194 lines
6.9 KiB
Ruby
194 lines
6.9 KiB
Ruby
# encoding: UTF-8
|
|
#
|
|
# Cookbook Name:: openstack-compute
|
|
# Recipe:: nova-common
|
|
#
|
|
# Copyright 2012, Rackspace US, Inc.
|
|
# Copyright 2013, Craig Tracey <craigtracey@gmail.com>
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
#
|
|
|
|
require 'uri'
|
|
|
|
class ::Chef::Recipe # rubocop:disable Documentation
|
|
include ::Openstack
|
|
end
|
|
|
|
include_recipe 'yum-epel' if platform?(%w(fedora redhat centos))
|
|
|
|
include_recipe 'openstack-common::logging' if node['openstack']['compute']['syslog']['use']
|
|
|
|
platform_options = node['openstack']['compute']['platform']
|
|
|
|
platform_options['common_packages'].each do |pkg|
|
|
package pkg do
|
|
options platform_options['package_overrides']
|
|
action :upgrade
|
|
end
|
|
end
|
|
|
|
db_type = node['openstack']['db']['compute']['service_type']
|
|
platform_options["#{db_type}_python_packages"].each do |pkg|
|
|
package pkg do
|
|
action :install
|
|
end
|
|
end
|
|
|
|
# required to run more than one consoleauth process
|
|
platform_options['memcache_python_packages'].each do |pkg|
|
|
package pkg do
|
|
action :install
|
|
end
|
|
end
|
|
|
|
directory '/etc/nova' do
|
|
owner node['openstack']['compute']['user']
|
|
group node['openstack']['compute']['group']
|
|
mode 00750
|
|
action :create
|
|
end
|
|
|
|
db_user = node['openstack']['db']['compute']['username']
|
|
db_pass = get_password 'db', 'nova'
|
|
sql_connection = db_uri('compute', db_user, db_pass)
|
|
|
|
mq_service_type = node['openstack']['mq']['compute']['service_type']
|
|
|
|
if mq_service_type == 'rabbitmq'
|
|
node['openstack']['mq']['compute']['rabbit']['ha'] && (rabbit_hosts = rabbit_servers)
|
|
mq_password = get_password 'user', node['openstack']['mq']['compute']['rabbit']['userid']
|
|
elsif mq_service_type == 'qpid'
|
|
mq_password = get_password 'user', node['openstack']['mq']['compute']['qpid']['username']
|
|
end
|
|
|
|
# check attributes before search
|
|
if node['openstack']['identity']['admin_tenant_name'] && node['openstack']['identity']['admin_user']
|
|
ksadmin_tenant_name = node['openstack']['identity']['admin_tenant_name']
|
|
ksadmin_user = node['openstack']['identity']['admin_user']
|
|
else
|
|
identity_service_role = node['openstack']['compute']['identity_service_chef_role']
|
|
keystone = search_for(identity_service_role).first
|
|
|
|
ksadmin_tenant_name = keystone['openstack']['identity']['admin_tenant_name']
|
|
ksadmin_user = keystone['openstack']['identity']['admin_user']
|
|
Chef::Log.debug("openstack-compute::nova-common:keystone|#{keystone}")
|
|
end
|
|
|
|
ksadmin_pass = get_password 'user', ksadmin_user
|
|
|
|
memcache_servers = memcached_servers.join ','
|
|
|
|
# find the node attribute endpoint settings for the server holding a given role
|
|
identity_endpoint = endpoint 'identity-api'
|
|
xvpvnc_endpoint = endpoint 'compute-xvpvnc' || {}
|
|
novnc_endpoint = endpoint 'compute-novnc' || {}
|
|
vnc_endpoint = endpoint 'compute-vnc' || {}
|
|
compute_api_endpoint = endpoint 'compute-api' || {}
|
|
ec2_public_endpoint = endpoint 'compute-ec2-api' || {}
|
|
network_endpoint = endpoint 'network-api' || {}
|
|
image_endpoint = endpoint 'image-api'
|
|
|
|
Chef::Log.debug("openstack-compute::nova-common:ksadmin_user|#{ksadmin_user}")
|
|
Chef::Log.debug("openstack-compute::nova-common:ksadmin_tenant_name|#{ksadmin_tenant_name}")
|
|
Chef::Log.debug("openstack-compute::nova-common:identity_endpoint|#{identity_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:xvpvnc_endpoint|#{xvpvnc_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:novnc_endpoint|#{novnc_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:compute_api_endpoint|#{::URI.decode compute_api_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:ec2_public_endpoint|#{ec2_public_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:network_endpoint|#{network_endpoint.to_s}")
|
|
Chef::Log.debug("openstack-compute::nova-common:image_endpoint|#{image_endpoint.to_s}")
|
|
|
|
if node['openstack']['compute']['network']['service_type'] == 'neutron'
|
|
neutron_admin_password = get_password 'service', 'openstack-network'
|
|
neutron_metadata_proxy_shared_secret = get_secret 'neutron_metadata_secret'
|
|
else
|
|
neutron_admin_password = nil
|
|
neutron_metadata_proxy_shared_secret = nil
|
|
end
|
|
|
|
if node['openstack']['compute']['libvirt']['images_type'] == 'rbd'
|
|
rbd_secret_uuid = get_secret node['openstack']['compute']['libvirt']['rbd']['rbd_secret_name']
|
|
else
|
|
rbd_secret_uuid = nil
|
|
end
|
|
|
|
template '/etc/nova/nova.conf' do
|
|
source 'nova.conf.erb'
|
|
owner node['openstack']['compute']['user']
|
|
group node['openstack']['compute']['group']
|
|
mode 00644
|
|
variables(
|
|
sql_connection: sql_connection,
|
|
novncproxy_base_url: novnc_endpoint.to_s,
|
|
xvpvncproxy_base_url: xvpvnc_endpoint.to_s,
|
|
xvpvncproxy_bind_host: xvpvnc_endpoint.host,
|
|
xvpvncproxy_bind_port: xvpvnc_endpoint.port,
|
|
novncproxy_bind_host: novnc_endpoint.host,
|
|
novncproxy_bind_port: novnc_endpoint.port,
|
|
vncserver_listen: vnc_endpoint.host,
|
|
vncserver_proxyclient_address: vnc_endpoint.host,
|
|
memcache_servers: memcache_servers,
|
|
mq_service_type: mq_service_type,
|
|
mq_password: mq_password,
|
|
rabbit_hosts: rabbit_hosts,
|
|
identity_endpoint: identity_endpoint,
|
|
# TODO(jaypipes): No support here for >1 image API servers
|
|
# with the glance_api_servers configuration option...
|
|
glance_api_ipaddress: image_endpoint.host,
|
|
glance_api_port: image_endpoint.port,
|
|
iscsi_helper: platform_options['iscsi_helper'],
|
|
scheduler_default_filters: node['openstack']['compute']['scheduler']['default_filters'].join(','),
|
|
osapi_compute_link_prefix: compute_api_endpoint.to_s,
|
|
network_endpoint: network_endpoint,
|
|
neutron_admin_password: neutron_admin_password,
|
|
neutron_metadata_proxy_shared_secret: neutron_metadata_proxy_shared_secret,
|
|
compute_api_ipaddress: compute_api_endpoint.host,
|
|
compute_api_port: compute_api_endpoint.port,
|
|
ec2_public_api_ipaddress: ec2_public_endpoint.host,
|
|
ec2_public_api_port: ec2_public_endpoint.port,
|
|
rbd_secret_uuid: rbd_secret_uuid
|
|
)
|
|
end
|
|
|
|
template '/etc/nova/rootwrap.conf' do
|
|
source 'rootwrap.conf.erb'
|
|
# Must be root!
|
|
owner 'root'
|
|
group 'root'
|
|
mode 00644
|
|
end
|
|
|
|
# TODO: need to re-evaluate this for accuracy
|
|
# TODO(jaypipes): This should be moved into openstack-common
|
|
# and evaluated only on nodes with admin privs.
|
|
template '/root/openrc' do
|
|
source 'openrc.erb'
|
|
# Must be root!
|
|
owner 'root'
|
|
group 'root'
|
|
mode 00600
|
|
variables(
|
|
user: ksadmin_user,
|
|
tenant: ksadmin_tenant_name,
|
|
password: ksadmin_pass,
|
|
identity_endpoint: identity_endpoint,
|
|
auth_strategy: 'keystone',
|
|
ec2_url: ec2_public_endpoint.to_s
|
|
)
|
|
end
|
|
|
|
execute 'enable nova login' do
|
|
command "usermod -s /bin/sh #{node['openstack']['compute']['user']}"
|
|
end
|