From ba23cc730f2a9483792524e3759bd78f36621dcc Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 03:22:13 -0700 Subject: [PATCH 001/278] project to speed up development on physical hardware --- README | 7 ++ apts/dash | 4 + apts/general | 11 +++ apts/glance | 8 ++ apts/keystone | 15 +++ apts/nova | 34 +++++++ build.sh | 52 ++++++++++ natty | 219 ++++++++++++++++++++++++++++++++++++++++++ pips/dash | 22 +++++ sources.list | 9 ++ stack.sh | 261 ++++++++++++++++++++++++++++++++++++++++++++++++++ 11 files changed, 642 insertions(+) create mode 100644 README create mode 100644 apts/dash create mode 100644 apts/general create mode 100644 apts/glance create mode 100644 apts/keystone create mode 100644 apts/nova create mode 100755 build.sh create mode 100644 natty create mode 100644 pips/dash create mode 100644 sources.list create mode 100755 stack.sh diff --git a/README b/README new file mode 100644 index 0000000..4a78f6e --- /dev/null +++ b/README @@ -0,0 +1,7 @@ +Tool to build nfs export openstack environments. This is useful for development + +* todo: move as much from run to install as possible + * issue: HOST_IP will be different on each machine - might need to update / change stuff +* todo: use local disk on nfs boots for instances +* idea: create a live-cd / vmware preview image using this? +* idea: use lxc to make the proto-image have everything? so launching a new server is just turn on / updating / run? diff --git a/apts/dash b/apts/dash new file mode 100644 index 0000000..91b852d --- /dev/null +++ b/apts/dash @@ -0,0 +1,4 @@ +apache2 +libapache2-mod-wsgi +python-dateutil +python-anyjson diff --git a/apts/general b/apts/general new file mode 100644 index 0000000..5223de6 --- /dev/null +++ b/apts/general @@ -0,0 +1,11 @@ +pep8 +pylint +python-pip +screen +unzip +wget +psmisc +git-core +lsof +openssh-server +vim diff --git a/apts/glance b/apts/glance new file mode 100644 index 0000000..1e87d58 --- /dev/null +++ b/apts/glance @@ -0,0 +1,8 @@ +python-eventlet +python-routes +python-greenlet +python-argparse +python-sqlalchemy +python-wsgiref +python-pastedeploy +python-xattr diff --git a/apts/keystone b/apts/keystone new file mode 100644 index 0000000..6e6d3d5 --- /dev/null +++ b/apts/keystone @@ -0,0 +1,15 @@ +python-setuptools +python-dev +python-lxml +python-pastescript +python-pastedeploy +python-paste +sqlite3 +python-pysqlite2 +python-sqlalchemy +python-webob +python-greenlet +python-routes +libldap2-dev +libsasl2-dev + diff --git a/apts/nova b/apts/nova new file mode 100644 index 0000000..ba563c5 --- /dev/null +++ b/apts/nova @@ -0,0 +1,34 @@ +dnsmasq-base +kpartx +kvm +gawk +iptables +ebtables +sqlite3 +sudo +kvm +libvirt-bin +vlan +curl +rabbitmq-server +socat +python-mox +python-ipy +python-paste +python-migrate +python-gflags +python-greenlet +python-libvirt +python-libxml2 +python-routes +python-netaddr +python-pastedeploy +python-eventlet +python-cheetah +python-carrot +python-tempita +python-sqlalchemy +python-suds +python-lockfile +python-m2crypto +python-boto diff --git a/build.sh b/build.sh new file mode 100755 index 0000000..4166b4b --- /dev/null +++ b/build.sh @@ -0,0 +1,52 @@ +#!/bin/bash + +# TODO: make dest not hardcoded + +NAME=$1 +DEST="/boxes/$NAME/nfs" + +mkdir -p /boxes/$NAME + +# remove old nfs filesystem if one exists +rm -rf $DEST + +# build a proto image - natty + packages that will install (optimization) +if [ ! -d nfs ]; then + debootstrap natty nfs + cp sources.list nfs/etc/apt/sources.list + chroot nfs apt-get update + chroot nfs apt-get install -y `cat apts/* | egrep -v "(rabbitmq|libvirt)"` + chroot nfs pip install `cat pips/*` + git clone https://github.com/cloudbuilders/nova.git nfs/opt/nova + git clone https://github.com/cloudbuilders/openstackx.git nfs/opt/openstackx + git clone https://github.com/cloudbuilders/noVNC.git nfs/opt/noVNC + git clone https://github.com/cloudbuilders/openstack-dashboard.git nfs/opt/dash + git clone https://github.com/cloudbuilders/python-novaclient.git nfs/opt/python-novaclient + git clone https://github.com/cloudbuilders/keystone.git nfs/opt/keystone + git clone https://github.com/cloudbuilders/glance.git nfs/opt/glance +fi + +cp -pr nfs $DEST + +# set hostname +echo $NAME > $DEST/etc/hostname +echo "127.0.0.1 localhost $NAME" > $DEST/etc/hosts + +# copy kernel modules +cp -pr /lib/modules/`uname -r` $DEST/lib/modules + +# copy openstack installer and requirement lists to a new directory. +mkdir -p $DEST/opt +cp stack.sh $DEST/opt/stack.sh +cp -r pips $DEST/opt +cp -r apts $DEST/opt + +# injecting root's ssh key +# FIXME: only do this if id_rsa.pub exists +mkdir $DEST/root/.ssh +chmod 700 $DEST/root/.ssh +cp /root/.ssh/id_rsa.pub $DEST/root/.ssh/authorized_keys + +# set root password to password +echo root:password | chroot $DEST chpasswd + diff --git a/natty b/natty new file mode 100644 index 0000000..9e08600 --- /dev/null +++ b/natty @@ -0,0 +1,219 @@ +# based on debootstrap/scripts/natty + +case $ARCH in + amd64|i386) + default_mirror http://archive.ubuntu.com/ubuntu + ;; + sparc) + case $SUITE in + gutsy) + default_mirror http://archive.ubuntu.com/ubuntu + ;; + *) + default_mirror http://ports.ubuntu.com/ubuntu-ports + ;; + esac + ;; + *) + default_mirror http://ports.ubuntu.com/ubuntu-ports + ;; +esac +mirror_style release +download_style apt +finddebs_style from-indices +variants - buildd fakechroot minbase + +if doing_variant fakechroot; then + test "$FAKECHROOT" = "true" || error 1 FAKECHROOTREQ "This variant requires fakechroot environment to be started" +fi + +case $ARCH in + alpha|ia64) LIBC="libc6.1" ;; + *) LIBC="libc6" ;; +esac + +work_out_debs () { + required="$(get_debs Priority: required) openssh-server" + + if doing_variant -; then + #required="$required $(get_debs Priority: important)" + # ^^ should be getting debconf here somehow maybe + base="$(get_debs Priority: important)" + elif doing_variant buildd; then + base="$(get_debs Build-Essential: yes)" + elif doing_variant fakechroot || doing_variant minbase; then + base="apt" + fi +} + +first_stage_install () { + extract $required + + mkdir -p "$TARGET/var/lib/dpkg" + : >"$TARGET/var/lib/dpkg/status" + : >"$TARGET/var/lib/dpkg/available" + + setup_etc + if [ ! -e "$TARGET/etc/fstab" ]; then + echo '# UNCONFIGURED FSTAB FOR BASE SYSTEM' > "$TARGET/etc/fstab" + chown 0:0 "$TARGET/etc/fstab"; chmod 644 "$TARGET/etc/fstab" + fi + + if doing_variant fakechroot; then + setup_devices_fakechroot + else + setup_devices + fi + + x_feign_install () { + local pkg="$1" + local deb="$(debfor $pkg)" + local ver="$(extract_deb_field "$TARGET/$deb" Version)" + + mkdir -p "$TARGET/var/lib/dpkg/info" + + echo \ +"Package: $pkg +Version: $ver +Status: install ok installed" >> "$TARGET/var/lib/dpkg/status" + + touch "$TARGET/var/lib/dpkg/info/${pkg}.list" + } + + x_feign_install dpkg +} + +second_stage_install () { + x_core_install () { + smallyes '' | in_target dpkg --force-depends --install $(debfor "$@") + } + + p () { + baseprog="$(($baseprog + ${1:-1}))" + } + + if doing_variant fakechroot; then + setup_proc_fakechroot + else + setup_proc + in_target /sbin/ldconfig + fi + + DEBIAN_FRONTEND=noninteractive + DEBCONF_NONINTERACTIVE_SEEN=true + export DEBIAN_FRONTEND DEBCONF_NONINTERACTIVE_SEEN + + baseprog=0 + bases=7 + + p; progress $baseprog $bases INSTCORE "Installing core packages" #1 + info INSTCORE "Installing core packages..." + + p; progress $baseprog $bases INSTCORE "Installing core packages" #2 + ln -sf mawk "$TARGET/usr/bin/awk" + x_core_install base-files base-passwd + p; progress $baseprog $bases INSTCORE "Installing core packages" #3 + x_core_install dpkg + + if [ ! -e "$TARGET/etc/localtime" ]; then + ln -sf /usr/share/zoneinfo/Etc/UTC "$TARGET/etc/localtime" + fi + + if doing_variant fakechroot; then + install_fakechroot_tools + fi + + p; progress $baseprog $bases INSTCORE "Installing core packages" #4 + x_core_install $LIBC + + p; progress $baseprog $bases INSTCORE "Installing core packages" #5 + x_core_install perl-base + + p; progress $baseprog $bases INSTCORE "Installing core packages" #6 + rm "$TARGET/usr/bin/awk" + x_core_install mawk + + p; progress $baseprog $bases INSTCORE "Installing core packages" #7 + if doing_variant -; then + x_core_install debconf + fi + + baseprog=0 + bases=$(set -- $required; echo $#) + + info UNPACKREQ "Unpacking required packages..." + + smallyes '' | + (repeatn 5 in_target_failmsg UNPACK_REQ_FAIL_FIVE "Failure while unpacking required packages. This will be attempted up to five times." "" \ + dpkg --status-fd 8 --force-depends --unpack $(debfor $required) 8>&1 1>&7 | + dpkg_progress $baseprog $bases UNPACKREQ "Unpacking required packages" UNPACKING) 7>&1 + + info CONFREQ "Configuring required packages..." + + if doing_variant fakechroot; then + # fix initscripts postinst (no mounting possible, and wrong if condition) + sed -i '/dpkg.*--compare-versions/ s/\/lt-nl/' "$TARGET/var/lib/dpkg/info/initscripts.postinst" + fi + + mv "$TARGET/sbin/start-stop-daemon" "$TARGET/sbin/start-stop-daemon.REAL" + echo \ +"#!/bin/sh +echo +echo \"Warning: Fake start-stop-daemon called, doing nothing\"" > "$TARGET/sbin/start-stop-daemon" + chmod 755 "$TARGET/sbin/start-stop-daemon" + + if [ -x "$TARGET/sbin/initctl" ]; then + mv "$TARGET/sbin/initctl" "$TARGET/sbin/initctl.REAL" + echo \ +"#!/bin/sh +echo +echo \"Warning: Fake initctl called, doing nothing\"" > "$TARGET/sbin/initctl" + chmod 755 "$TARGET/sbin/initctl" + fi + + setup_dselect_method apt + + smallyes '' | + (in_target_failmsg CONF_REQ_FAIL "Failure while configuring required packages." "" \ + dpkg --status-fd 8 --configure --pending --force-configure-any --force-depends 8>&1 1>&7 | + dpkg_progress $baseprog $bases CONFREQ "Configuring required packages" CONFIGURING) 7>&1 + + baseprog=0 + bases="$(set -- $base; echo $#)" + + info UNPACKBASE "Unpacking the base system..." + + setup_available $required $base + done_predeps= + while predep=$(get_next_predep); do + # We have to resolve dependencies of pre-dependencies manually because + # dpkg --predep-package doesn't handle this. + predep=$(without "$(without "$(resolve_deps $predep)" "$required")" "$done_predeps") + # XXX: progress is tricky due to how dpkg_progress works + # -- cjwatson 2009-07-29 + p; smallyes '' | + in_target dpkg --force-overwrite --force-confold --skip-same-version --install $(debfor $predep) + base=$(without "$base" "$predep") + done_predeps="$done_predeps $predep" + done + + smallyes '' | + (repeatn 5 in_target_failmsg INST_BASE_FAIL_FIVE "Failure while installing base packages. This will be re-attempted up to five times." "" \ + dpkg --status-fd 8 --force-overwrite --force-confold --skip-same-version --unpack $(debfor $base) 8>&1 1>&7 | + dpkg_progress $baseprog $bases UNPACKBASE "Unpacking base system" UNPACKING) 7>&1 + + info CONFBASE "Configuring the base system..." + + smallyes '' | + (repeatn 5 in_target_failmsg CONF_BASE_FAIL_FIVE "Failure while configuring base packages. This will be re-attempted up to five times." "" \ + dpkg --status-fd 8 --force-confold --skip-same-version --configure -a 8>&1 1>&7 | + dpkg_progress $baseprog $bases CONFBASE "Configuring base system" CONFIGURING) 7>&1 + + if [ -x "$TARGET/sbin/initctl.REAL" ]; then + mv "$TARGET/sbin/initctl.REAL" "$TARGET/sbin/initctl" + fi + mv "$TARGET/sbin/start-stop-daemon.REAL" "$TARGET/sbin/start-stop-daemon" + + progress $bases $bases CONFBASE "Configuring base system" + info BASESUCCESS "Base system installed successfully." +} diff --git a/pips/dash b/pips/dash new file mode 100644 index 0000000..e20d6e6 --- /dev/null +++ b/pips/dash @@ -0,0 +1,22 @@ +nose==1.0.0 +Django==1.3 +django-nose==0.1.2 +django-mailer +django-registration==0.7 +kombu +nova-adminclient +python-cloudfiles +python-dateutil +routes +webob +sqlalchemy +paste +PasteDeploy +sqlalchemy-migrate +eventlet +xattr +pep8 +pylint + +-e git+https://github.com/jacobian/openstack.compute.git#egg=openstack + diff --git a/sources.list b/sources.list new file mode 100644 index 0000000..96fab5f --- /dev/null +++ b/sources.list @@ -0,0 +1,9 @@ +deb http://us.archive.ubuntu.com/ubuntu/ natty main restricted +deb http://us.archive.ubuntu.com/ubuntu/ natty-updates main restricted +deb http://us.archive.ubuntu.com/ubuntu/ natty universe +deb http://us.archive.ubuntu.com/ubuntu/ natty-updates universe +deb http://us.archive.ubuntu.com/ubuntu/ natty multiverse +deb http://us.archive.ubuntu.com/ubuntu/ natty-updates multiverse +deb http://security.ubuntu.com/ubuntu natty-security main restricted +deb http://security.ubuntu.com/ubuntu natty-security universe +deb http://security.ubuntu.com/ubuntu natty-security multiverse diff --git a/stack.sh b/stack.sh new file mode 100755 index 0000000..4edb49f --- /dev/null +++ b/stack.sh @@ -0,0 +1,261 @@ +#!/usr/bin/env bash + +# **stack.sh** is rackspace cloudbuilder's opinionated openstack installation. + +# Quit script on error +set -o errexit + +# Log commands as they are run for debugging +set -o xtrace + +DIR=`pwd` +DEST=/opt +CMD=$1 + +# Set hte destination directories for openstack projects +NOVA_DIR=$DEST/nova +DASH_DIR=$DEST/dash +GLANCE_DIR=$DEST/glance +KEYSTONE_DIR=$DEST/keystone +NOVACLIENT_DIR=$DEST/python-novaclient +API_DIR=$DEST/openstackx +NOVNC_DIR=$DEST/noVNC + +# Use the first IP unless an explicit is set by a HOST_IP environment variable +if [ ! -n "$HOST_IP" ]; then + HOST_IP=`LC_ALL=C ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` +fi + +# NOVA CONFIGURATION +INTERFACE=${INTERFACE:-eth0} +FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} +FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} +LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} +NET_MAN=${NET_MAN:-VlanManager} +# NOTE(vish): If you are using FlatDHCP on multiple hosts, set the interface +# below but make sure that the interface doesn't already have an +# ip or you risk breaking things. +# FLAT_INTERFACE=eth0 + +SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite + +# clone a git repository to a location, or if it already +# exists, fetch and checkout remote master +function clone_or_up { + if [ -d $2 ]; then + cd $2 + git fetch origin + git checkout origin/master + else + git clone $1 $2 + fi +} + +# You should only have to run this once +if [ "$CMD" == "install" ]; then + #apt-get install -y python-software-properties + # FIXME: do we still need this? + # DELETEME: add-apt-repository ppa:nova-core/trunk + # DELETEME: apt-get update -qq + + # fixme: do we need: python-boto + apt-get install -y -q `cat $DIR/apts/*` + + # install python requirements + pip install -r $DIR/pips/dash + + # TODO: kill openstackx + clone_or_up https://github.com/cloudbuilders/nova.git $NOVA_DIR + clone_or_up https://github.com/cloudbuilders/openstackx.git $API_DIR + clone_or_up https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR + clone_or_up https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR + clone_or_up https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR + clone_or_up https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR + clone_or_up https://github.com/cloudbuilders/glance.git $GLANCE_DIR + + mkdir -p $NOVA_DIR/instances + mkdir -p $NOVA_DIR/networks + + # these components are imported into each other... + cd $NOVACLIENT_DIR; python setup.py develop + cd $KEYSTONE_DIR; python setup.py develop + cd $GLANCE_DIR; python setup.py develop + cd $API_DIR; python setup.py develop + cd $DASH_DIR/django-openstack; python setup.py develop + cd $DASH_DIR/openstack-dashboard; python setup.py develop + # dash currently imports quantum even if you aren't using it + cd $DASH_DIR/openstack-dashboard + mkdir quantum + touch quantum/__init__.py + touch quantum/client.py + + + # attempt to load kvm and nbd modules + modprobe kvm || true + modprobe nbd || true + /etc/init.d/libvirt-bin restart + + # install dashboard + cd $DASH_DIR/openstack-dashboard + cp local/local_settings.py.example local/local_settings.py +# python tools/install_venv.py + dashboard/manage.py syncdb + # setup apache + mkdir $DASH_DIR/.blackhole + +# cat > $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi <> $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi + + cat > /etc/apache2/sites-enabled/000-default < + WSGIScriptAlias / $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi + WSGIDaemonProcess dashboard user=www-data group=www-data processes=3 threads=10 + WSGIProcessGroup dashboard + + DocumentRoot $DASH_DIR/.blackhole/ + Alias /media $DASH_DIR/openstack-dashboard/media + + + Options FollowSymLinks + AllowOverride None + + + + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + + + ErrorLog /var/log/apache2/error.log + LogLevel warn + CustomLog /var/log/apache2/access.log combined + +EOF + + chown -R www-data:www-data $DASH_DIR + + mkdir -p /var/log/glance + + mkdir -p $DEST/images + wget -c http://images.ansolabs.com/tty.tgz + tar -C $DEST/images -zxf tty.tgz + exit +fi + +# Configure screen +cat >~/.screenrc <> $NOVA_DIR/bin/nova.conf +} + +if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then + + rm -f $NOVA_DIR/bin/nova.conf + + add_nova_flag "--verbose" + add_nova_flag "--nodaemon" + add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" + add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" + add_nova_flag "--my_ip=$HOST_IP" + add_nova_flag "--public_interface=$INTERFACE" + add_nova_flag "--vlan_interface=$INTERFACE" + add_nova_flag "--sql_connection=$SQL_CONN" + add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" + add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" + add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" + add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/noVNC/noVNC" + + if [ -n "$FLAT_INTERFACE" ]; then + add_nova_flag "--flat_interface=$FLAT_INTERFACE" + fi + + add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" + add_nova_flag "--image_service=nova.image.glance.GlanceImageService" + + killall dnsmasq || true + screen -d -m -S nova -t nova + sleep 1 + rm -f $NOVA_DIR/nova.sqlite + rm -rf $NOVA_DIR/instances + mkdir -p $NOVA_DIR/instances + rm -rf $NOVA_DIR/networks + mkdir -p $NOVA_DIR/networks + + # create the database + $NOVA_DIR/bin/nova-manage db sync + rm -f keystone.db + # add default data + curl -OL https://raw.github.com/cloudbuilders/deploy.sh/master/initial_data.sh + BIN_DIR=$KEYSTONE_DIR/bin bash initial_data.sh + + # create a small network + $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 + + # create some floating ips + $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE + + # nova api crashes if we start it with a regular screen command, + # so send the start command by forcing text into the window. + + rm -rf /var/lib/glance/images/* + rm -f $GLANCE_DIR/glance.sqlite + + screen_it n-api "$NOVA_DIR/bin/nova-api" + screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" + screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" + screen_it cpu "$NOVA_DIR/bin/nova-compute" + screen_it net "$NOVA_DIR/bin/nova-network" + screen_it sched "$NOVA_DIR/bin/nova-scheduler" + screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" + screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" + screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" + screen_it test "" + + # FIXME: switch to just importing images + # remove previously converted images + rm -rf $DIR/images/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] + $NOVA_DIR/bin/nova-manage image convert $DIR/images + + if [ "$CMD" != "run_detached" ]; then + screen -S nova -x + fi +fi + +if [ "$CMD" == "run" ] || [ "$CMD" == "terminate" ]; then + virsh list | grep i- | awk '{print $1}' | xargs -n1 virsh destroy + $NOVA_DIR/tools/clean-vlans + echo "FIXME: clean networks?" +fi + +if [ "$CMD" == "run" ] || [ "$CMD" == "clean" ]; then + screen -S nova -X quit + rm -f *.pid* +fi + From 2e8ade1d7226f3022f59b701e018989b1e66e9e1 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 13:28:06 -0700 Subject: [PATCH 002/278] remove deprecated code --- natty | 219 ------------------------------------------------------- stack.sh | 28 +------ 2 files changed, 4 insertions(+), 243 deletions(-) delete mode 100644 natty diff --git a/natty b/natty deleted file mode 100644 index 9e08600..0000000 --- a/natty +++ /dev/null @@ -1,219 +0,0 @@ -# based on debootstrap/scripts/natty - -case $ARCH in - amd64|i386) - default_mirror http://archive.ubuntu.com/ubuntu - ;; - sparc) - case $SUITE in - gutsy) - default_mirror http://archive.ubuntu.com/ubuntu - ;; - *) - default_mirror http://ports.ubuntu.com/ubuntu-ports - ;; - esac - ;; - *) - default_mirror http://ports.ubuntu.com/ubuntu-ports - ;; -esac -mirror_style release -download_style apt -finddebs_style from-indices -variants - buildd fakechroot minbase - -if doing_variant fakechroot; then - test "$FAKECHROOT" = "true" || error 1 FAKECHROOTREQ "This variant requires fakechroot environment to be started" -fi - -case $ARCH in - alpha|ia64) LIBC="libc6.1" ;; - *) LIBC="libc6" ;; -esac - -work_out_debs () { - required="$(get_debs Priority: required) openssh-server" - - if doing_variant -; then - #required="$required $(get_debs Priority: important)" - # ^^ should be getting debconf here somehow maybe - base="$(get_debs Priority: important)" - elif doing_variant buildd; then - base="$(get_debs Build-Essential: yes)" - elif doing_variant fakechroot || doing_variant minbase; then - base="apt" - fi -} - -first_stage_install () { - extract $required - - mkdir -p "$TARGET/var/lib/dpkg" - : >"$TARGET/var/lib/dpkg/status" - : >"$TARGET/var/lib/dpkg/available" - - setup_etc - if [ ! -e "$TARGET/etc/fstab" ]; then - echo '# UNCONFIGURED FSTAB FOR BASE SYSTEM' > "$TARGET/etc/fstab" - chown 0:0 "$TARGET/etc/fstab"; chmod 644 "$TARGET/etc/fstab" - fi - - if doing_variant fakechroot; then - setup_devices_fakechroot - else - setup_devices - fi - - x_feign_install () { - local pkg="$1" - local deb="$(debfor $pkg)" - local ver="$(extract_deb_field "$TARGET/$deb" Version)" - - mkdir -p "$TARGET/var/lib/dpkg/info" - - echo \ -"Package: $pkg -Version: $ver -Status: install ok installed" >> "$TARGET/var/lib/dpkg/status" - - touch "$TARGET/var/lib/dpkg/info/${pkg}.list" - } - - x_feign_install dpkg -} - -second_stage_install () { - x_core_install () { - smallyes '' | in_target dpkg --force-depends --install $(debfor "$@") - } - - p () { - baseprog="$(($baseprog + ${1:-1}))" - } - - if doing_variant fakechroot; then - setup_proc_fakechroot - else - setup_proc - in_target /sbin/ldconfig - fi - - DEBIAN_FRONTEND=noninteractive - DEBCONF_NONINTERACTIVE_SEEN=true - export DEBIAN_FRONTEND DEBCONF_NONINTERACTIVE_SEEN - - baseprog=0 - bases=7 - - p; progress $baseprog $bases INSTCORE "Installing core packages" #1 - info INSTCORE "Installing core packages..." - - p; progress $baseprog $bases INSTCORE "Installing core packages" #2 - ln -sf mawk "$TARGET/usr/bin/awk" - x_core_install base-files base-passwd - p; progress $baseprog $bases INSTCORE "Installing core packages" #3 - x_core_install dpkg - - if [ ! -e "$TARGET/etc/localtime" ]; then - ln -sf /usr/share/zoneinfo/Etc/UTC "$TARGET/etc/localtime" - fi - - if doing_variant fakechroot; then - install_fakechroot_tools - fi - - p; progress $baseprog $bases INSTCORE "Installing core packages" #4 - x_core_install $LIBC - - p; progress $baseprog $bases INSTCORE "Installing core packages" #5 - x_core_install perl-base - - p; progress $baseprog $bases INSTCORE "Installing core packages" #6 - rm "$TARGET/usr/bin/awk" - x_core_install mawk - - p; progress $baseprog $bases INSTCORE "Installing core packages" #7 - if doing_variant -; then - x_core_install debconf - fi - - baseprog=0 - bases=$(set -- $required; echo $#) - - info UNPACKREQ "Unpacking required packages..." - - smallyes '' | - (repeatn 5 in_target_failmsg UNPACK_REQ_FAIL_FIVE "Failure while unpacking required packages. This will be attempted up to five times." "" \ - dpkg --status-fd 8 --force-depends --unpack $(debfor $required) 8>&1 1>&7 | - dpkg_progress $baseprog $bases UNPACKREQ "Unpacking required packages" UNPACKING) 7>&1 - - info CONFREQ "Configuring required packages..." - - if doing_variant fakechroot; then - # fix initscripts postinst (no mounting possible, and wrong if condition) - sed -i '/dpkg.*--compare-versions/ s/\/lt-nl/' "$TARGET/var/lib/dpkg/info/initscripts.postinst" - fi - - mv "$TARGET/sbin/start-stop-daemon" "$TARGET/sbin/start-stop-daemon.REAL" - echo \ -"#!/bin/sh -echo -echo \"Warning: Fake start-stop-daemon called, doing nothing\"" > "$TARGET/sbin/start-stop-daemon" - chmod 755 "$TARGET/sbin/start-stop-daemon" - - if [ -x "$TARGET/sbin/initctl" ]; then - mv "$TARGET/sbin/initctl" "$TARGET/sbin/initctl.REAL" - echo \ -"#!/bin/sh -echo -echo \"Warning: Fake initctl called, doing nothing\"" > "$TARGET/sbin/initctl" - chmod 755 "$TARGET/sbin/initctl" - fi - - setup_dselect_method apt - - smallyes '' | - (in_target_failmsg CONF_REQ_FAIL "Failure while configuring required packages." "" \ - dpkg --status-fd 8 --configure --pending --force-configure-any --force-depends 8>&1 1>&7 | - dpkg_progress $baseprog $bases CONFREQ "Configuring required packages" CONFIGURING) 7>&1 - - baseprog=0 - bases="$(set -- $base; echo $#)" - - info UNPACKBASE "Unpacking the base system..." - - setup_available $required $base - done_predeps= - while predep=$(get_next_predep); do - # We have to resolve dependencies of pre-dependencies manually because - # dpkg --predep-package doesn't handle this. - predep=$(without "$(without "$(resolve_deps $predep)" "$required")" "$done_predeps") - # XXX: progress is tricky due to how dpkg_progress works - # -- cjwatson 2009-07-29 - p; smallyes '' | - in_target dpkg --force-overwrite --force-confold --skip-same-version --install $(debfor $predep) - base=$(without "$base" "$predep") - done_predeps="$done_predeps $predep" - done - - smallyes '' | - (repeatn 5 in_target_failmsg INST_BASE_FAIL_FIVE "Failure while installing base packages. This will be re-attempted up to five times." "" \ - dpkg --status-fd 8 --force-overwrite --force-confold --skip-same-version --unpack $(debfor $base) 8>&1 1>&7 | - dpkg_progress $baseprog $bases UNPACKBASE "Unpacking base system" UNPACKING) 7>&1 - - info CONFBASE "Configuring the base system..." - - smallyes '' | - (repeatn 5 in_target_failmsg CONF_BASE_FAIL_FIVE "Failure while configuring base packages. This will be re-attempted up to five times." "" \ - dpkg --status-fd 8 --force-confold --skip-same-version --configure -a 8>&1 1>&7 | - dpkg_progress $baseprog $bases CONFBASE "Configuring base system" CONFIGURING) 7>&1 - - if [ -x "$TARGET/sbin/initctl.REAL" ]; then - mv "$TARGET/sbin/initctl.REAL" "$TARGET/sbin/initctl" - fi - mv "$TARGET/sbin/start-stop-daemon.REAL" "$TARGET/sbin/start-stop-daemon" - - progress $bases $bases CONFBASE "Configuring base system" - info BASESUCCESS "Base system installed successfully." -} diff --git a/stack.sh b/stack.sh index 4edb49f..a6d14c6 100755 --- a/stack.sh +++ b/stack.sh @@ -53,12 +53,7 @@ function clone_or_up { # You should only have to run this once if [ "$CMD" == "install" ]; then - #apt-get install -y python-software-properties - # FIXME: do we still need this? - # DELETEME: add-apt-repository ppa:nova-core/trunk - # DELETEME: apt-get update -qq - - # fixme: do we need: python-boto + # install apt requirements apt-get install -y -q `cat $DIR/apts/*` # install python requirements @@ -83,13 +78,12 @@ if [ "$CMD" == "install" ]; then cd $API_DIR; python setup.py develop cd $DASH_DIR/django-openstack; python setup.py develop cd $DASH_DIR/openstack-dashboard; python setup.py develop - # dash currently imports quantum even if you aren't using it + # HACK: dash currently imports quantum even if you aren't using it cd $DASH_DIR/openstack-dashboard mkdir quantum touch quantum/__init__.py touch quantum/client.py - # attempt to load kvm and nbd modules modprobe kvm || true modprobe nbd || true @@ -98,26 +92,13 @@ if [ "$CMD" == "install" ]; then # install dashboard cd $DASH_DIR/openstack-dashboard cp local/local_settings.py.example local/local_settings.py -# python tools/install_venv.py dashboard/manage.py syncdb # setup apache mkdir $DASH_DIR/.blackhole -# cat > $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi <> $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi - cat > /etc/apache2/sites-enabled/000-default < - WSGIScriptAlias / $DASH_DIR/openstack-dashboard/dashboard/wsgi/local.wsgi + WSGIScriptAlias / $DASH_DIR/openstack-dashboard/dashboard/wsgi/django.wsgi WSGIDaemonProcess dashboard user=www-data group=www-data processes=3 threads=10 WSGIProcessGroup dashboard @@ -234,9 +215,8 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then screen_it net "$NOVA_DIR/bin/nova-network" screen_it sched "$NOVA_DIR/bin/nova-scheduler" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" - screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" - screen_it test "" + screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" # FIXME: switch to just importing images # remove previously converted images From 8622bf2f398f95d7d85e53eb279df1116d9d13ea Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 15:27:54 -0700 Subject: [PATCH 003/278] allow comments in apts/pips list --- apts/nova | 8 ++++++-- build.sh | 4 ++-- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/apts/nova b/apts/nova index ba563c5..c23a609 100644 --- a/apts/nova +++ b/apts/nova @@ -11,9 +11,13 @@ libvirt-bin vlan curl rabbitmq-server -socat +erlang-base # install erlang deps for rabbit explicitly since we don't install rabbit during bootstrap +erlang-ssl +erlang-nox +erlang-inets +erlang-mnesia +socat # used by ajaxterm python-mox -python-ipy python-paste python-migrate python-gflags diff --git a/build.sh b/build.sh index 4166b4b..7c98f6f 100755 --- a/build.sh +++ b/build.sh @@ -15,8 +15,8 @@ if [ ! -d nfs ]; then debootstrap natty nfs cp sources.list nfs/etc/apt/sources.list chroot nfs apt-get update - chroot nfs apt-get install -y `cat apts/* | egrep -v "(rabbitmq|libvirt)"` - chroot nfs pip install `cat pips/*` + chroot nfs apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt)"` + chroot nfs pip install `cat pips/* | cut -d\# -f1` git clone https://github.com/cloudbuilders/nova.git nfs/opt/nova git clone https://github.com/cloudbuilders/openstackx.git nfs/opt/openstackx git clone https://github.com/cloudbuilders/noVNC.git nfs/opt/noVNC From 1639ed66015874a73bc271dbac02cd1c99158d0f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 15:42:17 -0700 Subject: [PATCH 004/278] don't name proto filesystem nfs --- build.sh | 30 ++++++++++++++---------------- 1 file changed, 14 insertions(+), 16 deletions(-) diff --git a/build.sh b/build.sh index 7c98f6f..5fcfe17 100755 --- a/build.sh +++ b/build.sh @@ -3,30 +3,28 @@ # TODO: make dest not hardcoded NAME=$1 -DEST="/boxes/$NAME/nfs" - -mkdir -p /boxes/$NAME +DEST="/nfs/$NAME" # remove old nfs filesystem if one exists rm -rf $DEST # build a proto image - natty + packages that will install (optimization) if [ ! -d nfs ]; then - debootstrap natty nfs - cp sources.list nfs/etc/apt/sources.list - chroot nfs apt-get update - chroot nfs apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt)"` - chroot nfs pip install `cat pips/* | cut -d\# -f1` - git clone https://github.com/cloudbuilders/nova.git nfs/opt/nova - git clone https://github.com/cloudbuilders/openstackx.git nfs/opt/openstackx - git clone https://github.com/cloudbuilders/noVNC.git nfs/opt/noVNC - git clone https://github.com/cloudbuilders/openstack-dashboard.git nfs/opt/dash - git clone https://github.com/cloudbuilders/python-novaclient.git nfs/opt/python-novaclient - git clone https://github.com/cloudbuilders/keystone.git nfs/opt/keystone - git clone https://github.com/cloudbuilders/glance.git nfs/opt/glance + debootstrap natty proto + cp sources.list proto/etc/apt/sources.list + chroot proto apt-get update + chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt)"` + chroot proto pip install `cat pips/* | cut -d\# -f1` + git clone https://github.com/cloudbuilders/nova.git proto/opt/nova + git clone https://github.com/cloudbuilders/openstackx.git proto/opt/openstackx + git clone https://github.com/cloudbuilders/noVNC.git proto/opt/noVNC + git clone https://github.com/cloudbuilders/openstack-dashboard.git proto/opt/dash + git clone https://github.com/cloudbuilders/python-novaclient.git proto/opt/python-novaclient + git clone https://github.com/cloudbuilders/keystone.git proto/opt/keystone + git clone https://github.com/cloudbuilders/glance.git proto/opt/glance fi -cp -pr nfs $DEST +cp -pr proto $DEST # set hostname echo $NAME > $DEST/etc/hostname From f2ef760caa2d0ced7fc8b6be50a2c29eae20f344 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 16:23:21 -0700 Subject: [PATCH 005/278] don't filter \# pips as they mean something, also it seems just libvirt-bin is the issue --- build.sh | 6 +++--- stack.sh | 4 ++-- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/build.sh b/build.sh index 5fcfe17..f6d287d 100755 --- a/build.sh +++ b/build.sh @@ -9,12 +9,12 @@ DEST="/nfs/$NAME" rm -rf $DEST # build a proto image - natty + packages that will install (optimization) -if [ ! -d nfs ]; then +if [ ! -d proto ]; then debootstrap natty proto cp sources.list proto/etc/apt/sources.list chroot proto apt-get update - chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt)"` - chroot proto pip install `cat pips/* | cut -d\# -f1` + chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin)"` + chroot proto pip install `cat pips/*` git clone https://github.com/cloudbuilders/nova.git proto/opt/nova git clone https://github.com/cloudbuilders/openstackx.git proto/opt/openstackx git clone https://github.com/cloudbuilders/noVNC.git proto/opt/noVNC diff --git a/stack.sh b/stack.sh index a6d14c6..c278701 100755 --- a/stack.sh +++ b/stack.sh @@ -54,10 +54,10 @@ function clone_or_up { # You should only have to run this once if [ "$CMD" == "install" ]; then # install apt requirements - apt-get install -y -q `cat $DIR/apts/*` + apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` # install python requirements - pip install -r $DIR/pips/dash + pip install `cat $DIR/pips/*` # TODO: kill openstackx clone_or_up https://github.com/cloudbuilders/nova.git $NOVA_DIR From 5f0982007f91fbc1550521b7aca2acd58ad8c9a2 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 16:34:34 -0700 Subject: [PATCH 006/278] move screenrc from stack.sh --- .gitignore | 1 + build.sh | 16 ++++++++++------ files/screenrc | 9 +++++++++ sources.list => files/sources.list | 0 stack.sh | 12 ------------ 5 files changed, 20 insertions(+), 18 deletions(-) create mode 100644 .gitignore create mode 100644 files/screenrc rename sources.list => files/sources.list (100%) diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..2ff540d --- /dev/null +++ b/.gitignore @@ -0,0 +1 @@ +proto diff --git a/build.sh b/build.sh index f6d287d..beb964c 100755 --- a/build.sh +++ b/build.sh @@ -11,7 +11,7 @@ rm -rf $DEST # build a proto image - natty + packages that will install (optimization) if [ ! -d proto ]; then debootstrap natty proto - cp sources.list proto/etc/apt/sources.list + cp files/sources.list proto/etc/apt/sources.list chroot proto apt-get update chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin)"` chroot proto pip install `cat pips/*` @@ -33,17 +33,21 @@ echo "127.0.0.1 localhost $NAME" > $DEST/etc/hosts # copy kernel modules cp -pr /lib/modules/`uname -r` $DEST/lib/modules +# helpful screenrc +cp files/screenrc $DEST/root/.screenrc + # copy openstack installer and requirement lists to a new directory. mkdir -p $DEST/opt cp stack.sh $DEST/opt/stack.sh cp -r pips $DEST/opt cp -r apts $DEST/opt -# injecting root's ssh key -# FIXME: only do this if id_rsa.pub exists -mkdir $DEST/root/.ssh -chmod 700 $DEST/root/.ssh -cp /root/.ssh/id_rsa.pub $DEST/root/.ssh/authorized_keys +# injecting root's public ssh key if it exists +if [ -f /root/.ssh/id_rsa.pub ]; then + mkdir $DEST/root/.ssh + chmod 700 $DEST/root/.ssh + cp /root/.ssh/id_rsa.pub $DEST/root/.ssh/authorized_keys +fi # set root password to password echo root:password | chroot $DEST chpasswd diff --git a/files/screenrc b/files/screenrc new file mode 100644 index 0000000..1ca47da --- /dev/null +++ b/files/screenrc @@ -0,0 +1,9 @@ +hardstatus on +hardstatus alwayslastline +hardstatus string "%{.bW}%-w%{.rW}%n %t%{-}%+w %=%{..G}%H %{..Y}%d/%m %c" + +defscrollback 1024 + +vbell off +startup_message off + diff --git a/sources.list b/files/sources.list similarity index 100% rename from sources.list rename to files/sources.list diff --git a/stack.sh b/stack.sh index c278701..c3d7bbf 100755 --- a/stack.sh +++ b/stack.sh @@ -133,18 +133,6 @@ EOF exit fi -# Configure screen -cat >~/.screenrc < Date: Sun, 11 Sep 2011 16:46:44 -0700 Subject: [PATCH 007/278] a few more speed tweaks - try to pre-download tty.gz and don't git pull --- build.sh | 1 + stack.sh | 20 ++++++++++++-------- 2 files changed, 13 insertions(+), 8 deletions(-) diff --git a/build.sh b/build.sh index beb964c..b487287 100755 --- a/build.sh +++ b/build.sh @@ -22,6 +22,7 @@ if [ ! -d proto ]; then git clone https://github.com/cloudbuilders/python-novaclient.git proto/opt/python-novaclient git clone https://github.com/cloudbuilders/keystone.git proto/opt/keystone git clone https://github.com/cloudbuilders/glance.git proto/opt/glance + wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/tty.tgz fi cp -pr proto $DEST diff --git a/stack.sh b/stack.sh index c3d7bbf..2d32f1e 100755 --- a/stack.sh +++ b/stack.sh @@ -43,9 +43,10 @@ SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite # exists, fetch and checkout remote master function clone_or_up { if [ -d $2 ]; then - cd $2 - git fetch origin - git checkout origin/master + echo commenting out update for now for speed + # cd $2 + # git fetch origin + # git checkout origin/master else git clone $1 $2 fi @@ -127,9 +128,12 @@ EOF mkdir -p /var/log/glance + if [ ! -f $DEST/tty.tgz ]; then + wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz + fi + mkdir -p $DEST/images - wget -c http://images.ansolabs.com/tty.tgz - tar -C $DEST/images -zxf tty.tgz + tar -C $DEST/images -zxf $DEST/tty.tgz exit fi @@ -172,6 +176,7 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then screen -d -m -S nova -t nova sleep 1 rm -f $NOVA_DIR/nova.sqlite + # TODO(ja): mount local partition nova-instances (can we use labels?) rm -rf $NOVA_DIR/instances mkdir -p $NOVA_DIR/instances rm -rf $NOVA_DIR/networks @@ -190,12 +195,11 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE - # nova api crashes if we start it with a regular screen command, - # so send the start command by forcing text into the window. - rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite + # nova api crashes if we start it with a regular screen command, + # so send the start command by forcing text into the window. screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" From 1b17570c4cbd03af1ffa7c4fc5c1500be15bad94 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 17:11:11 -0700 Subject: [PATCH 008/278] performance: use local disk if one exists labeled nova-instances --- stack.sh | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 2d32f1e..78d9b4d 100755 --- a/stack.sh +++ b/stack.sh @@ -176,9 +176,13 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then screen -d -m -S nova -t nova sleep 1 rm -f $NOVA_DIR/nova.sqlite - # TODO(ja): mount local partition nova-instances (can we use labels?) - rm -rf $NOVA_DIR/instances + rm -rf $NOVA_DIR/instances/* mkdir -p $NOVA_DIR/instances + # if there is a partition labeled nova-instances use it (ext filesystems + # can be labeled via e2label) + if [ -L /dev/disk/by-label/nova-instances ]; then + mount -L nova-instances /$NOVA_DIR/instances + fi rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks From 8b564a8fb9af120116cc3f7188bd5efa9cc0bd39 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 17:53:34 -0700 Subject: [PATCH 009/278] move apache config to a template --- build.sh | 4 ++-- files/000-default.template | 25 +++++++++++++++++++++++++ stack.sh | 31 +++++-------------------------- 3 files changed, 32 insertions(+), 28 deletions(-) create mode 100644 files/000-default.template diff --git a/build.sh b/build.sh index b487287..1523ece 100755 --- a/build.sh +++ b/build.sh @@ -34,8 +34,8 @@ echo "127.0.0.1 localhost $NAME" > $DEST/etc/hosts # copy kernel modules cp -pr /lib/modules/`uname -r` $DEST/lib/modules -# helpful screenrc -cp files/screenrc $DEST/root/.screenrc +# inject stack.sh files +cp -r files $DEST/opt/files # copy openstack installer and requirement lists to a new directory. mkdir -p $DEST/opt diff --git a/files/000-default.template b/files/000-default.template new file mode 100644 index 0000000..64251f0 --- /dev/null +++ b/files/000-default.template @@ -0,0 +1,25 @@ + + WSGIScriptAlias / %DASH_DIR%/openstack-dashboard/dashboard/wsgi/django.wsgi + WSGIDaemonProcess dashboard user=www-data group=www-data processes=3 threads=10 + WSGIProcessGroup dashboard + + DocumentRoot %DASH_DIR%/.blackhole/ + Alias /media %DASH_DIR%/openstack-dashboard/media + + + Options FollowSymLinks + AllowOverride None + + + + Options Indexes FollowSymLinks MultiViews + AllowOverride None + Order allow,deny + allow from all + + + ErrorLog /var/log/apache2/error.log + LogLevel warn + CustomLog /var/log/apache2/access.log combined + + diff --git a/stack.sh b/stack.sh index 78d9b4d..8ef39fe 100755 --- a/stack.sh +++ b/stack.sh @@ -97,32 +97,8 @@ if [ "$CMD" == "install" ]; then # setup apache mkdir $DASH_DIR/.blackhole - cat > /etc/apache2/sites-enabled/000-default < - WSGIScriptAlias / $DASH_DIR/openstack-dashboard/dashboard/wsgi/django.wsgi - WSGIDaemonProcess dashboard user=www-data group=www-data processes=3 threads=10 - WSGIProcessGroup dashboard - - DocumentRoot $DASH_DIR/.blackhole/ - Alias /media $DASH_DIR/openstack-dashboard/media - - - Options FollowSymLinks - AllowOverride None - - - - Options Indexes FollowSymLinks MultiViews - AllowOverride None - Order allow,deny - allow from all - - - ErrorLog /var/log/apache2/error.log - LogLevel warn - CustomLog /var/log/apache2/access.log combined - -EOF + # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it + cat $DIR/files/000-default.template | sed "s/%DASH_DIR%/\/opt\/dash/g" > /etc/apache2/sites-enabled/000-default chown -R www-data:www-data $DASH_DIR @@ -134,6 +110,9 @@ EOF mkdir -p $DEST/images tar -C $DEST/images -zxf $DEST/tty.tgz + + # add useful screenrc + cp $DIR/files/screenrc ~/.screenrc exit fi From 73b4707070b5e249b989c0734abcd766834ebb64 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 18:08:44 -0700 Subject: [PATCH 010/278] don't need nova-adminclient --- pips/dash | 1 - 1 file changed, 1 deletion(-) diff --git a/pips/dash b/pips/dash index e20d6e6..4d6343e 100644 --- a/pips/dash +++ b/pips/dash @@ -4,7 +4,6 @@ django-nose==0.1.2 django-mailer django-registration==0.7 kombu -nova-adminclient python-cloudfiles python-dateutil routes From 79736ff031726587537c468308a08c09a029081b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 11 Sep 2011 18:26:33 -0700 Subject: [PATCH 011/278] add locate & doc it is only needed for debugging --- apts/general | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/apts/general b/apts/general index 5223de6..be92df3 100644 --- a/apts/general +++ b/apts/general @@ -6,6 +6,7 @@ unzip wget psmisc git-core -lsof +lsof # useful when debugging openssh-server vim +locate # useful when debugging From 6f3baafd7129c6031fa3a3dbb560a5ae9860e9da Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 11:59:38 -0700 Subject: [PATCH 012/278] update installer script --- stack.sh | 122 +++++++++++++++++++++++++++++++------------------------ 1 file changed, 68 insertions(+), 54 deletions(-) diff --git a/stack.sh b/stack.sh index 8ef39fe..9a0f663 100755 --- a/stack.sh +++ b/stack.sh @@ -1,6 +1,6 @@ #!/usr/bin/env bash -# **stack.sh** is rackspace cloudbuilder's opinionated openstack installation. +# **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. # Quit script on error set -o errexit @@ -12,7 +12,7 @@ DIR=`pwd` DEST=/opt CMD=$1 -# Set hte destination directories for openstack projects +# Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash GLANCE_DIR=$DEST/glance @@ -39,17 +39,9 @@ NET_MAN=${NET_MAN:-VlanManager} SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite -# clone a git repository to a location, or if it already -# exists, fetch and checkout remote master -function clone_or_up { - if [ -d $2 ]; then - echo commenting out update for now for speed - # cd $2 - # git fetch origin - # git checkout origin/master - else - git clone $1 $2 - fi +# clone a git repository to a location +function ginstall { + git clone $1 $2 } # You should only have to run this once @@ -60,43 +52,63 @@ if [ "$CMD" == "install" ]; then # install python requirements pip install `cat $DIR/pips/*` - # TODO: kill openstackx - clone_or_up https://github.com/cloudbuilders/nova.git $NOVA_DIR - clone_or_up https://github.com/cloudbuilders/openstackx.git $API_DIR - clone_or_up https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR - clone_or_up https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR - clone_or_up https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR - clone_or_up https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR - clone_or_up https://github.com/cloudbuilders/glance.git $GLANCE_DIR - - mkdir -p $NOVA_DIR/instances - mkdir -p $NOVA_DIR/networks - - # these components are imported into each other... + # vm service + ginstall https://github.com/cloudbuilders/nova.git $NOVA_DIR + # a websockets/html5 or flash powered VNC console for vm instances + ginstall https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR + # django powered web control panel for openstack + ginstall https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR + # python client library to nova that dashboard (and others) use + ginstall https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR + # unified auth system (manages accounts/tokens) + ginstall https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR + # image catalog + ginstall https://github.com/cloudbuilders/glance.git $GLANCE_DIR + # openstackx is a collection of extensions to openstack.compute & nova + # that is *deprecated*. The code is being moved into python-novaclient & nova. + ginstall https://github.com/cloudbuilders/openstackx.git $API_DIR + + # setup our checkouts so they are installed into python path + # allowing `import nova` or `import glance.client` cd $NOVACLIENT_DIR; python setup.py develop cd $KEYSTONE_DIR; python setup.py develop cd $GLANCE_DIR; python setup.py develop cd $API_DIR; python setup.py develop cd $DASH_DIR/django-openstack; python setup.py develop cd $DASH_DIR/openstack-dashboard; python setup.py develop - # HACK: dash currently imports quantum even if you aren't using it - cd $DASH_DIR/openstack-dashboard - mkdir quantum - touch quantum/__init__.py - touch quantum/client.py - # attempt to load kvm and nbd modules - modprobe kvm || true + # attempt to load modules: kvm (hardware virt) and nbd (network block + # device - used to manage qcow images) modprobe nbd || true + modprobe kvm || true + # if kvm wasn't running before we need to restart libvirt to enable it /etc/init.d/libvirt-bin restart - # install dashboard + # setup nova instance directory + mkdir -p $NOVA_DIR/instances + + # if there is a partition labeled nova-instances use it (ext filesystems + # can be labeled via e2label) + if [ -L /dev/disk/by-label/nova-instances ]; then + mount -L nova-instances /$NOVA_DIR/instances + fi + + # *Dashboard*: setup django application to serve via apache/wsgi + + # Dash currently imports quantum even if you aren't using it. Instead + # of installing quantum we can create a simple module that will pass the + # initial imports + mkdir $DASH_DIR/openstack-dashboard/quantum + touch $DASH_DIR/openstack-dashboard/quantum/__init__.py + touch $DASH_DIR/openstack-dashboard/quantum/client.py + # local_settings has cd $DASH_DIR/openstack-dashboard cp local/local_settings.py.example local/local_settings.py dashboard/manage.py syncdb - # setup apache - mkdir $DASH_DIR/.blackhole + # *Setup Apache* + # create an empty directory to use as our + mkdir $DASH_DIR/.blackhole # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it cat $DIR/files/000-default.template | sed "s/%DASH_DIR%/\/opt\/dash/g" > /etc/apache2/sites-enabled/000-default @@ -104,6 +116,7 @@ if [ "$CMD" == "install" ]; then mkdir -p /var/log/glance + # prepare initial images for loading into glance if [ ! -f $DEST/tty.tgz ]; then wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz fi @@ -119,6 +132,8 @@ fi NL=`echo -ne '\015'` function screen_it { + # nova api crashes if we start it with a regular screen command, + # so send the start command by forcing text into the window. screen -S nova -X screen -t $1 screen -S nova -p $1 -X stuff "$2$NL" } @@ -129,8 +144,8 @@ function add_nova_flag { if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then + # (re)create nova.conf rm -f $NOVA_DIR/bin/nova.conf - add_nova_flag "--verbose" add_nova_flag "--nodaemon" add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" @@ -143,32 +158,31 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/noVNC/noVNC" - + add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" + add_nova_flag "--image_service=nova.image.glance.GlanceImageService" if [ -n "$FLAT_INTERFACE" ]; then add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi - add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" - add_nova_flag "--image_service=nova.image.glance.GlanceImageService" - - killall dnsmasq || true + # create a new named screen to store things in screen -d -m -S nova -t nova sleep 1 - rm -f $NOVA_DIR/nova.sqlite + + # Clean out the instances directory rm -rf $NOVA_DIR/instances/* - mkdir -p $NOVA_DIR/instances - # if there is a partition labeled nova-instances use it (ext filesystems - # can be labeled via e2label) - if [ -L /dev/disk/by-label/nova-instances ]; then - mount -L nova-instances /$NOVA_DIR/instances - fi + + # delete traces of nova networks from prior runs + killall dnsmasq || true rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks - # create the database + # (re)create nova database + rm -f $NOVA_DIR/nova.sqlite $NOVA_DIR/bin/nova-manage db sync - rm -f keystone.db - # add default data + + # initialize keystone with default users/endpoints + # FIXME(ja): move initial_data.sh into this script + rm -f /opt/keystone/keystone.db curl -OL https://raw.github.com/cloudbuilders/deploy.sh/master/initial_data.sh BIN_DIR=$KEYSTONE_DIR/bin bash initial_data.sh @@ -178,11 +192,11 @@ if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE + # delete existing glance images/database. Glance will recreate the db + # when it is ran. rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite - # nova api crashes if we start it with a regular screen command, - # so send the start command by forcing text into the window. screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" From f110fd98169e0c083ba1447ab3644728e724bd7f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 12:11:23 -0700 Subject: [PATCH 013/278] update comments for more clarity --- stack.sh | 27 +++++++++++---------------- 1 file changed, 11 insertions(+), 16 deletions(-) diff --git a/stack.sh b/stack.sh index 9a0f663..ad6a9cb 100755 --- a/stack.sh +++ b/stack.sh @@ -39,11 +39,6 @@ NET_MAN=${NET_MAN:-VlanManager} SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite -# clone a git repository to a location -function ginstall { - git clone $1 $2 -} - # You should only have to run this once if [ "$CMD" == "install" ]; then # install apt requirements @@ -52,21 +47,21 @@ if [ "$CMD" == "install" ]; then # install python requirements pip install `cat $DIR/pips/*` - # vm service - ginstall https://github.com/cloudbuilders/nova.git $NOVA_DIR + # compute service + git clone https://github.com/cloudbuilders/nova.git $NOVA_DIR + # image catalog service + git clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR + # unified auth system (manages accounts/tokens) + git clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR # a websockets/html5 or flash powered VNC console for vm instances - ginstall https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR + git clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack - ginstall https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR + git clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR # python client library to nova that dashboard (and others) use - ginstall https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR - # unified auth system (manages accounts/tokens) - ginstall https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR - # image catalog - ginstall https://github.com/cloudbuilders/glance.git $GLANCE_DIR + git clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. - ginstall https://github.com/cloudbuilders/openstackx.git $API_DIR + git clone https://github.com/cloudbuilders/openstackx.git $API_DIR # setup our checkouts so they are installed into python path # allowing `import nova` or `import glance.client` @@ -106,7 +101,7 @@ if [ "$CMD" == "install" ]; then cp local/local_settings.py.example local/local_settings.py dashboard/manage.py syncdb - # *Setup Apache* + # # Setup Apache # create an empty directory to use as our mkdir $DASH_DIR/.blackhole # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it From 4da4d16d4c7ddac7e9e97c060940a10e255f6452 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 14:17:03 -0700 Subject: [PATCH 014/278] anthony recommends using vim-nox --- apts/general | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/apts/general b/apts/general index be92df3..57506f4 100644 --- a/apts/general +++ b/apts/general @@ -8,5 +8,5 @@ psmisc git-core lsof # useful when debugging openssh-server -vim +vim-nox locate # useful when debugging From 2caf8fddff77368110b1588af50a72a3c70f2aac Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 16:15:11 -0700 Subject: [PATCH 015/278] comments on how to improve --- README | 17 +++++++++++++---- files/sudo/nova | 1 + stack.sh | 8 +++++++- 3 files changed, 21 insertions(+), 5 deletions(-) create mode 100644 files/sudo/nova diff --git a/README b/README index 4a78f6e..2efa315 100644 --- a/README +++ b/README @@ -1,7 +1,16 @@ -Tool to build nfs export openstack environments. This is useful for development +Tool to build (nfs export) openstack dev environments + +## Tod + +* move back to using sudo +* Add volume support +* Add quantum support +* Add python-novaclient cli support +* allow changing of git locations (specify different tag/branch or repos) +* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume +* allow sql/rabbit connection to be specified via environment variables with sensible defaults + +# Future -* todo: move as much from run to install as possible - * issue: HOST_IP will be different on each machine - might need to update / change stuff -* todo: use local disk on nfs boots for instances * idea: create a live-cd / vmware preview image using this? * idea: use lxc to make the proto-image have everything? so launching a new server is just turn on / updating / run? diff --git a/files/sudo/nova b/files/sudo/nova new file mode 100644 index 0000000..3843416 --- /dev/null +++ b/files/sudo/nova @@ -0,0 +1 @@ +socat diff --git a/stack.sh b/stack.sh index ad6a9cb..00bb891 100755 --- a/stack.sh +++ b/stack.sh @@ -37,8 +37,12 @@ NET_MAN=${NET_MAN:-VlanManager} # ip or you risk breaking things. # FLAT_INTERFACE=eth0 +# TODO: set rabbitmq conn string explicitly as well +# TODO: switch to mysql for all services SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite +# FIXME: commands should be: stack.sh all or list of services to install/run + # You should only have to run this once if [ "$CMD" == "install" ]; then # install apt requirements @@ -105,7 +109,7 @@ if [ "$CMD" == "install" ]; then # create an empty directory to use as our mkdir $DASH_DIR/.blackhole # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it - cat $DIR/files/000-default.template | sed "s/%DASH_DIR%/\/opt\/dash/g" > /etc/apache2/sites-enabled/000-default + cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /etc/apache2/sites-enabled/000-default chown -R www-data:www-data $DASH_DIR @@ -121,6 +125,8 @@ if [ "$CMD" == "install" ]; then # add useful screenrc cp $DIR/files/screenrc ~/.screenrc + + # TODO: update current user to allow sudo for all commands in files/sudo/* exit fi From 7e708c1709a3c7194f44670a1646d218822ac1de Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 12 Sep 2011 16:21:33 -0700 Subject: [PATCH 016/278] update readme with task --- README | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README b/README index 2efa315..c4de844 100644 --- a/README +++ b/README @@ -1,6 +1,6 @@ Tool to build (nfs export) openstack dev environments -## Tod +## Todo * move back to using sudo * Add volume support @@ -9,6 +9,7 @@ Tool to build (nfs export) openstack dev environments * allow changing of git locations (specify different tag/branch or repos) * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * allow sql/rabbit connection to be specified via environment variables with sensible defaults +* Create and upload images # Future From 04ab3aec4783959552bb819955e01e59972f49cc Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 16:29:14 -0700 Subject: [PATCH 017/278] use tmux instead of screen? --- README | 1 + 1 file changed, 1 insertion(+) diff --git a/README b/README index c4de844..1910470 100644 --- a/README +++ b/README @@ -13,5 +13,6 @@ Tool to build (nfs export) openstack dev environments # Future +* idea: move from screen to tmux? * idea: create a live-cd / vmware preview image using this? * idea: use lxc to make the proto-image have everything? so launching a new server is just turn on / updating / run? From aec8fa4eb56a2f568c8b117c4b557dd4c49308d9 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 16:41:23 -0700 Subject: [PATCH 018/278] update todos --- README | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/README b/README index 1910470..4176f88 100644 --- a/README +++ b/README @@ -1,15 +1,16 @@ Tool to build (nfs export) openstack dev environments -## Todo +# Todo +* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * move back to using sudo +* move to mysql +* Create and upload images * Add volume support * Add quantum support * Add python-novaclient cli support * allow changing of git locations (specify different tag/branch or repos) -* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * allow sql/rabbit connection to be specified via environment variables with sensible defaults -* Create and upload images # Future From 75a37653030b44c6ba336bf598ca09e052c35188 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 17:09:08 -0700 Subject: [PATCH 019/278] switch to single pass script --- stack.sh | 319 ++++++++++++++++++++++++++----------------------------- 1 file changed, 148 insertions(+), 171 deletions(-) diff --git a/stack.sh b/stack.sh index 00bb891..8d71f75 100755 --- a/stack.sh +++ b/stack.sh @@ -10,7 +10,6 @@ set -o xtrace DIR=`pwd` DEST=/opt -CMD=$1 # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova @@ -41,95 +40,91 @@ NET_MAN=${NET_MAN:-VlanManager} # TODO: switch to mysql for all services SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite -# FIXME: commands should be: stack.sh all or list of services to install/run - -# You should only have to run this once -if [ "$CMD" == "install" ]; then - # install apt requirements - apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` - - # install python requirements - pip install `cat $DIR/pips/*` - - # compute service - git clone https://github.com/cloudbuilders/nova.git $NOVA_DIR - # image catalog service - git clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR - # unified auth system (manages accounts/tokens) - git clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR - # a websockets/html5 or flash powered VNC console for vm instances - git clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR - # django powered web control panel for openstack - git clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR - # python client library to nova that dashboard (and others) use - git clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR - # openstackx is a collection of extensions to openstack.compute & nova - # that is *deprecated*. The code is being moved into python-novaclient & nova. - git clone https://github.com/cloudbuilders/openstackx.git $API_DIR - - # setup our checkouts so they are installed into python path - # allowing `import nova` or `import glance.client` - cd $NOVACLIENT_DIR; python setup.py develop - cd $KEYSTONE_DIR; python setup.py develop - cd $GLANCE_DIR; python setup.py develop - cd $API_DIR; python setup.py develop - cd $DASH_DIR/django-openstack; python setup.py develop - cd $DASH_DIR/openstack-dashboard; python setup.py develop - - # attempt to load modules: kvm (hardware virt) and nbd (network block - # device - used to manage qcow images) - modprobe nbd || true - modprobe kvm || true - # if kvm wasn't running before we need to restart libvirt to enable it - /etc/init.d/libvirt-bin restart - - # setup nova instance directory - mkdir -p $NOVA_DIR/instances - - # if there is a partition labeled nova-instances use it (ext filesystems - # can be labeled via e2label) - if [ -L /dev/disk/by-label/nova-instances ]; then - mount -L nova-instances /$NOVA_DIR/instances - fi - - # *Dashboard*: setup django application to serve via apache/wsgi - - # Dash currently imports quantum even if you aren't using it. Instead - # of installing quantum we can create a simple module that will pass the - # initial imports - mkdir $DASH_DIR/openstack-dashboard/quantum - touch $DASH_DIR/openstack-dashboard/quantum/__init__.py - touch $DASH_DIR/openstack-dashboard/quantum/client.py - # local_settings has - cd $DASH_DIR/openstack-dashboard - cp local/local_settings.py.example local/local_settings.py - dashboard/manage.py syncdb - - # # Setup Apache - # create an empty directory to use as our - mkdir $DASH_DIR/.blackhole - # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it - cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /etc/apache2/sites-enabled/000-default - - chown -R www-data:www-data $DASH_DIR - - mkdir -p /var/log/glance - - # prepare initial images for loading into glance - if [ ! -f $DEST/tty.tgz ]; then - wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz - fi - - mkdir -p $DEST/images - tar -C $DEST/images -zxf $DEST/tty.tgz - - # add useful screenrc - cp $DIR/files/screenrc ~/.screenrc - - # TODO: update current user to allow sudo for all commands in files/sudo/* - exit +# FIXME: commands should be: stack.sh should allow specifying a subset of services + +# install apt requirements +apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` + +# install python requirements +pip install `cat $DIR/pips/*` + +# compute service +git clone https://github.com/cloudbuilders/nova.git $NOVA_DIR +# image catalog service +git clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR +# unified auth system (manages accounts/tokens) +git clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR +# a websockets/html5 or flash powered VNC console for vm instances +git clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR +# django powered web control panel for openstack +git clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR +# python client library to nova that dashboard (and others) use +git clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR +# openstackx is a collection of extensions to openstack.compute & nova +# that is *deprecated*. The code is being moved into python-novaclient & nova. +git clone https://github.com/cloudbuilders/openstackx.git $API_DIR + +# setup our checkouts so they are installed into python path +# allowing `import nova` or `import glance.client` +cd $NOVACLIENT_DIR; python setup.py develop +cd $KEYSTONE_DIR; python setup.py develop +cd $GLANCE_DIR; python setup.py develop +cd $API_DIR; python setup.py develop +cd $DASH_DIR/django-openstack; python setup.py develop +cd $DASH_DIR/openstack-dashboard; python setup.py develop + +# attempt to load modules: kvm (hardware virt) and nbd (network block +# device - used to manage qcow images) +modprobe nbd || true +modprobe kvm || true +# if kvm wasn't running before we need to restart libvirt to enable it +/etc/init.d/libvirt-bin restart + +# setup nova instance directory +mkdir -p $NOVA_DIR/instances + +# if there is a partition labeled nova-instances use it (ext filesystems +# can be labeled via e2label) +if [ -L /dev/disk/by-label/nova-instances ]; then + mount -L nova-instances /$NOVA_DIR/instances fi +# *Dashboard*: setup django application to serve via apache/wsgi + +# Dash currently imports quantum even if you aren't using it. Instead +# of installing quantum we can create a simple module that will pass the +# initial imports +mkdir $DASH_DIR/openstack-dashboard/quantum +touch $DASH_DIR/openstack-dashboard/quantum/__init__.py +touch $DASH_DIR/openstack-dashboard/quantum/client.py +# local_settings has +cd $DASH_DIR/openstack-dashboard +cp local/local_settings.py.example local/local_settings.py +dashboard/manage.py syncdb + +# ## Setup Apache +# create an empty directory to use as our +mkdir $DASH_DIR/.blackhole +# FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it +cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /etc/apache2/sites-enabled/000-default + +chown -R www-data:www-data $DASH_DIR + +mkdir -p /var/log/glance + +# prepare initial images for loading into glance +if [ ! -f $DEST/tty.tgz ]; then + wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz +fi + +mkdir -p $DEST/images +tar -C $DEST/images -zxf $DEST/tty.tgz + +# add useful screenrc +cp $DIR/files/screenrc ~/.screenrc + +# TODO: update current user to allow sudo for all commands in files/sudo/* + NL=`echo -ne '\015'` function screen_it { @@ -143,89 +138,71 @@ function add_nova_flag { echo "$1" >> $NOVA_DIR/bin/nova.conf } -if [ "$CMD" == "run" ] || [ "$CMD" == "run_detached" ]; then - - # (re)create nova.conf - rm -f $NOVA_DIR/bin/nova.conf - add_nova_flag "--verbose" - add_nova_flag "--nodaemon" - add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" - add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" - add_nova_flag "--my_ip=$HOST_IP" - add_nova_flag "--public_interface=$INTERFACE" - add_nova_flag "--vlan_interface=$INTERFACE" - add_nova_flag "--sql_connection=$SQL_CONN" - add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" - add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" - add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" - add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/noVNC/noVNC" - add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" - add_nova_flag "--image_service=nova.image.glance.GlanceImageService" - if [ -n "$FLAT_INTERFACE" ]; then - add_nova_flag "--flat_interface=$FLAT_INTERFACE" - fi - - # create a new named screen to store things in - screen -d -m -S nova -t nova - sleep 1 - - # Clean out the instances directory - rm -rf $NOVA_DIR/instances/* - - # delete traces of nova networks from prior runs - killall dnsmasq || true - rm -rf $NOVA_DIR/networks - mkdir -p $NOVA_DIR/networks - - # (re)create nova database - rm -f $NOVA_DIR/nova.sqlite - $NOVA_DIR/bin/nova-manage db sync - - # initialize keystone with default users/endpoints - # FIXME(ja): move initial_data.sh into this script - rm -f /opt/keystone/keystone.db - curl -OL https://raw.github.com/cloudbuilders/deploy.sh/master/initial_data.sh - BIN_DIR=$KEYSTONE_DIR/bin bash initial_data.sh - - # create a small network - $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 - - # create some floating ips - $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE - - # delete existing glance images/database. Glance will recreate the db - # when it is ran. - rm -rf /var/lib/glance/images/* - rm -f $GLANCE_DIR/glance.sqlite - - screen_it n-api "$NOVA_DIR/bin/nova-api" - screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" - screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" - screen_it cpu "$NOVA_DIR/bin/nova-compute" - screen_it net "$NOVA_DIR/bin/nova-network" - screen_it sched "$NOVA_DIR/bin/nova-scheduler" - screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" - screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" - screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" - - # FIXME: switch to just importing images - # remove previously converted images - rm -rf $DIR/images/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] - $NOVA_DIR/bin/nova-manage image convert $DIR/images - - if [ "$CMD" != "run_detached" ]; then - screen -S nova -x - fi +# (re)create nova.conf +rm -f $NOVA_DIR/bin/nova.conf +add_nova_flag "--verbose" +add_nova_flag "--nodaemon" +add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" +add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" +add_nova_flag "--my_ip=$HOST_IP" +add_nova_flag "--public_interface=$INTERFACE" +add_nova_flag "--vlan_interface=$INTERFACE" +add_nova_flag "--sql_connection=$SQL_CONN" +add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" +add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" +add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" +add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/noVNC/noVNC" +add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" +add_nova_flag "--image_service=nova.image.glance.GlanceImageService" +if [ -n "$FLAT_INTERFACE" ]; then + add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi -if [ "$CMD" == "run" ] || [ "$CMD" == "terminate" ]; then - virsh list | grep i- | awk '{print $1}' | xargs -n1 virsh destroy - $NOVA_DIR/tools/clean-vlans - echo "FIXME: clean networks?" -fi - -if [ "$CMD" == "run" ] || [ "$CMD" == "clean" ]; then - screen -S nova -X quit - rm -f *.pid* -fi +# create a new named screen to store things in +screen -d -m -S nova -t nova +sleep 1 + +# Clean out the instances directory +rm -rf $NOVA_DIR/instances/* + +# delete traces of nova networks from prior runs +killall dnsmasq || true +rm -rf $NOVA_DIR/networks +mkdir -p $NOVA_DIR/networks + +# (re)create nova database +rm -f $NOVA_DIR/nova.sqlite +$NOVA_DIR/bin/nova-manage db sync + +# initialize keystone with default users/endpoints +# FIXME(ja): move initial_data.sh into this script +rm -f /opt/keystone/keystone.db +curl -OL https://raw.github.com/cloudbuilders/deploy.sh/master/initial_data.sh +BIN_DIR=$KEYSTONE_DIR/bin bash initial_data.sh + +# create a small network +$NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 + +# create some floating ips +$NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE + +# delete existing glance images/database. Glance will recreate the db +# when it is ran. +rm -rf /var/lib/glance/images/* +rm -f $GLANCE_DIR/glance.sqlite + +screen_it n-api "$NOVA_DIR/bin/nova-api" +screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" +screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" +screen_it cpu "$NOVA_DIR/bin/nova-compute" +screen_it net "$NOVA_DIR/bin/nova-network" +screen_it sched "$NOVA_DIR/bin/nova-scheduler" +screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" +screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" +screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" + +# FIXME: switch to just importing images +# remove previously converted images +rm -rf $DIR/images/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] +$NOVA_DIR/bin/nova-manage image convert $DIR/images From 6163257a94aa03188f5604a12742b24d133a0c6f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 17:40:00 -0700 Subject: [PATCH 020/278] only clone if the directory doesn't exist already --- stack.sh | 21 ++++++++++++++------- 1 file changed, 14 insertions(+), 7 deletions(-) diff --git a/stack.sh b/stack.sh index 8d71f75..ebbb479 100755 --- a/stack.sh +++ b/stack.sh @@ -48,21 +48,28 @@ apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` # install python requirements pip install `cat $DIR/pips/*` +# git clone only if directory doesn't exist already +function git_clone { + if [ ! -d $2 ]; then + git clone $1 $2 + fi +} + # compute service -git clone https://github.com/cloudbuilders/nova.git $NOVA_DIR +git_clone https://github.com/cloudbuilders/nova.git $NOVA_DIR # image catalog service -git clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR +git_clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR # unified auth system (manages accounts/tokens) -git clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR +git_clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR # a websockets/html5 or flash powered VNC console for vm instances -git clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR +git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack -git clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR +git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR # python client library to nova that dashboard (and others) use -git clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR +git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. -git clone https://github.com/cloudbuilders/openstackx.git $API_DIR +git_clone https://github.com/cloudbuilders/openstackx.git $API_DIR # setup our checkouts so they are installed into python path # allowing `import nova` or `import glance.client` From dd9f2966d27c44a2f9f666bd12099c3ebac6b343 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 17:42:43 -0700 Subject: [PATCH 021/278] update readme --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 4176f88..2db4373 100644 --- a/README +++ b/README @@ -5,7 +5,7 @@ Tool to build (nfs export) openstack dev environments * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * move back to using sudo * move to mysql -* Create and upload images +* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * Add volume support * Add quantum support * Add python-novaclient cli support From e49b8bd68d82066e00c9bd694acbb1e1405d3ade Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 18:08:04 -0700 Subject: [PATCH 022/278] switch to using glance to upload images --- stack.sh | 31 +++++++++++++++++++------------ 1 file changed, 19 insertions(+), 12 deletions(-) diff --git a/stack.sh b/stack.sh index ebbb479..84486ca 100755 --- a/stack.sh +++ b/stack.sh @@ -119,14 +119,6 @@ chown -R www-data:www-data $DASH_DIR mkdir -p /var/log/glance -# prepare initial images for loading into glance -if [ ! -f $DEST/tty.tgz ]; then - wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz -fi - -mkdir -p $DEST/images -tar -C $DEST/images -zxf $DEST/tty.tgz - # add useful screenrc cp $DIR/files/screenrc ~/.screenrc @@ -208,8 +200,23 @@ screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keysto screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" -# FIXME: switch to just importing images -# remove previously converted images -rm -rf $DIR/images/[0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f][0-9a-f] -$NOVA_DIR/bin/nova-manage image convert $DIR/images + + +# ---- download an install images ---- + +mkdir -p $DEST/images +cd $DEST/images +# prepare initial images for loading into glance +if [ ! -f $DEST/tty.tgz ]; then + wget -c http://images.ansolabs.com/tty.tgz -O tty.tgz +fi + +# extract ami-tty/image, aki-tty/image & ari-tty/image +tar -zxf tty.tgz + +# import into glance +# FIXME(kernel/ramdisk is hardcoded - should look at result of first two commands?) +glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < aki-tty/image +glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < ari-tty/image +glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < ami-tty/image From 73e27b83e5d2d5beeda815d8ae613f89f32a9efd Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 17:55:00 -0700 Subject: [PATCH 023/278] move keystone initialization into stack.sh --- files/keystone_data.sh | 42 ++++++++++++++++++++++++++++++++++++++++++ stack.sh | 4 +--- 2 files changed, 43 insertions(+), 3 deletions(-) create mode 100755 files/keystone_data.sh diff --git a/files/keystone_data.sh b/files/keystone_data.sh new file mode 100755 index 0000000..9f73743 --- /dev/null +++ b/files/keystone_data.sh @@ -0,0 +1,42 @@ +#!/bin/bash +BIN_DIR=${BIN_DIR:-.} +# Tenants +$BIN_DIR/keystone-manage $* tenant add admin +$BIN_DIR/keystone-manage $* tenant add demo + +# Users +$BIN_DIR/keystone-manage $* user add demo secrete demo +$BIN_DIR/keystone-manage $* user add admin secrete admin + +# Roles +$BIN_DIR/keystone-manage $* role add Admin +$BIN_DIR/keystone-manage $* role add Member +$BIN_DIR/keystone-manage $* role grant Admin admin + +#endpointTemplates +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://localhost:8080/v1/AUTH_%tenant_id% http://localhost:8080/ http://localhost:8080/v1/AUTH_%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova_compat http://localhost:8774/v1.0/ http://localhost:8774/v1.0 http://localhost:8774/v1.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://localhost:8080/v2.0 http://localhost:8081/v2.0 http://localhost:8080/v2.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://localhost:5000/v2.0 http://localhost:5001/v2.0 http://localhost:5000/v2.0 1 1 + +# Tokens +$BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00 + +#Tenant endpoints +$BIN_DIR/keystone-manage $* endpoint add admin 1 +$BIN_DIR/keystone-manage $* endpoint add admin 2 +$BIN_DIR/keystone-manage $* endpoint add admin 3 +$BIN_DIR/keystone-manage $* endpoint add admin 4 +$BIN_DIR/keystone-manage $* endpoint add admin 5 +$BIN_DIR/keystone-manage $* endpoint add admin 6 + +$BIN_DIR/keystone-manage $* endpoint add demo 1 +$BIN_DIR/keystone-manage $* endpoint add demo 2 +$BIN_DIR/keystone-manage $* endpoint add demo 3 +$BIN_DIR/keystone-manage $* endpoint add demo 4 +$BIN_DIR/keystone-manage $* endpoint add demo 5 +$BIN_DIR/keystone-manage $* endpoint add demo 6 + +$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" diff --git a/stack.sh b/stack.sh index 84486ca..ad6a979 100755 --- a/stack.sh +++ b/stack.sh @@ -174,10 +174,8 @@ rm -f $NOVA_DIR/nova.sqlite $NOVA_DIR/bin/nova-manage db sync # initialize keystone with default users/endpoints -# FIXME(ja): move initial_data.sh into this script rm -f /opt/keystone/keystone.db -curl -OL https://raw.github.com/cloudbuilders/deploy.sh/master/initial_data.sh -BIN_DIR=$KEYSTONE_DIR/bin bash initial_data.sh +BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh # create a small network $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 From 55508d62e7c3977a267e97231e7b1f5106705e3c Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 19:00:28 -0700 Subject: [PATCH 024/278] make SQL_CONN an ENV, change order of screened items --- stack.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/stack.sh b/stack.sh index ad6a979..dda1780 100755 --- a/stack.sh +++ b/stack.sh @@ -38,7 +38,7 @@ NET_MAN=${NET_MAN:-VlanManager} # TODO: set rabbitmq conn string explicitly as well # TODO: switch to mysql for all services -SQL_CONN=sqlite:///$NOVA_DIR/nova.sqlite +SQL_CONN=${SQL_CONN:-sqlite:///$NOVA_DIR/nova.sqlite} # FIXME: commands should be: stack.sh should allow specifying a subset of services @@ -188,14 +188,14 @@ $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite -screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" -screen_it cpu "$NOVA_DIR/bin/nova-compute" -screen_it net "$NOVA_DIR/bin/nova-network" -screen_it sched "$NOVA_DIR/bin/nova-scheduler" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" -screen_it vnc "$NOVA_DIR/bin/nova-vncproxy" +screen_it n-api "$NOVA_DIR/bin/nova-api" +screen_it n-cpu "$NOVA_DIR/bin/nova-compute" +screen_it n-net "$NOVA_DIR/bin/nova-network" +screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" +screen_it n-vnc "$NOVA_DIR/bin/nova-vncproxy" screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" From be395c1e9a49684fedf2fdf63050713c6405c90f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 19:11:30 -0700 Subject: [PATCH 025/278] more docs and fix path issue for image locations --- stack.sh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/stack.sh b/stack.sh index dda1780..478592f 100755 --- a/stack.sh +++ b/stack.sh @@ -2,6 +2,8 @@ # **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. +# FIXME: commands should be: stack.sh should allow specifying a subset of services + # Quit script on error set -o errexit @@ -25,7 +27,7 @@ if [ ! -n "$HOST_IP" ]; then HOST_IP=`LC_ALL=C ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` fi -# NOVA CONFIGURATION +# NOVA network / hypervisor configuration INTERFACE=${INTERFACE:-eth0} FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} @@ -40,7 +42,6 @@ NET_MAN=${NET_MAN:-VlanManager} # TODO: switch to mysql for all services SQL_CONN=${SQL_CONN:-sqlite:///$NOVA_DIR/nova.sqlite} -# FIXME: commands should be: stack.sh should allow specifying a subset of services # install apt requirements apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` @@ -87,6 +88,8 @@ modprobe kvm || true # if kvm wasn't running before we need to restart libvirt to enable it /etc/init.d/libvirt-bin restart +# FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded? + # setup nova instance directory mkdir -p $NOVA_DIR/instances @@ -206,14 +209,14 @@ mkdir -p $DEST/images cd $DEST/images # prepare initial images for loading into glance if [ ! -f $DEST/tty.tgz ]; then - wget -c http://images.ansolabs.com/tty.tgz -O tty.tgz + wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz fi # extract ami-tty/image, aki-tty/image & ari-tty/image -tar -zxf tty.tgz +tar -zxf $DEST/tty.tgz -# import into glance -# FIXME(kernel/ramdisk is hardcoded - should look at result of first two commands?) +# add images to glance +# FIXME: kernel/ramdisk is hardcoded - use return result from add glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < aki-tty/image glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < ari-tty/image glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < ami-tty/image From 1c1d1505c7b5527e550a91146855336e5bb2d064 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 19:29:56 -0700 Subject: [PATCH 026/278] mysql-izing for nova --- README | 14 +++++++++----- apts/nova | 2 ++ build.sh | 2 +- stack.sh | 32 ++++++++++++++++++++------------ 4 files changed, 32 insertions(+), 18 deletions(-) diff --git a/README b/README index 2db4373..b93c615 100644 --- a/README +++ b/README @@ -2,15 +2,19 @@ Tool to build (nfs export) openstack dev environments # Todo -* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * move back to using sudo +* Add python-novaclient cli support * move to mysql -* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * Add volume support -* Add quantum support -* Add python-novaclient cli support +* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * allow changing of git locations (specify different tag/branch or repos) -* allow sql/rabbit connection to be specified via environment variables with sensible defaults +* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume +* Add quantum support +* allow rabbit connection to be specified via environment variables with sensible defaults + +# Done + +* sqlconn can be set via env # Future diff --git a/apts/nova b/apts/nova index c23a609..6b867b2 100644 --- a/apts/nova +++ b/apts/nova @@ -1,5 +1,7 @@ dnsmasq-base kpartx +mysql-server +python-mysqldb kvm gawk iptables diff --git a/build.sh b/build.sh index 1523ece..89d8141 100755 --- a/build.sh +++ b/build.sh @@ -13,7 +13,7 @@ if [ ! -d proto ]; then debootstrap natty proto cp files/sources.list proto/etc/apt/sources.list chroot proto apt-get update - chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin)"` + chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot proto pip install `cat pips/*` git clone https://github.com/cloudbuilders/nova.git proto/opt/nova git clone https://github.com/cloudbuilders/openstackx.git proto/opt/openstackx diff --git a/stack.sh b/stack.sh index 478592f..0faa09b 100755 --- a/stack.sh +++ b/stack.sh @@ -38,10 +38,17 @@ NET_MAN=${NET_MAN:-VlanManager} # ip or you risk breaking things. # FLAT_INTERFACE=eth0 -# TODO: set rabbitmq conn string explicitly as well # TODO: switch to mysql for all services -SQL_CONN=${SQL_CONN:-sqlite:///$NOVA_DIR/nova.sqlite} +MYSQL_PASS=${MYSQL_PASS:-nova} +SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova} +# TODO: set rabbitmq conn string explicitly as well +# seed configuration with mysql password +cat < /etc/apache2/sites-enabled/000-default - chown -R www-data:www-data $DASH_DIR mkdir -p /var/log/glance @@ -129,12 +136,6 @@ cp $DIR/files/screenrc ~/.screenrc NL=`echo -ne '\015'` -function screen_it { - # nova api crashes if we start it with a regular screen command, - # so send the start command by forcing text into the window. - screen -S nova -X screen -t $1 - screen -S nova -p $1 -X stuff "$2$NL" -} function add_nova_flag { echo "$1" >> $NOVA_DIR/bin/nova.conf @@ -173,7 +174,8 @@ rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks # (re)create nova database -rm -f $NOVA_DIR/nova.sqlite +mysql -p$MYSQL_PASS -e 'DROP DATABASE nova;' +mysql -p$MYSQL_PASS -e 'CREATE DATABASE nova;' $NOVA_DIR/bin/nova-manage db sync # initialize keystone with default users/endpoints @@ -191,6 +193,13 @@ $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite +# nova api crashes if we start it with a regular screen command, +# so send the start command by forcing text into the window. +function screen_it { + screen -S nova -X screen -t $1 + screen -S nova -p $1 -X stuff "$2$NL" +} + screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" @@ -202,7 +211,6 @@ screen_it n-vnc "$NOVA_DIR/bin/nova-vncproxy" screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" - # ---- download an install images ---- mkdir -p $DEST/images From 834531c5bfac5797c634d61fe21cbe1de0bf1dcc Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 19:37:57 -0700 Subject: [PATCH 027/278] don't explode if nova db doesn't exist and install a few more libraries during bootstrap --- apts/nova | 2 ++ stack.sh | 7 ++++--- 2 files changed, 6 insertions(+), 3 deletions(-) diff --git a/apts/nova b/apts/nova index 6b867b2..a846b06 100644 --- a/apts/nova +++ b/apts/nova @@ -1,6 +1,8 @@ dnsmasq-base kpartx mysql-server +mysql-common # install mysql-common/client explicitly since mysql-server isn't bootstrapped +mysql-client-5.1 python-mysqldb kvm gawk diff --git a/stack.sh b/stack.sh index 0faa09b..e82933d 100755 --- a/stack.sh +++ b/stack.sh @@ -102,8 +102,9 @@ mkdir -p $NOVA_DIR/instances # if there is a partition labeled nova-instances use it (ext filesystems # can be labeled via e2label) +# FIXME: if already mounted this blows up... if [ -L /dev/disk/by-label/nova-instances ]; then - mount -L nova-instances /$NOVA_DIR/instances + mount -L nova-instances $NOVA_DIR/instances fi # *Dashboard*: setup django application to serve via apache/wsgi @@ -111,7 +112,7 @@ fi # Dash currently imports quantum even if you aren't using it. Instead # of installing quantum we can create a simple module that will pass the # initial imports -mkdir $DASH_DIR/openstack-dashboard/quantum +mkdir $DASH_DIR/openstack-dashboard/quantum || true touch $DASH_DIR/openstack-dashboard/quantum/__init__.py touch $DASH_DIR/openstack-dashboard/quantum/client.py @@ -174,7 +175,7 @@ rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks # (re)create nova database -mysql -p$MYSQL_PASS -e 'DROP DATABASE nova;' +mysql -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true mysql -p$MYSQL_PASS -e 'CREATE DATABASE nova;' $NOVA_DIR/bin/nova-manage db sync From 72d69636dfd13b3975ceb6e11f7675d4d57a604b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 12 Sep 2011 21:09:55 -0700 Subject: [PATCH 028/278] add script to launch stack.sh in an lxc container --- lxc/lxc_stack.sh | 76 ++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 76 insertions(+) create mode 100755 lxc/lxc_stack.sh diff --git a/lxc/lxc_stack.sh b/lxc/lxc_stack.sh new file mode 100755 index 0000000..4f1686c --- /dev/null +++ b/lxc/lxc_stack.sh @@ -0,0 +1,76 @@ +#!/bin/bash +# Configurable params +BRIDGE=${BRIDGE:-br0} +CONTAINER=${CONTAINER:-TESTER} +CONTAINER_IP=${CONTAINER_IP:-192.168.1.50} +CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24} +CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} +CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} +NAMESERVER=${NAMESERVER:-192.168.1.1} +COPYENV=${COPYENV:-1} + +# Destroy any existing container +lxc-stop -n $CONTAINER +lxc-destroy -n $CONTAINER + +# Create network configuration +NET_CONF=/tmp/net.conf +cat > $NET_CONF < $INTERFACES < $INSTALL_SH < $RC_LOCAL < Date: Mon, 12 Sep 2011 21:12:20 -0700 Subject: [PATCH 029/278] dash instead of underscore? --- lxc/{lxc_stack.sh => lxc-stack.sh} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename lxc/{lxc_stack.sh => lxc-stack.sh} (100%) diff --git a/lxc/lxc_stack.sh b/lxc/lxc-stack.sh similarity index 100% rename from lxc/lxc_stack.sh rename to lxc/lxc-stack.sh From 0d8f44a7327732cb8f5617f787be5ef4138261f1 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 12 Sep 2011 21:16:37 -0700 Subject: [PATCH 030/278] rename to build_lxc.sh --- lxc/lxc-stack.sh => build_lxc.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename lxc/lxc-stack.sh => build_lxc.sh (100%) diff --git a/lxc/lxc-stack.sh b/build_lxc.sh similarity index 100% rename from lxc/lxc-stack.sh rename to build_lxc.sh From 4f0c9bc6a8deb0801558fa8fc682642deacfc4db Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 21:18:51 -0700 Subject: [PATCH 031/278] move build to build_nfs since tones added lxc support --- build.sh => build_nfs.sh | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename build.sh => build_nfs.sh (100%) diff --git a/build.sh b/build_nfs.sh similarity index 100% rename from build.sh rename to build_nfs.sh From 9a052d5d9c9b09f5a1df1739b368ea1e880c6249 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 21:46:12 -0700 Subject: [PATCH 032/278] add a new user stack with sudoers privileges (start of using sudo again) --- build_nfs.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/build_nfs.sh b/build_nfs.sh index 89d8141..fbfecfc 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -51,5 +51,11 @@ if [ -f /root/.ssh/id_rsa.pub ]; then fi # set root password to password -echo root:password | chroot $DEST chpasswd +echo root:pass | chroot $DEST chpasswd +# create a stack user +chroot $DEST useradd stack -s /bin/bash -d /opt +echo stack:pass | chroot $DEST chpasswd +chroot $DEST chown -R stack /opt + +echo "stack ALL=(ALL) NOPASSWD: ALL" >> $DEST/etc/sudoers From 18d350da3603863f6f899739165f5125858c2c6c Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 21:46:12 -0700 Subject: [PATCH 033/278] add a new user stack with sudoers privileges (start of using sudo again) --- apts/nova | 7 ------- apts/preseed | 12 ++++++++++++ build_nfs.sh | 8 +++++++- stack.sh | 41 +++++++++++++++++++++++------------------ 4 files changed, 42 insertions(+), 26 deletions(-) create mode 100644 apts/preseed diff --git a/apts/nova b/apts/nova index a846b06..eb85e26 100644 --- a/apts/nova +++ b/apts/nova @@ -1,8 +1,6 @@ dnsmasq-base kpartx mysql-server -mysql-common # install mysql-common/client explicitly since mysql-server isn't bootstrapped -mysql-client-5.1 python-mysqldb kvm gawk @@ -15,11 +13,6 @@ libvirt-bin vlan curl rabbitmq-server -erlang-base # install erlang deps for rabbit explicitly since we don't install rabbit during bootstrap -erlang-ssl -erlang-nox -erlang-inets -erlang-mnesia socat # used by ajaxterm python-mox python-paste diff --git a/apts/preseed b/apts/preseed new file mode 100644 index 0000000..d64c3b0 --- /dev/null +++ b/apts/preseed @@ -0,0 +1,12 @@ +# a collection of packages that speed up installation as they are dependencies +# of packages we can't install during bootstraping (rabbitmq-server, +# mysql-server, libvirt-bin) +# +# NOTE: only add packages to this file that aren't needed directly +mysql-common +mysql-client-5.1 +erlang-base +erlang-ssl +erlang-nox +erlang-inets +erlang-mnesia diff --git a/build_nfs.sh b/build_nfs.sh index 89d8141..fbfecfc 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -51,5 +51,11 @@ if [ -f /root/.ssh/id_rsa.pub ]; then fi # set root password to password -echo root:password | chroot $DEST chpasswd +echo root:pass | chroot $DEST chpasswd +# create a stack user +chroot $DEST useradd stack -s /bin/bash -d /opt +echo stack:pass | chroot $DEST chpasswd +chroot $DEST chown -R stack /opt + +echo "stack ALL=(ALL) NOPASSWD: ALL" >> $DEST/etc/sudoers diff --git a/stack.sh b/stack.sh index e82933d..ccdb193 100755 --- a/stack.sh +++ b/stack.sh @@ -44,17 +44,17 @@ SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova} # TODO: set rabbitmq conn string explicitly as well # seed configuration with mysql password -cat < /etc/apache2/sites-enabled/000-default -chown -R www-data:www-data $DASH_DIR +cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /tmp/000-default +sudo mv /tmp/000-default /etc/apache2/sites-enabled + +# `python setup.py develop` left some files owned by root in $DASH_DIR and +# others by the original owner. We need to change the owner to apache so +# dashboard can run +sudo chown -R www-data:www-data $DASH_DIR mkdir -p /var/log/glance @@ -175,8 +180,8 @@ rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks # (re)create nova database -mysql -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true -mysql -p$MYSQL_PASS -e 'CREATE DATABASE nova;' +mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true +mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;' $NOVA_DIR/bin/nova-manage db sync # initialize keystone with default users/endpoints From 9053d6a0ea640a6f37b8238b8438e97b964f8ce4 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 22:13:11 -0700 Subject: [PATCH 034/278] glance issues with sudo --- stack.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index ccdb193..906755b 100755 --- a/stack.sh +++ b/stack.sh @@ -133,7 +133,8 @@ sudo mv /tmp/000-default /etc/apache2/sites-enabled # dashboard can run sudo chown -R www-data:www-data $DASH_DIR -mkdir -p /var/log/glance +sudo mkdir -p /var/log/glance +sudo chown `whoami` /var/log/glance # add useful screenrc cp $DIR/files/screenrc ~/.screenrc @@ -196,7 +197,7 @@ $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE # delete existing glance images/database. Glance will recreate the db # when it is ran. -rm -rf /var/lib/glance/images/* +#rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite # nova api crashes if we start it with a regular screen command, From e2c3a37f6c63908833b7ada01c104a482108f121 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 12 Sep 2011 23:25:37 -0700 Subject: [PATCH 035/278] fix apt-get update, add crude caching --- build_lxc.sh | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 4f1686c..8d5ef42 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -13,6 +13,16 @@ COPYENV=${COPYENV:-1} lxc-stop -n $CONTAINER lxc-destroy -n $CONTAINER +FSTAB=/tmp/fstab +cat > $FSTAB < $NET_CONF < $INSTALL_SH < $RC_LOCAL < Date: Mon, 12 Sep 2011 23:48:30 -0700 Subject: [PATCH 036/278] running as a regular user works --- apts/preseed | 6 ++++++ build_nfs.sh | 10 ++++++++-- stack.sh | 16 +++++++++++++--- 3 files changed, 27 insertions(+), 5 deletions(-) diff --git a/apts/preseed b/apts/preseed index d64c3b0..8712d5d 100644 --- a/apts/preseed +++ b/apts/preseed @@ -10,3 +10,9 @@ erlang-ssl erlang-nox erlang-inets erlang-mnesia +libhtml-template-perl +gettext-base +libavahi-client3 +libxml2-utils +libpciaccess0 +libparted0debian1 diff --git a/build_nfs.sh b/build_nfs.sh index fbfecfc..6509011 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -53,9 +53,15 @@ fi # set root password to password echo root:pass | chroot $DEST chpasswd -# create a stack user -chroot $DEST useradd stack -s /bin/bash -d /opt +# Create a stack user that is a member of the libvirtd group so that stack +# is able to interact with libvirt. +chroot $DEST groupadd libvirtd +chroot $DEST useradd stack -s /bin/bash -d /opt -G libvirtd +# a simple password - pass echo stack:pass | chroot $DEST chpasswd +# give stack ownership over /opt so it may do the work needed chroot $DEST chown -R stack /opt +# and has sudo ability (in the future this should be limited to only what +# stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $DEST/etc/sudoers diff --git a/stack.sh b/stack.sh index 906755b..730dc5c 100755 --- a/stack.sh +++ b/stack.sh @@ -92,6 +92,8 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop # device - used to manage qcow images) sudo modprobe nbd || true sudo modprobe kvm || true +# user needs to be member of libvirtd group for nova-compute to use libvirt +sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it sudo /etc/init.d/libvirt-bin restart @@ -105,6 +107,7 @@ mkdir -p $NOVA_DIR/instances # FIXME: if already mounted this blows up... if [ -L /dev/disk/by-label/nova-instances ]; then sudo mount -L nova-instances $NOVA_DIR/instances + sudo chown -R `whoami` $NOVA_DIR/instances fi # *Dashboard*: setup django application to serve via apache/wsgi @@ -187,6 +190,8 @@ $NOVA_DIR/bin/nova-manage db sync # initialize keystone with default users/endpoints rm -f /opt/keystone/keystone.db +# FIXME keystone creates a keystone.log wherever you run it from (bugify) +cd /tmp BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh # create a small network @@ -197,7 +202,10 @@ $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE # delete existing glance images/database. Glance will recreate the db # when it is ran. -#rm -rf /var/lib/glance/images/* +# FIXME: configure glance not to shove files in /var/lib/glance? +sudo mkdir -p /var/lib/glance +sudo chown -R `whoami` /var/lib/glance +rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite # nova api crashes if we start it with a regular screen command, @@ -209,13 +217,15 @@ function screen_it { screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" -screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" +# keystone drops a keystone.log where if it is run, so change the path to +# where it can write +screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it n-cpu "$NOVA_DIR/bin/nova-compute" screen_it n-net "$NOVA_DIR/bin/nova-network" screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" screen_it n-vnc "$NOVA_DIR/bin/nova-vncproxy" -screen_it dash "/etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" +screen_it dash "sudo /etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" # ---- download an install images ---- From e192c38f46248ad82789d2902f5fcf2d67419718 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 12 Sep 2011 23:52:03 -0700 Subject: [PATCH 037/278] update readme --- README | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/README b/README index b93c615..0c7e5fe 100644 --- a/README +++ b/README @@ -2,7 +2,6 @@ Tool to build (nfs export) openstack dev environments # Todo -* move back to using sudo * Add python-novaclient cli support * move to mysql * Add volume support @@ -11,10 +10,14 @@ Tool to build (nfs export) openstack dev environments * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * Add quantum support * allow rabbit connection to be specified via environment variables with sensible defaults +* syslog +* munin +* check puppet recipes to see if anything else is missing # Done * sqlconn can be set via env +* move back to using sudo # Future From 1bbd9e01dfb086e44ea54aae819bf335a1c48953 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 12 Sep 2011 23:59:19 -0700 Subject: [PATCH 038/278] use pip cache directory --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 730dc5c..f537f9e 100755 --- a/stack.sh +++ b/stack.sh @@ -54,7 +54,7 @@ MYSQL_PRESEED sudo apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` # install python requirements -sudo pip install `cat $DIR/pips/*` +sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $DIR/pips/*` # git clone only if directory doesn't exist already function git_clone { From 710eeec0f4d49cec4102bba6a8467df56307f297 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 13 Sep 2011 00:04:24 -0700 Subject: [PATCH 039/278] update readme --- README | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/README b/README index 0c7e5fe..c30f61c 100644 --- a/README +++ b/README @@ -3,21 +3,22 @@ Tool to build (nfs export) openstack dev environments # Todo * Add python-novaclient cli support -* move to mysql +* move keystone/glance/dash to mysql +* syslog +* munin +* check openstack-puppet recipes to see if anything else is missing +* allow rabbit connection to be specified via environment variables with sensible defaults * Add volume support * extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * allow changing of git locations (specify different tag/branch or repos) * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * Add quantum support -* allow rabbit connection to be specified via environment variables with sensible defaults -* syslog -* munin -* check puppet recipes to see if anything else is missing # Done * sqlconn can be set via env * move back to using sudo +* move nova to mysql # Future From 5f6c93b1fcb52e5f6a97cc9cc7cf2260b9b711b2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 00:04:57 -0700 Subject: [PATCH 040/278] crude pip caching, remove no-op fstab --- build_lxc.sh | 21 ++++++--------------- 1 file changed, 6 insertions(+), 15 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 8d5ef42..31b370e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -13,16 +13,6 @@ COPYENV=${COPYENV:-1} lxc-stop -n $CONTAINER lxc-destroy -n $CONTAINER -FSTAB=/tmp/fstab -cat > $FSTAB < $NET_CONF < $RC_LOCAL < Date: Tue, 13 Sep 2011 00:59:54 -0700 Subject: [PATCH 041/278] start to use RST thanks to termie's port --- stack.sh | 25 ++++++++++++++++++++++--- 1 file changed, 22 insertions(+), 3 deletions(-) diff --git a/stack.sh b/stack.sh index f537f9e..6f6ef27 100755 --- a/stack.sh +++ b/stack.sh @@ -4,12 +4,17 @@ # FIXME: commands should be: stack.sh should allow specifying a subset of services +# Settings/Options +# ---------------- + # Quit script on error set -o errexit # Log commands as they are run for debugging set -o xtrace +# Important paths: `DIR` is where we are executing from and `DEST` is where we +# are installing openstack. DIR=`pwd` DEST=/opt @@ -33,6 +38,7 @@ FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} NET_MAN=${NET_MAN:-VlanManager} + # NOTE(vish): If you are using FlatDHCP on multiple hosts, set the interface # below but make sure that the interface doesn't already have an # ip or you risk breaking things. @@ -43,6 +49,11 @@ MYSQL_PASS=${MYSQL_PASS:-nova} SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova} # TODO: set rabbitmq conn string explicitly as well +# Install Packages +# ---------------- +# +# Openstack uses a fair number of other projects. + # seed configuration with mysql password cat < Date: Tue, 13 Sep 2011 01:24:50 -0700 Subject: [PATCH 042/278] more doc updates --- stack.sh | 67 +++++++++++++++++++++++++++++++++++++------------------- 1 file changed, 44 insertions(+), 23 deletions(-) diff --git a/stack.sh b/stack.sh index 6f6ef27..3cdc27b 100755 --- a/stack.sh +++ b/stack.sh @@ -2,19 +2,27 @@ # **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. -# FIXME: commands should be: stack.sh should allow specifying a subset of services - # Settings/Options -# ---------------- +# ================ + +# This script is customizable through setting environment variables. If you +# want to override a setting you can either:: +# +# export MYSQL_PASS=anothersecret +# ./stack.sh +# +# or run on a single line ``MYSQL_PASS=simple ./stack.sh`` -# Quit script on error +# This script exits on an error so that errors don't compound and you see +# only the first error that occured. set -o errexit -# Log commands as they are run for debugging +# Print the commands being run so that we can see the command that triggers +# an error. It is also useful for following allowing as the install occurs. set -o xtrace -# Important paths: `DIR` is where we are executing from and `DEST` is where we -# are installing openstack. +# Important paths: ``DIR`` is where we are executing from and ``DEST`` is +# where we are installing openstack. DIR=`pwd` DEST=/opt @@ -27,34 +35,38 @@ NOVACLIENT_DIR=$DEST/python-novaclient API_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC -# Use the first IP unless an explicit is set by a HOST_IP environment variable +# Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then HOST_IP=`LC_ALL=C ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` fi -# NOVA network / hypervisor configuration +# Nova network configuration INTERFACE=${INTERFACE:-eth0} FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} -LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} NET_MAN=${NET_MAN:-VlanManager} -# NOTE(vish): If you are using FlatDHCP on multiple hosts, set the interface -# below but make sure that the interface doesn't already have an -# ip or you risk breaking things. +# If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` +# variable but make sure that the interface doesn't already have an +# ip or you risk breaking things. # FLAT_INTERFACE=eth0 +# Nova hypervisor configuration +LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} + + # TODO: switch to mysql for all services MYSQL_PASS=${MYSQL_PASS:-nova} SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova} # TODO: set rabbitmq conn string explicitly as well # Install Packages -# ---------------- +# ================ # # Openstack uses a fair number of other projects. -# seed configuration with mysql password +# Seed configuration with mysql password so that apt-get install doesn't +# prompt us for a password upon install. cat < /tmp/000-default sudo mv /tmp/000-default /etc/apache2/sites-enabled -# `python setup.py develop` left some files owned by root in $DASH_DIR and +# ``python setup.py develop`` left some files owned by root in $DASH_DIR and # others by the original owner. We need to change the owner to apache so # dashboard can run sudo chown -R www-data:www-data $DASH_DIR +# Glance +# ------ + sudo mkdir -p /var/log/glance sudo chown `whoami` /var/log/glance @@ -158,6 +176,9 @@ cp $DIR/files/screenrc ~/.screenrc # TODO: update current user to allow sudo for all commands in files/sudo/* +# Nova +# ---- + NL=`echo -ne '\015'` @@ -222,8 +243,8 @@ sudo chown -R `whoami` /var/lib/glance rm -rf /var/lib/glance/images/* rm -f $GLANCE_DIR/glance.sqlite -# Launching Services -# ------------------ +# Launch Services +# =============== # nova api crashes if we start it with a regular screen command, # so send the start command by forcing text into the window. @@ -244,8 +265,8 @@ screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" screen_it n-vnc "$NOVA_DIR/bin/nova-vncproxy" screen_it dash "sudo /etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" -# Installing Images -# ----------------- +# Install Images +# ============== # Downloads a tty image (ami/aki/ari style), then extracts it. Upon extraction # we upload to glance with the glance cli tool. From b3c0454a6edbee450a110b289b6f2f423b4fa830 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 01:28:18 -0700 Subject: [PATCH 043/278] more tweaks to lxc builder --- build_lxc.sh | 22 ++++++++++++++++++---- 1 file changed, 18 insertions(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 31b370e..1a2cea3 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -8,10 +8,13 @@ CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} NAMESERVER=${NAMESERVER:-192.168.1.1} COPYENV=${COPYENV:-1} +WARMCACHE=${WARMCACHE:-0} # Destroy any existing container lxc-stop -n $CONTAINER +sleep 1 lxc-destroy -n $CONTAINER +sleep 1 # Create network configuration NET_CONF=/tmp/net.conf @@ -25,12 +28,21 @@ EOF # Configure the network lxc-create -n $CONTAINER -t natty -f $NET_CONF +if [ "$WARMCACHE" = "1" ]; then + # Pre-cache files + BASECACHE=/var/cache/lxc/natty/rootfs-amd64 + chroot $BASECACHE apt-get update + chroot $BASECACHE apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $BASECACHE pip install `cat pips/*` +fi + # Where our container lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ -# Copy over your ssh keys if desired -if [ $COPYENV ]; then +# Copy over your ssh keys and env if desired +if [ "$COPYENV" = "1" ]; then cp -pr ~/.ssh $ROOTFS/root/.ssh + cp -p ~/.ssh/id_rsa.pub $ROOTFS/root/.ssh/authorized_keys cp -pr ~/.gitconfig $ROOTFS/root/.gitconfig cp -pr ~/.vimrc $ROOTFS/root/.vimrc cp -pr ~/.bashrc $ROOTFS/root/.bashrc @@ -79,8 +91,10 @@ cp -pr $CACHEDIR/apt/* $ROOTFS/var/cache/apt/ cp -pr $CACHEDIR/pip/* $ROOTFS/var/cache/pip/ # Configure cgroup directory -mkdir -p /cgroup -mount none -t cgroup /cgroup +if [ ! -d /cgroup ] ; then + mkdir -p /cgroup + mount none -t cgroup /cgroup +fi # Start our container lxc-start -d -n $CONTAINER From 99003e7511e35cd18b3b5a806a12bdda9e5934f4 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 02:05:12 -0700 Subject: [PATCH 044/278] a variety of tweaks for lxc stackiness --- build_lxc.sh | 58 ++++++++++++++++++++++++++++++---------------------- 1 file changed, 34 insertions(+), 24 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 1a2cea3..d247818 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -12,9 +12,19 @@ WARMCACHE=${WARMCACHE:-0} # Destroy any existing container lxc-stop -n $CONTAINER -sleep 1 +sleep 2 lxc-destroy -n $CONTAINER -sleep 1 +sleep 2 + +CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 +if [ "$WARMCACHE" = "1" ]; then + if [ -d $CACHEDIR ]; then + # Pre-cache files + chroot $CACHEDIR apt-get update + chroot $CACHEDIR apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CACHEDIR pip install `cat pips/*` + fi +fi # Create network configuration NET_CONF=/tmp/net.conf @@ -27,14 +37,7 @@ EOF # Configure the network lxc-create -n $CONTAINER -t natty -f $NET_CONF - -if [ "$WARMCACHE" = "1" ]; then - # Pre-cache files - BASECACHE=/var/cache/lxc/natty/rootfs-amd64 - chroot $BASECACHE apt-get update - chroot $BASECACHE apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot $BASECACHE pip install `cat pips/*` -fi +sleep 2 # Where our container lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ @@ -67,9 +70,27 @@ cat > $INSTALL_SH <> /etc/sudoers + +# Install and run stack.sh apt-get update apt-get -y --force-yes install git-core vim-nox sudo -git clone git://github.com/cloudbuilders/nfs-stack.git /root/nfs-stack +su -c "git clone git://github.com/cloudbuilders/nfs-stack.git /opt/nfs-stack" stack +su -c "cd /opt/nfs-stack && ./stack.sh" stack EOF chmod 700 $INSTALL_SH @@ -81,20 +102,9 @@ cat > $RC_LOCAL < Date: Tue, 13 Sep 2011 03:02:38 -0700 Subject: [PATCH 045/278] woot! more reliable lxc teardown --- build_lxc.sh | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index d247818..a052c0b 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -12,9 +12,11 @@ WARMCACHE=${WARMCACHE:-0} # Destroy any existing container lxc-stop -n $CONTAINER -sleep 2 +sleep 1 +cgdelete -r cpu,net_cls:$CONTAINER +sleep 1 lxc-destroy -n $CONTAINER -sleep 2 +sleep 1 CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 if [ "$WARMCACHE" = "1" ]; then @@ -68,6 +70,7 @@ EOF INSTALL_SH=$ROOTFS/root/install.sh cat > $INSTALL_SH < /etc/rc.local echo "nameserver $NAMESERVER" | resolvconf -a eth0 sleep 1 # Create a stack user that is a member of the libvirtd group so that stack @@ -108,3 +111,12 @@ mount none -t cgroup /cgroup # Start our container lxc-start -d -n $CONTAINER + +cat << EOF > /bin/remove_dead_cgroup.shecho +"Removing dead cgroup .$CONTAINER." >> /var/log/cgroup +rmdir /cgroup/$CONTAINER >> /var/log/cgroup 2>&1 +echo "return value was $?" >> /var/log/cgroup +EOF +chmod 755 /bin/remove_dead_cgroup.sh +echo /bin/remove_dead_cgroup.sh > /cgroup/release_agent +echo 1 > /cgroup/notify_on_release From f49d7eeab5ec54962a08830e03373044c4177043 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 03:29:52 -0700 Subject: [PATCH 046/278] enable tun/tap --- build_lxc.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/build_lxc.sh b/build_lxc.sh index a052c0b..2ef5c08 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -35,6 +35,7 @@ lxc.network.type = veth lxc.network.link = $BRIDGE lxc.network.flags = up lxc.network.ipv4 = $CONTAINER_CIDR +lxc.cgroup.devices.allow = c 10:200 rwm EOF # Configure the network From 1f81db690927007a23eebd3aed614f4fecd5d0af Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 03:35:00 -0700 Subject: [PATCH 047/278] make vnc work --- stack.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 3cdc27b..647ddbe 100755 --- a/stack.sh +++ b/stack.sh @@ -199,7 +199,7 @@ add_nova_flag "--sql_connection=$SQL_CONN" add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" -add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/noVNC/noVNC" +add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" add_nova_flag "--image_service=nova.image.glance.GlanceImageService" if [ -n "$FLAT_INTERFACE" ]; then @@ -262,7 +262,8 @@ screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it n-cpu "$NOVA_DIR/bin/nova-compute" screen_it n-net "$NOVA_DIR/bin/nova-network" screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" -screen_it n-vnc "$NOVA_DIR/bin/nova-vncproxy" +# nova-vncproxy binds a privileged port, and so needs sudo +screen_it n-vnc "sudo $NOVA_DIR/bin/nova-vncproxy" screen_it dash "sudo /etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" # Install Images From 40203cb1c4416bffe356c9cb94b08ed1cc04b04a Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 09:17:56 -0700 Subject: [PATCH 048/278] tweaks to cache warming, and better comments --- build_lxc.sh | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 2ef5c08..e4fda6e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -10,16 +10,19 @@ NAMESERVER=${NAMESERVER:-192.168.1.1} COPYENV=${COPYENV:-1} WARMCACHE=${WARMCACHE:-0} -# Destroy any existing container +# Shutdown any existing container lxc-stop -n $CONTAINER sleep 1 +# This prevents zombie containers cgdelete -r cpu,net_cls:$CONTAINER sleep 1 +# Destroy the old container lxc-destroy -n $CONTAINER sleep 1 +# Warm the base image on first run or when WARMCACHE=1 CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ "$WARMCACHE" = "1" ]; then +if [ "$WARMCACHE" = "1" ] || [ ! -d $CACHEDIR ]; then if [ -d $CACHEDIR ]; then # Pre-cache files chroot $CACHEDIR apt-get update @@ -29,17 +32,18 @@ if [ "$WARMCACHE" = "1" ]; then fi # Create network configuration -NET_CONF=/tmp/net.conf -cat > $NET_CONF < $LXC_CONF < Date: Tue, 13 Sep 2011 09:20:58 -0700 Subject: [PATCH 049/278] fix apache logging --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 647ddbe..3d21df5 100755 --- a/stack.sh +++ b/stack.sh @@ -264,7 +264,7 @@ screen_it n-net "$NOVA_DIR/bin/nova-network" screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" # nova-vncproxy binds a privileged port, and so needs sudo screen_it n-vnc "sudo $NOVA_DIR/bin/nova-vncproxy" -screen_it dash "sudo /etc/init.d/apache2 restart; tail -f /var/log/apache2/error.log" +screen_it dash "sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" # Install Images # ============== From bdbe6d98dbb1f1ef8b2e981760134c45499aabe3 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 09:43:46 -0700 Subject: [PATCH 050/278] allow for enabling/disabling of services. separate source dir from opt in lxc --- build_lxc.sh | 4 ++-- stack.sh | 7 ++++++- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index e4fda6e..628ac85 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -97,8 +97,8 @@ echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers # Install and run stack.sh apt-get update apt-get -y --force-yes install git-core vim-nox sudo -su -c "git clone git://github.com/cloudbuilders/nfs-stack.git /opt/nfs-stack" stack -su -c "cd /opt/nfs-stack && ./stack.sh" stack +su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack +su -c "cd ~/nfs-stack && ./stack.sh" stack EOF chmod 700 $INSTALL_SH diff --git a/stack.sh b/stack.sh index 3d21df5..21a66ed 100755 --- a/stack.sh +++ b/stack.sh @@ -34,6 +34,7 @@ KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient API_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC +ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then @@ -248,9 +249,13 @@ rm -f $GLANCE_DIR/glance.sqlite # nova api crashes if we start it with a regular screen command, # so send the start command by forcing text into the window. +ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash function screen_it { screen -S nova -X screen -t $1 - screen -S nova -p $1 -X stuff "$2$NL" + # only run the services specified in $ENABLED_SERVICES + if [[ $ENABLED_SERVICES == *$2* ]] then + screen -S nova -p $1 -X stuff "$2$NL" + fi } screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" From 7c3e5ed0552d30f9be052b55d6e6a98b9b45682a Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 09:57:31 -0700 Subject: [PATCH 051/278] more lxc cleanup - better stack user configuration --- build_lxc.sh | 51 ++++++++++++++++++++++++++++++--------------------- 1 file changed, 30 insertions(+), 21 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 628ac85..d3dd7ad 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -12,13 +12,12 @@ WARMCACHE=${WARMCACHE:-0} # Shutdown any existing container lxc-stop -n $CONTAINER -sleep 1 + # This prevents zombie containers cgdelete -r cpu,net_cls:$CONTAINER -sleep 1 + # Destroy the old container lxc-destroy -n $CONTAINER -sleep 1 # Warm the base image on first run or when WARMCACHE=1 CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 @@ -42,13 +41,27 @@ lxc.network.ipv4 = $CONTAINER_CIDR lxc.cgroup.devices.allow = c 10:200 rwm EOF -# Configure the network +# Create the container lxc-create -n $CONTAINER -t natty -f $LXC_CONF -sleep 2 -# Where our container lives +# Specify where our container lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ +# set root password to password +echo root:pass | chroot $ROOTFS chpasswd + +# Create a stack user that is a member of the libvirtd group so that stack +# is able to interact with libvirt. +chroot $ROOTFS groupadd libvirtd +chroot $ROOTFS useradd stack -s /bin/bash -d /opt -G libvirtd + +# a simple password - pass +echo stack:pass | chroot $ROOTFS chpasswd + +# and has sudo ability (in the future this should be limited to only what +# stack requires) +echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers + # Copy over your ssh keys and env if desired if [ "$COPYENV" = "1" ]; then cp -pr ~/.ssh $ROOTFS/root/.ssh @@ -56,8 +69,17 @@ if [ "$COPYENV" = "1" ]; then cp -pr ~/.gitconfig $ROOTFS/root/.gitconfig cp -pr ~/.vimrc $ROOTFS/root/.vimrc cp -pr ~/.bashrc $ROOTFS/root/.bashrc + + cp -pr ~/.ssh $ROOTFS/opt/.ssh + cp -p ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys + cp -pr ~/.gitconfig $ROOTFS/opt/.gitconfig + cp -pr ~/.vimrc $ROOTFS/opt/.vimrc + cp -pr ~/.bashrc $ROOTFS/opt/.bashrc fi +# give stack ownership over /opt so it may do the work needed +chroot $ROOTFS chown -R stack /opt + # Configure instance network INTERFACES=$ROOTFS/etc/network/interfaces cat > $INTERFACES < $INSTALL_SH < /etc/rc.local +# Make sure dns is set up echo "nameserver $NAMESERVER" | resolvconf -a eth0 sleep 1 -# Create a stack user that is a member of the libvirtd group so that stack -# is able to interact with libvirt. -groupadd libvirtd -useradd stack -s /bin/bash -d /opt -G libvirtd - -# a simple password - pass -echo stack:pass | chpasswd - -# give stack ownership over /opt so it may do the work needed -chown -R stack /opt - -# and has sudo ability (in the future this should be limited to only what -# stack requires) - -echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers # Install and run stack.sh apt-get update From 1003952b169472992792226b8ffdca5b92b3ac8e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 10:05:07 -0700 Subject: [PATCH 052/278] comment tweaks, provide CLEAN option to stack.sh --- build_lxc.sh | 2 +- stack.sh | 8 +++++++- 2 files changed, 8 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index d3dd7ad..5e07b1a 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -77,7 +77,7 @@ if [ "$COPYENV" = "1" ]; then cp -pr ~/.bashrc $ROOTFS/opt/.bashrc fi -# give stack ownership over /opt so it may do the work needed +# Give stack ownership over /opt so it may do the work needed chroot $ROOTFS chown -R stack /opt # Configure instance network diff --git a/stack.sh b/stack.sh index 21a66ed..0fe84ad 100755 --- a/stack.sh +++ b/stack.sh @@ -26,6 +26,13 @@ set -o xtrace DIR=`pwd` DEST=/opt +# Provide option to move aside any old code +if [ "$CLEAN" = "1"]; then + TMPDIR=/tmp/stackbak_`date +%s` + mkdir $TMPDIR + mv $DEST/* $TMPDIR +fi + # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash @@ -249,7 +256,6 @@ rm -f $GLANCE_DIR/glance.sqlite # nova api crashes if we start it with a regular screen command, # so send the start command by forcing text into the window. -ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash function screen_it { screen -S nova -X screen -t $1 # only run the services specified in $ENABLED_SERVICES From 9c261ef9386c22b9fbfcac1778b2d32de7600a39 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 10:13:23 -0700 Subject: [PATCH 053/278] simplifications - remove CLEAN option, remove unneccesary lxc code --- build_lxc.sh | 15 --------------- stack.sh | 7 ------- 2 files changed, 22 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 5e07b1a..1f33a33 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -64,12 +64,6 @@ echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers # Copy over your ssh keys and env if desired if [ "$COPYENV" = "1" ]; then - cp -pr ~/.ssh $ROOTFS/root/.ssh - cp -p ~/.ssh/id_rsa.pub $ROOTFS/root/.ssh/authorized_keys - cp -pr ~/.gitconfig $ROOTFS/root/.gitconfig - cp -pr ~/.vimrc $ROOTFS/root/.vimrc - cp -pr ~/.bashrc $ROOTFS/root/.bashrc - cp -pr ~/.ssh $ROOTFS/opt/.ssh cp -p ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys cp -pr ~/.gitconfig $ROOTFS/opt/.gitconfig @@ -125,12 +119,3 @@ mount none -t cgroup /cgroup # Start our container lxc-start -d -n $CONTAINER - -cat << EOF > /bin/remove_dead_cgroup.shecho -"Removing dead cgroup .$CONTAINER." >> /var/log/cgroup -rmdir /cgroup/$CONTAINER >> /var/log/cgroup 2>&1 -echo "return value was $?" >> /var/log/cgroup -EOF -chmod 755 /bin/remove_dead_cgroup.sh -echo /bin/remove_dead_cgroup.sh > /cgroup/release_agent -echo 1 > /cgroup/notify_on_release diff --git a/stack.sh b/stack.sh index 0fe84ad..c72a3af 100755 --- a/stack.sh +++ b/stack.sh @@ -26,13 +26,6 @@ set -o xtrace DIR=`pwd` DEST=/opt -# Provide option to move aside any old code -if [ "$CLEAN" = "1"]; then - TMPDIR=/tmp/stackbak_`date +%s` - mkdir $TMPDIR - mv $DEST/* $TMPDIR -fi - # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash From b748e69f0bb136e9e9eca54d6d3a68f786eeab3b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 10:16:13 -0700 Subject: [PATCH 054/278] give container a cooler name --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 1f33a33..4faa2e7 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,7 +1,7 @@ #!/bin/bash # Configurable params BRIDGE=${BRIDGE:-br0} -CONTAINER=${CONTAINER:-TESTER} +CONTAINER=${CONTAINER:-STACK} CONTAINER_IP=${CONTAINER_IP:-192.168.1.50} CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24} CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} From 6053496ebc8471890c26cc2845dad0c98d2f9832 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 10:40:04 -0700 Subject: [PATCH 055/278] simplify pre-cache procedure --- build_lxc.sh | 42 ++++++++++++++++++++---------------------- 1 file changed, 20 insertions(+), 22 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 4faa2e7..ba26f4f 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -8,7 +8,17 @@ CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} NAMESERVER=${NAMESERVER:-192.168.1.1} COPYENV=${COPYENV:-1} -WARMCACHE=${WARMCACHE:-0} + +# Create lxc configuration +LXC_CONF=/tmp/$CONTAINER.conf +cat > $LXC_CONF < $LXC_CONF < Date: Tue, 13 Sep 2011 10:43:44 -0700 Subject: [PATCH 056/278] no need to set root password --- build_lxc.sh | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index ba26f4f..4b10afc 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -42,12 +42,9 @@ lxc-destroy -n $CONTAINER # Create the container lxc-create -n $CONTAINER -t natty -f $LXC_CONF -# Specify where our container lives +# Specify where our container rootfs lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ -# set root password to password -echo root:pass | chroot $ROOTFS chpasswd - # Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $ROOTFS groupadd libvirtd From 17969713a5c2a3e22fd2886f22a14607b3d5c6ea Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 10:57:25 -0700 Subject: [PATCH 057/278] missing semi-colon --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index c72a3af..d1eba98 100755 --- a/stack.sh +++ b/stack.sh @@ -252,7 +252,7 @@ rm -f $GLANCE_DIR/glance.sqlite function screen_it { screen -S nova -X screen -t $1 # only run the services specified in $ENABLED_SERVICES - if [[ $ENABLED_SERVICES == *$2* ]] then + if [[ $ENABLED_SERVICES == *$2* ]]; then screen -S nova -p $1 -X stuff "$2$NL" fi } From 2135cf87c2455d73bf8dbe426c9983453330a883 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 11:07:11 -0700 Subject: [PATCH 058/278] back out service selection --- stack.sh | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index d1eba98..50a4bcf 100755 --- a/stack.sh +++ b/stack.sh @@ -251,10 +251,7 @@ rm -f $GLANCE_DIR/glance.sqlite # so send the start command by forcing text into the window. function screen_it { screen -S nova -X screen -t $1 - # only run the services specified in $ENABLED_SERVICES - if [[ $ENABLED_SERVICES == *$2* ]]; then - screen -S nova -p $1 -X stuff "$2$NL" - fi + screen -S nova -p $1 -X stuff "$2$NL" } screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" From 2a15a7c40afd22c9b4a14043a4bb569ccea82824 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 13 Sep 2011 13:22:14 -0500 Subject: [PATCH 059/278] Minor fixes --- stack.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/stack.sh b/stack.sh index 647ddbe..72c056f 100755 --- a/stack.sh +++ b/stack.sh @@ -37,7 +37,7 @@ NOVNC_DIR=$DEST/noVNC # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then - HOST_IP=`LC_ALL=C ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` + HOST_IP=`LC_ALL=C /sbin/ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` fi # Nova network configuration @@ -145,16 +145,16 @@ fi # of installing quantum we can create a simple module that will pass the # initial imports mkdir $DASH_DIR/openstack-dashboard/quantum || true -touch $DASH_DIR/openstack-dashboard/quantum/__init__.py -touch $DASH_DIR/openstack-dashboard/quantum/client.py +touch $DASH_DIR/openstack-dashboard/quantum/__init__.py || true +touch $DASH_DIR/openstack-dashboard/quantum/client.py || true cd $DASH_DIR/openstack-dashboard -cp local/local_settings.py.example local/local_settings.py +[ ! -r local/local_settings.py ] && cp local/local_settings.py.example local/local_settings.py dashboard/manage.py syncdb # setup apache # create an empty directory to use as our -mkdir $DASH_DIR/.blackhole +mkdir -p $DASH_DIR/.blackhole # FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /tmp/000-default From 292e46d0013be51384225d934423c5f26444ddf4 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 11:28:56 -0700 Subject: [PATCH 060/278] fix service enablement --- stack.sh | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 50a4bcf..8e871de 100755 --- a/stack.sh +++ b/stack.sh @@ -250,8 +250,11 @@ rm -f $GLANCE_DIR/glance.sqlite # nova api crashes if we start it with a regular screen command, # so send the start command by forcing text into the window. function screen_it { - screen -S nova -X screen -t $1 - screen -S nova -p $1 -X stuff "$2$NL" + # only run the services specified in $ENABLED_SERVICES + if [[ "$ENABLED_SERVICES" =~ "$1" ]]; then + screen -S nova -X screen -t $1 + screen -S nova -p $1 -X stuff "$2$NL" + fi } screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" From 3a0931273be9d701781d9a02ebe97f1bf4979782 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 19:01:45 +0000 Subject: [PATCH 061/278] make keystone use mysql --- files/keystone.conf | 86 +++++++++++++++++++++++++++++++++++++++++++++ stack.sh | 11 +++--- 2 files changed, 93 insertions(+), 4 deletions(-) create mode 100755 files/keystone.conf diff --git a/files/keystone.conf b/files/keystone.conf new file mode 100755 index 0000000..4e775ab --- /dev/null +++ b/files/keystone.conf @@ -0,0 +1,86 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +verbose = False + +# Show debugging output in logs (sets DEBUG log level output) +debug = False + +# Which backend store should Keystone use by default. +# Default: 'sqlite' +# Available choices are 'sqlite' [future will include LDAP, PAM, etc] +default_store = sqlite + +# Log to this file. Make sure you do not set the same log +# file for both the API and registry servers! +log_file = /opt/keystone/keystone.log + +# List of backends to be configured +backends = keystone.backends.sqlalchemy +#For LDAP support, add: ,keystone.backends.ldap + +# Dictionary Maps every service to a header.Missing services would get header +# X_(SERVICE_NAME) Key => Service Name, Value => Header Name +service-header-mappings = { + 'nova' : 'X-Server-Management-Url', + 'swift' : 'X-Storage-Url', + 'cdn' : 'X-CDN-Management-Url'} + +# Address to bind the API server +# TODO Properties defined within app not available via pipeline. +service_host = 0.0.0.0 + +# Port the bind the API server to +service_port = 5000 + +# Address to bind the Admin API server +admin_host = 0.0.0.0 + +# Port the bind the Admin API server to +admin_port = 5001 + +#Role that allows to perform admin operations. +keystone-admin-role = Admin + +#Role that allows to perform service admin operations. +keystone-service-admin-role = KeystoneServiceAdmin + +[keystone.backends.sqlalchemy] +# SQLAlchemy connection string for the reference implementation registry +# server. Any valid SQLAlchemy connection string is fine. +# See: http://bit.ly/ideIpI +#sql_connection = sqlite:///keystone.db +sql_connection = mysql://root:nova@localhost/keystone +backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', + 'User', 'Credentials', 'EndpointTemplates', 'Token', + 'Service'] + +# Period in seconds after which SQLAlchemy should reestablish its connection +# to the database. +sql_idle_timeout = 30 + +[pipeline:admin] +pipeline = + urlrewritefilter + admin_api + +[pipeline:keystone-legacy-auth] +pipeline = + urlrewritefilter + legacy_auth + RAX-KEY-extension + service_api + +[app:service_api] +paste.app_factory = keystone.server:service_app_factory + +[app:admin_api] +paste.app_factory = keystone.server:admin_app_factory + +[filter:urlrewritefilter] +paste.filter_factory = keystone.middleware.url:filter_factory + +[filter:legacy_auth] +paste.filter_factory = keystone.frontends.legacy_token_auth:filter_factory + +[filter:RAX-KEY-extension] +paste.filter_factory = keystone.contrib.extensions.service.raxkey.frontend:filter_factory diff --git a/stack.sh b/stack.sh index 8e871de..d8ad2b1 100755 --- a/stack.sh +++ b/stack.sh @@ -222,12 +222,15 @@ mkdir -p $NOVA_DIR/networks # (re)create nova database mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;' +mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true +mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' $NOVA_DIR/bin/nova-manage db sync +# FIXME (anthony) keystone should use keystone.conf.example +KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf +cp $DIR/files/keystone.conf $KEYSTONE_CONF + # initialize keystone with default users/endpoints -rm -f /opt/keystone/keystone.db -# FIXME keystone creates a keystone.log wherever you run it from (bugify) -cd /tmp BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh # create a small network @@ -261,7 +264,7 @@ screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.con screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" # keystone drops a keystone.log where if it is run, so change the path to # where it can write -screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_DIR/etc/keystone.conf" +screen_it key "cd /tmp; $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" screen_it n-api "$NOVA_DIR/bin/nova-api" screen_it n-cpu "$NOVA_DIR/bin/nova-compute" screen_it n-net "$NOVA_DIR/bin/nova-network" From dfcd2003481a3f312ab0120f9308aa75a8f708c9 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 13 Sep 2011 13:17:22 -0700 Subject: [PATCH 062/278] update docs --- stack.sh | 61 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 32 insertions(+), 29 deletions(-) diff --git a/stack.sh b/stack.sh index d8ad2b1..0f83fb5 100755 --- a/stack.sh +++ b/stack.sh @@ -124,18 +124,13 @@ sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it sudo /etc/init.d/libvirt-bin restart -# FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded? +## FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded? -# setup nova instance directory -mkdir -p $NOVA_DIR/instances +# add useful screenrc +cp $DIR/files/screenrc ~/.screenrc + +# TODO: update current user to allow sudo for all commands in files/sudo/* -# if there is a partition labeled nova-instances use it (ext filesystems -# can be labeled via e2label) -# FIXME: if already mounted this blows up... -if [ -L /dev/disk/by-label/nova-instances ]; then - sudo mount -L nova-instances $NOVA_DIR/instances - sudo chown -R `whoami` $NOVA_DIR/instances -fi # Dashboard # --------- @@ -153,36 +148,37 @@ cd $DASH_DIR/openstack-dashboard cp local/local_settings.py.example local/local_settings.py dashboard/manage.py syncdb -# setup apache -# create an empty directory to use as our +# create an empty directory that apache uses as docroot mkdir $DASH_DIR/.blackhole -# FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it +## FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /tmp/000-default sudo mv /tmp/000-default /etc/apache2/sites-enabled -# ``python setup.py develop`` left some files owned by root in $DASH_DIR and +# ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and # others by the original owner. We need to change the owner to apache so # dashboard can run sudo chown -R www-data:www-data $DASH_DIR + # Glance # ------ +# Glance uses ``/var/lib/glance`` and ``/var/log/glance`` by default, so +# we need to insure that our user has permissions to use them. sudo mkdir -p /var/log/glance -sudo chown `whoami` /var/log/glance +sudo chown -R `whoami` /var/log/glance +sudo mkdir -p /var/lib/glance +sudo chown -R `whoami` /var/lib/glance -# add useful screenrc -cp $DIR/files/screenrc ~/.screenrc +# Delete existing images/database as glance will recreate the db on startup +rm -rf /var/lib/glance/images/* +rm -f $GLANCE_DIR/glance.sqlite -# TODO: update current user to allow sudo for all commands in files/sudo/* # Nova # ---- -NL=`echo -ne '\015'` - - function add_nova_flag { echo "$1" >> $NOVA_DIR/bin/nova.conf } @@ -211,6 +207,17 @@ fi screen -d -m -S nova -t nova sleep 1 +# setup nova instance directory +mkdir -p $NOVA_DIR/instances + +# if there is a partition labeled nova-instances use it (ext filesystems +# can be labeled via e2label) +## FIXME: if already mounted this blows up... +if [ -L /dev/disk/by-label/nova-instances ]; then + sudo mount -L nova-instances $NOVA_DIR/instances + sudo chown -R `whoami` $NOVA_DIR/instances +fi + # Clean out the instances directory rm -rf $NOVA_DIR/instances/* @@ -239,21 +246,17 @@ $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE -# delete existing glance images/database. Glance will recreate the db -# when it is ran. -# FIXME: configure glance not to shove files in /var/lib/glance? -sudo mkdir -p /var/lib/glance -sudo chown -R `whoami` /var/lib/glance -rm -rf /var/lib/glance/images/* -rm -f $GLANCE_DIR/glance.sqlite # Launch Services # =============== # nova api crashes if we start it with a regular screen command, # so send the start command by forcing text into the window. +# Only run the services specified in ``ENABLED_SERVICES`` + +NL=`echo -ne '\015'` + function screen_it { - # only run the services specified in $ENABLED_SERVICES if [[ "$ENABLED_SERVICES" =~ "$1" ]]; then screen -S nova -X screen -t $1 screen -S nova -p $1 -X stuff "$2$NL" From 0017c8f9d51553d7f19d931b313931d78fea526b Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 13 Sep 2011 15:37:50 -0500 Subject: [PATCH 063/278] Add munin to stack --- apts/general | 1 + stack.sh | 30 +++++++++++++++++++++++++++++- 2 files changed, 30 insertions(+), 1 deletion(-) diff --git a/apts/general b/apts/general index 57506f4..eb37e9a 100644 --- a/apts/general +++ b/apts/general @@ -10,3 +10,4 @@ lsof # useful when debugging openssh-server vim-nox locate # useful when debugging +munin diff --git a/stack.sh b/stack.sh index 72c056f..22874d9 100755 --- a/stack.sh +++ b/stack.sh @@ -34,6 +34,7 @@ KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient API_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC +MUNIN_DIR=$DEST/openstack-munin # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then @@ -101,12 +102,15 @@ git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. git_clone https://github.com/cloudbuilders/openstackx.git $API_DIR +# openstack-munin is a collection of munin plugins for monitoring the stack +git_clone https://github.com/cloudbuilders/openstack-munin.git $MUNIN_DIR # Initialization # ============== # setup our checkouts so they are installed into python path # allowing ``import nova`` or ``import glance.client`` +cd $NOVA_DIR; sudo python setup.py develop cd $NOVACLIENT_DIR; sudo python setup.py develop cd $KEYSTONE_DIR; sudo python setup.py develop cd $GLANCE_DIR; sudo python setup.py develop @@ -165,6 +169,30 @@ sudo mv /tmp/000-default /etc/apache2/sites-enabled # dashboard can run sudo chown -R www-data:www-data $DASH_DIR +# Munin +# ----- + +# allow connections from other hosts +sudo sed -i -e '/Allow from localhost/s/localhost.*$/all/' /etc/munin/apache.conf + +cat >/tmp/nova < Date: Tue, 13 Sep 2011 15:16:26 -0700 Subject: [PATCH 064/278] separate out keystone config --- stack.sh | 19 ++++++++++++------- 1 file changed, 12 insertions(+), 7 deletions(-) diff --git a/stack.sh b/stack.sh index 0f83fb5..0f49965 100755 --- a/stack.sh +++ b/stack.sh @@ -229,9 +229,20 @@ mkdir -p $NOVA_DIR/networks # (re)create nova database mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;' +$NOVA_DIR/bin/nova-manage db sync + +# create a small network +$NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 + +# create some floating ips +$NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE + +# Keystone +# -------- + +# (re)create keystone database mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' -$NOVA_DIR/bin/nova-manage db sync # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf @@ -240,12 +251,6 @@ cp $DIR/files/keystone.conf $KEYSTONE_CONF # initialize keystone with default users/endpoints BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh -# create a small network -$NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 - -# create some floating ips -$NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE - # Launch Services # =============== From 76d5dc77654010bd5411ff21db634829b6f0cc03 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 17:00:00 -0700 Subject: [PATCH 065/278] comments, and fix the sed expression for 000-default --- build_lxc.sh | 1 + stack.sh | 6 +++--- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 4b10afc..e3765db 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -99,6 +99,7 @@ su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack su -c "cd ~/nfs-stack && ./stack.sh" stack EOF +# Make the install.sh executable chmod 700 $INSTALL_SH # Make installer run on boot diff --git a/stack.sh b/stack.sh index 0f49965..963bdff 100755 --- a/stack.sh +++ b/stack.sh @@ -151,9 +151,9 @@ dashboard/manage.py syncdb # create an empty directory that apache uses as docroot mkdir $DASH_DIR/.blackhole -## FIXME(ja): can't figure out how to make $DASH_DIR work in sed, also install to available/a2e it -cat $DIR/files/000-default.template | sed 's/%DASH_DIR%/\/opt\/dash/g' > /tmp/000-default -sudo mv /tmp/000-default /etc/apache2/sites-enabled +## Configure apache's 000-default to run dashboard +sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default +sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i $/etc/apache2/sites-enabled/000-default # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and # others by the original owner. We need to change the owner to apache so From 4da668650728a80d775b2f45650a2b233a323011 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 17:08:12 -0700 Subject: [PATCH 066/278] fix typo in 000-default config --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 963bdff..7562a62 100755 --- a/stack.sh +++ b/stack.sh @@ -153,7 +153,7 @@ mkdir $DASH_DIR/.blackhole ## Configure apache's 000-default to run dashboard sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default -sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i $/etc/apache2/sites-enabled/000-default +sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and # others by the original owner. We need to change the owner to apache so From b6838a1cec36568912739a56d655ead2a9765100 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 17:13:32 -0700 Subject: [PATCH 067/278] make glance use mysql --- files/glance-registry.conf | 67 ++++++++++++++++++++++++++++++++++++++ stack.sh | 7 ++-- 2 files changed, 72 insertions(+), 2 deletions(-) create mode 100644 files/glance-registry.conf diff --git a/files/glance-registry.conf b/files/glance-registry.conf new file mode 100644 index 0000000..cefb4d9 --- /dev/null +++ b/files/glance-registry.conf @@ -0,0 +1,67 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +verbose = True + +# Show debugging output in logs (sets DEBUG log level output) +debug = False + +# Address to bind the registry server +bind_host = 0.0.0.0 + +# Port the bind the registry server to +bind_port = 9191 + +# Log to this file. Make sure you do not set the same log +# file for both the API and registry servers! +log_file = /var/log/glance/registry.log + +# Send logs to syslog (/dev/log) instead of to file specified by `log_file` +use_syslog = False + +# SQLAlchemy connection string for the reference implementation +# registry server. Any valid SQLAlchemy connection string is fine. +# See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine +sql_connection = mysql://root:nova@localhost/glance + +# Period in seconds after which SQLAlchemy should reestablish its connection +# to the database. +# +# MySQL uses a default `wait_timeout` of 8 hours, after which it will drop +# idle connections. This can result in 'MySQL Gone Away' exceptions. If you +# notice this, you can lower this value to ensure that SQLAlchemy reconnects +# before MySQL can drop the connection. +sql_idle_timeout = 3600 + +# Limit the api to return `param_limit_max` items in a call to a container. If +# a larger `limit` query param is provided, it will be reduced to this value. +api_limit_max = 1000 + +# If a `limit` query param is not provided in an api request, it will +# default to `limit_param_default` +limit_param_default = 25 + +[pipeline:glance-registry] +pipeline = context registryapp +# NOTE: use the following pipeline for keystone +# pipeline = authtoken keystone_shim context registryapp + +[app:registryapp] +paste.app_factory = glance.registry.server:app_factory + +[filter:context] +context_class = glance.registry.context.RequestContext +paste.filter_factory = glance.common.context:filter_factory + +[filter:authtoken] +paste.filter_factory = keystone.middleware.auth_token:filter_factory +service_protocol = http +service_host = 127.0.0.1 +service_port = 5000 +auth_host = 127.0.0.1 +auth_port = 5001 +auth_protocol = http +auth_uri = http://127.0.0.1:5000/ +admin_token = 999888777666 + +[filter:keystone_shim] +paste.filter_factory = keystone.middleware.glance_auth_token:filter_factory diff --git a/stack.sh b/stack.sh index 7562a62..7eadf26 100755 --- a/stack.sh +++ b/stack.sh @@ -173,8 +173,11 @@ sudo chown -R `whoami` /var/lib/glance # Delete existing images/database as glance will recreate the db on startup rm -rf /var/lib/glance/images/* -rm -f $GLANCE_DIR/glance.sqlite - +# (re)create glance database +mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true +mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE glance;' +# Copy over our glance-registry.conf +cp $DIR/files/glance-registry.conf $GLANCE_DIR/etc/glance-registry.conf # Nova # ---- From 5d4843cfebadd57bf86f8291cd9c87a00bf5862b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 17:22:18 -0700 Subject: [PATCH 068/278] add some sudo's to dashboard setup, so that the script can handle consecutive runs of stack.sh without hitting permisisons issues --- stack.sh | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/stack.sh b/stack.sh index 7eadf26..ded8ed9 100755 --- a/stack.sh +++ b/stack.sh @@ -140,16 +140,16 @@ cp $DIR/files/screenrc ~/.screenrc # Dash currently imports quantum even if you aren't using it. Instead # of installing quantum we can create a simple module that will pass the # initial imports -mkdir $DASH_DIR/openstack-dashboard/quantum || true -touch $DASH_DIR/openstack-dashboard/quantum/__init__.py -touch $DASH_DIR/openstack-dashboard/quantum/client.py +sudo mkdir -p $DASH_DIR/openstack-dashboard/quantum || true +sudo touch $DASH_DIR/openstack-dashboard/quantum/__init__.py +sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py cd $DASH_DIR/openstack-dashboard -cp local/local_settings.py.example local/local_settings.py +sudo cp local/local_settings.py.example local/local_settings.py dashboard/manage.py syncdb # create an empty directory that apache uses as docroot -mkdir $DASH_DIR/.blackhole +sudo mkdir -p $DASH_DIR/.blackhole ## Configure apache's 000-default to run dashboard sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default From 963d2eb1c63a33c95a9d2257c07fee37967042e5 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 17:29:02 -0700 Subject: [PATCH 069/278] update usage comment --- stack.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/stack.sh b/stack.sh index ded8ed9..e0250bb 100755 --- a/stack.sh +++ b/stack.sh @@ -12,6 +12,7 @@ # ./stack.sh # # or run on a single line ``MYSQL_PASS=simple ./stack.sh`` +# or simply ``./stack.sh`` # This script exits on an error so that errors don't compound and you see # only the first error that occured. From 79918c54fa28dbc9eb6f5679c46418f6d649f2d7 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 19:43:14 -0700 Subject: [PATCH 070/278] configure mysql password for keystone and glance --- files/glance-registry.conf | 2 +- files/keystone.conf | 2 +- stack.sh | 5 ++++- 3 files changed, 6 insertions(+), 3 deletions(-) mode change 100755 => 100644 files/keystone.conf diff --git a/files/glance-registry.conf b/files/glance-registry.conf index cefb4d9..252702c 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -21,7 +21,7 @@ use_syslog = False # SQLAlchemy connection string for the reference implementation # registry server. Any valid SQLAlchemy connection string is fine. # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://root:nova@localhost/glance +sql_connection = mysql://root:%MYSQL_PASS%@localhost/glance # Period in seconds after which SQLAlchemy should reestablish its connection # to the database. diff --git a/files/keystone.conf b/files/keystone.conf old mode 100755 new mode 100644 index 4e775ab..5923c85 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -49,7 +49,7 @@ keystone-service-admin-role = KeystoneServiceAdmin # server. Any valid SQLAlchemy connection string is fine. # See: http://bit.ly/ideIpI #sql_connection = sqlite:///keystone.db -sql_connection = mysql://root:nova@localhost/keystone +sql_connection = mysql://root:%MYSQL_PASS%@localhost/keystone backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Credentials', 'EndpointTemplates', 'Token', 'Service'] diff --git a/stack.sh b/stack.sh index e0250bb..62198b2 100755 --- a/stack.sh +++ b/stack.sh @@ -178,7 +178,9 @@ rm -rf /var/lib/glance/images/* mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf -cp $DIR/files/glance-registry.conf $GLANCE_DIR/etc/glance-registry.conf +$GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf +cp $DIR/files/glance-registry.conf $GLANCE_CONF +sudo sed -e "s,%MYSQL_PASS%,$MYSQL_PASS,g" -i $GLANCE_CONF # Nova # ---- @@ -251,6 +253,7 @@ mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf cp $DIR/files/keystone.conf $KEYSTONE_CONF +sudo sed -e "s,%MYSQL_PASS%,$MYSQL_PASS,g" -i $KEYSTONE_CONF # initialize keystone with default users/endpoints BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh From af9de3d56a6e8da0f328a8a76abfe1999e2ca23c Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 19:45:18 -0700 Subject: [PATCH 071/278] xtra $ --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 62198b2..4d54c3d 100755 --- a/stack.sh +++ b/stack.sh @@ -178,7 +178,7 @@ rm -rf /var/lib/glance/images/* mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf -$GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf +GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $DIR/files/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%MYSQL_PASS%,$MYSQL_PASS,g" -i $GLANCE_CONF From c6da0833a9aea59697e4b52c48bb92b545b0197e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 19:48:12 -0700 Subject: [PATCH 072/278] remove xtra space --- stack.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/stack.sh b/stack.sh index 4d54c3d..30574d0 100755 --- a/stack.sh +++ b/stack.sh @@ -308,4 +308,3 @@ tar -zxf $DEST/tty.tgz glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < aki-tty/image glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < ari-tty/image glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < ami-tty/image - From a841644e988415502831f17d1b34b0ad74d4c2c9 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 20:07:44 -0700 Subject: [PATCH 073/278] progress on multi-host stack.sh --- files/glance-registry.conf | 2 +- files/keystone.conf | 2 +- stack.sh | 23 ++++++++++++++++------- 3 files changed, 18 insertions(+), 9 deletions(-) diff --git a/files/glance-registry.conf b/files/glance-registry.conf index 252702c..ea2cf1d 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -21,7 +21,7 @@ use_syslog = False # SQLAlchemy connection string for the reference implementation # registry server. Any valid SQLAlchemy connection string is fine. # See: http://www.sqlalchemy.org/docs/05/reference/sqlalchemy/connections.html#sqlalchemy.create_engine -sql_connection = mysql://root:%MYSQL_PASS%@localhost/glance +sql_connection = %SQL_CONN% # Period in seconds after which SQLAlchemy should reestablish its connection # to the database. diff --git a/files/keystone.conf b/files/keystone.conf index 5923c85..622b87d 100644 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -49,7 +49,7 @@ keystone-service-admin-role = KeystoneServiceAdmin # server. Any valid SQLAlchemy connection string is fine. # See: http://bit.ly/ideIpI #sql_connection = sqlite:///keystone.db -sql_connection = mysql://root:%MYSQL_PASS%@localhost/keystone +sql_connection = %SQL_CONN% backend_entities = ['UserRoleAssociation', 'Endpoints', 'Role', 'Tenant', 'User', 'Credentials', 'EndpointTemplates', 'Token', 'Service'] diff --git a/stack.sh b/stack.sh index 30574d0..993cb98 100755 --- a/stack.sh +++ b/stack.sh @@ -35,6 +35,8 @@ KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient API_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC + +# Specify which services to launch. These generally correspond to screen tabs ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable @@ -47,6 +49,7 @@ INTERFACE=${INTERFACE:-eth0} FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} NET_MAN=${NET_MAN:-VlanManager} +EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an @@ -56,11 +59,14 @@ NET_MAN=${NET_MAN:-VlanManager} # Nova hypervisor configuration LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} - -# TODO: switch to mysql for all services +# Mysql connection info MYSQL_PASS=${MYSQL_PASS:-nova} -SQL_CONN=${SQL_CONN:-mysql://root:$MYSQL_PASS@localhost/nova} -# TODO: set rabbitmq conn string explicitly as well +MYSQL_HOST=${MYSQL_HOST:-localhost} +# don't specify /db in this string, so we can use it for multiple services +BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://root:$MYSQL_PASS@$MYSQL_HOST} + +# Rabbit connection info +RABBIT_HOST=${RABBIT_HOST:-localhost} # Install Packages # ================ @@ -180,7 +186,7 @@ mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $DIR/files/glance-registry.conf $GLANCE_CONF -sudo sed -e "s,%MYSQL_PASS%,$MYSQL_PASS,g" -i $GLANCE_CONF +sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF # Nova # ---- @@ -198,13 +204,16 @@ add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" add_nova_flag "--my_ip=$HOST_IP" add_nova_flag "--public_interface=$INTERFACE" add_nova_flag "--vlan_interface=$INTERFACE" -add_nova_flag "--sql_connection=$SQL_CONN" +add_nova_flag "--sql_connection=$BASE_SQL_CONN/nova" add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" add_nova_flag "--image_service=nova.image.glance.GlanceImageService" +add_nova_flag "--image_service=nova.image.glance.GlanceImageService" +add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" +add_nova_flag "--rabbit_host=$RABBIT_HOST" if [ -n "$FLAT_INTERFACE" ]; then add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi @@ -253,7 +262,7 @@ mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf cp $DIR/files/keystone.conf $KEYSTONE_CONF -sudo sed -e "s,%MYSQL_PASS%,$MYSQL_PASS,g" -i $KEYSTONE_CONF +sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone,g" -i $KEYSTONE_CONF # initialize keystone with default users/endpoints BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh From fdaf21a5e6da9e0e6b61598301c02551793ab79d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 20:11:42 -0700 Subject: [PATCH 074/278] configurable mysql user --- stack.sh | 15 ++++++++------- 1 file changed, 8 insertions(+), 7 deletions(-) diff --git a/stack.sh b/stack.sh index 993cb98..64c97da 100755 --- a/stack.sh +++ b/stack.sh @@ -61,9 +61,10 @@ LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} # Mysql connection info MYSQL_PASS=${MYSQL_PASS:-nova} +MYSQL_USER=${MYSQL_USER:-root} MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services -BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://root:$MYSQL_PASS@$MYSQL_HOST} +BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} # Rabbit connection info RABBIT_HOST=${RABBIT_HOST:-localhost} @@ -181,8 +182,8 @@ sudo chown -R `whoami` /var/lib/glance # Delete existing images/database as glance will recreate the db on startup rm -rf /var/lib/glance/images/* # (re)create glance database -mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true -mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE glance;' +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $DIR/files/glance-registry.conf $GLANCE_CONF @@ -242,8 +243,8 @@ rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks # (re)create nova database -mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true -mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE nova;' +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE nova;' $NOVA_DIR/bin/nova-manage db sync # create a small network @@ -256,8 +257,8 @@ $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE # -------- # (re)create keystone database -mysql -uroot -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true -mysql -uroot -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE keystone;' || true +mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE keystone;' # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf From 1c36464615fd4b12ec6b3141d3d0173eac64bf75 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 20:21:42 -0700 Subject: [PATCH 075/278] allow role configuration for multi-host lxc --- build_lxc.sh | 13 ++++++++----- stack.sh | 2 +- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index e3765db..97dd594 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -9,6 +9,9 @@ CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} NAMESERVER=${NAMESERVER:-192.168.1.1} COPYENV=${COPYENV:-1} +# Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" +STACKSH_PARAMS=${STACKSH_PARAMS:-} + # Create lxc configuration LXC_CONF=/tmp/$CONTAINER.conf cat > $LXC_CONF < $INSTALL_SH < /etc/rc.local # Make sure dns is set up echo "nameserver $NAMESERVER" | resolvconf -a eth0 sleep 1 @@ -95,8 +96,10 @@ sleep 1 # Install and run stack.sh apt-get update apt-get -y --force-yes install git-core vim-nox sudo -su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack -su -c "cd ~/nfs-stack && ./stack.sh" stack +if [ ! -d "~/nfs-stack" ] + su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack +fi +su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack EOF # Make the install.sh executable diff --git a/stack.sh b/stack.sh index 64c97da..0f6ea96 100755 --- a/stack.sh +++ b/stack.sh @@ -60,8 +60,8 @@ EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} # Mysql connection info -MYSQL_PASS=${MYSQL_PASS:-nova} MYSQL_USER=${MYSQL_USER:-root} +MYSQL_PASS=${MYSQL_PASS:-nova} MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} From 4f27922342ca274799a0f150fc28d4e0a59541b3 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 21:51:28 -0700 Subject: [PATCH 076/278] cleanup output --- build_lxc.sh | 19 ++++++++++++++----- 1 file changed, 14 insertions(+), 5 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 97dd594..a81aa2d 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/usr/bin/env bash # Configurable params BRIDGE=${BRIDGE:-br0} CONTAINER=${CONTAINER:-STACK} @@ -12,6 +12,11 @@ COPYENV=${COPYENV:-1} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" STACKSH_PARAMS=${STACKSH_PARAMS:-} +# Install cgroup-bin if we don't have it yet +if ! which cgdelete | grep -q cgdelete; then + apt-get install cgroup-bin +fi + # Create lxc configuration LXC_CONF=/tmp/$CONTAINER.conf cat > $LXC_CONF < $RC_LOCAL < Date: Tue, 13 Sep 2011 22:09:36 -0700 Subject: [PATCH 077/278] make a cp_it cp wrapper --- build_lxc.sh | 28 +++++++++++++++++----------- 1 file changed, 17 insertions(+), 11 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index a81aa2d..f7536d4 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -67,13 +67,19 @@ echo stack:pass | chroot $ROOTFS chpasswd # stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers +function cp_it { + if [ -e $1 ] || [ -d $1 ]; then + cp -pr $1 $2 + fi +} + # Copy over your ssh keys and env if desired if [ "$COPYENV" = "1" ]; then - cp -pr ~/.ssh $ROOTFS/opt/.ssh - cp -p ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys - cp -pr ~/.gitconfig $ROOTFS/opt/.gitconfig - cp -pr ~/.vimrc $ROOTFS/opt/.vimrc - cp -pr ~/.bashrc $ROOTFS/opt/.bashrc + cp_it ~/.ssh $ROOTFS/opt/.ssh + cp_it ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys + cp_it ~/.gitconfig $ROOTFS/opt/.gitconfig + cp_it ~/.vimrc $ROOTFS/opt/.vimrc + cp_it ~/.bashrc $ROOTFS/opt/.bashrc fi # Give stack ownership over /opt so it may do the work needed @@ -93,8 +99,8 @@ iface eth0 inet static EOF # Configure the runner -INSTALL_SH=$ROOTFS/root/install.sh -cat > $INSTALL_SH < $RUN_SH < $RC_LOCAL < Date: Tue, 13 Sep 2011 22:14:37 -0700 Subject: [PATCH 078/278] add comment --- build_lxc.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/build_lxc.sh b/build_lxc.sh index f7536d4..657dd8a 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -67,6 +67,7 @@ echo stack:pass | chroot $ROOTFS chpasswd # stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers +# Gracefully cp only if source file/dir exists function cp_it { if [ -e $1 ] || [ -d $1 ]; then cp -pr $1 $2 From 190321ea45ce9617cee41a54a19a72d092813395 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 23:21:29 -0700 Subject: [PATCH 079/278] install deps --- build_lxc.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 657dd8a..c019d7e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -12,9 +12,17 @@ COPYENV=${COPYENV:-1} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" STACKSH_PARAMS=${STACKSH_PARAMS:-} -# Install cgroup-bin if we don't have it yet +# Install deps +apt-get install lxc debootstrap + +# Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup if ! which cgdelete | grep -q cgdelete; then - apt-get install cgroup-bin + apt-get install g++ bison flex libpam0g-dev + wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 + cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2 && tar xfv libcgroup-0.37.1.tar + cd libcgroup-0.37.1 + ./configure + make install fi # Create lxc configuration From 936c9280ea8c94a5029382cb693370dcf655fb2c Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 23:36:43 -0700 Subject: [PATCH 080/278] warn users to use natty --- build_lxc.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index c019d7e..54ee375 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -12,6 +12,11 @@ COPYENV=${COPYENV:-1} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" STACKSH_PARAMS=${STACKSH_PARAMS:-} +# Warn users who aren't on natty +if ! grep -q natty /etc/lsb-release; then + echo "WARNING: this script has only been tested on natty" +fi + # Install deps apt-get install lxc debootstrap From ef7f36b711424d3763aa779abc4228ce6a67595e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 13 Sep 2011 23:43:09 -0700 Subject: [PATCH 081/278] let the container start on reboot --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 54ee375..c0e33d6 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -123,7 +123,7 @@ sleep 1 # Install and run stack.sh apt-get update apt-get -y --force-yes install git-core vim-nox sudo -if [ ! -d "~/nfs-stack" ] +if [ ! -d "~/nfs-stack" ]; then su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack fi su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack From 77dbb07959088a84f8c552bf06a56c904f1553ff Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 00:49:39 -0700 Subject: [PATCH 082/278] default nameserver to gateway --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index c0e33d6..d1f8aff 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -6,7 +6,7 @@ CONTAINER_IP=${CONTAINER_IP:-192.168.1.50} CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24} CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} -NAMESERVER=${NAMESERVER:-192.168.1.1} +NAMESERVER=${NAMESERVER:-$CONTAINER_GATEWAY} COPYENV=${COPYENV:-1} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" From 17348108b3842a11d4f188459beacce4348ea4c4 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 00:56:18 -0700 Subject: [PATCH 083/278] keep a log for the runner --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index d1f8aff..ce9a45e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -126,7 +126,7 @@ apt-get -y --force-yes install git-core vim-nox sudo if [ ! -d "~/nfs-stack" ]; then su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack fi -su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack +su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack >> /opt/run.sh.log EOF # Make the run.sh executable From 80638e545f8b2990b219ad8be891fe9c0ccfacca Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 01:29:05 -0700 Subject: [PATCH 084/278] progress on multi-host lxc --- build_lxc.sh | 2 +- stack.sh | 3 +++ 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index ce9a45e..63c9e50 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -126,7 +126,7 @@ apt-get -y --force-yes install git-core vim-nox sudo if [ ! -d "~/nfs-stack" ]; then su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack fi -su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack >> /opt/run.sh.log +nohup su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack &> /opt/run.sh.log EOF # Make the run.sh executable diff --git a/stack.sh b/stack.sh index 0f6ea96..62f813a 100755 --- a/stack.sh +++ b/stack.sh @@ -168,6 +168,9 @@ sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default # dashboard can run sudo chown -R www-data:www-data $DASH_DIR +# Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: +sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf +sudo service mysql restart # Glance # ------ From d74d681d3f9eb013838dd1a0935873f46f8b373e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 01:35:54 -0700 Subject: [PATCH 085/278] fix check for nfs-stack existence --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 63c9e50..9f133fd 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -123,7 +123,7 @@ sleep 1 # Install and run stack.sh apt-get update apt-get -y --force-yes install git-core vim-nox sudo -if [ ! -d "~/nfs-stack" ]; then +if [ ! -d "/opt/nfs-stack" ]; then su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack fi nohup su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack &> /opt/run.sh.log From 927a656ac2835610349af64e251af9d2bc85c489 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 01:58:01 -0700 Subject: [PATCH 086/278] more work on multi-lxc --- build_lxc.sh | 5 ++++- stack.sh | 2 +- 2 files changed, 5 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 9f133fd..4987193 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -120,13 +120,16 @@ cat > $RUN_SH < /opt/run.sh.log +su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack &> /opt/run.sh.log EOF # Make the run.sh executable diff --git a/stack.sh b/stack.sh index 62f813a..88e779c 100755 --- a/stack.sh +++ b/stack.sh @@ -37,7 +37,7 @@ API_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC # Specify which services to launch. These generally correspond to screen tabs -ENABLED_SERVICES=g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash +ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash} # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then From 005abf03c72e35c9b68704b7dbbcbead3b38afd3 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 02:15:48 -0700 Subject: [PATCH 087/278] no need to run in bg --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 4987193..d43d8fd 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -129,7 +129,7 @@ apt-get -y --force-yes install git-core vim-nox sudo if [ ! -d "/opt/nfs-stack" ]; then su -c "git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack" stack fi -su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack &> /opt/run.sh.log +su -c "cd ~/nfs-stack && $STACKSH_PARAMS ./stack.sh" stack > /opt/run.sh.log EOF # Make the run.sh executable From 3859f7376044fa918a2c0621fa60895692a913ea Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 02:33:43 -0700 Subject: [PATCH 088/278] pre-cache git repos, add mysql perms --- build_lxc.sh | 9 ++++++++- stack.sh | 5 ++++- 2 files changed, 12 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index d43d8fd..940fcae 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -51,12 +51,19 @@ fi # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR ]; then +if [ -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat pips/*` + git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova + git clone https://github.com/cloudbuilders/openstackx.git $CACHEDIR/opt/openstackx + git clone https://github.com/cloudbuilders/noVNC.git $CACHEDIR/opt/noVNC + git clone https://github.com/cloudbuilders/openstack-dashboard.git $CACHEDIR/opt/dash + git clone https://github.com/cloudbuilders/python-novaclient.git $CACHEDIR/opt/python-novaclient + git clone https://github.com/cloudbuilders/keystone.git $CACHEDIR/opt/keystone + git clone https://github.com/cloudbuilders/glance.git $CACHEDIR/opt/glance fi # Destroy the old container diff --git a/stack.sh b/stack.sh index 88e779c..41bcdf2 100755 --- a/stack.sh +++ b/stack.sh @@ -60,7 +60,7 @@ EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} # Mysql connection info -MYSQL_USER=${MYSQL_USER:-root} +MYSQL_USER=${MYSQL_USER:-nova} MYSQL_PASS=${MYSQL_PASS:-nova} MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services @@ -168,6 +168,9 @@ sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default # dashboard can run sudo chown -R www-data:www-data $DASH_DIR +# Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: +sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' WITH GRANT OPTION;" + # Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf sudo service mysql restart From 320412b24fcd321756795767ae6d05c839c9432e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 02:39:10 -0700 Subject: [PATCH 089/278] root user for mysql --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 41bcdf2..9cca50f 100755 --- a/stack.sh +++ b/stack.sh @@ -60,7 +60,7 @@ EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} # Mysql connection info -MYSQL_USER=${MYSQL_USER:-nova} +MYSQL_USER=${MYSQL_USER:-root} MYSQL_PASS=${MYSQL_PASS:-nova} MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services From 56e6292e1f6d11d5e2901262d30d9dcdf5d5f1ee Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 02:54:27 -0700 Subject: [PATCH 090/278] run entire run script as stack user --- build_lxc.sh | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 940fcae..88a7443 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -120,33 +120,33 @@ iface eth0 inet static EOF # Configure the runner -RUN_SH=$ROOTFS/root/run.sh +RUN_SH=$ROOTFS/opt/run.sh cat > $RUN_SH < /opt/run.sh.log +cd /opt/nfs-stack && $STACKSH_PARAMS ./stack.sh > /opt/run.sh.log EOF # Make the run.sh executable -chmod 700 $RUN_SH +chmod 755 $RUN_SH # Make runner launch on boot RC_LOCAL=$ROOTFS/etc/rc.local cat > $RC_LOCAL < Date: Wed, 14 Sep 2011 02:56:41 -0700 Subject: [PATCH 091/278] this command is already run by stack --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 88a7443..067ecda 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -128,7 +128,7 @@ echo "nameserver $NAMESERVER" | sudo resolvconf -a eth0 sleep 1 # Kill any existing screens -su -c "killall screen" stack +killall screen # Install and run stack.sh sudo apt-get update From 925df4c29564f6d330896adc50ce5346a7307795 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Wed, 14 Sep 2011 10:20:57 -0500 Subject: [PATCH 092/278] Auto-detect current user --- stack.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 22874d9..2e97ef0 100755 --- a/stack.sh +++ b/stack.sh @@ -177,10 +177,10 @@ sudo sed -i -e '/Allow from localhost/s/localhost.*$/all/' /etc/munin/apache.con cat >/tmp/nova < Date: Wed, 14 Sep 2011 09:40:58 -0700 Subject: [PATCH 093/278] update to allow remote mysql connections --- build_lxc.sh | 2 +- stack.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 067ecda..6efefec 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -122,7 +122,7 @@ EOF # Configure the runner RUN_SH=$ROOTFS/opt/run.sh cat > $RUN_SH < Date: Wed, 14 Sep 2011 09:55:31 -0700 Subject: [PATCH 094/278] make glance host configurable --- stack.sh | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/stack.sh b/stack.sh index 9bf08bb..ccddea1 100755 --- a/stack.sh +++ b/stack.sh @@ -69,6 +69,9 @@ BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} # Rabbit connection info RABBIT_HOST=${RABBIT_HOST:-localhost} +# Glance connection info. Note the port must be specified. +GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-0.0.0.0:9292} + # Install Packages # ================ # @@ -221,6 +224,7 @@ add_nova_flag "--image_service=nova.image.glance.GlanceImageService" add_nova_flag "--image_service=nova.image.glance.GlanceImageService" add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" add_nova_flag "--rabbit_host=$RABBIT_HOST" +add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" if [ -n "$FLAT_INTERFACE" ]; then add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi From 52d019b1d2555b97f9b7ab14207f35a890da1ded Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 10:19:24 -0700 Subject: [PATCH 095/278] remove dup flag --- stack.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/stack.sh b/stack.sh index ccddea1..a88888c 100755 --- a/stack.sh +++ b/stack.sh @@ -221,7 +221,6 @@ add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" add_nova_flag "--image_service=nova.image.glance.GlanceImageService" -add_nova_flag "--image_service=nova.image.glance.GlanceImageService" add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" add_nova_flag "--rabbit_host=$RABBIT_HOST" add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" From 40f8d16a608ef897d33f66d2d8f5cf5a80bc0562 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 14 Sep 2011 10:20:14 -0700 Subject: [PATCH 096/278] need a ! --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 6efefec..fea0e74 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -51,7 +51,7 @@ fi # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ -d $CACHEDIR ]; then +if [ ! -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update From 47e115e5c137175b792eb8588089dbf2c09a3dc7 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 14 Sep 2011 11:25:47 -0700 Subject: [PATCH 097/278] nfs-stack is now devstack --- build_lxc.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index fea0e74..babc30c 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -133,10 +133,10 @@ killall screen # Install and run stack.sh sudo apt-get update sudo apt-get -y --force-yes install git-core vim-nox sudo -if [ ! -d "/opt/nfs-stack" ]; then - git clone git://github.com/cloudbuilders/nfs-stack.git ~/nfs-stack +if [ ! -d "/opt/devstack" ]; then + git clone git://github.com/cloudbuilders/devstack.git ~/devstack fi -cd /opt/nfs-stack && $STACKSH_PARAMS ./stack.sh > /opt/run.sh.log +cd /opt/devstack && $STACKSH_PARAMS ./stack.sh > /opt/run.sh.log EOF # Make the run.sh executable From 57133cd67e5636ba5348525a49ef64db353025f2 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 14 Sep 2011 11:29:12 -0700 Subject: [PATCH 098/278] ignore ~ files --- .gitignore | 1 + 1 file changed, 1 insertion(+) diff --git a/.gitignore b/.gitignore index 2ff540d..7964faa 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1,2 @@ proto +*~ From b019151c6e992e7ac8087a83d142fc77c9a53495 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 14 Sep 2011 19:37:10 -0700 Subject: [PATCH 099/278] start to cli exercise --- exercise.sh | 24 ++++++++++++++++++++++++ 1 file changed, 24 insertions(+) create mode 100755 exercise.sh diff --git a/exercise.sh b/exercise.sh new file mode 100755 index 0000000..8dc5222 --- /dev/null +++ b/exercise.sh @@ -0,0 +1,24 @@ +#!/usr/bin/env bash + +# **exercise.sh** - using the cloud can be fun + +# we will use the ``nova`` cli tool provided by the ``python-novaclient`` +# package + +# Settings/Options +# ================ + +HOST=${HOST:-localhost} +export NOVA_PROJECT_ID=${TENANT:-admin} +export NOVA_USERNAME=${USERNAME:-admin} +export NOVA_API_KEY=${PASS:-secrete} + +# keystone is the authentication system. We use the **auth** 2.0 protocol. +# Upon successful authentication, we are return a token and catalog of +# endpoints (for openstack services) +export NOVA_URL="http://$HOST:5000/v2.0/" +export NOVA_VERSION=1.1 + +export + +nova list From b19424fb51617abf55e21497ec9af23b2471e311 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 14 Sep 2011 22:03:04 -0700 Subject: [PATCH 100/278] add docs for exercise --- exercise.sh | 54 ++++++++++++++++++++++++++++++++++++++++++----------- 1 file changed, 43 insertions(+), 11 deletions(-) diff --git a/exercise.sh b/exercise.sh index 8dc5222..d6771b0 100755 --- a/exercise.sh +++ b/exercise.sh @@ -4,21 +4,53 @@ # we will use the ``nova`` cli tool provided by the ``python-novaclient`` # package +# -# Settings/Options -# ================ + +# This script exits on an error so that errors don't compound and you see +# only the first error that occured. +set -o errexit + +# Print the commands being run so that we can see the command that triggers +# an error. It is also useful for following allowing as the install occurs. +set -o xtrace + + +# Settings +# ======== HOST=${HOST:-localhost} -export NOVA_PROJECT_ID=${TENANT:-admin} -export NOVA_USERNAME=${USERNAME:-admin} -export NOVA_API_KEY=${PASS:-secrete} - -# keystone is the authentication system. We use the **auth** 2.0 protocol. -# Upon successful authentication, we are return a token and catalog of -# endpoints (for openstack services) -export NOVA_URL="http://$HOST:5000/v2.0/" + +# Nova original used project_id as the *account* that owned resources (servers, +# ip address, ...) With the addition of Keystone we have standardized on the +# term **tenant** as the entity that owns the resources. **novaclient** still +# uses the old deprecated terms project_id. +export NOVA_PROJECT_ID=${TENANT:-demo} + +# In addition to the owning entity (tenant), nova stores the entity performing +# the action as the **user**. +export NOVA_USERNAME=${USERNAME:-demo} + +# With Keystone you pass the keystone password instead of an api key. +export NOVA_API_KEY=${PASSWORD:-secrete} + +# With the addition of Keystone, to use an openstack cloud you should +# authenticate against keystone, which returns a **Token** and **Service +# Catalog**. The catalog contains the endpoint for all services the user/tenant +# has access to - including nova, glance, keystone, swift, ... We currently +# recommend using the 2.0 *auth api*. +# +# *NOTE*: Using the 2.0 *auth api* does mean that compute api is 2.0. We will +# use the 1.1 *compute api* +export NOVA_URL=${NOVA_URL:-http://$HOST:5000/v2.0/} + +# Currently novaclient needs you to specify the *compute api* version. This +# needs to match the config of your catalog returned by Keystone. export NOVA_VERSION=1.1 -export +# Servers +# ======= + +# retreive a list of servers for our tenant nova list From 593828d4de9acc35228943c130e9880348771de6 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 14 Sep 2011 22:44:50 -0700 Subject: [PATCH 101/278] attempt to write a script that exercises nova cli --- exercise.sh | 24 +++++++++++++++++++++--- 1 file changed, 21 insertions(+), 3 deletions(-) diff --git a/exercise.sh b/exercise.sh index d6771b0..b7c42d7 100755 --- a/exercise.sh +++ b/exercise.sh @@ -49,8 +49,26 @@ export NOVA_URL=${NOVA_URL:-http://$HOST:5000/v2.0/} export NOVA_VERSION=1.1 -# Servers -# ======= +# Launching a server +# ================== -# retreive a list of servers for our tenant +# List servers for tenant: nova list + +# List of flavors: +nova flavor-list + +# Images +# ------ + +# Nova has a **deprecated** way of listing images. +nova image-list + +# But we recommend using glance directly +glance index + +# show details of the active servers:: +# +# nova show 1234 +# +nova list | grep ACTIVE | cut -d \| -f2 | xargs -n1 nova show From 187b21f874ba09ce62ca7b5ad9ab342e5aa25c13 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 09:33:37 -0700 Subject: [PATCH 102/278] fix keystone data - remove 'keystone' as it is now 'identity', comment out swift for now --- files/keystone_data.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 9f73743..dfcafb2 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -14,11 +14,10 @@ $BIN_DIR/keystone-manage $* role add Member $BIN_DIR/keystone-manage $* role grant Admin admin #endpointTemplates -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://localhost:8080/v1/AUTH_%tenant_id% http://localhost:8080/ http://localhost:8080/v1/AUTH_%tenant_id% 1 1 +# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://localhost:8080/v1/AUTH_%tenant_id% http://localhost:8080/ http://localhost:8080/v1/AUTH_%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova_compat http://localhost:8774/v1.0/ http://localhost:8774/v1.0 http://localhost:8774/v1.0 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://localhost:8080/v2.0 http://localhost:8081/v2.0 http://localhost:8080/v2.0 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://localhost:5000/v2.0 http://localhost:5001/v2.0 http://localhost:5000/v2.0 1 1 # Tokens From 70dc5e0578cd56bd0c5bd300515416ed4c4ec260 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 16:52:43 -0700 Subject: [PATCH 103/278] only run certain code if th respective service has been enabled --- stack.sh | 247 ++++++++++++++++++++++++++++++------------------------- 1 file changed, 134 insertions(+), 113 deletions(-) diff --git a/stack.sh b/stack.sh index dcd6faf..86c5cc0 100755 --- a/stack.sh +++ b/stack.sh @@ -38,7 +38,7 @@ NOVNC_DIR=$DEST/noVNC MUNIN_DIR=$DEST/openstack-munin # Specify which services to launch. These generally correspond to screen tabs -ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash} +ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit} # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then @@ -130,17 +130,6 @@ cd $API_DIR; sudo python setup.py develop cd $DASH_DIR/django-openstack; sudo python setup.py develop cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop -# attempt to load modules: kvm (hardware virt) and nbd (network block -# device - used to manage qcow images) -sudo modprobe nbd || true -sudo modprobe kvm || true -# user needs to be member of libvirtd group for nova-compute to use libvirt -sudo usermod -a -G libvirtd `whoami` -# if kvm wasn't running before we need to restart libvirt to enable it -sudo /etc/init.d/libvirt-bin restart - -## FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded? - # add useful screenrc cp $DIR/files/screenrc ~/.screenrc @@ -155,76 +144,89 @@ cp $DIR/files/screenrc ~/.screenrc # Dash currently imports quantum even if you aren't using it. Instead # of installing quantum we can create a simple module that will pass the # initial imports -sudo mkdir -p $DASH_DIR/openstack-dashboard/quantum || true -sudo touch $DASH_DIR/openstack-dashboard/quantum/__init__.py -sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py - -cd $DASH_DIR/openstack-dashboard -sudo cp local/local_settings.py.example local/local_settings.py -dashboard/manage.py syncdb - -# create an empty directory that apache uses as docroot -sudo mkdir -p $DASH_DIR/.blackhole +if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then + sudo mkdir -p $DASH_DIR/openstack-dashboard/quantum || true + sudo touch $DASH_DIR/openstack-dashboard/quantum/__init__.py + sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py + + cd $DASH_DIR/openstack-dashboard + sudo cp local/local_settings.py.example local/local_settings.py + dashboard/manage.py syncdb + + # create an empty directory that apache uses as docroot + sudo mkdir -p $DASH_DIR/.blackhole + + ## Configure apache's 000-default to run dashboard + sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default + sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default + + # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and + # others by the original owner. We need to change the owner to apache so + # dashboard can run + sudo chown -R www-data:www-data $DASH_DIR +fi -## Configure apache's 000-default to run dashboard -sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default -sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default -# ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and -# others by the original owner. We need to change the owner to apache so -# dashboard can run -sudo chown -R www-data:www-data $DASH_DIR +# Mysql +# --------- +# +if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then + # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: + sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" -# Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: -sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" + # Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: + sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf + sudo service mysql restart +fi -# Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: -sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf -sudo service mysql restart # Munin # ----- -# allow connections from other hosts -sudo sed -i -e '/Allow from localhost/s/localhost.*$/all/' /etc/munin/apache.conf -cat >/tmp/nova </tmp/nova < Date: Thu, 15 Sep 2011 20:37:29 -0700 Subject: [PATCH 104/278] initial commit of multi-node lxc --- build_lxc_multi.sh | 25 +++++++++++++++++++++++++ 1 file changed, 25 insertions(+) create mode 100755 build_lxc_multi.sh diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh new file mode 100755 index 0000000..49407d4 --- /dev/null +++ b/build_lxc_multi.sh @@ -0,0 +1,25 @@ +#!/usr/bin/env bash +# Head node host, which runs glance, api, keystone +HEAD_HOST=${HEAD_HOST:-192.168.1.52} +COMPUTE_HOSTS=${COMPUTE_HOSTS:-192.168.1.53,192.168.1.54} + +# Networking params +NAMESERVER=${NAMESERVER:-192.168.2.1} +GATEWAY=${GATEWAY:-192.168.1.1} + +# Helper to launch containers +function run_lxc { + # For some reason container names with periods can cause issues :/ + container_name=`echo $1 | sed 's/\./_/g'` + CONTAINER=$container_name CONTAINER_IP=$1 CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER STACKSH_PARAMS="$2" ./build_lxc.sh +} + +# Variables common amongst all hosts in the cluster +COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0" + +# Launch the head node +run_lxc $HEAD_HOST "$COMMON_VARS ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" +for compute_host in ${COMPUTE_HOSTS//,/ }; do + # Launch the compute hosts + run_lxc $compute_host "$COMMON_VARS ENABLED_SERVICES=n-cpu,n-net,n-api" +done From e7335c26a48d9a519e8bc83f30ca8c4c653e98e3 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 20:58:31 -0700 Subject: [PATCH 105/278] warn non-natty users --- stack.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/stack.sh b/stack.sh index 86c5cc0..13b750a 100755 --- a/stack.sh +++ b/stack.sh @@ -22,6 +22,11 @@ set -o errexit # an error. It is also useful for following allowing as the install occurs. set -o xtrace +# Warn users who aren't on natty +if ! grep -q natty /etc/lsb-release; then + echo "WARNING: this script has only been tested on natty" +fi + # Important paths: ``DIR`` is where we are executing from and ``DEST`` is # where we are installing openstack. DIR=`pwd` From 550ec96067528f5ae83000ce00a02525b41563d8 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 21:05:50 -0700 Subject: [PATCH 106/278] use full path for devstack dir --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index babc30c..212261a 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -134,7 +134,7 @@ killall screen sudo apt-get update sudo apt-get -y --force-yes install git-core vim-nox sudo if [ ! -d "/opt/devstack" ]; then - git clone git://github.com/cloudbuilders/devstack.git ~/devstack + git clone git://github.com/cloudbuilders/devstack.git /opt/devstack fi cd /opt/devstack && $STACKSH_PARAMS ./stack.sh > /opt/run.sh.log EOF From 2485906042be35d3c40506df1a28f5c407fbec29 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 15 Sep 2011 21:28:23 -0700 Subject: [PATCH 107/278] update docs / moving mysql higher --- stack.sh | 55 +++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 39 insertions(+), 16 deletions(-) diff --git a/stack.sh b/stack.sh index 13b750a..aed5615 100755 --- a/stack.sh +++ b/stack.sh @@ -2,6 +2,11 @@ # **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. +# To keep this script simple we assume you are running on an **Ubuntu 11.04 i +# Natty** machine. It should work in a VM or physical server. Additionally we +# put the list of *apt* and *pip* dependencies and other configuration files in +# this repo. So start by grabbing this script and the dependencies. + # Settings/Options # ================ @@ -23,6 +28,7 @@ set -o errexit set -o xtrace # Warn users who aren't on natty +## TODO: alter flow to exit unless the user sets environment FORCE=true if ! grep -q natty /etc/lsb-release; then echo "WARNING: this script has only been tested on natty" fi @@ -141,15 +147,29 @@ cp $DIR/files/screenrc ~/.screenrc # TODO: update current user to allow sudo for all commands in files/sudo/* +# Mysql +# --------- +# +if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then + # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: + sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" + + # Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: + sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf + sudo service mysql restart +fi + + # Dashboard # --------- # # Setup the django application to serve via apache/wsgi -# Dash currently imports quantum even if you aren't using it. Instead -# of installing quantum we can create a simple module that will pass the -# initial imports if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then + + # Dash currently imports quantum even if you aren't using it. Instead + # of installing quantum we can create a simple module that will pass the + # initial imports sudo mkdir -p $DASH_DIR/openstack-dashboard/quantum || true sudo touch $DASH_DIR/openstack-dashboard/quantum/__init__.py sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py @@ -172,22 +192,10 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then fi -# Mysql -# --------- -# -if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then - # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: - sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" - - # Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service: - sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf - sudo service mysql restart -fi - - # Munin # ----- +# Munin is accessable via apache and was configured in the dashboard section. if [[ "$ENABLED_SERVICES" =~ "munin" ]]; then # allow connections from other hosts @@ -381,3 +389,18 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < ari-tty/image glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < ami-tty/image fi + +# Using the cloud +# =============== + +# If you installed the dashboard on this server, then you should be able +# to access the site using your browser. +if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then + echo "dashboard is now available at http://$HOST_IP/" +fi + +# If keystone is present, you can point nova cli to this server +if [[ "$ENABLED_SERVICES" =~ "key" ]]; then + echo "keystone is serving at http://$HOST_IP:5000/v2.0/" + echo "examples on using novaclient command line is in exercise.sh" +fi From 7dd13d03f1b13693012ac84b8be6183f6765e779 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 15 Sep 2011 21:29:15 -0700 Subject: [PATCH 108/278] add note that we need to make sure people grab more than just stack.sh --- stack.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/stack.sh b/stack.sh index aed5615..0519fbc 100755 --- a/stack.sh +++ b/stack.sh @@ -29,6 +29,8 @@ set -o xtrace # Warn users who aren't on natty ## TODO: alter flow to exit unless the user sets environment FORCE=true +## TODO: warn user if apts, pips and other files don't exist that they +## need more than just this script if ! grep -q natty /etc/lsb-release; then echo "WARNING: this script has only been tested on natty" fi From 9337b339bffc680942e62c08594d2c96b2839ae6 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Thu, 15 Sep 2011 21:46:20 -0700 Subject: [PATCH 109/278] adding nixon --- files/dash_settings.py | 94 ++++++++++++++++++++++++++++++++++++++++++ stack.sh | 6 ++- 2 files changed, 99 insertions(+), 1 deletion(-) create mode 100644 files/dash_settings.py diff --git a/files/dash_settings.py b/files/dash_settings.py new file mode 100644 index 0000000..20442e5 --- /dev/null +++ b/files/dash_settings.py @@ -0,0 +1,94 @@ +import os + +DEBUG = True +TEMPLATE_DEBUG = DEBUG +PROD = False +USE_SSL = False + +LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) +DATABASES = { + 'default': { + 'ENGINE': 'django.db.backends.sqlite3', + 'NAME': os.path.join(LOCAL_PATH, 'dashboard_openstack.sqlite3'), + }, +} + +CACHE_BACKEND = 'dummy://' + +# Add nixon to dash installation. +INSTALLED_APPS = ( +'dashboard.nixon', +) + +# Send email to the console by default +EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' +# Or send them to /dev/null +#EMAIL_BACKEND = 'django.core.mail.backends.dummy.EmailBackend' + +# django-mailer uses a different settings attribute +MAILER_EMAIL_BACKEND = EMAIL_BACKEND + +# Configure these for your outgoing email host +# EMAIL_HOST = 'smtp.my-company.com' +# EMAIL_PORT = 25 +# EMAIL_HOST_USER = 'djangomail' +# EMAIL_HOST_PASSWORD = 'top-secret!' + + +OPENSTACK_ADMIN_TOKEN = "999888777666" +OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0/" +OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" + +# NOTE(tres): Available services should come from the service +# catalog in Keystone. +SWIFT_ENABLED = False + +# Configure quantum connection details for networking +QUANTUM_ENABLED = True +QUANTUM_URL = '127.0.0.1' +QUANTUM_PORT = '9696' +QUANTUM_TENANT = '1234' +QUANTUM_CLIENT_VERSION='0.1' + +# If you have external monitoring links +EXTERNAL_MONITORING = [ + ['Nagios','http://foo.com'], + ['Ganglia','http://bar.com'], +] + +# If you do not have external monitoring links +# EXTERNAL_MONITORING = [] + +# Uncomment the following segment to silence most logging +# django.db and boto DEBUG logging is extremely verbose. +#LOGGING = { +# 'version': 1, +# # set to True will disable all logging except that specified, unless +# # nothing is specified except that django.db.backends will still log, +# # even when set to True, so disable explicitly +# 'disable_existing_loggers': False, +# 'handlers': { +# 'null': { +# 'level': 'DEBUG', +# 'class': 'django.utils.log.NullHandler', +# }, +# 'console': { +# 'level': 'DEBUG', +# 'class': 'logging.StreamHandler', +# }, +# }, +# 'loggers': { +# # Comment or Uncomment these to turn on/off logging output +# 'django.db.backends': { +# 'handlers': ['null'], +# 'propagate': False, +# }, +# 'django_openstack': { +# 'handlers': ['null'], +# 'propagate': False, +# }, +# } +#} + +# How much ram on each compute host? +COMPUTE_HOST_RAM_GB = 16 diff --git a/stack.sh b/stack.sh index 13b750a..51ddcc5 100755 --- a/stack.sh +++ b/stack.sh @@ -35,6 +35,7 @@ DEST=/opt # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash +NIXON_DIR=$DEST/dash/openstack-dashboard/dashboard/nixon GLANCE_DIR=$DEST/glance KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient @@ -114,6 +115,8 @@ git_clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR +# add nixon, the iframing dashboard extension +git clone https://github.com/jakedahn/nixon.git $NIXON_DIR # python client library to nova that dashboard (and others) use git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR # openstackx is a collection of extensions to openstack.compute & nova @@ -155,7 +158,8 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py cd $DASH_DIR/openstack-dashboard - sudo cp local/local_settings.py.example local/local_settings.py + sudo cp $DIR/files/dash_settings.py local/local_settings.py + dashboard/manage.py syncdb # create an empty directory that apache uses as docroot From 6edd17f7c1b59ff5fe16ebd26ba735cfb4acfadb Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 15 Sep 2011 22:19:42 -0700 Subject: [PATCH 110/278] update with sanity checks --- stack.sh | 72 +++++++++++++++++++++++++++++++++++--------------------- 1 file changed, 45 insertions(+), 27 deletions(-) diff --git a/stack.sh b/stack.sh index 0519fbc..549095f 100755 --- a/stack.sh +++ b/stack.sh @@ -7,8 +7,33 @@ # put the list of *apt* and *pip* dependencies and other configuration files in # this repo. So start by grabbing this script and the dependencies. -# Settings/Options -# ================ + +# Sanity Check +# ============ + +# Warn users who aren't on natty, but allow they to override check and attempt +# installation with ``FORCE=yes ./stack`` +# +if ! grep -q natty /etc/lsb-release; then + echo "WARNING: this script has only been tested on natty" + if [[ "$FORCE" != "yes" ]]; then + echo "If you wish to run this script anyway run with FORCE=yes" + exit 1 + fi +fi + +# stack.sh keeps the list of **apt** and **pip** dependencies in files. +# Additionally we have a few config templates and other useful files useful +# installation. They are needed to be located at ``apts``, ``files`` and +# ``pips`` in the same directory as this script. +DEVSTACK=`pwd` +if [ ! -d $DEVSTACK/apts ] || [ ! -d $DEVSTACK/files ] || [ ! -d $DEVSTACK/pips ]; then + echo "ERROR: missing devstack files - did you grab more than just stack.sh?" + exit 1 +fi + +# Settings +# ======== # This script is customizable through setting environment variables. If you # want to override a setting you can either:: @@ -16,29 +41,21 @@ # export MYSQL_PASS=anothersecret # ./stack.sh # -# or run on a single line ``MYSQL_PASS=simple ./stack.sh`` -# or simply ``./stack.sh`` +# You can also pass options on a single line ``MYSQL_PASS=simple ./stack.sh`` +# +# We try to have sensible defaults, so you should be able to run ``./stack.sh`` +# in most cases. -# This script exits on an error so that errors don't compound and you see -# only the first error that occured. +# So that errors don't compound we exit on any errors so you see only the +# first error that occured. set -o errexit # Print the commands being run so that we can see the command that triggers # an error. It is also useful for following allowing as the install occurs. set -o xtrace -# Warn users who aren't on natty -## TODO: alter flow to exit unless the user sets environment FORCE=true -## TODO: warn user if apts, pips and other files don't exist that they -## need more than just this script -if ! grep -q natty /etc/lsb-release; then - echo "WARNING: this script has only been tested on natty" -fi - -# Important paths: ``DIR`` is where we are executing from and ``DEST`` is -# where we are installing openstack. -DIR=`pwd` -DEST=/opt +# Destination path for installation ``DEST`` +DEST=${DEST:-/opt} # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova @@ -100,10 +117,10 @@ mysql-server-5.1 mysql-server/start_on_boot boolean true MYSQL_PRESEED # install apt requirements -sudo apt-get install -y -q `cat $DIR/apts/* | cut -d\# -f1` +sudo apt-get install -y -q `cat $DEVSTACK/apts/* | cut -d\# -f1` # install python requirements -sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $DIR/pips/*` +sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $DEVSTACK/pips/*` # git clone only if directory doesn't exist already function git_clone { @@ -143,10 +160,11 @@ cd $API_DIR; sudo python setup.py develop cd $DASH_DIR/django-openstack; sudo python setup.py develop cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop -# add useful screenrc -cp $DIR/files/screenrc ~/.screenrc +# Add a useful screenrc. This isn't required to run openstack but is we do +# it since we are going to run the services in screen for simple +cp $DEVSTACK/files/screenrc ~/.screenrc -# TODO: update current user to allow sudo for all commands in files/sudo/* +## TODO: update current user to allow sudo for all commands in files/sudo/* # Mysql @@ -184,7 +202,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then sudo mkdir -p $DASH_DIR/.blackhole ## Configure apache's 000-default to run dashboard - sudo cp $DIR/files/000-default.template /etc/apache2/sites-enabled/000-default + sudo cp $DEVSTACK/files/000-default.template /etc/apache2/sites-enabled/000-default sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and @@ -239,7 +257,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf - cp $DIR/files/glance-registry.conf $GLANCE_CONF + cp $DEVSTACK/files/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF fi @@ -335,11 +353,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf - cp $DIR/files/keystone.conf $KEYSTONE_CONF + cp $DEVSTACK/files/keystone.conf $KEYSTONE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone,g" -i $KEYSTONE_CONF # initialize keystone with default users/endpoints - BIN_DIR=$KEYSTONE_DIR/bin bash $DIR/files/keystone_data.sh + BIN_DIR=$KEYSTONE_DIR/bin bash $DEVSTACK/files/keystone_data.sh fi From ad73da1c8beddbf53cb38a01a8ffffe157435571 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Thu, 15 Sep 2011 22:28:53 -0700 Subject: [PATCH 111/278] adding other packages to local installed_apps --- files/dash_settings.py | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index 20442e5..5f54f3d 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -15,11 +15,20 @@ DATABASES = { CACHE_BACKEND = 'dummy://' -# Add nixon to dash installation. +# Add nixon + other apps to dash installation. INSTALLED_APPS = ( -'dashboard.nixon', + 'dashboard', + 'dashboard.nixon', + 'django.contrib.contenttypes', + 'django.contrib.sessions', + 'django.contrib.messages', + 'django.contrib.staticfiles', + 'django_openstack', + 'django_openstack.templatetags', + 'mailer', ) + # Send email to the console by default EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend' # Or send them to /dev/null From a3492ed4a95e85fae8d3a21c4737d4ae17839721 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Thu, 15 Sep 2011 22:42:43 -0700 Subject: [PATCH 112/278] updating comments, adding fixmes --- files/dash_settings.py | 6 ++++-- stack.sh | 4 +++- 2 files changed, 7 insertions(+), 3 deletions(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index 5f54f3d..d467da8 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -6,6 +6,8 @@ PROD = False USE_SSL = False LOCAL_PATH = os.path.dirname(os.path.abspath(__file__)) + +# FIXME: We need to change this to mysql, instead of sqlite. DATABASES = { 'default': { 'ENGINE': 'django.db.backends.sqlite3', @@ -43,7 +45,7 @@ MAILER_EMAIL_BACKEND = EMAIL_BACKEND # EMAIL_HOST_USER = 'djangomail' # EMAIL_HOST_PASSWORD = 'top-secret!' - +# FIXME: This needs to be changed to allow for multi-node setup. OPENSTACK_ADMIN_TOKEN = "999888777666" OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0/" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" @@ -53,7 +55,7 @@ OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" SWIFT_ENABLED = False # Configure quantum connection details for networking -QUANTUM_ENABLED = True +QUANTUM_ENABLED = False QUANTUM_URL = '127.0.0.1' QUANTUM_PORT = '9696' QUANTUM_TENANT = '1234' diff --git a/stack.sh b/stack.sh index 3d941a6..c250940 100755 --- a/stack.sh +++ b/stack.sh @@ -140,7 +140,7 @@ git_clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR -# add nixon, the iframing dashboard extension +# add nixon, will use this to show munin graphs in dashboard git clone https://github.com/jakedahn/nixon.git $NIXON_DIR # python client library to nova that dashboard (and others) use git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR @@ -198,6 +198,8 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then sudo touch $DASH_DIR/openstack-dashboard/quantum/client.py cd $DASH_DIR/openstack-dashboard + + # Includes settings for Nixon, to expose munin charts. sudo cp $DIR/files/dash_settings.py local/local_settings.py dashboard/manage.py syncdb From c4b3aabd30ad38fdfde7b5aa951e47c2230d1a7e Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Thu, 15 Sep 2011 22:54:52 -0700 Subject: [PATCH 113/278] more docs update --- stack.sh | 7 +++---- 1 file changed, 3 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index 549095f..a41f542 100755 --- a/stack.sh +++ b/stack.sh @@ -2,7 +2,7 @@ # **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. -# To keep this script simple we assume you are running on an **Ubuntu 11.04 i +# To keep this script simple we assume you are running on an **Ubuntu 11.04 # Natty** machine. It should work in a VM or physical server. Additionally we # put the list of *apt* and *pip* dependencies and other configuration files in # this repo. So start by grabbing this script and the dependencies. @@ -11,9 +11,8 @@ # Sanity Check # ============ -# Warn users who aren't on natty, but allow they to override check and attempt +# Warn users who aren't on natty, but allow them to override check and attempt # installation with ``FORCE=yes ./stack`` -# if ! grep -q natty /etc/lsb-release; then echo "WARNING: this script has only been tested on natty" if [[ "$FORCE" != "yes" ]]; then @@ -25,7 +24,7 @@ fi # stack.sh keeps the list of **apt** and **pip** dependencies in files. # Additionally we have a few config templates and other useful files useful # installation. They are needed to be located at ``apts``, ``files`` and -# ``pips`` in the same directory as this script. +# ``pips`` in the ``DEVSTACK`` directory (next to this script). DEVSTACK=`pwd` if [ ! -d $DEVSTACK/apts ] || [ ! -d $DEVSTACK/files ] || [ ! -d $DEVSTACK/pips ]; then echo "ERROR: missing devstack files - did you grab more than just stack.sh?" From 38fc665584e906f9b6832663953388e9fc24e1b2 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Thu, 15 Sep 2011 22:58:06 -0700 Subject: [PATCH 114/278] changing nixon repo to cloudbuilders --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index c250940..554cf69 100755 --- a/stack.sh +++ b/stack.sh @@ -141,7 +141,7 @@ git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR # add nixon, will use this to show munin graphs in dashboard -git clone https://github.com/jakedahn/nixon.git $NIXON_DIR +git_clone https://github.com/cloudbuilders/nixon.git $NIXON_DIR # python client library to nova that dashboard (and others) use git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR # openstackx is a collection of extensions to openstack.compute & nova From a09ae2ff4bbbf80a990ad80108d65511141f331d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 23:11:29 -0700 Subject: [PATCH 115/278] only install mysql-server and rabbitmq-server if needed --- stack.sh | 11 ++++++++++- 1 file changed, 10 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 549095f..b325f27 100755 --- a/stack.sh +++ b/stack.sh @@ -117,7 +117,7 @@ mysql-server-5.1 mysql-server/start_on_boot boolean true MYSQL_PRESEED # install apt requirements -sudo apt-get install -y -q `cat $DEVSTACK/apts/* | cut -d\# -f1` +sudo apt-get install -y -q `cat $DEVSTACK/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"` # install python requirements sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $DEVSTACK/pips/*` @@ -166,11 +166,20 @@ cp $DEVSTACK/files/screenrc ~/.screenrc ## TODO: update current user to allow sudo for all commands in files/sudo/* +# Rabbit +# --------- +# +if [[ "$ENABLED_SERVICES" =~ "rabbit" ]]; then + # Install and start rabbitmq-server + sudo apt-get install rabbitmq-server +fi # Mysql # --------- # if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then + # Install and start mysql-server + sudo apt-get install mysql-server # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" From 093eeb0dbb5f3e1a638b7eba2b545c544fbc3a7f Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 23:17:44 -0700 Subject: [PATCH 116/278] silent install --- stack.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 635e96e..0ce86db 100755 --- a/stack.sh +++ b/stack.sh @@ -173,7 +173,7 @@ cp $DEVSTACK/files/screenrc ~/.screenrc # if [[ "$ENABLED_SERVICES" =~ "rabbit" ]]; then # Install and start rabbitmq-server - sudo apt-get install rabbitmq-server + sudo apt-get install -y -q rabbitmq-server fi # Mysql @@ -181,7 +181,7 @@ fi # if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then # Install and start mysql-server - sudo apt-get install mysql-server + sudo apt-get -y -q install mysql-server # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases: sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';" From fa594eb978900b60ae0bb2b537e87a8c527faab7 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 23:28:52 -0700 Subject: [PATCH 117/278] fix path --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 0ce86db..ebd8f02 100755 --- a/stack.sh +++ b/stack.sh @@ -208,7 +208,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then cd $DASH_DIR/openstack-dashboard # Includes settings for Nixon, to expose munin charts. - sudo cp $DIR/files/dash_settings.py local/local_settings.py + sudo cp $DEVSTACK/files/dash_settings.py local/local_settings.py dashboard/manage.py syncdb From fde5a1cdd5429a3c1962ba10b7289e2df8a0f581 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 15 Sep 2011 23:49:02 -0700 Subject: [PATCH 118/278] work on lxc multi-node ha nova-net + flatdhcp + ha-nova-api --- build_lxc.sh | 4 ++++ build_lxc_multi.sh | 16 ++++++++-------- 2 files changed, 12 insertions(+), 8 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 212261a..b5de232 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -103,6 +103,10 @@ if [ "$COPYENV" = "1" ]; then cp_it ~/.bashrc $ROOTFS/opt/.bashrc fi +# Make our ip address hostnames look nice at the command prompt +echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/opt/.bashrc +echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/etc/profile + # Give stack ownership over /opt so it may do the work needed chroot $ROOTFS chown -R stack /opt diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh index 49407d4..b26cabf 100755 --- a/build_lxc_multi.sh +++ b/build_lxc_multi.sh @@ -7,19 +7,19 @@ COMPUTE_HOSTS=${COMPUTE_HOSTS:-192.168.1.53,192.168.1.54} NAMESERVER=${NAMESERVER:-192.168.2.1} GATEWAY=${GATEWAY:-192.168.1.1} +# Variables common amongst all hosts in the cluster +COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0" + # Helper to launch containers function run_lxc { # For some reason container names with periods can cause issues :/ - container_name=`echo $1 | sed 's/\./_/g'` - CONTAINER=$container_name CONTAINER_IP=$1 CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER STACKSH_PARAMS="$2" ./build_lxc.sh + CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh } -# Variables common amongst all hosts in the cluster -COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0" - -# Launch the head node -run_lxc $HEAD_HOST "$COMMON_VARS ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" +# Launch the head node - headnode uses a non-ip domain name, +# because rabbit won't launch with an ip addr hostname :( +run_lxc STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" for compute_host in ${COMPUTE_HOSTS//,/ }; do # Launch the compute hosts - run_lxc $compute_host "$COMMON_VARS ENABLED_SERVICES=n-cpu,n-net,n-api" + run_lxc $compute_host $compute_host "ENABLED_SERVICES=n-cpu,n-net,n-api" done From cbbf718fa96569dc5216c7b8c0023bbd6da7a0f0 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 00:28:23 -0700 Subject: [PATCH 119/278] wait for head node to start before starting compute hosts --- build_lxc_multi.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh index b26cabf..5a37845 100755 --- a/build_lxc_multi.sh +++ b/build_lxc_multi.sh @@ -19,6 +19,13 @@ function run_lxc { # Launch the head node - headnode uses a non-ip domain name, # because rabbit won't launch with an ip addr hostname :( run_lxc STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" + +# Wait till the head node is up +while ! wget -O - http://$HEAD_HOST | grep -q username; do + echo "Waiting for head node ($HEAD_HOST) to start..." + sleep 5 +done + for compute_host in ${COMPUTE_HOSTS//,/ }; do # Launch the compute hosts run_lxc $compute_host $compute_host "ENABLED_SERVICES=n-cpu,n-net,n-api" From 414279d77ab015b12ec8270612c1110af9b0ecd4 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 00:29:46 -0700 Subject: [PATCH 120/278] quiet wget --- build_lxc_multi.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh index 5a37845..5089509 100755 --- a/build_lxc_multi.sh +++ b/build_lxc_multi.sh @@ -21,7 +21,7 @@ function run_lxc { run_lxc STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" # Wait till the head node is up -while ! wget -O - http://$HEAD_HOST | grep -q username; do +while ! wget -q -O- http://$HEAD_HOST | grep -q username; do echo "Waiting for head node ($HEAD_HOST) to start..." sleep 5 done From 57bca7ea85b287cf1764c9398096786167ae5c12 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 00:37:26 -0700 Subject: [PATCH 121/278] clean up comment --- build_lxc_multi.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh index 5089509..efa7deb 100755 --- a/build_lxc_multi.sh +++ b/build_lxc_multi.sh @@ -26,7 +26,7 @@ while ! wget -q -O- http://$HEAD_HOST | grep -q username; do sleep 5 done +# Launch the compute hosts for compute_host in ${COMPUTE_HOSTS//,/ }; do - # Launch the compute hosts run_lxc $compute_host $compute_host "ENABLED_SERVICES=n-cpu,n-net,n-api" done From 65cf60871009b3cead0818724adefa026a264dcf Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Fri, 16 Sep 2011 12:22:21 -0500 Subject: [PATCH 122/278] Add image scripts --- make_image.sh | 88 +++++++++++++++++++++++++++++++++++++++++++++++++ upload_image.sh | 82 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 170 insertions(+) create mode 100755 make_image.sh create mode 100755 upload_image.sh diff --git a/make_image.sh b/make_image.sh new file mode 100755 index 0000000..9b5c10c --- /dev/null +++ b/make_image.sh @@ -0,0 +1,88 @@ +#!/bin/bash +# make_image.sh - Create Ubuntu images in various formats +# +# make_image.sh release format +# +# Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc) +# +# Requires sudo to root + +ROOTSIZE=${ROOTSIZE:-8192} +SWAPSIZE=${SWAPSIZE:-1024} + +usage() { + echo "$0 - Create Ubuntu images" + echo "" + echo "$0 [-r rootsize] [-s swapsize] release format" + exit 1 +} + +while getopts hm:r:s: c; do + case $c in + h) usage + ;; + m) MIRROR=$OPTARG + ;; + r) ROOTSIZE=$OPTARG + ;; + s) SWAPSIZE=$OPTARG + ;; + esac +done +shift `expr $OPTIND - 1` + +RELEASE=$1 +FORMAT=$2 + +case $RELEASE in + natty) ;; + maverick) ;; + lucid) ;; + karmic) ;; + jaunty) ;; + *) echo "Unknown release: $RELEASE" + usage +esac + +case $FORMAT in + kvm|qcow2) FORMAT=qcow2 + TARGET=kvm + ;; + vmserver|vmdk) FORMAT=vmdk + TARGET=vmserver + ;; + vbox|vdi) FORMAT=qcow2 + TARGET=kvm + FINAL_FORMAT=vdi + ;; + vhd|vpc) FORMAT=qcow2 + TARGET=kvm + FINAL_FORMAT=vpc + ;; + *) echo "Unknown format: $FORMAT" + usage +esac + +# Install stuff if necessary +if [ -z `which vmbuilder` ]; then + sudo apt-get install ubuntu-vm-builder +fi + +# Build the image +sudo vmbuilder $TARGET ubuntu --suite $RELEASE \ + -o \ + --rootsize=$ROOTSIZE \ + --swapsize=$SWAPSIZE \ + --tmpfs - \ + --addpkg=openssh-server \ + +# --mirror=$MIRROR \ + +if [ -z "$FINAL_FORMAT" ]; then + # Get image + mv ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FORMAT +else + # Convert image + qemu-img convert -O $FINAL_FORMAT ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FINAL_FORMAT +fi +rm -rf ubuntu-$TARGET diff --git a/upload_image.sh b/upload_image.sh new file mode 100755 index 0000000..8436b76 --- /dev/null +++ b/upload_image.sh @@ -0,0 +1,82 @@ +#!/bin/bash +# upload_image.sh - Upload Ubuntu images (create if necessary) in various formats +# +# upload_image.sh release format +# +# format target +# qcow2 kvm,qemu +# vmdk vmw6 +# vbox vdi +# vhd vpc + +HOST=${HOST:-demo.rcb.me} +PORT=${PORT:-9292} + +usage() { + echo "$0 - Upload Ubuntu images" + echo "" + echo "$0 [-h host] [-p port] release format" + exit 1 +} + +while getopts h:p: c; do + case $c in + h) HOST=$OPTARG + ;; + p) PORT=$OPTARG + ;; + esac +done +shift `expr $OPTIND - 1` + +RELEASE=$1 +FORMAT=$2 + +case $RELEASE in + natty) ;; + maverick) ;; + lucid) ;; + karmic) ;; + jaunty) ;; + *) echo "Unknown release: $RELEASE" + usage +esac + +case $FORMAT in + kvm|qcow2) FORMAT=qcow2 + TARGET=kvm + ;; + vmserver|vmdk) FORMAT=vmdk + TARGET=vmserver + ;; + vbox|vdi) TARGET=kvm + FORMAT=vdi + ;; + vhd|vpc) TARGET=kvm + FORMAT=vpc + ;; + *) echo "Unknown format: $FORMAT" + usage +esac + +GLANCE=`which glance` +if [ -z "$GLANCE" ]; then + echo "Glance not found, must install client" + sudo apt-get install python-pip python-eventlet python-routes python-greenlet python-argparse python-sqlalchemy python-wsgiref python-pastedeploy python-xattr + sudo pip install kombu + git clone https://github.com/cloudbuilders/glance.git + cd glance + sudo python setup.py develop + cd .. + GLANCE=`which glance` +fi + +# Create image if it doesn't exist +if [ ! -r $RELEASE.$FORMAT ]; then + DIR=`dirname $0` + echo "$RELEASE.$FORMAT not found, creating...must be root to do this:" + $DIR/make_image.sh $RELEASE $FORMAT +fi + +# Upload the image +$GLANCE add name=$RELEASE.$FORMAT is_public=true disk_format=$FORMAT --host $HOST --port $PORT <$RELEASE.$FORMAT From 4d28218954ce9e7e4425bfd6f51da3b5d3b9ba2a Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 11:27:43 -0700 Subject: [PATCH 123/278] move apts/pips to files directory --- build_lxc.sh | 4 ++-- build_nfs.sh | 11 +++++------ {apts => files/apts}/dash | 0 {apts => files/apts}/general | 0 {apts => files/apts}/glance | 0 {apts => files/apts}/keystone | 0 {apts => files/apts}/nova | 0 {apts => files/apts}/preseed | 0 {pips => files/pips}/dash | 0 stack.sh | 30 +++++++++++++++--------------- 10 files changed, 22 insertions(+), 23 deletions(-) rename {apts => files/apts}/dash (100%) rename {apts => files/apts}/general (100%) rename {apts => files/apts}/glance (100%) rename {apts => files/apts}/keystone (100%) rename {apts => files/apts}/nova (100%) rename {apts => files/apts}/preseed (100%) rename {pips => files/pips}/dash (100%) diff --git a/build_lxc.sh b/build_lxc.sh index b5de232..c1ab995 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -55,8 +55,8 @@ if [ ! -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update - chroot $CACHEDIR apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot $CACHEDIR pip install `cat pips/*` + chroot $CACHEDIR apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CACHEDIR pip install `cat files/pips/*` git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova git clone https://github.com/cloudbuilders/openstackx.git $CACHEDIR/opt/openstackx git clone https://github.com/cloudbuilders/noVNC.git $CACHEDIR/opt/noVNC diff --git a/build_nfs.sh b/build_nfs.sh index 6509011..180a6e5 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -13,8 +13,8 @@ if [ ! -d proto ]; then debootstrap natty proto cp files/sources.list proto/etc/apt/sources.list chroot proto apt-get update - chroot proto apt-get install -y `cat apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot proto pip install `cat pips/*` + chroot proto apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot proto pip install `cat files/pips/*` git clone https://github.com/cloudbuilders/nova.git proto/opt/nova git clone https://github.com/cloudbuilders/openstackx.git proto/opt/openstackx git clone https://github.com/cloudbuilders/noVNC.git proto/opt/noVNC @@ -34,14 +34,13 @@ echo "127.0.0.1 localhost $NAME" > $DEST/etc/hosts # copy kernel modules cp -pr /lib/modules/`uname -r` $DEST/lib/modules -# inject stack.sh files -cp -r files $DEST/opt/files # copy openstack installer and requirement lists to a new directory. mkdir -p $DEST/opt + +# inject stack.sh and dependant files +cp -r files $DEST/opt/files cp stack.sh $DEST/opt/stack.sh -cp -r pips $DEST/opt -cp -r apts $DEST/opt # injecting root's public ssh key if it exists if [ -f /root/.ssh/id_rsa.pub ]; then diff --git a/apts/dash b/files/apts/dash similarity index 100% rename from apts/dash rename to files/apts/dash diff --git a/apts/general b/files/apts/general similarity index 100% rename from apts/general rename to files/apts/general diff --git a/apts/glance b/files/apts/glance similarity index 100% rename from apts/glance rename to files/apts/glance diff --git a/apts/keystone b/files/apts/keystone similarity index 100% rename from apts/keystone rename to files/apts/keystone diff --git a/apts/nova b/files/apts/nova similarity index 100% rename from apts/nova rename to files/apts/nova diff --git a/apts/preseed b/files/apts/preseed similarity index 100% rename from apts/preseed rename to files/apts/preseed diff --git a/pips/dash b/files/pips/dash similarity index 100% rename from pips/dash rename to files/pips/dash diff --git a/stack.sh b/stack.sh index ebd8f02..d71503c 100755 --- a/stack.sh +++ b/stack.sh @@ -21,12 +21,12 @@ if ! grep -q natty /etc/lsb-release; then fi fi -# stack.sh keeps the list of **apt** and **pip** dependencies in files. -# Additionally we have a few config templates and other useful files useful -# installation. They are needed to be located at ``apts``, ``files`` and -# ``pips`` in the ``DEVSTACK`` directory (next to this script). -DEVSTACK=`pwd` -if [ ! -d $DEVSTACK/apts ] || [ ! -d $DEVSTACK/files ] || [ ! -d $DEVSTACK/pips ]; then +# stack.sh keeps the list of **apt** and **pip** dependencies in external +# files, along with config templates and other useful files. You can find these +# in the ``files`` directory (next to this script). We will reference this +# directory using the ``DEVSTACK`` variable in this script. +DEVSTACK=`pwd`/files +if [ ! -d $DEVSTACK ]; then echo "ERROR: missing devstack files - did you grab more than just stack.sh?" exit 1 fi @@ -164,7 +164,7 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop # Add a useful screenrc. This isn't required to run openstack but is we do # it since we are going to run the services in screen for simple -cp $DEVSTACK/files/screenrc ~/.screenrc +cp $DEVSTACK/screenrc ~/.screenrc ## TODO: update current user to allow sudo for all commands in files/sudo/* @@ -208,7 +208,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then cd $DASH_DIR/openstack-dashboard # Includes settings for Nixon, to expose munin charts. - sudo cp $DEVSTACK/files/dash_settings.py local/local_settings.py + sudo cp $DEVSTACK/dash_settings.py local/local_settings.py dashboard/manage.py syncdb @@ -216,12 +216,12 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then sudo mkdir -p $DASH_DIR/.blackhole ## Configure apache's 000-default to run dashboard - sudo cp $DEVSTACK/files/000-default.template /etc/apache2/sites-enabled/000-default + sudo cp $DEVSTACK/000-default.template /etc/apache2/sites-enabled/000-default sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default - # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` and - # others by the original owner. We need to change the owner to apache so - # dashboard can run + # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` + # and others are owned by the user you are using to run this script. + # We need to change the owner to apache for dashboard to run. sudo chown -R www-data:www-data $DASH_DIR fi @@ -271,7 +271,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf - cp $DEVSTACK/files/glance-registry.conf $GLANCE_CONF + cp $DEVSTACK/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF fi @@ -367,11 +367,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf - cp $DEVSTACK/files/keystone.conf $KEYSTONE_CONF + cp $DEVSTACK/keystone.conf $KEYSTONE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone,g" -i $KEYSTONE_CONF # initialize keystone with default users/endpoints - BIN_DIR=$KEYSTONE_DIR/bin bash $DEVSTACK/files/keystone_data.sh + BIN_DIR=$KEYSTONE_DIR/bin bash $DEVSTACK/keystone_data.sh fi From bf3868d889564f716e293fa3180c7c199bfe893a Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 11:31:16 -0700 Subject: [PATCH 124/278] use variable FILES instead of DEVSTACK --- stack.sh | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/stack.sh b/stack.sh index d71503c..93b665a 100755 --- a/stack.sh +++ b/stack.sh @@ -24,10 +24,10 @@ fi # stack.sh keeps the list of **apt** and **pip** dependencies in external # files, along with config templates and other useful files. You can find these # in the ``files`` directory (next to this script). We will reference this -# directory using the ``DEVSTACK`` variable in this script. -DEVSTACK=`pwd`/files -if [ ! -d $DEVSTACK ]; then - echo "ERROR: missing devstack files - did you grab more than just stack.sh?" +# directory using the ``FILES`` variable in this script. +FILES=`pwd`/files +if [ ! -d $FILES ]; then + echo "ERROR: missing devstack/files - did you grab more than just stack.sh?" exit 1 fi @@ -117,10 +117,10 @@ mysql-server-5.1 mysql-server/start_on_boot boolean true MYSQL_PRESEED # install apt requirements -sudo apt-get install -y -q `cat $DEVSTACK/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"` +sudo apt-get install -y -q `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"` # install python requirements -sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $DEVSTACK/pips/*` +sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $FILES/pips/*` # git clone only if directory doesn't exist already function git_clone { @@ -164,7 +164,7 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop # Add a useful screenrc. This isn't required to run openstack but is we do # it since we are going to run the services in screen for simple -cp $DEVSTACK/screenrc ~/.screenrc +cp $FILES/screenrc ~/.screenrc ## TODO: update current user to allow sudo for all commands in files/sudo/* @@ -208,7 +208,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then cd $DASH_DIR/openstack-dashboard # Includes settings for Nixon, to expose munin charts. - sudo cp $DEVSTACK/dash_settings.py local/local_settings.py + sudo cp $FILES/dash_settings.py local/local_settings.py dashboard/manage.py syncdb @@ -216,7 +216,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then sudo mkdir -p $DASH_DIR/.blackhole ## Configure apache's 000-default to run dashboard - sudo cp $DEVSTACK/000-default.template /etc/apache2/sites-enabled/000-default + sudo cp $FILES/000-default.template /etc/apache2/sites-enabled/000-default sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` @@ -271,7 +271,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;' # Copy over our glance-registry.conf GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf - cp $DEVSTACK/glance-registry.conf $GLANCE_CONF + cp $FILES/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF fi @@ -367,11 +367,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then # FIXME (anthony) keystone should use keystone.conf.example KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf - cp $DEVSTACK/keystone.conf $KEYSTONE_CONF + cp $FILES/keystone.conf $KEYSTONE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone,g" -i $KEYSTONE_CONF # initialize keystone with default users/endpoints - BIN_DIR=$KEYSTONE_DIR/bin bash $DEVSTACK/keystone_data.sh + BIN_DIR=$KEYSTONE_DIR/bin bash $FILES/keystone_data.sh fi From d61db8597fa01ae9a13f46e1ad7f0360c40774bf Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 14:13:17 -0700 Subject: [PATCH 125/278] clone to a directory owned by correct user --- stack.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 93b665a..b89a3b1 100755 --- a/stack.sh +++ b/stack.sh @@ -122,9 +122,13 @@ sudo apt-get install -y -q `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-s # install python requirements sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $FILES/pips/*` -# git clone only if directory doesn't exist already +# git clone only if directory doesn't exist already. Since ``DEST`` might not +# be owned by the installation user, we create the directory and change the +# ownership to the proper user. function git_clone { if [ ! -d $2 ]; then + sudo mkdir $2 + sudo chown `whoami` $2 git clone $1 $2 fi } From 4dd420e333e7bd4b46b317a245c3f1ad6eb9fbed Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Fri, 16 Sep 2011 16:16:34 -0500 Subject: [PATCH 126/278] Image script cleanups --- README | 2 +- make_image.sh | 79 ++++++++++++++++++++---------------- upload_image.sh | 105 +++++++++++++++++++++++++----------------------- 3 files changed, 100 insertions(+), 86 deletions(-) diff --git a/README b/README index c30f61c..299bd6c 100644 --- a/README +++ b/README @@ -9,7 +9,6 @@ Tool to build (nfs export) openstack dev environments * check openstack-puppet recipes to see if anything else is missing * allow rabbit connection to be specified via environment variables with sensible defaults * Add volume support -* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * allow changing of git locations (specify different tag/branch or repos) * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * Add quantum support @@ -19,6 +18,7 @@ Tool to build (nfs export) openstack dev environments * sqlconn can be set via env * move back to using sudo * move nova to mysql +* create images via vmbuilder and upload images via glance # Future diff --git a/make_image.sh b/make_image.sh index 9b5c10c..28b2eac 100755 --- a/make_image.sh +++ b/make_image.sh @@ -19,14 +19,14 @@ usage() { while getopts hm:r:s: c; do case $c in - h) usage - ;; - m) MIRROR=$OPTARG - ;; - r) ROOTSIZE=$OPTARG - ;; - s) SWAPSIZE=$OPTARG - ;; + h) usage + ;; + m) MIRROR=$OPTARG + ;; + r) ROOTSIZE=$OPTARG + ;; + s) SWAPSIZE=$OPTARG + ;; esac done shift `expr $OPTIND - 1` @@ -34,38 +34,43 @@ shift `expr $OPTIND - 1` RELEASE=$1 FORMAT=$2 -case $RELEASE in - natty) ;; - maverick) ;; - lucid) ;; - karmic) ;; - jaunty) ;; - *) echo "Unknown release: $RELEASE" - usage +case $FORMAT in + kvm|qcow2) FORMAT=qcow2 + TARGET=kvm + ;; + vmserver|vmdk) + FORMAT=vmdk + TARGET=vmserver + ;; + vbox|vdi) FORMAT=qcow2 + TARGET=kvm + FINAL_FORMAT=vdi + ;; + vhd|vpc) FORMAT=qcow2 + TARGET=kvm + FINAL_FORMAT=vhd + ;; + xen) FORMAT=raw + TARGET=xen + ;; + *) echo "Unknown format: $FORMAT" + usage esac -case $FORMAT in - kvm|qcow2) FORMAT=qcow2 - TARGET=kvm - ;; - vmserver|vmdk) FORMAT=vmdk - TARGET=vmserver - ;; - vbox|vdi) FORMAT=qcow2 - TARGET=kvm - FINAL_FORMAT=vdi - ;; - vhd|vpc) FORMAT=qcow2 - TARGET=kvm - FINAL_FORMAT=vpc - ;; - *) echo "Unknown format: $FORMAT" - usage +case $RELEASE in + natty) ;; + maverick) ;; + lucid) ;; + karmic) ;; + jaunty) ;; + *) echo "Unknown release: $RELEASE" + usage + ;; esac # Install stuff if necessary if [ -z `which vmbuilder` ]; then - sudo apt-get install ubuntu-vm-builder + sudo apt-get install ubuntu-vm-builder fi # Build the image @@ -83,6 +88,10 @@ if [ -z "$FINAL_FORMAT" ]; then mv ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FORMAT else # Convert image - qemu-img convert -O $FINAL_FORMAT ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FINAL_FORMAT + tgt=$FINAL_FORMAT + if [ "$tgt" = "vhd" ]; then + tgt=vpc + fi + qemu-img convert -O $tgt ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FINAL_FORMAT fi rm -rf ubuntu-$TARGET diff --git a/upload_image.sh b/upload_image.sh index 8436b76..39a2fba 100755 --- a/upload_image.sh +++ b/upload_image.sh @@ -1,30 +1,24 @@ #!/bin/bash # upload_image.sh - Upload Ubuntu images (create if necessary) in various formats -# -# upload_image.sh release format -# -# format target -# qcow2 kvm,qemu -# vmdk vmw6 -# vbox vdi -# vhd vpc - -HOST=${HOST:-demo.rcb.me} -PORT=${PORT:-9292} +# Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc) +# Requires sudo to root usage() { - echo "$0 - Upload Ubuntu images" + echo "$0 - Upload images to OpenStack" echo "" echo "$0 [-h host] [-p port] release format" exit 1 } +HOST=${HOST:-localhost} +PORT=${PORT:-9292} + while getopts h:p: c; do case $c in - h) HOST=$OPTARG - ;; - p) PORT=$OPTARG - ;; + h) HOST=$OPTARG + ;; + p) PORT=$OPTARG + ;; esac done shift `expr $OPTIND - 1` @@ -32,50 +26,61 @@ shift `expr $OPTIND - 1` RELEASE=$1 FORMAT=$2 -case $RELEASE in - natty) ;; - maverick) ;; - lucid) ;; - karmic) ;; - jaunty) ;; - *) echo "Unknown release: $RELEASE" - usage +case $FORMAT in + kvm|qcow2) FORMAT=qcow2 + TARGET=kvm + ;; + vmserver|vmdk) + FORMAT=vmdk + TARGET=vmserver + ;; + vbox|vdi) TARGET=kvm + FORMAT=vdi + ;; + vhd|vpc) TARGET=kvm + FORMAT=vhd + ;; + *) echo "Unknown format: $FORMAT" + usage esac -case $FORMAT in - kvm|qcow2) FORMAT=qcow2 - TARGET=kvm - ;; - vmserver|vmdk) FORMAT=vmdk - TARGET=vmserver - ;; - vbox|vdi) TARGET=kvm - FORMAT=vdi - ;; - vhd|vpc) TARGET=kvm - FORMAT=vpc - ;; - *) echo "Unknown format: $FORMAT" - usage +case $RELEASE in + natty) ;; + maverick) ;; + lucid) ;; + karmic) ;; + jaunty) ;; + *) if [ ! -r $RELEASE.$FORMAT ]; then + echo "Unknown release: $RELEASE" + usage + fi + ;; esac GLANCE=`which glance` if [ -z "$GLANCE" ]; then - echo "Glance not found, must install client" - sudo apt-get install python-pip python-eventlet python-routes python-greenlet python-argparse python-sqlalchemy python-wsgiref python-pastedeploy python-xattr - sudo pip install kombu - git clone https://github.com/cloudbuilders/glance.git - cd glance - sudo python setup.py develop - cd .. - GLANCE=`which glance` + if [ -x "/opt/glance/bin/glance" ]; then + # Look for stack.sh's install + GLANCE="/opt/glance/bin/glance" + else + echo "Glance not found, must install client" + OWD=`pwd` + cd /opt + sudo apt-get install python-pip python-eventlet python-routes python-greenlet python-argparse python-sqlalchemy python-wsgiref python-pastedeploy python-xattr + sudo pip install kombu + sudo git clone https://github.com/cloudbuilders/glance.git + cd glance + sudo python setup.py develop + cd $OWD + GLANCE=`which glance` + fi fi # Create image if it doesn't exist if [ ! -r $RELEASE.$FORMAT ]; then - DIR=`dirname $0` - echo "$RELEASE.$FORMAT not found, creating...must be root to do this:" - $DIR/make_image.sh $RELEASE $FORMAT + DIR=`dirname $0` + echo "$RELEASE.$FORMAT not found, creating...must be root to do this:" + $DIR/make_image.sh $RELEASE $FORMAT fi # Upload the image From 543d7d44e9ec02a7e4f7371148628236a7649235 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 14:16:36 -0700 Subject: [PATCH 127/278] don't download images to /opt --- build_nfs.sh | 3 ++- stack.sh | 8 ++++---- 2 files changed, 6 insertions(+), 5 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 180a6e5..59a3609 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -22,7 +22,8 @@ if [ ! -d proto ]; then git clone https://github.com/cloudbuilders/python-novaclient.git proto/opt/python-novaclient git clone https://github.com/cloudbuilders/keystone.git proto/opt/keystone git clone https://github.com/cloudbuilders/glance.git proto/opt/glance - wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/tty.tgz + chroot proto mkdir -p /opt/files + wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/files/tty.tgz fi cp -pr proto $DEST diff --git a/stack.sh b/stack.sh index b89a3b1..b47729e 100755 --- a/stack.sh +++ b/stack.sh @@ -412,13 +412,13 @@ screen_it dash "sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # Downloads a tty image (ami/aki/ari style), then extracts it. Upon extraction # we upload to glance with the glance cli tool. - mkdir -p $DEST/images - cd $DEST/images - if [ ! -f $DEST/tty.tgz ]; then - wget -c http://images.ansolabs.com/tty.tgz -O $DEST/tty.tgz + if [ ! -f $FILES/tty.tgz ]; then + wget -c http://images.ansolabs.com/tty.tgz -O $FILES/tty.tgz fi # extract ami-tty/image, aki-tty/image & ari-tty/image + mkdir -p $FILES/images + cd $FILES/images tar -zxf $DEST/tty.tgz # add images to glance From 74e965f0dbdce7807b4e9146eaa8de3b5bd75838 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 14:19:46 -0700 Subject: [PATCH 128/278] more updates to how images are installed --- stack.sh | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/stack.sh b/stack.sh index b47729e..660a529 100755 --- a/stack.sh +++ b/stack.sh @@ -418,14 +418,13 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # extract ami-tty/image, aki-tty/image & ari-tty/image mkdir -p $FILES/images - cd $FILES/images - tar -zxf $DEST/tty.tgz + tar -zxf $FILES/tty.tgz -C $FILES/images # add images to glance # FIXME: kernel/ramdisk is hardcoded - use return result from add - glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < aki-tty/image - glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < ari-tty/image - glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < ami-tty/image + glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image + glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image + glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image fi # Using the cloud From eba18fbfa52b38fd1497cc87c03dd8674a9a1fa8 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 14:35:14 -0700 Subject: [PATCH 129/278] add note to fix the process of adding user to group --- stack.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/stack.sh b/stack.sh index 660a529..55ef2b5 100755 --- a/stack.sh +++ b/stack.sh @@ -320,6 +320,8 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then sudo modprobe nbd || true sudo modprobe kvm || true # user needs to be member of libvirtd group for nova-compute to use libvirt + ## FIXME: this doesn't affect the current shell so you end up with a failed + ## launch of nova-compute sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it sudo /etc/init.d/libvirt-bin restart From 1c9f0afeb33f60825c2daea56d73223845a5855d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 14:36:11 -0700 Subject: [PATCH 130/278] add multi_host option --- stack.sh | 3 +++ 1 file changed, 3 insertions(+) diff --git a/stack.sh b/stack.sh index 55ef2b5..a093b24 100755 --- a/stack.sh +++ b/stack.sh @@ -308,6 +308,9 @@ add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" if [ -n "$FLAT_INTERFACE" ]; then add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi +if [ -n "$MULTI_HOST" ]; then + add_nova_flag "--multi_host=$MULTI_HOST" +fi # create a new named screen to store things in screen -d -m -S nova -t nova From 23761c3553165e4a3c2ef1e15613be0d495e1f4d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 14:54:20 -0700 Subject: [PATCH 131/278] floating ip support, and cleanup functionality --- build_lxc.sh | 5 +++++ build_lxc_multi.sh | 21 ++++++++++++++------- 2 files changed, 19 insertions(+), 7 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index c1ab995..787c4bd 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -69,6 +69,11 @@ fi # Destroy the old container lxc-destroy -n $CONTAINER +# If this call is to TERMINATE the container then exit +if [ "$TERMINATE" = "1" ]; then + exit +fi + # Create the container lxc-create -n $CONTAINER -t natty -f $LXC_CONF diff --git a/build_lxc_multi.sh b/build_lxc_multi.sh index efa7deb..50be4f5 100755 --- a/build_lxc_multi.sh +++ b/build_lxc_multi.sh @@ -4,16 +4,21 @@ HEAD_HOST=${HEAD_HOST:-192.168.1.52} COMPUTE_HOSTS=${COMPUTE_HOSTS:-192.168.1.53,192.168.1.54} # Networking params -NAMESERVER=${NAMESERVER:-192.168.2.1} +NAMESERVER=${NAMESERVER:-192.168.1.1} GATEWAY=${GATEWAY:-192.168.1.1} +NETMASK=${NETMASK:-255.255.255.0} +FLOATING_RANGE=${FLOATING_RANGE:-192.168.1.196/30} + +# Setting this to 1 shuts down and destroys our containers without relaunching. +TERMINATE=${TERMINATE:-0} # Variables common amongst all hosts in the cluster -COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0" +COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0 FLOATING_RANGE=$FLOATING_RANGE MULTI_HOST=1" # Helper to launch containers function run_lxc { # For some reason container names with periods can cause issues :/ - CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh + CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_NETMASK=$NETMASK CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh } # Launch the head node - headnode uses a non-ip domain name, @@ -21,10 +26,12 @@ function run_lxc { run_lxc STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit" # Wait till the head node is up -while ! wget -q -O- http://$HEAD_HOST | grep -q username; do - echo "Waiting for head node ($HEAD_HOST) to start..." - sleep 5 -done +if [ ! "$TERMINATE" = "1" ]; then + while ! wget -q -O- http://$HEAD_HOST | grep -q username; do + echo "Waiting for head node ($HEAD_HOST) to start..." + sleep 5 + done +fi # Launch the compute hosts for compute_host in ${COMPUTE_HOSTS//,/ }; do From e30432f6251edf61ad04dd40a7efa43da239f3a1 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 14:54:48 -0700 Subject: [PATCH 132/278] attempt to fix group issue --- stack.sh | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index a093b24..ba88a01 100755 --- a/stack.sh +++ b/stack.sh @@ -322,9 +322,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # device - used to manage qcow images) sudo modprobe nbd || true sudo modprobe kvm || true - # user needs to be member of libvirtd group for nova-compute to use libvirt - ## FIXME: this doesn't affect the current shell so you end up with a failed - ## launch of nova-compute + # User needs to be member of libvirtd group for nova-compute to use libvirt. sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it sudo /etc/init.d/libvirt-bin restart @@ -404,7 +402,10 @@ screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.con screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" screen_it n-api "$NOVA_DIR/bin/nova-api" -screen_it n-cpu "$NOVA_DIR/bin/nova-compute" +# launch nova-compute with a new bash, since user won't be a member of libvirtd +# group in the current shell context (due to how linux works). +# TODO: newgrp might work instead... +screen_it n-cpu "bash -c $NOVA_DIR/bin/nova-compute" screen_it n-net "$NOVA_DIR/bin/nova-network" screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" # nova-vncproxy binds a privileged port, and so needs sudo From 1f7176011008c77bdf0a0ec8138755dfb0a769e3 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 15:18:53 -0700 Subject: [PATCH 133/278] use newgrp to launch nova-compute in a new context --- stack.sh | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/stack.sh b/stack.sh index ba88a01..e9218b8 100755 --- a/stack.sh +++ b/stack.sh @@ -389,9 +389,9 @@ fi # so send the start command by forcing text into the window. # Only run the services specified in ``ENABLED_SERVICES`` -NL=`echo -ne '\015'` - +# our screen helper to launch a service in a hidden named screen function screen_it { + NL=`echo -ne '\015'` if [[ "$ENABLED_SERVICES" =~ "$1" ]]; then screen -S nova -X screen -t $1 screen -S nova -p $1 -X stuff "$2$NL" @@ -402,10 +402,13 @@ screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.con screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" screen_it n-api "$NOVA_DIR/bin/nova-api" -# launch nova-compute with a new bash, since user won't be a member of libvirtd -# group in the current shell context (due to how linux works). -# TODO: newgrp might work instead... -screen_it n-cpu "bash -c $NOVA_DIR/bin/nova-compute" +# Launching nova-compute should be as simple as running ``nova-compute`` but +# have to do a little more than that in our script. Since we add the group +# ``libvirtd`` to our user in this script, when nova-compute is run it is +# within the context of our original shell (so our groups won't be updated). +# We can send the command nova-compute to the ``newgrp`` command to execute +# in a specific context. +screen_it n-cpu "echo $NOVA_DIR/bin/nova-compute | newgrp libvirtd" screen_it n-net "$NOVA_DIR/bin/nova-network" screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" # nova-vncproxy binds a privileged port, and so needs sudo From 57794d4842fdbcb29fe2e1f2a25957b6d567fbf5 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Fri, 16 Sep 2011 17:22:23 -0500 Subject: [PATCH 134/278] Add raw image support --- make_image.sh | 48 +++++++++++++++++++++++++++--------------------- upload_image.sh | 4 +++- 2 files changed, 30 insertions(+), 22 deletions(-) diff --git a/make_image.sh b/make_image.sh index 28b2eac..3bfa683 100755 --- a/make_image.sh +++ b/make_image.sh @@ -3,7 +3,7 @@ # # make_image.sh release format # -# Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc) +# Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc), raw # # Requires sudo to root @@ -36,22 +36,29 @@ FORMAT=$2 case $FORMAT in kvm|qcow2) FORMAT=qcow2 - TARGET=kvm + QFORMAT=qcow2 + HYPER=kvm ;; vmserver|vmdk) FORMAT=vmdk - TARGET=vmserver + QFORMAT=vmdk + HYPER=vmserver ;; - vbox|vdi) FORMAT=qcow2 - TARGET=kvm - FINAL_FORMAT=vdi + vbox|vdi) FORMAT=vdi + QFORMAT=vdi + HYPER=kvm ;; - vhd|vpc) FORMAT=qcow2 - TARGET=kvm - FINAL_FORMAT=vhd + vhd|vpc) FORMAT=vhd + QFORMAT=vpc + HYPER=kvm ;; xen) FORMAT=raw - TARGET=xen + QFORMAT=raw + HYPER=xen + ;; + raw) FORMAT=raw + QFORMAT=raw + HYPER=kvm ;; *) echo "Unknown format: $FORMAT" usage @@ -74,24 +81,23 @@ if [ -z `which vmbuilder` ]; then fi # Build the image -sudo vmbuilder $TARGET ubuntu --suite $RELEASE \ +TMPDISK=`mktemp imgXXXXXXXX` +SIZE=$[$ROOTSIZE+$SWAPSIZE+1] +dd if=/dev/null of=$TMPDISK bs=1M seek=$SIZE +sudo vmbuilder $HYPER ubuntu --suite $RELEASE \ -o \ --rootsize=$ROOTSIZE \ --swapsize=$SWAPSIZE \ --tmpfs - \ --addpkg=openssh-server \ + --raw=$TMPDISK \ -# --mirror=$MIRROR \ - -if [ -z "$FINAL_FORMAT" ]; then +if [ "$FORMAT" = "raw" ]; then # Get image - mv ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FORMAT + mv $TMPDISK $RELEASE.$FORMAT else # Convert image - tgt=$FINAL_FORMAT - if [ "$tgt" = "vhd" ]; then - tgt=vpc - fi - qemu-img convert -O $tgt ubuntu-$TARGET/tmp*.$FORMAT $RELEASE.$FINAL_FORMAT + qemu-img convert -O $QFORMAT $TMPDISK $RELEASE.$FORMAT + rm $TMPDISK fi -rm -rf ubuntu-$TARGET +rm -rf ubuntu-$HYPER diff --git a/upload_image.sh b/upload_image.sh index 39a2fba..cf913b8 100755 --- a/upload_image.sh +++ b/upload_image.sh @@ -63,6 +63,7 @@ if [ -z "$GLANCE" ]; then # Look for stack.sh's install GLANCE="/opt/glance/bin/glance" else + # Install Glance client in /opt echo "Glance not found, must install client" OWD=`pwd` cd /opt @@ -79,9 +80,10 @@ fi # Create image if it doesn't exist if [ ! -r $RELEASE.$FORMAT ]; then DIR=`dirname $0` - echo "$RELEASE.$FORMAT not found, creating...must be root to do this:" + echo "$RELEASE.$FORMAT not found, creating..." $DIR/make_image.sh $RELEASE $FORMAT fi # Upload the image +echo "Uploading image $RELEASE.$FORMAT to $HOST" $GLANCE add name=$RELEASE.$FORMAT is_public=true disk_format=$FORMAT --host $HOST --port $PORT <$RELEASE.$FORMAT From ec21d9371acfbbb51c7bc7e1b09c55cc11610b1a Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 16 Sep 2011 16:05:55 -0700 Subject: [PATCH 135/278] Configure keystone catalog for multihost use --- files/keystone_data.sh | 10 +++++----- stack.sh | 5 ++++- 2 files changed, 9 insertions(+), 6 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index dfcafb2..b028557 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -14,11 +14,11 @@ $BIN_DIR/keystone-manage $* role add Member $BIN_DIR/keystone-manage $* role grant Admin admin #endpointTemplates -# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://localhost:8080/v1/AUTH_%tenant_id% http://localhost:8080/ http://localhost:8080/v1/AUTH_%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova_compat http://localhost:8774/v1.0/ http://localhost:8774/v1.0 http://localhost:8774/v1.0 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% http://localhost:8774/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% http://localhost:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://localhost:5000/v2.0 http://localhost:5001/v2.0 http://localhost:5000/v2.0 1 1 +# $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova_compat http://%HOST_IP%:8774/v1.0/ http://%HOST_IP%:8774/v1.0 http://%HOST_IP%:8774/v1.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # Tokens $BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00 diff --git a/stack.sh b/stack.sh index a093b24..6dbc885 100755 --- a/stack.sh +++ b/stack.sh @@ -379,8 +379,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then cp $FILES/keystone.conf $KEYSTONE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/keystone,g" -i $KEYSTONE_CONF + KEYSTONE_DATA=$KEYSTONE_DIR/bin/keystone_data.sh + cp $FILES/keystone_data.sh $KEYSTONE_DATA + sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA # initialize keystone with default users/endpoints - BIN_DIR=$KEYSTONE_DIR/bin bash $FILES/keystone_data.sh + BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA fi From 32dbf11a4650dec802598435e949fe2fee57017a Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Fri, 16 Sep 2011 16:06:46 -0700 Subject: [PATCH 136/278] updating readme a bit --- README | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/README b/README index c30f61c..4585601 100644 --- a/README +++ b/README @@ -1,15 +1,13 @@ -Tool to build (nfs export) openstack dev environments +Tool to quickly deploy and dev environments # Todo * Add python-novaclient cli support * move keystone/glance/dash to mysql * syslog -* munin * check openstack-puppet recipes to see if anything else is missing * allow rabbit connection to be specified via environment variables with sensible defaults * Add volume support -* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) * allow changing of git locations (specify different tag/branch or repos) * change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * Add quantum support @@ -19,6 +17,8 @@ Tool to build (nfs export) openstack dev environments * sqlconn can be set via env * move back to using sudo * move nova to mysql +* munin +* extract image upload to a seperate script that supports generating images via debootstrap (ubuntu-vm-builder?) # Future From 8bf18c6ccd95498d6b1567159ac3aff49b9c51a4 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Fri, 16 Sep 2011 16:09:46 -0700 Subject: [PATCH 137/278] fixing typo --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 4585601..1e86af1 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -Tool to quickly deploy and dev environments +Tool to quickly deploy and openstack dev environments # Todo From b8b5ddd31ae953b8a3f78cf3b85e40dcf19aaf2b Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Fri, 16 Sep 2011 16:12:08 -0700 Subject: [PATCH 138/278] fixing another typo, i suck at english on fridays --- README | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README b/README index 1e86af1..cc20d5c 100644 --- a/README +++ b/README @@ -1,4 +1,4 @@ -Tool to quickly deploy and openstack dev environments +Tool to quickly deploy openstack dev environments # Todo From d1879c5cfbadfe3cd07242b8be6f510c5faa841e Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 16:28:13 -0700 Subject: [PATCH 139/278] default to kvm, but revert to qemu --- stack.sh | 84 +++++++++++++++++++++++++++++--------------------------- 1 file changed, 44 insertions(+), 40 deletions(-) diff --git a/stack.sh b/stack.sh index a0ff193..f2c13a1 100755 --- a/stack.sh +++ b/stack.sh @@ -87,8 +87,9 @@ EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} # ip or you risk breaking things. # FLAT_INTERFACE=eth0 -# Nova hypervisor configuration -LIBVIRT_TYPE=${LIBVIRT_TYPE:-qemu} +# Nova hypervisor configuration. We default to **kvm** but will drop back to +# **qemu** if we are unable to load the kvm module. +LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} # Mysql connection info MYSQL_USER=${MYSQL_USER:-root} @@ -156,6 +157,11 @@ git_clone https://github.com/cloudbuilders/openstack-munin.git $MUNIN_DIR # Initialization # ============== + +# create a new named screen to store things in +screen -d -m -S nova -t nova +sleep 1 + # setup our checkouts so they are installed into python path # allowing ``import nova`` or ``import glance.client`` cd $NOVA_DIR; sudo python setup.py develop @@ -282,53 +288,21 @@ fi # Nova # ---- -function add_nova_flag { - echo "$1" >> $NOVA_DIR/bin/nova.conf -} - -# (re)create nova.conf -rm -f $NOVA_DIR/bin/nova.conf -add_nova_flag "--verbose" -add_nova_flag "--nodaemon" -add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" -add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" -add_nova_flag "--my_ip=$HOST_IP" -add_nova_flag "--public_interface=$INTERFACE" -add_nova_flag "--vlan_interface=$INTERFACE" -add_nova_flag "--sql_connection=$BASE_SQL_CONN/nova" -add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" -add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" -add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" -add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" -add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" -add_nova_flag "--image_service=nova.image.glance.GlanceImageService" -add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" -add_nova_flag "--rabbit_host=$RABBIT_HOST" -add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" -if [ -n "$FLAT_INTERFACE" ]; then - add_nova_flag "--flat_interface=$FLAT_INTERFACE" -fi -if [ -n "$MULTI_HOST" ]; then - add_nova_flag "--multi_host=$MULTI_HOST" -fi - -# create a new named screen to store things in -screen -d -m -S nova -t nova -sleep 1 if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then - # attempt to load modules: kvm (hardware virt) and nbd (network block - # device - used to manage qcow images) + # attempt to load modules: nbd (network block device - used to manage + # qcow images) and kvm (hardware based virtualization). If unable to + # load kvm, set the libvirt type to qemu. sudo modprobe nbd || true - sudo modprobe kvm || true + if ! sudo modprobe kvm; then + LIBVIRT_TYPE=qemu + fi # User needs to be member of libvirtd group for nova-compute to use libvirt. sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it sudo /etc/init.d/libvirt-bin restart - ## FIXME(ja): should LIBVIRT_TYPE be kvm if kvm module is loaded? - # setup nova instance directory mkdir -p $NOVA_DIR/instances @@ -364,6 +338,36 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE fi +function add_nova_flag { + echo "$1" >> $NOVA_DIR/bin/nova.conf +} + +# (re)create nova.conf +rm -f $NOVA_DIR/bin/nova.conf +add_nova_flag "--verbose" +add_nova_flag "--nodaemon" +add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" +add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" +add_nova_flag "--my_ip=$HOST_IP" +add_nova_flag "--public_interface=$INTERFACE" +add_nova_flag "--vlan_interface=$INTERFACE" +add_nova_flag "--sql_connection=$BASE_SQL_CONN/nova" +add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" +add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" +add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" +add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" +add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" +add_nova_flag "--image_service=nova.image.glance.GlanceImageService" +add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" +add_nova_flag "--rabbit_host=$RABBIT_HOST" +add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" +if [ -n "$FLAT_INTERFACE" ]; then + add_nova_flag "--flat_interface=$FLAT_INTERFACE" +fi +if [ -n "$MULTI_HOST" ]; then + add_nova_flag "--multi_host=$MULTI_HOST" +fi + # Keystone # -------- From a16e5e9c4db083d071a2bcee831a577e4a53fb14 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 16 Sep 2011 16:30:55 -0700 Subject: [PATCH 140/278] move screen creation closer to where used --- stack.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index f2c13a1..d5d6d1c 100755 --- a/stack.sh +++ b/stack.sh @@ -158,10 +158,6 @@ git_clone https://github.com/cloudbuilders/openstack-munin.git $MUNIN_DIR # ============== -# create a new named screen to store things in -screen -d -m -S nova -t nova -sleep 1 - # setup our checkouts so they are installed into python path # allowing ``import nova`` or ``import glance.client`` cd $NOVA_DIR; sudo python setup.py develop @@ -405,6 +401,10 @@ function screen_it { fi } +# create a new named screen to run processes in +screen -d -m -S nova -t nova +sleep 1 + screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" From 356812547dfbc133ecc37bef7dbb0c923acd8425 Mon Sep 17 00:00:00 2001 From: Jake Dahn Date: Fri, 16 Sep 2011 16:53:22 -0700 Subject: [PATCH 141/278] Fixing munin --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index e9218b8..f34e491 100755 --- a/stack.sh +++ b/stack.sh @@ -237,7 +237,7 @@ fi if [[ "$ENABLED_SERVICES" =~ "munin" ]]; then # allow connections from other hosts - sudo sed -i -e '/Allow from localhost/s/localhost.*$/all/' /etc/munin/apache.conf + sudo sed -i -e 's/Allow from localhost/Allow from all/g' /etc/munin/apache.conf cat >/tmp/nova < Date: Fri, 16 Sep 2011 21:37:36 -0700 Subject: [PATCH 142/278] move nova-manage commands below the conf generation --- stack.sh | 27 ++++++++++++++------------- 1 file changed, 14 insertions(+), 13 deletions(-) diff --git a/stack.sh b/stack.sh index ca1f7fa..0ddf4db 100755 --- a/stack.sh +++ b/stack.sh @@ -321,19 +321,6 @@ if [[ "$ENABLED_SERVICES" =~ "n-net" ]]; then mkdir -p $NOVA_DIR/networks fi -if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then - # (re)create nova database - mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true - mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE nova;' - $NOVA_DIR/bin/nova-manage db sync - - # create a small network - $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 - - # create some floating ips - $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE -fi - function add_nova_flag { echo "$1" >> $NOVA_DIR/bin/nova.conf } @@ -364,6 +351,20 @@ if [ -n "$MULTI_HOST" ]; then add_nova_flag "--multi_host=$MULTI_HOST" fi +if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then + # (re)create nova database + mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE nova;' || true + mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE nova;' + $NOVA_DIR/bin/nova-manage db sync + + # create a small network + $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 + + # create some floating ips + $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE +fi + + # Keystone # -------- From 5e2fc41cec041e880cf9b811648a7348802cfe88 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 18 Sep 2011 21:16:42 -0700 Subject: [PATCH 143/278] tweak intro --- stack.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 0ddf4db..418f37b 100755 --- a/stack.sh +++ b/stack.sh @@ -1,12 +1,14 @@ #!/usr/bin/env bash -# **stack.sh** is rackspace cloudbuilder's opinionated openstack dev installation. +# **stack.sh** is an opinionated openstack dev installation. # To keep this script simple we assume you are running on an **Ubuntu 11.04 # Natty** machine. It should work in a VM or physical server. Additionally we # put the list of *apt* and *pip* dependencies and other configuration files in # this repo. So start by grabbing this script and the dependencies. +# You can grab the most recent version of this script and files from Rackspace +# Cloud Builders at https://github.com/cloudbuilders/devstack # Sanity Check # ============ From 79799796f7489605ba9935091a116d150abf1709 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 19 Sep 2011 13:51:00 -0700 Subject: [PATCH 144/278] better check for kvm support --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 0ddf4db..5e1a3cc 100755 --- a/stack.sh +++ b/stack.sh @@ -291,7 +291,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # qcow images) and kvm (hardware based virtualization). If unable to # load kvm, set the libvirt type to qemu. sudo modprobe nbd || true - if ! sudo modprobe kvm; then + if ! -e /dev/kvm; then LIBVIRT_TYPE=qemu fi # User needs to be member of libvirtd group for nova-compute to use libvirt. From 18ebd8695e6bef8259ae943284365f133b49ae63 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 19 Sep 2011 14:23:42 -0700 Subject: [PATCH 145/278] destroy the container before creating to force re-bootstrap --- build_lxc.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index 787c4bd..c1ddd95 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,4 +1,5 @@ #!/usr/bin/env bash + # Configurable params BRIDGE=${BRIDGE:-br0} CONTAINER=${CONTAINER:-STACK} @@ -49,9 +50,13 @@ if [ -d /cgroup/$CONTAINER ]; then cgdelete -r cpu,net_cls:$CONTAINER fi + # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 if [ ! -d $CACHEDIR ]; then + # by deleting the container, we force lxc-create to re-bootstrap (lxc is + # lazy and doesn't do anything if a container already exists) + lxc-destroy -n $CONTAINER # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update From 85f7b4d85456727caf8896e7e78a8f0cebbd488c Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 19 Sep 2011 14:25:08 -0700 Subject: [PATCH 146/278] we don't use these monitoring services --- files/dash_settings.py | 10 ++-------- 1 file changed, 2 insertions(+), 8 deletions(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index d467da8..6472f82 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -61,14 +61,8 @@ QUANTUM_PORT = '9696' QUANTUM_TENANT = '1234' QUANTUM_CLIENT_VERSION='0.1' -# If you have external monitoring links -EXTERNAL_MONITORING = [ - ['Nagios','http://foo.com'], - ['Ganglia','http://bar.com'], -] - -# If you do not have external monitoring links -# EXTERNAL_MONITORING = [] +# We use nixon to embed instead of external monitoring links +EXTERNAL_MONITORING = [] # Uncomment the following segment to silence most logging # django.db and boto DEBUG logging is extremely verbose. From 40a37006f46abb0631f3b5b22df6dc50e5f16285 Mon Sep 17 00:00:00 2001 From: root Date: Tue, 20 Sep 2011 18:06:14 +0000 Subject: [PATCH 147/278] add IF EXISTS to DROP DATABASE statememnts, make sure sudo is installed (prevents errors on miminal LXC installs), --- stack.sh | 58 ++++++++++++++++++++++++++++++-------------------------- 1 file changed, 31 insertions(+), 27 deletions(-) diff --git a/stack.sh b/stack.sh index 3563d8a..c21e5ab 100755 --- a/stack.sh +++ b/stack.sh @@ -7,7 +7,7 @@ # put the list of *apt* and *pip* dependencies and other configuration files in # this repo. So start by grabbing this script and the dependencies. -# You can grab the most recent version of this script and files from Rackspace +# You can grab the most recent version of this script and files from Rackspace # Cloud Builders at https://github.com/cloudbuilders/devstack # Sanity Check @@ -23,9 +23,13 @@ if ! grep -q natty /etc/lsb-release; then fi fi -# stack.sh keeps the list of **apt** and **pip** dependencies in external +#The following makes fresh mininmal installs (i.e. LXCs) happy +apt-get update +apt-get install -y sudo + +# stack.sh keeps the list of **apt** and **pip** dependencies in external # files, along with config templates and other useful files. You can find these -# in the ``files`` directory (next to this script). We will reference this +# in the ``files`` directory (next to this script). We will reference this # directory using the ``FILES`` variable in this script. FILES=`pwd`/files if [ ! -d $FILES ]; then @@ -51,7 +55,7 @@ fi # first error that occured. set -o errexit -# Print the commands being run so that we can see the command that triggers +# Print the commands being run so that we can see the command that triggers # an error. It is also useful for following allowing as the install occurs. set -o xtrace @@ -91,7 +95,7 @@ FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} # ip or you risk breaking things. # FLAT_INTERFACE=eth0 -# Nova hypervisor configuration. We default to **kvm** but will drop back to +# Nova hypervisor configuration. We default to **kvm** but will drop back to # **qemu** if we are unable to load the kvm module. LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} @@ -113,7 +117,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} # # Openstack uses a fair number of other projects. -# Seed configuration with mysql password so that apt-get install doesn't +# Seed configuration with mysql password so that apt-get install doesn't # prompt us for a password upon install. cat < Date: Mon, 19 Sep 2011 14:46:53 -0700 Subject: [PATCH 148/278] add checks to make sure that services are started --- stack.sh | 31 +++++++++++++++++++++++++++---- 1 file changed, 27 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index 44665c4..28aa4b7 100755 --- a/stack.sh +++ b/stack.sh @@ -408,10 +408,33 @@ function screen_it { screen -d -m -S nova -t nova sleep 1 -screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" -screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" -screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" -screen_it n-api "$NOVA_DIR/bin/nova-api" +if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then + screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" +fi + +if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then + screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" + while ! wget -q -O- http://$GLANCE_HOSTPORT; do + echo "Waiting for g-api ($GLANCE_HOSTPORT) to start..." + sleep 1 + done +fi + +if [[ "$ENABLED_SERVICES" =~ "key" ]]; then + screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" + while ! wget -q -O- http://127.0.0.1:5000; do + echo "Waiting for keystone to start..." + sleep 1 + done +fi + +if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then + screen_it n-api "$NOVA_DIR/bin/nova-api" + while ! wget -q -O- http://127.0.0.1:8774; do + echo "Waiting for nova-api to start..." + sleep 1 + done +fi # Launching nova-compute should be as simple as running ``nova-compute`` but # have to do a little more than that in our script. Since we add the group # ``libvirtd`` to our user in this script, when nova-compute is run it is From fbd40d2502cd5400d068a9ae1f4e8eee99307e95 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 19 Sep 2011 16:18:34 -0700 Subject: [PATCH 149/278] fix compatibility with keystone trunk --- files/keystone.conf | 3 ++- files/keystone_data.sh | 30 +++++++++++++++--------------- 2 files changed, 17 insertions(+), 16 deletions(-) diff --git a/files/keystone.conf b/files/keystone.conf index 622b87d..11b9f5f 100644 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -42,7 +42,8 @@ admin_port = 5001 keystone-admin-role = Admin #Role that allows to perform service admin operations. -keystone-service-admin-role = KeystoneServiceAdmin +# FIXME: need to separate this into a different role like KeystoneServiceAdmin +keystone-service-admin-role = Admin [keystone.backends.sqlalchemy] # SQLAlchemy connection string for the reference implementation registry diff --git a/files/keystone_data.sh b/files/keystone_data.sh index b028557..38310e2 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -5,8 +5,8 @@ $BIN_DIR/keystone-manage $* tenant add admin $BIN_DIR/keystone-manage $* tenant add demo # Users -$BIN_DIR/keystone-manage $* user add demo secrete demo -$BIN_DIR/keystone-manage $* user add admin secrete admin +$BIN_DIR/keystone-manage $* user add admin secrete 1 +$BIN_DIR/keystone-manage $* user add demo secrete 2 # Roles $BIN_DIR/keystone-manage $* role add Admin @@ -21,21 +21,21 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # Tokens -$BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00 +$BIN_DIR/keystone-manage $* token add 999888777666 1 1 2015-02-05T00:00 #Tenant endpoints -$BIN_DIR/keystone-manage $* endpoint add admin 1 -$BIN_DIR/keystone-manage $* endpoint add admin 2 -$BIN_DIR/keystone-manage $* endpoint add admin 3 -$BIN_DIR/keystone-manage $* endpoint add admin 4 -$BIN_DIR/keystone-manage $* endpoint add admin 5 -$BIN_DIR/keystone-manage $* endpoint add admin 6 +$BIN_DIR/keystone-manage $* endpoint add 1 1 +$BIN_DIR/keystone-manage $* endpoint add 1 2 +$BIN_DIR/keystone-manage $* endpoint add 1 3 +$BIN_DIR/keystone-manage $* endpoint add 1 4 +$BIN_DIR/keystone-manage $* endpoint add 1 5 +$BIN_DIR/keystone-manage $* endpoint add 1 6 -$BIN_DIR/keystone-manage $* endpoint add demo 1 -$BIN_DIR/keystone-manage $* endpoint add demo 2 -$BIN_DIR/keystone-manage $* endpoint add demo 3 -$BIN_DIR/keystone-manage $* endpoint add demo 4 -$BIN_DIR/keystone-manage $* endpoint add demo 5 -$BIN_DIR/keystone-manage $* endpoint add demo 6 +$BIN_DIR/keystone-manage $* endpoint add 2 1 +$BIN_DIR/keystone-manage $* endpoint add 2 2 +$BIN_DIR/keystone-manage $* endpoint add 2 3 +$BIN_DIR/keystone-manage $* endpoint add 2 4 +$BIN_DIR/keystone-manage $* endpoint add 2 5 +$BIN_DIR/keystone-manage $* endpoint add 2 6 $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" From 856d09f6a0f84c5feae6bc64b23f6acac20bdca1 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 19 Sep 2011 19:49:20 -0700 Subject: [PATCH 150/278] add -y for apt-get installs --- build_lxc.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index c1ddd95..0d49e29 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -19,11 +19,11 @@ if ! grep -q natty /etc/lsb-release; then fi # Install deps -apt-get install lxc debootstrap +apt-get install -y lxc debootstrap # Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup if ! which cgdelete | grep -q cgdelete; then - apt-get install g++ bison flex libpam0g-dev + apt-get install -y g++ bison flex libpam0g-dev wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2 && tar xfv libcgroup-0.37.1.tar cd libcgroup-0.37.1 From bf188ef6d0e78625d65d3049e7c38741868c0000 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 19 Sep 2011 20:23:42 -0700 Subject: [PATCH 151/278] --force-yes when installing cache --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 0d49e29..69049cd 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -60,7 +60,7 @@ if [ ! -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update - chroot $CACHEDIR apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat files/pips/*` git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova git clone https://github.com/cloudbuilders/openstackx.git $CACHEDIR/opt/openstackx From f12d3ab02c41bedf584f59732c13519434c17724 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 00:33:51 -0700 Subject: [PATCH 152/278] update glance to use keystone --- files/glance-api.conf | 178 +++++++++++++++++++++++++++++++++++++ files/glance-registry.conf | 4 +- stack.sh | 3 + 3 files changed, 183 insertions(+), 2 deletions(-) create mode 100644 files/glance-api.conf diff --git a/files/glance-api.conf b/files/glance-api.conf new file mode 100644 index 0000000..ac2ee94 --- /dev/null +++ b/files/glance-api.conf @@ -0,0 +1,178 @@ +[DEFAULT] +# Show more verbose log output (sets INFO log level output) +verbose = True + +# Show debugging output in logs (sets DEBUG log level output) +debug = True + +# Which backend store should Glance use by default is not specified +# in a request to add a new image to Glance? Default: 'file' +# Available choices are 'file', 'swift', and 's3' +default_store = file + +# Address to bind the API server +bind_host = 0.0.0.0 + +# Port the bind the API server to +bind_port = 9292 + +# Address to find the registry server +registry_host = 0.0.0.0 + +# Port the registry server is listening on +registry_port = 9191 + +# Log to this file. Make sure you do not set the same log +# file for both the API and registry servers! +log_file = /var/log/glance/api.log + +# Send logs to syslog (/dev/log) instead of to file specified by `log_file` +use_syslog = False + +# ============ Notification System Options ===================== + +# Notifications can be sent when images are create, updated or deleted. +# There are three methods of sending notifications, logging (via the +# log_file directive), rabbit (via a rabbitmq queue) or noop (no +# notifications sent, the default) +notifier_strategy = noop + +# Configuration options if sending notifications via rabbitmq (these are +# the defaults) +rabbit_host = localhost +rabbit_port = 5672 +rabbit_use_ssl = false +rabbit_userid = guest +rabbit_password = guest +rabbit_virtual_host = / +rabbit_notification_topic = glance_notifications + +# ============ Filesystem Store Options ======================== + +# Directory that the Filesystem backend store +# writes image data to +filesystem_store_datadir = /var/lib/glance/images/ + +# ============ Swift Store Options ============================= + +# Address where the Swift authentication service lives +swift_store_auth_address = 127.0.0.1:8080/v1.0/ + +# User to authenticate against the Swift authentication service +swift_store_user = jdoe + +# Auth key for the user authenticating against the +# Swift authentication service +swift_store_key = a86850deb2742ec3cb41518e26aa2d89 + +# Container within the account that the account should use +# for storing images in Swift +swift_store_container = glance + +# Do we create the container if it does not exist? +swift_store_create_container_on_put = False + +# What size, in MB, should Glance start chunking image files +# and do a large object manifest in Swift? By default, this is +# the maximum object size in Swift, which is 5GB +swift_store_large_object_size = 5120 + +# When doing a large object manifest, what size, in MB, should +# Glance write chunks to Swift? This amount of data is written +# to a temporary disk buffer during the process of chunking +# the image file, and the default is 200MB +swift_store_large_object_chunk_size = 200 + +# Whether to use ServiceNET to communicate with the Swift storage servers. +# (If you aren't RACKSPACE, leave this False!) +# +# To use ServiceNET for authentication, prefix hostname of +# `swift_store_auth_address` with 'snet-'. +# Ex. https://example.com/v1.0/ -> https://snet-example.com/v1.0/ +swift_enable_snet = False + +# ============ S3 Store Options ============================= + +# Address where the S3 authentication service lives +s3_store_host = 127.0.0.1:8080/v1.0/ + +# User to authenticate against the S3 authentication service +s3_store_access_key = <20-char AWS access key> + +# Auth key for the user authenticating against the +# S3 authentication service +s3_store_secret_key = <40-char AWS secret key> + +# Container within the account that the account should use +# for storing images in S3. Note that S3 has a flat namespace, +# so you need a unique bucket name for your glance images. An +# easy way to do this is append your AWS access key to "glance". +# S3 buckets in AWS *must* be lowercased, so remember to lowercase +# your AWS access key if you use it in your bucket name below! +s3_store_bucket = glance + +# Do we create the bucket if it does not exist? +s3_store_create_bucket_on_put = False + +# ============ Image Cache Options ======================== + +image_cache_enabled = False + +# Directory that the Image Cache writes data to +# Make sure this is also set in glance-pruner.conf +image_cache_datadir = /var/lib/glance/image-cache/ + +# Number of seconds after which we should consider an incomplete image to be +# stalled and eligible for reaping +image_cache_stall_timeout = 86400 + +# ============ Delayed Delete Options ============================= + +# Turn on/off delayed delete +delayed_delete = False + +# Delayed delete time in seconds +scrub_time = 43200 + +# Directory that the scrubber will use to remind itself of what to delete +# Make sure this is also set in glance-scrubber.conf +scrubber_datadir = /var/lib/glance/scrubber + +[pipeline:glance-api] +#pipeline = versionnegotiation context apiv1app +# NOTE: use the following pipeline for keystone +pipeline = versionnegotiation authtoken context apiv1app + +# To enable Image Cache Management API replace pipeline with below: +# pipeline = versionnegotiation context imagecache apiv1app +# NOTE: use the following pipeline for keystone auth (with caching) +# pipeline = versionnegotiation authtoken context imagecache apiv1app + +[pipeline:versions] +pipeline = versionsapp + +[app:versionsapp] +paste.app_factory = glance.api.versions:app_factory + +[app:apiv1app] +paste.app_factory = glance.api.v1:app_factory + +[filter:versionnegotiation] +paste.filter_factory = glance.api.middleware.version_negotiation:filter_factory + +[filter:imagecache] +paste.filter_factory = glance.api.middleware.image_cache:filter_factory + +[filter:context] +paste.filter_factory = glance.common.context:filter_factory + +[filter:authtoken] +paste.filter_factory = keystone.middleware.auth_token:filter_factory +service_protocol = http +service_host = 127.0.0.1 +service_port = 5000 +auth_host = 127.0.0.1 +auth_port = 5001 +auth_protocol = http +auth_uri = http://127.0.0.1:5000/ +admin_token = 999888777666 diff --git a/files/glance-registry.conf b/files/glance-registry.conf index ea2cf1d..20a29cd 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -41,9 +41,9 @@ api_limit_max = 1000 limit_param_default = 25 [pipeline:glance-registry] -pipeline = context registryapp +#pipeline = context registryapp # NOTE: use the following pipeline for keystone -# pipeline = authtoken keystone_shim context registryapp +pipeline = authtoken keystone_shim context registryapp [app:registryapp] paste.app_factory = glance.registry.server:app_factory diff --git a/stack.sh b/stack.sh index 28aa4b7..942f415 100755 --- a/stack.sh +++ b/stack.sh @@ -281,6 +281,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $FILES/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF + + GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf + cp $FILES/glance-api.conf $GLANCE_API_CONF fi # Nova From d02d7154ffd7b43ea1bb3bcbb19a0e383cdbcb20 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 01:31:41 -0700 Subject: [PATCH 153/278] add token to glance call --- stack.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/stack.sh b/stack.sh index 942f415..13b12bc 100755 --- a/stack.sh +++ b/stack.sh @@ -467,9 +467,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # add images to glance # FIXME: kernel/ramdisk is hardcoded - use return result from add - glance add name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image - glance add name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image - glance add name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image + glance add -A 999888777666 name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image + glance add -A 999888777666 name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image + glance add -A 999888777666 name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image fi # Using the cloud From db8f7f7253645b99fae4a42e09545653d9bd4e26 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 02:12:46 -0700 Subject: [PATCH 154/278] when launching with lxc, warm cache with bzr milestone --- build_lxc.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 69049cd..fbdfcd3 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -62,7 +62,9 @@ if [ ! -d $CACHEDIR ]; then chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat files/pips/*` - git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova + # FIXME (anthony) - provide ability to vary source locations + #git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova + bzr clone lp:~hudson-openstack/nova/milestone-proposed/ $CACHEDIR/opt/nova git clone https://github.com/cloudbuilders/openstackx.git $CACHEDIR/opt/openstackx git clone https://github.com/cloudbuilders/noVNC.git $CACHEDIR/opt/noVNC git clone https://github.com/cloudbuilders/openstack-dashboard.git $CACHEDIR/opt/dash From 09fde81cc4aacff8f26582d80751d86a14103708 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 02:23:54 -0700 Subject: [PATCH 155/278] sudo when killing dnsmasq --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 13b12bc..6229856 100755 --- a/stack.sh +++ b/stack.sh @@ -321,7 +321,7 @@ fi if [[ "$ENABLED_SERVICES" =~ "n-net" ]]; then # delete traces of nova networks from prior runs - killall dnsmasq || true + sudo killall dnsmasq || true rm -rf $NOVA_DIR/networks mkdir -p $NOVA_DIR/networks fi From b1bdd5e2761eede2a9958664e7640b3bcd12c75e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 09:39:50 -0700 Subject: [PATCH 156/278] some cleanup of networking params --- stack.sh | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index 6229856..ed75241 100755 --- a/stack.sh +++ b/stack.sh @@ -78,11 +78,13 @@ if [ ! -n "$HOST_IP" ]; then fi # Nova network configuration -INTERFACE=${INTERFACE:-eth0} +PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} +VLAN_INTERFACE=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE} FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} NET_MAN=${NET_MAN:-VlanManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} +FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an @@ -104,7 +106,7 @@ BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} RABBIT_HOST=${RABBIT_HOST:-localhost} # Glance connection info. Note the port must be specified. -GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-0.0.0.0:9292} +GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} # Install Packages # ================ @@ -337,8 +339,8 @@ add_nova_flag "--nodaemon" add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" add_nova_flag "--my_ip=$HOST_IP" -add_nova_flag "--public_interface=$INTERFACE" -add_nova_flag "--vlan_interface=$INTERFACE" +add_nova_flag "--public_interface=$PUBLIC_INTERFACE" +add_nova_flag "--vlan_interface=$VLAN_INTERFACE" add_nova_flag "--sql_connection=$BASE_SQL_CONN/nova" add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" @@ -349,6 +351,7 @@ add_nova_flag "--image_service=nova.image.glance.GlanceImageService" add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" add_nova_flag "--rabbit_host=$RABBIT_HOST" add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" +add_nova_flag "--flat_network_bridge=$FLAT_NETWORK_BRIDGE" if [ -n "$FLAT_INTERFACE" ]; then add_nova_flag "--flat_interface=$FLAT_INTERFACE" fi From 9bf3d767cef84020181079e5249a05cd0dd71079 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 09:51:16 -0700 Subject: [PATCH 157/278] put user in correct directory when using screen --- stack.sh | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/stack.sh b/stack.sh index ed75241..39e026f 100755 --- a/stack.sh +++ b/stack.sh @@ -427,7 +427,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then fi if [[ "$ENABLED_SERVICES" =~ "key" ]]; then - screen_it key "$KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" + screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" while ! wget -q -O- http://127.0.0.1:5000; do echo "Waiting for keystone to start..." sleep 1 @@ -435,7 +435,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then fi if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then - screen_it n-api "$NOVA_DIR/bin/nova-api" + screen_it n-api "cd $NOVA_DIR && $NOVA_DIR/bin/nova-api" while ! wget -q -O- http://127.0.0.1:8774; do echo "Waiting for nova-api to start..." sleep 1 @@ -447,12 +447,12 @@ fi # within the context of our original shell (so our groups won't be updated). # We can send the command nova-compute to the ``newgrp`` command to execute # in a specific context. -screen_it n-cpu "echo $NOVA_DIR/bin/nova-compute | newgrp libvirtd" -screen_it n-net "$NOVA_DIR/bin/nova-network" -screen_it n-sch "$NOVA_DIR/bin/nova-scheduler" +screen_it n-cpu "cd $NOVA_DIR && echo $NOVA_DIR/bin/nova-compute | newgrp libvirtd" +screen_it n-net "cd $NOVA_DIR && $NOVA_DIR/bin/nova-network" +screen_it n-sch "cd $NOVA_DIR && $NOVA_DIR/bin/nova-scheduler" # nova-vncproxy binds a privileged port, and so needs sudo -screen_it n-vnc "sudo $NOVA_DIR/bin/nova-vncproxy" -screen_it dash "sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" +screen_it n-vnc "cd $NOVA_DIR && sudo $NOVA_DIR/bin/nova-vncproxy" +screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" # Install Images # ============== From a531b77267cd19f138efbf0ea3d5619dd7f73677 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 09:59:54 -0700 Subject: [PATCH 158/278] fixes to glance configuration so that we aren't creating files outside of /opt --- files/glance-api.conf | 2 +- files/glance-registry.conf | 7 +++++-- stack.sh | 18 +++++++++--------- 3 files changed, 15 insertions(+), 12 deletions(-) diff --git a/files/glance-api.conf b/files/glance-api.conf index ac2ee94..a2edde8 100644 --- a/files/glance-api.conf +++ b/files/glance-api.conf @@ -24,7 +24,7 @@ registry_port = 9191 # Log to this file. Make sure you do not set the same log # file for both the API and registry servers! -log_file = /var/log/glance/api.log +log_file = %DEST%/glance/api.log # Send logs to syslog (/dev/log) instead of to file specified by `log_file` use_syslog = False diff --git a/files/glance-registry.conf b/files/glance-registry.conf index 20a29cd..fc20988 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -3,7 +3,7 @@ verbose = True # Show debugging output in logs (sets DEBUG log level output) -debug = False +debug = True # Address to bind the registry server bind_host = 0.0.0.0 @@ -13,7 +13,10 @@ bind_port = 9191 # Log to this file. Make sure you do not set the same log # file for both the API and registry servers! -log_file = /var/log/glance/registry.log +log_file = %DEST%/glance/registry.log + +# Where to store images +filesystem_store_datadir %DEST%/glance/images # Send logs to syslog (/dev/log) instead of to file specified by `log_file` use_syslog = False diff --git a/stack.sh b/stack.sh index 39e026f..d3b1c52 100755 --- a/stack.sh +++ b/stack.sh @@ -267,15 +267,13 @@ fi # ------ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then - # Glance uses ``/var/lib/glance`` and ``/var/log/glance`` by default, so - # we need to insure that our user has permissions to use them. - sudo mkdir -p /var/log/glance - sudo chown -R `whoami` /var/log/glance - sudo mkdir -p /var/lib/glance - sudo chown -R `whoami` /var/lib/glance - - # Delete existing images/database as glance will recreate the db on startup - rm -rf /var/lib/glance/images/* + GLANCE_IMAGE_DIR= $DEST/glance/images + # Delete existing images + rm -rf $GLANCE_IMAGE_DIR + + # Use local glance directories + mkdir -p $GLANCE_IMAGE_DIR + # (re)create glance database mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE glance;' || true mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;' @@ -283,9 +281,11 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $FILES/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF + sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf cp $FILES/glance-api.conf $GLANCE_API_CONF + sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF fi # Nova From c835762081d773c5a31a9f18c748c9a2a3555a61 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 10:38:06 -0700 Subject: [PATCH 159/278] fix typo --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index d3b1c52..3563d8a 100755 --- a/stack.sh +++ b/stack.sh @@ -267,7 +267,7 @@ fi # ------ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then - GLANCE_IMAGE_DIR= $DEST/glance/images + GLANCE_IMAGE_DIR=$DEST/glance/images # Delete existing images rm -rf $GLANCE_IMAGE_DIR From 79422a43ac3a31e14d15ae825f561a780b971530 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 10:48:12 -0700 Subject: [PATCH 160/278] add bzr to deps --- files/apts/general | 1 + 1 file changed, 1 insertion(+) diff --git a/files/apts/general b/files/apts/general index eb37e9a..4a7029e 100644 --- a/files/apts/general +++ b/files/apts/general @@ -6,6 +6,7 @@ unzip wget psmisc git-core +bzr lsof # useful when debugging openssh-server vim-nox From a27523a87175c743cc0e83d89f329a36ea19a608 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 10:57:38 -0700 Subject: [PATCH 161/278] missing = --- files/glance-registry.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/glance-registry.conf b/files/glance-registry.conf index fc20988..75b21f7 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -16,7 +16,7 @@ bind_port = 9191 log_file = %DEST%/glance/registry.log # Where to store images -filesystem_store_datadir %DEST%/glance/images +filesystem_store_datadir = %DEST%/glance/images # Send logs to syslog (/dev/log) instead of to file specified by `log_file` use_syslog = False From 3657ab38978ec759ac68726c867088c77490081e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 20 Sep 2011 11:04:15 -0700 Subject: [PATCH 162/278] more glance conf fixes --- files/glance-api.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/glance-api.conf b/files/glance-api.conf index a2edde8..88db79a 100644 --- a/files/glance-api.conf +++ b/files/glance-api.conf @@ -51,7 +51,7 @@ rabbit_notification_topic = glance_notifications # Directory that the Filesystem backend store # writes image data to -filesystem_store_datadir = /var/lib/glance/images/ +filesystem_store_datadir = %DEST%/glance/images/ # ============ Swift Store Options ============================= From 0d6de09552159132053f07a1badcfada529b836a Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Wed, 21 Sep 2011 13:44:08 -0500 Subject: [PATCH 163/278] Re-enable munin --- stack.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index c21e5ab..35641b8 100755 --- a/stack.sh +++ b/stack.sh @@ -74,7 +74,7 @@ NOVNC_DIR=$DEST/noVNC MUNIN_DIR=$DEST/openstack-munin # Specify which services to launch. These generally correspond to screen tabs -ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit} +ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit,munin} # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then @@ -302,7 +302,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # qcow images) and kvm (hardware based virtualization). If unable to # load kvm, set the libvirt type to qemu. sudo modprobe nbd || true - if ! -e /dev/kvm; then + if [ ! -e /dev/kvm ]; then LIBVIRT_TYPE=qemu fi # User needs to be member of libvirtd group for nova-compute to use libvirt. From 62a6deb1342b26bc486d1c399311da32d6615e73 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Wed, 21 Sep 2011 20:06:01 -0500 Subject: [PATCH 164/278] Add some kernel modules to container --- build_lxc.sh | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index fbdfcd3..e8612e6 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -29,6 +29,7 @@ if ! which cgdelete | grep -q cgdelete; then cd libcgroup-0.37.1 ./configure make install + ldconfig fi # Create lxc configuration @@ -99,6 +100,11 @@ echo stack:pass | chroot $ROOTFS chpasswd # stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers +# Copy kernel modules +mkdir -p $ROOTFS/lib/modules/`uname -r`/kernel +cp -p /lib/modules/`uname -r`/modules.dep $ROOTFS/lib/modules/`uname -r`/ +cp -pR /lib/modules/`uname -r`/kernel/net $ROOTFS/lib/modules/`uname -r`/kernel/ + # Gracefully cp only if source file/dir exists function cp_it { if [ -e $1 ] || [ -d $1 ]; then From f33796e01f55eba35410c20e882810c3d91222a2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 22 Sep 2011 00:14:12 -0700 Subject: [PATCH 165/278] add python-virtualenv to deps, make keystone print to stdout --- files/apts/general | 1 + stack.sh | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/files/apts/general b/files/apts/general index 4a7029e..ea37810 100644 --- a/files/apts/general +++ b/files/apts/general @@ -12,3 +12,4 @@ openssh-server vim-nox locate # useful when debugging munin +python-virtualenv diff --git a/stack.sh b/stack.sh index 35641b8..b20ac03 100755 --- a/stack.sh +++ b/stack.sh @@ -431,7 +431,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then fi if [[ "$ENABLED_SERVICES" =~ "key" ]]; then - screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF" + screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF -d" while ! wget -q -O- http://127.0.0.1:5000; do echo "Waiting for keystone to start..." sleep 1 From 4b4acccd9440d129644c0a8ab610d0d1c084eba9 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 22 Sep 2011 00:19:37 -0700 Subject: [PATCH 166/278] install python-unittest2 so we can run tests --- files/apts/general | 1 + 1 file changed, 1 insertion(+) diff --git a/files/apts/general b/files/apts/general index ea37810..ce48b00 100644 --- a/files/apts/general +++ b/files/apts/general @@ -13,3 +13,4 @@ vim-nox locate # useful when debugging munin python-virtualenv +python-unittest2 From 8bdc263c0abf1307869f748da64c9ea95c749386 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 22 Sep 2011 08:00:44 +0000 Subject: [PATCH 167/278] fix keystone data --- files/keystone_data.sh | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 38310e2..47b7502 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -13,12 +13,19 @@ $BIN_DIR/keystone-manage $* role add Admin $BIN_DIR/keystone-manage $* role add Member $BIN_DIR/keystone-manage $* role grant Admin admin +# Services +$BIN_DIR/keystone-manage $* service add nova_compat nova_compat nova_compat +$BIN_DIR/keystone-manage $* service add nova nova nova +$BIN_DIR/keystone-manage $* service add glance glance glance +$BIN_DIR/keystone-manage $* service add identity identity identity + #endpointTemplates +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 1 http://%HOST_IP%:8774/v1.0/ http://%HOST_IP%:8774/v1.0 http://%HOST_IP%:8774/v1.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 2 http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 3 http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 4 http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova_compat http://%HOST_IP%:8774/v1.0/ http://%HOST_IP%:8774/v1.0 http://%HOST_IP%:8774/v1.0 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 + # Tokens $BIN_DIR/keystone-manage $* token add 999888777666 1 1 2015-02-05T00:00 From ea884c38044fa728aafe192a63501b90091241f2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 23 Sep 2011 03:24:27 +0000 Subject: [PATCH 168/278] config changes for the latest keystone --- files/keystone.conf | 5 ++--- files/keystone_data.sh | 12 +++++++++--- 2 files changed, 11 insertions(+), 6 deletions(-) diff --git a/files/keystone.conf b/files/keystone.conf index 11b9f5f..85a64a8 100644 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -39,11 +39,10 @@ admin_host = 0.0.0.0 admin_port = 5001 #Role that allows to perform admin operations. -keystone-admin-role = Admin +keystone-admin-role = KeystoneAdmin #Role that allows to perform service admin operations. -# FIXME: need to separate this into a different role like KeystoneServiceAdmin -keystone-service-admin-role = Admin +keystone-service-admin-role = KeystoneServiceAdmin [keystone.backends.sqlalchemy] # SQLAlchemy connection string for the reference implementation registry diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 47b7502..b0ce684 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -5,13 +5,19 @@ $BIN_DIR/keystone-manage $* tenant add admin $BIN_DIR/keystone-manage $* tenant add demo # Users -$BIN_DIR/keystone-manage $* user add admin secrete 1 -$BIN_DIR/keystone-manage $* user add demo secrete 2 +$BIN_DIR/keystone-manage $* user add admin secrete +$BIN_DIR/keystone-manage $* user add demo secrete # Roles $BIN_DIR/keystone-manage $* role add Admin $BIN_DIR/keystone-manage $* role add Member +$BIN_DIR/keystone-manage $* role add KeystoneAdmin +$BIN_DIR/keystone-manage $* role add KeystoneServiceAdmin +$BIN_DIR/keystone-manage $* role grant Admin admin 1 +$BIN_DIR/keystone-manage $* role grant Member demo 2 $BIN_DIR/keystone-manage $* role grant Admin admin +$BIN_DIR/keystone-manage $* role grant KeystoneAdmin admin +$BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin # Services $BIN_DIR/keystone-manage $* service add nova_compat nova_compat nova_compat @@ -26,7 +32,6 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 3 http://%HOST_IP%:9 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 4 http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 - # Tokens $BIN_DIR/keystone-manage $* token add 999888777666 1 1 2015-02-05T00:00 @@ -46,3 +51,4 @@ $BIN_DIR/keystone-manage $* endpoint add 2 5 $BIN_DIR/keystone-manage $* endpoint add 2 6 $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" +$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials" From a6e2006f3bb6406ce9d3400b4b1ffcdb4d275335 Mon Sep 17 00:00:00 2001 From: root Date: Fri, 23 Sep 2011 07:20:19 +0000 Subject: [PATCH 169/278] uodated settings for dashboard + keystone --- files/dash_settings.py | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index 6472f82..b5811c6 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -46,8 +46,8 @@ MAILER_EMAIL_BACKEND = EMAIL_BACKEND # EMAIL_HOST_PASSWORD = 'top-secret!' # FIXME: This needs to be changed to allow for multi-node setup. -OPENSTACK_ADMIN_TOKEN = "999888777666" OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0/" +OPENSTACK_KEYSTONE_ADMIN_URL = "http://localhost:5001/v2.0/" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" # NOTE(tres): Available services should come from the service From 853092855b8ac83faf48ec057052150908d28271 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 23 Sep 2011 07:23:31 +0000 Subject: [PATCH 170/278] temporary changes to get openstack diablo working with keystone --- stack.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index b20ac03..24e22c5 100755 --- a/stack.sh +++ b/stack.sh @@ -143,7 +143,11 @@ function git_clone { } # compute service -git_clone https://github.com/cloudbuilders/nova.git $NOVA_DIR +# FIXME - need to factor out these repositories +# git_clone https://github.com/cloudbuilders/nova.git $NOVA_DIR +if [ ! -d $NOVA_DIR ]; then + bzr clone lp:~hudson-openstack/nova/milestone-proposed/ $NOVA_DIR +fi # image catalog service git_clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR # unified auth system (manages accounts/tokens) @@ -152,6 +156,8 @@ git_clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR +# FIXME - need to factor out logic like this +cd $DASH_DIR && sudo git pull && sudo git checkout keystone_diablo # add nixon, will use this to show munin graphs in dashboard git_clone https://github.com/cloudbuilders/nixon.git $NIXON_DIR # python client library to nova that dashboard (and others) use From 36d25277901fc4a75c01f7c4d8706b66a57223bd Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 23 Sep 2011 07:34:38 +0000 Subject: [PATCH 171/278] more tweaks to get dash working --- files/dash_settings.py | 2 +- stack.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index b5811c6..4a49a8d 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -47,7 +47,7 @@ MAILER_EMAIL_BACKEND = EMAIL_BACKEND # FIXME: This needs to be changed to allow for multi-node setup. OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0/" -OPENSTACK_KEYSTONE_ADMIN_URL = "http://localhost:5001/v2.0/" +OPENSTACK_KEYSTONE_ADMIN_URL = "http://localhost:5001/v2.0" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" # NOTE(tres): Available services should come from the service diff --git a/stack.sh b/stack.sh index 24e22c5..a3bcacd 100755 --- a/stack.sh +++ b/stack.sh @@ -157,7 +157,7 @@ git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR # django powered web control panel for openstack git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR # FIXME - need to factor out logic like this -cd $DASH_DIR && sudo git pull && sudo git checkout keystone_diablo +cd $DASH_DIR && sudo git fetch && sudo git checkout origin/keystone_diablo # add nixon, will use this to show munin graphs in dashboard git_clone https://github.com/cloudbuilders/nixon.git $NIXON_DIR # python client library to nova that dashboard (and others) use From 49f2d02dc2c56b9bae17be50417e1271bbc81b5b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 23 Sep 2011 00:55:48 -0700 Subject: [PATCH 172/278] make admin part of tenant 2 --- files/keystone_data.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index b0ce684..c5dd09b 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -15,6 +15,7 @@ $BIN_DIR/keystone-manage $* role add KeystoneAdmin $BIN_DIR/keystone-manage $* role add KeystoneServiceAdmin $BIN_DIR/keystone-manage $* role grant Admin admin 1 $BIN_DIR/keystone-manage $* role grant Member demo 2 +$BIN_DIR/keystone-manage $* role grant Admin admin 2 $BIN_DIR/keystone-manage $* role grant Admin admin $BIN_DIR/keystone-manage $* role grant KeystoneAdmin admin $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin From 2969c701a05f2f2f6d6a2a0739fc2c19e4f60782 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sat, 24 Sep 2011 12:31:57 -0700 Subject: [PATCH 173/278] initial commit of wilks work --- tools/install_openvpn.sh | 60 ++++++++++++++++++++++++++++++++++++++++ 1 file changed, 60 insertions(+) create mode 100644 tools/install_openvpn.sh diff --git a/tools/install_openvpn.sh b/tools/install_openvpn.sh new file mode 100644 index 0000000..3b52cf1 --- /dev/null +++ b/tools/install_openvpn.sh @@ -0,0 +1,60 @@ +# rough history from wilk - need to cleanup +apt-get install -y openvpn bridge-utils +cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/easy-rsa/ +cd /etc/openvpn/easy-rsa +source vars +./clean-all +./build-dh +./pkitool --initca +./pkitool --server server +./pkitool client1 +cd keys +openvpn --genkey --secret ta.key ## Build a TLS key +cp server.crt server.key ca.crt dh1024.pem ta.key ../../ +cd ../../ + +cat >/etc/openvpn/server.conf < Date: Sun, 25 Sep 2011 13:41:22 -0700 Subject: [PATCH 174/278] update network defaults --- stack.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index a3bcacd..5840bd4 100755 --- a/stack.sh +++ b/stack.sh @@ -84,16 +84,16 @@ fi # Nova network configuration PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} VLAN_INTERFACE=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE} -FLOATING_RANGE=${FLOATING_RANGE:-10.6.0.0/27} -FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} -NET_MAN=${NET_MAN:-VlanManager} +FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} +FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/16} +NET_MAN=${NET_MAN:-FlatDHCPManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an # ip or you risk breaking things. -# FLAT_INTERFACE=eth0 +FLAT_INTERFACE=eth0 # Nova hypervisor configuration. We default to **kvm** but will drop back to # **qemu** if we are unable to load the kvm module. From 8ff5dbc27dbd274eaa6d155e0579f8d3c19acc5f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 25 Sep 2011 22:28:08 -0700 Subject: [PATCH 175/278] allow specification of scheduler and take flat interface from environmnet --- stack.sh | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 5840bd4..19c8f90 100755 --- a/stack.sh +++ b/stack.sh @@ -83,17 +83,18 @@ fi # Nova network configuration PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} -VLAN_INTERFACE=${PUBLIC_INTERFACE:-$PUBLIC_INTERFACE} +VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE} FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/16} NET_MAN=${NET_MAN:-FlatDHCPManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} +SCHEDULER=${SCHEDULER:-nova.scheduler.simple.SimpleScheduler} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an # ip or you risk breaking things. -FLAT_INTERFACE=eth0 +FLAT_INTERFACE=${FLAT_INTERFACE:-eth0} # Nova hypervisor configuration. We default to **kvm** but will drop back to # **qemu** if we are unable to load the kvm module. @@ -346,6 +347,7 @@ function add_nova_flag { rm -f $NOVA_DIR/bin/nova.conf add_nova_flag "--verbose" add_nova_flag "--nodaemon" +add_nova_flag "--scheduler_driver=$SCHEDULER" add_nova_flag "--dhcpbridge_flagfile=$NOVA_DIR/bin/nova.conf" add_nova_flag "--network_manager=nova.network.manager.$NET_MAN" add_nova_flag "--my_ip=$HOST_IP" From b5197e4011d0f011d44653331861557b3c73c662 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 26 Sep 2011 12:48:31 -0700 Subject: [PATCH 176/278] allow network size to be set --- stack.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 19c8f90..15698bd 100755 --- a/stack.sh +++ b/stack.sh @@ -85,7 +85,8 @@ fi PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE} FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} -FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/16} +FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} +FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256} NET_MAN=${NET_MAN:-FlatDHCPManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} @@ -378,7 +379,7 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then $NOVA_DIR/bin/nova-manage db sync # create a small network - $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 32 + $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 $FIXED_NETWORK_SIZE # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE From 2f140207569d61c9a44a2337c8007da064fd6659 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 13:02:40 -0700 Subject: [PATCH 177/278] implement stackrc for variable configuration (esp repos) --- build_lxc.sh | 37 +++++++++++++++++++++++++++---------- build_nfs.sh | 19 ++++++++++++------- stack.sh | 35 +++++++++++++++++------------------ 3 files changed, 56 insertions(+), 35 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index e8612e6..15af51d 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,5 +1,8 @@ #!/usr/bin/env bash +# Source params +source ./stackrc + # Configurable params BRIDGE=${BRIDGE:-br0} CONTAINER=${CONTAINER:-STACK} @@ -51,10 +54,23 @@ if [ -d /cgroup/$CONTAINER ]; then cgdelete -r cpu,net_cls:$CONTAINER fi +# git clone only if directory doesn't exist already. Since ``DEST`` might not +# be owned by the installation user, we create the directory and change the +# ownership to the proper user. +function git_clone { + if [ ! -d $2 ]; then + sudo mkdir $2 + sudo chown `whoami` $2 + git clone $1 $2 + cd $2 + # This checkout syntax works for both branches and tags + git checkout $3 + fi +} # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR ]; then +if [ ! -d $CACHEDIR/opt/nova ]; then # by deleting the container, we force lxc-create to re-bootstrap (lxc is # lazy and doesn't do anything if a container already exists) lxc-destroy -n $CONTAINER @@ -63,15 +79,16 @@ if [ ! -d $CACHEDIR ]; then chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat files/pips/*` - # FIXME (anthony) - provide ability to vary source locations - #git clone https://github.com/cloudbuilders/nova.git $CACHEDIR/opt/nova - bzr clone lp:~hudson-openstack/nova/milestone-proposed/ $CACHEDIR/opt/nova - git clone https://github.com/cloudbuilders/openstackx.git $CACHEDIR/opt/openstackx - git clone https://github.com/cloudbuilders/noVNC.git $CACHEDIR/opt/noVNC - git clone https://github.com/cloudbuilders/openstack-dashboard.git $CACHEDIR/opt/dash - git clone https://github.com/cloudbuilders/python-novaclient.git $CACHEDIR/opt/python-novaclient - git clone https://github.com/cloudbuilders/keystone.git $CACHEDIR/opt/keystone - git clone https://github.com/cloudbuilders/glance.git $CACHEDIR/opt/glance + + git_clone $NOVA_REPO $CACHEDIR/opt/nova $NOVA_BRANCH + git_clone $GLANCE_REPO $CACHEDIR/opt/glance $GLANCE_BRANCH + git_clone $KEYSTONE_REPO $CACHEDIR/opt/keystone $KEYSTONE_BRANCH + git_clone $NOVNC_REPO $CACHEDIR/opt/novnc $NOVNC_BRANCH + git_clone $DASH_REPO $CACHEDIR/opt/dash $DASH_BRANCH $DASH_TAG + git_clone $NIXON_REPO $CACHEDIR/opt/nixon $NIXON_BRANCH + git_clone $NOVACLIENT_REPO $CACHEDIR/opt/python-novaclient $NOVACLIENT_BRANCH + git_clone $OPENSTACKX_REPO $CACHEDIR/opt/openstackx $OPENSTACKX_BRANCH + git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH fi # Destroy the old container diff --git a/build_nfs.sh b/build_nfs.sh index 59a3609..fa3e3ef 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,5 +1,8 @@ #!/bin/bash +# Source params +source ./stackrc + # TODO: make dest not hardcoded NAME=$1 @@ -15,13 +18,15 @@ if [ ! -d proto ]; then chroot proto apt-get update chroot proto apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot proto pip install `cat files/pips/*` - git clone https://github.com/cloudbuilders/nova.git proto/opt/nova - git clone https://github.com/cloudbuilders/openstackx.git proto/opt/openstackx - git clone https://github.com/cloudbuilders/noVNC.git proto/opt/noVNC - git clone https://github.com/cloudbuilders/openstack-dashboard.git proto/opt/dash - git clone https://github.com/cloudbuilders/python-novaclient.git proto/opt/python-novaclient - git clone https://github.com/cloudbuilders/keystone.git proto/opt/keystone - git clone https://github.com/cloudbuilders/glance.git proto/opt/glance + git_clone $NOVA_REPO proto/opt/nova $NOVA_BRANCH + git_clone $GLANCE_REPO proto/opt/glance $GLANCE_BRANCH + git_clone $KEYSTONE_REPO proto/opt/keystone $KEYSTONE_BRANCH + git_clone $NOVNC_REPO proto/opt/novnc $NOVNC_BRANCH + git_clone $DASH_REPO proto/opt/dash $DASH_BRANCH $DASH_TAG + git_clone $NIXON_REPO proto/opt/nixon $NIXON_BRANCH + git_clone $NOVACLIENT_REPO proto/opt/python-novaclient $NOVACLIENT_BRANCH + git_clone $OPENSTACKX_REPO proto/opt/openstackx $OPENSTACKX_BRANCH + git_clone $MUNIN_REPO proto/opt/openstack-munin $MUNIN_BRANCH chroot proto mkdir -p /opt/files wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/files/tty.tgz fi diff --git a/stack.sh b/stack.sh index 19c8f90..c7c2e80 100755 --- a/stack.sh +++ b/stack.sh @@ -59,6 +59,9 @@ set -o errexit # an error. It is also useful for following allowing as the install occurs. set -o xtrace +# Import variables +source ./stackrc + # Destination path for installation ``DEST`` DEST=${DEST:-/opt} @@ -69,7 +72,7 @@ NIXON_DIR=$DEST/dash/openstack-dashboard/dashboard/nixon GLANCE_DIR=$DEST/glance KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient -API_DIR=$DEST/openstackx +OPENSTACKX_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC MUNIN_DIR=$DEST/openstack-munin @@ -140,34 +143,30 @@ function git_clone { sudo mkdir $2 sudo chown `whoami` $2 git clone $1 $2 + cd $2 + git checkout $3 fi } # compute service -# FIXME - need to factor out these repositories -# git_clone https://github.com/cloudbuilders/nova.git $NOVA_DIR -if [ ! -d $NOVA_DIR ]; then - bzr clone lp:~hudson-openstack/nova/milestone-proposed/ $NOVA_DIR -fi +git_clone $NOVA_REPO $NOVA_DIR $NOVA_BRANCH # image catalog service -git_clone https://github.com/cloudbuilders/glance.git $GLANCE_DIR +git_clone $GLANCE_REPO $GLANCE_DIR $GLANCE_BRANCH # unified auth system (manages accounts/tokens) -git_clone https://github.com/cloudbuilders/keystone.git $KEYSTONE_DIR +git_clone $KEYSTONE_REPO $KEYSTONE_DIR $KEYSTONE_BRANCH # a websockets/html5 or flash powered VNC console for vm instances -git_clone https://github.com/cloudbuilders/noVNC.git $NOVNC_DIR +git_clone $NOVNC_REPO $NOVNC_DIR $NOVNC_BRANCH # django powered web control panel for openstack -git_clone https://github.com/cloudbuilders/openstack-dashboard.git $DASH_DIR -# FIXME - need to factor out logic like this -cd $DASH_DIR && sudo git fetch && sudo git checkout origin/keystone_diablo +git_clone $DASH_REPO $DASH_DIR $DASH_BRANCH $DASH_TAG # add nixon, will use this to show munin graphs in dashboard -git_clone https://github.com/cloudbuilders/nixon.git $NIXON_DIR +git_clone $NIXON_REPO $NIXON_DIR $NIXON_BRANCH # python client library to nova that dashboard (and others) use -git_clone https://github.com/cloudbuilders/python-novaclient.git $NOVACLIENT_DIR +git_clone $NOVACLIENT_REPO $NOVACLIENT_DIR $NOVACLIENT_BRANCH # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. -git_clone https://github.com/cloudbuilders/openstackx.git $API_DIR +git_clone $OPENSTACKX_REPO $OPENSTACKX_DIR $OPENSTACKX_BRANCH # openstack-munin is a collection of munin plugins for monitoring the stack -git_clone https://github.com/cloudbuilders/openstack-munin.git $MUNIN_DIR +git_clone $MUNIN_REPO $MUNIN_DIR $MUNIN_BRANCH # Initialization # ============== @@ -179,7 +178,7 @@ cd $NOVA_DIR; sudo python setup.py develop cd $NOVACLIENT_DIR; sudo python setup.py develop cd $KEYSTONE_DIR; sudo python setup.py develop cd $GLANCE_DIR; sudo python setup.py develop -cd $API_DIR; sudo python setup.py develop +cd $OPENSTACKX_DIR; sudo python setup.py develop cd $DASH_DIR/django-openstack; sudo python setup.py develop cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop @@ -355,7 +354,7 @@ add_nova_flag "--public_interface=$PUBLIC_INTERFACE" add_nova_flag "--vlan_interface=$VLAN_INTERFACE" add_nova_flag "--sql_connection=$BASE_SQL_CONN/nova" add_nova_flag "--libvirt_type=$LIBVIRT_TYPE" -add_nova_flag "--osapi_extensions_path=$API_DIR/extensions" +add_nova_flag "--osapi_extensions_path=$OPENSTACKX_DIR/extensions" add_nova_flag "--vncproxy_url=http://$HOST_IP:6080" add_nova_flag "--vncproxy_wwwroot=$NOVNC_DIR/" add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.ini" From 303233e2f57259bc809230aa60b99655f5650853 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 13:12:57 -0700 Subject: [PATCH 178/278] tweaks to comments and cache organization --- build_lxc.sh | 23 ++++++++++++----------- stack.sh | 1 + 2 files changed, 13 insertions(+), 11 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 15af51d..c24539e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -70,7 +70,7 @@ function git_clone { # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR/opt/nova ]; then +if [ ! -d $CACHEDIR/ ]; then # by deleting the container, we force lxc-create to re-bootstrap (lxc is # lazy and doesn't do anything if a container already exists) lxc-destroy -n $CONTAINER @@ -79,18 +79,19 @@ if [ ! -d $CACHEDIR/opt/nova ]; then chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat files/pips/*` - - git_clone $NOVA_REPO $CACHEDIR/opt/nova $NOVA_BRANCH - git_clone $GLANCE_REPO $CACHEDIR/opt/glance $GLANCE_BRANCH - git_clone $KEYSTONE_REPO $CACHEDIR/opt/keystone $KEYSTONE_BRANCH - git_clone $NOVNC_REPO $CACHEDIR/opt/novnc $NOVNC_BRANCH - git_clone $DASH_REPO $CACHEDIR/opt/dash $DASH_BRANCH $DASH_TAG - git_clone $NIXON_REPO $CACHEDIR/opt/nixon $NIXON_BRANCH - git_clone $NOVACLIENT_REPO $CACHEDIR/opt/python-novaclient $NOVACLIENT_BRANCH - git_clone $OPENSTACKX_REPO $CACHEDIR/opt/openstackx $OPENSTACKX_BRANCH - git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH fi +# Cache openstack code +git_clone $NOVA_REPO $CACHEDIR/opt/nova $NOVA_BRANCH +git_clone $GLANCE_REPO $CACHEDIR/opt/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO $CACHEDIR/opt/keystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO $CACHEDIR/opt/novnc $NOVNC_BRANCH +git_clone $DASH_REPO $CACHEDIR/opt/dash $DASH_BRANCH $DASH_TAG +git_clone $NIXON_REPO $CACHEDIR/opt/nixon $NIXON_BRANCH +git_clone $NOVACLIENT_REPO $CACHEDIR/opt/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO $CACHEDIR/opt/openstackx $OPENSTACKX_BRANCH +git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH + # Destroy the old container lxc-destroy -n $CONTAINER diff --git a/stack.sh b/stack.sh index c7c2e80..85b7474 100755 --- a/stack.sh +++ b/stack.sh @@ -144,6 +144,7 @@ function git_clone { sudo chown `whoami` $2 git clone $1 $2 cd $2 + # This checkout syntax works for both branches and tags git checkout $3 fi } From 096fb5a86a3d198d8f731b24347ce49196190e1d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 13:14:46 -0700 Subject: [PATCH 179/278] add stackrc file --- stackrc | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 stackrc diff --git a/stackrc b/stackrc new file mode 100644 index 0000000..2d265d3 --- /dev/null +++ b/stackrc @@ -0,0 +1,36 @@ +# compute service +NOVA_REPO=https://github.com/openstack/nova.git +NOVA_BRANCH=2011.3 + +# image catalog service +GLANCE_REPO=https://github.com/cloudbuilders/glance.git +GLANCE_BRANCH=diablo + +# unified auth system (manages accounts/tokens) +KEYSTONE_REPO=https://github.com/cloudbuilders/keystone.git +KEYSTONE_BRANCH=diablo + +# a websockets/html5 or flash powered VNC console for vm instances +NOVNC_REPO=https://github.com/cloudbuilders/noVNC.git +NOVNC_BRANCH=master + +# django powered web control panel for openstack +DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git +DASH_BRANCH=master + +# add nixon, will use this to show munin graphs in dashboard +NIXON_REPO=https://github.com/cloudbuilders/nixon.git +NIXON_BRANCH=diablo + +# python client library to nova that dashboard (and others) use +NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git +NOVACLIENT_BRANCH=master + +# openstackx is a collection of extensions to openstack.compute & nova +# that is *deprecated*. The code is being moved into python-novaclient & nova. +OPENSTACKX_REPO=https://github.com/cloudbuilders/openstackx.git +OPENSTACKX_BRANCH=diablo + +# openstack-munin is a collection of munin plugins for monitoring the stack +MUNIN_REPO=https://github.com/cloudbuilders/openstack-munin.git +MUNIN_BRANCH=master From 01ad91a32f1c01c446cbffde96eb32057f6f5694 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 13:25:11 -0700 Subject: [PATCH 180/278] remove trailing slash --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index c24539e..3d0ad89 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -70,7 +70,7 @@ function git_clone { # Warm the base image on first install CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR/ ]; then +if [ ! -d $CACHEDIR ]; then # by deleting the container, we force lxc-create to re-bootstrap (lxc is # lazy and doesn't do anything if a container already exists) lxc-destroy -n $CONTAINER From d8c259af5ae8a5eba10bf1d8fbf368251c028caf Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 14:04:13 -0700 Subject: [PATCH 181/278] use stackrc.example, and prompt user before copying --- build_lxc.sh | 7 +++++++ build_nfs.sh | 7 +++++++ stack.sh | 7 +++++++ stackrc => stackrc.example | 0 4 files changed, 21 insertions(+) rename stackrc => stackrc.example (100%) diff --git a/build_lxc.sh b/build_lxc.sh index 3d0ad89..4c624aa 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,5 +1,12 @@ #!/usr/bin/env bash +# Use stackrc.example if stackrc is missing +if [ ! -e ./stackrc ]; then + read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " + echo + [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } +fi + # Source params source ./stackrc diff --git a/build_nfs.sh b/build_nfs.sh index fa3e3ef..c0fa733 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,5 +1,12 @@ #!/bin/bash +# Use stackrc.example if stackrc is missing +if [ ! -e ./stackrc ]; then + read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " + echo + [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } +fi + # Source params source ./stackrc diff --git a/stack.sh b/stack.sh index 85b7474..54d777a 100755 --- a/stack.sh +++ b/stack.sh @@ -59,6 +59,13 @@ set -o errexit # an error. It is also useful for following allowing as the install occurs. set -o xtrace +# Use stackrc.example if stackrc is missing +if [ ! -e ./stackrc ]; then + read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " + echo + [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } +fi + # Import variables source ./stackrc diff --git a/stackrc b/stackrc.example similarity index 100% rename from stackrc rename to stackrc.example From a34b695aadb6db1aedd5543604dac0400cd90b34 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 15:24:59 -0700 Subject: [PATCH 182/278] by default, use the current version/directory of devstack for child lxc containers --- build_lxc.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index 4c624aa..674742c 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -23,6 +23,9 @@ COPYENV=${COPYENV:-1} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" STACKSH_PARAMS=${STACKSH_PARAMS:-} +# Option to use the version of devstack on which we are currently working +USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} + # Warn users who aren't on natty if ! grep -q natty /etc/lsb-release; then echo "WARNING: this script has only been tested on natty" @@ -99,6 +102,12 @@ git_clone $NOVACLIENT_REPO $CACHEDIR/opt/python-novaclient $NOVACLIENT_BRANCH git_clone $OPENSTACKX_REPO $CACHEDIR/opt/openstackx $OPENSTACKX_BRANCH git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH +# Use this version of devstack? +if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then + rm -rf $CACHEDIR/opt/devstack + cp -pr . $CACHEDIR/opt/devstack +fi + # Destroy the old container lxc-destroy -n $CONTAINER From 84064daed3ed147911503575f453d06a0feb4112 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 16:19:50 -0700 Subject: [PATCH 183/278] use explicit CWD when compying devstack --- build_lxc.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 674742c..b97f8db 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -10,6 +10,9 @@ fi # Source params source ./stackrc +# Store cwd +CWD=`pwd` + # Configurable params BRIDGE=${BRIDGE:-br0} CONTAINER=${CONTAINER:-STACK} @@ -105,7 +108,7 @@ git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then rm -rf $CACHEDIR/opt/devstack - cp -pr . $CACHEDIR/opt/devstack + cp -pr $CWD $CACHEDIR/opt/devstack fi # Destroy the old container From e8fed48eadb73152ab4442b166cf9f668d2b11f8 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 19:50:43 -0700 Subject: [PATCH 184/278] use /opt/stack instead of /opt --- build_lxc.sh | 57 +++++++++++++++++++++++++-------------------- files/keystone.conf | 2 +- stack.sh | 5 +++- upload_image.sh | 9 +++---- 4 files changed, 42 insertions(+), 31 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index b97f8db..1f85b33 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -22,6 +22,7 @@ CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0} CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1} NAMESERVER=${NAMESERVER:-$CONTAINER_GATEWAY} COPYENV=${COPYENV:-1} +DEST=${DEST:-/opt/stack} # Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" STACKSH_PARAMS=${STACKSH_PARAMS:-} @@ -94,21 +95,27 @@ if [ ! -d $CACHEDIR ]; then chroot $CACHEDIR pip install `cat files/pips/*` fi +# Clean out code repos if directed to do so +if [ "$CLEAN" = "1" ]; then + rm -rf $NOVA_REPO $CACHEDIR/$DEST +fi + # Cache openstack code -git_clone $NOVA_REPO $CACHEDIR/opt/nova $NOVA_BRANCH -git_clone $GLANCE_REPO $CACHEDIR/opt/glance $GLANCE_BRANCH -git_clone $KEYSTONE_REPO $CACHEDIR/opt/keystone $KEYSTONE_BRANCH -git_clone $NOVNC_REPO $CACHEDIR/opt/novnc $NOVNC_BRANCH -git_clone $DASH_REPO $CACHEDIR/opt/dash $DASH_BRANCH $DASH_TAG -git_clone $NIXON_REPO $CACHEDIR/opt/nixon $NIXON_BRANCH -git_clone $NOVACLIENT_REPO $CACHEDIR/opt/python-novaclient $NOVACLIENT_BRANCH -git_clone $OPENSTACKX_REPO $CACHEDIR/opt/openstackx $OPENSTACKX_BRANCH -git_clone $MUNIN_REPO $CACHEDIR/opt/openstack-munin $MUNIN_BRANCH +mkdir -p $CACHEDIR/$DEST +git_clone $NOVA_REPO $CACHEDIR/$DEST/nova $NOVA_BRANCH +git_clone $GLANCE_REPO $CACHEDIR/$DEST/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO $CACHEDIR/$DESTkeystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO $CACHEDIR/$DEST/novnc $NOVNC_BRANCH +git_clone $DASH_REPO $CACHEDIR/$DEST/dash $DASH_BRANCH $DASH_TAG +git_clone $NIXON_REPO $CACHEDIR/$DEST/nixon $NIXON_BRANCH +git_clone $NOVACLIENT_REPO $CACHEDIR/$DEST/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO $CACHEDIR/$DEST/openstackx $OPENSTACKX_BRANCH +git_clone $MUNIN_REPO $CACHEDIR/$DEST/openstack-munin $MUNIN_BRANCH # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then - rm -rf $CACHEDIR/opt/devstack - cp -pr $CWD $CACHEDIR/opt/devstack + rm -rf $CACHEDIR/$DEST/devstack + cp -pr $CWD $CACHEDIR/$DEST/devstack fi # Destroy the old container @@ -128,7 +135,7 @@ ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ # Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $ROOTFS groupadd libvirtd -chroot $ROOTFS useradd stack -s /bin/bash -d /opt -G libvirtd +chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd # a simple password - pass echo stack:pass | chroot $ROOTFS chpasswd @@ -151,19 +158,19 @@ function cp_it { # Copy over your ssh keys and env if desired if [ "$COPYENV" = "1" ]; then - cp_it ~/.ssh $ROOTFS/opt/.ssh - cp_it ~/.ssh/id_rsa.pub $ROOTFS/opt/.ssh/authorized_keys - cp_it ~/.gitconfig $ROOTFS/opt/.gitconfig - cp_it ~/.vimrc $ROOTFS/opt/.vimrc - cp_it ~/.bashrc $ROOTFS/opt/.bashrc + cp_it ~/.ssh $ROOTFS/$DEST/.ssh + cp_it ~/.ssh/id_rsa.pub $ROOTFS/$DEST/.ssh/authorized_keys + cp_it ~/.gitconfig $ROOTFS/$DEST/.gitconfig + cp_it ~/.vimrc $ROOTFS/$DEST/.vimrc + cp_it ~/.bashrc $ROOTFS/$DEST/.bashrc fi # Make our ip address hostnames look nice at the command prompt -echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/opt/.bashrc +echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/$DEST/.bashrc echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/etc/profile -# Give stack ownership over /opt so it may do the work needed -chroot $ROOTFS chown -R stack /opt +# Give stack ownership over /$DEST so it may do the work needed +chroot $ROOTFS chown -R stack /$DEST # Configure instance network INTERFACES=$ROOTFS/etc/network/interfaces @@ -179,7 +186,7 @@ iface eth0 inet static EOF # Configure the runner -RUN_SH=$ROOTFS/opt/run.sh +RUN_SH=$ROOTFS/$DEST/run.sh cat > $RUN_SH < /opt/run.sh.log +cd /$DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log EOF # Make the run.sh executable @@ -205,7 +212,7 @@ chmod 755 $RUN_SH RC_LOCAL=$ROOTFS/etc/rc.local cat > $RC_LOCAL < Date: Mon, 26 Sep 2011 19:58:49 -0700 Subject: [PATCH 185/278] fix some paths --- build_lxc.sh | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 1f85b33..9c9f930 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -169,8 +169,8 @@ fi echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/$DEST/.bashrc echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/etc/profile -# Give stack ownership over /$DEST so it may do the work needed -chroot $ROOTFS chown -R stack /$DEST +# Give stack ownership over $DEST so it may do the work needed +chroot $ROOTFS chown -R stack $DEST # Configure instance network INTERFACES=$ROOTFS/etc/network/interfaces @@ -199,10 +199,10 @@ killall screen # Install and run stack.sh sudo apt-get update sudo apt-get -y --force-yes install git-core vim-nox sudo -if [ ! -d "/$DEST/devstack" ]; then - git clone git://github.com/cloudbuilders/devstack.git /$DEST/devstack +if [ ! -d "$DEST/devstack" ]; then + git clone git://github.com/cloudbuilders/devstack.git $DEST/devstack fi -cd /$DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log +cd $DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log EOF # Make the run.sh executable @@ -212,7 +212,7 @@ chmod 755 $RUN_SH RC_LOCAL=$ROOTFS/etc/rc.local cat > $RC_LOCAL < Date: Mon, 26 Sep 2011 20:03:40 -0700 Subject: [PATCH 186/278] fix rm --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 9c9f930..6caffb6 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -97,7 +97,7 @@ fi # Clean out code repos if directed to do so if [ "$CLEAN" = "1" ]; then - rm -rf $NOVA_REPO $CACHEDIR/$DEST + rm -rf $CACHEDIR/$DEST fi # Cache openstack code From 124b0c253dbc630862d2dbecadd75de394ef39f0 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Mon, 26 Sep 2011 23:42:46 -0700 Subject: [PATCH 187/278] fix apache config to suck less - don't require chown www-data --- files/000-default.template | 4 +++- stack.sh | 5 ----- 2 files changed, 3 insertions(+), 6 deletions(-) diff --git a/files/000-default.template b/files/000-default.template index 64251f0..cb4585b 100644 --- a/files/000-default.template +++ b/files/000-default.template @@ -1,6 +1,8 @@ WSGIScriptAlias / %DASH_DIR%/openstack-dashboard/dashboard/wsgi/django.wsgi - WSGIDaemonProcess dashboard user=www-data group=www-data processes=3 threads=10 + WSGIDaemonProcess dashboard user=stack group=stack processes=3 threads=10 + SetEnv APACHE_RUN_USER stack + SetEnv APACHE_RUN_GROUP stack WSGIProcessGroup dashboard DocumentRoot %DASH_DIR%/.blackhole/ diff --git a/stack.sh b/stack.sh index 4bdd2b7..ba32424 100755 --- a/stack.sh +++ b/stack.sh @@ -249,11 +249,6 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then ## Configure apache's 000-default to run dashboard sudo cp $FILES/000-default.template /etc/apache2/sites-enabled/000-default sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default - - # ``python setup.py develop`` left some files owned by root in ``DASH_DIR`` - # and others are owned by the user you are using to run this script. - # We need to change the owner to apache for dashboard to run. - sudo chown -R www-data:www-data $DASH_DIR fi From 34acee36998df95324f6bf9c1fd129546b13cfa8 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 00:12:52 -0700 Subject: [PATCH 188/278] latest keystone configuration for python-novaclient and dash --- build_lxc.sh | 7 ------- build_nfs.sh | 7 ------- files/keystone_data.sh | 2 +- stack.sh | 7 ------- stackrc.example => stackrc | 4 ++-- 5 files changed, 3 insertions(+), 24 deletions(-) rename stackrc.example => stackrc (94%) diff --git a/build_lxc.sh b/build_lxc.sh index 6caffb6..a13ca35 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,12 +1,5 @@ #!/usr/bin/env bash -# Use stackrc.example if stackrc is missing -if [ ! -e ./stackrc ]; then - read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " - echo - [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } -fi - # Source params source ./stackrc diff --git a/build_nfs.sh b/build_nfs.sh index c0fa733..fa3e3ef 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,12 +1,5 @@ #!/bin/bash -# Use stackrc.example if stackrc is missing -if [ ! -e ./stackrc ]; then - read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " - echo - [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } -fi - # Source params source ./stackrc diff --git a/files/keystone_data.sh b/files/keystone_data.sh index c5dd09b..1635b9d 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -22,7 +22,7 @@ $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin # Services $BIN_DIR/keystone-manage $* service add nova_compat nova_compat nova_compat -$BIN_DIR/keystone-manage $* service add nova nova nova +$BIN_DIR/keystone-manage $* service add compute compute compute $BIN_DIR/keystone-manage $* service add glance glance glance $BIN_DIR/keystone-manage $* service add identity identity identity diff --git a/stack.sh b/stack.sh index ba32424..7ecbc83 100755 --- a/stack.sh +++ b/stack.sh @@ -59,13 +59,6 @@ set -o errexit # an error. It is also useful for following allowing as the install occurs. set -o xtrace -# Use stackrc.example if stackrc is missing -if [ ! -e ./stackrc ]; then - read -n1 -p "No stackrc present. Copy stackrc.example to stackrc? (y/n) " - echo - [[ $REPLY = [yY] ]] && cp stackrc.example stackrc|| { echo "Aborting: Missing stackrc"; exit 1; } -fi - # Import variables source ./stackrc diff --git a/stackrc.example b/stackrc similarity index 94% rename from stackrc.example rename to stackrc index 2d265d3..19fed17 100644 --- a/stackrc.example +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=master +DASH_BRANCH=service_catalog_compute # add nixon, will use this to show munin graphs in dashboard NIXON_REPO=https://github.com/cloudbuilders/nixon.git @@ -24,7 +24,7 @@ NIXON_BRANCH=diablo # python client library to nova that dashboard (and others) use NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git -NOVACLIENT_BRANCH=master +NOVACLIENT_BRANCH=rackspace_master # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. From 4387690ba5065fd40deeba43cc0404b536f72248 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 00:29:28 -0700 Subject: [PATCH 189/278] updates to excercise.sh to get partial working-ness --- exercise.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/exercise.sh b/exercise.sh index b7c42d7..7f7be49 100755 --- a/exercise.sh +++ b/exercise.sh @@ -25,7 +25,7 @@ HOST=${HOST:-localhost} # ip address, ...) With the addition of Keystone we have standardized on the # term **tenant** as the entity that owns the resources. **novaclient** still # uses the old deprecated terms project_id. -export NOVA_PROJECT_ID=${TENANT:-demo} +export NOVA_PROJECT_ID=${TENANT:-2} # In addition to the owning entity (tenant), nova stores the entity performing # the action as the **user**. @@ -48,6 +48,9 @@ export NOVA_URL=${NOVA_URL:-http://$HOST:5000/v2.0/} # needs to match the config of your catalog returned by Keystone. export NOVA_VERSION=1.1 +# FIXME - why does this need to be specified? +export NOVA_REGION_NAME=RegionOne + # Launching a server # ================== From f86ce33840120986c305684b323f11dbca91e81e Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 10:51:03 -0700 Subject: [PATCH 190/278] bring dash back to trunk --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index 19fed17..e9c2af9 100644 --- a/stackrc +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=service_catalog_compute +DASH_BRANCH=master # add nixon, will use this to show munin graphs in dashboard NIXON_REPO=https://github.com/cloudbuilders/nixon.git From 135fb645344bb6c8cc06517df8ef12c215f034cc Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 27 Sep 2011 12:57:53 -0500 Subject: [PATCH 191/278] Major refactor of vpn install --- tools/install_openvpn.sh | 180 +++++++++++++++++++++++++++++---------- 1 file changed, 137 insertions(+), 43 deletions(-) diff --git a/tools/install_openvpn.sh b/tools/install_openvpn.sh index 3b52cf1..a3a2346 100644 --- a/tools/install_openvpn.sh +++ b/tools/install_openvpn.sh @@ -1,60 +1,154 @@ -# rough history from wilk - need to cleanup -apt-get install -y openvpn bridge-utils -cp -R /usr/share/doc/openvpn/examples/easy-rsa/2.0/ /etc/openvpn/easy-rsa/ -cd /etc/openvpn/easy-rsa -source vars -./clean-all -./build-dh -./pkitool --initca -./pkitool --server server -./pkitool client1 -cd keys -openvpn --genkey --secret ta.key ## Build a TLS key -cp server.crt server.key ca.crt dh1024.pem ta.key ../../ -cd ../../ - -cat >/etc/openvpn/server.conf <$VPN_DIR/$NAME.conf <$TMP_DIR/$HOST.conf <$VPN_DIR/hostname + fi + do_server $NAME + ;; + --clean) $CA_DIR/clean-all + ;; + *) usage +esac From 248221a4538c8312a6ea132c52f448106470e7e7 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 11:25:18 -0700 Subject: [PATCH 192/278] bring novaclient back to master --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index e9c2af9..2d265d3 100644 --- a/stackrc +++ b/stackrc @@ -24,7 +24,7 @@ NIXON_BRANCH=diablo # python client library to nova that dashboard (and others) use NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git -NOVACLIENT_BRANCH=rackspace_master +NOVACLIENT_BRANCH=master # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. From 527e341b74a5a28f13a0b760549436b32474f2d8 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 15:05:37 -0700 Subject: [PATCH 193/278] changes to support the new nova-vnc wsproxy --- stack.sh | 2 +- stackrc | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 7ecbc83..98e26cf 100755 --- a/stack.sh +++ b/stack.sh @@ -462,7 +462,7 @@ screen_it n-cpu "cd $NOVA_DIR && echo $NOVA_DIR/bin/nova-compute | newgrp libvir screen_it n-net "cd $NOVA_DIR && $NOVA_DIR/bin/nova-network" screen_it n-sch "cd $NOVA_DIR && $NOVA_DIR/bin/nova-scheduler" # nova-vncproxy binds a privileged port, and so needs sudo -screen_it n-vnc "cd $NOVA_DIR && sudo $NOVA_DIR/bin/nova-vncproxy" +screen_it n-vnc "cd $NOVNC_DIR && ./utils/nova-wsproxy.py 6080 --web ." screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" # Install Images diff --git a/stackrc b/stackrc index 2d265d3..993bca8 100644 --- a/stackrc +++ b/stackrc @@ -12,7 +12,7 @@ KEYSTONE_BRANCH=diablo # a websockets/html5 or flash powered VNC console for vm instances NOVNC_REPO=https://github.com/cloudbuilders/noVNC.git -NOVNC_BRANCH=master +NOVNC_BRANCH=nova-vncproxy-redux # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git From 3f7170025d5b27193e83fb84d9e53f5e381d80db Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 27 Sep 2011 17:53:11 -0500 Subject: [PATCH 194/278] Build tftpboot dir --- make_pxe.sh | 66 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 66 insertions(+) create mode 100755 make_pxe.sh diff --git a/make_pxe.sh b/make_pxe.sh new file mode 100755 index 0000000..c544076 --- /dev/null +++ b/make_pxe.sh @@ -0,0 +1,66 @@ +#!/bin/bash +# make_pxe.sh - Create a PXE boot environment +# +# make_pxe.sh destdir +# +# Assumes syslinux is installed +# Configues PXE for Ubuntu Natty and FreeDOS + +UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64 + +DEST_DIR=${1:-/tmp/tftpboot} +OPWD=`pwd` + +DEFAULT=$DEST_DIR/pxelinux.cfg/default +cat >$DEFAULT <$MENU <>$DEFAULT <>$MENU <>$DEFAULT <>$MENU < Date: Tue, 27 Sep 2011 16:20:20 -0700 Subject: [PATCH 195/278] add missing dep --- files/apts/novnc | 1 + 1 file changed, 1 insertion(+) create mode 100644 files/apts/novnc diff --git a/files/apts/novnc b/files/apts/novnc new file mode 100644 index 0000000..24ce15a --- /dev/null +++ b/files/apts/novnc @@ -0,0 +1 @@ +numpy From 0154ee8f35687c3922bb2ef7ebd5cb0e7c9345c1 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 16:27:19 -0700 Subject: [PATCH 196/278] correct package name --- files/apts/novnc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/apts/novnc b/files/apts/novnc index 24ce15a..c8722b9 100644 --- a/files/apts/novnc +++ b/files/apts/novnc @@ -1 +1 @@ -numpy +python-numpy From 8f3e28cec1f81b1aa21066155cca3ce8193e9a41 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Tue, 27 Sep 2011 18:26:27 -0700 Subject: [PATCH 197/278] use the current user instead of stack for dash --- files/000-default.template | 6 +++--- stack.sh | 1 + 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/files/000-default.template b/files/000-default.template index cb4585b..4e4b5c4 100644 --- a/files/000-default.template +++ b/files/000-default.template @@ -1,8 +1,8 @@ WSGIScriptAlias / %DASH_DIR%/openstack-dashboard/dashboard/wsgi/django.wsgi - WSGIDaemonProcess dashboard user=stack group=stack processes=3 threads=10 - SetEnv APACHE_RUN_USER stack - SetEnv APACHE_RUN_GROUP stack + WSGIDaemonProcess dashboard user=%USER% group=%USER% processes=3 threads=10 + SetEnv APACHE_RUN_USER %USER% + SetEnv APACHE_RUN_GROUP %USER% WSGIProcessGroup dashboard DocumentRoot %DASH_DIR%/.blackhole/ diff --git a/stack.sh b/stack.sh index 7ecbc83..4c16bfa 100755 --- a/stack.sh +++ b/stack.sh @@ -241,6 +241,7 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then ## Configure apache's 000-default to run dashboard sudo cp $FILES/000-default.template /etc/apache2/sites-enabled/000-default + sudo sed -e "s,%USER%,$USER,g" -i /etc/apache2/sites-enabled/000-default sudo sed -e "s,%DASH_DIR%,$DASH_DIR,g" -i /etc/apache2/sites-enabled/000-default fi From ba89a26e4ff3af9c4902ee5b258c031e8cf43909 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 19:01:08 -0700 Subject: [PATCH 198/278] remove old comment --- stack.sh | 1 - 1 file changed, 1 deletion(-) diff --git a/stack.sh b/stack.sh index 5c102fa..f21b371 100755 --- a/stack.sh +++ b/stack.sh @@ -462,7 +462,6 @@ fi screen_it n-cpu "cd $NOVA_DIR && echo $NOVA_DIR/bin/nova-compute | newgrp libvirtd" screen_it n-net "cd $NOVA_DIR && $NOVA_DIR/bin/nova-network" screen_it n-sch "cd $NOVA_DIR && $NOVA_DIR/bin/nova-scheduler" -# nova-vncproxy binds a privileged port, and so needs sudo screen_it n-vnc "cd $NOVNC_DIR && ./utils/nova-wsproxy.py 6080 --web ." screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" From 0f6787cb3f49166dd692c1dedaa0e6c54ade683b Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 27 Sep 2011 19:39:13 -0700 Subject: [PATCH 199/278] point noVNC back to master --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index 993bca8..2d265d3 100644 --- a/stackrc +++ b/stackrc @@ -12,7 +12,7 @@ KEYSTONE_BRANCH=diablo # a websockets/html5 or flash powered VNC console for vm instances NOVNC_REPO=https://github.com/cloudbuilders/noVNC.git -NOVNC_BRANCH=nova-vncproxy-redux +NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git From 1f80bfb31f7a7a88868b4e0dd52994f1f88d4915 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 27 Sep 2011 22:19:32 -0500 Subject: [PATCH 200/278] Add memtest, local boot --- make_pxe.sh | 46 ++++++++++++++++++++++++++++++++++++++++------ 1 file changed, 40 insertions(+), 6 deletions(-) diff --git a/make_pxe.sh b/make_pxe.sh index c544076..33a2405 100755 --- a/make_pxe.sh +++ b/make_pxe.sh @@ -8,9 +8,19 @@ UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64 -DEST_DIR=${1:-/tmp/tftpboot} +MEMTEST_VER=4.10 +MEMTEST_BIN=memtest86+-${MEMTEST_VER}.bin +MEMTEST_URL=http://www.memtest.org/download/${MEMTEST_VER}/ + +DEST_DIR=${1:-/tmp}/tftpboot OPWD=`pwd` +mkdir -p $DEST_DIR/pxelinux.cfg +cd $DEST_DIR +for i in memdisk menu.c32 pxelinux.0; do + cp -p /usr/lib/syslinux/$i $DEST_DIR +done + DEFAULT=$DEST_DIR/pxelinux.cfg/default cat >$DEFAULT <>$MENU <>$DEFAULT <>$MENU <>$MENU <>$DEFAULT <>$MENU < Date: Wed, 28 Sep 2011 02:30:57 -0700 Subject: [PATCH 201/278] multiple step version of building a ramdisk pxeboot installer --- build_pxe_ramdisk.sh | 108 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) create mode 100755 build_pxe_ramdisk.sh diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh new file mode 100755 index 0000000..0f598f8 --- /dev/null +++ b/build_pxe_ramdisk.sh @@ -0,0 +1,108 @@ +#!/bin/bash + +if [ ! "$#" -eq "1" ]; then + echo "$0 builds a gziped natty openstack install" + echo "usage: $0 dest" + exit 1 +fi + +# Source params +source ./stackrc + +# clean install of natty +if [ ! -d natty-base ]; then + debootstrap natty natty-base + # copy kernel modules... + # NOTE(ja): is there a better way to do this? + cp -pr /lib/modules/`uname -r` proto/lib/modules + cp files/sources.list natty-base/etc/apt/sources.list + chroot natty-base apt-get update +fi + +# prime natty with as many apt/pips as we can +if [ ! -d primed ]; then + rsync -azH natty-base/ primed/ + chroot primed apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot primed pip install `cat files/pips/*` + + # Create a stack user that is a member of the libvirtd group so that stack + # is able to interact with libvirt. + chroot primed groupadd libvirtd + chroot primed useradd stack -s /bin/bash -d /opt -G libvirtd + + # a simple password - pass + echo stack:pass | chroot primed chpasswd + + # and has sudo ability (in the future this should be limited to only what + # stack requires) + echo "stack ALL=(ALL) NOPASSWD: ALL" >> primed/etc/sudoers +fi + +# clone git repositories onto the system +# ====================================== + +if [ ! -d cloned ]; then + rsync -azH primed/ cloned/ +fi + +# git clone only if directory doesn't exist already. Since ``DEST`` might not +# be owned by the installation user, we create the directory and change the +# ownership to the proper user. +function git_clone { + + # clone new copy or fetch latest changes + CHECKOUT=cloned$2 + if [ ! -d $CHECKOUT ]; then + mkdir -p $CHECKOUT + git clone $1 $CHECKOUT + else + pushd $CHECKOUT + git fetch + popd + fi + + # FIXME(ja): checkout specified version (should works for branches and tags) + + pushd $CHECKOUT + # checkout the proper branch/tag + git checkout $3 + # force our local version to be the same as the remote version + git reset --hard origin/$3 + popd + + # give ownership to the stack user + chroot cloned/ chown -R stack $2 +} + +git_clone $NOVA_REPO /opt/stack/nova $NOVA_BRANCH +git_clone $GLANCE_REPO /opt/stack/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO /opt/stack/keystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO /opt/stack/novnc $NOVNC_BRANCH +git_clone $DASH_REPO /opt/stack/dash $DASH_BRANCH +git_clone $NIXON_REPO /opt/stack/nixon $NIXON_BRANCH +git_clone $NOVACLIENT_REPO /opt/stack/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO /opt/stack/openstackx $OPENSTACKX_BRANCH +git_clone $MUNIN_REPO /opt/stack/openstack-munin $MUNIN_BRANCH + +# build a new image +BASE=build.$$ +IMG=$BASE.img +MNT=$BASE/ + +# create a 2GB blank filesystem +dd if=/dev/zero of=$IMG bs=1024k count=2048 +# force it to be initialized as ext2 +mkfs.ext2 -F $IMG + +# mount blank image loopback and load it +mkdir -p $MNT +mount -o loop $IMG $MNT +rsync -azH cloned/ $MNT + +# umount and cleanup +umount $MNT +rmdir $MNT + +# gzip into final location +gzip -1 $IMG -c > $1 + From 9b5ebb5a3d035a9f66db9913d4e83ac37458b3fb Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Wed, 28 Sep 2011 14:14:33 -0500 Subject: [PATCH 202/278] Rename to build_pxe_boot.sh --- make_pxe.sh => build_pxe_boot.sh | 28 ++++------------------------ 1 file changed, 4 insertions(+), 24 deletions(-) rename make_pxe.sh => build_pxe_boot.sh (78%) diff --git a/make_pxe.sh b/build_pxe_boot.sh similarity index 78% rename from make_pxe.sh rename to build_pxe_boot.sh index 33a2405..16fa02c 100755 --- a/make_pxe.sh +++ b/build_pxe_boot.sh @@ -1,10 +1,10 @@ #!/bin/bash -# make_pxe.sh - Create a PXE boot environment +# build_pxe_boot.sh - Create a PXE boot environment # -# make_pxe.sh destdir +# build_pxe_boot.sh destdir # # Assumes syslinux is installed -# Configues PXE for Ubuntu Natty and FreeDOS +# Only needs to run as root if the destdir permissions require it UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64 @@ -24,20 +24,13 @@ done DEFAULT=$DEST_DIR/pxelinux.cfg/default cat >$DEFAULT <$MENU <>$MENU <>$MENU <>$MENU <>$DEFAULT <>$MENU < Date: Wed, 28 Sep 2011 13:21:46 -0700 Subject: [PATCH 203/278] don't pre-install munin-node --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index a13ca35..07a91ea 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -84,7 +84,7 @@ if [ ! -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update - chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server|munin-node)"` chroot $CACHEDIR pip install `cat files/pips/*` fi From d462295368abfd2c749d03f45b82e3cad7362bfe Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 14:08:26 -0700 Subject: [PATCH 204/278] make sure user isn't running as root --- stack.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/stack.sh b/stack.sh index f21b371..a4f14b8 100755 --- a/stack.sh +++ b/stack.sh @@ -37,6 +37,15 @@ if [ ! -d $FILES ]; then exit 1 fi +# you need to run this as a regular user with sudo priviledges +if [[ $EUID -eq 0 ]]; then + echo "This script cannot be run as root." 1>&2 + echo "You should run this script as the user you wish openstack to run as" 1>&2 + echo "The user will need to be a sudoer (without password)" 1>&2 + exit 1 +fi + + # Settings # ======== From bd550eddebdb8f33b62acf64c1c0af1f35d5ea35 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 16:54:25 -0500 Subject: [PATCH 205/278] add make as a dependency --- build_lxc.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 07a91ea..74b63c3 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -33,8 +33,8 @@ apt-get install -y lxc debootstrap # Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup if ! which cgdelete | grep -q cgdelete; then - apt-get install -y g++ bison flex libpam0g-dev - wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 + apt-get install -y g++ bison flex libpam0g-dev make + wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2 && tar xfv libcgroup-0.37.1.tar cd libcgroup-0.37.1 ./configure @@ -125,7 +125,7 @@ lxc-create -n $CONTAINER -t natty -f $LXC_CONF # Specify where our container rootfs lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ -# Create a stack user that is a member of the libvirtd group so that stack +# Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $ROOTFS groupadd libvirtd chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd @@ -133,7 +133,7 @@ chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd # a simple password - pass echo stack:pass | chroot $ROOTFS chpasswd -# and has sudo ability (in the future this should be limited to only what +# and has sudo ability (in the future this should be limited to only what # stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers From d5e1f7ba09a389db52bffe5159cc324dfae53809 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:04:01 -0500 Subject: [PATCH 206/278] make stackrc source localrc --- .gitignore | 1 + stackrc | 3 +++ 2 files changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 7964faa..22a7898 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ proto *~ +localrc diff --git a/stackrc b/stackrc index 2d265d3..3580ae1 100644 --- a/stackrc +++ b/stackrc @@ -34,3 +34,6 @@ OPENSTACKX_BRANCH=diablo # openstack-munin is a collection of munin plugins for monitoring the stack MUNIN_REPO=https://github.com/cloudbuilders/openstack-munin.git MUNIN_BRANCH=master + +# allow local overwrites +[ -f ./localrc ] && source ./localrc From 1c7f0c9761ede2d91a12b2d811e0588807501a2c Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:09:00 -0500 Subject: [PATCH 207/278] follow symlinks when copying env --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 74b63c3..7598a90 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -145,7 +145,7 @@ cp -pR /lib/modules/`uname -r`/kernel/net $ROOTFS/lib/modules/`uname -r`/kernel/ # Gracefully cp only if source file/dir exists function cp_it { if [ -e $1 ] || [ -d $1 ]; then - cp -pr $1 $2 + cp -pRL $1 $2 fi } From beab63962653aa36e0ebf4cac7a045ba557861ba Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 15:12:18 -0700 Subject: [PATCH 208/278] some enhancements to bootstrapping to better detect if we've properly warmed the cache. Also provide option to delete lxc cache --- build_lxc.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 74b63c3..c441835 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -75,9 +75,16 @@ function git_clone { fi } -# Warm the base image on first install +# Location of the base image directory CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR ]; then + +# Provide option to do totally clean install +if [ "$CLEAR_LXC_CACHE" = "1" ]; then + rm -rf $CACHEDIR +fi + +# Warm the base image on first install +if [ ! -f $CACHEDIR/bootstrapped ]; then # by deleting the container, we force lxc-create to re-bootstrap (lxc is # lazy and doesn't do anything if a container already exists) lxc-destroy -n $CONTAINER @@ -86,6 +93,7 @@ if [ ! -d $CACHEDIR ]; then chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server|munin-node)"` chroot $CACHEDIR pip install `cat files/pips/*` + touch $CACHEDIR/bootstrapped fi # Clean out code repos if directed to do so From eb5dea61389e27096311975ceb651efdc683e2f2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 15:24:57 -0700 Subject: [PATCH 209/278] make stackrc return 0 --- stackrc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/stackrc b/stackrc index 3580ae1..8704a65 100644 --- a/stackrc +++ b/stackrc @@ -35,5 +35,7 @@ OPENSTACKX_BRANCH=diablo MUNIN_REPO=https://github.com/cloudbuilders/openstack-munin.git MUNIN_BRANCH=master -# allow local overwrites -[ -f ./localrc ] && source ./localrc +# allow local overrides of env variables +if [ -f ./localrc ]; then + source ./localrc +fi From 9c1af108d4ba79bb5466de17a9a12fd7fe3cc827 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 16:04:06 -0700 Subject: [PATCH 210/278] start using cloudbuilders diablo branch --- stackrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stackrc b/stackrc index 8704a65..deb467b 100644 --- a/stackrc +++ b/stackrc @@ -1,6 +1,6 @@ # compute service -NOVA_REPO=https://github.com/openstack/nova.git -NOVA_BRANCH=2011.3 +NOVA_REPO=https://github.com/cloudbuilders/nova.git +NOVA_BRANCH=diablo # image catalog service GLANCE_REPO=https://github.com/cloudbuilders/glance.git From 76ce231050a49d40ebb318544ccaae40b4e06282 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 16:29:25 -0500 Subject: [PATCH 211/278] add a script for lxc net config --- lxc_network_hostonlyplusnat.sh | 94 ++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100755 lxc_network_hostonlyplusnat.sh diff --git a/lxc_network_hostonlyplusnat.sh b/lxc_network_hostonlyplusnat.sh new file mode 100755 index 0000000..59d82e6 --- /dev/null +++ b/lxc_network_hostonlyplusnat.sh @@ -0,0 +1,94 @@ +#!/bin/bash + + +# Print some usage info +function usage { + echo "Usage: $0 [OPTION] [host_ip]" + echo "Set up networking for LXC" + echo "" + echo " -n, --dry-run Just print the commands that would execute." + echo " -h, --help Print this usage message." + echo "" + exit +} + +# Allow passing the ip address on the command line. +function process_option { + case "$1" in + -h|--help) usage;; + -n|--dry-run) dry_run=1;; + *) host_ip="$1" + esac +} + +# Set up some defaults +host_ip= +dry_run=0 +bridge=br0 +DRIER= + +# Process the args +for arg in "$@"; do + process_option $arg +done + +if [ $dry_run ]; then + DRIER=echo +fi + +if [ "$UID" -ne "0" ]; then + echo "This script must be run with root privileges." + exit 1 +fi + +# Check for bridge-utils. +BRCTL=`which brctl` +if [ ! -x "$BRCTL" ]; then + echo "This script requires you to install bridge-utils." + echo "Try: sudo apt-get install bridge-utils." + exit 1 +fi + +# Scare off the nubs. +echo "=====================================================" +echo +echo "WARNING" +echo +echo "This script will modify your current network setup," +echo "this can be a scary thing and it is recommended that" +echo "you have something equivalent to physical access to" +echo "this machine before continuing in case your network" +echo "gets all funky." +echo +echo "If you don't want to continue, hit CTRL-C now." + +if [ -z "$host_ip" ]; +then + echo "Otherwise, please type in your host's ip address and" + echo "hit enter." + echo + echo "=====================================================" + read host_ip +else + echo "Otherwise hit enter." + echo + echo "=====================================================" + read accept +fi + + +# Add a bridge interface, this will choke if there is already +# a bridge named $bridge +$DRIER $BRCTL addbr $bridge +$DRIER ip addr add 192.168.1.1/24 dev $bridge +if [ $dry_run ]; then + echo "echo 1 > /proc/sys/net/ipv4/ip_forward" +else + echo 1 > /proc/sys/net/ipv4/ip_forward +fi +$DRIER ifconfig $bridge up + +# Set up the NAT for the instances +$DRIER iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source $host_ip +$DRIER iptables -I FORWARD -s 192.168.1.0/24 -j ACCEPT + From 07815534265e503b61c06a3e6cd3768dd7e3441d Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 18:15:55 -0500 Subject: [PATCH 212/278] mention temporariness --- lxc_network_hostonlyplusnat.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lxc_network_hostonlyplusnat.sh b/lxc_network_hostonlyplusnat.sh index 59d82e6..4e29ed7 100755 --- a/lxc_network_hostonlyplusnat.sh +++ b/lxc_network_hostonlyplusnat.sh @@ -1,10 +1,9 @@ #!/bin/bash - # Print some usage info function usage { echo "Usage: $0 [OPTION] [host_ip]" - echo "Set up networking for LXC" + echo "Set up temporary networking for LXC" echo "" echo " -n, --dry-run Just print the commands that would execute." echo " -h, --help Print this usage message." From 7377444f808ef4fa4d45c5a8b06f7bef7cacfbd9 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 19:02:28 -0500 Subject: [PATCH 213/278] add auto tailing when building lxc --- build_lxc.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index 0817d1d..471b7dc 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -204,6 +204,9 @@ if [ ! -d "$DEST/devstack" ]; then git clone git://github.com/cloudbuilders/devstack.git $DEST/devstack fi cd $DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log +echo >> /$DEST/run.sh.log +echo >> /$DEST/run.sh.log +echo "All done! Time to start clicking." >> /$DEST/run.sh.log EOF # Make the run.sh executable @@ -224,3 +227,20 @@ fi # Start our container lxc-start -d -n $CONTAINER + +# Done creating the container, let's tail the log +echo +echo "=============================================================" +echo " -- YAY! --" +echo "=============================================================" +echo +echo "We're done creating the container, about to start tailing the" +echo "stack.sh log. It will take a second or two to start." +echo +echo "Just CTRL-C at any time to stop tailing." + +while [ ! -e "$ROOTFS/$DEST/run.sh.log" ]; do + sleep 1 +done + +tail -F $ROOTFS/$DEST/run.sh.log From 197d53d32eff4015274366e65f8651ab4973682f Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:18:23 -0700 Subject: [PATCH 214/278] small docs updates about localrc --- stack.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index a4f14b8..c3bdc74 100755 --- a/stack.sh +++ b/stack.sh @@ -57,6 +57,11 @@ fi # # You can also pass options on a single line ``MYSQL_PASS=simple ./stack.sh`` # +# Additionally, you can put any local variables into a ``localrc`` file, like:: +# +# MYSQL_PASS=anothersecret +# MYSQL_USER=hellaroot +# # We try to have sensible defaults, so you should be able to run ``./stack.sh`` # in most cases. @@ -386,7 +391,7 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then $NOVA_DIR/bin/nova-manage db sync # create a small network - $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 $FIXED_NETWORK_SIZE + $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 $FIXED_NETWORK_SIZE # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE From 523c405f0670ea839e73f661477c4c31b853b04e Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 19:49:40 -0500 Subject: [PATCH 215/278] add elapsed time to script --- stack.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/stack.sh b/stack.sh index c3bdc74..4daa95d 100755 --- a/stack.sh +++ b/stack.sh @@ -13,6 +13,9 @@ # Sanity Check # ============ +# Start our timer +START_TIME=`python -c "import time; print time.time()"` + # Warn users who aren't on natty, but allow them to override check and attempt # installation with ``FORCE=yes ./stack`` if ! grep -q natty /etc/lsb-release; then @@ -514,3 +517,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then echo "keystone is serving at http://$HOST_IP:5000/v2.0/" echo "examples on using novaclient command line is in exercise.sh" fi + +# Summary +# ======= + +# End our timer and give a timing summary +END_TIME=`python -c "import time; print time.time()"` +ELAPSED=`python -c "print $END_TIME - $START_TIME"` +echo "stack.sh completed in $ELAPSED seconds." From f2d6c92bb5f196ca8fbb0ed0219988fe5cb48d65 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 17:50:40 -0700 Subject: [PATCH 216/278] missed this when separating out the images --- build_pxe_ramdisk.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 0f598f8..fb95e3f 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -14,7 +14,7 @@ if [ ! -d natty-base ]; then debootstrap natty natty-base # copy kernel modules... # NOTE(ja): is there a better way to do this? - cp -pr /lib/modules/`uname -r` proto/lib/modules + cp -pr /lib/modules/`uname -r` natty-base/lib/modules cp files/sources.list natty-base/etc/apt/sources.list chroot natty-base apt-get update fi From 46ad2de5d9a819523efa2998f82f96660c684847 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 18:29:50 -0700 Subject: [PATCH 217/278] build_lxc.sh needs to be root to run --- build_lxc.sh | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 471b7dc..191c493 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,5 +1,16 @@ #!/usr/bin/env bash +# Sanity check +if [ "$EUID" -ne "0" ]; then + echo "This script must be run with root privileges." + exit 1 +fi + +# Warn users who aren't on natty +if ! grep -q natty /etc/lsb-release; then + echo "WARNING: this script has only been tested on natty" +fi + # Source params source ./stackrc @@ -23,10 +34,6 @@ STACKSH_PARAMS=${STACKSH_PARAMS:-} # Option to use the version of devstack on which we are currently working USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} -# Warn users who aren't on natty -if ! grep -q natty /etc/lsb-release; then - echo "WARNING: this script has only been tested on natty" -fi # Install deps apt-get install -y lxc debootstrap From 236943fe544adb710d021269ec3c754e27118d2b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 18:38:10 -0700 Subject: [PATCH 218/278] save a few seconds by seeking instead of copying zeros --- build_pxe_ramdisk.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index fb95e3f..648fc3b 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -89,8 +89,8 @@ BASE=build.$$ IMG=$BASE.img MNT=$BASE/ -# create a 2GB blank filesystem -dd if=/dev/zero of=$IMG bs=1024k count=2048 +# (quickly) create a 2GB blank filesystem +dd bs=1 count=1 seek=$((2*1024*1024*1024)) if=/dev/zero of=$IMG # force it to be initialized as ext2 mkfs.ext2 -F $IMG From c9e3fff73a412b25b7a0ac92c6e7521286185709 Mon Sep 17 00:00:00 2001 From: Vishvananda Ishaya Date: Thu, 29 Sep 2011 10:48:49 -0700 Subject: [PATCH 219/278] autocreate a stack user if you are root instead of failing --- stack.sh | 28 +++++++++++++++++++--------- 1 file changed, 19 insertions(+), 9 deletions(-) diff --git a/stack.sh b/stack.sh index 4daa95d..29394ab 100755 --- a/stack.sh +++ b/stack.sh @@ -26,10 +26,6 @@ if ! grep -q natty /etc/lsb-release; then fi fi -#The following makes fresh mininmal installs (i.e. LXCs) happy -apt-get update -apt-get install -y sudo - # stack.sh keeps the list of **apt** and **pip** dependencies in external # files, along with config templates and other useful files. You can find these # in the ``files`` directory (next to this script). We will reference this @@ -40,12 +36,26 @@ if [ ! -d $FILES ]; then exit 1 fi -# you need to run this as a regular user with sudo priviledges +# If stack.sh is run as root, it automatically creates a stack user with +# sudo privileges and runs as that user. if [[ $EUID -eq 0 ]]; then - echo "This script cannot be run as root." 1>&2 - echo "You should run this script as the user you wish openstack to run as" 1>&2 - echo "The user will need to be a sudoer (without password)" 1>&2 - exit 1 + echo "You are running this script as root." + apt-get update + apt-get install -y sudo + if ! getent passwd | grep -q stack; then + echo "Creating a user called stack" + useradd -g sudo -s /bin/bash -m stack + fi + echo "Making sure stack has passwordless sudo" + sed -i "/^%sudo/ { / ALL/ { s/ ALL/ NOPASSWD:ALL/ }}" /etc/sudoers + echo "Copying files to stack user" + cp -r -f `pwd` /home/stack/ + THIS_DIR=$(basename $(dirname $(readlink -f $0))) + chown -R stack:sudo /home/stack/$THIS_DIR + echo "Running the script as stack in 3 seconds..." + sleep 3 + exec su -c "cd /home/stack/$THIS_DIR/; bash stack.sh; bash" stack + exit 0 fi From c945bf8dbf013ca947232311e5255b8fc21f2981 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Thu, 29 Sep 2011 16:15:23 -0500 Subject: [PATCH 220/278] Build devstack images --- build_pxe_boot.sh | 53 ++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 43 insertions(+), 10 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index 16fa02c..c5ef276 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -1,9 +1,10 @@ #!/bin/bash # build_pxe_boot.sh - Create a PXE boot environment # -# build_pxe_boot.sh destdir +# build_pxe_boot.sh [-k kernel-version] destdir # # Assumes syslinux is installed +# Assumes devstack files are in `pwd`/pxe # Only needs to run as root if the destdir permissions require it UBUNTU_MIRROR=http://archive.ubuntu.com/ubuntu/dists/natty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64 @@ -12,8 +13,15 @@ MEMTEST_VER=4.10 MEMTEST_BIN=memtest86+-${MEMTEST_VER}.bin MEMTEST_URL=http://www.memtest.org/download/${MEMTEST_VER}/ +KVER=`uname -r` +if [ "$1" = "-k" ]; then + KVER=$2 + shift;shift +fi + DEST_DIR=${1:-/tmp}/tftpboot OPWD=`pwd` +PROGDIR=`dirname $0` mkdir -p $DEST_DIR/pxelinux.cfg cd $DEST_DIR @@ -31,17 +39,42 @@ MENU TITLE PXE Boot Menu EOF -# Get Ubuntu netboot +# Setup devstack boot mkdir -p $DEST_DIR/ubuntu -cd $DEST_DIR/ubuntu -wget -N --quiet $UBUNTU_MIRROR/linux -wget -N --quiet $UBUNTU_MIRROR/initrd.gz +if [ ! -d $OPWD/pxe ]; then + mkdir -p $OPWD/pxe +fi +if [ ! -r $OPWD/pxe/vmlinuz-${KVER}-generic ]; then + if [ ! -r /boot/vmlinuz-${KVER}-generic ]; then + echo "No kernel found" + else + cp -p /boot/vmlinuz-${KVER}-generic $OPWD/pxe + fi +fi +cp -p $OPWD/pxe/vmlinuz-${KVER}-generic $DEST_DIR/ubuntu +if [ ! -r $OPWD/pxe/stack-initrd.gz ]; then + $PROGDIR/build_pxe_ramdisk.sh $OPWD/pxe/stack-initrd.gz +fi +cp -p $OPWD/pxe/stack-initrd.gz $DEST_DIR/ubuntu +cat >>$DEFAULT <>$DEFAULT <>$DEFAULT <>$DEFAULT < Date: Thu, 29 Sep 2011 16:35:43 -0500 Subject: [PATCH 221/278] optionally only create the chroot --- make_image.sh | 103 +++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 89 insertions(+), 14 deletions(-) diff --git a/make_image.sh b/make_image.sh index 3bfa683..cfef136 100755 --- a/make_image.sh +++ b/make_image.sh @@ -1,27 +1,40 @@ #!/bin/bash # make_image.sh - Create Ubuntu images in various formats # -# make_image.sh release format -# # Supported formats: qcow (kvm), vmdk (vmserver), vdi (vbox), vhd (vpc), raw # # Requires sudo to root ROOTSIZE=${ROOTSIZE:-8192} SWAPSIZE=${SWAPSIZE:-1024} +MIN_PKGS=${MIN_PKGS:-"apt-utils gpgv openssh-server"} usage() { - echo "$0 - Create Ubuntu images" + echo "Usage: $0 - Create Ubuntu images" + echo "" + echo "$0 [-m] [-r rootsize] [-s swapsize] release format" + echo "$0 -C [-m] release chrootdir" + echo "$0 -I [-r rootsize] [-s swapsize] chrootdir format" echo "" - echo "$0 [-r rootsize] [-s swapsize] release format" + echo "-C - Create the initial chroot dir" + echo "-I - Create the final image from a chroot" + echo "-m - minimal installation" + echo "-r size - root fs size in MB" + echo "-s size - swap fs size in MB" + echo "release - Ubuntu release: jaunty - oneric" + echo "format - image format: qcow2, vmdk, vdi, vhd, xen, raw, fs" exit 1 } -while getopts hm:r:s: c; do +while getopts CIhmr:s: c; do case $c in + C) CHROOTONLY=1 + ;; + I) IMAGEONLY=1 + ;; h) usage ;; - m) MIRROR=$OPTARG + m) MINIMAL=1 ;; r) ROOTSIZE=$OPTARG ;; @@ -31,8 +44,26 @@ while getopts hm:r:s: c; do done shift `expr $OPTIND - 1` +if [ ! "$#" -eq "2" -o -n $CHROOTONLY -a -n $IMAGEONLY ]; then + usage +fi + +# Default args RELEASE=$1 FORMAT=$2 +CHROOTDIR="" + +if [ -n "$CHROOTONLY" ]; then + RELEASE=$1 + CHROOTDIR=$2 + FORMAT="pass" +fi + +if [ -n "$IMAGEONLY" ]; then + CHROOTDIR=$1 + FORMAT=$2 + RELEASE="pass" +fi case $FORMAT in kvm|qcow2) FORMAT=qcow2 @@ -60,6 +91,7 @@ case $FORMAT in QFORMAT=raw HYPER=kvm ;; + pass) ;; *) echo "Unknown format: $FORMAT" usage esac @@ -70,6 +102,7 @@ case $RELEASE in lucid) ;; karmic) ;; jaunty) ;; + pass) ;; *) echo "Unknown release: $RELEASE" usage ;; @@ -80,17 +113,59 @@ if [ -z `which vmbuilder` ]; then sudo apt-get install ubuntu-vm-builder fi +if [ -n "$CHROOTONLY" ]; then + # Build a chroot directory + HYPER=kvm + if [ "$MINIMAL" = 1 ]; then + ARGS="--variant=minbase" + for i in $MIN_PKGS; do + ARGS="$ARGS --addpkg=$i" + done + fi + sudo vmbuilder $HYPER ubuntu $ARGS \ + --suite $RELEASE \ + --only-chroot \ + --chroot-dir=$CHROOTDIR \ + --overwrite \ + --addpkg=$MIN_PKGS \ + + sudo cp -p files/sources.list $CHROOTDIR/etc/apt/sources.list + sudo chroot $CHROOTDIR apt-get update + + exit 0 +fi + # Build the image +TMPDIR=tmp TMPDISK=`mktemp imgXXXXXXXX` SIZE=$[$ROOTSIZE+$SWAPSIZE+1] -dd if=/dev/null of=$TMPDISK bs=1M seek=$SIZE -sudo vmbuilder $HYPER ubuntu --suite $RELEASE \ - -o \ - --rootsize=$ROOTSIZE \ - --swapsize=$SWAPSIZE \ - --tmpfs - \ - --addpkg=openssh-server \ - --raw=$TMPDISK \ +dd if=/dev/null of=$TMPDISK bs=1M seek=$SIZE count=1 + +if [ -n "$IMAGEONLY" ]; then + # Build image from chroot + sudo vmbuilder $HYPER ubuntu $ARGS \ + --existing-chroot=$CHR \ + --overwrite \ + --rootsize=$ROOTSIZE \ + --swapsize=$SWAPSIZE \ + --tmpfs - \ + --raw=$TMPDISK \ + +else + # Do the whole shebang in one pass + ARGS="--variant=minbase" + for i in $MIN_PKGS; do + ARGS="$ARGS --addpkg=$i" + done + sudo vmbuilder $HYPER ubuntu $ARGS \ + --suite $RELEASE \ + --overwrite \ + --rootsize=$ROOTSIZE \ + --swapsize=$SWAPSIZE \ + --tmpfs - \ + --raw=$TMPDISK \ + +fi if [ "$FORMAT" = "raw" ]; then # Get image From 407ee7ee5e279554afa1d91a6760156b57cbef10 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Thu, 29 Sep 2011 16:38:59 -0500 Subject: [PATCH 222/278] calls make_image.sh to build the base install --- build_pxe_ramdisk.sh | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 648fc3b..197bfc9 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -6,17 +6,19 @@ if [ ! "$#" -eq "1" ]; then exit 1 fi +PROGDIR=`dirname $0` + # Source params source ./stackrc # clean install of natty if [ ! -d natty-base ]; then - debootstrap natty natty-base + $PROGDIR/make_image.sh -C natty natty-base # copy kernel modules... # NOTE(ja): is there a better way to do this? cp -pr /lib/modules/`uname -r` natty-base/lib/modules - cp files/sources.list natty-base/etc/apt/sources.list - chroot natty-base apt-get update + # a simple password - pass + echo root:pass | chroot natty-base chpasswd fi # prime natty with as many apt/pips as we can From c4a99fb957cecbd1c647f9a4cb64ce44b595172f Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 29 Sep 2011 22:31:46 +0000 Subject: [PATCH 223/278] updates to support most recent keystone --- files/keystone_data.sh | 34 ++++++++++------------------------ 1 file changed, 10 insertions(+), 24 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 1635b9d..23646d2 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -3,6 +3,7 @@ BIN_DIR=${BIN_DIR:-.} # Tenants $BIN_DIR/keystone-manage $* tenant add admin $BIN_DIR/keystone-manage $* tenant add demo +$BIN_DIR/keystone-manage $* tenant add invisible_to_admin # Users $BIN_DIR/keystone-manage $* user add admin secrete @@ -13,43 +14,28 @@ $BIN_DIR/keystone-manage $* role add Admin $BIN_DIR/keystone-manage $* role add Member $BIN_DIR/keystone-manage $* role add KeystoneAdmin $BIN_DIR/keystone-manage $* role add KeystoneServiceAdmin -$BIN_DIR/keystone-manage $* role grant Admin admin 1 -$BIN_DIR/keystone-manage $* role grant Member demo 2 -$BIN_DIR/keystone-manage $* role grant Admin admin 2 +$BIN_DIR/keystone-manage $* role grant Admin admin admin +$BIN_DIR/keystone-manage $* role grant Member demo demo +$BIN_DIR/keystone-manage $* role grant Member demo invisible_to_admin +$BIN_DIR/keystone-manage $* role grant Admin admin demo $BIN_DIR/keystone-manage $* role grant Admin admin $BIN_DIR/keystone-manage $* role grant KeystoneAdmin admin $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin # Services -$BIN_DIR/keystone-manage $* service add nova_compat nova_compat nova_compat $BIN_DIR/keystone-manage $* service add compute compute compute $BIN_DIR/keystone-manage $* service add glance glance glance $BIN_DIR/keystone-manage $* service add identity identity identity #endpointTemplates -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 1 http://%HOST_IP%:8774/v1.0/ http://%HOST_IP%:8774/v1.0 http://%HOST_IP%:8774/v1.0 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 2 http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 3 http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne 4 http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne compute http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 # Tokens -$BIN_DIR/keystone-manage $* token add 999888777666 1 1 2015-02-05T00:00 - -#Tenant endpoints -$BIN_DIR/keystone-manage $* endpoint add 1 1 -$BIN_DIR/keystone-manage $* endpoint add 1 2 -$BIN_DIR/keystone-manage $* endpoint add 1 3 -$BIN_DIR/keystone-manage $* endpoint add 1 4 -$BIN_DIR/keystone-manage $* endpoint add 1 5 -$BIN_DIR/keystone-manage $* endpoint add 1 6 - -$BIN_DIR/keystone-manage $* endpoint add 2 1 -$BIN_DIR/keystone-manage $* endpoint add 2 2 -$BIN_DIR/keystone-manage $* endpoint add 2 3 -$BIN_DIR/keystone-manage $* endpoint add 2 4 -$BIN_DIR/keystone-manage $* endpoint add 2 5 -$BIN_DIR/keystone-manage $* endpoint add 2 6 +$BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00 +# EC2 related creds $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" $BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials" From e0c0a8d9fbac8920a31f031870969fe76c61c6a0 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 29 Sep 2011 15:46:37 -0700 Subject: [PATCH 224/278] add in a keystone pip dep --- files/pips/keystone | 1 + 1 file changed, 1 insertion(+) create mode 100644 files/pips/keystone diff --git a/files/pips/keystone b/files/pips/keystone new file mode 100644 index 0000000..09636e4 --- /dev/null +++ b/files/pips/keystone @@ -0,0 +1 @@ +PassLib From f0f27ff805b2af06dca1251cec7a553d4fe095e2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 29 Sep 2011 16:22:05 -0700 Subject: [PATCH 225/278] use type='image' for glance --- files/keystone_data.sh | 10 +++++----- stackrc | 2 +- 2 files changed, 6 insertions(+), 6 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index 23646d2..d1be32d 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -23,14 +23,14 @@ $BIN_DIR/keystone-manage $* role grant KeystoneAdmin admin $BIN_DIR/keystone-manage $* role grant KeystoneServiceAdmin admin # Services -$BIN_DIR/keystone-manage $* service add compute compute compute -$BIN_DIR/keystone-manage $* service add glance glance glance -$BIN_DIR/keystone-manage $* service add identity identity identity +$BIN_DIR/keystone-manage $* service add nova compute "Nova Compute Service" +$BIN_DIR/keystone-manage $* service add glance image "Glance Image Service" +$BIN_DIR/keystone-manage $* service add keystone identity "Keystone Identity Service" #endpointTemplates -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne compute http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne identity http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 # Tokens diff --git a/stackrc b/stackrc index deb467b..8bc455e 100644 --- a/stackrc +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=master +DASH_BRANCH=glance_type_image # add nixon, will use this to show munin graphs in dashboard NIXON_REPO=https://github.com/cloudbuilders/nixon.git From 783cc7774f6888a430a05749ce30908e621c52fd Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Thu, 29 Sep 2011 18:43:44 -0500 Subject: [PATCH 226/278] Fix kernel version issue --- build_pxe_boot.sh | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index c5ef276..6d264bd 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -44,16 +44,17 @@ mkdir -p $DEST_DIR/ubuntu if [ ! -d $OPWD/pxe ]; then mkdir -p $OPWD/pxe fi -if [ ! -r $OPWD/pxe/vmlinuz-${KVER}-generic ]; then - if [ ! -r /boot/vmlinuz-${KVER}-generic ]; then +if [ ! -r $OPWD/pxe/vmlinuz-${KVER} ]; then + sudo chmod 644 /boot/vmlinuz-${KVER} + if [ ! -r /boot/vmlinuz-${KVER} ]; then echo "No kernel found" else - cp -p /boot/vmlinuz-${KVER}-generic $OPWD/pxe + cp -p /boot/vmlinuz-${KVER} $OPWD/pxe fi fi -cp -p $OPWD/pxe/vmlinuz-${KVER}-generic $DEST_DIR/ubuntu +cp -p $OPWD/pxe/vmlinuz-${KVER} $DEST_DIR/ubuntu if [ ! -r $OPWD/pxe/stack-initrd.gz ]; then - $PROGDIR/build_pxe_ramdisk.sh $OPWD/pxe/stack-initrd.gz + sudo $PROGDIR/build_pxe_ramdisk.sh $OPWD/pxe/stack-initrd.gz fi cp -p $OPWD/pxe/stack-initrd.gz $DEST_DIR/ubuntu cat >>$DEFAULT < Date: Thu, 29 Sep 2011 21:30:27 -0500 Subject: [PATCH 227/278] Minor fixes --- build_pxe_boot.sh | 3 ++- make_image.sh | 2 +- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index 6d264bd..a93e3f0 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -1,4 +1,4 @@ -#!/bin/bash +#!/bin/bash -e # build_pxe_boot.sh - Create a PXE boot environment # # build_pxe_boot.sh [-k kernel-version] destdir @@ -54,6 +54,7 @@ if [ ! -r $OPWD/pxe/vmlinuz-${KVER} ]; then fi cp -p $OPWD/pxe/vmlinuz-${KVER} $DEST_DIR/ubuntu if [ ! -r $OPWD/pxe/stack-initrd.gz ]; then + cd $OPWD sudo $PROGDIR/build_pxe_ramdisk.sh $OPWD/pxe/stack-initrd.gz fi cp -p $OPWD/pxe/stack-initrd.gz $DEST_DIR/ubuntu diff --git a/make_image.sh b/make_image.sh index cfef136..81dd97c 100755 --- a/make_image.sh +++ b/make_image.sh @@ -44,7 +44,7 @@ while getopts CIhmr:s: c; do done shift `expr $OPTIND - 1` -if [ ! "$#" -eq "2" -o -n $CHROOTONLY -a -n $IMAGEONLY ]; then +if [ ! "$#" -eq "2" -o -n "$CHROOTONLY" -a -n "$IMAGEONLY" ]; then usage fi From 958fa3defa0da029b1a78f164f8f175d7ae80a15 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Fri, 30 Sep 2011 09:22:23 -0500 Subject: [PATCH 228/278] Fix up PXE boot filenames --- build_pxe_boot.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index a93e3f0..2c4cc0e 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -63,19 +63,19 @@ cat >>$DEFAULT <>$DEFAULT < Date: Fri, 30 Sep 2011 09:24:00 -0700 Subject: [PATCH 229/278] update README, point dash to master --- README | 12 ++++++++++++ stackrc | 2 +- 2 files changed, 13 insertions(+), 1 deletion(-) diff --git a/README b/README index 2047456..7df8810 100644 --- a/README +++ b/README @@ -1,5 +1,17 @@ Tool to quickly deploy openstack dev environments +Be sure to carefully read these scripts before you run them as they install software and may alter your networking configuration. + +# To start a dev cloud on your local machine (installing on a dedicated vm is safer!): + + ./stack.sh + +# To start a dev cloud in an lxc container: + + ./build_lxc.sh + +You will need to configure a bridge and network on your host machine (by default br0) before starting build_lxc.sh. A sample host-only network configuration can be found in lxc_network_hostonlyplusnat.sh. + # Todo * Add python-novaclient cli support diff --git a/stackrc b/stackrc index 8bc455e..deb467b 100644 --- a/stackrc +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=glance_type_image +DASH_BRANCH=master # add nixon, will use this to show munin graphs in dashboard NIXON_REPO=https://github.com/cloudbuilders/nixon.git From 6398787bf1828078c1f051fbdc65c9b17440be7a Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 30 Sep 2011 11:34:43 -0700 Subject: [PATCH 230/278] update readme --- README | 31 +++++++++++++++++-------------- 1 file changed, 17 insertions(+), 14 deletions(-) diff --git a/README b/README index 7df8810..61119e9 100644 --- a/README +++ b/README @@ -1,4 +1,11 @@ -Tool to quickly deploy openstack dev environments +Tool to quickly deploy openstack dev environments. + +# Goals + +* To quickly build dev openstack environments in clean natty environments +* To describe working configurations of openstack (which code branches work together? what do config files look like for those branches?) +* To make it easier for developers to dive into openstack so that they can productively contribute without having to understand every part of the system at once +* To make it easy to prototype cross-project features Be sure to carefully read these scripts before you run them as they install software and may alter your networking configuration. @@ -6,34 +13,30 @@ Be sure to carefully read these scripts before you run them as they install soft ./stack.sh +If working correctly, you should be able to access openstack endpoints, like: + +* Dashboard: http://myhost/ +* Keystone: http://myhost:5000/v2.0/ + # To start a dev cloud in an lxc container: ./build_lxc.sh You will need to configure a bridge and network on your host machine (by default br0) before starting build_lxc.sh. A sample host-only network configuration can be found in lxc_network_hostonlyplusnat.sh. +# Customizing + +You can tweak environment variables by creating file name 'localrc' should you need to override defaults. It is likely that you will need to do this to tweak your networking configuration should you need to access your cloud from a different host. + # Todo * Add python-novaclient cli support -* move keystone/glance/dash to mysql * syslog -* check openstack-puppet recipes to see if anything else is missing * allow rabbit connection to be specified via environment variables with sensible defaults * Add volume support -* allow changing of git locations (specify different tag/branch or repos) -* change method of invoking stack.sh to ./stack.sh all _or_ ./stack.sh nova-compute,nova-network,nova-api,nova-volume * Add quantum support -# Done - -* sqlconn can be set via env -* move back to using sudo -* move nova to mysql -* munin -* image upload with a script that supports generating images via debootstrap (ubuntu-vm-builder) - # Future * idea: move from screen to tmux? * idea: create a live-cd / vmware preview image using this? -* idea: use lxc to make the proto-image have everything? so launching a new server is just turn on / updating / run? From a449dd85d85c1153abe2500945b5b4f9c1fe361f Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Fri, 30 Sep 2011 15:52:18 -0700 Subject: [PATCH 231/278] update port for keystone admin api --- files/dash_settings.py | 2 +- files/glance-api.conf | 2 +- files/glance-registry.conf | 2 +- files/keystone.conf | 2 +- files/keystone_data.sh | 2 +- 5 files changed, 5 insertions(+), 5 deletions(-) diff --git a/files/dash_settings.py b/files/dash_settings.py index 4a49a8d..10a3295 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -47,7 +47,7 @@ MAILER_EMAIL_BACKEND = EMAIL_BACKEND # FIXME: This needs to be changed to allow for multi-node setup. OPENSTACK_KEYSTONE_URL = "http://localhost:5000/v2.0/" -OPENSTACK_KEYSTONE_ADMIN_URL = "http://localhost:5001/v2.0" +OPENSTACK_KEYSTONE_ADMIN_URL = "http://localhost:35357/v2.0" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "Member" # NOTE(tres): Available services should come from the service diff --git a/files/glance-api.conf b/files/glance-api.conf index 88db79a..d386c95 100644 --- a/files/glance-api.conf +++ b/files/glance-api.conf @@ -172,7 +172,7 @@ service_protocol = http service_host = 127.0.0.1 service_port = 5000 auth_host = 127.0.0.1 -auth_port = 5001 +auth_port = 35357 auth_protocol = http auth_uri = http://127.0.0.1:5000/ admin_token = 999888777666 diff --git a/files/glance-registry.conf b/files/glance-registry.conf index 75b21f7..5bbc6c0 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -61,7 +61,7 @@ service_protocol = http service_host = 127.0.0.1 service_port = 5000 auth_host = 127.0.0.1 -auth_port = 5001 +auth_port = 35357 auth_protocol = http auth_uri = http://127.0.0.1:5000/ admin_token = 999888777666 diff --git a/files/keystone.conf b/files/keystone.conf index cd785a7..687273b 100644 --- a/files/keystone.conf +++ b/files/keystone.conf @@ -36,7 +36,7 @@ service_port = 5000 admin_host = 0.0.0.0 # Port the bind the Admin API server to -admin_port = 5001 +admin_port = 35357 #Role that allows to perform admin operations. keystone-admin-role = KeystoneAdmin diff --git a/files/keystone_data.sh b/files/keystone_data.sh index d1be32d..e6f384f 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -30,7 +30,7 @@ $BIN_DIR/keystone-manage $* service add keystone identity "Keystone Identity Ser #endpointTemplates $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne nova http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% http://%HOST_IP%:8774/v1.1/%tenant_id% 1 1 $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne glance http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% http://%HOST_IP%:9292/v1.1/%tenant_id% 1 1 -$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:5001/v2.0 http://%HOST_IP%:5000/v2.0 1 1 +$BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOST_IP%:5000/v2.0 http://%HOST_IP%:35357/v2.0 http://%HOST_IP%:5000/v2.0 1 1 # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 # Tokens From cd1016438107d8d5ca418fbf04073c9f652031d1 Mon Sep 17 00:00:00 2001 From: Vishvananda Ishaya Date: Sat, 1 Oct 2011 00:37:27 -0700 Subject: [PATCH 232/278] Make a stack user. Fixes #35 --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 29394ab..e99d72c 100755 --- a/stack.sh +++ b/stack.sh @@ -44,7 +44,7 @@ if [[ $EUID -eq 0 ]]; then apt-get install -y sudo if ! getent passwd | grep -q stack; then echo "Creating a user called stack" - useradd -g sudo -s /bin/bash -m stack + useradd -U -G sudo -s /bin/bash -m stack fi echo "Making sure stack has passwordless sudo" sed -i "/^%sudo/ { / ALL/ { s/ ALL/ NOPASSWD:ALL/ }}" /etc/sudoers From 022ed04ea010ddf42c83be6f1d595af36a2a7156 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sat, 1 Oct 2011 12:52:23 -0700 Subject: [PATCH 233/278] specify the sudo group as addition groups - since otherwise dashboard doesn't work --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 29394ab..4aed775 100755 --- a/stack.sh +++ b/stack.sh @@ -44,7 +44,7 @@ if [[ $EUID -eq 0 ]]; then apt-get install -y sudo if ! getent passwd | grep -q stack; then echo "Creating a user called stack" - useradd -g sudo -s /bin/bash -m stack + useradd -G sudo -s /bin/bash -m stack fi echo "Making sure stack has passwordless sudo" sed -i "/^%sudo/ { / ALL/ { s/ ALL/ NOPASSWD:ALL/ }}" /etc/sudoers From 6e9fae0d27b110f6b29a8962e2dfb14fb28651a5 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 08:48:34 -0700 Subject: [PATCH 234/278] fixing stack's passwdless sudo --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index e99d72c..2e87352 100755 --- a/stack.sh +++ b/stack.sh @@ -47,7 +47,7 @@ if [[ $EUID -eq 0 ]]; then useradd -U -G sudo -s /bin/bash -m stack fi echo "Making sure stack has passwordless sudo" - sed -i "/^%sudo/ { / ALL/ { s/ ALL/ NOPASSWD:ALL/ }}" /etc/sudoers + echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers echo "Copying files to stack user" cp -r -f `pwd` /home/stack/ THIS_DIR=$(basename $(dirname $(readlink -f $0))) From b96871e4865ac603aba0bb38af019cc7b83d038b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 09:02:46 -0700 Subject: [PATCH 235/278] don't use the same keystone admin token for everything --- files/glance-api.conf | 2 +- files/glance-registry.conf | 2 +- files/keystone_data.sh | 2 +- stack.sh | 13 ++++++++++--- 4 files changed, 13 insertions(+), 6 deletions(-) diff --git a/files/glance-api.conf b/files/glance-api.conf index d386c95..0358a7a 100644 --- a/files/glance-api.conf +++ b/files/glance-api.conf @@ -175,4 +175,4 @@ auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http auth_uri = http://127.0.0.1:5000/ -admin_token = 999888777666 +admin_token = %SERVICE_TOKEN% diff --git a/files/glance-registry.conf b/files/glance-registry.conf index 5bbc6c0..c3ca9a7 100644 --- a/files/glance-registry.conf +++ b/files/glance-registry.conf @@ -64,7 +64,7 @@ auth_host = 127.0.0.1 auth_port = 35357 auth_protocol = http auth_uri = http://127.0.0.1:5000/ -admin_token = 999888777666 +admin_token = %SERVICE_TOKEN% [filter:keystone_shim] paste.filter_factory = keystone.middleware.glance_auth_token:filter_factory diff --git a/files/keystone_data.sh b/files/keystone_data.sh index e6f384f..cfb4572 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -34,7 +34,7 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS # $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne swift http://%HOST_IP%:8080/v1/AUTH_%tenant_id% http://%HOST_IP%:8080/ http://%HOST_IP%:8080/v1/AUTH_%tenant_id% 1 1 # Tokens -$BIN_DIR/keystone-manage $* token add 999888777666 admin admin 2015-02-05T00:00 +$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 # EC2 related creds $BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" diff --git a/stack.sh b/stack.sh index 2e87352..285e101 100755 --- a/stack.sh +++ b/stack.sh @@ -146,6 +146,10 @@ RABBIT_HOST=${RABBIT_HOST:-localhost} # Glance connection info. Note the port must be specified. GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} +# Service Token - Openstack components need to have an admin token +# to validate user tokens. +SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} + # Install Packages # ================ # @@ -318,11 +322,13 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $FILES/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF + sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_CONF sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_CONF GLANCE_API_CONF=$GLANCE_DIR/etc/glance-api.conf cp $FILES/glance-api.conf $GLANCE_API_CONF sudo sed -e "s,%DEST%,$DEST,g" -i $GLANCE_API_CONF + sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $GLANCE_API_CONF fi # Nova @@ -428,6 +434,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then KEYSTONE_DATA=$KEYSTONE_DIR/bin/keystone_data.sh cp $FILES/keystone_data.sh $KEYSTONE_DATA sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA + sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA # initialize keystone with default users/endpoints BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA fi @@ -508,9 +515,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # add images to glance # FIXME: kernel/ramdisk is hardcoded - use return result from add - glance add -A 999888777666 name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image - glance add -A 999888777666 name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image - glance add -A 999888777666 name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image + glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image + glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image + glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image fi # Using the cloud From 9f20f5140ef319d7cc490e121ceebec6523657eb Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 09:18:03 -0700 Subject: [PATCH 236/278] set service token in keystone's paste config for nova --- stack.sh | 1 + 1 file changed, 1 insertion(+) diff --git a/stack.sh b/stack.sh index 285e101..2be9bda 100755 --- a/stack.sh +++ b/stack.sh @@ -334,6 +334,7 @@ fi # Nova # ---- +sudo sed -e "s,999888777666,$SERVICE_TOKEN,g" -i $KEYSTONE_DIR/examples/paste/nova-api-paste.ini if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then From fa418f66a8f4a72257d5acb8c8505e2741ae1216 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 09:30:54 -0700 Subject: [PATCH 237/278] fixes #39 - use openssl to generate passwd for mysql --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 2be9bda..2c81820 100755 --- a/stack.sh +++ b/stack.sh @@ -135,7 +135,7 @@ LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} # Mysql connection info MYSQL_USER=${MYSQL_USER:-root} -MYSQL_PASS=${MYSQL_PASS:-nova} +MYSQL_PASS=${MYSQL_PASS:-`openssl rand -hex 12`} MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} From 9b6741e7ec4bfeeeb8ca77b1da18564d88e3a279 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 10:01:00 -0700 Subject: [PATCH 238/278] remove nixon & munin --- build_lxc.sh | 4 +--- build_nfs.sh | 2 -- build_pxe_ramdisk.sh | 2 -- files/apts/general | 1 - files/dash_settings.py | 5 ++--- stack.sh | 36 +----------------------------------- stackrc | 8 -------- 7 files changed, 4 insertions(+), 54 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 191c493..643da7e 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -98,7 +98,7 @@ if [ ! -f $CACHEDIR/bootstrapped ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update - chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server|munin-node)"` + chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` chroot $CACHEDIR pip install `cat files/pips/*` touch $CACHEDIR/bootstrapped fi @@ -115,10 +115,8 @@ git_clone $GLANCE_REPO $CACHEDIR/$DEST/glance $GLANCE_BRANCH git_clone $KEYSTONE_REPO $CACHEDIR/$DESTkeystone $KEYSTONE_BRANCH git_clone $NOVNC_REPO $CACHEDIR/$DEST/novnc $NOVNC_BRANCH git_clone $DASH_REPO $CACHEDIR/$DEST/dash $DASH_BRANCH $DASH_TAG -git_clone $NIXON_REPO $CACHEDIR/$DEST/nixon $NIXON_BRANCH git_clone $NOVACLIENT_REPO $CACHEDIR/$DEST/python-novaclient $NOVACLIENT_BRANCH git_clone $OPENSTACKX_REPO $CACHEDIR/$DEST/openstackx $OPENSTACKX_BRANCH -git_clone $MUNIN_REPO $CACHEDIR/$DEST/openstack-munin $MUNIN_BRANCH # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then diff --git a/build_nfs.sh b/build_nfs.sh index fa3e3ef..6434df4 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -23,10 +23,8 @@ if [ ! -d proto ]; then git_clone $KEYSTONE_REPO proto/opt/keystone $KEYSTONE_BRANCH git_clone $NOVNC_REPO proto/opt/novnc $NOVNC_BRANCH git_clone $DASH_REPO proto/opt/dash $DASH_BRANCH $DASH_TAG - git_clone $NIXON_REPO proto/opt/nixon $NIXON_BRANCH git_clone $NOVACLIENT_REPO proto/opt/python-novaclient $NOVACLIENT_BRANCH git_clone $OPENSTACKX_REPO proto/opt/openstackx $OPENSTACKX_BRANCH - git_clone $MUNIN_REPO proto/opt/openstack-munin $MUNIN_BRANCH chroot proto mkdir -p /opt/files wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/files/tty.tgz fi diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 197bfc9..a9b9225 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -81,10 +81,8 @@ git_clone $GLANCE_REPO /opt/stack/glance $GLANCE_BRANCH git_clone $KEYSTONE_REPO /opt/stack/keystone $KEYSTONE_BRANCH git_clone $NOVNC_REPO /opt/stack/novnc $NOVNC_BRANCH git_clone $DASH_REPO /opt/stack/dash $DASH_BRANCH -git_clone $NIXON_REPO /opt/stack/nixon $NIXON_BRANCH git_clone $NOVACLIENT_REPO /opt/stack/python-novaclient $NOVACLIENT_BRANCH git_clone $OPENSTACKX_REPO /opt/stack/openstackx $OPENSTACKX_BRANCH -git_clone $MUNIN_REPO /opt/stack/openstack-munin $MUNIN_BRANCH # build a new image BASE=build.$$ diff --git a/files/apts/general b/files/apts/general index ce48b00..7aee9bc 100644 --- a/files/apts/general +++ b/files/apts/general @@ -11,6 +11,5 @@ lsof # useful when debugging openssh-server vim-nox locate # useful when debugging -munin python-virtualenv python-unittest2 diff --git a/files/dash_settings.py b/files/dash_settings.py index 10a3295..74d0350 100644 --- a/files/dash_settings.py +++ b/files/dash_settings.py @@ -17,10 +17,9 @@ DATABASES = { CACHE_BACKEND = 'dummy://' -# Add nixon + other apps to dash installation. +# Add apps to dash installation. INSTALLED_APPS = ( 'dashboard', - 'dashboard.nixon', 'django.contrib.contenttypes', 'django.contrib.sessions', 'django.contrib.messages', @@ -61,7 +60,7 @@ QUANTUM_PORT = '9696' QUANTUM_TENANT = '1234' QUANTUM_CLIENT_VERSION='0.1' -# We use nixon to embed instead of external monitoring links +# No monitoring links currently EXTERNAL_MONITORING = [] # Uncomment the following segment to silence most logging diff --git a/stack.sh b/stack.sh index 2c81820..dd54d0b 100755 --- a/stack.sh +++ b/stack.sh @@ -97,16 +97,14 @@ sudo chown `whoami` $DEST # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash -NIXON_DIR=$DEST/dash/openstack-dashboard/dashboard/nixon GLANCE_DIR=$DEST/glance KEYSTONE_DIR=$DEST/keystone NOVACLIENT_DIR=$DEST/python-novaclient OPENSTACKX_DIR=$DEST/openstackx NOVNC_DIR=$DEST/noVNC -MUNIN_DIR=$DEST/openstack-munin # Specify which services to launch. These generally correspond to screen tabs -ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit,munin} +ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit} # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then @@ -193,15 +191,11 @@ git_clone $KEYSTONE_REPO $KEYSTONE_DIR $KEYSTONE_BRANCH git_clone $NOVNC_REPO $NOVNC_DIR $NOVNC_BRANCH # django powered web control panel for openstack git_clone $DASH_REPO $DASH_DIR $DASH_BRANCH $DASH_TAG -# add nixon, will use this to show munin graphs in dashboard -git_clone $NIXON_REPO $NIXON_DIR $NIXON_BRANCH # python client library to nova that dashboard (and others) use git_clone $NOVACLIENT_REPO $NOVACLIENT_DIR $NOVACLIENT_BRANCH # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. git_clone $OPENSTACKX_REPO $OPENSTACKX_DIR $OPENSTACKX_BRANCH -# openstack-munin is a collection of munin plugins for monitoring the stack -git_clone $MUNIN_REPO $MUNIN_DIR $MUNIN_BRANCH # Initialization # ============== @@ -262,7 +256,6 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then cd $DASH_DIR/openstack-dashboard - # Includes settings for Nixon, to expose munin charts. sudo cp $FILES/dash_settings.py local/local_settings.py dashboard/manage.py syncdb @@ -277,33 +270,6 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then fi -# Munin -# ----- - -# Munin is accessable via apache and was configured in the dashboard section. - -if [[ "$ENABLED_SERVICES" =~ "munin" ]]; then - # allow connections from other hosts - sudo sed -i -e 's/Allow from localhost/Allow from all/g' /etc/munin/apache.conf - - cat >/tmp/nova < Date: Sun, 2 Oct 2011 13:03:51 -0400 Subject: [PATCH 239/278] we don't use bzr anymore --- files/apts/general | 1 - 1 file changed, 1 deletion(-) diff --git a/files/apts/general b/files/apts/general index 7aee9bc..32379c0 100644 --- a/files/apts/general +++ b/files/apts/general @@ -6,7 +6,6 @@ unzip wget psmisc git-core -bzr lsof # useful when debugging openssh-server vim-nox From c6d3042e0658d48f291a0fe6cab95811e55f6ecd Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 13:11:28 -0400 Subject: [PATCH 240/278] attempt to get lxc working #23 --- stack.sh | 17 +++++++++++++++-- 1 file changed, 15 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index dd54d0b..3184ca9 100755 --- a/stack.sh +++ b/stack.sh @@ -308,9 +308,22 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # qcow images) and kvm (hardware based virtualization). If unable to # load kvm, set the libvirt type to qemu. sudo modprobe nbd || true - if [ ! -e /dev/kvm ]; then - LIBVIRT_TYPE=qemu + + if [[ "$LIBVIRT_TYPE" -eq "kvm" ]]; then + if [ ! -e /dev/kvm ]; then + LIBVIRT_TYPE=qemu + fi + fi + + if [[ "$LIBVIRT_TYPE" -eq "lxc" ]]; then + apt-get install lxc -y + sudo mkdir -p /cgroup + sudo mount none -t cgroup -o cpuacct,memory,devices,cpu,freezer,blkio /cgroup + if ! grep -q cgroup /etc/fstab; then + sudo echo none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 >> /etc/fstab + fi fi + # User needs to be member of libvirtd group for nova-compute to use libvirt. sudo usermod -a -G libvirtd `whoami` # if kvm wasn't running before we need to restart libvirt to enable it From 8cfd8b6cf2450b6ff6a51b9d380ea438692b4a43 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 13:17:31 -0400 Subject: [PATCH 241/278] apt-get needs sudo'd --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 3184ca9..3d0db93 100755 --- a/stack.sh +++ b/stack.sh @@ -316,7 +316,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then fi if [[ "$LIBVIRT_TYPE" -eq "lxc" ]]; then - apt-get install lxc -y + sudo apt-get install lxc -y sudo mkdir -p /cgroup sudo mount none -t cgroup -o cpuacct,memory,devices,cpu,freezer,blkio /cgroup if ! grep -q cgroup /etc/fstab; then From c315ebfde651f02abd0b1af116a59936ac3f91cd Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 13:25:33 -0400 Subject: [PATCH 242/278] append to fstab correctly --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 3d0db93..27ea5ec 100755 --- a/stack.sh +++ b/stack.sh @@ -320,7 +320,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then sudo mkdir -p /cgroup sudo mount none -t cgroup -o cpuacct,memory,devices,cpu,freezer,blkio /cgroup if ! grep -q cgroup /etc/fstab; then - sudo echo none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 >> /etc/fstab + echo none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 | sudo tee -a /etc/fstab fi fi From 89358afe3598cc5d4636f050deeacf8c5cc2354f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 14:11:17 -0400 Subject: [PATCH 243/278] don't use secrete as admin password - fixes #34 --- files/keystone_data.sh | 12 +++++++----- stack.sh | 4 ++++ 2 files changed, 11 insertions(+), 5 deletions(-) diff --git a/files/keystone_data.sh b/files/keystone_data.sh index cfb4572..f48eaf9 100755 --- a/files/keystone_data.sh +++ b/files/keystone_data.sh @@ -6,8 +6,8 @@ $BIN_DIR/keystone-manage $* tenant add demo $BIN_DIR/keystone-manage $* tenant add invisible_to_admin # Users -$BIN_DIR/keystone-manage $* user add admin secrete -$BIN_DIR/keystone-manage $* user add demo secrete +$BIN_DIR/keystone-manage $* user add admin %ADMIN_PASSWORD% +$BIN_DIR/keystone-manage $* user add demo %ADMIN_PASSWORD% # Roles $BIN_DIR/keystone-manage $* role add Admin @@ -36,6 +36,8 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS # Tokens $BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00 -# EC2 related creds -$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin:admin' admin admin || echo "no support for adding credentials" -$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo:demo' demo demo || echo "no support for adding credentials" +# EC2 related creds - note we are setting the token to user_password +# but keystone doesn't parse them - it is just a blob from keystone's +# point of view +$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials" +$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials" diff --git a/stack.sh b/stack.sh index 27ea5ec..07b323b 100755 --- a/stack.sh +++ b/stack.sh @@ -147,6 +147,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} # Service Token - Openstack components need to have an admin token # to validate user tokens. SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} +ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} # Install Packages # ================ @@ -415,6 +416,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then cp $FILES/keystone_data.sh $KEYSTONE_DATA sudo sed -e "s,%HOST_IP%,$HOST_IP,g" -i $KEYSTONE_DATA sudo sed -e "s,%SERVICE_TOKEN%,$SERVICE_TOKEN,g" -i $KEYSTONE_DATA + sudo sed -e "s,%ADMIN_PASSWORD%,$ADMIN_PASSWORD,g" -i $KEYSTONE_DATA # initialize keystone with default users/endpoints BIN_DIR=$KEYSTONE_DIR/bin bash $KEYSTONE_DATA fi @@ -513,6 +515,8 @@ fi if [[ "$ENABLED_SERVICES" =~ "key" ]]; then echo "keystone is serving at http://$HOST_IP:5000/v2.0/" echo "examples on using novaclient command line is in exercise.sh" + echo "the default users are: admin and demo" + echo "the password: $ADMIN_PASSWORD" fi # Summary From 53ed387de467deab7b8a45c2e6f86e794438ef88 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 14:28:17 -0400 Subject: [PATCH 244/278] don't use guest for rabbitmq password - fixes #41 --- stack.sh | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/stack.sh b/stack.sh index 07b323b..779c2af 100755 --- a/stack.sh +++ b/stack.sh @@ -140,6 +140,7 @@ BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} # Rabbit connection info RABBIT_HOST=${RABBIT_HOST:-localhost} +RABBIT_PASSWORD=${RABBIT_PASSWORD:-`openssl rand -hex 12`} # Glance connection info. Note the port must be specified. GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} @@ -149,6 +150,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} + # Install Packages # ================ # @@ -224,6 +226,8 @@ cp $FILES/screenrc ~/.screenrc if [[ "$ENABLED_SERVICES" =~ "rabbit" ]]; then # Install and start rabbitmq-server sudo apt-get install -y -q rabbitmq-server + # change the rabbit password since the default is "guest" + sudo rabbitmqctl change_password guest $RABBIT_PASSWORD fi # Mysql @@ -375,6 +379,7 @@ add_nova_flag "--api_paste_config=$KEYSTONE_DIR/examples/paste/nova-api-paste.in add_nova_flag "--image_service=nova.image.glance.GlanceImageService" add_nova_flag "--ec2_dmz_host=$EC2_DMZ_HOST" add_nova_flag "--rabbit_host=$RABBIT_HOST" +add_nova_flag "--rabbit_password=$RABBIT_PASSWORD" add_nova_flag "--glance_api_servers=$GLANCE_HOSTPORT" add_nova_flag "--flat_network_bridge=$FLAT_NETWORK_BRIDGE" if [ -n "$FLAT_INTERFACE" ]; then From 0e7e897b4842a810a657b91a1e6dcde1b64bf562 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 16:36:54 -0400 Subject: [PATCH 245/278] simple docs --- stack.sh | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/stack.sh b/stack.sh index 779c2af..16386ea 100755 --- a/stack.sh +++ b/stack.sh @@ -1,14 +1,15 @@ #!/usr/bin/env bash -# **stack.sh** is an opinionated openstack dev installation. +# **stack.sh** is an opinionated openstack developer installation. + +# This script installs and configures *nova*, *glance*, *dashboard* and *keystone* # To keep this script simple we assume you are running on an **Ubuntu 11.04 # Natty** machine. It should work in a VM or physical server. Additionally we # put the list of *apt* and *pip* dependencies and other configuration files in # this repo. So start by grabbing this script and the dependencies. -# You can grab the most recent version of this script and files from Rackspace -# Cloud Builders at https://github.com/cloudbuilders/devstack +# Learn more and get the most recent version at http://devstack.org # Sanity Check # ============ From 782b99176c05e42431c67e30abea2a9053f17994 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 16:53:21 -0400 Subject: [PATCH 246/278] update docs --- stack.sh | 61 +++++++++++++++++++++++++++++++++++++++++--------------- 1 file changed, 45 insertions(+), 16 deletions(-) diff --git a/stack.sh b/stack.sh index 16386ea..444f543 100755 --- a/stack.sh +++ b/stack.sh @@ -4,6 +4,8 @@ # This script installs and configures *nova*, *glance*, *dashboard* and *keystone* +# FIXME: talk about single or multi-node installs + # To keep this script simple we assume you are running on an **Ubuntu 11.04 # Natty** machine. It should work in a VM or physical server. Additionally we # put the list of *apt* and *pip* dependencies and other configuration files in @@ -14,7 +16,7 @@ # Sanity Check # ============ -# Start our timer +# Record the start time. This allows us to print how long this script takes to run. START_TIME=`python -c "import time; print time.time()"` # Warn users who aren't on natty, but allow them to override check and attempt @@ -37,28 +39,41 @@ if [ ! -d $FILES ]; then exit 1 fi -# If stack.sh is run as root, it automatically creates a stack user with +# OpenStack is designed to be run as a regular user (Dashboard will fail to run +# as root, since apache refused to startup serve content from root user). If +# stack.sh is run as root, it automatically creates a stack user with # sudo privileges and runs as that user. if [[ $EUID -eq 0 ]]; then echo "You are running this script as root." + + # ensure sudo apt-get update apt-get install -y sudo + if ! getent passwd | grep -q stack; then echo "Creating a user called stack" useradd -U -G sudo -s /bin/bash -m stack fi - echo "Making sure stack has passwordless sudo" + echo "Giving stack user passwordless sudo priviledges" echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers + echo "Copying files to stack user" cp -r -f `pwd` /home/stack/ THIS_DIR=$(basename $(dirname $(readlink -f $0))) - chown -R stack:sudo /home/stack/$THIS_DIR + chown -R stack /home/stack/$THIS_DIR echo "Running the script as stack in 3 seconds..." sleep 3 exec su -c "cd /home/stack/$THIS_DIR/; bash stack.sh; bash" stack exit 0 fi +# So that errors don't compound we exit on any errors so you see only the +# first error that occured. +set -o errexit + +# Print the commands being run so that we can see the command that triggers +# an error. It is also useful for following allowing as the install occurs. +set -o xtrace # Settings # ======== @@ -79,13 +94,8 @@ fi # We try to have sensible defaults, so you should be able to run ``./stack.sh`` # in most cases. -# So that errors don't compound we exit on any errors so you see only the -# first error that occured. -set -o errexit -# Print the commands being run so that we can see the command that triggers -# an error. It is also useful for following allowing as the install occurs. -set -o xtrace +# FIXME: TALK ABOUT stackrc and localrc # Import variables source ./stackrc @@ -107,12 +117,21 @@ NOVNC_DIR=$DEST/noVNC # Specify which services to launch. These generally correspond to screen tabs ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-vnc,dash,mysql,rabbit} +# Nova hypervisor configuration. We default to **kvm** but will drop back to +# **qemu** if we are unable to load the kvm module. Stack.sh can also install +# an **LXC** based system. +LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} + +SCHEDULER=${SCHEDULER:-nova.scheduler.simple.SimpleScheduler} + # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable if [ ! -n "$HOST_IP" ]; then HOST_IP=`LC_ALL=C /sbin/ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'` fi -# Nova network configuration +# Nova Network Configuration +# -------------------------- + PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE} FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} @@ -121,21 +140,28 @@ FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256} NET_MAN=${NET_MAN:-FlatDHCPManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} -SCHEDULER=${SCHEDULER:-nova.scheduler.simple.SimpleScheduler} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an # ip or you risk breaking things. FLAT_INTERFACE=${FLAT_INTERFACE:-eth0} -# Nova hypervisor configuration. We default to **kvm** but will drop back to -# **qemu** if we are unable to load the kvm module. -LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} -# Mysql connection info +# MySQL & RabbitMQ +# ---------------- + +# We configure Nova, Dashboard, Glance and Keystone to use MySQL as their +# database server. While they share a single server, each has their own +# database and tables. + +# By default this script will install and configure MySQL. If you want to +# use an existing server, you can pass in the user/password/host parameters. +# You will need to send the same ``MYSQL_PASS`` to every host if you are doing +# a multi-node devstack installation. MYSQL_USER=${MYSQL_USER:-root} MYSQL_PASS=${MYSQL_PASS:-`openssl rand -hex 12`} MYSQL_HOST=${MYSQL_HOST:-localhost} + # don't specify /db in this string, so we can use it for multiple services BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST} @@ -146,6 +172,9 @@ RABBIT_PASSWORD=${RABBIT_PASSWORD:-`openssl rand -hex 12`} # Glance connection info. Note the port must be specified. GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} +# Keystone +# -------- + # Service Token - Openstack components need to have an admin token # to validate user tokens. SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} From cbe98d566320c0a11ce860b450eb4ab24427767f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 17:47:32 -0400 Subject: [PATCH 247/278] more documentation --- stack.sh | 91 ++++++++++++++++++++++++++++++++++++++++---------------- 1 file changed, 66 insertions(+), 25 deletions(-) diff --git a/stack.sh b/stack.sh index 444f543..5deafe8 100755 --- a/stack.sh +++ b/stack.sh @@ -43,10 +43,12 @@ fi # as root, since apache refused to startup serve content from root user). If # stack.sh is run as root, it automatically creates a stack user with # sudo privileges and runs as that user. + if [[ $EUID -eq 0 ]]; then echo "You are running this script as root." - # ensure sudo + # since this script runs as a normal user, we need to give that user + # ability to run sudo apt-get update apt-get install -y sudo @@ -122,6 +124,8 @@ ENABLED_SERVICES=${ENABLED_SERVICES:-g-api,g-reg,key,n-api,n-cpu,n-net,n-sch,n-v # an **LXC** based system. LIBVIRT_TYPE=${LIBVIRT_TYPE:-kvm} +# nova supports pluggable schedulers. ``SimpleScheduler`` should work in most +# cases unless you are working on multi-zone mode. SCHEDULER=${SCHEDULER:-nova.scheduler.simple.SimpleScheduler} # Use the first IP unless an explicit is set by ``HOST_IP`` environment variable @@ -133,19 +137,26 @@ fi # -------------------------- PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} -VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE} -FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256} +FLOATING_RANGE=${FLOATING_RANGE:-172.24.4.1/28} NET_MAN=${NET_MAN:-FlatDHCPManager} EC2_DMZ_HOST=${EC2_DMZ_HOST:-$HOST_IP} FLAT_NETWORK_BRIDGE=${FLAT_NETWORK_BRIDGE:-br100} +VLAN_INTERFACE=${VLAN_INTERFACE:-$PUBLIC_INTERFACE} + +# Multi-host is a mode where each compute node runs its own network node. This +# allows network operations and routing for a VM to occur on the server that is +# running the VM - removing a SPOF and bandwidth bottleneck. +MULTI_HOST=${MULTI_HOST:-0} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an # ip or you risk breaking things. FLAT_INTERFACE=${FLAT_INTERFACE:-eth0} +## FIXME(ja): should/can we check that FLAT_INTERFACE is sane? + # MySQL & RabbitMQ # ---------------- @@ -186,13 +197,6 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} # # Openstack uses a fair number of other projects. -# Seed configuration with mysql password so that apt-get install doesn't -# prompt us for a password upon install. -cat < Date: Sun, 2 Oct 2011 17:50:41 -0400 Subject: [PATCH 248/278] more documentation and attempt to fix glance add --- stack.sh | 17 ++++++++++++----- 1 file changed, 12 insertions(+), 5 deletions(-) diff --git a/stack.sh b/stack.sh index 5deafe8..25a6579 100755 --- a/stack.sh +++ b/stack.sh @@ -518,10 +518,12 @@ function screen_it { screen -d -m -S nova -t nova sleep 1 +# launch the glance registery service if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then screen_it g-reg "cd $GLANCE_DIR; bin/glance-registry --config-file=etc/glance-registry.conf" fi +# launch the glance api and wait for it to answer before continuing if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then screen_it g-api "cd $GLANCE_DIR; bin/glance-api --config-file=etc/glance-api.conf" while ! wget -q -O- http://$GLANCE_HOSTPORT; do @@ -530,6 +532,7 @@ if [[ "$ENABLED_SERVICES" =~ "g-api" ]]; then done fi +# launch the keystone and wait for it to answer before continuing if [[ "$ENABLED_SERVICES" =~ "key" ]]; then screen_it key "cd $KEYSTONE_DIR && $KEYSTONE_DIR/bin/keystone --config-file $KEYSTONE_CONF -d" while ! wget -q -O- http://127.0.0.1:5000; do @@ -538,6 +541,7 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then done fi +# launch the nova-api and wait for it to answer before continuing if [[ "$ENABLED_SERVICES" =~ "n-api" ]]; then screen_it n-api "cd $NOVA_DIR && $NOVA_DIR/bin/nova-api" while ! wget -q -O- http://127.0.0.1:8774; do @@ -571,11 +575,14 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then mkdir -p $FILES/images tar -zxf $FILES/tty.tgz -C $FILES/images - # add images to glance - # FIXME: kernel/ramdisk is hardcoded - use return result from add - glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image - glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image - glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=1 ramdisk_id=2 < $FILES/images/ami-tty/image + # add a debugging images to glance + KERNEL_ID=glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true \ + container_format=aki disk_format=aki < $FILES/images/aki-tty/image + RAMDISK_ID=glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true \ + container_format=ari disk_format=ari < $FILES/images/ari-tty/image + glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami \ + disk_format=ami kernel_id=$KERNEL_ID \ + ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image fi # Using the cloud From 014e9130dbdcaa1a10db37f4af8b912e50345a92 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 19:23:22 -0400 Subject: [PATCH 249/278] fix grabbing kernel/ramdisk --- stack.sh | 10 +++------- 1 file changed, 3 insertions(+), 7 deletions(-) diff --git a/stack.sh b/stack.sh index 25a6579..6956f9f 100755 --- a/stack.sh +++ b/stack.sh @@ -576,13 +576,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then tar -zxf $FILES/tty.tgz -C $FILES/images # add a debugging images to glance - KERNEL_ID=glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true \ - container_format=aki disk_format=aki < $FILES/images/aki-tty/image - RAMDISK_ID=glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true \ - container_format=ari disk_format=ari < $FILES/images/ari-tty/image - glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami \ - disk_format=ami kernel_id=$KERNEL_ID \ - ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image + KERNEL_ID=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image` + RAMDISK_ID=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` + glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image fi # Using the cloud From 2ff3f59e5b78c3ac54f628d6faa40c614bff6fc6 Mon Sep 17 00:00:00 2001 From: Andy Smith Date: Sun, 2 Oct 2011 21:05:01 -0300 Subject: [PATCH 250/278] TODO: fix parsing of glance results --- stack.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/stack.sh b/stack.sh index 6956f9f..12bfb39 100755 --- a/stack.sh +++ b/stack.sh @@ -577,7 +577,9 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # add a debugging images to glance KERNEL_ID=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image` + KERNEL_ID=1 # FIXME: parse glance results RAMDISK_ID=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` + RAMDISK_ID=2 # FIXME: parse glance results glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image fi From a5e5f2a680e07cd0019f0751728297e312c3a6ea Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 21:07:08 -0400 Subject: [PATCH 251/278] attempt to get the id from glance redux --- stack.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index 12bfb39..bb8bdf5 100755 --- a/stack.sh +++ b/stack.sh @@ -576,10 +576,10 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then tar -zxf $FILES/tty.tgz -C $FILES/images # add a debugging images to glance - KERNEL_ID=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image` - KERNEL_ID=1 # FIXME: parse glance results - RAMDISK_ID=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` - RAMDISK_ID=2 # FIXME: parse glance results + RVAL=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image` + KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` + RVAL=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` + RAMDISK_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image fi From 08e8b74588257abf9a04baf04c7315235e06144c Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 2 Oct 2011 23:42:56 -0400 Subject: [PATCH 252/278] add uec-natty --- stack.sh | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index bb8bdf5..3aa90ce 100755 --- a/stack.sh +++ b/stack.sh @@ -565,6 +565,9 @@ screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f / # ============== if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then + + mkdir -p $FILES/images + # Downloads a tty image (ami/aki/ari style), then extracts it. Upon extraction # we upload to glance with the glance cli tool. if [ ! -f $FILES/tty.tgz ]; then @@ -572,7 +575,6 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then fi # extract ami-tty/image, aki-tty/image & ari-tty/image - mkdir -p $FILES/images tar -zxf $FILES/tty.tgz -C $FILES/images # add a debugging images to glance @@ -581,6 +583,21 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then RVAL=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` RAMDISK_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image + + + # Ubuntu 11.04 aka Natty - downloaded from ubuntu enterprise cloud images. This + # image doesn't use the ramdisk functionality + + if [ ! -f $FILES/natty.tgz ]; then + wget -c http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz -O $FILES/natty.tgz + fi + + tar -zxf $FILES/natty.tgz -C $FILES/images + + RVAL=`glance add -A $SERVICE_TOKEN name="uec-natty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/natty-server-cloudimg-amd64-vmlinuz-virtual` + KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` + glance add -A $SERVICE_TOKEN name="uec-natty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID < $FILES/images/natty-server-cloudimg-amd64.img + fi # Using the cloud From bfc7bdacae79df0d20b9db12323148377c8e578b Mon Sep 17 00:00:00 2001 From: Devin Carlen Date: Sun, 2 Oct 2011 20:44:39 -0700 Subject: [PATCH 253/278] Target Dashboard to diablo branch --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index 15d73ce..ac48d51 100644 --- a/stackrc +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=master +DASH_BRANCH=diablo # python client library to nova that dashboard (and others) use NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git From 85d9be3a7937b87b91e83c5281b8db1137af33a2 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 3 Oct 2011 00:01:28 -0400 Subject: [PATCH 254/278] document images upload --- stack.sh | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 3aa90ce..cc70506 100755 --- a/stack.sh +++ b/stack.sh @@ -564,8 +564,14 @@ screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f / # Install Images # ============== -if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then +# Upload a couple images to glance. **TTY** is a simple small image that use the +# lets you login to it with username/password of user/password. TTY is useful +# for basic functionality. We all include an Ubuntu cloud build of **Natty**. +# Natty uses cloud-init, supporting login via keypair and sending scripts as +# userdata. Read more about cloud-init at https://help.ubuntu.com/community/CloudInit +if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then + # create a directory for the downloadedthe images tarballs. mkdir -p $FILES/images # Downloads a tty image (ami/aki/ari style), then extracts it. Upon extraction From 5372f43387f83d890d7e416d43d826fd11581dba Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 3 Oct 2011 01:08:24 -0400 Subject: [PATCH 255/278] update readmes --- stack.sh | 60 +++++++++++++++++++++++++++++++++++++++++++------------- 1 file changed, 46 insertions(+), 14 deletions(-) diff --git a/stack.sh b/stack.sh index cc70506..6115953 100755 --- a/stack.sh +++ b/stack.sh @@ -4,7 +4,11 @@ # This script installs and configures *nova*, *glance*, *dashboard* and *keystone* -# FIXME: talk about single or multi-node installs +# This script allows you to specify configuration options of what git +# repositories to use, enabled services, network configuration and various +# passwords. If you are crafty you can run the script on multiple nodes using +# shared settings for common resources (mysql, rabbitmq) and build a multi-node +# developer install. # To keep this script simple we assume you are running on an **Ubuntu 11.04 # Natty** machine. It should work in a VM or physical server. Additionally we @@ -95,11 +99,16 @@ set -o xtrace # # We try to have sensible defaults, so you should be able to run ``./stack.sh`` # in most cases. - - -# FIXME: TALK ABOUT stackrc and localrc - -# Import variables +# +# We our settings from ``stackrc``. This file is distributed with devstack and +# contains locations for what repositories to use. If you want to use other +# repositories and branches, you can add your own settings with another file +# called ``localrc`` +# +# If ``localrc`` exists, then ``stackrc`` will load those settings. This is +# useful for changing a branch or repostiory to test other versions. Also you +# can store your other settings like **MYSQL_PASS** or **ADMIN_PASSWORD** instead +# of letting devstack generate random ones for you. source ./stackrc # Destination path for installation ``DEST`` @@ -136,6 +145,9 @@ fi # Nova Network Configuration # -------------------------- +# FIXME: more documentation about why these are important flags. Also +# we should make sure we use the same variable names as the flag names. + PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0} FIXED_RANGE=${FIXED_RANGE:-10.0.0.0/24} FIXED_NETWORK_SIZE=${FIXED_NETWORK_SIZE:-256} @@ -153,6 +165,17 @@ MULTI_HOST=${MULTI_HOST:-0} # If you are using FlatDHCP on multiple hosts, set the ``FLAT_INTERFACE`` # variable but make sure that the interface doesn't already have an # ip or you risk breaking things. +# +# **DHCP Warning**: If your flat interface device uses DHCP, there will be a +# hiccup while the network is moved from the flat interface to the flat network +# bridge. This will happen when you launch your first instance. Upon launch +# you will lose all connectivity to the node, and the vm launch will probably +# fail. +# +# If you are running on a single node and don't need to access the VMs from +# devices other than that node, you can set the flat interface to the same +# value as ``FLAT_NETWORK_BRIDGE``. This will stop the network hiccup from +# occuring. FLAT_INTERFACE=${FLAT_INTERFACE:-eth0} ## FIXME(ja): should/can we check that FLAT_INTERFACE is sane? @@ -568,14 +591,20 @@ screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f / # lets you login to it with username/password of user/password. TTY is useful # for basic functionality. We all include an Ubuntu cloud build of **Natty**. # Natty uses cloud-init, supporting login via keypair and sending scripts as -# userdata. Read more about cloud-init at https://help.ubuntu.com/community/CloudInit +# userdata. +# +# Read more about cloud-init at https://help.ubuntu.com/community/CloudInit if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # create a directory for the downloadedthe images tarballs. mkdir -p $FILES/images - # Downloads a tty image (ami/aki/ari style), then extracts it. Upon extraction - # we upload to glance with the glance cli tool. + # Debug Image (TTY) + # ----------------- + + # Downloads the image (ami/aki/ari style), then extracts it. Upon extraction + # we upload to glance with the glance cli tool. TTY is a stripped down + # version of ubuntu. if [ ! -f $FILES/tty.tgz ]; then wget -c http://images.ansolabs.com/tty.tgz -O $FILES/tty.tgz fi @@ -583,17 +612,20 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # extract ami-tty/image, aki-tty/image & ari-tty/image tar -zxf $FILES/tty.tgz -C $FILES/images - # add a debugging images to glance + # Use glance client to add the kernel, ramdisk and finally the root + # filesystem. We parse the results of the uploads to get glance IDs of the + # ramdisk and kernel and use them for the root filesystem. RVAL=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image` KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` RVAL=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image` RAMDISK_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "` glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image + # Ubuntu 11.04 aka Natty + # ---------------------- - # Ubuntu 11.04 aka Natty - downloaded from ubuntu enterprise cloud images. This + # Downloaded from ubuntu enterprise cloud images. This # image doesn't use the ramdisk functionality - if [ ! -f $FILES/natty.tgz ]; then wget -c http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz -O $FILES/natty.tgz fi @@ -623,8 +655,8 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then echo "the password: $ADMIN_PASSWORD" fi -# Summary -# ======= +# Fin +# === # End our timer and give a timing summary END_TIME=`python -c "import time; print time.time()"` From 4cbb267679b54d83287bbe6f51f5edb5d005f4c0 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 09:14:36 -0500 Subject: [PATCH 256/278] Move chroot cache dirs out of devstack dir --- build_nfs.sh | 34 ++++++++++++++++++---------------- build_pxe_ramdisk.sh | 35 ++++++++++++++++++----------------- 2 files changed, 36 insertions(+), 33 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 6434df4..6290c74 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,5 +1,7 @@ #!/bin/bash +CHROOTCACHE=${CHROOTCACHE:-/root/cache} + # Source params source ./stackrc @@ -12,24 +14,24 @@ DEST="/nfs/$NAME" rm -rf $DEST # build a proto image - natty + packages that will install (optimization) -if [ ! -d proto ]; then - debootstrap natty proto - cp files/sources.list proto/etc/apt/sources.list - chroot proto apt-get update - chroot proto apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot proto pip install `cat files/pips/*` - git_clone $NOVA_REPO proto/opt/nova $NOVA_BRANCH - git_clone $GLANCE_REPO proto/opt/glance $GLANCE_BRANCH - git_clone $KEYSTONE_REPO proto/opt/keystone $KEYSTONE_BRANCH - git_clone $NOVNC_REPO proto/opt/novnc $NOVNC_BRANCH - git_clone $DASH_REPO proto/opt/dash $DASH_BRANCH $DASH_TAG - git_clone $NOVACLIENT_REPO proto/opt/python-novaclient $NOVACLIENT_BRANCH - git_clone $OPENSTACKX_REPO proto/opt/openstackx $OPENSTACKX_BRANCH - chroot proto mkdir -p /opt/files - wget -c http://images.ansolabs.com/tty.tgz -O proto/opt/files/tty.tgz +if [ ! -d $CHROOTCACHE/proto ]; then + debootstrap natty $CHROOTCACHE/proto + cp files/sources.list $CHROOTCACHE/proto/etc/apt/sources.list + chroot $CHROOTCACHE/proto apt-get update + chroot $CHROOTCACHE/proto apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CHROOTCACHE/proto pip install `cat files/pips/*` + git_clone $NOVA_REPO $CHROOTCACHE/proto/opt/nova $NOVA_BRANCH + git_clone $GLANCE_REPO $CHROOTCACHE/proto/opt/glance $GLANCE_BRANCH + git_clone $KEYSTONE_REPO $CHROOTCACHE/proto/opt/keystone $KEYSTONE_BRANCH + git_clone $NOVNC_REPO $CHROOTCACHE/proto/opt/novnc $NOVNC_BRANCH + git_clone $DASH_REPO $CHROOTCACHE/proto/opt/dash $DASH_BRANCH $DASH_TAG + git_clone $NOVACLIENT_REPO $CHROOTCACHE/proto/opt/python-novaclient $NOVACLIENT_BRANCH + git_clone $OPENSTACKX_REPO $CHROOTCACHE/proto/opt/openstackx $OPENSTACKX_BRANCH + chroot $CHROOTCACHE/proto mkdir -p /opt/files + wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/proto/opt/files/tty.tgz fi -cp -pr proto $DEST +cp -pr $CHROOTCACHE/proto $DEST # set hostname echo $NAME > $DEST/etc/hostname diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index a9b9225..5736fec 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -7,44 +7,45 @@ if [ ! "$#" -eq "1" ]; then fi PROGDIR=`dirname $0` +CHROOTCACHE=${CHROOTCACHE:-/root/cache} # Source params source ./stackrc # clean install of natty -if [ ! -d natty-base ]; then - $PROGDIR/make_image.sh -C natty natty-base +if [ ! -d $CHROOTCACHE/natty-base ]; then + $PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base # copy kernel modules... # NOTE(ja): is there a better way to do this? - cp -pr /lib/modules/`uname -r` natty-base/lib/modules + cp -pr /lib/modules/`uname -r` $CHROOTCACHE/natty-base/lib/modules # a simple password - pass - echo root:pass | chroot natty-base chpasswd + echo root:pass | chroot $CHROOTCACHE/natty-base chpasswd fi # prime natty with as many apt/pips as we can -if [ ! -d primed ]; then - rsync -azH natty-base/ primed/ - chroot primed apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot primed pip install `cat files/pips/*` +if [ ! -d $CHROOTCACHE/natty-dev ]; then + rsync -azH $CHROOTCACHE/natty-base/ $CHROOTCACHE/natty-dev/ + chroot $CHROOTCACHE/natty-dev apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CHROOTCACHE/natty-dev pip install `cat files/pips/*` # Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. - chroot primed groupadd libvirtd - chroot primed useradd stack -s /bin/bash -d /opt -G libvirtd + chroot $CHROOTCACHE/natty-dev groupadd libvirtd + chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d /opt -G libvirtd # a simple password - pass - echo stack:pass | chroot primed chpasswd + echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd # and has sudo ability (in the future this should be limited to only what # stack requires) - echo "stack ALL=(ALL) NOPASSWD: ALL" >> primed/etc/sudoers + echo "stack ALL=(ALL) NOPASSWD: ALL" >> $CHROOTCACHE/natty-dev/etc/sudoers fi # clone git repositories onto the system # ====================================== -if [ ! -d cloned ]; then - rsync -azH primed/ cloned/ +if [ ! -d $CHROOTCACHE/natty-stack ]; then + rsync -azH $CHROOTCACHE/natty-dev/ $CHROOTCACHE/natty-stack/ fi # git clone only if directory doesn't exist already. Since ``DEST`` might not @@ -53,7 +54,7 @@ fi function git_clone { # clone new copy or fetch latest changes - CHECKOUT=cloned$2 + CHECKOUT=$CHROOTCACHE/natty-stack$2 if [ ! -d $CHECKOUT ]; then mkdir -p $CHECKOUT git clone $1 $CHECKOUT @@ -73,7 +74,7 @@ function git_clone { popd # give ownership to the stack user - chroot cloned/ chown -R stack $2 + chroot $CHROOTCACHE/natty-stack/ chown -R stack $2 } git_clone $NOVA_REPO /opt/stack/nova $NOVA_BRANCH @@ -97,7 +98,7 @@ mkfs.ext2 -F $IMG # mount blank image loopback and load it mkdir -p $MNT mount -o loop $IMG $MNT -rsync -azH cloned/ $MNT +rsync -azH $CHROOTCACHE/natty-stack/ $MNT # umount and cleanup umount $MNT From cc806544507d082c44582d3287453fa8cb79e83c Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 09:30:57 -0500 Subject: [PATCH 257/278] build_nfs.sh match build_pxe_ramdisk.sh --- build_nfs.sh | 109 +++++++++++++++++++++++++++++++++++---------------- 1 file changed, 76 insertions(+), 33 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 6290c74..8d04844 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,5 +1,6 @@ #!/bin/bash +PROGDIR=`dirname $0` CHROOTCACHE=${CHROOTCACHE:-/root/cache} # Source params @@ -13,25 +14,83 @@ DEST="/nfs/$NAME" # remove old nfs filesystem if one exists rm -rf $DEST -# build a proto image - natty + packages that will install (optimization) -if [ ! -d $CHROOTCACHE/proto ]; then - debootstrap natty $CHROOTCACHE/proto - cp files/sources.list $CHROOTCACHE/proto/etc/apt/sources.list - chroot $CHROOTCACHE/proto apt-get update - chroot $CHROOTCACHE/proto apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` - chroot $CHROOTCACHE/proto pip install `cat files/pips/*` - git_clone $NOVA_REPO $CHROOTCACHE/proto/opt/nova $NOVA_BRANCH - git_clone $GLANCE_REPO $CHROOTCACHE/proto/opt/glance $GLANCE_BRANCH - git_clone $KEYSTONE_REPO $CHROOTCACHE/proto/opt/keystone $KEYSTONE_BRANCH - git_clone $NOVNC_REPO $CHROOTCACHE/proto/opt/novnc $NOVNC_BRANCH - git_clone $DASH_REPO $CHROOTCACHE/proto/opt/dash $DASH_BRANCH $DASH_TAG - git_clone $NOVACLIENT_REPO $CHROOTCACHE/proto/opt/python-novaclient $NOVACLIENT_BRANCH - git_clone $OPENSTACKX_REPO $CHROOTCACHE/proto/opt/openstackx $OPENSTACKX_BRANCH - chroot $CHROOTCACHE/proto mkdir -p /opt/files - wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/proto/opt/files/tty.tgz +# clean install of natty +if [ ! -d $CHROOTCACHE/natty-base ]; then + $PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base + # copy kernel modules... + # NOTE(ja): is there a better way to do this? + cp -pr /lib/modules/`uname -r` $CHROOTCACHE/natty-base/lib/modules + # a simple password - pass + echo root:pass | chroot $CHROOTCACHE/natty-base chpasswd fi -cp -pr $CHROOTCACHE/proto $DEST +# prime natty with as many apt/pips as we can +if [ ! -d $CHROOTCACHE/natty-dev ]; then + rsync -azH $CHROOTCACHE/natty-base/ $CHROOTCACHE/natty-dev/ + chroot $CHROOTCACHE/natty-dev apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CHROOTCACHE/natty-dev pip install `cat files/pips/*` + + # Create a stack user that is a member of the libvirtd group so that stack + # is able to interact with libvirt. + chroot $CHROOTCACHE/natty-dev groupadd libvirtd + chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d /opt -G libvirtd + + # a simple password - pass + echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd + + # and has sudo ability (in the future this should be limited to only what + # stack requires) + echo "stack ALL=(ALL) NOPASSWD: ALL" >> $CHROOTCACHE/natty-dev/etc/sudoers +fi + +# clone git repositories onto the system +# ====================================== + +if [ ! -d $CHROOTCACHE/natty-stack ]; then + rsync -azH $CHROOTCACHE/natty-dev/ $CHROOTCACHE/natty-stack/ +fi + +# git clone only if directory doesn't exist already. Since ``DEST`` might not +# be owned by the installation user, we create the directory and change the +# ownership to the proper user. +function git_clone { + + # clone new copy or fetch latest changes + CHECKOUT=$CHROOTCACHE/natty-stack$2 + if [ ! -d $CHECKOUT ]; then + mkdir -p $CHECKOUT + git clone $1 $CHECKOUT + else + pushd $CHECKOUT + git fetch + popd + fi + + # FIXME(ja): checkout specified version (should works for branches and tags) + + pushd $CHECKOUT + # checkout the proper branch/tag + git checkout $3 + # force our local version to be the same as the remote version + git reset --hard origin/$3 + popd + + # give ownership to the stack user + chroot $CHROOTCACHE/natty-stack/ chown -R stack $2 +} + +git_clone $NOVA_REPO /opt/stack/nova $NOVA_BRANCH +git_clone $GLANCE_REPO /opt/stack/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO /opt/stack/keystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO /opt/stack/novnc $NOVNC_BRANCH +git_clone $DASH_REPO /opt/stack/dash $DASH_BRANCH $DASH_TAG +git_clone $NOVACLIENT_REPO /opt/stack/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO /opt/stack/openstackx $OPENSTACKX_BRANCH + +chroot $CHROOTCACHE/natty-stack mkdir -p /opt/stack/files +wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/natty-stack/opt/stack/files/tty.tgz + +cp -pr $CHROOTCACHE/natty-stack $DEST # set hostname echo $NAME > $DEST/etc/hostname @@ -54,19 +113,3 @@ if [ -f /root/.ssh/id_rsa.pub ]; then chmod 700 $DEST/root/.ssh cp /root/.ssh/id_rsa.pub $DEST/root/.ssh/authorized_keys fi - -# set root password to password -echo root:pass | chroot $DEST chpasswd - -# Create a stack user that is a member of the libvirtd group so that stack -# is able to interact with libvirt. -chroot $DEST groupadd libvirtd -chroot $DEST useradd stack -s /bin/bash -d /opt -G libvirtd -# a simple password - pass -echo stack:pass | chroot $DEST chpasswd -# give stack ownership over /opt so it may do the work needed -chroot $DEST chown -R stack /opt - -# and has sudo ability (in the future this should be limited to only what -# stack requires) -echo "stack ALL=(ALL) NOPASSWD: ALL" >> $DEST/etc/sudoers From 11e5e6fc3da3f3de78d1897ce453e74e84d10540 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 09:40:32 -0500 Subject: [PATCH 258/278] use for /opt/stack --- build_nfs.sh | 22 ++++++++++++---------- build_pxe_ramdisk.sh | 20 ++++++++++++-------- 2 files changed, 24 insertions(+), 18 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 8d04844..9ffa3cb 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -33,7 +33,9 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then # Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $CHROOTCACHE/natty-dev groupadd libvirtd - chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d /opt -G libvirtd + chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d $DEST -G libvirtd + mkdir -p $CHROOTCACHE/natty-dev/$DEST + chown stack $CHROOTCACHE/natty-dev/$DEST # a simple password - pass echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd @@ -79,16 +81,16 @@ function git_clone { chroot $CHROOTCACHE/natty-stack/ chown -R stack $2 } -git_clone $NOVA_REPO /opt/stack/nova $NOVA_BRANCH -git_clone $GLANCE_REPO /opt/stack/glance $GLANCE_BRANCH -git_clone $KEYSTONE_REPO /opt/stack/keystone $KEYSTONE_BRANCH -git_clone $NOVNC_REPO /opt/stack/novnc $NOVNC_BRANCH -git_clone $DASH_REPO /opt/stack/dash $DASH_BRANCH $DASH_TAG -git_clone $NOVACLIENT_REPO /opt/stack/python-novaclient $NOVACLIENT_BRANCH -git_clone $OPENSTACKX_REPO /opt/stack/openstackx $OPENSTACKX_BRANCH +git_clone $NOVA_REPO $DEST/nova $NOVA_BRANCH +git_clone $GLANCE_REPO $DEST/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO $DEST/keystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO $DEST/novnc $NOVNC_BRANCH +git_clone $DASH_REPO $DEST/dash $DASH_BRANCH $DASH_TAG +git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH -chroot $CHROOTCACHE/natty-stack mkdir -p /opt/stack/files -wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/natty-stack/opt/stack/files/tty.tgz +chroot $CHROOTCACHE/natty-stack mkdir -p $DEST/files +wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/natty-stack$DEST/files/tty.tgz cp -pr $CHROOTCACHE/natty-stack $DEST diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 5736fec..d12f23b 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -12,6 +12,8 @@ CHROOTCACHE=${CHROOTCACHE:-/root/cache} # Source params source ./stackrc +DEST=${DEST:-/opt/stack} + # clean install of natty if [ ! -d $CHROOTCACHE/natty-base ]; then $PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base @@ -31,7 +33,9 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then # Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $CHROOTCACHE/natty-dev groupadd libvirtd - chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d /opt -G libvirtd + chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d $DEST -G libvirtd + mkdir -p $CHROOTCACHE/natty-dev/$DEST + chown stack $CHROOTCACHE/natty-dev/$DEST # a simple password - pass echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd @@ -77,13 +81,13 @@ function git_clone { chroot $CHROOTCACHE/natty-stack/ chown -R stack $2 } -git_clone $NOVA_REPO /opt/stack/nova $NOVA_BRANCH -git_clone $GLANCE_REPO /opt/stack/glance $GLANCE_BRANCH -git_clone $KEYSTONE_REPO /opt/stack/keystone $KEYSTONE_BRANCH -git_clone $NOVNC_REPO /opt/stack/novnc $NOVNC_BRANCH -git_clone $DASH_REPO /opt/stack/dash $DASH_BRANCH -git_clone $NOVACLIENT_REPO /opt/stack/python-novaclient $NOVACLIENT_BRANCH -git_clone $OPENSTACKX_REPO /opt/stack/openstackx $OPENSTACKX_BRANCH +git_clone $NOVA_REPO $DEST/nova $NOVA_BRANCH +git_clone $GLANCE_REPO $DEST/glance $GLANCE_BRANCH +git_clone $KEYSTONE_REPO $DEST/keystone $KEYSTONE_BRANCH +git_clone $NOVNC_REPO $DEST/novnc $NOVNC_BRANCH +git_clone $DASH_REPO $DEST/dash $DASH_BRANCH +git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH +git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH # build a new image BASE=build.$$ From 03412c8cb91c64cb2f3dcfb9316a4a952500e1e0 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 09:56:41 -0500 Subject: [PATCH 259/278] Copy devstack into image --- build_nfs.sh | 35 ++++++++++++++++------------------- build_pxe_ramdisk.sh | 9 +++++++++ 2 files changed, 25 insertions(+), 19 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 9ffa3cb..a6c8b4c 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -6,10 +6,12 @@ CHROOTCACHE=${CHROOTCACHE:-/root/cache} # Source params source ./stackrc -# TODO: make dest not hardcoded +# Store cwd +CWD=`pwd` NAME=$1 -DEST="/nfs/$NAME" +NFSDIR="/nfs/$NAME" +DEST=${DEST:-/opt/stack} # remove old nfs filesystem if one exists rm -rf $DEST @@ -92,26 +94,21 @@ git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH chroot $CHROOTCACHE/natty-stack mkdir -p $DEST/files wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/natty-stack$DEST/files/tty.tgz -cp -pr $CHROOTCACHE/natty-stack $DEST - -# set hostname -echo $NAME > $DEST/etc/hostname -echo "127.0.0.1 localhost $NAME" > $DEST/etc/hosts - -# copy kernel modules -cp -pr /lib/modules/`uname -r` $DEST/lib/modules - +# Use this version of devstack? +if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then + rm -rf $$CHROOTCACHE/natty-stack/$DEST/devstack + cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack +fi -# copy openstack installer and requirement lists to a new directory. -mkdir -p $DEST/opt +cp -pr $CHROOTCACHE/natty-stack $NFSDIR -# inject stack.sh and dependant files -cp -r files $DEST/opt/files -cp stack.sh $DEST/opt/stack.sh +# set hostname +echo $NAME > $NFSDIR/etc/hostname +echo "127.0.0.1 localhost $NAME" > $NFSDIR/etc/hosts # injecting root's public ssh key if it exists if [ -f /root/.ssh/id_rsa.pub ]; then - mkdir $DEST/root/.ssh - chmod 700 $DEST/root/.ssh - cp /root/.ssh/id_rsa.pub $DEST/root/.ssh/authorized_keys + mkdir $NFSDIR/root/.ssh + chmod 700 $NFSDIR/root/.ssh + cp /root/.ssh/id_rsa.pub $NFSDIR/root/.ssh/authorized_keys fi diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index d12f23b..9d26886 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -12,6 +12,9 @@ CHROOTCACHE=${CHROOTCACHE:-/root/cache} # Source params source ./stackrc +# Store cwd +CWD=`pwd` + DEST=${DEST:-/opt/stack} # clean install of natty @@ -89,6 +92,12 @@ git_clone $DASH_REPO $DEST/dash $DASH_BRANCH git_clone $NOVACLIENT_REPO $DEST/python-novaclient $NOVACLIENT_BRANCH git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH +# Use this version of devstack? +if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then + rm -rf $CACHEDIR/$DEST/devstack + cp -pr $CWD $CACHEDIR/$DEST/devstack +fi + # build a new image BASE=build.$$ IMG=$BASE.img From 6994f9478921e3436401cc95d68e9d99d937cc85 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 11:03:27 -0500 Subject: [PATCH 260/278] Missed a save --- build_pxe_ramdisk.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 9d26886..feba18e 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -94,8 +94,8 @@ git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then - rm -rf $CACHEDIR/$DEST/devstack - cp -pr $CWD $CACHEDIR/$DEST/devstack + rm -rf $$CHROOTCACHE/natty-stack/$DEST/devstack + cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack fi # build a new image From a3379e0eb13ebf3e8c25d40ea3f79a2189f8f75b Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 11:14:13 -0500 Subject: [PATCH 261/278] Default USE_CURRENT_DEVSTACK to 1 --- build_nfs.sh | 3 +++ build_pxe_ramdisk.sh | 3 +++ 2 files changed, 6 insertions(+) diff --git a/build_nfs.sh b/build_nfs.sh index a6c8b4c..f2a7b13 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -13,6 +13,9 @@ NAME=$1 NFSDIR="/nfs/$NAME" DEST=${DEST:-/opt/stack} +# Option to use the version of devstack on which we are currently working +USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} + # remove old nfs filesystem if one exists rm -rf $DEST diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index feba18e..63e2ed4 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -17,6 +17,9 @@ CWD=`pwd` DEST=${DEST:-/opt/stack} +# Option to use the version of devstack on which we are currently working +USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} + # clean install of natty if [ ! -d $CHROOTCACHE/natty-base ]; then $PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base From 10db445b3213478b7adaad368cb702dc3b05aac6 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 11:16:32 -0500 Subject: [PATCH 262/278] Move ramdisk images to CHROOTCACHEDIR --- build_nfs.sh | 2 +- build_pxe_ramdisk.sh | 4 ++-- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index f2a7b13..185d0ad 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -99,7 +99,7 @@ wget -c http://images.ansolabs.com/tty.tgz -O $CHROOTCACHE/natty-stack$DEST/file # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then - rm -rf $$CHROOTCACHE/natty-stack/$DEST/devstack + rm -rf $CHROOTCACHE/natty-stack/$DEST/devstack cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack fi diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 63e2ed4..46eeb05 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -97,12 +97,12 @@ git_clone $OPENSTACKX_REPO $DEST/openstackx $OPENSTACKX_BRANCH # Use this version of devstack? if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then - rm -rf $$CHROOTCACHE/natty-stack/$DEST/devstack + rm -rf $CHROOTCACHE/natty-stack/$DEST/devstack cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack fi # build a new image -BASE=build.$$ +BASE=$CHROOTCACHE/build.$$ IMG=$BASE.img MNT=$BASE/ From 3508a3a926687bb6fa15130c736384495d2b877c Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 11:43:28 -0500 Subject: [PATCH 263/278] Move PXE cache to /root/pxe --- build_pxe_boot.sh | 23 ++++++++++++----------- 1 file changed, 12 insertions(+), 11 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index 2c4cc0e..9d44949 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -20,6 +20,7 @@ if [ "$1" = "-k" ]; then fi DEST_DIR=${1:-/tmp}/tftpboot +PXEDIR=${PXEDIR:-/root/pxe} OPWD=`pwd` PROGDIR=`dirname $0` @@ -41,23 +42,23 @@ EOF # Setup devstack boot mkdir -p $DEST_DIR/ubuntu -if [ ! -d $OPWD/pxe ]; then - mkdir -p $OPWD/pxe +if [ ! -d $PXEDIR ]; then + mkdir -p $PXEDIR fi -if [ ! -r $OPWD/pxe/vmlinuz-${KVER} ]; then +if [ ! -r $PXEDIR/vmlinuz-${KVER} ]; then sudo chmod 644 /boot/vmlinuz-${KVER} if [ ! -r /boot/vmlinuz-${KVER} ]; then echo "No kernel found" else - cp -p /boot/vmlinuz-${KVER} $OPWD/pxe + cp -p /boot/vmlinuz-${KVER} $PXEDIR fi fi -cp -p $OPWD/pxe/vmlinuz-${KVER} $DEST_DIR/ubuntu -if [ ! -r $OPWD/pxe/stack-initrd.gz ]; then - cd $OPWD - sudo $PROGDIR/build_pxe_ramdisk.sh $OPWD/pxe/stack-initrd.gz +cp -p $PXEDIR/vmlinuz-${KVER} $DEST_DIR/ubuntu +if [ ! -r $PXEDIR/stack-initrd.gz ]; then + cd $PXEDIR + sudo $PROGDIR/build_pxe_ramdisk.sh $PXEDIR/stack-initrd.gz fi -cp -p $OPWD/pxe/stack-initrd.gz $DEST_DIR/ubuntu +cp -p $PXEDIR/stack-initrd.gz $DEST_DIR/ubuntu cat >>$DEFAULT <>$DEFAULT < Date: Mon, 3 Oct 2011 13:42:16 -0500 Subject: [PATCH 264/278] Configure network for DHCP --- build_pxe_ramdisk.sh | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 46eeb05..51220ab 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -101,6 +101,16 @@ if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then cp -pr $CWD $CHROOTCACHE/natty-stack/$DEST/devstack fi +# Configure host network for DHCP +mkdir -p $CHROOTCACHE/natty-stack/etc/network +cat > $$CHROOTCACHE/natty-stack/etc/network/interfaces < Date: Mon, 3 Oct 2011 16:31:36 -0500 Subject: [PATCH 265/278] Fix two typos --- build_pxe_boot.sh | 2 +- make_image.sh | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index 9d44949..4f59ed6 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -55,7 +55,7 @@ if [ ! -r $PXEDIR/vmlinuz-${KVER} ]; then fi cp -p $PXEDIR/vmlinuz-${KVER} $DEST_DIR/ubuntu if [ ! -r $PXEDIR/stack-initrd.gz ]; then - cd $PXEDIR + cd $OPWD sudo $PROGDIR/build_pxe_ramdisk.sh $PXEDIR/stack-initrd.gz fi cp -p $PXEDIR/stack-initrd.gz $DEST_DIR/ubuntu diff --git a/make_image.sh b/make_image.sh index 81dd97c..0d5074b 100755 --- a/make_image.sh +++ b/make_image.sh @@ -144,7 +144,7 @@ dd if=/dev/null of=$TMPDISK bs=1M seek=$SIZE count=1 if [ -n "$IMAGEONLY" ]; then # Build image from chroot sudo vmbuilder $HYPER ubuntu $ARGS \ - --existing-chroot=$CHR \ + --existing-chroot=$CHROOTDIR \ --overwrite \ --rootsize=$ROOTSIZE \ --swapsize=$SWAPSIZE \ From d4a3bac8d5bbb9e54a4279f7fa74669c7fed97d0 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 3 Oct 2011 21:16:27 -0500 Subject: [PATCH 266/278] Move cache dir to /var/cache/devstack --- build_nfs.sh | 2 +- build_pxe_boot.sh | 2 +- build_pxe_ramdisk.sh | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/build_nfs.sh b/build_nfs.sh index 185d0ad..651bae2 100755 --- a/build_nfs.sh +++ b/build_nfs.sh @@ -1,7 +1,7 @@ #!/bin/bash PROGDIR=`dirname $0` -CHROOTCACHE=${CHROOTCACHE:-/root/cache} +CHROOTCACHE=${CHROOTCACHE:-/var/cache/devstack} # Source params source ./stackrc diff --git a/build_pxe_boot.sh b/build_pxe_boot.sh index 4f59ed6..4feb14d 100755 --- a/build_pxe_boot.sh +++ b/build_pxe_boot.sh @@ -20,7 +20,7 @@ if [ "$1" = "-k" ]; then fi DEST_DIR=${1:-/tmp}/tftpboot -PXEDIR=${PXEDIR:-/root/pxe} +PXEDIR=${PXEDIR:-/var/cache/devstack/pxe} OPWD=`pwd` PROGDIR=`dirname $0` diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 51220ab..a01656b 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -7,7 +7,7 @@ if [ ! "$#" -eq "1" ]; then fi PROGDIR=`dirname $0` -CHROOTCACHE=${CHROOTCACHE:-/root/cache} +CHROOTCACHE=${CHROOTCACHE:-/var/cache/devstack} # Source params source ./stackrc @@ -103,7 +103,7 @@ fi # Configure host network for DHCP mkdir -p $CHROOTCACHE/natty-stack/etc/network -cat > $$CHROOTCACHE/natty-stack/etc/network/interfaces < $CHROOTCACHE/natty-stack/etc/network/interfaces < Date: Mon, 3 Oct 2011 23:44:33 -0300 Subject: [PATCH 267/278] devin sucks --- stackrc | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stackrc b/stackrc index ac48d51..5e25178 100644 --- a/stackrc +++ b/stackrc @@ -25,7 +25,7 @@ NOVACLIENT_BRANCH=master # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. OPENSTACKX_REPO=https://github.com/cloudbuilders/openstackx.git -OPENSTACKX_BRANCH=diablo +OPENSTACKX_BRANCH=master # allow local overrides of env variables if [ -f ./localrc ]; then From 2abbdd4751ef16a7e20b93f37ff0e0124ac11f00 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 3 Oct 2011 22:48:30 -0400 Subject: [PATCH 268/278] fix comparisons --- stack.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 6115953..c7d6020 100755 --- a/stack.sh +++ b/stack.sh @@ -389,7 +389,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # Check for kvm (hardware based virtualization). If unable to load kvm, # set the libvirt type to qemu. Note: many systems come with hardware # virtualization disabled in BIOS. - if [[ "$LIBVIRT_TYPE" -eq "kvm" ]]; then + if [[ "$LIBVIRT_TYPE" == "kvm" ]]; then sudo modprobe kvm || true if [ ! -e /dev/kvm ]; then echo "WARNING: Switching to QEMU" @@ -400,7 +400,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # Install and configure **LXC** if specified. LXC is another approach to # splitting a system into many smaller parts. LXC uses cgroups and chroot # to simulate multiple systems. - if [[ "$LIBVIRT_TYPE" -eq "lxc" ]]; then + if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then sudo apt-get install lxc -y # lxc requires cgroups to be configured on /cgroup sudo mkdir -p /cgroup From 4b16984f3512ae03d5c232b22fd73ebda39c8e0f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 3 Oct 2011 22:53:45 -0400 Subject: [PATCH 269/278] jesse sucks --- stackrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stackrc b/stackrc index 5e25178..15d73ce 100644 --- a/stackrc +++ b/stackrc @@ -16,7 +16,7 @@ NOVNC_BRANCH=master # django powered web control panel for openstack DASH_REPO=https://github.com/cloudbuilders/openstack-dashboard.git -DASH_BRANCH=diablo +DASH_BRANCH=master # python client library to nova that dashboard (and others) use NOVACLIENT_REPO=https://github.com/cloudbuilders/python-novaclient.git @@ -25,7 +25,7 @@ NOVACLIENT_BRANCH=master # openstackx is a collection of extensions to openstack.compute & nova # that is *deprecated*. The code is being moved into python-novaclient & nova. OPENSTACKX_REPO=https://github.com/cloudbuilders/openstackx.git -OPENSTACKX_BRANCH=master +OPENSTACKX_BRANCH=diablo # allow local overrides of env variables if [ -f ./localrc ]; then From 0031df019d415c674d1bb8c0bf948e2eee060e21 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Mon, 3 Oct 2011 23:10:55 -0400 Subject: [PATCH 270/278] spacing fixes --- stack.sh | 16 ++++++++-------- 1 file changed, 8 insertions(+), 8 deletions(-) diff --git a/stack.sh b/stack.sh index c7d6020..3d73ef3 100755 --- a/stack.sh +++ b/stack.sh @@ -49,16 +49,16 @@ fi # sudo privileges and runs as that user. if [[ $EUID -eq 0 ]]; then - echo "You are running this script as root." + echo "You are running this script as root." - # since this script runs as a normal user, we need to give that user - # ability to run sudo - apt-get update - apt-get install -y sudo + # since this script runs as a normal user, we need to give that user + # ability to run sudo + apt-get update + apt-get install -y sudo - if ! getent passwd | grep -q stack; then - echo "Creating a user called stack" - useradd -U -G sudo -s /bin/bash -m stack + if ! getent passwd | grep -q stack; then + echo "Creating a user called stack" + useradd -U -G sudo -s /bin/bash -m stack fi echo "Giving stack user passwordless sudo priviledges" echo "stack ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers From 06b7ad7c0500be13b60d0b1852517b3691afbf03 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 4 Oct 2011 13:30:19 -0700 Subject: [PATCH 271/278] don't require uuidgen, as it isn't always in sparse natty installs --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 3d73ef3..3b66db5 100755 --- a/stack.sh +++ b/stack.sh @@ -211,7 +211,7 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} # Service Token - Openstack components need to have an admin token # to validate user tokens. -SERVICE_TOKEN=${SERVICE_TOKEN:-`uuidgen`} +SERVICE_TOKEN=${SERVICE_TOKEN:-`openssl rand -hex 12`} ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} From f2aee71a2a06ae1ad20c925854ae3107fa878e9d Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 4 Oct 2011 13:32:45 -0700 Subject: [PATCH 272/278] use 10 bytes for dash password, as the UI truncates at 20 characters --- stack.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 3b66db5..28acccd 100755 --- a/stack.sh +++ b/stack.sh @@ -212,7 +212,9 @@ GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292} # Service Token - Openstack components need to have an admin token # to validate user tokens. SERVICE_TOKEN=${SERVICE_TOKEN:-`openssl rand -hex 12`} -ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 12`} +# Dash currently truncates usernames and passwords at 20 characters +# so use 10 bytes +ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 10`} # Install Packages From 1c598da60869680b834d6f93166f6c412026598a Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 5 Oct 2011 08:07:53 -0700 Subject: [PATCH 273/278] call novnc with flagfile --- stack.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 28acccd..e64035b 100755 --- a/stack.sh +++ b/stack.sh @@ -583,7 +583,7 @@ fi screen_it n-cpu "cd $NOVA_DIR && echo $NOVA_DIR/bin/nova-compute | newgrp libvirtd" screen_it n-net "cd $NOVA_DIR && $NOVA_DIR/bin/nova-network" screen_it n-sch "cd $NOVA_DIR && $NOVA_DIR/bin/nova-scheduler" -screen_it n-vnc "cd $NOVNC_DIR && ./utils/nova-wsproxy.py 6080 --web ." +screen_it n-vnc "cd $NOVNC_DIR && ./utils/nova-wsproxy.py 6080 --web . --flagfile=../nova/bin/nova.conf" screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f /var/log/apache2/error.log" # Install Images From 0edde7d44f87ebf2f9a48f840a645162a8e4c2a4 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Thu, 6 Oct 2011 07:10:24 -0700 Subject: [PATCH 274/278] use tenantName for NOVA_PROJECT_ID --- exercise.sh | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/exercise.sh b/exercise.sh index 7f7be49..a1cf025 100755 --- a/exercise.sh +++ b/exercise.sh @@ -24,8 +24,9 @@ HOST=${HOST:-localhost} # Nova original used project_id as the *account* that owned resources (servers, # ip address, ...) With the addition of Keystone we have standardized on the # term **tenant** as the entity that owns the resources. **novaclient** still -# uses the old deprecated terms project_id. -export NOVA_PROJECT_ID=${TENANT:-2} +# uses the old deprecated terms project_id. Note that this field should now be +# set to tenant_name, not tenant_id. +export NOVA_PROJECT_ID=${TENANT:-demo} # In addition to the owning entity (tenant), nova stores the entity performing # the action as the **user**. From e4304238c201ea22eaea1d17d7d693f58799eae6 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Fri, 7 Oct 2011 10:34:32 -0400 Subject: [PATCH 275/278] only mount cgroups if you haven't already --- stack.sh | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index e64035b..9b53c8c 100755 --- a/stack.sh +++ b/stack.sh @@ -409,7 +409,9 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then if ! grep -q cgroup /etc/fstab; then echo none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 | sudo tee -a /etc/fstab fi - sudo mount /cgroup + if ! mount -n | grep -q cgroup; then + sudo mount /cgroup + fi fi # User needs to be member of libvirtd group for nova-compute to use libvirt. From 461bfdc89f9dc715556c1e5c5b3ab4af7530ebd4 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Sun, 9 Oct 2011 17:50:38 -0700 Subject: [PATCH 276/278] delete instances needs sudo --- stack.sh | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/stack.sh b/stack.sh index 9b53c8c..6c9f43e 100755 --- a/stack.sh +++ b/stack.sh @@ -54,7 +54,7 @@ if [[ $EUID -eq 0 ]]; then # since this script runs as a normal user, we need to give that user # ability to run sudo apt-get update - apt-get install -y sudo + apt-get install -qqy sudo if ! getent passwd | grep -q stack; then echo "Creating a user called stack" @@ -224,7 +224,7 @@ ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 10`} # install apt requirements -sudo apt-get install -y -q `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"` +sudo apt-get install -qqy `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"` # install python requirements sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $FILES/pips/*` @@ -435,7 +435,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then fi # Clean out the instances directory. - rm -rf $NOVA_DIR/instances/* + sudo rm -rf $NOVA_DIR/instances/* fi if [[ "$ENABLED_SERVICES" =~ "n-net" ]]; then From 74c084cd1c29d339310a457e2e61d473a231b3de Mon Sep 17 00:00:00 2001 From: "James E. Blair" Date: Mon, 10 Oct 2011 08:06:14 -0500 Subject: [PATCH 277/278] Add option not to run bash after execing stack.sh If stack.sh is run as root, it execs stack.sh as stack, but also runs bash after doing so to provide a prompt as the stack user. In unattended installations this isn't desired as it will prevent the original job from completing. This change adds a paremeter "SHELL_AFTER_RUN" which can be set to "no" to prevent the final invocation of bash. --- stack.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index 6c9f43e..f6bf534 100755 --- a/stack.sh +++ b/stack.sh @@ -69,7 +69,11 @@ if [[ $EUID -eq 0 ]]; then chown -R stack /home/stack/$THIS_DIR echo "Running the script as stack in 3 seconds..." sleep 3 - exec su -c "cd /home/stack/$THIS_DIR/; bash stack.sh; bash" stack + if [[ "$SHELL_AFTER_RUN" != "no" ]]; then + exec su -c "cd /home/stack/$THIS_DIR/; bash stack.sh; bash" stack + else + exec su -c "cd /home/stack/$THIS_DIR/; bash stack.sh" stack + fi exit 0 fi From 94c889ac1587e2e5096c4472e4a4385dfd76d331 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Tue, 11 Oct 2011 18:07:48 +0000 Subject: [PATCH 278/278] make glance client work in exercise.sh --- exercise.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/exercise.sh b/exercise.sh index a1cf025..d9d4c0a 100755 --- a/exercise.sh +++ b/exercise.sh @@ -53,6 +53,10 @@ export NOVA_VERSION=1.1 export NOVA_REGION_NAME=RegionOne +# Get a token for clients that don't support service catalog +# ========================================================== +SERVICE_TOKEN=`curl -s -d "{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_PROJECT_ID\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"` + # Launching a server # ================== @@ -69,7 +73,7 @@ nova flavor-list nova image-list # But we recommend using glance directly -glance index +glance -A $SERVICE_TOKEN index # show details of the active servers:: #