summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPedro Alvarez <pedro.alvarez@codethink.co.uk>2015-03-27 12:24:04 +0000
committerRichard Ipsum <richardipsum@fastmail.co.uk>2015-04-10 20:17:46 +0100
commitd11285a7fdda820fd4d398ede0ae25d6364e7049 (patch)
tree0e729f9adfc57306ad0039c193e0a899340e2f08
parent7162dffed084e501bdd5cee6492540f2b5e02732 (diff)
downloaddefinitions-d11285a7fdda820fd4d398ede0ae25d6364e7049.tar.gz
nova: Move setup scripts to Ansible.
Also change systemd units and configure extension to match this change
-rw-r--r--openstack-nova.configure97
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-setup.service6
-rw-r--r--openstack/usr/share/openstack/nova.yml73
-rw-r--r--openstack/usr/share/openstack/openstack-nova-setup115
4 files changed, 149 insertions, 142 deletions
diff --git a/openstack-nova.configure b/openstack-nova.configure
index b3268fe7..ab05f9e0 100644
--- a/openstack-nova.configure
+++ b/openstack-nova.configure
@@ -20,29 +20,6 @@ set -e
ROOT="$1"
##########################################################################
-# Substitutions in configuration files
-##########################################################################
-
-cat <<EOF > "$ROOT"/etc/openstack-nova-setup.sed
-s/##NOVA_SERVICE_USER##/$NOVA_SERVICE_USER/g
-s/##NOVA_SERVICE_PASSWORD##/$NOVA_SERVICE_PASSWORD/g
-s/##NOVA_PUBLIC_URL##/$NOVA_PUBLIC_URL/g
-s/##NOVA_INTERNAL_URL##/$NOVA_INTERNAL_URL/g
-s/##NOVA_ADMIN_URL##/$NOVA_ADMIN_URL/g
-s/##NOVA_HOST##/$NOVA_HOST/g
-s/##NOVA_REGION##/$NOVA_REGION/g
-s/##NOVA_NOVNCPROXY_BASE_URL##/$NOVA_NOVNCPROXY_BASE_URL/g
-s/##NOVA_DB_USER##/$NOVA_DB_USER/g
-s/##NOVA_DB_PASSWORD##/$NOVA_DB_PASSWORD/g
-EOF
-
-sed -f "$ROOT"/etc/openstack-nova-setup.sed -i \
- "$ROOT"/etc/nova/nova.conf \
- "$ROOT"/etc/neutron/neutron.conf \
- "$ROOT"/etc/neutron/metadata_agent.ini \
- "$ROOT"/usr/share/openstack/openstack-nova-setup
-
-##########################################################################
ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \
"$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service"
@@ -63,3 +40,77 @@ ln -sf ../libvirtd.service "$wants_dir/libvirtd.service"
sed -i "s/192\.168\.122\./192\.168\.1\./g" \
"$ROOT"/etc/libvirt/qemu/networks/default.xml
+
+##########################################################################
+# Check variables
+##########################################################################
+
+
+if [ -z "$NOVA_SERVICE_USER" -a \
+ -z "$NOVA_SERVICE_PASSWORD" -a \
+ -z "$NOVA_DB_USER" -a \
+ -z "$NOVA_DB_PASSWORD" -a \
+ -z "$NOVA_VIRT_TYPE" -a \
+ -z "$NEUTRON_SERVICE_USER" -a \
+ -z "$NEUTRON_SERVICE_PASSWORD" -a \
+ -z "$METADATA_PROXY_SHARED_SECRET" -a \
+ -z "$RABBITMQ_HOST" -a \
+ -z "$RABBITMQ_USER" -a \
+ -z "$RABBITMQ_PASSWORD" -a \
+ -z "$RABBITMQ_PORT" -a \
+ -z "$CONTROLLER_HOST_ADDRESS" -a \
+ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \
+ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then
+ # No NOVA options defined, do nothing.
+ exit 0
+fi
+
+if [ -z "$NOVA_SERVICE_USER" -o \
+ -z "$NOVA_SERVICE_PASSWORD" -o \
+ -z "$NOVA_DB_USER" -o \
+ -z "$NOVA_DB_PASSWORD" -o \
+ -z "$NOVA_VIRT_TYPE" -o \
+ -z "$NEUTRON_SERVICE_USER" -o \
+ -z "$NEUTRON_SERVICE_PASSWORD" -o \
+ -z "$METADATA_PROXY_SHARED_SECRET" -o \
+ -z "$RABBITMQ_HOST" -o \
+ -z "$RABBITMQ_USER" -o \
+ -z "$RABBITMQ_PASSWORD" -o \
+ -z "$RABBITMQ_PORT" -o \
+ -z "$CONTROLLER_HOST_ADDRESS" -o \
+ -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \
+ -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then
+ echo Some options required for Nova were defined, but not all.
+ exit 1
+fi
+
+##########################################################################
+# Generate config variable shell snippet
+##########################################################################
+
+OPENSTACK_DATA="$ROOT/etc/openstack"
+mkdir -p "$OPENSTACK_DATA"
+
+python <<'EOF' >"$OPENSTACK_DATA/nova.conf"
+import os, sys, yaml
+
+nova_configuration={
+ 'NOVA_SERVICE_USER': os.environ['NOVA_SERVICE_USER'],
+ 'NOVA_SERVICE_PASSWORD': os.environ['NOVA_SERVICE_PASSWORD'],
+ 'NOVA_DB_USER': os.environ['NOVA_DB_USER'],
+ 'NOVA_DB_PASSWORD': os.environ['NOVA_DB_PASSWORD'],
+ 'NOVA_VIRT_TYPE': os.environ['NOVA_VIRT_TYPE'],
+ 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'],
+ 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'],
+ 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'],
+ 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'],
+ 'RABBITMQ_USER': os.environ['RABBITMQ_USER'],
+ 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'],
+ 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'],
+ 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'],
+ 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'],
+ 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'],
+}
+
+yaml.dump(nova_configuration, sys.stdout, default_flow_style=False)
+EOF
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-setup.service
index e7a9136f..a4ad6ae7 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-setup.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-setup.service
@@ -1,11 +1,9 @@
[Unit]
-Description=Run openstack-nova-setup (once)
+Description=Run nova-setup Ansible scripts
After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service
[Service]
-Type=oneshot
-ExecStart=/usr/share/openstack/openstack-nova-setup
-Restart=no
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml
[Install]
WantedBy=multi-user.target
diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml
new file mode 100644
index 00000000..947df037
--- /dev/null
+++ b/openstack/usr/share/openstack/nova.yml
@@ -0,0 +1,73 @@
+---
+- hosts: localhost
+ vars_files:
+ - "/etc/openstack/nova.conf"
+ tasks:
+ - name: Create the nova user.
+ user: name=nova comment="Openstack Nova Daemons" shell=/sbin/nologin home=/var/lib/nova groups=libvirt append=yes
+
+ - name: Create the /var folders for nova
+ file: path={{ item }} state=directory owner=nova group=nova
+ with_items:
+ - /var/run/nova
+ - /var/lock/nova
+ - /var/log/nova
+ - /var/lib/nova
+ - /var/lib/nova/instances
+
+ - file: path=/etc/nova state=directory
+ - name: Add the configuration needed for nova in /etc/nova using templates
+ template: src=/usr/share/openstack/nova/{{ item }} dest=/etc/nova/{{ item }}
+ with_lines:
+ - (cd /usr/share/openstack/nova && find -type f)
+
+ - keystone_user: >
+ user={{ NOVA_SERVICE_USER }}
+ password={{ NOVA_SERVICE_PASSWORD }}
+ tenant=service
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - keystone_user: >
+ role=admin
+ user={{ NOVA_SERVICE_USER }}
+ tenant=service
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - keystone_service: >
+ name=nova
+ type=compute
+ description="Openstack Compute Service"
+ publicurl='http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ internalurl='http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ adminurl='http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s'
+ region='regionOne'
+ token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}
+
+ - postgresql_user: name={{ NOVA_DB_USER }} login_host={{ CONTROLLER_HOST_ADDRESS }} password={{ NOVA_DB_PASSWORD }}
+ sudo: yes
+ sudo_user: nova
+ - postgresql_db: name=nova owner={{ NOVA_DB_USER }} login_host={{ CONTROLLER_HOST_ADDRESS }}
+ sudo: yes
+ sudo_user: nova
+
+ - nova_manage: action=dbsync
+ sudo: yes
+ sudo_user: nova
+
+
+
+# [1] Never enable openstack-nova-conductor service in a node with
+# openstack-nova-compute or the security benefits of removing
+# database access from nova-compute will be negated
+#systemctl start openstack-nova-conductor
+ - name: Enable and start openstack-nova services
+ service: name={{ item }} enabled=yes state=started
+ with_items:
+ - openstack-nova-api.service
+ - openstack-nova-cert.service
+ - openstack-nova-compute.service
+ - openstack-nova-consoleauth.service
+ - openstack-nova-novncproxy.service
+ - openstack-nova-scheduler.service
+ - openstack-nova-serialproxy.service
+# - openstack-nova-conductor.service
diff --git a/openstack/usr/share/openstack/openstack-nova-setup b/openstack/usr/share/openstack/openstack-nova-setup
deleted file mode 100644
index 86de2341..00000000
--- a/openstack/usr/share/openstack/openstack-nova-setup
+++ /dev/null
@@ -1,115 +0,0 @@
-#!/bin/sh
-#
-# Copyright (C) 2014 Codethink Limited
-#
-# This program is free software; you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation; version 2 of the License.
-#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
-#
-# You should have received a copy of the GNU General Public License along
-# with this program; if not, write to the Free Software Foundation, Inc.,
-# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
-
-set -e
-
-# Create required system users and groups
-
-getent group nova >/dev/null || groupadd -r --gid 162 nova
-getent passwd nova >/dev/null || \
- useradd --uid 162 -r -g nova -d /var/lib/nova -s /sbin/nologin \
- -c "OpenStack Nova Daemons" nova
-
-# Create the keystone user and services
-
-export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN##
-export OS_SERVICE_ENDPOINT='http://onenode:35357/v2.0'
-
-keystone user-create --name ##NOVA_SERVICE_USER## --pass ##NOVA_SERVICE_PASSWORD##
-keystone user-role-add --tenant service --user ##NOVA_SERVICE_USER## --role admin
-
-keystone service-create --name nova --type compute --description "OpenStack Compute Service"
-keystone endpoint-create --service-id $(keystone service-list | awk '/ compute / {print $2}') \
- --publicurl ##NOVA_PUBLIC_URL## \
- --internalurl ##NOVA_INTERNAL_URL## \
- --adminurl ##NOVA_ADMIN_URL## \
- --region ##NOVA_REGION##
-
-# Nova compute configuration
-if [ ! -d /var/run/nova ]; then
- mkdir -p /var/run/nova
- chown -R nova:nova /var/run/nova
-fi
-
-if [ ! -d /var/lock/nova ]; then
- mkdir -p /var/lock/nova
- chown -R nova:nova /var/lock/nova
-fi
-
-if [ ! -d /var/log/nova ]; then
- mkdir -p /var/log/nova
- chown -R nova:nova /var/log/nova
-fi
-
-if [ ! -d /var/lib/nova/instances ]; then
- mkdir /var/lib/nova/instances
- chown -R nova:nova /var/lib/nova/instances
-fi
-
-# Setup the nova database
-if ! sudo -u postgres psql -lqt | grep -q nova; then
- # Create posgreSQL user
- sudo -u postgres createuser \
- --pwprompt --encrypted \
- --no-adduser --no-createdb \
- --no-password \
- ##NOVA_DB_USER##
-
- sudo -u postgres createdb \
- --owner=##NOVA_DB_USER## \
- nova
-
- sudo -u nova nova-manage db sync
-fi
-
-# Nova novncproxy needs to know the ip of the novnc host
-# this is a workaround to make nova known which is the novnc host
-eth_ip="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^br-eth0" | head -1 | awk '{ print $2 } ')"
-sed -i "s/\#\#NOVNC_HOST\#\#/$eth_ip/g" /etc/nova/nova.conf
-
-chown -R nova:nova /var/lib/nova
-
-# Add nova to the libvirt group
-usermod -a -G libvirt nova
-
-# Check existence of Network Block Device module in the kernel
-# NOTE: modprobe does not work actually and returns always
-# failure, enable this check when modprobe is fixed.
-#modprobe nbd
-
-# Remove the one-shot setup service
-rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service
-
-# Start nova services
-# [1] Never enable openstack-nova-conductor service in a node with
-# openstack-nova-compute or the security benefits of removing
-# database access from nova-compute will be negated
-#systemctl start openstack-nova-conductor
-for service in compute api cert consoleauth scheduler novncproxy serialproxy; do
- systemctl start openstack-nova-$service.service
-done
-#systemctl start openstack-nova-xvpnvncproxy
-
-# Create the links to run nova services when system start next times.
-for service in compute api cert consoleauth scheduler novncproxy serialproxy; do
- systemctl enable openstack-nova-$service.service
-done
-# See description of why this shouldn't run in a openstack in one node in [1]
-#ln -s "/etc/systemd/system/openstack-nova-conductor.service" \
-# "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service"
-
-exit 0