summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorRichard Maw <richard.maw@codethink.co.uk>2015-04-14 18:54:57 (GMT)
committerTiago Gomes <tiago.gomes@codethink.co.uk>2015-04-16 16:34:49 (GMT)
commit220cea3ff220a969e449d43407e686987d117baf (patch)
treed28d95ac5925bbd1736691a45c9d62dc859e5b60
parent16feb3c5ddf4fe0068185db3ea809996e6f40c43 (diff)
downloaddefinitions-220cea3ff220a969e449d43407e686987d117baf.tar.gz
OpenStack: Split nova into control and compute
This adds NOVA_ENABLE_{CONTROLLER,COMPUTE}. Both are enabled by deafult, but if CONTROLLER is enabled but COMPUTE isn't, then the conductor service is enabled. Change-Id: I523a7270d4afdcd1e2a30eaac42ea499581fe971
-rw-r--r--clusters/openstack-installer.morph4
-rw-r--r--openstack-nova.configure86
-rw-r--r--openstack/manifest6
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-api.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-cert.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-compute.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-conductor.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-config-setup.service (renamed from openstack/usr/lib/systemd/system/openstack-nova-setup.service)6
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-db-setup.service11
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-scheduler.service3
-rw-r--r--openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service3
-rw-r--r--openstack/usr/share/openstack/nova-config.yml34
-rw-r--r--openstack/usr/share/openstack/nova-db.yml (renamed from openstack/usr/share/openstack/nova.yml)51
15 files changed, 137 insertions, 85 deletions
diff --git a/clusters/openstack-installer.morph b/clusters/openstack-installer.morph
index 5cc7c5d..2f2cbd0 100644
--- a/clusters/openstack-installer.morph
+++ b/clusters/openstack-installer.morph
@@ -77,6 +77,8 @@ systems:
NEUTRON_ENABLE_AGENT: False
NEUTRON_ENABLE_MANAGER: True
NEUTRON_ENABLE_CONTROLLER: False
+ NOVA_ENABLE_CONTROLLER: False
+ NOVA_ENABLE_COMPUTE: False
METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret
HOSTS_SELF: 10.24.1.83 threenode-network
HOSTS_NETWORK: 10.0.0.1 threenode-network.os-mgmt
@@ -113,6 +115,7 @@ systems:
NEUTRON_ENABLE_AGENT: False
NEUTRON_ENABLE_MANAGER: False
NEUTRON_ENABLE_CONTROLLER: True
+ NOVA_ENABLE_CONTROLLER: True
METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret
HOSTS_SELF: 10.0.0.2 threenode-controller
EXTERNAL_INTERFACE: enp2s0
@@ -145,6 +148,7 @@ systems:
NEUTRON_ENABLE_AGENT: True
NEUTRON_ENABLE_MANAGER: False
NEUTRON_ENABLE_CONTROLLER: False
+ NOVA_ENABLE_COMPUTE: True
METADATA_PROXY_SHARED_SECRET: novaneutronmetasecret
HOSTS_SELF: 10.0.0.3 threenode-compute
EXTERNAL_INTERFACE: eno1
diff --git a/openstack-nova.configure b/openstack-nova.configure
index 3605f8b..b1ad237 100644
--- a/openstack-nova.configure
+++ b/openstack-nova.configure
@@ -18,27 +18,10 @@ set -e
ROOT="$1"
-##########################################################################
-
-ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \
- "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service"
-
-##########################################################################
-# Enable libvirtd and libvirt-guests services
-##########################################################################
-
-wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants
-mkdir -p "$wants_dir"
-mkdir -p "$ROOT"/var/lock/subsys
-ln -sf ../libvirtd.service "$wants_dir/libvirtd.service"
-
-##########################################################################
-# Change iprange for the interal libvirt to avoid clashes
-# with eth0 ip range
-##########################################################################
-
-sed -i "s/192\.168\.122\./192\.168\.1\./g" \
- "$ROOT"/etc/libvirt/qemu/networks/default.xml
+enable(){
+ ln -sf "/usr/lib/systemd/system/openstack-nova-$1.service" \
+ "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-$1.service"
+}
##########################################################################
# Check variables
@@ -83,6 +66,67 @@ if [ -z "$NOVA_SERVICE_USER" -o \
exit 1
fi
+# Check optional variables
+
+unnaceptable(){
+ eval echo Unexpected value \$$1 for $1 >&2
+ exit 1
+}
+
+check_bool(){
+ case "$(eval echo \"\$$1\")" in
+ True|'')
+ eval "$1=true"
+ ;;
+ False)
+ eval "$1=false"
+ ;;
+ *)
+ unnaceptable "$1"
+ ;;
+ esac
+}
+
+check_bool NOVA_ENABLE_CONTROLLER
+check_bool NOVA_ENABLE_COMPUTE
+
+###############################################
+# Enable libvirtd and libvirt-guests services #
+###############################################
+
+wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants
+mkdir -p "$wants_dir"
+mkdir -p "$ROOT"/var/lock/subsys
+ln -sf ../libvirtd.service "$wants_dir/libvirtd.service"
+
+######################################
+# Enable relevant openstack services #
+######################################
+
+if "$NOVA_ENABLE_CONTROLLER" || "$NOVA_ENABLE_COMPUTE"; then
+ enable config-setup
+fi
+if "$NOVA_ENABLE_CONTROLLER" && ! "$NOVA_ENABLE_COMPUTE"; then
+ enable conductor
+fi
+if "$NOVA_ENABLE_COMPUTE"; then
+ enable compute
+fi
+if "$NOVA_ENABLE_CONTROLLER"; then
+ for service in db-setup api cert consoleauth novncproxy scheduler serialproxy; do
+ enable "$service"
+ done
+fi
+
+##########################################################################
+# Change iprange for the interal libvirt to avoid clashes
+# with eth0 ip range
+##########################################################################
+
+sed -i "s/192\.168\.122\./192\.168\.1\./g" \
+ "$ROOT"/etc/libvirt/qemu/networks/default.xml
+
+
##########################################################################
# Generate configuration file
##########################################################################
diff --git a/openstack/manifest b/openstack/manifest
index 8911abb..4657d21 100644
--- a/openstack/manifest
+++ b/openstack/manifest
@@ -99,7 +99,8 @@
0040755 0 0 /usr/share/openstack/neutron/plugins/vmware
0100644 0 0 /usr/share/openstack/neutron/plugins/vmware/nsx.ini
0040755 0 0 /usr/share/openstack/nova
-0100644 0 0 /usr/share/openstack/nova.yml
+0100644 0 0 /usr/share/openstack/nova-config.yml
+0100644 0 0 /usr/share/openstack/nova-db.yml
0100644 0 0 /usr/share/openstack/nova/logging.conf
0100644 0 0 /usr/share/openstack/nova/nova.conf
0100644 0 0 /usr/share/openstack/nova/nova-compute.conf
@@ -131,7 +132,8 @@
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-ovs-cleanup.service
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-dhcp-agent.service
0100644 0 0 /usr/lib/systemd/system/openstack-neutron-l3-agent.service
-0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-config-setup.service
+0100644 0 0 /usr/lib/systemd/system/openstack-nova-db-setup.service
0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service
0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service
0100644 0 0 /usr/lib/systemd/system/openstack-nova-api.service
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service
index 8ee9cef..d06afca 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-api.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Compute Service (code-named Nova) API server
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service
index b2a2e1c..418b060 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-cert.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Nova Cert
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service
index 95a3a87..c9c6924 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-compute.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Compute Service (code-named Nova) compute server
-After=syslog.target network-online.target libvirtd.service
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
Requires=libvirtd.service
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service
index 1d2ece6..bf8e063 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service
@@ -1,6 +1,7 @@
[Unit]
Description=Database-access support for Compute nodes (nova-conductor)
-After=syslog.target network-online.target libvirtd.service
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target libvirtd.service openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
Requires=libvirtd.service
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service
index a4ad6ae..0ba467a 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-setup.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-config-setup.service
@@ -1,9 +1,9 @@
[Unit]
-Description=Run nova-setup Ansible scripts
-After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service
+Description=Run nova-config-setup Ansible scripts
+ConditionPathExists=/etc/openstack/neutron.conf
[Service]
-ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-config.yml
[Install]
WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service
index 66442d1..6860735 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service
@@ -1,6 +1,7 @@
[Unit]
Description=Openstack Console Auth (nova-consoleauth)
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service
new file mode 100644
index 0000000..ebe7e2b
--- /dev/null
+++ b/openstack/usr/lib/systemd/system/openstack-nova-db-setup.service
@@ -0,0 +1,11 @@
+[Unit]
+Description=Run nova-db-setup Ansible scripts
+ConditionPathExists=/etc/openstack/neutron.conf
+After=postgres-server.service openstack-keystone.service openstack-keystone-setup.service
+Wants=postgres-server.service openstack-keystone.service
+
+[Service]
+ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova-db.yml
+
+[Install]
+WantedBy=multi-user.target
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service
index 597f357..ecdadde 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Nova NoVNC proxy
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service
index d317b62..9009d49 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Nova Scheduler
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service
index 2d95c1f..5f5a5b4 100644
--- a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service
+++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service
@@ -1,6 +1,7 @@
[Unit]
Description=OpenStack Nova Serial Proxy
-After=syslog.target network-online.target
+ConditionPathExists=/etc/nova/nova.conf
+After=network-online.target openstack-nova-config-setup.service openstack-nova-db-setup.service
Wants=network-online.target
[Service]
diff --git a/openstack/usr/share/openstack/nova-config.yml b/openstack/usr/share/openstack/nova-config.yml
new file mode 100644
index 0000000..4f43db3
--- /dev/null
+++ b/openstack/usr/share/openstack/nova-config.yml
@@ -0,0 +1,34 @@
+---
+- hosts: localhost
+ vars_files:
+ - "/etc/openstack/nova.conf"
+ tasks:
+ - name: Create the nova user.
+ user:
+ name: nova
+ comment: Openstack Nova Daemons
+ shell: /sbin/nologin
+ home: /var/lib/nova
+ groups: libvirt
+ append: yes
+
+ - name: Create the /var folders for nova
+ file:
+ path: "{{ item }}"
+ state: directory
+ owner: nova
+ group: nova
+ with_items:
+ - /var/run/nova
+ - /var/lock/nova
+ - /var/log/nova
+ - /var/lib/nova
+ - /var/lib/nova/instances
+
+ - file: path=/etc/nova state=directory
+ - name: Add the configuration needed for nova in /etc/nova using templates
+ template:
+ src: /usr/share/openstack/nova/{{ item }}
+ dest: /etc/nova/{{ item }}
+ with_lines:
+ - cd /usr/share/openstack/nova && find -type f
diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova-db.yml
index c1122c6..e7dc5b1 100644
--- a/openstack/usr/share/openstack/nova.yml
+++ b/openstack/usr/share/openstack/nova-db.yml
@@ -3,36 +3,6 @@
vars_files:
- "/etc/openstack/nova.conf"
tasks:
- - name: Create the nova user.
- user:
- name: nova
- comment: Openstack Nova Daemons
- shell: /sbin/nologin
- home: /var/lib/nova
- groups: libvirt
- append: yes
-
- - name: Create the /var folders for nova
- file:
- path: "{{ item }}"
- state: directory
- owner: nova
- group: nova
- with_items:
- - /var/run/nova
- - /var/lock/nova
- - /var/log/nova
- - /var/lib/nova
- - /var/lib/nova/instances
-
- - file: path=/etc/nova state=directory
- - name: Add the configuration needed for nova in /etc/nova using templates
- template:
- src: /usr/share/openstack/nova/{{ item }}
- dest: /etc/nova/{{ item }}
- with_lines:
- - cd /usr/share/openstack/nova && find -type f
-
- name: Create nova service user in service tenant
keystone_user:
user: "{{ NOVA_SERVICE_USER }}"
@@ -79,24 +49,3 @@
action: dbsync
sudo: yes
sudo_user: nova
-
-
-
-# [1] Never enable openstack-nova-conductor service in a node with
-# openstack-nova-compute or the security benefits of removing
-# database access from nova-compute will be negated
-#systemctl start openstack-nova-conductor
- - name: Enable and start openstack-nova services
- service:
- name: "{{ item }}"
- enabled: yes
- state: started
- with_items:
- - openstack-nova-api.service
- - openstack-nova-cert.service
- - openstack-nova-compute.service
- - openstack-nova-consoleauth.service
- - openstack-nova-novncproxy.service
- - openstack-nova-scheduler.service
- - openstack-nova-serialproxy.service
-# - openstack-nova-conductor.service