add a new user stack with sudoers privileges (start of using sudo again)
This commit is contained in:
parent
4f0c9bc6a8
commit
18d350da36
4 changed files with 42 additions and 26 deletions
|
@ -1,8 +1,6 @@
|
||||||
dnsmasq-base
|
dnsmasq-base
|
||||||
kpartx
|
kpartx
|
||||||
mysql-server
|
mysql-server
|
||||||
mysql-common # install mysql-common/client explicitly since mysql-server isn't bootstrapped
|
|
||||||
mysql-client-5.1
|
|
||||||
python-mysqldb
|
python-mysqldb
|
||||||
kvm
|
kvm
|
||||||
gawk
|
gawk
|
||||||
|
@ -15,11 +13,6 @@ libvirt-bin
|
||||||
vlan
|
vlan
|
||||||
curl
|
curl
|
||||||
rabbitmq-server
|
rabbitmq-server
|
||||||
erlang-base # install erlang deps for rabbit explicitly since we don't install rabbit during bootstrap
|
|
||||||
erlang-ssl
|
|
||||||
erlang-nox
|
|
||||||
erlang-inets
|
|
||||||
erlang-mnesia
|
|
||||||
socat # used by ajaxterm
|
socat # used by ajaxterm
|
||||||
python-mox
|
python-mox
|
||||||
python-paste
|
python-paste
|
||||||
|
|
12
apts/preseed
Normal file
12
apts/preseed
Normal file
|
@ -0,0 +1,12 @@
|
||||||
|
# a collection of packages that speed up installation as they are dependencies
|
||||||
|
# of packages we can't install during bootstraping (rabbitmq-server,
|
||||||
|
# mysql-server, libvirt-bin)
|
||||||
|
#
|
||||||
|
# NOTE: only add packages to this file that aren't needed directly
|
||||||
|
mysql-common
|
||||||
|
mysql-client-5.1
|
||||||
|
erlang-base
|
||||||
|
erlang-ssl
|
||||||
|
erlang-nox
|
||||||
|
erlang-inets
|
||||||
|
erlang-mnesia
|
|
@ -51,5 +51,11 @@ if [ -f /root/.ssh/id_rsa.pub ]; then
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# set root password to password
|
# set root password to password
|
||||||
echo root:password | chroot $DEST chpasswd
|
echo root:pass | chroot $DEST chpasswd
|
||||||
|
|
||||||
|
# create a stack user
|
||||||
|
chroot $DEST useradd stack -s /bin/bash -d /opt
|
||||||
|
echo stack:pass | chroot $DEST chpasswd
|
||||||
|
chroot $DEST chown -R stack /opt
|
||||||
|
|
||||||
|
echo "stack ALL=(ALL) NOPASSWD: ALL" >> $DEST/etc/sudoers
|
||||||
|
|
41
stack.sh
41
stack.sh
|
@ -44,17 +44,17 @@ SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova}
|
||||||
# TODO: set rabbitmq conn string explicitly as well
|
# TODO: set rabbitmq conn string explicitly as well
|
||||||
|
|
||||||
# seed configuration with mysql password
|
# seed configuration with mysql password
|
||||||
cat <<MYSQL_PRESEED | debconf-set-selections
|
cat <<MYSQL_PRESEED | sudo debconf-set-selections
|
||||||
mysql-server-5.1 mysql-server/root_password password $MYSQL_PASS
|
mysql-server-5.1 mysql-server/root_password password $MYSQL_PASS
|
||||||
mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASS
|
mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASS
|
||||||
mysql-server-5.1 mysql-server/start_on_boot boolean true
|
mysql-server-5.1 mysql-server/start_on_boot boolean true
|
||||||
MYSQL_PRESEED
|
MYSQL_PRESEED
|
||||||
|
|
||||||
# install apt requirements
|
# install apt requirements
|
||||||
apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1`
|
sudo apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1`
|
||||||
|
|
||||||
# install python requirements
|
# install python requirements
|
||||||
pip install `cat $DIR/pips/*`
|
sudo pip install `cat $DIR/pips/*`
|
||||||
|
|
||||||
# git clone only if directory doesn't exist already
|
# git clone only if directory doesn't exist already
|
||||||
function git_clone {
|
function git_clone {
|
||||||
|
@ -81,19 +81,19 @@ git_clone https://github.com/cloudbuilders/openstackx.git $API_DIR
|
||||||
|
|
||||||
# setup our checkouts so they are installed into python path
|
# setup our checkouts so they are installed into python path
|
||||||
# allowing `import nova` or `import glance.client`
|
# allowing `import nova` or `import glance.client`
|
||||||
cd $NOVACLIENT_DIR; python setup.py develop
|
cd $NOVACLIENT_DIR; sudo python setup.py develop
|
||||||
cd $KEYSTONE_DIR; python setup.py develop
|
cd $KEYSTONE_DIR; sudo python setup.py develop
|
||||||
cd $GLANCE_DIR; python setup.py develop
|
cd $GLANCE_DIR; sudo python setup.py develop
|
||||||
cd $API_DIR; python setup.py develop
|
cd $API_DIR; sudo python setup.py develop
|
||||||
cd $DASH_DIR/django-openstack; python setup.py develop
|
cd $DASH_DIR/django-openstack; sudo python setup.py develop
|
||||||
cd $DASH_DIR/openstack-dashboard; python setup.py develop
|
cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop
|
||||||
|
|
||||||
# attempt to load modules: kvm (hardware virt) and nbd (network block
|
# attempt to load modules: kvm (hardware virt) and nbd (network block
|
||||||
# device - used to manage qcow images)
|
# device - used to manage qcow images)
|
||||||
modprobe nbd || true
|
sudo modprobe nbd || true
|
||||||
modprobe kvm || true
|
sudo modprobe kvm || true
|
||||||
# if kvm wasn't running before we need to restart libvirt to enable it
|
# if kvm wasn't running before we need to restart libvirt to enable it
|
||||||
/etc/init.d/libvirt-bin restart
|
sudo /etc/init.d/libvirt-bin restart
|
||||||
|
|
||||||
# FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded?
|
# FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded?
|
||||||
|
|
||||||
|
@ -104,7 +104,7 @@ mkdir -p $NOVA_DIR/instances
|
||||||
# can be labeled via e2label)
|
# can be labeled via e2label)
|
||||||
# FIXME: if already mounted this blows up...
|
# FIXME: if already mounted this blows up...
|
||||||
if [ -L /dev/disk/by-label/nova-instances ]; then
|
if [ -L /dev/disk/by-label/nova-instances ]; then
|
||||||
mount -L nova-instances $NOVA_DIR/instances
|
sudo mount -L nova-instances $NOVA_DIR/instances
|
||||||
fi
|
fi
|
||||||
|
|
||||||
# *Dashboard*: setup django application to serve via apache/wsgi
|
# *Dashboard*: setup django application to serve via apache/wsgi
|
||||||
|
@ -120,13 +120,18 @@ cd $DASH_DIR/openstack-dashboard
|
||||||
cp local/local_settings.py.example local/local_settings.py
|
cp local/local_settings.py.example local/local_settings.py
|
||||||
dashboard/manage.py syncdb
|
dashboard/manage.py syncdb
|
||||||
|
|
||||||
# ## Setup Apache
|
# ---- Setup Apache ----
|
||||||
# create an empty directory to use as our
|
# create an empty directory to use as our
|
||||||
mkdir $DASH_DIR/.blackhole
|
mkdir $DASH_DIR/.blackhole
|
||||||
|
|
||||||
# FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it
|
# FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it
|
||||||
cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /etc/apache2/sites-enabled/000-default
|
cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /tmp/000-default
|
||||||
chown -R www-data:www-data $DASH_DIR
|
sudo mv /tmp/000-default /etc/apache2/sites-enabled
|
||||||
|
|
||||||
|
# `python setup.py develop` left some files owned by root in $DASH_DIR and
|
||||||
|
# others by the original owner. We need to change the owner to apache so
|
||||||
|
# dashboard can run
|
||||||
|
sudo chown -R www-data:www-data $DASH_DIR
|
||||||
|
|
||||||
mkdir -p /var/log/glance
|
mkdir -p /var/log/glance
|
||||||
|
|
||||||
|
@ -175,8 +180,8 @@ rm -rf $NOVA_DIR/networks
|
||||||
mkdir -p $NOVA_DIR/networks
|
mkdir -p $NOVA_DIR/networks
|
||||||
|
|
||||||
# (re)create nova database
|
# (re)create nova database
|
||||||
mysql -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true
|
mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true
|
||||||
mysql -p$MYSQL_PASS -e 'CREATE DATABASE nova;'
|
mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;'
|
||||||
$NOVA_DIR/bin/nova-manage db sync
|
$NOVA_DIR/bin/nova-manage db sync
|
||||||
|
|
||||||
# initialize keystone with default users/endpoints
|
# initialize keystone with default users/endpoints
|
||||||
|
|
Loading…
Reference in a new issue