diff options
| author | Richard Maw <richard.maw@codethink.co.uk> | 2015-03-20 16:57:46 +0000 |
|---|---|---|
| committer | Richard Maw <richard.maw@codethink.co.uk> | 2015-03-20 16:57:46 +0000 |
| commit | 207b836c41a593bb54e2a9f28c66c776c421a756 (patch) | |
| tree | be623f858abfbc7c7c136bc21c9dbee9ce7e6474 | |
| parent | 697850ed65e9655773623231bf1a7393a5929e85 (diff) | |
| parent | 73a471f4cc4e8e6ae33b6519f5c4e6d47d0ada95 (diff) | |
| download | definitions-baserock/openstack-v4.tar.gz | |
Merge branch 'baserock/richardmaw/openstack-v4/reliability-rebase' into baserock/openstack-v4baserock/openstack-v4
Reviewed-by: Pedro Alvarez (+2)
| -rw-r--r-- | openstack-neutron.configure | 10 | ||||
| -rw-r--r-- | openstack-nova.configure | 1 | ||||
| -rw-r--r-- | openstack/etc/nova/nova.conf | 10 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service | 6 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openstack-neutron-server.service | 4 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openstack-neutron-setup.service | 4 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openstack-nova-compute.service | 2 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openstack-nova-serialproxy.service | 11 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openvswitch-create-links-one-node.service | 14 | ||||
| -rw-r--r-- | openstack/etc/systemd/system/openvswitch.service | 2 | ||||
| -rw-r--r-- | openstack/manifest | 3 | ||||
| -rw-r--r-- | openstack/usr/share/openstack/create_openvswitch_veth_pairs | 32 | ||||
| -rw-r--r-- | openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node | 76 | ||||
| -rw-r--r-- | openstack/usr/share/openstack/openstack-nova-setup | 29 | ||||
| -rw-r--r-- | strata/foundation.morph | 4 | ||||
| -rw-r--r-- | strata/foundation/systemd.morph | 8 |
16 files changed, 107 insertions, 109 deletions
diff --git a/openstack-neutron.configure b/openstack-neutron.configure index 71b29713..5b71c09c 100644 --- a/openstack-neutron.configure +++ b/openstack-neutron.configure @@ -44,7 +44,6 @@ sed -f "$ROOT"/etc/openstack-neutron-setup.sed -i \ # Create the links to enable the neutron systemd services # ########################################################################## services=("openstack-neutron-network-configuration-one-node.service" \ - "openvswitch-create-links-one-node.service" \ "openstack-neutron-dhcp-agent.service" \ "openstack-neutron-l3-agent.service" \ "openstack-neutron-metadata-agent.service" \ @@ -57,3 +56,12 @@ for service in ${services[@]}; do ln -sf "/etc/systemd/system/$service" \ "$ROOT/etc/systemd/system/multi-user.target.wants/$service" done + +############################################# +# Ensure /var/run is an appropriate symlink # +############################################# + +if ! link="$(readlink "$ROOT/var/run")" || [ "$link" != ../run ]; then + rm -rf "$ROOT/var/run" + ln -s ../run "$ROOT/var/run" +fi diff --git a/openstack-nova.configure b/openstack-nova.configure index 4655342c..93d1ee53 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -55,7 +55,6 @@ wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants mkdir -p "$wants_dir" mkdir -p "$ROOT"/var/lock/subsys ln -sf ../libvirtd.service "$wants_dir/libvirtd.service" -ln -sf ../libvirt-guests.service "$wants_dir/libvirt-guests.service" ########################################################################## # Change iprange for the interal libvirt to avoid clashes diff --git a/openstack/etc/nova/nova.conf b/openstack/etc/nova/nova.conf index 8b3522b5..ca009273 100644 --- a/openstack/etc/nova/nova.conf +++ b/openstack/etc/nova/nova.conf @@ -253,7 +253,7 @@ dhcpbridge_flagfile=/etc/nova/nova.conf #dhcpbridge=$bindir/nova-dhcpbridge #dhcp_lease_time=120 # Firewall driver (defaults to hypervisor specific iptables driver) (string value) -firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver +#firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver # Interface for public IP addresses (default: eth0) (string value) #public_interface=br-ext public_interface=eth0 @@ -634,3 +634,11 @@ allow_resize_to_same_host=True # Actual testing hardware does not support hardware acceleration # so in this step we will configure libvirt to use qemu instead of KVM virt_type=qemu + +################## +# SERIAL CONSOLE # +################## +# Enable serial console proxy for serial console access from the host only +[serial_console] +serialproxy_host=127.0.0.1 +enabled=true diff --git a/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service b/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service index 5eaf8a30..083cf701 100644 --- a/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service +++ b/openstack/etc/systemd/system/openstack-neutron-ovs-cleanup.service @@ -1,10 +1,12 @@ [Unit] Description=Neutron OVS cleanup -After=network-online.target openstack-neutron-setup.service +After=network-online.target openstack-neutron-setup.service openvswitch.service +Before=openstack-neutron-plugin-openvswitch-agent.service ConditionFileIsExecutable=/usr/bin/neutron-ovs-cleanup [Service] -Type=simple +Type=oneshot +RemainAfterExit=yes User=neutron ExecStart=/usr/bin/neutron-ovs-cleanup \ --log-file /var/log/neutron/ovs-cleanup.log \ diff --git a/openstack/etc/systemd/system/openstack-neutron-server.service b/openstack/etc/systemd/system/openstack-neutron-server.service index b9484b94..c8e816a5 100644 --- a/openstack/etc/systemd/system/openstack-neutron-server.service +++ b/openstack/etc/systemd/system/openstack-neutron-server.service @@ -1,7 +1,7 @@ [Unit] Description=Neutron Api Server -Wants=openvswitch-create-links-one-node.service -After=network-online.target openstack-neutron-setup.service openvswitch-create-links-one-node.service +Wants=openstack-neutron-network-configuration-one-node.service +After=network-online.target openstack-neutron-setup.service openstack-neutron-network-configuration-one-node.service [Service] Type=simple diff --git a/openstack/etc/systemd/system/openstack-neutron-setup.service b/openstack/etc/systemd/system/openstack-neutron-setup.service index 4c09907e..858e76e9 100644 --- a/openstack/etc/systemd/system/openstack-neutron-setup.service +++ b/openstack/etc/systemd/system/openstack-neutron-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run openstack-neutron-setup (once) -Wants=openvswitch-create-links-one-node.service -After=network-online.target openstack-keystone-setup.service openvswitch-create-links-one-node.service postgres-server.service +Wants=openstack-neutron-network-configuration-one-node.service +After=network-online.target openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service postgres-server.service [Service] Type=oneshot diff --git a/openstack/etc/systemd/system/openstack-nova-compute.service b/openstack/etc/systemd/system/openstack-nova-compute.service index dc18f225..aa332251 100644 --- a/openstack/etc/systemd/system/openstack-nova-compute.service +++ b/openstack/etc/systemd/system/openstack-nova-compute.service @@ -1,5 +1,5 @@ [Unit] -Description=OpenStack Compute Service (code-named Nova) API server +Description=OpenStack Compute Service (code-named Nova) compute server After=syslog.target network.target libvirtd.service Requires=libvirtd.service diff --git a/openstack/etc/systemd/system/openstack-nova-serialproxy.service b/openstack/etc/systemd/system/openstack-nova-serialproxy.service new file mode 100644 index 00000000..2557dc2b --- /dev/null +++ b/openstack/etc/systemd/system/openstack-nova-serialproxy.service @@ -0,0 +1,11 @@ +[Unit] +Description=OpenStack Nova Serial Proxy +After=syslog.target network.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-serialproxy --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/etc/systemd/system/openvswitch-create-links-one-node.service b/openstack/etc/systemd/system/openvswitch-create-links-one-node.service deleted file mode 100644 index bacfc433..00000000 --- a/openstack/etc/systemd/system/openvswitch-create-links-one-node.service +++ /dev/null @@ -1,14 +0,0 @@ -[Unit] -Description=Create Veth pairs -Wants=openstack-neutron-network-configuration-one-node.service -After=network-online.target openstack-neutron-network-configuration-one-node.service - -[Service] -Type=oneshot -ExecStart=/usr/share/openstack/create_openvswitch_veth_pairs -RemainAfterExit=yes -Restart=no - -[Install] -WantedBy=multi-user.target - diff --git a/openstack/etc/systemd/system/openvswitch.service b/openstack/etc/systemd/system/openvswitch.service index 446c0f95..6f1a93a8 100644 --- a/openstack/etc/systemd/system/openvswitch.service +++ b/openstack/etc/systemd/system/openvswitch.service @@ -1,6 +1,8 @@ [Unit] Description=Open vSwitch Daemon +Wants=network-pre.target After=openvswitch-initialize-db.service +Before=network-pre.target [Service] Type=forking diff --git a/openstack/manifest b/openstack/manifest index 8c7b9915..76e989d8 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -47,6 +47,7 @@ 0100644 0 0 /etc/systemd/system/openstack-nova-scheduler.service 0100644 0 0 /etc/systemd/system/openstack-nova-consoleauth.service 0100644 0 0 /etc/systemd/system/openstack-nova-novncproxy.service +0100644 0 0 /etc/systemd/system/openstack-nova-serialproxy.service 0100644 0 0 /etc/systemd/system/openstack-nova-cert.service 0100644 0 0 /etc/systemd/system/openstack-rabbitmq-setup.service 0100644 0 0 /etc/systemd/system/openstack-rabbitmq-server.service @@ -157,6 +158,4 @@ 0100644 0 0 /etc/horizon/apache-horizon.conf 0100644 0 0 /etc/horizon/openstack_dashboard/local_settings.py 0100644 0 0 /etc/sysctl.conf -0100644 0 0 /etc/systemd/system/openvswitch-create-links-one-node.service -0100755 0 0 /usr/share/openstack/create_openvswitch_veth_pairs 0100644 0 0 /etc/hosts diff --git a/openstack/usr/share/openstack/create_openvswitch_veth_pairs b/openstack/usr/share/openstack/create_openvswitch_veth_pairs deleted file mode 100644 index a239ac73..00000000 --- a/openstack/usr/share/openstack/create_openvswitch_veth_pairs +++ /dev/null @@ -1,32 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2015 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -set -xe - -# Get the first ethernet driver and its ip -eth_dev="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $1 } ')" -eth_ip="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $2 } ')" - -# Create the veth pairs between bridges (configuration one node) -ifconfig br-eth0 $eth_ip up -ip link set br-eth0 promisc on -ip link set eth1-br-proxy up promisc on -ip link set ex-br-proxy up promisc on -ip link set proxy-br-eth1 up promisc on -ip link set proxy-br-ex up promisc on - -exit 0 diff --git a/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node b/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node index c2ccbd81..abf1113e 100644 --- a/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node +++ b/openstack/usr/share/openstack/openstack-neutron-network-configuration-for-one-node @@ -17,40 +17,70 @@ set -xe -# Get the first ethernet driver and its ip -eth_dev="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $1 } ')" -eth_ip="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $2 } ')" - -ip link add proxy-br-eth1 type veth peer name eth1-br-proxy -ip link add proxy-br-ex type veth peer name ex-br-proxy - if [ -f /var/openstack/openvswitch-one-node-setup ]; then exit 0 fi +# Get the first ethernet driver and its ip +eth_dev="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $1 } ')" +eth_ip="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^e" | head -1 | awk '{ print $2 } ')" +eth_mac="$(ip link show $eth_dev | tr -s '[:space:]' '\n' | sed -n '/link\/ether/{n;p}')" + # Create the bridges to use the External network mapped # This configuration is for 1 node and it was taken from: # https://fosskb.wordpress.com/2014/10/18/openstack-juno-on-ubuntu-14-10/ # and https://fosskb.wordpress.com/2014/06/10/managing-openstack-internaldataexternal-network-in-one-interface/ +# Disable dhcp on the bound physical interface, and all the internal interfaces +for devname in $eth_dev br-eth1 br-ex eth1-br-proxy ex-br-proxy \ + proxy-br-eth1 proxy-br-ex ovs-system; do + install -D -m 644 /proc/self/fd/0 <<EOF /etc/systemd/network/00-disable-$devname-config.network +[Match] +Name=$devname +EOF +done + +# restart networkd so it understands to not bring up these interfaces +systemctl restart systemd-networkd.service + +# Deallocate ip address for external interface so we don't try to route +# connections out of an interface that no longer works +ip addr del $eth_ip dev $eth_dev -ovs-vsctl add-br br-eth0 -ovs-vsctl add-port br-eth0 $eth_dev -ifconfig br-eth0 $eth_ip up -ip link set br-eth0 promisc on -ovs-vsctl add-br br-eth1 -ovs-vsctl add-br br-ex -ovs-vsctl add-port br-eth1 eth1-br-proxy -ovs-vsctl add-port br-ex ex-br-proxy -ovs-vsctl add-port br-eth0 proxy-br-eth1 -ovs-vsctl add-port br-eth0 proxy-br-ex -ip link set eth1-br-proxy up promisc on -ip link set ex-br-proxy up promisc on -ip link set proxy-br-eth1 up promisc on -ip link set proxy-br-ex up promisc on +# Create our external bridge +# Bind our external device to the bridge +# Tell the bridge that it has the mac address of the external device now +ovs-vsctl \ + -- add-br br-eth0 \ + -- add-port br-eth0 $eth_dev \ + -- set bridge br-eth0 other-config:hwaddr=$eth_mac + +# restart networkd again so it will DHCP on the Open vSwitch device that +# replaces our external interface, but with the mac address of the external +# interface, so it ought to get the same address back +install -D -m 644 /proc/self/fd/0 <<EOF /etc/systemd/network/10-br-ex-dhcp.network +[Match] +Name=br-eth0 + +[Network] +DHCP=yes +EOF +systemctl restart systemd-networkd.service + + +# Add the rest of the bridges +ovs-vsctl \ + -- add-br br-eth1 \ + -- add-port br-eth1 eth1-br-proxy \ + -- set interface eth1-br-proxy type=patch options:peer=proxy-br-eth1 \ + -- add-port br-eth0 proxy-br-eth1 \ + -- set interface proxy-br-eth1 type=patch options:peer=eth1-br-proxy \ + -- add-br br-ex \ + -- add-port br-ex ex-br-proxy \ + -- set interface ex-br-proxy type=patch options:peer=proxy-br-ex \ + -- add-port br-eth0 proxy-br-ex \ + -- set interface proxy-br-ex type=patch options:peer=ex-br-proxy install -D -m 644 /proc/self/fd/0 <<'EOF' /var/openstack/openvswitch-one-node-setup Openvswitch one node setup: success EOF - -exit 0 diff --git a/openstack/usr/share/openstack/openstack-nova-setup b/openstack/usr/share/openstack/openstack-nova-setup index 1a93a1b0..86de2341 100644 --- a/openstack/usr/share/openstack/openstack-nova-setup +++ b/openstack/usr/share/openstack/openstack-nova-setup @@ -95,38 +95,21 @@ usermod -a -G libvirt nova rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service # Start nova services -systemctl start openstack-nova-compute # [1] Never enable openstack-nova-conductor service in a node with # openstack-nova-compute or the security benefits of removing # database access from nova-compute will be negated #systemctl start openstack-nova-conductor -systemctl start openstack-nova-api -systemctl start openstack-nova-cert -systemctl start openstack-nova-consoleauth -systemctl start openstack-nova-scheduler -systemctl start openstack-nova-novncproxy +for service in compute api cert consoleauth scheduler novncproxy serialproxy; do + systemctl start openstack-nova-$service.service +done #systemctl start openstack-nova-xvpnvncproxy # Create the links to run nova services when system start next times. -ln -s "/etc/systemd/system/openstack-nova-compute.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service" +for service in compute api cert consoleauth scheduler novncproxy serialproxy; do + systemctl enable openstack-nova-$service.service +done # See description of why this shouldn't run in a openstack in one node in [1] #ln -s "/etc/systemd/system/openstack-nova-conductor.service" \ # "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service" -ln -s "/etc/systemd/system/openstack-nova-api.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-api.service" - -ln -s "/etc/systemd/system/openstack-nova-cert.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service" - -ln -s "/etc/systemd/system/openstack-nova-consoleauth.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service" - -ln -s "/etc/systemd/system/openstack-nova-scheduler.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service" - -ln -s "/etc/systemd/system/openstack-nova-novncproxy.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service" - exit 0 diff --git a/strata/foundation.morph b/strata/foundation.morph index eea872a8..d6c9e05e 100644 --- a/strata/foundation.morph +++ b/strata/foundation.morph @@ -74,8 +74,8 @@ chunks: - name: systemd morph: strata/foundation/systemd.morph repo: upstream:systemd - ref: a88abde72169ddc2df77df3fa5bed30725022253 - unpetrify-ref: v219 + ref: d736e4f3e76daca4ab1b1fc444737e5ee20a27cd + unpetrify-ref: master build-depends: - dbus-pre - gobject-introspection diff --git a/strata/foundation/systemd.morph b/strata/foundation/systemd.morph index 81db9acd..c53cef39 100644 --- a/strata/foundation/systemd.morph +++ b/strata/foundation/systemd.morph @@ -3,9 +3,11 @@ kind: chunk build-system: autotools configure-commands: - sh autogen.sh -- ./configure --prefix="$PREFIX" --enable-xz --disable-manpages --sysconfdir=/etc - --localstatedir=/var --libdir="$PREFIX/lib" --libexecdir="$PREFIX/libexec" --with-rootprefix= - --with-rootlibdir=/lib +- | + ./configure --prefix="$PREFIX" --enable-xz --disable-manpages \ + --disable-tests --sysconfdir=/etc --localstatedir=/var \ + --libdir="$PREFIX/lib" --libexecdir="$PREFIX/libexec" \ + --with-rootprefix= --with-rootlibdir=/lib install-commands: - make DESTDIR="$DESTDIR" install - mkdir -p "$DESTDIR"/sbin |