openstack
/
tripleo-image-elements
Code Issues Proposed changes

A self-contained one-node baremetal openstack. 

The 'boot-stack' element is a self-contained, baremetal openstack.
Upon first boot, it will initialize itself with default keystone
users, nova flavors, etc.

Change-Id: Ib0c411627154a3d666f74513c6b8edfbfbf6c07e
This commit is contained in:
Tim Miller 2013-04-01 15:03:41 -07:00
parent a256d77ccb
commit 08f27d3556
19 changed files with 656 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
elements/boot-stack/README.md Normal file
View File

@ -0,0 +1,36 @@
A self-contained one-node baremetal openstack.
## instructions for use:
- Edit "virtual_power_user" in config.json, if using the VirtualPowerDriver.
- Build this element into an image and boot it. (see https://github.com/tripleo/incubator)
- SSH in as `root`.
- Upon first boot, it will take a couple minutes to initialize nova and glance. Progress can be observed in `/var/log/first-boot.d.log`. `/opt/stack/boot-stack/ok` will be touched upon completion
- `source` OpenStack credentials from /root/stackrc.
- Allow nova ssh access to your host, if using VirtualPowerDriver:
```bash
ssh -o StrictHostKeyChecking=no \
-o UserKnownHostsFile=/dev/null \
root@192.168.122.144 cat /opt/stack/boot-stack/virtual-power-key.pub >> ~/.ssh/authorized_keys
```
- Add some baremetal nodes to nova. e.g.:
```bash
nova baremetal-node-create ubuntu 1 2 10 52:54:00:bc:2c:1a --pm_address 192.168.122.1 --pm_user $USER --pm_password $PASS
nova baremetal-interface-add $id 52:54:00:bc:2c:1a
# in a few seconds, an entry will appear in the nova.compute_nodes table, after which the bm node is ready.
```
- If a disk image existed at `/root/demo.qcow2` during first boot, it will already be in glance. Else, or if you wish to install more images, see /usr/local/bin/reset-nova for an example.
- Perform a baremetal-boot: `nova boot --image demo --flavor baremetal test"
- See progress in the logs: `boot-stack-logs`
- At any time, you may completely reset OpenStack state: `sudo wipe-openstack`

34
elements/boot-stack/bin/boot-stack-logs Executable file
View File

@ -0,0 +1,34 @@
#!/bin/bash
set -eu
#!/bin/bash
set -eu
if [[ $EUID -ne 0 ]]; then
echo "ERROR: you must be root to run this" 1>&2
exit 1
fi
scr_name=os-logs
scr_file=$(mktemp)
this_dir=$(cd `dirname "${BASH_SOURCE[0]}"` && pwd)
cat > $scr_file <<eof
startup_message off
hardstatus alwayslastline "%w"
caption always "%{-b ..}%-w%{+b ..}[[%n%f*%t]]%{-}%+w"
source $this_dir/../stackrc
eof
for f in \
/var/log/upstart/nova-compute.log \
/var/log/upstart/nova-scheduler.log; do
if [ -e $f ]; then
echo "screen -t $(basename $f) sh -c \"tail -f $f | ccze\"" >> $scr_file
fi
done
echo "screen -t dnsmasq sh -c \"tail -f /var/log/syslog | grep dnsmasq\"" >> $scr_file
echo "screen -t nova-list sh -c \"watch nova list\"" >> $scr_file
exec screen -c $scr_file

27
elements/boot-stack/bin/reset-db Executable file
View File

@ -0,0 +1,27 @@
#!/bin/bash
set -eu
db_pass=$(os-config-applier --key db-password)
service mysql restart
PATH=/usr/local/bin:$PATH
venvs=/opt/stack/venvs
os-db-create keystone keystone $db_pass
$venvs/keystone/bin/keystone-manage db_sync
os-db-create cinder cinder $db_pass
$venvs/cinder/bin/cinder-manage db sync
os-db-create nova nova $db_pass
$venvs/nova/bin/nova-manage db sync
os-db-create nova_bm nova $db_pass
$venvs/nova/bin/nova-baremetal-manage db sync
os-db-create glance glance $db_pass
$venvs/glance/bin/glance-manage db_sync
os-db-create ovs_quantum quantum $db_pass

274
elements/boot-stack/bin/reset-keystone Executable file
View File

@ -0,0 +1,274 @@
#!/usr/bin/env bash
# Copyright 2012 OpenStack LLC
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# Sample initial data for Keystone using python-keystoneclient
#
# This script is based on the original DevStack keystone_data.sh script.
#
# It demonstrates how to bootstrap Keystone with an administrative user
# using the SERVICE_TOKEN and SERVICE_ENDPOINT environment variables
# and the administrative API. It will get the admin_token (SERVICE_TOKEN)
# and admin_port from keystone.conf if available.
#
# There are two environment variables to set passwords that should be set
# prior to running this script. Warnings will appear if they are unset.
# * ADMIN_PASSWORD is used to set the password for the admin and demo accounts.
# * SERVICE_PASSWORD is used to set the password for the service accounts.
#
# Enable the Swift and Quantum accounts by setting ENABLE_SWIFT and/or
# ENABLE_QUANTUM environment variables.
#
# Enable creation of endpoints by setting ENABLE_ENDPOINTS environment variable.
# Works with Catalog SQL backend. Do not use with Catalog Templated backend
# (default).
#
# A set of EC2-compatible credentials is created for both admin and demo
# users and placed in etc/ec2rc.
#
# Tenant User Roles
# -------------------------------------------------------
# admin admin admin
# service glance admin
# service nova admin
# service quantum admin # if enabled
# service swift admin # if enabled
# demo admin admin
# demo demo Member,sysadmin,netadmin
# invisible_to_admin demo Member
set -eux
PATH=/opt/stack/venvs/keystone/bin:/usr/local/bin:$PATH
# keystone ssl certs
keystone-manage pki_setup
chown -R keystone:keystone /etc/keystone/ssl
ADMIN_PASSWORD=$(os-config-applier --key admin-password)
SERVICE_PASSWORD=$(os-config-applier --key service-password)
# default boot-stack node credentials
source /root/stackrc
ENABLE_ENDPOINTS=yes
ENABLE_QUANTUM=yes
ENABLE_SWIFT=yes
CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
if [[ -r "$KEYSTONE_CONF" ]]; then
EC2RC="$(dirname "$KEYSTONE_CONF")/ec2rc"
elif [[ -r "$TOOLS_DIR/../etc/keystone.conf" ]]; then
# assume git checkout
KEYSTONE_CONF="$TOOLS_DIR/../etc/keystone.conf"
EC2RC="$TOOLS_DIR/../etc/ec2rc"
else
KEYSTONE_CONF=""
EC2RC="ec2rc"
fi
# Extract some info from Keystone's configuration file
if [[ -r "$KEYSTONE_CONF" ]]; then
CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
fi
export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
if [[ -z "$SERVICE_TOKEN" ]]; then
echo "No service token found."
echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
exit 1
fi
export SERVICE_ENDPOINT=${SERVICE_ENDPOINT:-http://$CONTROLLER_PUBLIC_ADDRESS:${CONFIG_ADMIN_PORT:-35357}/v2.0}
function get_id () {
echo `"$@" | grep ' id ' | awk '{print $4}'`
}
# Tenants
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
SERVICE_TENANT=$(get_id keystone tenant-create --name=service)
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
# Users
ADMIN_USER=$(get_id keystone user-create --name=admin \
--pass="$ADMIN_PASSWORD" \
--email=admin@example.com)
DEMO_USER=$(get_id keystone user-create --name=demo \
--pass="$ADMIN_PASSWORD" \
--email=admin@example.com)
# Roles
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
SYSADMIN_ROLE=$(get_id keystone role-create --name=sysadmin)
NETADMIN_ROLE=$(get_id keystone role-create --name=netadmin)
# Add Roles to Users in Tenants
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $SYSADMIN_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $NETADMIN_ROLE --tenant-id $DEMO_TENANT
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT
# TODO(termie): these two might be dubious
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
# Services
NOVA_SERVICE=$(get_id \
keystone service-create --name=nova \
--type=compute \
--description="Nova Compute Service")
NOVA_USER=$(get_id keystone user-create --name=nova \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=nova@example.com)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $NOVA_USER \
--role-id $ADMIN_ROLE
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s"
fi
EC2_SERVICE=$(get_id \
keystone service-create --name=ec2 \
--type=ec2 \
--description="EC2 Compatibility Layer")
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud"
fi
GLANCE_SERVICE=$(get_id \
keystone service-create --name=glance \
--type=image \
--description="Glance Image Service")
GLANCE_USER=$(get_id keystone user-create --name=glance \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=glance@example.com)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $GLANCE_USER \
--role-id $ADMIN_ROLE
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292/v1" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292/v1" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292/v1"
fi
KEYSTONE_SERVICE=$(get_id \
keystone service-create --name=keystone \
--type=identity \
--description="Keystone Identity Service")
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $KEYSTONE_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(public_port)s/v2.0" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(admin_port)s/v2.0" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(public_port)s/v2.0"
fi
VOLUME_SERVICE=$(get_id \
keystone service-create --name="nova-volume" \
--type=volume \
--description="Nova Volume Service")
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
fi
keystone service-create --name="horizon" \
--type=dashboard \
--description="OpenStack Dashboard"
if [[ -n "$ENABLE_SWIFT" ]]; then
SWIFT_SERVICE=$(get_id \
keystone service-create --name=swift \
--type="object-store" \
--description="Swift Service")
SWIFT_USER=$(get_id keystone user-create --name=swift \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=swift@example.com)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $SWIFT_USER \
--role-id $ADMIN_ROLE
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
fi
fi
if [[ -n "$ENABLE_QUANTUM" ]]; then
QUANTUM_SERVICE=$(get_id \
keystone service-create --name=quantum \
--type=network \
--description="Quantum Service")
QUANTUM_USER=$(get_id keystone user-create --name=quantum \
--pass="$SERVICE_PASSWORD" \
--tenant-id $SERVICE_TENANT \
--email=quantum@example.com)
keystone user-role-add --tenant-id $SERVICE_TENANT \
--user-id $QUANTUM_USER \
--role-id $ADMIN_ROLE
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
keystone endpoint-create --region RegionOne --service-id $QUANTUM_SERVICE \
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9696" \
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9696" \
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9696"
fi
fi
# create ec2 creds and parse the secret and access key returned
RESULT=$(keystone ec2-credentials-create --tenant-id=$ADMIN_TENANT --user-id=$ADMIN_USER)
ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
RESULT=$(keystone ec2-credentials-create --tenant-id=$DEMO_TENANT --user-id=$DEMO_USER)
DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
# write the secret and access to ec2rc
cat > $EC2RC <<EOF
ADMIN_ACCESS=$ADMIN_ACCESS
ADMIN_SECRET=$ADMIN_SECRET
DEMO_ACCESS=$DEMO_ACCESS
DEMO_SECRET=$DEMO_SECRET
EOF

53
elements/boot-stack/bin/reset-nova Executable file
View File

@ -0,0 +1,53 @@
#!/bin/bash
set -eux
PATH=/usr/local/bin:$PATH
source /root/stackrc
arch=amd64
boot_stack=/opt/stack/boot-stack
dib=/opt/stack/diskimage-builder
deploy_kernel=bm-deploy-kernel
deploy_ramdisk=bm-deploy-ramdisk
ls $boot_stack/$deploy_kernel || cp /boot/vmlinuz-$(uname -r) $boot_stack/$deploy_kernel
chmod a+r $boot_stack/$deploy_kernel
ls $boot_stack/$deploy_ramdisk || $dib/bin/ramdisk-image-create deploy -o $boot_stack/$deploy_ramdisk
deploy_kernel_id=$(glance image-create --name $deploy_kernel --public --disk-format aki < "$boot_stack/$deploy_kernel" \
| grep ' id ' | awk '{print $4}')
deploy_ramdisk_id=$(glance image-create --name $deploy_ramdisk --public --disk-format ari < "$boot_stack/$deploy_ramdisk" \
| grep ' id ' | awk '{print $4}')
nova flavor-create baremetal 256 512 10 1
nova flavor-key baremetal set "cpu_arch"="$arch" \
"baremetal:deploy_kernel_id"="$deploy_kernel_id" \
"baremetal:deploy_ramdisk_id"="$deploy_ramdisk_id"
# upload demo image to glance.
image_name=demo
kernel_image_name="$image_name-kernel"
ramdisk_image_name="$image_name-ramdisk"
# upload /root/demo.qcow2 to glance, if it exists
if [ -e /root/$image_name.qcow2 ]; then
/opt/stack/diskimage-builder/bin/disk-image-get-kernel -x -d /root -o $image_name -i /root/$image_name.qcow2
kernel_id=$(glance image-create --name $kernel_image_name --public --disk-format aki < "/root/$image_name-initrd" \
| grep ' id ' | awk '{print $4}')
ramdisk_id=$(glance image-create --name $ramdisk_image_name --public --disk-format ari < "/root/$image_name-vmlinuz" \
| grep ' id ' | awk '{print $4}')
glance image-create --name $image_name \
--public \
--disk-format qcow2 \
--container-format bare \
--property kernel_id=$kernel_id \
--property ramdisk_id=$ramdisk_id < /root/$image_name.qcow2
fi

56
elements/boot-stack/bin/reset-quantum Executable file
View File

@ -0,0 +1,56 @@
#!/bin/bash
set -eux
PATH=/usr/local/bin:$PATH
source /root/stackrc
if ! grep boot-stack /etc/network/interfaces; then
cat >> /etc/network/interfaces <<eof
# This interface was installed by the diskimage-builder boot-stack element.
auto eth1
iface eth1 inet static
address 192.0.2.1
netmask 255.255.255.0
up iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775
up iptables -t nat -A POSTROUTING -s 192.0.2.0/24 -o eth0 -j MASQUERADE
up ip addr add 192.0.2.33/29 dev eth1
# Public Bridge
# auto eth2
# iface eth2 inet manual
# up ifconfig \$IFACE 0.0.0.0 up
# up ip link set \$IFACE promisc on
# down ifconfig \$IFACE down
eof
fi
service networking restart
service openvswitch-switch restart
service quantum-server restart
OVS_PHYSICAL_BRIDGE=br-ctlplane
PHYSICAL_NETWORK=ctlplane
PUBLIC_INTERFACE=eth1
ovs-vsctl --no-wait -- --may-exist add-br br-int
ovs-vsctl --no-wait br-set-external-id br-int bridge-id br-int
ovs-vsctl --no-wait -- --may-exist add-br br-ctlplane
ovs-vsctl add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE || echo "port already added?"
for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do
ip addr del $IP dev $PUBLIC_INTERFACE
ip addr add $IP dev $OVS_PHYSICAL_BRIDGE
done
ifconfig $OVS_PHYSICAL_BRIDGE up
# TODO: configurable
ALLOCATION_POOL="start=192.0.2.34,end=192.0.2.38"
NETWORK_GATEWAY=192.168.122.1
FIXED_RANGE=192.0.2.33/29
TENANT_ID=$(keystone tenant-list | grep ' admin ' | awk '{print $2}')
NET_ID=$(quantum net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type flat --provider:physical_network "$PHYSICAL_NETWORK" | grep ' id ' | awk '{print $4}')
SUBNET_ID=$(quantum subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | awk '{print $4}')
ifconfig $OVS_PHYSICAL_BRIDGE up

11
elements/boot-stack/bin/wipe-openstack Executable file
View File

@ -0,0 +1,11 @@
#!/bin/bash
set -eu
PATH=/usr/local/bin:$PATH
reset-db
reset-keystone
reset-nova
reset-quantum
os-refresh-config

46
elements/boot-stack/config.json Normal file
View File

@ -0,0 +1,46 @@
{
"OpenStack::Heat::Stack": {
"Name": "foo",
"Region": "az1",
"RefreshResource": "foo"
},
"admin-token": "foobar",
"admin-password": "kilgore",
"service-password": "foobaz",
"db-password": "stackdb",
"keystone": {
"host": "127.0.0.1",
"db": "mysql://keystone:stackdb@localhost/keystone"
},
"interfaces": {
"control": "eth0"
},
"rabbit": {
"host": "127.0.0.1",
"password": "guest"
},
"glance": {
"host": "127.0.0.1",
"db": "mysql://glance:stackdb@localhost/glance"
},
"nova": {
"host": "127.0.0.1",
"db": "mysql://nova:stackdb@localhost/nova",
"bm_db": "mysql://nova:stackdb@localhost/nova_bm",
"virtual_power_user": "stack",
"virtual_power_key": "/opt/stack/boot-stack/virtual-power-key",
"virtual_power_ssh_host": "192.168.122.1"
},
"cinder": {
"db": "mysql://cinder:stackdb@localhost/cinder",
"volume_size_mb": "5000"
},
"quantum": {
"host": "127.0.0.1",
"ovs_db": "mysql://quantum:stackdb@localhost/ovs_quantum?charset=utf8"
},
"swift": {
"store_user": "foo",
"store_key": "bar"
}
}

5
elements/boot-stack/element-deps Normal file
View File

@ -0,0 +1,5 @@
keystone
glance
nova
openstack-db
quantum

22
elements/boot-stack/first-boot.d/99-boot-stack Executable file
View File

@ -0,0 +1,22 @@
#!/bin/bash
set -eu
# This key is to be retrieved to allow nova to ssh
# into the host machine when using VirtualPowerManager
ssh-keygen -t rsa -f /opt/stack/boot-stack/virtual-power-key \
-N '' -C 'boot-stack key for use with nova VirtualPowerDriver'
chown nova:nova /opt/stack/boot-stack/virtual-power-key*
chmod 400 /opt/stack/boot-stack/virtual-power-key*
PATH=/usr/local/bin:$PATH
# TODO: rabbit should not need to be restarted on first boot - but currently does.
# https://bugs.launchpad.net/diskimage-builder/+bug/1166838
service rabbitmq-server restart
os-config-applier
wipe-openstack
touch /opt/stack/boot-stack.ok

77
elements/boot-stack/install.d/01-boot-stack Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
set -eux
install-packages git build-essential python-dev
install-packages tgt busybox # to run diskimage-builder for deploy ramdisk
install -m 0755 -o root -g root -d /opt/stack/boot-stack
echo 'nameserver 8.8.8.8' > /etc/resolvconf/resolv.conf.d/head
# fake heat metadata
mkdir -p /var/lib/cloud/data
install -m 0755 -o root -g root $(dirname $0)/../config.json /var/lib/cloud/data/cfn-init-data
# tools
for f in `ls $(dirname $0)/../bin`; do
install -m 0755 -o root -g root $(dirname $0)/../bin/$f /usr/local/bin/$f
done
# openstack creds
# TODO: generate random creds.
install -m 0755 -o root -g root $(dirname $0)/../stackrc /root/stackrc
echo "source /root/stackrc" >> /root/.bash_profile
# client tools
for client in nova quantum glance; do
repo=python-${client}client
venvs=/opt/stack/venvs
git clone --depth 1 https://github.com/openstack/$repo.git /opt/stack/$repo
virtualenv $venvs/$repo
set +u
source $venvs/$repo/bin/activate
set -u
# required for a cliff version conflict. this can be removed once cliff will accept prettytable >0.7
pip install cliff
[ -e /opt/stack/$repo/tools/pip-requires ] && pip install -r /opt/stack/$repo/tools/pip-requires
pushd /opt/stack/$repo
python setup.py develop --script-dir /usr/local/bin
popd
#pip install /opt/stack/$repo
set +u
deactivate
set -u
ln -sf /opt/stack/venvs/$repo/bin/$client /usr/local/bin/$client
done
# image toolchain
git clone https://github.com/stackforge/diskimage-builder.git /opt/stack/diskimage-builder
# rabbit
install-packages rabbitmq-server
# db
install-packages mysql-server python-mysqldb
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
function deps {
apt-get update
install-packages screen ccze
install-packages git ipmitool python-dev python-pip python-greenlet python-mysqldb libxml2-dev libxslt-dev python-zmq
install-packages openvswitch-common openvswitch-controller openvswitch-switch open-iscsi
install-packages python-numpy python-lxml
}
function ip_forwarding {
cat > /etc/sysctl.conf <<eof
net.ipv4.ip_forward=1
eof
}
deps
ip_forwarding

8
elements/boot-stack/stackrc Normal file
View File

@ -0,0 +1,8 @@
# TODO: generate random credentials.
export NOVA_VERSION=1.1
export OS_PASSWORD=kilgore
export OS_AUTH_URL=http://localhost:5000/v2.0
export OS_USERNAME=admin
export OS_TENANT_NAME=admin
export COMPUTE_API_VERSION=1.1
export OS_NO_CACHE=True

5
elements/glance/install.d/75-glance
View File

@ -1,10 +1,7 @@
#!/bin/bash
set -eux
# TODO: use trunk instead of folsom
# trunk glance currently results in CRITICAL 'duplicate config entry log-format' errors:
# https://bugs.launchpad.net/ubuntu/+source/python-glanceclient/+bug/1131327
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git -b stable/folsom
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git
mkdir -p /var/lib/glance/images && chown -R glance:glance /var/lib/glance/images
os-svc-daemon glance-api glance glance-api "--debug --log-config /etc/glance/logging.conf"

4
elements/nova/install.d/74-nova
View File

@ -20,8 +20,8 @@ script
--dhcp-boot=pxelinux.0 \\
--bind-interfaces \\
--pid-file=/var/run/dnsmasq.pid \\
--interface=eth0 \\
--dhcp-range=10.8.53.201,10.8.53.206,29
--interface=br-ctlplane \\
--dhcp-range=192.0.2.65,192.0.2.69,29
end script
eof
}

2
elements/nova/os-config-applier/etc/nova/nova.conf
View File

@ -90,5 +90,5 @@ instance_type_extra_specs = cpu_arch:i386
power_manager = nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
driver = nova.virt.baremetal.pxe.PXE
virtual_power_host_user={{nova.virtual_power_user}}
virtual_power_host_pass={{nova.virtual_power_pass}}
virtual_power_host_key={{nova.virtual_power_key}}
virtual_power_ssh_host={{nova.virtual_power_ssh_host}}

26
elements/openstack-db/first-boot.d/50-openstack-db
View File

@ -1,26 +0,0 @@
#!/bin/bash
set -eu
# TODO: make this easily configurable
db_pass=stackdb
service mysql restart
create-os-db keystone keystone $db_pass
keystone-manage db_sync
create-os-db cinder cinder $db_pass
cinder-manage db sync
create-os-db nova nova $db_pass
nova-manage db sync
create-os-db nova_bm nova $db_pass
nova-baremetal-manage db sync
create-os-db glance glance $db_pass
glance-manage db_sync
create-os-db ovs_quantum quantum $db_pass

2
elements/os-config-applier/os-refresh-config/configure.d/50-os-config-applier
View File

@ -1,2 +1,2 @@
#!/bin/bash
exec os-config-applier -s OpenStack::Config
exec os-config-applier

2
elements/os-svc-install/bin/os-svc-daemon
View File

@ -19,7 +19,7 @@ end script
respawn
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd $args
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd -- $args
EOF
}

2
elements/quantum/os-config-applier/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini
View File

@ -7,7 +7,7 @@ reconnect_interval = 2
bridge_mappings = ctlplane:br-ctlplane
network_vlan_ranges = ctlplane
tenant_network_type = gre
tenant_network_type = vlan
tunnel_id_ranges = 1:1000
enable_tunneling = False
integration_bridge = br-int