-db
|
||||
reset-keystone
|
||||
reset-nova
|
||||
reset-quantum
|
||||
|
||||
os-refresh-config
|
|
@ -0,0 +1,46 @@
|
|||
{
|
||||
"OpenStack::Heat::Stack": {
|
||||
"Name": "foo",
|
||||
"Region": "az1",
|
||||
"RefreshResource": "foo"
|
||||
},
|
||||
"admin-token": "foobar",
|
||||
"admin-password": "kilgore",
|
||||
"service-password": "foobaz",
|
||||
"db-password": "stackdb",
|
||||
"keystone": {
|
||||
"host": "127.0.0.1",
|
||||
"db": "mysql://keystone:stackdb@localhost/keystone"
|
||||
},
|
||||
"interfaces": {
|
||||
"control": "eth0"
|
||||
},
|
||||
"rabbit": {
|
||||
"host": "127.0.0.1",
|
||||
"password": "guest"
|
||||
},
|
||||
"glance": {
|
||||
"host": "127.0.0.1",
|
||||
"db": "mysql://glance:stackdb@localhost/glance"
|
||||
},
|
||||
"nova": {
|
||||
"host": "127.0.0.1",
|
||||
"db": "mysql://nova:stackdb@localhost/nova",
|
||||
"bm_db": "mysql://nova:stackdb@localhost/nova_bm",
|
||||
"virtual_power_user": "stack",
|
||||
"virtual_power_key": "/opt/stack/boot-stack/virtual-power-key",
|
||||
"virtual_power_ssh_host": "192.168.122.1"
|
||||
},
|
||||
"cinder": {
|
||||
"db": "mysql://cinder:stackdb@localhost/cinder",
|
||||
"volume_size_mb": "5000"
|
||||
},
|
||||
"quantum": {
|
||||
"host": "127.0.0.1",
|
||||
"ovs_db": "mysql://quantum:stackdb@localhost/ovs_quantum?charset=utf8"
|
||||
},
|
||||
"swift": {
|
||||
"store_user": "foo",
|
||||
"store_key": "bar"
|
||||
}
|
||||
}
|
|
@ -0,0 +1,5 @@
|
|||
keystone
|
||||
glance
|
||||
nova
|
||||
openstack-db
|
||||
quantum
|
|
@ -0,0 +1,22 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
|
||||
# This key is to be retrieved to allow nova to ssh
|
||||
# into the host machine when using VirtualPowerManager
|
||||
ssh-keygen -t rsa -f /opt/stack/boot-stack/virtual-power-key \
|
||||
-N '' -C 'boot-stack key for use with nova VirtualPowerDriver'
|
||||
chown nova:nova /opt/stack/boot-stack/virtual-power-key*
|
||||
chmod 400 /opt/stack/boot-stack/virtual-power-key*
|
||||
|
||||
PATH=/usr/local/bin:$PATH
|
||||
|
||||
# TODO: rabbit should not need to be restarted on first boot - but currently does.
|
||||
# https://bugs.launchpad.net/diskimage-builder/+bug/1166838
|
||||
service rabbitmq-server restart
|
||||
|
||||
os-config-applier
|
||||
wipe-openstack
|
||||
|
||||
touch /opt/stack/boot-stack.ok
|
||||
|
|
@ -0,0 +1,77 @@
|
|||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
install-packages git build-essential python-dev
|
||||
install-packages tgt busybox # to run diskimage-builder for deploy ramdisk
|
||||
|
||||
install -m 0755 -o root -g root -d /opt/stack/boot-stack
|
||||
|
||||
echo 'nameserver 8.8.8.8' > /etc/resolvconf/resolv.conf.d/head
|
||||
|
||||
# fake heat metadata
|
||||
mkdir -p /var/lib/cloud/data
|
||||
install -m 0755 -o root -g root $(dirname $0)/../config.json /var/lib/cloud/data/cfn-init-data
|
||||
|
||||
# tools
|
||||
for f in `ls $(dirname $0)/../bin`; do
|
||||
install -m 0755 -o root -g root $(dirname $0)/../bin/$f /usr/local/bin/$f
|
||||
done
|
||||
|
||||
# openstack creds
|
||||
# TODO: generate random creds.
|
||||
install -m 0755 -o root -g root $(dirname $0)/../stackrc /root/stackrc
|
||||
echo "source /root/stackrc" >> /root/.bash_profile
|
||||
|
||||
# client tools
|
||||
for client in nova quantum glance; do
|
||||
repo=python-${client}client
|
||||
venvs=/opt/stack/venvs
|
||||
git clone --depth 1 https://github.com/openstack/$repo.git /opt/stack/$repo
|
||||
|
||||
virtualenv $venvs/$repo
|
||||
set +u
|
||||
source $venvs/$repo/bin/activate
|
||||
set -u
|
||||
|
||||
# required for a cliff version conflict. this can be removed once cliff will accept prettytable >0.7
|
||||
pip install cliff
|
||||
|
||||
[ -e /opt/stack/$repo/tools/pip-requires ] && pip install -r /opt/stack/$repo/tools/pip-requires
|
||||
pushd /opt/stack/$repo
|
||||
python setup.py develop --script-dir /usr/local/bin
|
||||
popd
|
||||
#pip install /opt/stack/$repo
|
||||
|
||||
set +u
|
||||
deactivate
|
||||
set -u
|
||||
|
||||
ln -sf /opt/stack/venvs/$repo/bin/$client /usr/local/bin/$client
|
||||
done
|
||||
|
||||
# image toolchain
|
||||
git clone https://github.com/stackforge/diskimage-builder.git /opt/stack/diskimage-builder
|
||||
|
||||
# rabbit
|
||||
install-packages rabbitmq-server
|
||||
|
||||
# db
|
||||
install-packages mysql-server python-mysqldb
|
||||
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
|
||||
|
||||
function deps {
|
||||
apt-get update
|
||||
install-packages screen ccze
|
||||
install-packages git ipmitool python-dev python-pip python-greenlet python-mysqldb libxml2-dev libxslt-dev python-zmq
|
||||
install-packages openvswitch-common openvswitch-controller openvswitch-switch open-iscsi
|
||||
install-packages python-numpy python-lxml
|
||||
}
|
||||
|
||||
function ip_forwarding {
|
||||
cat > /etc/sysctl.conf <<eof
|
||||
net.ipv4.ip_forward=1
|
||||
eof
|
||||
}
|
||||
|
||||
deps
|
||||
ip_forwarding
|
|
@ -0,0 +1,8 @@
|
|||
# TODO: generate random credentials.
|
||||
export NOVA_VERSION=1.1
|
||||
export OS_PASSWORD=kilgore
|
||||
export OS_AUTH_URL=http://localhost:5000/v2.0
|
||||
export OS_USERNAME=admin
|
||||
export OS_TENANT_NAME=admin
|
||||
export COMPUTE_API_VERSION=1.1
|
||||
export OS_NO_CACHE=True
|
|
@ -1,10 +1,7 @@
|
|||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
# TODO: use trunk instead of folsom
|
||||
# trunk glance currently results in CRITICAL 'duplicate config entry log-format' errors:
|
||||
# https://bugs.launchpad.net/ubuntu/+source/python-glanceclient/+bug/1131327
|
||||
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git -b stable/folsom
|
||||
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git
|
||||
|
||||
mkdir -p /var/lib/glance/images && chown -R glance:glance /var/lib/glance/images
|
||||
os-svc-daemon glance-api glance glance-api "--debug --log-config /etc/glance/logging.conf"
|
||||
|
|
|
@ -20,8 +20,8 @@ script
|
|||
--dhcp-boot=pxelinux.0 \\
|
||||
--bind-interfaces \\
|
||||
--pid-file=/var/run/dnsmasq.pid \\
|
||||
--interface=eth0 \\
|
||||
--dhcp-range=10.8.53.201,10.8.53.206,29
|
||||
--interface=br-ctlplane \\
|
||||
--dhcp-range=192.0.2.65,192.0.2.69,29
|
||||
end script
|
||||
eof
|
||||
}
|
||||
|
|
|
@ -90,5 +90,5 @@ instance_type_extra_specs = cpu_arch:i386
|
|||
power_manager = nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
|
||||
driver = nova.virt.baremetal.pxe.PXE
|
||||
virtual_power_host_user={{nova.virtual_power_user}}
|
||||
virtual_power_host_pass={{nova.virtual_power_pass}}
|
||||
virtual_power_host_key={{nova.virtual_power_key}}
|
||||
virtual_power_ssh_host={{nova.virtual_power_ssh_host}}
|
||||
|
|
|
@ -1,26 +0,0 @@
|
|||
#!/bin/bash
|
||||
set -eu
|
||||
|
||||
# TODO: make this easily configurable
|
||||
db_pass=stackdb
|
||||
|
||||
service mysql restart
|
||||
|
||||
create-os-db keystone keystone $db_pass
|
||||
keystone-manage db_sync
|
||||
|
||||
create-os-db cinder cinder $db_pass
|
||||
cinder-manage db sync
|
||||
|
||||
create-os-db nova nova $db_pass
|
||||
nova-manage db sync
|
||||
|
||||
create-os-db nova_bm nova $db_pass
|
||||
nova-baremetal-manage db sync
|
||||
|
||||
create-os-db glance glance $db_pass
|
||||
glance-manage db_sync
|
||||
|
||||
create-os-db ovs_quantum quantum $db_pass
|
||||
|
||||
|
|
@ -1,2 +1,2 @@
|
|||
#!/bin/bash
|
||||
exec os-config-applier -s OpenStack::Config
|
||||
exec os-config-applier
|
||||
|
|
|
@ -19,7 +19,7 @@ end script
|
|||
|
||||
respawn
|
||||
|
||||
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd $args
|
||||
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd -- $args
|
||||
EOF
|
||||
}
|
||||
|
||||
|
|
|
@ -7,7 +7,7 @@ reconnect_interval = 2
|
|||
bridge_mappings = ctlplane:br-ctlplane
|
||||
network_vlan_ranges = ctlplane
|
||||
|
||||
tenant_network_type = gre
|
||||
tenant_network_type = vlan
|
||||
tunnel_id_ranges = 1:1000
|
||||
enable_tunneling = False
|
||||
integration_bridge = br-int
|
||||
|
|
Loading…
Reference in New Issue