A self-contained one-node baremetal openstack.
The 'boot-stack' element is a self-contained, baremetal openstack. Upon first boot, it will initialize itself with default keystone users, nova flavors, etc. Change-Id: Ib0c411627154a3d666f74513c6b8edfbfbf6c07e
This commit is contained in:
parent
a256d77ccb
commit
08f27d3556
|
@ -0,0 +1,36 @@
|
||||||
|
A self-contained one-node baremetal openstack.
|
||||||
|
|
||||||
|
## instructions for use:
|
||||||
|
|
||||||
|
- Edit "virtual_power_user" in config.json, if using the VirtualPowerDriver.
|
||||||
|
|
||||||
|
- Build this element into an image and boot it. (see https://github.com/tripleo/incubator)
|
||||||
|
|
||||||
|
- SSH in as `root`.
|
||||||
|
|
||||||
|
- Upon first boot, it will take a couple minutes to initialize nova and glance. Progress can be observed in `/var/log/first-boot.d.log`. `/opt/stack/boot-stack/ok` will be touched upon completion
|
||||||
|
|
||||||
|
- `source` OpenStack credentials from /root/stackrc.
|
||||||
|
|
||||||
|
- Allow nova ssh access to your host, if using VirtualPowerDriver:
|
||||||
|
```bash
|
||||||
|
ssh -o StrictHostKeyChecking=no \
|
||||||
|
-o UserKnownHostsFile=/dev/null \
|
||||||
|
root@192.168.122.144 cat /opt/stack/boot-stack/virtual-power-key.pub >> ~/.ssh/authorized_keys
|
||||||
|
```
|
||||||
|
|
||||||
|
- Add some baremetal nodes to nova. e.g.:
|
||||||
|
|
||||||
|
```bash
|
||||||
|
nova baremetal-node-create ubuntu 1 2 10 52:54:00:bc:2c:1a --pm_address 192.168.122.1 --pm_user $USER --pm_password $PASS
|
||||||
|
nova baremetal-interface-add $id 52:54:00:bc:2c:1a
|
||||||
|
# in a few seconds, an entry will appear in the nova.compute_nodes table, after which the bm node is ready.
|
||||||
|
```
|
||||||
|
|
||||||
|
- If a disk image existed at `/root/demo.qcow2` during first boot, it will already be in glance. Else, or if you wish to install more images, see /usr/local/bin/reset-nova for an example.
|
||||||
|
|
||||||
|
- Perform a baremetal-boot: `nova boot --image demo --flavor baremetal test"
|
||||||
|
|
||||||
|
- See progress in the logs: `boot-stack-logs`
|
||||||
|
|
||||||
|
- At any time, you may completely reset OpenStack state: `sudo wipe-openstack`
|
|
@ -0,0 +1,34 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
if [[ $EUID -ne 0 ]]; then
|
||||||
|
echo "ERROR: you must be root to run this" 1>&2
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
scr_name=os-logs
|
||||||
|
scr_file=$(mktemp)
|
||||||
|
this_dir=$(cd `dirname "${BASH_SOURCE[0]}"` && pwd)
|
||||||
|
|
||||||
|
cat > $scr_file <<eof
|
||||||
|
startup_message off
|
||||||
|
hardstatus alwayslastline "%w"
|
||||||
|
caption always "%{-b ..}%-w%{+b ..}[[%n%f*%t]]%{-}%+w"
|
||||||
|
source $this_dir/../stackrc
|
||||||
|
eof
|
||||||
|
|
||||||
|
for f in \
|
||||||
|
/var/log/upstart/nova-compute.log \
|
||||||
|
/var/log/upstart/nova-scheduler.log; do
|
||||||
|
if [ -e $f ]; then
|
||||||
|
echo "screen -t $(basename $f) sh -c \"tail -f $f | ccze\"" >> $scr_file
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
|
echo "screen -t dnsmasq sh -c \"tail -f /var/log/syslog | grep dnsmasq\"" >> $scr_file
|
||||||
|
echo "screen -t nova-list sh -c \"watch nova list\"" >> $scr_file
|
||||||
|
|
||||||
|
exec screen -c $scr_file
|
|
@ -0,0 +1,27 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
db_pass=$(os-config-applier --key db-password)
|
||||||
|
|
||||||
|
service mysql restart
|
||||||
|
|
||||||
|
PATH=/usr/local/bin:$PATH
|
||||||
|
venvs=/opt/stack/venvs
|
||||||
|
|
||||||
|
os-db-create keystone keystone $db_pass
|
||||||
|
$venvs/keystone/bin/keystone-manage db_sync
|
||||||
|
|
||||||
|
os-db-create cinder cinder $db_pass
|
||||||
|
$venvs/cinder/bin/cinder-manage db sync
|
||||||
|
|
||||||
|
os-db-create nova nova $db_pass
|
||||||
|
$venvs/nova/bin/nova-manage db sync
|
||||||
|
|
||||||
|
os-db-create nova_bm nova $db_pass
|
||||||
|
$venvs/nova/bin/nova-baremetal-manage db sync
|
||||||
|
|
||||||
|
os-db-create glance glance $db_pass
|
||||||
|
$venvs/glance/bin/glance-manage db_sync
|
||||||
|
|
||||||
|
os-db-create ovs_quantum quantum $db_pass
|
||||||
|
|
|
@ -0,0 +1,274 @@
|
||||||
|
#!/usr/bin/env bash
|
||||||
|
|
||||||
|
# Copyright 2012 OpenStack LLC
|
||||||
|
#
|
||||||
|
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||||
|
# not use this file except in compliance with the License. You may obtain
|
||||||
|
# a copy of the License at
|
||||||
|
#
|
||||||
|
# http://www.apache.org/licenses/LICENSE-2.0
|
||||||
|
#
|
||||||
|
# Unless required by applicable law or agreed to in writing, software
|
||||||
|
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||||
|
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||||
|
# License for the specific language governing permissions and limitations
|
||||||
|
# under the License.
|
||||||
|
|
||||||
|
# Sample initial data for Keystone using python-keystoneclient
|
||||||
|
#
|
||||||
|
# This script is based on the original DevStack keystone_data.sh script.
|
||||||
|
#
|
||||||
|
# It demonstrates how to bootstrap Keystone with an administrative user
|
||||||
|
# using the SERVICE_TOKEN and SERVICE_ENDPOINT environment variables
|
||||||
|
# and the administrative API. It will get the admin_token (SERVICE_TOKEN)
|
||||||
|
# and admin_port from keystone.conf if available.
|
||||||
|
#
|
||||||
|
# There are two environment variables to set passwords that should be set
|
||||||
|
# prior to running this script. Warnings will appear if they are unset.
|
||||||
|
# * ADMIN_PASSWORD is used to set the password for the admin and demo accounts.
|
||||||
|
# * SERVICE_PASSWORD is used to set the password for the service accounts.
|
||||||
|
#
|
||||||
|
# Enable the Swift and Quantum accounts by setting ENABLE_SWIFT and/or
|
||||||
|
# ENABLE_QUANTUM environment variables.
|
||||||
|
#
|
||||||
|
# Enable creation of endpoints by setting ENABLE_ENDPOINTS environment variable.
|
||||||
|
# Works with Catalog SQL backend. Do not use with Catalog Templated backend
|
||||||
|
# (default).
|
||||||
|
#
|
||||||
|
# A set of EC2-compatible credentials is created for both admin and demo
|
||||||
|
# users and placed in etc/ec2rc.
|
||||||
|
#
|
||||||
|
# Tenant User Roles
|
||||||
|
# -------------------------------------------------------
|
||||||
|
# admin admin admin
|
||||||
|
# service glance admin
|
||||||
|
# service nova admin
|
||||||
|
# service quantum admin # if enabled
|
||||||
|
# service swift admin # if enabled
|
||||||
|
# demo admin admin
|
||||||
|
# demo demo Member,sysadmin,netadmin
|
||||||
|
# invisible_to_admin demo Member
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
PATH=/opt/stack/venvs/keystone/bin:/usr/local/bin:$PATH
|
||||||
|
|
||||||
|
# keystone ssl certs
|
||||||
|
keystone-manage pki_setup
|
||||||
|
chown -R keystone:keystone /etc/keystone/ssl
|
||||||
|
|
||||||
|
ADMIN_PASSWORD=$(os-config-applier --key admin-password)
|
||||||
|
SERVICE_PASSWORD=$(os-config-applier --key service-password)
|
||||||
|
|
||||||
|
# default boot-stack node credentials
|
||||||
|
source /root/stackrc
|
||||||
|
|
||||||
|
ENABLE_ENDPOINTS=yes
|
||||||
|
ENABLE_QUANTUM=yes
|
||||||
|
ENABLE_SWIFT=yes
|
||||||
|
CONTROLLER_PUBLIC_ADDRESS=${CONTROLLER_PUBLIC_ADDRESS:-localhost}
|
||||||
|
CONTROLLER_ADMIN_ADDRESS=${CONTROLLER_ADMIN_ADDRESS:-localhost}
|
||||||
|
CONTROLLER_INTERNAL_ADDRESS=${CONTROLLER_INTERNAL_ADDRESS:-localhost}
|
||||||
|
|
||||||
|
TOOLS_DIR=$(cd $(dirname "$0") && pwd)
|
||||||
|
KEYSTONE_CONF=${KEYSTONE_CONF:-/etc/keystone/keystone.conf}
|
||||||
|
if [[ -r "$KEYSTONE_CONF" ]]; then
|
||||||
|
EC2RC="$(dirname "$KEYSTONE_CONF")/ec2rc"
|
||||||
|
elif [[ -r "$TOOLS_DIR/../etc/keystone.conf" ]]; then
|
||||||
|
# assume git checkout
|
||||||
|
KEYSTONE_CONF="$TOOLS_DIR/../etc/keystone.conf"
|
||||||
|
EC2RC="$TOOLS_DIR/../etc/ec2rc"
|
||||||
|
else
|
||||||
|
KEYSTONE_CONF=""
|
||||||
|
EC2RC="ec2rc"
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Extract some info from Keystone's configuration file
|
||||||
|
if [[ -r "$KEYSTONE_CONF" ]]; then
|
||||||
|
CONFIG_SERVICE_TOKEN=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_token= | cut -d'=' -f2)
|
||||||
|
CONFIG_ADMIN_PORT=$(sed 's/[[:space:]]//g' $KEYSTONE_CONF | grep ^admin_port= | cut -d'=' -f2)
|
||||||
|
fi
|
||||||
|
|
||||||
|
export SERVICE_TOKEN=${SERVICE_TOKEN:-$CONFIG_SERVICE_TOKEN}
|
||||||
|
if [[ -z "$SERVICE_TOKEN" ]]; then
|
||||||
|
echo "No service token found."
|
||||||
|
echo "Set SERVICE_TOKEN manually from keystone.conf admin_token."
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
export SERVICE_ENDPOINT=${SERVICE_ENDPOINT:-http://$CONTROLLER_PUBLIC_ADDRESS:${CONFIG_ADMIN_PORT:-35357}/v2.0}
|
||||||
|
|
||||||
|
function get_id () {
|
||||||
|
echo `"$@" | grep ' id ' | awk '{print $4}'`
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
# Tenants
|
||||||
|
ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
|
||||||
|
SERVICE_TENANT=$(get_id keystone tenant-create --name=service)
|
||||||
|
DEMO_TENANT=$(get_id keystone tenant-create --name=demo)
|
||||||
|
INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin)
|
||||||
|
|
||||||
|
|
||||||
|
# Users
|
||||||
|
ADMIN_USER=$(get_id keystone user-create --name=admin \
|
||||||
|
--pass="$ADMIN_PASSWORD" \
|
||||||
|
--email=admin@example.com)
|
||||||
|
DEMO_USER=$(get_id keystone user-create --name=demo \
|
||||||
|
--pass="$ADMIN_PASSWORD" \
|
||||||
|
--email=admin@example.com)
|
||||||
|
|
||||||
|
|
||||||
|
# Roles
|
||||||
|
ADMIN_ROLE=$(get_id keystone role-create --name=admin)
|
||||||
|
MEMBER_ROLE=$(get_id keystone role-create --name=Member)
|
||||||
|
KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
|
||||||
|
KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
|
||||||
|
SYSADMIN_ROLE=$(get_id keystone role-create --name=sysadmin)
|
||||||
|
NETADMIN_ROLE=$(get_id keystone role-create --name=netadmin)
|
||||||
|
|
||||||
|
|
||||||
|
# Add Roles to Users in Tenants
|
||||||
|
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
|
||||||
|
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT
|
||||||
|
keystone user-role-add --user-id $DEMO_USER --role-id $SYSADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||||
|
keystone user-role-add --user-id $DEMO_USER --role-id $NETADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||||
|
keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT
|
||||||
|
keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT
|
||||||
|
|
||||||
|
# TODO(termie): these two might be dubious
|
||||||
|
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
|
||||||
|
keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
|
||||||
|
|
||||||
|
|
||||||
|
# Services
|
||||||
|
NOVA_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=nova \
|
||||||
|
--type=compute \
|
||||||
|
--description="Nova Compute Service")
|
||||||
|
NOVA_USER=$(get_id keystone user-create --name=nova \
|
||||||
|
--pass="$SERVICE_PASSWORD" \
|
||||||
|
--tenant-id $SERVICE_TENANT \
|
||||||
|
--email=nova@example.com)
|
||||||
|
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||||
|
--user-id $NOVA_USER \
|
||||||
|
--role-id $ADMIN_ROLE
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $NOVA_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(compute_port)s/v2/\$(tenant_id)s"
|
||||||
|
fi
|
||||||
|
|
||||||
|
EC2_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=ec2 \
|
||||||
|
--type=ec2 \
|
||||||
|
--description="EC2 Compatibility Layer")
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $EC2_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8773/services/Cloud" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8773/services/Admin" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8773/services/Cloud"
|
||||||
|
fi
|
||||||
|
|
||||||
|
GLANCE_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=glance \
|
||||||
|
--type=image \
|
||||||
|
--description="Glance Image Service")
|
||||||
|
GLANCE_USER=$(get_id keystone user-create --name=glance \
|
||||||
|
--pass="$SERVICE_PASSWORD" \
|
||||||
|
--tenant-id $SERVICE_TENANT \
|
||||||
|
--email=glance@example.com)
|
||||||
|
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||||
|
--user-id $GLANCE_USER \
|
||||||
|
--role-id $ADMIN_ROLE
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $GLANCE_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9292/v1" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9292/v1" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9292/v1"
|
||||||
|
fi
|
||||||
|
|
||||||
|
KEYSTONE_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=keystone \
|
||||||
|
--type=identity \
|
||||||
|
--description="Keystone Identity Service")
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $KEYSTONE_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:\$(public_port)s/v2.0" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:\$(admin_port)s/v2.0" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:\$(public_port)s/v2.0"
|
||||||
|
fi
|
||||||
|
|
||||||
|
VOLUME_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name="nova-volume" \
|
||||||
|
--type=volume \
|
||||||
|
--description="Nova Volume Service")
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $VOLUME_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8776/v1/\$(tenant_id)s" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8776/v1/\$(tenant_id)s" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8776/v1/\$(tenant_id)s"
|
||||||
|
fi
|
||||||
|
|
||||||
|
keystone service-create --name="horizon" \
|
||||||
|
--type=dashboard \
|
||||||
|
--description="OpenStack Dashboard"
|
||||||
|
|
||||||
|
if [[ -n "$ENABLE_SWIFT" ]]; then
|
||||||
|
SWIFT_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=swift \
|
||||||
|
--type="object-store" \
|
||||||
|
--description="Swift Service")
|
||||||
|
SWIFT_USER=$(get_id keystone user-create --name=swift \
|
||||||
|
--pass="$SERVICE_PASSWORD" \
|
||||||
|
--tenant-id $SERVICE_TENANT \
|
||||||
|
--email=swift@example.com)
|
||||||
|
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||||
|
--user-id $SWIFT_USER \
|
||||||
|
--role-id $ADMIN_ROLE
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $SWIFT_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:8080/v1/AUTH_\$(tenant_id)s" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:8080/v1/AUTH_\$(tenant_id)s"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
if [[ -n "$ENABLE_QUANTUM" ]]; then
|
||||||
|
QUANTUM_SERVICE=$(get_id \
|
||||||
|
keystone service-create --name=quantum \
|
||||||
|
--type=network \
|
||||||
|
--description="Quantum Service")
|
||||||
|
QUANTUM_USER=$(get_id keystone user-create --name=quantum \
|
||||||
|
--pass="$SERVICE_PASSWORD" \
|
||||||
|
--tenant-id $SERVICE_TENANT \
|
||||||
|
--email=quantum@example.com)
|
||||||
|
keystone user-role-add --tenant-id $SERVICE_TENANT \
|
||||||
|
--user-id $QUANTUM_USER \
|
||||||
|
--role-id $ADMIN_ROLE
|
||||||
|
if [[ -n "$ENABLE_ENDPOINTS" ]]; then
|
||||||
|
keystone endpoint-create --region RegionOne --service-id $QUANTUM_SERVICE \
|
||||||
|
--publicurl "http://$CONTROLLER_PUBLIC_ADDRESS:9696" \
|
||||||
|
--adminurl "http://$CONTROLLER_ADMIN_ADDRESS:9696" \
|
||||||
|
--internalurl "http://$CONTROLLER_INTERNAL_ADDRESS:9696"
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
||||||
|
# create ec2 creds and parse the secret and access key returned
|
||||||
|
RESULT=$(keystone ec2-credentials-create --tenant-id=$ADMIN_TENANT --user-id=$ADMIN_USER)
|
||||||
|
ADMIN_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||||
|
ADMIN_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||||
|
|
||||||
|
RESULT=$(keystone ec2-credentials-create --tenant-id=$DEMO_TENANT --user-id=$DEMO_USER)
|
||||||
|
DEMO_ACCESS=`echo "$RESULT" | grep access | awk '{print $4}'`
|
||||||
|
DEMO_SECRET=`echo "$RESULT" | grep secret | awk '{print $4}'`
|
||||||
|
|
||||||
|
|
||||||
|
# write the secret and access to ec2rc
|
||||||
|
cat > $EC2RC <<EOF
|
||||||
|
ADMIN_ACCESS=$ADMIN_ACCESS
|
||||||
|
ADMIN_SECRET=$ADMIN_SECRET
|
||||||
|
DEMO_ACCESS=$DEMO_ACCESS
|
||||||
|
DEMO_SECRET=$DEMO_SECRET
|
||||||
|
EOF
|
|
@ -0,0 +1,53 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
PATH=/usr/local/bin:$PATH
|
||||||
|
|
||||||
|
source /root/stackrc
|
||||||
|
|
||||||
|
arch=amd64
|
||||||
|
|
||||||
|
boot_stack=/opt/stack/boot-stack
|
||||||
|
dib=/opt/stack/diskimage-builder
|
||||||
|
|
||||||
|
deploy_kernel=bm-deploy-kernel
|
||||||
|
deploy_ramdisk=bm-deploy-ramdisk
|
||||||
|
ls $boot_stack/$deploy_kernel || cp /boot/vmlinuz-$(uname -r) $boot_stack/$deploy_kernel
|
||||||
|
chmod a+r $boot_stack/$deploy_kernel
|
||||||
|
|
||||||
|
ls $boot_stack/$deploy_ramdisk || $dib/bin/ramdisk-image-create deploy -o $boot_stack/$deploy_ramdisk
|
||||||
|
|
||||||
|
deploy_kernel_id=$(glance image-create --name $deploy_kernel --public --disk-format aki < "$boot_stack/$deploy_kernel" \
|
||||||
|
| grep ' id ' | awk '{print $4}')
|
||||||
|
deploy_ramdisk_id=$(glance image-create --name $deploy_ramdisk --public --disk-format ari < "$boot_stack/$deploy_ramdisk" \
|
||||||
|
| grep ' id ' | awk '{print $4}')
|
||||||
|
|
||||||
|
nova flavor-create baremetal 256 512 10 1
|
||||||
|
nova flavor-key baremetal set "cpu_arch"="$arch" \
|
||||||
|
"baremetal:deploy_kernel_id"="$deploy_kernel_id" \
|
||||||
|
"baremetal:deploy_ramdisk_id"="$deploy_ramdisk_id"
|
||||||
|
|
||||||
|
|
||||||
|
# upload demo image to glance.
|
||||||
|
image_name=demo
|
||||||
|
kernel_image_name="$image_name-kernel"
|
||||||
|
ramdisk_image_name="$image_name-ramdisk"
|
||||||
|
|
||||||
|
# upload /root/demo.qcow2 to glance, if it exists
|
||||||
|
if [ -e /root/$image_name.qcow2 ]; then
|
||||||
|
/opt/stack/diskimage-builder/bin/disk-image-get-kernel -x -d /root -o $image_name -i /root/$image_name.qcow2
|
||||||
|
|
||||||
|
kernel_id=$(glance image-create --name $kernel_image_name --public --disk-format aki < "/root/$image_name-initrd" \
|
||||||
|
| grep ' id ' | awk '{print $4}')
|
||||||
|
ramdisk_id=$(glance image-create --name $ramdisk_image_name --public --disk-format ari < "/root/$image_name-vmlinuz" \
|
||||||
|
| grep ' id ' | awk '{print $4}')
|
||||||
|
|
||||||
|
glance image-create --name $image_name \
|
||||||
|
--public \
|
||||||
|
--disk-format qcow2 \
|
||||||
|
--container-format bare \
|
||||||
|
--property kernel_id=$kernel_id \
|
||||||
|
--property ramdisk_id=$ramdisk_id < /root/$image_name.qcow2
|
||||||
|
fi
|
||||||
|
|
||||||
|
|
|
@ -0,0 +1,56 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
PATH=/usr/local/bin:$PATH
|
||||||
|
source /root/stackrc
|
||||||
|
|
||||||
|
if ! grep boot-stack /etc/network/interfaces; then
|
||||||
|
cat >> /etc/network/interfaces <<eof
|
||||||
|
|
||||||
|
# This interface was installed by the diskimage-builder boot-stack element.
|
||||||
|
auto eth1
|
||||||
|
iface eth1 inet static
|
||||||
|
address 192.0.2.1
|
||||||
|
netmask 255.255.255.0
|
||||||
|
up iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775
|
||||||
|
up iptables -t nat -A POSTROUTING -s 192.0.2.0/24 -o eth0 -j MASQUERADE
|
||||||
|
up ip addr add 192.0.2.33/29 dev eth1
|
||||||
|
|
||||||
|
# Public Bridge
|
||||||
|
# auto eth2
|
||||||
|
# iface eth2 inet manual
|
||||||
|
# up ifconfig \$IFACE 0.0.0.0 up
|
||||||
|
# up ip link set \$IFACE promisc on
|
||||||
|
# down ifconfig \$IFACE down
|
||||||
|
eof
|
||||||
|
fi
|
||||||
|
|
||||||
|
service networking restart
|
||||||
|
service openvswitch-switch restart
|
||||||
|
service quantum-server restart
|
||||||
|
|
||||||
|
OVS_PHYSICAL_BRIDGE=br-ctlplane
|
||||||
|
PHYSICAL_NETWORK=ctlplane
|
||||||
|
PUBLIC_INTERFACE=eth1
|
||||||
|
|
||||||
|
ovs-vsctl --no-wait -- --may-exist add-br br-int
|
||||||
|
ovs-vsctl --no-wait br-set-external-id br-int bridge-id br-int
|
||||||
|
ovs-vsctl --no-wait -- --may-exist add-br br-ctlplane
|
||||||
|
ovs-vsctl add-port $OVS_PHYSICAL_BRIDGE $PUBLIC_INTERFACE || echo "port already added?"
|
||||||
|
|
||||||
|
for IP in $(ip addr show dev $PUBLIC_INTERFACE | grep ' inet ' | awk '{print $2}'); do
|
||||||
|
ip addr del $IP dev $PUBLIC_INTERFACE
|
||||||
|
ip addr add $IP dev $OVS_PHYSICAL_BRIDGE
|
||||||
|
done
|
||||||
|
ifconfig $OVS_PHYSICAL_BRIDGE up
|
||||||
|
|
||||||
|
# TODO: configurable
|
||||||
|
ALLOCATION_POOL="start=192.0.2.34,end=192.0.2.38"
|
||||||
|
NETWORK_GATEWAY=192.168.122.1
|
||||||
|
FIXED_RANGE=192.0.2.33/29
|
||||||
|
TENANT_ID=$(keystone tenant-list | grep ' admin ' | awk '{print $2}')
|
||||||
|
|
||||||
|
NET_ID=$(quantum net-create $PHYSICAL_NETWORK --tenant_id $TENANT_ID --provider:network_type flat --provider:physical_network "$PHYSICAL_NETWORK" | grep ' id ' | awk '{print $4}')
|
||||||
|
SUBNET_ID=$(quantum subnet-create --tenant_id $TENANT_ID --ip_version 4 ${ALLOCATION_POOL:+--allocation-pool $ALLOCATION_POOL} --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | awk '{print $4}')
|
||||||
|
|
||||||
|
ifconfig $OVS_PHYSICAL_BRIDGE up
|
|
@ -0,0 +1,11 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
PATH=/usr/local/bin:$PATH
|
||||||
|
|
||||||
|
reset-db
|
||||||
|
reset-keystone
|
||||||
|
reset-nova
|
||||||
|
reset-quantum
|
||||||
|
|
||||||
|
os-refresh-config
|
|
@ -0,0 +1,46 @@
|
||||||
|
{
|
||||||
|
"OpenStack::Heat::Stack": {
|
||||||
|
"Name": "foo",
|
||||||
|
"Region": "az1",
|
||||||
|
"RefreshResource": "foo"
|
||||||
|
},
|
||||||
|
"admin-token": "foobar",
|
||||||
|
"admin-password": "kilgore",
|
||||||
|
"service-password": "foobaz",
|
||||||
|
"db-password": "stackdb",
|
||||||
|
"keystone": {
|
||||||
|
"host": "127.0.0.1",
|
||||||
|
"db": "mysql://keystone:stackdb@localhost/keystone"
|
||||||
|
},
|
||||||
|
"interfaces": {
|
||||||
|
"control": "eth0"
|
||||||
|
},
|
||||||
|
"rabbit": {
|
||||||
|
"host": "127.0.0.1",
|
||||||
|
"password": "guest"
|
||||||
|
},
|
||||||
|
"glance": {
|
||||||
|
"host": "127.0.0.1",
|
||||||
|
"db": "mysql://glance:stackdb@localhost/glance"
|
||||||
|
},
|
||||||
|
"nova": {
|
||||||
|
"host": "127.0.0.1",
|
||||||
|
"db": "mysql://nova:stackdb@localhost/nova",
|
||||||
|
"bm_db": "mysql://nova:stackdb@localhost/nova_bm",
|
||||||
|
"virtual_power_user": "stack",
|
||||||
|
"virtual_power_key": "/opt/stack/boot-stack/virtual-power-key",
|
||||||
|
"virtual_power_ssh_host": "192.168.122.1"
|
||||||
|
},
|
||||||
|
"cinder": {
|
||||||
|
"db": "mysql://cinder:stackdb@localhost/cinder",
|
||||||
|
"volume_size_mb": "5000"
|
||||||
|
},
|
||||||
|
"quantum": {
|
||||||
|
"host": "127.0.0.1",
|
||||||
|
"ovs_db": "mysql://quantum:stackdb@localhost/ovs_quantum?charset=utf8"
|
||||||
|
},
|
||||||
|
"swift": {
|
||||||
|
"store_user": "foo",
|
||||||
|
"store_key": "bar"
|
||||||
|
}
|
||||||
|
}
|
|
@ -0,0 +1,5 @@
|
||||||
|
keystone
|
||||||
|
glance
|
||||||
|
nova
|
||||||
|
openstack-db
|
||||||
|
quantum
|
|
@ -0,0 +1,22 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eu
|
||||||
|
|
||||||
|
|
||||||
|
# This key is to be retrieved to allow nova to ssh
|
||||||
|
# into the host machine when using VirtualPowerManager
|
||||||
|
ssh-keygen -t rsa -f /opt/stack/boot-stack/virtual-power-key \
|
||||||
|
-N '' -C 'boot-stack key for use with nova VirtualPowerDriver'
|
||||||
|
chown nova:nova /opt/stack/boot-stack/virtual-power-key*
|
||||||
|
chmod 400 /opt/stack/boot-stack/virtual-power-key*
|
||||||
|
|
||||||
|
PATH=/usr/local/bin:$PATH
|
||||||
|
|
||||||
|
# TODO: rabbit should not need to be restarted on first boot - but currently does.
|
||||||
|
# https://bugs.launchpad.net/diskimage-builder/+bug/1166838
|
||||||
|
service rabbitmq-server restart
|
||||||
|
|
||||||
|
os-config-applier
|
||||||
|
wipe-openstack
|
||||||
|
|
||||||
|
touch /opt/stack/boot-stack.ok
|
||||||
|
|
|
@ -0,0 +1,77 @@
|
||||||
|
#!/bin/bash
|
||||||
|
set -eux
|
||||||
|
|
||||||
|
install-packages git build-essential python-dev
|
||||||
|
install-packages tgt busybox # to run diskimage-builder for deploy ramdisk
|
||||||
|
|
||||||
|
install -m 0755 -o root -g root -d /opt/stack/boot-stack
|
||||||
|
|
||||||
|
echo 'nameserver 8.8.8.8' > /etc/resolvconf/resolv.conf.d/head
|
||||||
|
|
||||||
|
# fake heat metadata
|
||||||
|
mkdir -p /var/lib/cloud/data
|
||||||
|
install -m 0755 -o root -g root $(dirname $0)/../config.json /var/lib/cloud/data/cfn-init-data
|
||||||
|
|
||||||
|
# tools
|
||||||
|
for f in `ls $(dirname $0)/../bin`; do
|
||||||
|
install -m 0755 -o root -g root $(dirname $0)/../bin/$f /usr/local/bin/$f
|
||||||
|
done
|
||||||
|
|
||||||
|
# openstack creds
|
||||||
|
# TODO: generate random creds.
|
||||||
|
install -m 0755 -o root -g root $(dirname $0)/../stackrc /root/stackrc
|
||||||
|
echo "source /root/stackrc" >> /root/.bash_profile
|
||||||
|
|
||||||
|
# client tools
|
||||||
|
for client in nova quantum glance; do
|
||||||
|
repo=python-${client}client
|
||||||
|
venvs=/opt/stack/venvs
|
||||||
|
git clone --depth 1 https://github.com/openstack/$repo.git /opt/stack/$repo
|
||||||
|
|
||||||
|
virtualenv $venvs/$repo
|
||||||
|
set +u
|
||||||
|
source $venvs/$repo/bin/activate
|
||||||
|
set -u
|
||||||
|
|
||||||
|
# required for a cliff version conflict. this can be removed once cliff will accept prettytable >0.7
|
||||||
|
pip install cliff
|
||||||
|
|
||||||
|
[ -e /opt/stack/$repo/tools/pip-requires ] && pip install -r /opt/stack/$repo/tools/pip-requires
|
||||||
|
pushd /opt/stack/$repo
|
||||||
|
python setup.py develop --script-dir /usr/local/bin
|
||||||
|
popd
|
||||||
|
#pip install /opt/stack/$repo
|
||||||
|
|
||||||
|
set +u
|
||||||
|
deactivate
|
||||||
|
set -u
|
||||||
|
|
||||||
|
ln -sf /opt/stack/venvs/$repo/bin/$client /usr/local/bin/$client
|
||||||
|
done
|
||||||
|
|
||||||
|
# image toolchain
|
||||||
|
git clone https://github.com/stackforge/diskimage-builder.git /opt/stack/diskimage-builder
|
||||||
|
|
||||||
|
# rabbit
|
||||||
|
install-packages rabbitmq-server
|
||||||
|
|
||||||
|
# db
|
||||||
|
install-packages mysql-server python-mysqldb
|
||||||
|
sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
|
||||||
|
|
||||||
|
function deps {
|
||||||
|
apt-get update
|
||||||
|
install-packages screen ccze
|
||||||
|
install-packages git ipmitool python-dev python-pip python-greenlet python-mysqldb libxml2-dev libxslt-dev python-zmq
|
||||||
|
install-packages openvswitch-common openvswitch-controller openvswitch-switch open-iscsi
|
||||||
|
install-packages python-numpy python-lxml
|
||||||
|
}
|
||||||
|
|
||||||
|
function ip_forwarding {
|
||||||
|
cat > /etc/sysctl.conf <<eof
|
||||||
|
net.ipv4.ip_forward=1
|
||||||
|
eof
|
||||||
|
}
|
||||||
|
|
||||||
|
deps
|
||||||
|
ip_forwarding
|
|
@ -0,0 +1,8 @@
|
||||||
|
# TODO: generate random credentials.
|
||||||
|
export NOVA_VERSION=1.1
|
||||||
|
export OS_PASSWORD=kilgore
|
||||||
|
export OS_AUTH_URL=http://localhost:5000/v2.0
|
||||||
|
export OS_USERNAME=admin
|
||||||
|
export OS_TENANT_NAME=admin
|
||||||
|
export COMPUTE_API_VERSION=1.1
|
||||||
|
export OS_NO_CACHE=True
|
|
@ -1,10 +1,7 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
set -eux
|
set -eux
|
||||||
|
|
||||||
# TODO: use trunk instead of folsom
|
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git
|
||||||
# trunk glance currently results in CRITICAL 'duplicate config entry log-format' errors:
|
|
||||||
# https://bugs.launchpad.net/ubuntu/+source/python-glanceclient/+bug/1131327
|
|
||||||
os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git -b stable/folsom
|
|
||||||
|
|
||||||
mkdir -p /var/lib/glance/images && chown -R glance:glance /var/lib/glance/images
|
mkdir -p /var/lib/glance/images && chown -R glance:glance /var/lib/glance/images
|
||||||
os-svc-daemon glance-api glance glance-api "--debug --log-config /etc/glance/logging.conf"
|
os-svc-daemon glance-api glance glance-api "--debug --log-config /etc/glance/logging.conf"
|
||||||
|
|
|
@ -20,8 +20,8 @@ script
|
||||||
--dhcp-boot=pxelinux.0 \\
|
--dhcp-boot=pxelinux.0 \\
|
||||||
--bind-interfaces \\
|
--bind-interfaces \\
|
||||||
--pid-file=/var/run/dnsmasq.pid \\
|
--pid-file=/var/run/dnsmasq.pid \\
|
||||||
--interface=eth0 \\
|
--interface=br-ctlplane \\
|
||||||
--dhcp-range=10.8.53.201,10.8.53.206,29
|
--dhcp-range=192.0.2.65,192.0.2.69,29
|
||||||
end script
|
end script
|
||||||
eof
|
eof
|
||||||
}
|
}
|
||||||
|
|
|
@ -90,5 +90,5 @@ instance_type_extra_specs = cpu_arch:i386
|
||||||
power_manager = nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
|
power_manager = nova.virt.baremetal.virtual_power_driver.VirtualPowerManager
|
||||||
driver = nova.virt.baremetal.pxe.PXE
|
driver = nova.virt.baremetal.pxe.PXE
|
||||||
virtual_power_host_user={{nova.virtual_power_user}}
|
virtual_power_host_user={{nova.virtual_power_user}}
|
||||||
virtual_power_host_pass={{nova.virtual_power_pass}}
|
virtual_power_host_key={{nova.virtual_power_key}}
|
||||||
virtual_power_ssh_host={{nova.virtual_power_ssh_host}}
|
virtual_power_ssh_host={{nova.virtual_power_ssh_host}}
|
||||||
|
|
|
@ -1,26 +0,0 @@
|
||||||
#!/bin/bash
|
|
||||||
set -eu
|
|
||||||
|
|
||||||
# TODO: make this easily configurable
|
|
||||||
db_pass=stackdb
|
|
||||||
|
|
||||||
service mysql restart
|
|
||||||
|
|
||||||
create-os-db keystone keystone $db_pass
|
|
||||||
keystone-manage db_sync
|
|
||||||
|
|
||||||
create-os-db cinder cinder $db_pass
|
|
||||||
cinder-manage db sync
|
|
||||||
|
|
||||||
create-os-db nova nova $db_pass
|
|
||||||
nova-manage db sync
|
|
||||||
|
|
||||||
create-os-db nova_bm nova $db_pass
|
|
||||||
nova-baremetal-manage db sync
|
|
||||||
|
|
||||||
create-os-db glance glance $db_pass
|
|
||||||
glance-manage db_sync
|
|
||||||
|
|
||||||
create-os-db ovs_quantum quantum $db_pass
|
|
||||||
|
|
||||||
|
|
|
@ -1,2 +1,2 @@
|
||||||
#!/bin/bash
|
#!/bin/bash
|
||||||
exec os-config-applier -s OpenStack::Config
|
exec os-config-applier
|
||||||
|
|
|
@ -19,7 +19,7 @@ end script
|
||||||
|
|
||||||
respawn
|
respawn
|
||||||
|
|
||||||
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd $args
|
exec start-stop-daemon --start -c $user --exec /opt/stack/venvs/$user/bin/$cmd -- $args
|
||||||
EOF
|
EOF
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -7,7 +7,7 @@ reconnect_interval = 2
|
||||||
bridge_mappings = ctlplane:br-ctlplane
|
bridge_mappings = ctlplane:br-ctlplane
|
||||||
network_vlan_ranges = ctlplane
|
network_vlan_ranges = ctlplane
|
||||||
|
|
||||||
tenant_network_type = gre
|
tenant_network_type = vlan
|
||||||
tunnel_id_ranges = 1:1000
|
tunnel_id_ranges = 1:1000
|
||||||
enable_tunneling = False
|
enable_tunneling = False
|
||||||
integration_bridge = br-int
|
integration_bridge = br-int
|
||||||
|
|
Loading…
Reference in New Issue