From 3d6aab9c57ffc97c4962728e0326adcfeb928aaa Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 13:21:46 -0700 Subject: [PATCH 01/16] don't pre-install munin-node --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index a13ca35..07a91ea 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -84,7 +84,7 @@ if [ ! -d $CACHEDIR ]; then # trigger the initial debootstrap lxc-create -n $CONTAINER -t natty -f $LXC_CONF chroot $CACHEDIR apt-get update - chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"` + chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server|munin-node)"` chroot $CACHEDIR pip install `cat files/pips/*` fi From d462295368abfd2c749d03f45b82e3cad7362bfe Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 14:08:26 -0700 Subject: [PATCH 02/16] make sure user isn't running as root --- stack.sh | 9 +++++++++ 1 file changed, 9 insertions(+) diff --git a/stack.sh b/stack.sh index f21b371..a4f14b8 100755 --- a/stack.sh +++ b/stack.sh @@ -37,6 +37,15 @@ if [ ! -d $FILES ]; then exit 1 fi +# you need to run this as a regular user with sudo priviledges +if [[ $EUID -eq 0 ]]; then + echo "This script cannot be run as root." 1>&2 + echo "You should run this script as the user you wish openstack to run as" 1>&2 + echo "The user will need to be a sudoer (without password)" 1>&2 + exit 1 +fi + + # Settings # ======== From bd550eddebdb8f33b62acf64c1c0af1f35d5ea35 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 16:54:25 -0500 Subject: [PATCH 03/16] add make as a dependency --- build_lxc.sh | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 07a91ea..74b63c3 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -33,8 +33,8 @@ apt-get install -y lxc debootstrap # Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup if ! which cgdelete | grep -q cgdelete; then - apt-get install -y g++ bison flex libpam0g-dev - wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 + apt-get install -y g++ bison flex libpam0g-dev make + wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2 cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2 && tar xfv libcgroup-0.37.1.tar cd libcgroup-0.37.1 ./configure @@ -125,7 +125,7 @@ lxc-create -n $CONTAINER -t natty -f $LXC_CONF # Specify where our container rootfs lives ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/ -# Create a stack user that is a member of the libvirtd group so that stack +# Create a stack user that is a member of the libvirtd group so that stack # is able to interact with libvirt. chroot $ROOTFS groupadd libvirtd chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd @@ -133,7 +133,7 @@ chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd # a simple password - pass echo stack:pass | chroot $ROOTFS chpasswd -# and has sudo ability (in the future this should be limited to only what +# and has sudo ability (in the future this should be limited to only what # stack requires) echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers From d5e1f7ba09a389db52bffe5159cc324dfae53809 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:04:01 -0500 Subject: [PATCH 04/16] make stackrc source localrc --- .gitignore | 1 + stackrc | 3 +++ 2 files changed, 4 insertions(+) diff --git a/.gitignore b/.gitignore index 7964faa..22a7898 100644 --- a/.gitignore +++ b/.gitignore @@ -1,2 +1,3 @@ proto *~ +localrc diff --git a/stackrc b/stackrc index 2d265d3..3580ae1 100644 --- a/stackrc +++ b/stackrc @@ -34,3 +34,6 @@ OPENSTACKX_BRANCH=diablo # openstack-munin is a collection of munin plugins for monitoring the stack MUNIN_REPO=https://github.com/cloudbuilders/openstack-munin.git MUNIN_BRANCH=master + +# allow local overwrites +[ -f ./localrc ] && source ./localrc From 1c7f0c9761ede2d91a12b2d811e0588807501a2c Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:09:00 -0500 Subject: [PATCH 05/16] follow symlinks when copying env --- build_lxc.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_lxc.sh b/build_lxc.sh index 74b63c3..7598a90 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -145,7 +145,7 @@ cp -pR /lib/modules/`uname -r`/kernel/net $ROOTFS/lib/modules/`uname -r`/kernel/ # Gracefully cp only if source file/dir exists function cp_it { if [ -e $1 ] || [ -d $1 ]; then - cp -pr $1 $2 + cp -pRL $1 $2 fi } From beab63962653aa36e0ebf4cac7a045ba557861ba Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 15:12:18 -0700 Subject: [PATCH 06/16] some enhancements to bootstrapping to better detect if we've properly warmed the cache. Also provide option to delete lxc cache --- build_lxc.sh | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 74b63c3..c441835 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -75,9 +75,16 @@ function git_clone { fi } -# Warm the base image on first install +# Location of the base image directory CACHEDIR=/var/cache/lxc/natty/rootfs-amd64 -if [ ! -d $CACHEDIR ]; then + +# Provide option to do totally clean install +if [ "$CLEAR_LXC_CACHE" = "1" ]; then + rm -rf $CACHEDIR +fi + +# Warm the base image on first install +if [ ! -f $CACHEDIR/bootstrapped ]; then # by deleting the container, we force lxc-create to re-bootstrap (lxc is # lazy and doesn't do anything if a container already exists) lxc-destroy -n $CONTAINER @@ -86,6 +93,7 @@ if [ ! -d $CACHEDIR ]; then chroot $CACHEDIR apt-get update chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server|munin-node)"` chroot $CACHEDIR pip install `cat files/pips/*` + touch $CACHEDIR/bootstrapped fi # Clean out code repos if directed to do so From eb5dea61389e27096311975ceb651efdc683e2f2 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 15:24:57 -0700 Subject: [PATCH 07/16] make stackrc return 0 --- stackrc | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/stackrc b/stackrc index 3580ae1..8704a65 100644 --- a/stackrc +++ b/stackrc @@ -35,5 +35,7 @@ OPENSTACKX_BRANCH=diablo MUNIN_REPO=https://github.com/cloudbuilders/openstack-munin.git MUNIN_BRANCH=master -# allow local overwrites -[ -f ./localrc ] && source ./localrc +# allow local overrides of env variables +if [ -f ./localrc ]; then + source ./localrc +fi From 9c1af108d4ba79bb5466de17a9a12fd7fe3cc827 Mon Sep 17 00:00:00 2001 From: Anthony Young Date: Wed, 28 Sep 2011 16:04:06 -0700 Subject: [PATCH 08/16] start using cloudbuilders diablo branch --- stackrc | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/stackrc b/stackrc index 8704a65..deb467b 100644 --- a/stackrc +++ b/stackrc @@ -1,6 +1,6 @@ # compute service -NOVA_REPO=https://github.com/openstack/nova.git -NOVA_BRANCH=2011.3 +NOVA_REPO=https://github.com/cloudbuilders/nova.git +NOVA_BRANCH=diablo # image catalog service GLANCE_REPO=https://github.com/cloudbuilders/glance.git From 76ce231050a49d40ebb318544ccaae40b4e06282 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 16:29:25 -0500 Subject: [PATCH 09/16] add a script for lxc net config --- lxc_network_hostonlyplusnat.sh | 94 ++++++++++++++++++++++++++++++++++ 1 file changed, 94 insertions(+) create mode 100755 lxc_network_hostonlyplusnat.sh diff --git a/lxc_network_hostonlyplusnat.sh b/lxc_network_hostonlyplusnat.sh new file mode 100755 index 0000000..59d82e6 --- /dev/null +++ b/lxc_network_hostonlyplusnat.sh @@ -0,0 +1,94 @@ +#!/bin/bash + + +# Print some usage info +function usage { + echo "Usage: $0 [OPTION] [host_ip]" + echo "Set up networking for LXC" + echo "" + echo " -n, --dry-run Just print the commands that would execute." + echo " -h, --help Print this usage message." + echo "" + exit +} + +# Allow passing the ip address on the command line. +function process_option { + case "$1" in + -h|--help) usage;; + -n|--dry-run) dry_run=1;; + *) host_ip="$1" + esac +} + +# Set up some defaults +host_ip= +dry_run=0 +bridge=br0 +DRIER= + +# Process the args +for arg in "$@"; do + process_option $arg +done + +if [ $dry_run ]; then + DRIER=echo +fi + +if [ "$UID" -ne "0" ]; then + echo "This script must be run with root privileges." + exit 1 +fi + +# Check for bridge-utils. +BRCTL=`which brctl` +if [ ! -x "$BRCTL" ]; then + echo "This script requires you to install bridge-utils." + echo "Try: sudo apt-get install bridge-utils." + exit 1 +fi + +# Scare off the nubs. +echo "=====================================================" +echo +echo "WARNING" +echo +echo "This script will modify your current network setup," +echo "this can be a scary thing and it is recommended that" +echo "you have something equivalent to physical access to" +echo "this machine before continuing in case your network" +echo "gets all funky." +echo +echo "If you don't want to continue, hit CTRL-C now." + +if [ -z "$host_ip" ]; +then + echo "Otherwise, please type in your host's ip address and" + echo "hit enter." + echo + echo "=====================================================" + read host_ip +else + echo "Otherwise hit enter." + echo + echo "=====================================================" + read accept +fi + + +# Add a bridge interface, this will choke if there is already +# a bridge named $bridge +$DRIER $BRCTL addbr $bridge +$DRIER ip addr add 192.168.1.1/24 dev $bridge +if [ $dry_run ]; then + echo "echo 1 > /proc/sys/net/ipv4/ip_forward" +else + echo 1 > /proc/sys/net/ipv4/ip_forward +fi +$DRIER ifconfig $bridge up + +# Set up the NAT for the instances +$DRIER iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source $host_ip +$DRIER iptables -I FORWARD -s 192.168.1.0/24 -j ACCEPT + From 07815534265e503b61c06a3e6cd3768dd7e3441d Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 18:15:55 -0500 Subject: [PATCH 10/16] mention temporariness --- lxc_network_hostonlyplusnat.sh | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/lxc_network_hostonlyplusnat.sh b/lxc_network_hostonlyplusnat.sh index 59d82e6..4e29ed7 100755 --- a/lxc_network_hostonlyplusnat.sh +++ b/lxc_network_hostonlyplusnat.sh @@ -1,10 +1,9 @@ #!/bin/bash - # Print some usage info function usage { echo "Usage: $0 [OPTION] [host_ip]" - echo "Set up networking for LXC" + echo "Set up temporary networking for LXC" echo "" echo " -n, --dry-run Just print the commands that would execute." echo " -h, --help Print this usage message." From 7377444f808ef4fa4d45c5a8b06f7bef7cacfbd9 Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 19:02:28 -0500 Subject: [PATCH 11/16] add auto tailing when building lxc --- build_lxc.sh | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) diff --git a/build_lxc.sh b/build_lxc.sh index 0817d1d..471b7dc 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -204,6 +204,9 @@ if [ ! -d "$DEST/devstack" ]; then git clone git://github.com/cloudbuilders/devstack.git $DEST/devstack fi cd $DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log +echo >> /$DEST/run.sh.log +echo >> /$DEST/run.sh.log +echo "All done! Time to start clicking." >> /$DEST/run.sh.log EOF # Make the run.sh executable @@ -224,3 +227,20 @@ fi # Start our container lxc-start -d -n $CONTAINER + +# Done creating the container, let's tail the log +echo +echo "=============================================================" +echo " -- YAY! --" +echo "=============================================================" +echo +echo "We're done creating the container, about to start tailing the" +echo "stack.sh log. It will take a second or two to start." +echo +echo "Just CTRL-C at any time to stop tailing." + +while [ ! -e "$ROOTFS/$DEST/run.sh.log" ]; do + sleep 1 +done + +tail -F $ROOTFS/$DEST/run.sh.log From 197d53d32eff4015274366e65f8651ab4973682f Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 17:18:23 -0700 Subject: [PATCH 12/16] small docs updates about localrc --- stack.sh | 7 ++++++- 1 file changed, 6 insertions(+), 1 deletion(-) diff --git a/stack.sh b/stack.sh index a4f14b8..c3bdc74 100755 --- a/stack.sh +++ b/stack.sh @@ -57,6 +57,11 @@ fi # # You can also pass options on a single line ``MYSQL_PASS=simple ./stack.sh`` # +# Additionally, you can put any local variables into a ``localrc`` file, like:: +# +# MYSQL_PASS=anothersecret +# MYSQL_USER=hellaroot +# # We try to have sensible defaults, so you should be able to run ``./stack.sh`` # in most cases. @@ -386,7 +391,7 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then $NOVA_DIR/bin/nova-manage db sync # create a small network - $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 $FIXED_NETWORK_SIZE + $NOVA_DIR/bin/nova-manage network create private $FIXED_RANGE 1 $FIXED_NETWORK_SIZE # create some floating ips $NOVA_DIR/bin/nova-manage floating create $FLOATING_RANGE From 523c405f0670ea839e73f661477c4c31b853b04e Mon Sep 17 00:00:00 2001 From: termie Date: Wed, 28 Sep 2011 19:49:40 -0500 Subject: [PATCH 13/16] add elapsed time to script --- stack.sh | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/stack.sh b/stack.sh index c3bdc74..4daa95d 100755 --- a/stack.sh +++ b/stack.sh @@ -13,6 +13,9 @@ # Sanity Check # ============ +# Start our timer +START_TIME=`python -c "import time; print time.time()"` + # Warn users who aren't on natty, but allow them to override check and attempt # installation with ``FORCE=yes ./stack`` if ! grep -q natty /etc/lsb-release; then @@ -514,3 +517,11 @@ if [[ "$ENABLED_SERVICES" =~ "key" ]]; then echo "keystone is serving at http://$HOST_IP:5000/v2.0/" echo "examples on using novaclient command line is in exercise.sh" fi + +# Summary +# ======= + +# End our timer and give a timing summary +END_TIME=`python -c "import time; print time.time()"` +ELAPSED=`python -c "print $END_TIME - $START_TIME"` +echo "stack.sh completed in $ELAPSED seconds." From f2d6c92bb5f196ca8fbb0ed0219988fe5cb48d65 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 17:50:40 -0700 Subject: [PATCH 14/16] missed this when separating out the images --- build_pxe_ramdisk.sh | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index 0f598f8..fb95e3f 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -14,7 +14,7 @@ if [ ! -d natty-base ]; then debootstrap natty natty-base # copy kernel modules... # NOTE(ja): is there a better way to do this? - cp -pr /lib/modules/`uname -r` proto/lib/modules + cp -pr /lib/modules/`uname -r` natty-base/lib/modules cp files/sources.list natty-base/etc/apt/sources.list chroot natty-base apt-get update fi From 46ad2de5d9a819523efa2998f82f96660c684847 Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 18:29:50 -0700 Subject: [PATCH 15/16] build_lxc.sh needs to be root to run --- build_lxc.sh | 15 +++++++++++---- 1 file changed, 11 insertions(+), 4 deletions(-) diff --git a/build_lxc.sh b/build_lxc.sh index 471b7dc..191c493 100755 --- a/build_lxc.sh +++ b/build_lxc.sh @@ -1,5 +1,16 @@ #!/usr/bin/env bash +# Sanity check +if [ "$EUID" -ne "0" ]; then + echo "This script must be run with root privileges." + exit 1 +fi + +# Warn users who aren't on natty +if ! grep -q natty /etc/lsb-release; then + echo "WARNING: this script has only been tested on natty" +fi + # Source params source ./stackrc @@ -23,10 +34,6 @@ STACKSH_PARAMS=${STACKSH_PARAMS:-} # Option to use the version of devstack on which we are currently working USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1} -# Warn users who aren't on natty -if ! grep -q natty /etc/lsb-release; then - echo "WARNING: this script has only been tested on natty" -fi # Install deps apt-get install -y lxc debootstrap From 236943fe544adb710d021269ec3c754e27118d2b Mon Sep 17 00:00:00 2001 From: Jesse Andrews Date: Wed, 28 Sep 2011 18:38:10 -0700 Subject: [PATCH 16/16] save a few seconds by seeking instead of copying zeros --- build_pxe_ramdisk.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/build_pxe_ramdisk.sh b/build_pxe_ramdisk.sh index fb95e3f..648fc3b 100755 --- a/build_pxe_ramdisk.sh +++ b/build_pxe_ramdisk.sh @@ -89,8 +89,8 @@ BASE=build.$$ IMG=$BASE.img MNT=$BASE/ -# create a 2GB blank filesystem -dd if=/dev/zero of=$IMG bs=1024k count=2048 +# (quickly) create a 2GB blank filesystem +dd bs=1 count=1 seek=$((2*1024*1024*1024)) if=/dev/zero of=$IMG # force it to be initialized as ext2 mkfs.ext2 -F $IMG