Merge remote-tracking branch 'cloudbuilders/master'
Conflicts: stack.sh
This commit is contained in:
commit
698fc619b7
8 changed files with 83 additions and 64 deletions
22
exercise.sh
22
exercise.sh
|
@ -7,11 +7,11 @@
|
|||
#
|
||||
|
||||
|
||||
# This script exits on an error so that errors don't compound and you see
|
||||
# This script exits on an error so that errors don't compound and you see
|
||||
# only the first error that occured.
|
||||
set -o errexit
|
||||
|
||||
# Print the commands being run so that we can see the command that triggers
|
||||
# Print the commands being run so that we can see the command that triggers
|
||||
# an error. It is also useful for following allowing as the install occurs.
|
||||
set -o xtrace
|
||||
|
||||
|
@ -38,11 +38,11 @@ export NOVA_USERNAME=${USERNAME:-demo}
|
|||
# With Keystone you pass the keystone password instead of an api key.
|
||||
export NOVA_API_KEY=${ADMIN_PASSWORD:-secrete}
|
||||
|
||||
# With the addition of Keystone, to use an openstack cloud you should
|
||||
# authenticate against keystone, which returns a **Token** and **Service
|
||||
# Catalog**. The catalog contains the endpoint for all services the user/tenant
|
||||
# has access to - including nova, glance, keystone, swift, ... We currently
|
||||
# recommend using the 2.0 *auth api*.
|
||||
# With the addition of Keystone, to use an openstack cloud you should
|
||||
# authenticate against keystone, which returns a **Token** and **Service
|
||||
# Catalog**. The catalog contains the endpoint for all services the user/tenant
|
||||
# has access to - including nova, glance, keystone, swift, ... We currently
|
||||
# recommend using the 2.0 *auth api*.
|
||||
#
|
||||
# *NOTE*: Using the 2.0 *auth api* does mean that compute api is 2.0. We will
|
||||
# use the 1.1 *compute api*
|
||||
|
@ -61,7 +61,7 @@ export NOVACLIENT_DEBUG=1
|
|||
# Get a token for clients that don't support service catalog
|
||||
# ==========================================================
|
||||
|
||||
# manually create a token by querying keystone (sending JSON data). Keystone
|
||||
# manually create a token by querying keystone (sending JSON data). Keystone
|
||||
# returns a token and catalog of endpoints. We use python to parse the token
|
||||
# and save it.
|
||||
|
||||
|
@ -120,11 +120,11 @@ IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`
|
|||
# ping it once (timeout of a second)
|
||||
ping -c1 -w1 $IP || true
|
||||
|
||||
# sometimes the first ping fails (10 seconds isn't enough time for the VM's
|
||||
# sometimes the first ping fails (10 seconds isn't enough time for the VM's
|
||||
# network to respond?), so let's wait 5 seconds and really test ping
|
||||
sleep 5
|
||||
|
||||
ping -c1 -w1 $IP
|
||||
ping -c1 -w1 $IP
|
||||
# allow icmp traffic
|
||||
nova secgroup-add-rule $SECGROUP icmp -1 -1 0.0.0.0/0
|
||||
|
||||
|
@ -167,5 +167,5 @@ nova delete $NAME
|
|||
# Delete a secgroup
|
||||
nova secgroup-delete $SECGROUP
|
||||
|
||||
# FIXME: validate shutdown within 5 seconds
|
||||
# FIXME: validate shutdown within 5 seconds
|
||||
# (nova show $NAME returns 1 or status != ACTIVE)?
|
||||
|
|
|
@ -37,7 +37,7 @@ $BIN_DIR/keystone-manage $* endpointTemplates add RegionOne keystone http://%HOS
|
|||
$BIN_DIR/keystone-manage $* token add %SERVICE_TOKEN% admin admin 2015-02-05T00:00
|
||||
|
||||
# EC2 related creds - note we are setting the token to user_password
|
||||
# but keystone doesn't parse them - it is just a blob from keystone's
|
||||
# but keystone doesn't parse them - it is just a blob from keystone's
|
||||
# point of view
|
||||
$BIN_DIR/keystone-manage $* credentials add admin EC2 'admin_%ADMIN_PASSWORD%' admin admin || echo "no support for adding credentials"
|
||||
$BIN_DIR/keystone-manage $* credentials add demo EC2 'demo_%ADMIN_PASSWORD%' demo demo || echo "no support for adding credentials"
|
||||
|
|
64
stack.sh
64
stack.sh
|
@ -4,7 +4,7 @@
|
|||
|
||||
# This script installs and configures *nova*, *glance*, *dashboard* and *keystone*
|
||||
|
||||
# This script allows you to specify configuration options of what git
|
||||
# This script allows you to specify configuration options of what git
|
||||
# repositories to use, enabled services, network configuration and various
|
||||
# passwords. If you are crafty you can run the script on multiple nodes using
|
||||
# shared settings for common resources (mysql, rabbitmq) and build a multi-node
|
||||
|
@ -65,11 +65,11 @@ fi
|
|||
# in most cases.
|
||||
#
|
||||
# We our settings from ``stackrc``. This file is distributed with devstack and
|
||||
# contains locations for what repositories to use. If you want to use other
|
||||
# repositories and branches, you can add your own settings with another file
|
||||
# contains locations for what repositories to use. If you want to use other
|
||||
# repositories and branches, you can add your own settings with another file
|
||||
# called ``localrc``
|
||||
#
|
||||
# If ``localrc`` exists, then ``stackrc`` will load those settings. This is
|
||||
# If ``localrc`` exists, then ``stackrc`` will load those settings. This is
|
||||
# useful for changing a branch or repostiory to test other versions. Also you
|
||||
# can store your other settings like **MYSQL_PASSWORD** or **ADMIN_PASSWORD** instead
|
||||
# of letting devstack generate random ones for you.
|
||||
|
@ -91,8 +91,8 @@ if [[ $EUID -eq 0 ]]; then
|
|||
|
||||
# since this script runs as a normal user, we need to give that user
|
||||
# ability to run sudo
|
||||
apt-get update
|
||||
apt-get install -y sudo
|
||||
apt_get update
|
||||
apt_get install sudo
|
||||
|
||||
if ! getent passwd stack >/dev/null; then
|
||||
echo "Creating a user called stack"
|
||||
|
@ -144,6 +144,14 @@ if [ ! -n "$HOST_IP" ]; then
|
|||
HOST_IP=`LC_ALL=C /sbin/ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'`
|
||||
fi
|
||||
|
||||
# apt-get wrapper to just get arguments set correctly
|
||||
function apt_get() {
|
||||
local sudo="sudo"
|
||||
[ "$(id -u)" = "0" ] && sudo=""
|
||||
$sudo DEBIAN_FRONTEND=noninteractive apt-get \
|
||||
--option "Dpkg::Options::=--force-confold" --assume-yes "$@"
|
||||
}
|
||||
|
||||
# Generic helper to configure passwords
|
||||
function read_password {
|
||||
set +o xtrace
|
||||
|
@ -159,7 +167,7 @@ function read_password {
|
|||
touch $localrc
|
||||
fi
|
||||
|
||||
# Presumably if we got this far it can only be that our localrc is missing
|
||||
# Presumably if we got this far it can only be that our localrc is missing
|
||||
# the required password. Prompt user for a password and write to localrc.
|
||||
echo ''
|
||||
echo '################################################################################'
|
||||
|
@ -184,7 +192,7 @@ function read_password {
|
|||
# Nova Network Configuration
|
||||
# --------------------------
|
||||
|
||||
# FIXME: more documentation about why these are important flags. Also
|
||||
# FIXME: more documentation about why these are important flags. Also
|
||||
# we should make sure we use the same variable names as the flag names.
|
||||
|
||||
PUBLIC_INTERFACE=${PUBLIC_INTERFACE:-eth0}
|
||||
|
@ -205,15 +213,15 @@ MULTI_HOST=${MULTI_HOST:-0}
|
|||
# variable but make sure that the interface doesn't already have an
|
||||
# ip or you risk breaking things.
|
||||
#
|
||||
# **DHCP Warning**: If your flat interface device uses DHCP, there will be a
|
||||
# hiccup while the network is moved from the flat interface to the flat network
|
||||
# bridge. This will happen when you launch your first instance. Upon launch
|
||||
# you will lose all connectivity to the node, and the vm launch will probably
|
||||
# **DHCP Warning**: If your flat interface device uses DHCP, there will be a
|
||||
# hiccup while the network is moved from the flat interface to the flat network
|
||||
# bridge. This will happen when you launch your first instance. Upon launch
|
||||
# you will lose all connectivity to the node, and the vm launch will probably
|
||||
# fail.
|
||||
#
|
||||
# If you are running on a single node and don't need to access the VMs from
|
||||
#
|
||||
# If you are running on a single node and don't need to access the VMs from
|
||||
# devices other than that node, you can set the flat interface to the same
|
||||
# value as ``FLAT_NETWORK_BRIDGE``. This will stop the network hiccup from
|
||||
# value as ``FLAT_NETWORK_BRIDGE``. This will stop the network hiccup from
|
||||
# occuring.
|
||||
FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}
|
||||
|
||||
|
@ -223,11 +231,11 @@ FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}
|
|||
# MySQL & RabbitMQ
|
||||
# ----------------
|
||||
|
||||
# We configure Nova, Dashboard, Glance and Keystone to use MySQL as their
|
||||
# We configure Nova, Dashboard, Glance and Keystone to use MySQL as their
|
||||
# database server. While they share a single server, each has their own
|
||||
# database and tables.
|
||||
|
||||
# By default this script will install and configure MySQL. If you want to
|
||||
# By default this script will install and configure MySQL. If you want to
|
||||
# use an existing server, you can pass in the user/password/host parameters.
|
||||
# You will need to send the same ``MYSQL_PASSWORD`` to every host if you are doing
|
||||
# a multi-node devstack installation.
|
||||
|
@ -284,8 +292,8 @@ fi
|
|||
|
||||
|
||||
# install apt requirements
|
||||
sudo apt-get update
|
||||
sudo apt-get install -qqy `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"`
|
||||
apt_get update
|
||||
apt_get install `cat $FILES/apts/* | cut -d\# -f1 | grep -Ev "mysql-server|rabbitmq-server"`
|
||||
|
||||
# install python requirements
|
||||
sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $FILES/pips/*`
|
||||
|
@ -352,7 +360,11 @@ cp $FILES/screenrc ~/.screenrc
|
|||
|
||||
if [[ "$ENABLED_SERVICES" =~ "rabbit" ]]; then
|
||||
# Install and start rabbitmq-server
|
||||
sudo apt-get install -y -q rabbitmq-server
|
||||
# the temp file is necessary due to LP: #878600
|
||||
tfile=$(mktemp)
|
||||
apt_get install rabbitmq-server > "$tfile" 2>&1
|
||||
cat "$tfile"
|
||||
rm -f "$tfile"
|
||||
# change the rabbit password since the default is "guest"
|
||||
sudo rabbitmqctl change_password guest $RABBIT_PASSWORD
|
||||
fi
|
||||
|
@ -384,7 +396,7 @@ EOF
|
|||
fi
|
||||
|
||||
# Install and start mysql-server
|
||||
sudo apt-get -y -q install mysql-server
|
||||
apt_get install mysql-server
|
||||
# Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases:
|
||||
sudo mysql -uroot -p$MYSQL_PASSWORD -h127.0.0.1 -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASSWORD';"
|
||||
|
||||
|
@ -472,8 +484,8 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then
|
|||
# attempt to load modules: network block device - used to manage qcow images
|
||||
sudo modprobe nbd || true
|
||||
|
||||
# Check for kvm (hardware based virtualization). If unable to initialize
|
||||
# kvm, we drop back to the slower emulation mode (qemu). Note: many systems
|
||||
# Check for kvm (hardware based virtualization). If unable to initialize
|
||||
# kvm, we drop back to the slower emulation mode (qemu). Note: many systems
|
||||
# come with hardware virtualization disabled in BIOS.
|
||||
if [[ "$LIBVIRT_TYPE" == "kvm" ]]; then
|
||||
sudo modprobe kvm || true
|
||||
|
@ -487,7 +499,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then
|
|||
# splitting a system into many smaller parts. LXC uses cgroups and chroot
|
||||
# to simulate multiple systems.
|
||||
if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then
|
||||
sudo apt-get install lxc -y
|
||||
apt_get install lxc
|
||||
# lxc uses cgroups (a kernel interface via virtual filesystem) configured
|
||||
# and mounted to ``/cgroup``
|
||||
sudo mkdir -p /cgroup
|
||||
|
@ -502,7 +514,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then
|
|||
# The user that nova runs as needs to be member of libvirtd group otherwise
|
||||
# nova-compute will be unable to use libvirt.
|
||||
sudo usermod -a -G libvirtd `whoami`
|
||||
# libvirt detects various settings on startup, as we potentially changed
|
||||
# libvirt detects various settings on startup, as we potentially changed
|
||||
# the system configuration (modules, filesystems), we need to restart
|
||||
# libvirt to detect those changes.
|
||||
sudo /etc/init.d/libvirt-bin restart
|
||||
|
@ -515,7 +527,7 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then
|
|||
mkdir -p $NOVA_DIR/instances
|
||||
|
||||
# You can specify a different disk to be mounted and used for backing the
|
||||
# virtual machines. If there is a partition labeled nova-instances we
|
||||
# virtual machines. If there is a partition labeled nova-instances we
|
||||
# mount it (ext filesystems can be labeled via e2label).
|
||||
if [ -L /dev/disk/by-label/nova-instances ]; then
|
||||
if ! mount -n | grep -q nova-instances; then
|
||||
|
|
|
@ -52,13 +52,13 @@ BASE_IMAGE=$KVMSTACK_DIR/images/natty.raw
|
|||
BASE_IMAGE_COPY=$IMAGES_DIR/$DIST_NAME.raw.copy
|
||||
|
||||
# Name of our instance, used by libvirt
|
||||
VM_NAME=${VM_NAME:-kvmstack}
|
||||
CONTAINER_NAME=${CONTAINER_NAME:-kvmstack}
|
||||
|
||||
# Mop up after previous runs
|
||||
virsh destroy $VM_NAME
|
||||
virsh destroy $CONTAINER_NAME
|
||||
|
||||
# Where this vm is stored
|
||||
VM_DIR=$KVMSTACK_DIR/instances/$VM_NAME
|
||||
VM_DIR=$KVMSTACK_DIR/instances/$CONTAINER_NAME
|
||||
|
||||
# Create vm dir
|
||||
mkdir -p $VM_DIR
|
||||
|
@ -148,18 +148,11 @@ git_clone $OPENSTACKX_REPO $COPY_DIR/$DEST/openstackx $OPENSTACKX_BRANCH
|
|||
git_clone $KEYSTONE_REPO $COPY_DIR/$DEST/keystone $KEYSTONE_BRANCH
|
||||
git_clone $NOVNC_REPO $COPY_DIR/$DEST/noVNC $NOVNC_BRANCH
|
||||
|
||||
# Back to devstack
|
||||
cd $TOP_DIR
|
||||
|
||||
# Unmount the filesystems
|
||||
unmount_images
|
||||
|
||||
# Clean up old runs
|
||||
cd $VM_DIR
|
||||
rm -f $VM_DIR/disk
|
||||
|
||||
# Clean up old instance data
|
||||
qemu-img create -f qcow2 -b $BASE_IMAGE_COPY disk
|
||||
# Back to devstack
|
||||
cd $TOP_DIR
|
||||
|
||||
# Network configuration variables
|
||||
BRIDGE=${BRIDGE:-br0}
|
||||
|
@ -168,14 +161,16 @@ CONTAINER_IP=${CONTAINER_IP:-192.168.1.50}
|
|||
CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24}
|
||||
CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0}
|
||||
CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1}
|
||||
CONTAINER_MAC=${CONTAINER_MAC:-02:16:3e:07:70:d7}
|
||||
CONTAINER_MAC=${CONTAINER_MAC:-"02:16:3e:07:69:`printf '%02X' $(echo $CONTAINER_IP | sed "s/.*\.//")`"}
|
||||
CONTAINER_RAM=${CONTAINER_RAM:-1524288}
|
||||
CONTAINER_CORES=${CONTAINER_CORES:-1}
|
||||
|
||||
# libvirt.xml configuration
|
||||
LIBVIRT_XML=libvirt.xml
|
||||
cat > $LIBVIRT_XML <<EOF
|
||||
<domain type='kvm'>
|
||||
<name>$VM_NAME</name>
|
||||
<memory>1524288</memory>
|
||||
<name>$CONTAINER_NAME</name>
|
||||
<memory>$CONTAINER_RAM</memory>
|
||||
<os>
|
||||
<type>hvm</type>
|
||||
<bootmenu enable='yes'/>
|
||||
|
@ -183,7 +178,7 @@ cat > $LIBVIRT_XML <<EOF
|
|||
<features>
|
||||
<acpi/>
|
||||
</features>
|
||||
<vcpu>1</vcpu>
|
||||
<vcpu>$CONTAINER_CORES</vcpu>
|
||||
<devices>
|
||||
<disk type='file'>
|
||||
<driver type='qcow2'/>
|
||||
|
@ -231,8 +226,20 @@ NBD=${NBD:-/dev/nbd5}
|
|||
umount $ROOTFS || echo 'ok'
|
||||
qemu-nbd -d $NBD || echo 'ok'
|
||||
|
||||
# Mount the instance
|
||||
# Clean up old runs
|
||||
cd $VM_DIR
|
||||
rm -f $VM_DIR/disk
|
||||
|
||||
# Create our instance fs
|
||||
qemu-img create -f qcow2 -b $BASE_IMAGE_COPY disk
|
||||
|
||||
sleep 5
|
||||
|
||||
qemu-nbd -c $NBD disk
|
||||
|
||||
sleep 5
|
||||
|
||||
# Mount the instance
|
||||
mount $NBD $ROOTFS -o offset=32256 -t ext4
|
||||
|
||||
# Configure instance network
|
||||
|
@ -355,7 +362,7 @@ if [ "$WAIT_TILL_LAUNCH" = "1" ]; then
|
|||
kill $TAIL_PID
|
||||
exit 1
|
||||
}
|
||||
|
||||
|
||||
# Let Ctrl-c kill tail and exit
|
||||
trap kill_tail SIGINT
|
||||
|
||||
|
|
|
@ -290,7 +290,7 @@ if [ "$WAIT_TILL_LAUNCH" = "1" ]; then
|
|||
kill $TAIL_PID
|
||||
exit 1
|
||||
}
|
||||
|
||||
|
||||
# Let Ctrl-c kill tail and exit
|
||||
trap kill_tail SIGINT
|
||||
|
||||
|
|
|
@ -22,7 +22,7 @@ rm -rf $DEST
|
|||
# clean install of natty
|
||||
if [ ! -d $CHROOTCACHE/natty-base ]; then
|
||||
$PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base
|
||||
# copy kernel modules...
|
||||
# copy kernel modules...
|
||||
# NOTE(ja): is there a better way to do this?
|
||||
cp -pr /lib/modules/`uname -r` $CHROOTCACHE/natty-base/lib/modules
|
||||
# a simple password - pass
|
||||
|
@ -35,7 +35,7 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then
|
|||
chroot $CHROOTCACHE/natty-dev apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"`
|
||||
chroot $CHROOTCACHE/natty-dev pip install `cat files/pips/*`
|
||||
|
||||
# Create a stack user that is a member of the libvirtd group so that stack
|
||||
# Create a stack user that is a member of the libvirtd group so that stack
|
||||
# is able to interact with libvirt.
|
||||
chroot $CHROOTCACHE/natty-dev groupadd libvirtd
|
||||
chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d $DEST -G libvirtd
|
||||
|
@ -45,7 +45,7 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then
|
|||
# a simple password - pass
|
||||
echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd
|
||||
|
||||
# and has sudo ability (in the future this should be limited to only what
|
||||
# and has sudo ability (in the future this should be limited to only what
|
||||
# stack requires)
|
||||
echo "stack ALL=(ALL) NOPASSWD: ALL" >> $CHROOTCACHE/natty-dev/etc/sudoers
|
||||
fi
|
||||
|
|
|
@ -20,7 +20,7 @@ PROGDIR=`dirname $0`
|
|||
mkdir -p $DEST_DIR/pxelinux.cfg
|
||||
cd $DEST_DIR
|
||||
for i in memdisk menu.c32 pxelinux.0; do
|
||||
cp -p /usr/lib/syslinux/$i $DEST_DIR
|
||||
cp -p /usr/lib/syslinux/$i $DEST_DIR
|
||||
done
|
||||
|
||||
CFG=$DEST_DIR/pxelinux.cfg/default
|
||||
|
|
|
@ -27,7 +27,7 @@ USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}
|
|||
# clean install of natty
|
||||
if [ ! -d $CHROOTCACHE/natty-base ]; then
|
||||
$PROGDIR/make_image.sh -C natty $CHROOTCACHE/natty-base
|
||||
# copy kernel modules...
|
||||
# copy kernel modules...
|
||||
# NOTE(ja): is there a better way to do this?
|
||||
cp -pr /lib/modules/`uname -r` $CHROOTCACHE/natty-base/lib/modules
|
||||
# a simple password - pass
|
||||
|
@ -40,7 +40,7 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then
|
|||
chroot $CHROOTCACHE/natty-dev apt-get install -y `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"`
|
||||
chroot $CHROOTCACHE/natty-dev pip install `cat files/pips/*`
|
||||
|
||||
# Create a stack user that is a member of the libvirtd group so that stack
|
||||
# Create a stack user that is a member of the libvirtd group so that stack
|
||||
# is able to interact with libvirt.
|
||||
chroot $CHROOTCACHE/natty-dev groupadd libvirtd
|
||||
chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d $DEST -G libvirtd
|
||||
|
@ -50,7 +50,7 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then
|
|||
# a simple password - pass
|
||||
echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd
|
||||
|
||||
# and has sudo ability (in the future this should be limited to only what
|
||||
# and has sudo ability (in the future this should be limited to only what
|
||||
# stack requires)
|
||||
echo "stack ALL=(ALL) NOPASSWD: ALL" >> $CHROOTCACHE/natty-dev/etc/sudoers
|
||||
fi
|
||||
|
|
Loading…
Reference in a new issue