From 8f851e716e0945cb5debeb2321ebd4cfe25843a5 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Tue, 11 Oct 2011 20:22:23 -0500 Subject: [PATCH 01/11] Create run.sh --- tools/build_ramdisk.sh | 26 ++++++++++++++++++++++++++ 1 file changed, 26 insertions(+) diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh index 63d37a9..b9f4afd 100755 --- a/tools/build_ramdisk.sh +++ b/tools/build_ramdisk.sh @@ -18,6 +18,9 @@ CWD=`pwd` DEST=${DEST:-/opt/stack} +# Param string to pass to stack.sh. Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova" +STACKSH_PARAMS=${STACKSH_PARAMS:-} + # Option to use the version of devstack on which we are currently working USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} @@ -112,6 +115,29 @@ auto eth0 iface eth0 inet dhcp EOF +# Configure the runner +RUN_SH=$CHROOTCACHE/natty-stack/$DEST/run.sh +cat > $RUN_SH < $DEST/run.sh.log +echo >> $DEST/run.sh.log +echo >> $DEST/run.sh.log +echo "All done! Time to start clicking." >> $DEST/run.sh.log +EOF + +# Make the run.sh executable +chmod 755 $RUN_SH + # build a new image BASE=$CHROOTCACHE/build.$$ IMG=$BASE.img From 7c076eeff5db638cba5e1e274fd85056f4dd67ed Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Thu, 13 Oct 2011 13:20:13 -0500 Subject: [PATCH 02/11] Add FLOATING_RANGE default --- tools/build_ramdisk.sh | 7 +++++++ 1 file changed, 7 insertions(+) diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh index b9f4afd..14224b1 100755 --- a/tools/build_ramdisk.sh +++ b/tools/build_ramdisk.sh @@ -120,8 +120,14 @@ RUN_SH=$CHROOTCACHE/natty-stack/$DEST/run.sh cat > $RUN_SH < Date: Thu, 13 Oct 2011 15:50:44 -0500 Subject: [PATCH 03/11] Set hostname in ramdisk image --- tools/build_ramdisk.sh | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh index 14224b1..6a168bf 100755 --- a/tools/build_ramdisk.sh +++ b/tools/build_ramdisk.sh @@ -45,7 +45,7 @@ if [ ! -d $CHROOTCACHE/natty-dev ]; then chroot $CHROOTCACHE/natty-dev groupadd libvirtd chroot $CHROOTCACHE/natty-dev useradd stack -s /bin/bash -d $DEST -G libvirtd mkdir -p $CHROOTCACHE/natty-dev/$DEST - chown stack $CHROOTCACHE/natty-dev/$DEST + chroot $CHROOTCACHE/natty-dev chown stack $DEST # a simple password - pass echo stack:pass | chroot $CHROOTCACHE/natty-dev chpasswd @@ -115,6 +115,10 @@ auto eth0 iface eth0 inet dhcp EOF +# Set hostname +echo "ramstack" >$CHROOTCACHE/natty-stack/etc/hostname +echo "127.0.0.1 localhost ramstack" >$CHROOTCACHE/natty-stack/etc/hosts + # Configure the runner RUN_SH=$CHROOTCACHE/natty-stack/$DEST/run.sh cat > $RUN_SH < Date: Mon, 17 Oct 2011 10:48:21 -0500 Subject: [PATCH 04/11] Remove natty image fakery --- tools/build_ramdisk.sh | 6 ------ 1 file changed, 6 deletions(-) diff --git a/tools/build_ramdisk.sh b/tools/build_ramdisk.sh index 6a168bf..decdeb2 100755 --- a/tools/build_ramdisk.sh +++ b/tools/build_ramdisk.sh @@ -129,12 +129,6 @@ set \`ip addr show dev eth0 | grep inet\` PREFIX=\`echo \$2 | cut -d. -f1,2,3\` export FLOATING_RANGE="\$PREFIX.224/27" -# Pre-empt download of natty image -tar czf $DEST/devstack/files/natty.tgz /etc/hosts -mkdir -p $DEST/devstack/files/images -touch $DEST/devstack/files/images/natty-server-cloudimg-amd64-vmlinuz-virtual -touch $DEST/devstack/files/images/natty-server-cloudimg-amd64.img - # Kill any existing screens killall screen From 9122e7b17344dc80710f3a50aa6e8896f9ba8c71 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 17 Oct 2011 14:07:11 -0500 Subject: [PATCH 05/11] Set stack user's home dir to DEST --- stack.sh | 78 ++++++++++++++++++++++++++++---------------------------- 1 file changed, 39 insertions(+), 39 deletions(-) diff --git a/stack.sh b/stack.sh index a7eacbf..8e116a9 100755 --- a/stack.sh +++ b/stack.sh @@ -43,45 +43,6 @@ fi # Keep track of the current devstack directory. TOP_DIR=$(cd $(dirname "$0") && pwd) -# OpenStack is designed to be run as a regular user (Dashboard will fail to run -# as root, since apache refused to startup serve content from root user). If -# stack.sh is run as root, it automatically creates a stack user with -# sudo privileges and runs as that user. - -if [[ $EUID -eq 0 ]]; then - echo "You are running this script as root." - echo "In 10 seconds, we will create a user 'stack' and run as that user" - sleep 10 - - # since this script runs as a normal user, we need to give that user - # ability to run sudo - apt-get update - apt-get install -y sudo - - if ! getent passwd stack >/dev/null; then - echo "Creating a user called stack" - useradd -U -G sudo -s /bin/bash -m stack - fi - - echo "Giving stack user passwordless sudo priviledges" - # natty uec images sudoers does not have a '#includedir'. add one. - grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || - echo "#includedir /etc/sudoers.d" >> /etc/sudoers - ( umask 226 && echo "stack ALL=(ALL) NOPASSWD:ALL" \ - > /etc/sudoers.d/50_stack_sh ) - - echo "Copying files to stack user" - STACK_DIR="/home/stack/${PWD##*/}" - cp -r -f "$PWD" "$STACK_DIR" - chown -R stack "$STACK_DIR" - if [[ "$SHELL_AFTER_RUN" != "no" ]]; then - exec su -c "set -e; cd $STACK_DIR; bash stack.sh; bash" stack - else - exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack - fi - exit 1 -fi - # Settings # ======== @@ -116,6 +77,45 @@ source ./stackrc # Destination path for installation ``DEST`` DEST=${DEST:-/opt/stack} +# OpenStack is designed to be run as a regular user (Dashboard will fail to run +# as root, since apache refused to startup serve content from root user). If +# stack.sh is run as root, it automatically creates a stack user with +# sudo privileges and runs as that user. + +if [[ $EUID -eq 0 ]]; then + echo "You are running this script as root." + echo "In 10 seconds, we will create a user 'stack' and run as that user" + sleep 10 + + # since this script runs as a normal user, we need to give that user + # ability to run sudo + apt-get update + apt-get install -y sudo + + if ! getent passwd stack >/dev/null; then + echo "Creating a user called stack" + useradd -U -G sudo -s /bin/bash -d $DEST -m stack + fi + + echo "Giving stack user passwordless sudo priviledges" + # natty uec images sudoers does not have a '#includedir'. add one. + grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || + echo "#includedir /etc/sudoers.d" >> /etc/sudoers + ( umask 226 && echo "stack ALL=(ALL) NOPASSWD:ALL" \ + > /etc/sudoers.d/50_stack_sh ) + + echo "Copying files to stack user" + STACK_DIR="$DEST/${PWD##*/}" + cp -r -f "$PWD" "$STACK_DIR" + chown -R stack "$STACK_DIR" + if [[ "$SHELL_AFTER_RUN" != "no" ]]; then + exec su -c "set -e; cd $STACK_DIR; bash stack.sh; bash" stack + else + exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack + fi + exit 1 +fi + # Set the destination directories for openstack projects NOVA_DIR=$DEST/nova DASH_DIR=$DEST/dash From d642f86144491e3f825608e363c56714241e5f92 Mon Sep 17 00:00:00 2001 From: Dean Troyer Date: Mon, 17 Oct 2011 14:55:10 -0500 Subject: [PATCH 06/11] Fix syslinux failure on new USB drive --- tools/build_usb_boot.sh | 17 ++++++++++------- 1 file changed, 10 insertions(+), 7 deletions(-) diff --git a/tools/build_usb_boot.sh b/tools/build_usb_boot.sh index ac49848..332c869 100755 --- a/tools/build_usb_boot.sh +++ b/tools/build_usb_boot.sh @@ -21,22 +21,25 @@ if [ -b $DEST_DIR ]; then # We have a block device, install syslinux and mount it DEST_DEV=$DEST_DIR DEST_DIR=`mktemp -d mntXXXXXX` + mount $DEST_DEV $DEST_DIR + + if [ ! -d $DEST_DIR/syslinux ]; then + mkdir -p $DEST_DIR/syslinux + fi # Install syslinux on the device syslinux --install --directory syslinux $DEST_DEV - - mount $DEST_DEV $DEST_DIR else # We have a directory (for sanity checking output) - DEST_DEV="" - if [ ! -d $DEST_DIR/syslinux ]; then - mkdir -p $DEST_DIR/syslinux - fi + DEST_DEV="" + if [ ! -d $DEST_DIR/syslinux ]; then + mkdir -p $DEST_DIR/syslinux + fi fi # Get some more stuff from syslinux for i in memdisk menu.c32; do - cp -p /usr/lib/syslinux/$i $DEST_DIR/syslinux + cp -p /usr/lib/syslinux/$i $DEST_DIR/syslinux done CFG=$DEST_DIR/syslinux/syslinux.cfg From 51fb22efd1cfa6e415cf46e311a5a660ace3c3e9 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 19 Oct 2011 09:24:17 -0700 Subject: [PATCH 07/11] update comments and added check for double mount bug --- stack.sh | 44 ++++++++++++++++++++++++++++---------------- 1 file changed, 28 insertions(+), 16 deletions(-) diff --git a/stack.sh b/stack.sh index f603ce1..d368293 100755 --- a/stack.sh +++ b/stack.sh @@ -30,18 +30,19 @@ if ! grep -q natty /etc/lsb-release; then fi fi +# Keep track of the current devstack directory. +TOP_DIR=$(cd $(dirname "$0") && pwd) + # stack.sh keeps the list of **apt** and **pip** dependencies in external # files, along with config templates and other useful files. You can find these # in the ``files`` directory (next to this script). We will reference this # directory using the ``FILES`` variable in this script. -FILES=`pwd`/files +FILES=$TOP_DIR/files if [ ! -d $FILES ]; then echo "ERROR: missing devstack/files - did you grab more than just stack.sh?" exit 1 fi -# Keep track of the current devstack directory. -TOP_DIR=$(cd $(dirname "$0") && pwd) # OpenStack is designed to be run as a regular user (Dashboard will fail to run # as root, since apache refused to startup serve content from root user). If @@ -292,6 +293,8 @@ sudo PIP_DOWNLOAD_CACHE=/var/cache/pip pip install `cat $FILES/pips/*` function git_clone { # if there is an existing checkout, move it out of the way if [[ "$RECLONE" == "yes" ]]; then + # FIXME(ja): if we were smarter we could speed up RECLONE by + # using the old git repo as the basis of our new clone... if [ -d $2 ]; then mv $2 /tmp/stack.`date +%s` fi @@ -408,6 +411,8 @@ if [[ "$ENABLED_SERVICES" =~ "dash" ]]; then # ``local_settings.py`` is used to override dashboard default settings. cp $FILES/dash_settings.py $DASH_DIR/openstack-dashboard/local/local_settings.py + # Initialize the dashboard database (it stores sessions and notices shown to + # users). The user system is external (keystone). cd $DASH_DIR/openstack-dashboard dashboard/manage.py syncdb @@ -435,7 +440,8 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # (re)create glance database mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS glance;' mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE glance;' - # Copy over our glance-registry.conf + + # Copy over our glance configurations and update them GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf cp $FILES/glance-registry.conf $GLANCE_CONF sudo sed -e "s,%SQL_CONN%,$BASE_SQL_CONN/glance,g" -i $GLANCE_CONF @@ -454,7 +460,7 @@ fi # We are going to use the sample http middleware configuration from the keystone # project to launch nova. This paste config adds the configuration required # for nova to validate keystone tokens - except we need to switch the config -# to use our admin token instead (instead of the token from their sample data). +# to use our service token instead (instead of the invalid token 999888777666). sudo sed -e "s,999888777666,$SERVICE_TOKEN,g" -i $KEYSTONE_DIR/examples/paste/nova-api-paste.ini if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then @@ -465,9 +471,9 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # attempt to load modules: network block device - used to manage qcow images sudo modprobe nbd || true - # Check for kvm (hardware based virtualization). If unable to load kvm, - # set the libvirt type to qemu. Note: many systems come with hardware - # virtualization disabled in BIOS. + # Check for kvm (hardware based virtualization). If unable to initialize + # kvm, we drop back to the slower emulation mode (qemu). Note: many systems + # come with hardware virtualization disabled in BIOS. if [[ "$LIBVIRT_TYPE" == "kvm" ]]; then sudo modprobe kvm || true if [ ! -e /dev/kvm ]; then @@ -481,7 +487,8 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # to simulate multiple systems. if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then sudo apt-get install lxc -y - # lxc requires cgroups to be configured on /cgroup + # lxc uses cgroups (a kernel interface via virtual filesystem) configured + # and mounted to ``/cgroup`` sudo mkdir -p /cgroup if ! grep -q cgroup /etc/fstab; then echo none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0 | sudo tee -a /etc/fstab @@ -491,9 +498,12 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then fi fi - # User needs to be member of libvirtd group for nova-compute to use libvirt. + # The user that nova runs as needs to be member of libvirtd group otherwise + # nova-compute will be unable to use libvirt. sudo usermod -a -G libvirtd `whoami` - # if kvm wasn't running before we need to restart libvirt to enable it + # libvirt detects various settings on startup, as we potentially changed + # the system configuration (modules, filesystems), we need to restart + # libvirt to detect those changes. sudo /etc/init.d/libvirt-bin restart @@ -503,12 +513,14 @@ if [[ "$ENABLED_SERVICES" =~ "n-cpu" ]]; then # Nova stores each instance in its own directory. mkdir -p $NOVA_DIR/instances - # if there is a partition labeled nova-instances use it (ext filesystems - # can be labeled via e2label) - ## FIXME: if already mounted this blows up... + # You can specify a different disk to be mounted and used for backing the + # virtual machines. If there is a partition labeled nova-instances we + # mount it (ext filesystems can be labeled via e2label). if [ -L /dev/disk/by-label/nova-instances ]; then - sudo mount -L nova-instances $NOVA_DIR/instances - sudo chown -R `whoami` $NOVA_DIR/instances + if ! mount -n | grep -q nova-instances; then + sudo mount -L nova-instances $NOVA_DIR/instances + sudo chown -R `whoami` $NOVA_DIR/instances + fi fi # Clean out the instances directory. From aab7eae0b903b7bfe19c0f15ad0eaf1a7c82d8a7 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 19 Oct 2011 10:30:19 -0700 Subject: [PATCH 08/11] docs --- stack.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/stack.sh b/stack.sh index f603ce1..d294b9b 100755 --- a/stack.sh +++ b/stack.sh @@ -675,10 +675,10 @@ screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f / # TTY also uses cloud-init, supporting login via keypair and sending scripts as # userdata. See https://help.ubuntu.com/community/CloudInit for more on cloud-init # -# Override IMAGE_URLS if you would to launch a different image(s). -# Specify IMAGE_URLS as a comma-separated list of uec urls. Some other options include: -# natty: http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz -# oneiric: http://uec-images.ubuntu.com/oneiric/current/oneiric-server-cloudimg-amd64.tar.gz +# Override ``IMAGE_URLS`` with a comma-seperated list of uec images. +# +# * **natty**: http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz +# * **oneiric**: http://uec-images.ubuntu.com/oneiric/current/oneiric-server-cloudimg-amd64.tar.gz if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then # Create a directory for the downloaded image tarballs. From c8d9ce4ef44c3490bd5a09e4749c98ceeadc1f2f Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 19 Oct 2011 14:21:08 -0700 Subject: [PATCH 09/11] vish points out that sudo isn't needed here since DEST is owned by user --- stack.sh | 2 -- 1 file changed, 2 deletions(-) diff --git a/stack.sh b/stack.sh index 95bcadc..a49de1a 100755 --- a/stack.sh +++ b/stack.sh @@ -301,8 +301,6 @@ function git_clone { fi if [ ! -d $2 ]; then - sudo mkdir $2 - sudo chown `whoami` $2 git clone $1 $2 cd $2 # This checkout syntax works for both branches and tags From fe95e0fee3e22d94d0ed815be0f0c90b681e6019 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 19 Oct 2011 14:30:37 -0700 Subject: [PATCH 10/11] only chown if needed (fixes nfs issue) --- stack.sh | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index a49de1a..62d5073 100755 --- a/stack.sh +++ b/stack.sh @@ -271,8 +271,11 @@ failed() { # an error. It is also useful for following along as the install occurs. set -o xtrace +# create the destination directory and ensure it is writable by the user sudo mkdir -p $DEST -sudo chown `whoami` $DEST +if [ ! -w $DEST ]; then + sudo chown `whoami` $DEST +fi # Install Packages # ================ From a50a34619a2f993a74895ff5915a7d2024263d95 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 19 Oct 2011 15:38:10 -0700 Subject: [PATCH 11/11] standardize mysql/rabbit password/user settings --- stack.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/stack.sh b/stack.sh index 95bcadc..9bf2627 100755 --- a/stack.sh +++ b/stack.sh @@ -230,16 +230,15 @@ FLAT_INTERFACE=${FLAT_INTERFACE:-eth0} # use an existing server, you can pass in the user/password/host parameters. # You will need to send the same ``MYSQL_PASSWORD`` to every host if you are doing # a multi-node devstack installation. +MYSQL_HOST=${MYSQL_HOST:-localhost} MYSQL_USER=${MYSQL_USER:-root} read_password MYSQL_PASSWORD "ENTER A PASSWORD TO USE FOR MYSQL." -MYSQL_HOST=${MYSQL_HOST:-localhost} # don't specify /db in this string, so we can use it for multiple services BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASSWORD@$MYSQL_HOST} # Rabbit connection info RABBIT_HOST=${RABBIT_HOST:-localhost} -RABBIT_PASSWORD=${RABBIT_PASSWORD:-`openssl rand -hex 12`} read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT." # Glance connection info. Note the port must be specified.