Merge remote-tracking branch 'origin/master' into xen
This commit is contained in:
commit
082cc3bec6
6 changed files with 94 additions and 29 deletions
41
exercise.sh
41
exercise.sh
|
@ -82,11 +82,11 @@ nova boot --flavor $FLAVOR --image $IMAGE $NAME --security_groups=$SECGROUP
|
||||||
# Waiting for boot
|
# Waiting for boot
|
||||||
# ----------------
|
# ----------------
|
||||||
|
|
||||||
# let's give it 10 seconds to launch
|
# check that the status is active within 10 seconds
|
||||||
sleep 10
|
if ! timeout 10 sh -c "while ! nova show $NAME | grep status | grep -q ACTIVE; do sleep 1; done"; then
|
||||||
|
echo "server didn't become active!"
|
||||||
# check that the status is active
|
exit 1
|
||||||
nova show $NAME | grep status | grep -q ACTIVE
|
fi
|
||||||
|
|
||||||
# get the IP of the server
|
# get the IP of the server
|
||||||
IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
|
IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
|
||||||
|
@ -94,14 +94,13 @@ IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
|
||||||
# for single node deployments, we can ping private ips
|
# for single node deployments, we can ping private ips
|
||||||
MULTI_HOST=${MULTI_HOST:-0}
|
MULTI_HOST=${MULTI_HOST:-0}
|
||||||
if [ "$MULTI_HOST" = "0" ]; then
|
if [ "$MULTI_HOST" = "0" ]; then
|
||||||
# ping it once (timeout of a second)
|
|
||||||
ping -c1 -w1 $IP || true
|
|
||||||
|
|
||||||
# sometimes the first ping fails (10 seconds isn't enough time for the VM's
|
# sometimes the first ping fails (10 seconds isn't enough time for the VM's
|
||||||
# network to respond?), so let's wait 5 seconds and really test ping
|
# network to respond?), so let's ping for 15 seconds with a timeout
|
||||||
sleep 5
|
# of a second.
|
||||||
|
if ! timeout 15 sh -c "while ! ping -c1 -w1 $IP; do sleep 1; done"; then
|
||||||
ping -c1 -w1 $IP
|
echo "Couldn't ping server"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Security Groups & Floating IPs
|
# Security Groups & Floating IPs
|
||||||
|
@ -122,21 +121,19 @@ FLOATING_IP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed
|
||||||
# add floating ip to our server
|
# add floating ip to our server
|
||||||
nova add-floating-ip $NAME $FLOATING_IP
|
nova add-floating-ip $NAME $FLOATING_IP
|
||||||
|
|
||||||
# sleep for a smidge
|
# test we can ping our floating ip within 10 seconds
|
||||||
sleep 5
|
if ! timeout 10 sh -c "while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then
|
||||||
|
echo "Couldn't ping server with floating ip"
|
||||||
# ping our floating ip
|
exit 1
|
||||||
ping -c1 -w1 $FLOATING_IP
|
fi
|
||||||
|
|
||||||
# dis-allow icmp traffic (ping)
|
# dis-allow icmp traffic (ping)
|
||||||
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0
|
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0
|
||||||
|
|
||||||
# sleep for a smidge
|
# test we can aren't able to ping our floating ip within 10 seconds
|
||||||
sleep 5
|
if ! timeout 10 sh -c "while ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then
|
||||||
|
|
||||||
# ping our floating ip
|
|
||||||
if ( ping -c1 -w1 $FLOATING_IP ); then
|
|
||||||
print "Security group failure - ping should not be allowed!"
|
print "Security group failure - ping should not be allowed!"
|
||||||
|
echo "Couldn't ping server with floating ip"
|
||||||
exit 1
|
exit 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
|
|
|
@ -27,7 +27,7 @@ registry_port = 9191
|
||||||
log_file = %DEST%/glance/api.log
|
log_file = %DEST%/glance/api.log
|
||||||
|
|
||||||
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
|
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
|
||||||
use_syslog = False
|
use_syslog = %SYSLOG%
|
||||||
|
|
||||||
# ============ Notification System Options =====================
|
# ============ Notification System Options =====================
|
||||||
|
|
||||||
|
|
|
@ -19,7 +19,7 @@ log_file = %DEST%/glance/registry.log
|
||||||
filesystem_store_datadir = %DEST%/glance/images
|
filesystem_store_datadir = %DEST%/glance/images
|
||||||
|
|
||||||
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
|
# Send logs to syslog (/dev/log) instead of to file specified by `log_file`
|
||||||
use_syslog = False
|
use_syslog = %SYSLOG%
|
||||||
|
|
||||||
# SQLAlchemy connection string for the reference implementation
|
# SQLAlchemy connection string for the reference implementation
|
||||||
# registry server. Any valid SQLAlchemy connection string is fine.
|
# registry server. Any valid SQLAlchemy connection string is fine.
|
||||||
|
|
|
@ -1 +1,47 @@
|
||||||
socat
|
Cmnd_Alias NOVACMDS = /bin/chmod /var/lib/nova/tmp/*/root/.ssh, \
|
||||||
|
/bin/chown /var/lib/nova/tmp/*/root/.ssh, \
|
||||||
|
/bin/chown, \
|
||||||
|
/bin/chmod, \
|
||||||
|
/bin/dd, \
|
||||||
|
/sbin/ifconfig, \
|
||||||
|
/sbin/ip, \
|
||||||
|
/sbin/route, \
|
||||||
|
/sbin/iptables, \
|
||||||
|
/sbin/iptables-save, \
|
||||||
|
/sbin/iptables-restore, \
|
||||||
|
/sbin/ip6tables-save, \
|
||||||
|
/sbin/ip6tables-restore, \
|
||||||
|
/sbin/kpartx, \
|
||||||
|
/sbin/losetup, \
|
||||||
|
/sbin/lvcreate, \
|
||||||
|
/sbin/lvdisplay, \
|
||||||
|
/sbin/lvremove, \
|
||||||
|
/bin/mkdir, \
|
||||||
|
/bin/mount, \
|
||||||
|
/sbin/pvcreate, \
|
||||||
|
/usr/bin/tee, \
|
||||||
|
/sbin/tune2fs, \
|
||||||
|
/bin/umount, \
|
||||||
|
/sbin/vgcreate, \
|
||||||
|
/usr/bin/virsh, \
|
||||||
|
/usr/bin/qemu-nbd, \
|
||||||
|
/usr/sbin/brctl, \
|
||||||
|
/sbin/brctl, \
|
||||||
|
/usr/sbin/radvd, \
|
||||||
|
/usr/sbin/vblade-persist, \
|
||||||
|
/sbin/pvcreate, \
|
||||||
|
/sbin/aoe-discover, \
|
||||||
|
/sbin/vgcreate, \
|
||||||
|
/bin/aoe-stat, \
|
||||||
|
/bin/kill, \
|
||||||
|
/sbin/vconfig, \
|
||||||
|
/usr/sbin/ietadm, \
|
||||||
|
/sbin/vgs, \
|
||||||
|
/sbin/iscsiadm, \
|
||||||
|
/usr/bin/socat, \
|
||||||
|
/sbin/parted, \
|
||||||
|
/usr/sbin/dnsmasq, \
|
||||||
|
/usr/bin/arping
|
||||||
|
|
||||||
|
%USER% ALL = (root) NOPASSWD: SETENV: NOVACMDS
|
||||||
|
|
||||||
|
|
21
stack.sh
21
stack.sh
|
@ -78,6 +78,9 @@ source ./stackrc
|
||||||
# Destination path for installation ``DEST``
|
# Destination path for installation ``DEST``
|
||||||
DEST=${DEST:-/opt/stack}
|
DEST=${DEST:-/opt/stack}
|
||||||
|
|
||||||
|
# Configure services to syslog instead of writing to individual log files
|
||||||
|
SYSLOG=${SYSLOG:-False}
|
||||||
|
|
||||||
# OpenStack is designed to be run as a regular user (Dashboard will fail to run
|
# OpenStack is designed to be run as a regular user (Dashboard will fail to run
|
||||||
# as root, since apache refused to startup serve content from root user). If
|
# as root, since apache refused to startup serve content from root user). If
|
||||||
# stack.sh is run as root, it automatically creates a stack user with
|
# stack.sh is run as root, it automatically creates a stack user with
|
||||||
|
@ -116,6 +119,15 @@ if [[ $EUID -eq 0 ]]; then
|
||||||
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack
|
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack
|
||||||
fi
|
fi
|
||||||
exit 1
|
exit 1
|
||||||
|
else
|
||||||
|
# Our user needs passwordless priviledges for certain commands which nova
|
||||||
|
# uses internally.
|
||||||
|
# Natty uec images sudoers does not have a '#includedir'. add one.
|
||||||
|
sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
|
||||||
|
echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
|
||||||
|
sudo cp $FILES/sudo/nova /etc/sudoers.d/stack_sh_nova
|
||||||
|
sudo sed -e "s,%USER%,$USER,g" -i /etc/sudoers.d/stack_sh_nova
|
||||||
|
sudo chmod 0440 /etc/sudoers.d/stack_sh_nova
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Set the destination directories for openstack projects
|
# Set the destination directories for openstack projects
|
||||||
|
@ -199,7 +211,7 @@ function read_password {
|
||||||
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0}
|
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0}
|
||||||
FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
|
FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
|
||||||
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
|
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
|
||||||
FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28}
|
FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.224/28}
|
||||||
NET_MAN=${NET_MAN:-FlatDHCPManager}
|
NET_MAN=${NET_MAN:-FlatDHCPManager}
|
||||||
EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP}
|
EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP}
|
||||||
FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100}
|
FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100}
|
||||||
|
@ -365,8 +377,6 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop
|
||||||
# it since we are going to run the services in screen for simple
|
# it since we are going to run the services in screen for simple
|
||||||
cp $FILES/screenrc ~/.screenrc
|
cp $FILES/screenrc ~/.screenrc
|
||||||
|
|
||||||
## TODO: update current user to allow sudo for all commands in files/sudo/*
|
|
||||||
|
|
||||||
# Rabbit
|
# Rabbit
|
||||||
# ---------
|
# ---------
|
||||||
|
|
||||||
|
@ -472,11 +482,13 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then
|
||||||
sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF
|
sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF
|
||||||
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF
|
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF
|
||||||
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF
|
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF
|
||||||
|
sudo sed -e "s,%SYSLOG%,$SYSLOG,g" -i $GLANCE_CONF
|
||||||
|
|
||||||
GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf
|
GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf
|
||||||
cp $FILES/glance-api.conf $GLANCE_API_CONF
|
cp $FILES/glance-api.conf $GLANCE_API_CONF
|
||||||
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF
|
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF
|
||||||
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF
|
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF
|
||||||
|
sudo sed -e "s,%SYSLOG%,$SYSLOG,g" -i $GLANCE_API_CONF
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# Nova
|
# Nova
|
||||||
|
@ -617,6 +629,9 @@ if [ -n "$MULTI_HOST" ]; then
|
||||||
add_nova_flag "--multi_host=$MULTI_HOST"
|
add_nova_flag "--multi_host=$MULTI_HOST"
|
||||||
add_nova_flag "--send_arp_for_ha=1"
|
add_nova_flag "--send_arp_for_ha=1"
|
||||||
fi
|
fi
|
||||||
|
if [ "$SYSLOG" != "False" ]; then
|
||||||
|
add_nova_flag "--use_syslog=1"
|
||||||
|
fi
|
||||||
|
|
||||||
# XenServer
|
# XenServer
|
||||||
# ---------
|
# ---------
|
||||||
|
|
|
@ -341,7 +341,14 @@ chroot $ROOTFS chown -R stack $DEST
|
||||||
# Change boot params so that we get a console log
|
# Change boot params so that we get a console log
|
||||||
sudo sed -e "s/quiet splash/splash console=ttyS0 console=ttyS1,19200n8/g" -i $ROOTFS/boot/grub/menu.lst
|
sudo sed -e "s/quiet splash/splash console=ttyS0 console=ttyS1,19200n8/g" -i $ROOTFS/boot/grub/menu.lst
|
||||||
sudo sed -e "s/^hiddenmenu//g" -i $ROOTFS/boot/grub/menu.lst
|
sudo sed -e "s/^hiddenmenu//g" -i $ROOTFS/boot/grub/menu.lst
|
||||||
#chroot $ROOTFS grub-install /dev/vda
|
|
||||||
|
# Set the hostname
|
||||||
|
echo $GUEST_NAME > $ROOTFS/etc/hostname
|
||||||
|
|
||||||
|
# We need the hostname to resolve for rabbit to launch
|
||||||
|
if ! grep -q $GUEST_NAME $ROOTFS/etc/hosts; then
|
||||||
|
echo "$GUEST_IP $GUEST_NAME" >> $ROOTFS/etc/hosts
|
||||||
|
fi
|
||||||
|
|
||||||
# Unmount
|
# Unmount
|
||||||
umount $ROOTFS || echo 'ok'
|
umount $ROOTFS || echo 'ok'
|
||||||
|
|
Loading…
Reference in a new issue