summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-02-20 14:20:49 +0000
committerPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-03-16 17:30:38 +0000
commita06c0bf70386952e9440f0a726fd621760611fcd (patch)
treefd1fe916267abce6fa352072b652652f35516044
parenta90c7414cd5b7697c07d8f2c60a796064ebd7f28 (diff)
downloaddefinitions-a06c0bf70386952e9440f0a726fd621760611fcd.tar.gz
Glance configuration in ansible
-rw-r--r--openstack-glance.configure96
-rw-r--r--openstack/etc/systemd/system/openstack-glance-setup.service6
-rw-r--r--openstack/manifest22
-rw-r--r--openstack/usr/share/openstack/glance.yml62
-rw-r--r--openstack/usr/share/openstack/glance/glance-api-paste.ini (renamed from openstack/etc/glance/glance-api-paste.ini)0
-rw-r--r--openstack/usr/share/openstack/glance/glance-api.conf (renamed from openstack/etc/glance/glance-api.conf)18
-rw-r--r--openstack/usr/share/openstack/glance/glance-cache.conf (renamed from openstack/etc/glance/glance-cache.conf)0
-rw-r--r--openstack/usr/share/openstack/glance/glance-registry-paste.ini (renamed from openstack/etc/glance/glance-registry-paste.ini)0
-rw-r--r--openstack/usr/share/openstack/glance/glance-registry.conf (renamed from openstack/etc/glance/glance-registry.conf)10
-rw-r--r--openstack/usr/share/openstack/glance/glance-scrubber.conf (renamed from openstack/etc/glance/glance-scrubber.conf)0
-rw-r--r--openstack/usr/share/openstack/glance/logging.conf (renamed from openstack/etc/glance/logging.conf)0
-rw-r--r--openstack/usr/share/openstack/glance/policy.json (renamed from openstack/etc/glance/policy.json)0
-rw-r--r--openstack/usr/share/openstack/glance/schema-image.json (renamed from openstack/etc/glance/schema-image.json)0
-rw-r--r--openstack/usr/share/openstack/openstack-glance-setup89
14 files changed, 164 insertions, 139 deletions
diff --git a/openstack-glance.configure b/openstack-glance.configure
index 6780a64a..128df556 100644
--- a/openstack-glance.configure
+++ b/openstack-glance.configure
@@ -20,30 +20,84 @@ set -e
ROOT="$1"
##########################################################################
-# Substitutions in configuration files
+
+ln -s "/etc/systemd/system/openstack-glance-setup.service" \
+ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service"
+
+##########################################################################
+# Check variables
##########################################################################
-cat <<EOF > "$ROOT"/etc/openstack-glance-setup.sed
-s/##GLANCE_SERVICE_USER##/$GLANCE_SERVICE_USER/g
-s/##GLANCE_SERVICE_PASSWORD##/$GLANCE_SERVICE_PASSWORD/g
-s/##GLANCE_PUBLIC_URL##/$GLANCE_PUBLIC_URL/g
-s/##GLANCE_INTERNAL_URL##/$GLANCE_INTERNAL_URL/g
-s/##GLANCE_ADMIN_URL##/$GLANCE_ADMIN_URL/g
-s/##GLANCE_HOST##/$GLANCE_HOST/g
-s/##GLANCE_DB_USER##/$GLANCE_DB_USER/g
-s/##GLANCE_DB_PASSWORD##/$GLANCE_DB_PASSWORD/g
-EOF
+if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \
+ -z "$GLANCE_SERVICE_USER" -a \
+ -z "$GLANCE_SERVICE_PASSWORD" -a \
+ -z "$GLANCE_PUBLIC_URL" -a \
+ -z "$GLANCE_INTERNAL_URL" -a \
+ -z "$GLANCE_ADMIN_URL" -a \
+ -z "$KEYSTONE_PUBLIC_URL" -a \
+ -z "$KEYSTONE_INTERNAL_URL" -a \
+ -z "$KEYSTONE_ADMIN_URL" -a \
+ -z "$IDENTITY_URI" -a \
+ -z "$GLANCE_DB_USER" -a \
+ -z "$GLANCE_DB_PASSWORD" -a \
+ -z "$RABBITMQ_HOST" -a \
+ -z "$RABBITMQ_PORT" -a \
+ -z "$RABBITMQ_USER" -a \
+ -z "$RABBITMQ_PASSWORD" -a \
+ -z "$CONTROLLER_HOST" ]; then
+ # No Glance options defined, do nothing.
+ exit 0
+fi
-sed -f "$ROOT"/etc/openstack-glance-setup.sed -i \
- "$ROOT"/etc/glance/glance-api.conf \
- "$ROOT"/etc/glance/glance-registry.conf \
- "$ROOT"/etc/glance/glance-scrubber.conf \
- "$ROOT"/etc/glance/glance-cache.conf \
- "$ROOT"/etc/cinder/cinder.conf \
- "$ROOT"/etc/nova/nova.conf \
- "$ROOT"/usr/share/openstack/openstack-glance-setup
+if [ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \
+ -z "$GLANCE_SERVICE_USER" -o \
+ -z "$GLANCE_SERVICE_PASSWORD" -o \
+ -z "$GLANCE_PUBLIC_URL" -o \
+ -z "$GLANCE_INTERNAL_URL" -o \
+ -z "$GLANCE_ADMIN_URL" -o \
+ -z "$KEYSTONE_PUBLIC_URL" -o \
+ -z "$KEYSTONE_INTERNAL_URL" -o \
+ -z "$KEYSTONE_ADMIN_URL" -o \
+ -z "$IDENTITY_URI" -o \
+ -z "$GLANCE_DB_USER" -o \
+ -z "$GLANCE_DB_PASSWORD" -o \
+ -z "$RABBITMQ_HOST" -o \
+ -z "$RABBITMQ_PORT" -o \
+ -z "$RABBITMQ_USER" -o \
+ -z "$RABBITMQ_PASSWORD" -o \
+ -z "$CONTROLLER_HOST" ]; then
+ echo Some options required for Glance were defined, but not all.
+ exit 1
+fi
##########################################################################
+# Generate config variable shell snippet
+##########################################################################
-ln -s "/etc/systemd/system/openstack-glance-setup.service" \
- "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service"
+OPENSTACK_DATA="$ROOT/etc/openstack"
+mkdir -p "$OPENSTACK_DATA"
+
+python <<'EOF' >"$OPENSTACK_DATA/glance.conf"
+import os, sys, yaml
+
+glance_configuration={
+ 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'],
+ 'KEYSTONE_PUBLIC_URL': os.environ['KEYSTONE_PUBLIC_URL'],
+ 'KEYSTONE_ADMIN_URL': os.environ['KEYSTONE_ADMIN_URL'],
+ 'IDENTITY_URI': os.environ['IDENTITY_URI'],
+ 'GLANCE_ADMIN_URL': os.environ['GLANCE_ADMIN_URL'],
+ 'GLANCE_INTERNAL_URL': os.environ['GLANCE_INTERNAL_URL'],
+ 'GLANCE_PUBLIC_URL': os.environ['GLANCE_PUBLIC_URL'],
+ 'GLANCE_SERVICE_PASSWORD': os.environ['GLANCE_SERVICE_PASSWORD'],
+ 'GLANCE_SERVICE_USER': os.environ['GLANCE_SERVICE_USER'],
+ 'GLANCE_DB_USER': os.environ['GLANCE_DB_USER'],
+ 'GLANCE_DB_PASSWORD': os.environ['GLANCE_DB_PASSWORD'],
+ 'CONTROLLER_HOST': os.environ['CONTROLLER_HOST'],
+ 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'],
+ 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'],
+ 'RABBITMQ_USER': os.environ['RABBITMQ_USER'],
+ 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'],
+}
+
+yaml.dump(glance_configuration, sys.stdout, default_flow_style=False)
+EOF
diff --git a/openstack/etc/systemd/system/openstack-glance-setup.service b/openstack/etc/systemd/system/openstack-glance-setup.service
index ee03c167..c00c520c 100644
--- a/openstack/etc/systemd/system/openstack-glance-setup.service
+++ b/openstack/etc/systemd/system/openstack-glance-setup.service
@@ -1,11 +1,9 @@
[Unit]
-Description=Run openstack-glance-setup (once)
+Description=Run glance-setup Ansible scripts
After=local-fs.target openstack-keystone-setup.service postgres-server.service
[Service]
-Type=oneshot
-ExecStart=/usr/share/openstack/openstack-glance-setup
-Restart=no
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/glance.yml
[Install]
WantedBy=multi-user.target
diff --git a/openstack/manifest b/openstack/manifest
index aca952e0..aeb3922e 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -1,8 +1,18 @@
0040755 0 0 /usr/share/openstack
0100644 0 0 /usr/share/openstack/hosts
+0100644 0 0 /usr/share/openstack/glance.yml
+0040755 0 0 /usr/share/openstack/glance
+0100644 0 0 /usr/share/openstack/glance/logging.conf
+0100644 0 0 /usr/share/openstack/glance/glance-api.conf
+0100644 0 0 /usr/share/openstack/glance/glance-registry.conf
+0100644 0 0 /usr/share/openstack/glance/glance-scrubber.conf
+0100644 0 0 /usr/share/openstack/glance/glance-cache.conf
+0100644 0 0 /usr/share/openstack/glance/schema-image.json
+0100644 0 0 /usr/share/openstack/glance/policy.json
+0100644 0 0 /usr/share/openstack/glance/glance-api-paste.ini
+0100644 0 0 /usr/share/openstack/glance/glance-registry-paste.ini
0100644 0 0 /usr/share/openstack/keystone.yml
0040755 0 0 /usr/share/openstack/keystone
-0100755 0 0 /usr/share/openstack/openstack-keystone-setup
0100644 0 0 /usr/share/openstack/keystone/logging.conf
0100644 0 0 /usr/share/openstack/keystone/keystone.conf
0100644 0 0 /usr/share/openstack/keystone/policy.json
@@ -34,21 +44,11 @@
0040755 0 0 /var/lib/glance/image-cache/invalid
0040755 0 0 /var/lib/glance/image-cache/queue
0040755 0 0 /var/lib/glance/images
-0100644 0 0 /etc/glance/logging.conf
-0100644 0 0 /etc/glance/glance-api.conf
-0100644 0 0 /etc/glance/glance-registry.conf
-0100644 0 0 /etc/glance/glance-scrubber.conf
-0100644 0 0 /etc/glance/glance-cache.conf
-0100644 0 0 /etc/glance/schema-image.json
-0100644 0 0 /etc/glance/policy.json
-0100644 0 0 /etc/glance/glance-api-paste.ini
-0100644 0 0 /etc/glance/glance-registry-paste.ini
0100644 0 0 /etc/logrotate.d/openstack-glance-api
0100644 0 0 /etc/logrotate.d/openstack-glance-registry
0100644 0 0 /etc/systemd/system/openstack-glance-setup.service
0100644 0 0 /etc/systemd/system/openstack-glance-api.service
0100644 0 0 /etc/systemd/system/openstack-glance-registry.service
-0100755 0 0 /usr/share/openstack/openstack-glance-setup
0040755 0 0 /var/lib/nova
0040755 0 0 /etc/nova
0100644 0 0 /etc/nova/logging.conf
diff --git a/openstack/usr/share/openstack/glance.yml b/openstack/usr/share/openstack/glance.yml
new file mode 100644
index 00000000..83d73428
--- /dev/null
+++ b/openstack/usr/share/openstack/glance.yml
@@ -0,0 +1,62 @@
+---
+- hosts: localhost
+ vars_files:
+ - "/etc/openstack/glance.conf"
+ tasks:
+ - name: Create the glance user.
+ user: name=glance comment="Openstack Glance Daemons" shell=/sbin/nologin home=/var/lib/glance
+
+ - name: Create the /var folders for glance
+ file: path={{ item }} state=directory owner=glance group=glance
+ with_items:
+ - /var/run/glance
+ - /var/lock/glance
+ - /var/log/glance
+ - /var/lib/glance
+ - /var/lib/glance/images
+ - /var/lib/glance/image-cache
+
+ - file: path=/etc/glance state=directory
+ - name: Add the configuration needed for glance in /etc/glance using templates
+ template: src=/usr/share/openstack/glance/{{ item }} dest=/etc/glance/{{ item }}
+ with_lines:
+ - (cd /usr/share/openstack/glance && find -type f)
+
+ - keystone_user: >
+ user={{ GLANCE_SERVICE_USER }}
+ password={{ GLANCE_SERVICE_PASSWORD }}
+ tenant=service
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - keystone_user: >
+ role=admin
+ user={{ GLANCE_SERVICE_USER }}
+ tenant=service
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - keystone_service: >
+ name=glance
+ type=image
+ description="Openstack Image Service"
+ publicurl={{ GLANCE_PUBLIC_URL }}
+ internalurl={{ GLANCE_INTERNAL_URL }}
+ adminurl={{ GLANCE_ADMIN_URL }}
+ region='RegionOne'
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - postgresql_user: name={{ GLANCE_DB_USER }} login_host={{ CONTROLLER_HOST }} password={{ GLANCE_DB_PASSWORD }}
+ sudo: yes
+ sudo_user: glance
+ - postgresql_db: name=glance owner={{ GLANCE_DB_USER }} login_host={{ CONTROLLER_HOST }}
+ sudo: yes
+ sudo_user: glance
+
+ - glance_manage: action=dbsync
+ sudo: yes
+ sudo_user: glance
+
+ - name: Enable and start openstack-glance service
+ service: name={{ item }} enabled=yes state=started
+ with_items:
+ - openstack-glance-api.service
+ - openstack-glance-registry.service
diff --git a/openstack/etc/glance/glance-api-paste.ini b/openstack/usr/share/openstack/glance/glance-api-paste.ini
index e4baa269..e4baa269 100644
--- a/openstack/etc/glance/glance-api-paste.ini
+++ b/openstack/usr/share/openstack/glance/glance-api-paste.ini
diff --git a/openstack/etc/glance/glance-api.conf b/openstack/usr/share/openstack/glance/glance-api.conf
index c30ce62f..197dca8c 100644
--- a/openstack/etc/glance/glance-api.conf
+++ b/openstack/usr/share/openstack/glance/glance-api.conf
@@ -238,11 +238,11 @@ rpc_backend=rabbit
# Configuration options if sending notifications via rabbitmq (these are
# the defaults)
-rabbit_host = ##RABBITMQ_HOST##
-rabbit_port = ##RABBITMQ_PORT##
+rabbit_host = {{ RABBITMQ_HOST }}
+rabbit_port = {{ RABBITMQ_PORT }}
rabbit_use_ssl = false
-rabbit_userid = ##RABBITMQ_USER##
-rabbit_password = ##RABBITMQ_PASSWORD##
+rabbit_userid = {{ RABBITMQ_USER }}
+rabbit_password = {{ RABBITMQ_PASSWORD }}
rabbit_virtual_host = /
rabbit_notification_exchange = glance
rabbit_notification_topic = notifications
@@ -586,7 +586,7 @@ image_cache_dir = /var/lib/glance/image-cache/
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
#connection = <None>
-connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@onenode/glance
+connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST }}/glance
# The SQL mode to be used for MySQL sessions. This option,
# including the default, overrides any server-set SQL mode. To
@@ -667,11 +667,11 @@ connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@onenode/glance
#db_max_retries = 20
[keystone_authtoken]
-auth_uri = ##KEYSTONE_PUBLIC_URL##
-identity_uri = ##IDENTITY_URI##
+auth_uri = {{ KEYSTONE_PUBLIC_URL }}
+identity_uri = {{ IDENTITY_URI }}
admin_tenant_name = service
-admin_user = ##GLANCE_SERVICE_USER##
-admin_password = ##GLANCE_SERVICE_PASSWORD##
+admin_user = {{ GLANCE_SERVICE_USER }}
+admin_password = {{ GLANCE_SERVICE_PASSWORD }}
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
diff --git a/openstack/etc/glance/glance-cache.conf b/openstack/usr/share/openstack/glance/glance-cache.conf
index a4453353..a4453353 100644
--- a/openstack/etc/glance/glance-cache.conf
+++ b/openstack/usr/share/openstack/glance/glance-cache.conf
diff --git a/openstack/etc/glance/glance-registry-paste.ini b/openstack/usr/share/openstack/glance/glance-registry-paste.ini
index ab8c2856..ab8c2856 100644
--- a/openstack/etc/glance/glance-registry-paste.ini
+++ b/openstack/usr/share/openstack/glance/glance-registry-paste.ini
diff --git a/openstack/etc/glance/glance-registry.conf b/openstack/usr/share/openstack/glance/glance-registry.conf
index fbfe7c8d..6679c278 100644
--- a/openstack/etc/glance/glance-registry.conf
+++ b/openstack/usr/share/openstack/glance/glance-registry.conf
@@ -99,7 +99,7 @@ limit_param_default = 25
# Deprecated group/name - [DATABASE]/sql_connection
# Deprecated group/name - [sql]/connection
#connection = <None>
-connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@onenode/glance
+connection=postgresql://{{ GLANCE_DB_USER }}:{{ GLANCE_DB_PASSWORD }}@{{ CONTROLLER_HOST}}/glance
# The SQL mode to be used for MySQL sessions. This option,
# including the default, overrides any server-set SQL mode. To
@@ -180,11 +180,11 @@ connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@onenode/glance
#db_max_retries = 20
[keystone_authtoken]
-auth_uri = ##KEYSTONE_PUBLIC_URL##
-identity_uri = ##IDENTITY_URI##
+auth_uri = {{ KEYSTONE_PUBLIC_URL }}
+identity_uri = {{ IDENTITY_URI }}
admin_tenant_name = service
-admin_user = ##GLANCE_SERVICE_USER##
-admin_password = ##GLANCE_SERVICE_PASSWORD##
+admin_user = {{ GLANCE_SERVICE_USER }}
+admin_password = {{ GLANCE_SERVICE_PASSWORD }}
[paste_deploy]
# Name of the paste configuration file that defines the available pipelines
diff --git a/openstack/etc/glance/glance-scrubber.conf b/openstack/usr/share/openstack/glance/glance-scrubber.conf
index 5c5e8d4c..5c5e8d4c 100644
--- a/openstack/etc/glance/glance-scrubber.conf
+++ b/openstack/usr/share/openstack/glance/glance-scrubber.conf
diff --git a/openstack/etc/glance/logging.conf b/openstack/usr/share/openstack/glance/logging.conf
index 8de2ffd1..8de2ffd1 100644
--- a/openstack/etc/glance/logging.conf
+++ b/openstack/usr/share/openstack/glance/logging.conf
diff --git a/openstack/etc/glance/policy.json b/openstack/usr/share/openstack/glance/policy.json
index 8b7e6871..8b7e6871 100644
--- a/openstack/etc/glance/policy.json
+++ b/openstack/usr/share/openstack/glance/policy.json
diff --git a/openstack/etc/glance/schema-image.json b/openstack/usr/share/openstack/glance/schema-image.json
index 5aafd6b3..5aafd6b3 100644
--- a/openstack/etc/glance/schema-image.json
+++ b/openstack/usr/share/openstack/glance/schema-image.json
diff --git a/openstack/usr/share/openstack/openstack-glance-setup b/openstack/usr/share/openstack/openstack-glance-setup
deleted file mode 100644
index 1363a7b7..00000000
--- a/openstack/usr/share/openstack/openstack-glance-setup
+++ /dev/null
@@ -1,89 +0,0 @@
-#!/bin/sh
-#
-# Copyright (C) 2014 Codethink Limited
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-set -e
-
-# Create required system users and groups
-getent group glance >/dev/null || groupadd -r --gid 164 glance
-getent passwd glance >/dev/null || \
- useradd --uid 164 -r -g glance -d /var/lib/glance -s /sbin/nologin \
- -c "OpenStack Glance Daemons" glance
-
-# Create required keystone tenants, users and roles
-export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN##
-export OS_SERVICE_ENDPOINT='http://onenode:35357/v2.0'
-
-keystone user-create --name ##GLANCE_SERVICE_USER## --pass ##GLANCE_SERVICE_PASSWORD##
-keystone user-role-add --tenant service --user ##GLANCE_SERVICE_USER## --role admin
-
-keystone service-create --name glance --type image --description "OpenStack Image Service"
-keystone endpoint-create --service-id $(keystone service-list | awk '/ image / {print $2}') \
- --publicurl ##GLANCE_PUBLIC_URL## \
- --internalurl ##GLANCE_INTERNAL_URL## \
- --adminurl ##GLANCE_ADMIN_URL##
-
-# Create run directory for glance
-if [ ! -d /var/run/glance ]; then
- mkdir -p /var/run/glance
- chown -R glance:glance /var/run/glance
-fi
-
-# Create the lock directory for glance
-if [ ! -d /var/lock/glance ]; then
- mkdir -p /var/lock/glance
- chown -R glance:glance /var/lock/glance
-fi
-
-# Create the log directory for glance
-if [ ! -d /var/log/glance ]; then
- mkdir -p /var/log/glance
- chown -R glance:glance /var/log/glance
-fi
-
-# Setup the glance database
-if ! sudo -u postgres psql -lqt | grep -q glance; then
- # Create posgreSQL user
- sudo -u postgres createuser \
- --pwprompt --encrypted \
- --no-adduser --no-createdb \
- --no-password \
- ##GLANCE_DB_USER##
-
- sudo -u postgres createdb \
- --owner=##GLANCE_DB_USER## \
- glance
-
- sudo -u glance glance-manage db_sync
-fi
-
-chown -R glance:glance /var/lib/glance
-
-# Remove the one-shot setup service
-rm /etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service
-
-# Start glance services
-systemctl start openstack-glance-api
-systemctl start openstack-glance-registry
-
-# Create the links to run glance services when system start next times.
-ln -s "/etc/systemd/system/openstack-glance-api.service" \
- "/etc/systemd/system/multi-user.target.wants/openstack-glance-api.service"
-
-ln -s "/etc/systemd/system/openstack-glance-registry.service" \
- "/etc/systemd/system/multi-user.target.wants/openstack-glance-registry.service"
-
-exit 0