Merge remote-tracking branch 'origin/master' into xen

This commit is contained in:
Anthony Young 2011-10-27 17:07:32 -07:00
commit 082cc3bec6
6 changed files with 94 additions and 29 deletions

View file

@ -82,11 +82,11 @@ nova boot --flavor $FLAVOR --image $IMAGE $NAME --security_groups=$SECGROUP
# Waiting for boot # Waiting for boot
# ---------------- # ----------------
# let's give it 10 seconds to launch # check that the status is active within 10 seconds
sleep 10 if ! timeout 10 sh -c "while ! nova show $NAME | grep status | grep -q ACTIVE; do sleep 1; done"; then
echo "server didn't become active!"
# check that the status is active exit 1
nova show $NAME | grep status | grep -q ACTIVE fi
# get the IP of the server # get the IP of the server
IP=`nova show $NAME | grep "private network" | cut -d"|" -f3` IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
@ -94,14 +94,13 @@ IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
# for single node deployments, we can ping private ips # for single node deployments, we can ping private ips
MULTI_HOST=${MULTI_HOST:-0} MULTI_HOST=${MULTI_HOST:-0}
if [ "$MULTI_HOST" = "0" ]; then if [ "$MULTI_HOST" = "0" ]; then
# ping it once (timeout of a second)
ping -c1 -w1 $IP || true
# sometimes the first ping fails (10 seconds isn't enough time for the VM's # sometimes the first ping fails (10 seconds isn't enough time for the VM's
# network to respond?), so let's wait 5 seconds and really test ping # network to respond?), so let's ping for 15 seconds with a timeout
sleep 5 # of a second.
if ! timeout 15 sh -c "while ! ping -c1 -w1 $IP; do sleep 1; done"; then
ping -c1 -w1 $IP echo "Couldn't ping server"
exit 1
fi
fi fi
# Security Groups & Floating IPs # Security Groups & Floating IPs
@ -122,21 +121,19 @@ FLOATING_IP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed
# add floating ip to our server # add floating ip to our server
nova add-floating-ip $NAME $FLOATING_IP nova add-floating-ip $NAME $FLOATING_IP
# sleep for a smidge # test we can ping our floating ip within 10 seconds
sleep 5 if ! timeout 10 sh -c "while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then
echo "Couldn't ping server with floating ip"
# ping our floating ip exit 1
ping -c1 -w1 $FLOATING_IP fi
# dis-allow icmp traffic (ping) # dis-allow icmp traffic (ping)
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0 nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0
# sleep for a smidge # test we can aren't able to ping our floating ip within 10 seconds
sleep 5 if ! timeout 10 sh -c "while ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then
# ping our floating ip
if ( ping -c1 -w1 $FLOATING_IP ); then
print "Security group failure - ping should not be allowed!" print "Security group failure - ping should not be allowed!"
echo "Couldn't ping server with floating ip"
exit 1 exit 1
fi fi

View file

@ -27,7 +27,7 @@ registry_port = 9191
log_file = %DEST%/glance/api.log log_file = %DEST%/glance/api.log
# Send logs to syslog (/dev/log) instead of to file specified by `log_file` # Send logs to syslog (/dev/log) instead of to file specified by `log_file`
use_syslog = False use_syslog = %SYSLOG%
# ============ Notification System Options ===================== # ============ Notification System Options =====================

View file

@ -19,7 +19,7 @@ log_file = %DEST%/glance/registry.log
filesystem_store_datadir = %DEST%/glance/images filesystem_store_datadir = %DEST%/glance/images
# Send logs to syslog (/dev/log) instead of to file specified by `log_file` # Send logs to syslog (/dev/log) instead of to file specified by `log_file`
use_syslog = False use_syslog = %SYSLOG%
# SQLAlchemy connection string for the reference implementation # SQLAlchemy connection string for the reference implementation
# registry server. Any valid SQLAlchemy connection string is fine. # registry server. Any valid SQLAlchemy connection string is fine.

View file

@ -1 +1,47 @@
socat Cmnd_Alias NOVACMDS = /bin/chmod /var/lib/nova/tmp/*/root/.ssh, \
/bin/chown /var/lib/nova/tmp/*/root/.ssh, \
/bin/chown, \
/bin/chmod, \
/bin/dd, \
/sbin/ifconfig, \
/sbin/ip, \
/sbin/route, \
/sbin/iptables, \
/sbin/iptables-save, \
/sbin/iptables-restore, \
/sbin/ip6tables-save, \
/sbin/ip6tables-restore, \
/sbin/kpartx, \
/sbin/losetup, \
/sbin/lvcreate, \
/sbin/lvdisplay, \
/sbin/lvremove, \
/bin/mkdir, \
/bin/mount, \
/sbin/pvcreate, \
/usr/bin/tee, \
/sbin/tune2fs, \
/bin/umount, \
/sbin/vgcreate, \
/usr/bin/virsh, \
/usr/bin/qemu-nbd, \
/usr/sbin/brctl, \
/sbin/brctl, \
/usr/sbin/radvd, \
/usr/sbin/vblade-persist, \
/sbin/pvcreate, \
/sbin/aoe-discover, \
/sbin/vgcreate, \
/bin/aoe-stat, \
/bin/kill, \
/sbin/vconfig, \
/usr/sbin/ietadm, \
/sbin/vgs, \
/sbin/iscsiadm, \
/usr/bin/socat, \
/sbin/parted, \
/usr/sbin/dnsmasq, \
/usr/bin/arping
%USER% ALL = (root) NOPASSWD: SETENV: NOVACMDS

View file

@ -78,6 +78,9 @@ source ./stackrc
# Destination path for installation ``DEST`` # Destination path for installation ``DEST``
DEST=${DEST:-/opt/stack} DEST=${DEST:-/opt/stack}
# Configure services to syslog instead of writing to individual log files
SYSLOG=${SYSLOG:-False}
# OpenStack is designed to be run as a regular user (Dashboard will fail to run # OpenStack is designed to be run as a regular user (Dashboard will fail to run
# as root, since apache refused to startup serve content from root user). If # as root, since apache refused to startup serve content from root user). If
# stack.sh is run as root, it automatically creates a stack user with # stack.sh is run as root, it automatically creates a stack user with
@ -116,6 +119,15 @@ if [[ $EUID -eq 0 ]]; then
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack
fi fi
exit 1 exit 1
else
# Our user needs passwordless priviledges for certain commands which nova
# uses internally.
# Natty uec images sudoers does not have a '#includedir'. add one.
sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
sudo cp $FILES/sudo/nova /etc/sudoers.d/stack_sh_nova
sudo sed -e "s,%USER%,$USER,g" -i /etc/sudoers.d/stack_sh_nova
sudo chmod 0440 /etc/sudoers.d/stack_sh_nova
fi fi
# Set the destination directories for openstack projects # Set the destination directories for openstack projects
@ -199,7 +211,7 @@ function read_password {
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0}
FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24}
FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256} FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256}
FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.224/28}
NET_MAN=${NET_MAN:-FlatDHCPManager} NET_MAN=${NET_MAN:-FlatDHCPManager}
EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP}
FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100}
@ -365,8 +377,6 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop
# it since we are going to run the services in screen for simple # it since we are going to run the services in screen for simple
cp $FILES/screenrc ~/.screenrc cp $FILES/screenrc ~/.screenrc
## TODO: update current user to allow sudo for all commands in files/sudo/*
# Rabbit # Rabbit
# --------- # ---------
@ -472,11 +482,13 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then
sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF
sudo sed -e "s,%SYSLOG%,$SYSLOG,g" -i $GLANCE_CONF
GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf
cp $FILES/glance-api.conf $GLANCE_API_CONF cp $FILES/glance-api.conf $GLANCE_API_CONF
sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF
sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF
sudo sed -e "s,%SYSLOG%,$SYSLOG,g" -i $GLANCE_API_CONF
fi fi
# Nova # Nova
@ -617,6 +629,9 @@ if [ -n "$MULTI_HOST" ]; then
add_nova_flag "--multi_host=$MULTI_HOST" add_nova_flag "--multi_host=$MULTI_HOST"
add_nova_flag "--send_arp_for_ha=1" add_nova_flag "--send_arp_for_ha=1"
fi fi
if [ "$SYSLOG" != "False" ]; then
add_nova_flag "--use_syslog=1"
fi
# XenServer # XenServer
# --------- # ---------

View file

@ -341,7 +341,14 @@ chroot $ROOTFS chown -R stack $DEST
# Change boot params so that we get a console log # Change boot params so that we get a console log
sudo sed -e "s/quiet splash/splash console=ttyS0 console=ttyS1,19200n8/g" -i $ROOTFS/boot/grub/menu.lst sudo sed -e "s/quiet splash/splash console=ttyS0 console=ttyS1,19200n8/g" -i $ROOTFS/boot/grub/menu.lst
sudo sed -e "s/^hiddenmenu//g" -i $ROOTFS/boot/grub/menu.lst sudo sed -e "s/^hiddenmenu//g" -i $ROOTFS/boot/grub/menu.lst
#chroot $ROOTFS grub-install /dev/vda
# Set the hostname
echo $GUEST_NAME > $ROOTFS/etc/hostname
# We need the hostname to resolve for rabbit to launch
if ! grep -q $GUEST_NAME $ROOTFS/etc/hosts; then
echo "$GUEST_IP $GUEST_NAME" >> $ROOTFS/etc/hosts
fi
# Unmount # Unmount
umount $ROOTFS || echo 'ok' umount $ROOTFS || echo 'ok'