diff options
-rw-r--r-- | openstack-cinder.configure | 104 | ||||
-rw-r--r-- | openstack/etc/cinder/rootwrap.conf | 27 | ||||
-rw-r--r-- | openstack/etc/cinder/rootwrap.d/volume.filters | 157 | ||||
-rw-r--r-- | openstack/etc/systemd/system/openstack-cinder-setup.service | 6 | ||||
-rw-r--r-- | openstack/manifest | 10 | ||||
-rw-r--r-- | openstack/usr/share/openstack/cinder.yml | 75 | ||||
-rw-r--r-- | openstack/usr/share/openstack/cinder/api-paste.ini (renamed from openstack/etc/cinder/api-paste.ini) | 0 | ||||
-rw-r--r-- | openstack/usr/share/openstack/cinder/cinder.conf (renamed from openstack/etc/cinder/cinder.conf) | 20 | ||||
-rw-r--r-- | openstack/usr/share/openstack/cinder/policy.json (renamed from openstack/etc/cinder/policy.json) | 0 | ||||
-rw-r--r-- | openstack/usr/share/openstack/openstack-cinder-setup | 132 |
10 files changed, 177 insertions, 354 deletions
diff --git a/openstack-cinder.configure b/openstack-cinder.configure index a32ee3be..50590037 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -20,28 +20,94 @@ set -e ROOT="$1" ########################################################################## -# Substitutions in configuration files + +ln -sf "/etc/systemd/system/openstack-cinder-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service" + +########################################################################## +# Check variables ########################################################################## -cat <<EOF > "$ROOT"/etc/openstack-cinder-setup.sed -s/##CINDER_USER##/$CINDER_USER/g -s/##CINDER_PASSWORD##/$CINDER_PASSWORD/g -s/##CINDER_PUBLIC_URL##/$CINDER_PUBLIC_URL/g -s/##CINDER_INTERNAL_URL##/$CINDER_INTERNAL_URL/g -s/##CINDER_ADMIN_URL##/$CINDER_ADMIN_URL/g -s/##CINDER_USER_V2##/$CINDER_USER_V2/g -s/##CINDER_PUBLIC_URL_V2##/$CINDER_PUBLIC_URL_V2/g -s/##CINDER_INTERNAL_URL_V2##/$CINDER_INTERNAL_URL_V2/g -s/##CINDER_ADMIN_URL_V2##/$CINDER_ADMIN_URL_V2/g -s/##CINDER_DB_USER##/$CINDER_DB_USER/g -s/##CINDER_DB_PASSWORD##/$CINDER_DB_PASSWORD/g -EOF +if [ -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -a \ + -z "$GLANCE_HOST" -a \ + -z "$CINDER_DB_USER" -a \ + -z "$CINDER_DB_PASSWORD" -a \ + -z "$CONTROLLER_HOST" -a \ + -z "$OPENSTACK_AUTH_HOST" -a \ + -z "$OPENSTACK_AUTH_PORT" -a \ + -z "$CINDER_USER" -a \ + -z "$CINDER_PASSWORD" -a \ + -z "$CINDER_DEVICE" -a \ + -z "$CINDER_PUBLIC_URL" -a \ + -z "$CINDER_INTERNAL_URL" -a \ + -z "$CINDER_ADMIN_URL" -a \ + -z "$CINDER_PUBLIC_URL_V2" -a \ + -z "$CINDER_INTERNAL_URL_V2" -a \ + -z "$CINDER_ADMIN_URL_V2" ]; then + # No Cinder options defined, do nothing. + exit 0 +fi -sed -f "$ROOT"/etc/openstack-cinder-setup.sed -i \ - "$ROOT"/etc/cinder/cinder.conf \ - "$ROOT"/usr/share/openstack/openstack-cinder-setup +if [ -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" -o \ + -z "$GLANCE_HOST" -o \ + -z "$CINDER_DB_USER" -o \ + -z "$CINDER_DB_PASSWORD" -o \ + -z "$CONTROLLER_HOST" -o \ + -z "$OPENSTACK_AUTH_HOST" -o \ + -z "$OPENSTACK_AUTH_PORT" -o \ + -z "$CINDER_USER" -o \ + -z "$CINDER_PASSWORD" -o \ + -z "$CINDER_DEVICE" -o \ + -z "$CINDER_PUBLIC_URL" -o \ + -z "$CINDER_INTERNAL_URL" -o \ + -z "$CINDER_ADMIN_URL" -o \ + -z "$CINDER_PUBLIC_URL_V2" -o \ + -z "$CINDER_INTERNAL_URL_V2" -o \ + -z "$CINDER_ADMIN_URL_V2" ]; then + echo Some options required for Cinder were defined, but not all. + exit 1 +fi ########################################################################## +# Generate config variable shell snippet +########################################################################## -ln -sf "/etc/systemd/system/openstack-cinder-setup.service" \ - "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service" +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/cinder.conf" +import os, sys, yaml + +cinder_configuration={ + 'RABBITMQ_HOST':os.environ['RABBITMQ_HOST'], + 'RABBITMQ_PORT':os.environ['RABBITMQ_PORT'], + 'RABBITMQ_USER':os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD':os.environ['RABBITMQ_PASSWORD'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN':os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], + 'GLANCE_HOST':os.environ['GLANCE_HOST'], + 'CINDER_DB_USER':os.environ['CINDER_DB_USER'], + 'CINDER_DB_PASSWORD':os.environ['CINDER_DB_PASSWORD'], + 'CONTROLLER_HOST':os.environ['CONTROLLER_HOST'], + 'OPENSTACK_AUTH_HOST':os.environ['OPENSTACK_AUTH_HOST'], + 'OPENSTACK_AUTH_PORT':os.environ['OPENSTACK_AUTH_PORT'], + 'CINDER_USER':os.environ['CINDER_USER'], + 'CINDER_PASSWORD':os.environ['CINDER_PASSWORD'], + 'CINDER_DEVICE':os.environ['CINDER_DEVICE'], + 'CINDER_PUBLIC_URL':os.environ['CINDER_PUBLIC_URL'], + 'CINDER_INTERNAL_URL':os.environ['CINDER_INTERNAL_URL'], + 'CINDER_ADMIN_URL':os.environ['CINDER_ADMIN_URL'], + 'CINDER_PUBLIC_URL_V2':os.environ['CINDER_PUBLIC_URL_V2'], + 'CINDER_INTERNAL_URL_V2':os.environ['CINDER_INTERNAL_URL_V2'], + 'CINDER_ADMIN_URL_V2':os.environ['CINDER_ADMIN_URL_V2'], +} + +yaml.dump(cinder_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/etc/cinder/rootwrap.conf b/openstack/etc/cinder/rootwrap.conf deleted file mode 100644 index 001b90af..00000000 --- a/openstack/etc/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, local0, local1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/openstack/etc/cinder/rootwrap.d/volume.filters b/openstack/etc/cinder/rootwrap.d/volume.filters deleted file mode 100644 index 2d23743f..00000000 --- a/openstack/etc/cinder/rootwrap.d/volume.filters +++ /dev/null @@ -1,157 +0,0 @@ -# cinder-rootwrap command filters for volume nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# cinder/volume/iscsi.py: iscsi_helper '--op' ... -ietadm: CommandFilter, ietadm, root -tgtadm: CommandFilter, tgtadm, root -tgt-admin: CommandFilter, tgt-admin, root -cinder-rtstool: CommandFilter, cinder-rtstool, root - -# LVM related show commands -pvs: EnvFilter, env, root, LC_ALL=C, pvs -vgs: EnvFilter, env, root, LC_ALL=C, vgs -lvs: EnvFilter, env, root, LC_ALL=C, lvs -lvdisplay: EnvFilter, env, root, LC_ALL=C, lvdisplay - -# cinder/volume/driver.py: 'lvcreate', '-L', sizestr, '-n', volume_name,.. -# cinder/volume/driver.py: 'lvcreate', '-L', ... -lvcreate: CommandFilter, lvcreate, root - -# cinder/volume/driver.py: 'dd', 'if=%s' % srcstr, 'of=%s' % deststr,... -dd: CommandFilter, dd, root - -# cinder/volume/driver.py: 'lvremove', '-f', %s/%s % ... -lvremove: CommandFilter, lvremove, root - -# cinder/volume/driver.py: 'lvrename', '%(vg)s', '%(orig)s' '(new)s'... -lvrename: CommandFilter, lvrename, root - -# cinder/volume/driver.py: 'lvextend', '-L' '%(new_size)s', '%(lv_name)s' ... -lvextend: CommandFilter, lvextend, root - -# cinder/brick/local_dev/lvm.py: 'lvchange -a y -K <lv>' -lvchange: CommandFilter, lvchange, root - -# cinder/volume/driver.py: 'iscsiadm', '-m', 'discovery', '-t',... -# cinder/volume/driver.py: 'iscsiadm', '-m', 'node', '-T', ... -iscsiadm: CommandFilter, iscsiadm, root - -# cinder/volume/drivers/lvm.py: 'shred', '-n3' -# cinder/volume/drivers/lvm.py: 'shred', '-n0', '-z', '-s%dMiB' -shred: CommandFilter, shred, root - -# cinder/volume/utils.py: utils.temporary_chown(path, 0) -chown: CommandFilter, chown, root - -# cinder/volume/utils.py: copy_volume(..., ionice='...') -ionice_1: ChainingRegExpFilter, ionice, root, ionice, -c[0-3], -n[0-7] -ionice_2: ChainingRegExpFilter, ionice, root, ionice, -c[0-3] - -# cinder/volume/utils.py: setup_blkio_cgroup() -cgcreate: CommandFilter, cgcreate, root -cgset: CommandFilter, cgset, root -cgexec: ChainingRegExpFilter, cgexec, root, cgexec, -g, blkio:\S+ - -# cinder/volume/driver.py -dmsetup: CommandFilter, dmsetup, root -ln: CommandFilter, ln, root - -# cinder/image/image_utils.py -qemu-img: EnvFilter, env, root, LC_ALL=C, qemu-img -qemu-img_convert: CommandFilter, qemu-img, root - -udevadm: CommandFilter, udevadm, root - -# cinder/volume/driver.py: utils.read_file_as_root() -cat: CommandFilter, cat, root - -# cinder/volume/nfs.py -stat: CommandFilter, stat, root -mount: CommandFilter, mount, root -df: CommandFilter, df, root -du: CommandFilter, du, root -truncate: CommandFilter, truncate, root -chmod: CommandFilter, chmod, root -rm: CommandFilter, rm, root - -# cinder/volume/drivers/netapp/nfs.py: -netapp_nfs_find: RegExpFilter, find, root, find, ^[/]*([^/\0]+(/+)?)*$, -maxdepth, \d+, -name, img-cache.*, -amin, \+\d+ - -# cinder/volume/drivers/glusterfs.py -chgrp: CommandFilter, chgrp, root -umount: CommandFilter, umount, root - -# cinder/volumes/drivers/hds/hds.py: -hus-cmd: CommandFilter, hus-cmd, root -hus-cmd_local: CommandFilter, /usr/local/bin/hus-cmd, root - -# cinder/volumes/drivers/hds/hnas_backend.py -ssc: CommandFilter, ssc, root - -# cinder/brick/initiator/connector.py: -ls: CommandFilter, ls, root -tee: CommandFilter, tee, root -multipath: CommandFilter, multipath, root -systool: CommandFilter, systool, root - -# cinder/volume/drivers/block_device.py -blockdev: CommandFilter, blockdev, root - -# cinder/volume/drivers/ibm/gpfs.py -mv: CommandFilter, mv, root -mmgetstate: CommandFilter, /usr/lpp/mmfs/bin/mmgetstate, root -mmclone: CommandFilter, /usr/lpp/mmfs/bin/mmclone, root -mmlsattr: CommandFilter, /usr/lpp/mmfs/bin/mmlsattr, root -mmchattr: CommandFilter, /usr/lpp/mmfs/bin/mmchattr, root -mmlsconfig: CommandFilter, /usr/lpp/mmfs/bin/mmlsconfig, root -mmlsfs: CommandFilter, /usr/lpp/mmfs/bin/mmlsfs, root -mmlspool: CommandFilter, /usr/lpp/mmfs/bin/mmlspool, root -mkfs: CommandFilter, mkfs, root - -# cinder/volume/drivers/ibm/gpfs.py -# cinder/volume/drivers/ibm/ibmnas.py -find_maxdepth_inum: RegExpFilter, find, root, find, ^[/]*([^/\0]+(/+)?)*$, -maxdepth, \d+, -inum, \d+ - -# cinder/brick/initiator/connector.py: -aoe-revalidate: CommandFilter, aoe-revalidate, root -aoe-discover: CommandFilter, aoe-discover, root -aoe-flush: CommandFilter, aoe-flush, root - -# cinder/brick/initiator/linuxscsi.py: -sg_scan: CommandFilter, sg_scan, root - -#cinder/backup/services/tsm.py -dsmc:CommandFilter,/usr/bin/dsmc,root - -# cinder/volume/drivers/hitachi/hbsd_horcm.py -raidqry: CommandFilter, raidqry, root -raidcom: CommandFilter, raidcom, root -pairsplit: CommandFilter, pairsplit, root -paircreate: CommandFilter, paircreate, root -pairdisplay: CommandFilter, pairdisplay, root -pairevtwait: CommandFilter, pairevtwait, root -horcmstart.sh: CommandFilter, horcmstart.sh, root -horcmshutdown.sh: CommandFilter, horcmshutdown.sh, root -horcmgr: EnvFilter, env, root, HORCMINST=, /etc/horcmgr - -# cinder/volume/drivers/hitachi/hbsd_snm2.py -auman: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auman -auluref: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auluref -auhgdef: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auhgdef -aufibre1: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/aufibre1 -auhgwwn: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auhgwwn -auhgmap: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auhgmap -autargetmap: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/autargetmap -aureplicationvvol: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/aureplicationvvol -auluadd: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auluadd -auludel: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auludel -auluchgsize: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auluchgsize -auchapuser: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auchapuser -autargetdef: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/autargetdef -autargetopt: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/autargetopt -autargetini: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/autargetini -auiscsi: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/auiscsi -audppool: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/audppool -aureplicationlocal: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/aureplicationlocal -aureplicationmon: EnvFilter, env, root, LANG=, STONAVM_HOME=, LD_LIBRARY_PATH=, STONAVM_RSP_PASS=, STONAVM_ACT=, /usr/stonavm/aureplicationmon diff --git a/openstack/etc/systemd/system/openstack-cinder-setup.service b/openstack/etc/systemd/system/openstack-cinder-setup.service index 2bd0a6bb..b166674b 100644 --- a/openstack/etc/systemd/system/openstack-cinder-setup.service +++ b/openstack/etc/systemd/system/openstack-cinder-setup.service @@ -1,11 +1,9 @@ [Unit] -Description=Run openstack-cinder-setup (once) +Description=Run cinder-setup Ansile scripts After=local-fs.target openstack-keystone-setup.service postgres-server.service [Service] -Type=oneshot -ExecStart=/usr/share/openstack/openstack-cinder-setup -Restart=no +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/cinder.yml [Install] WantedBy=multi-user.target diff --git a/openstack/manifest b/openstack/manifest index c1d9a4b0..df8f4863 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -1,5 +1,10 @@ 0040755 0 0 /usr/share/openstack 0100644 0 0 /usr/share/openstack/hosts +0040755 0 0 /usr/share/openstack/cinder +0100644 0 0 /usr/share/openstack/cinder.yml +0100644 0 0 /usr/share/openstack/cinder/cinder.conf +0100644 0 0 /usr/share/openstack/cinder/api-paste.ini +0100644 0 0 /usr/share/openstack/cinder/policy.json 0100644 0 0 /usr/share/openstack/glance.yml 0040755 0 0 /usr/share/openstack/glance 0100644 0 0 /usr/share/openstack/glance/logging.conf @@ -71,11 +76,6 @@ 0100755 0 0 /usr/share/openstack/openstack-rabbitmq-setup 0040755 0 0 /var/lib/rabbitmq 0040755 0 0 /var/lib/cinder -0040755 0 0 /etc/cinder -0100644 0 0 /etc/cinder/cinder.conf -0100644 0 0 /etc/cinder/api-paste.ini -0100644 0 0 /etc/cinder/policy.json -0100755 0 0 /usr/share/openstack/openstack-cinder-setup 0100644 0 0 /etc/systemd/system/openstack-cinder-setup.service 0100644 0 0 /etc/systemd/system/openstack-cinder-api.service 0100644 0 0 /etc/systemd/system/openstack-cinder-scheduler.service diff --git a/openstack/usr/share/openstack/cinder.yml b/openstack/usr/share/openstack/cinder.yml new file mode 100644 index 00000000..c926ea3b --- /dev/null +++ b/openstack/usr/share/openstack/cinder.yml @@ -0,0 +1,75 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/cinder.conf" + tasks: + - name: Create the cinder user. + user: name=cinder comment="Openstack Cinder Daemons" shell=/sbin/nologin home=/var/lib/cinder + + - name: Create the /var folders for cinder + file: path={{ item }} state=directory owner=cinder group=cinder + with_items: + - /var/run/cinder + - /var/lock/cinder + - /var/log/cinder + - /var/lib/cinder + - /var/lib/cinder/volumer + + - file: path=/etc/cinder state=directory + - name: Add the configuration needed for cinder in /etc/cinder using templates + template: src=/usr/share/openstack/cinder/{{ item }} dest=/etc/cinder/{{ item }} + with_lines: + - (cd /usr/share/openstack/cinder && find -type f) + + - keystone_user: > + user={{ CINDER_USER }} + password={{ CINDER_PASSWORD }} + tenant=service + token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }} + + - keystone_user: > + role=admin + user={{ CINDER_USER }} + tenant=service + token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }} + + - keystone_service: > + name=cinderv1 + type=volume + description="Openstack Block Storage" + publicurl={{ CINDER_PUBLIC_URL }} + internalurl={{ CINDER_INTERNAL_URL | default('http://127.0.0.1:8776/v1/%(tenant_id)s') }} + adminurl={{ CINDER_ADMIN_URL }} + region='RegionOne' + token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }} + + - keystone_service: > + name=cinderv2 + type=volume + description="Openstack Block Storage" + publicurl={{ CINDER_PUBLIC_URL_V2 }} + internalurl={{ CINDER_INTERNAL_URL_V2 | default('http://127.0.0.1:8776/v2/%(tenant_id)s') }} + adminurl={{ CINDER_ADMIN_URL_V2 }} + region='RegionOne' + token={{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }} + + - postgresql_user: name={{ CINDER_DB_USER }} + sudo: yes + sudo_user: cinder + - postgresql_db: name=cinder owner={{ CINDER_DB_USER }} + sudo: yes + sudo_user: cinder + + - cinder_manage: action=dbsync + sudo: yes + sudo_user: cinder + + - name: Enable and start openstack-cinder services + service: name={{ item }} enabled=yes state=started + with_items: + - openstack-cinder-api + - openstack-cinder-scheduler + - openstack-cinder-volume + - openstack-cinder-backup + + - lvg: vg=cinder-volumes pvs={{ CINDER_DEVICE }} diff --git a/openstack/etc/cinder/api-paste.ini b/openstack/usr/share/openstack/cinder/api-paste.ini index 31619fc8..31619fc8 100644 --- a/openstack/etc/cinder/api-paste.ini +++ b/openstack/usr/share/openstack/cinder/api-paste.ini diff --git a/openstack/etc/cinder/cinder.conf b/openstack/usr/share/openstack/cinder/cinder.conf index 764c08bc..b79a2ed4 100644 --- a/openstack/etc/cinder/cinder.conf +++ b/openstack/usr/share/openstack/cinder/cinder.conf @@ -77,11 +77,11 @@ state_path = /var/lib/cinder # The RabbitMQ broker address where a single node is used. # (string value) -rabbit_host=##RABBITMQ_HOST## +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -rabbit_port=##RABBITMQ_PORT## +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port @@ -90,10 +90,10 @@ rabbit_port=##RABBITMQ_PORT## #rabbit_use_ssl=false # The RabbitMQ userid. (string value) -rabbit_userid=##RABBITMQ_USER## +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -rabbit_password=##RABBITMQ_PASSWORD## +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -495,7 +495,7 @@ api_paste_config=api-paste.ini #state_path=/var/lib/cinder # IP address of this host (string value) -my_ip=##GLANCE_HOST## +my_ip={{ GLANCE_HOST }} # Default glance host name or IP (string value) glance_host=$my_ip @@ -2363,7 +2363,7 @@ volume_group=cinder-volumes # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -connection=postgresql://##CINDER_DB_USER##:##CINDER_DB_PASSWORD##@onenode/cinder +connection=postgresql://{{ CINDER_DB_USER }}:{{ CINDER_DB_PASSWORD }}@{{ CONTROLLER_HOST }}/cinder # The SQLAlchemy connection string to use to connect to the # slave database. (string value) @@ -2541,11 +2541,11 @@ connection=postgresql://##CINDER_DB_USER##:##CINDER_DB_PASSWORD##@onenode/cinder # Host providing the admin Identity API endpoint. Deprecated, # use identity_uri. (string value) -auth_host=##OPENSTACK_AUTH_HOST## +auth_host={{ OPENSTACK_AUTH_HOST }} # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) -auth_port=##OPENSTACK_AUTH_PORT## +auth_port={{ OPENSTACK_AUTH_PORT }} # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) @@ -2585,10 +2585,10 @@ auth_version=v2.0 #admin_token=<None> # Keystone account username (string value) -admin_user=##CINDER_USER## +admin_user={{ CINDER_USER }} # Keystone account password (string value) -admin_password=##CINDER_PASSWORD## +admin_password={{ CINDER_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) diff --git a/openstack/etc/cinder/policy.json b/openstack/usr/share/openstack/cinder/policy.json index 96f0a73b..96f0a73b 100644 --- a/openstack/etc/cinder/policy.json +++ b/openstack/usr/share/openstack/cinder/policy.json diff --git a/openstack/usr/share/openstack/openstack-cinder-setup b/openstack/usr/share/openstack/openstack-cinder-setup deleted file mode 100644 index eb97d55a..00000000 --- a/openstack/usr/share/openstack/openstack-cinder-setup +++ /dev/null @@ -1,132 +0,0 @@ -#!/bin/sh -# -# Copyright (C) 2014 Codethink Limited -# -# This program is free software; you can redistribute it and/or modify -# it under the terms of the GNU General Public License as published by -# the Free Software Foundation; version 2 of the License. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License along -# with this program; if not, write to the Free Software Foundation, Inc., -# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. - -set -e - -# Create required system users and groups - -getent group cinder >/dev/null || groupadd -r --gid 165 cinder -getent passwd cinder >/dev/null || \ - useradd --uid 165 -r -g cinder -d /var/lib/cinder -s /sbin/nologin \ - -c "OpenStack Cinder Daemons" cinder - -# Create the keystone user and services - -export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN## -export OS_SERVICE_ENDPOINT='http://onenode:35357/v2.0' - -keystone user-create --name ##CINDER_USER## --pass ##CINDER_PASSWORD## -keystone user-role-add --tenant service --user ##CINDER_USER## --role admin - -# Register the Block Storage service with the Identity service so other OpenStack services -# can locate it -keystone service-create --name ##CINDER_USER## --type volume --description "OpenStack Block Storage" -keystone endpoint-create --service-id $(keystone service-list | awk '/ volume / {print $2}') \ - --publicurl ##CINDER_PUBLIC_URL## \ - --internalurl ##CINDER_INTERNAL_URL## \ - --adminurl ##CINDER_ADMIN_URL## - -# Register a service and endpoint for version 2 of the Block Storage service API -keystone service-create --name ##CINDER_USER_V2## \ - --type volumev2 --description "OpenStack Block Storage" -keystone endpoint-create --service-id $(keystone service-list | awk '/ volumev2 / {print $2}') \ - --publicurl ##CINDER_PUBLIC_URL_V2## \ - --internalurl ##CINDER_INTERNAL_URL_V2## \ - --adminurl ##CINDER_ADMIN_URL_V2## - -# Create run directory for cinder -if [ ! -d /var/run/cinder ]; then - mkdir -p /var/run/cinder - chown -R cinder:cinder /var/run/cinder -fi - -# Create the lock directory for cinder -if [ ! -d /var/lock/cinder ]; then - mkdir -p /var/lock/cinder - chown -R cinder:cinder /var/lock/cinder -fi - -# Create the log directory for cinder -if [ ! -d /var/log/cinder ]; then - mkdir -p /var/log/cinder - chown -R cinder:cinder /var/log/cinder -fi - -# Create the volumes directory for cinder -if [ ! -d /var/lib/cinder/volumes ]; then - mkdir -p /var/lib/cinder/volumes - chown -R cinder:cinder /var/lib/cinder/volumes -fi - -# Setup the cinder database -if ! sudo -u postgres psql -lqt | grep -q cinder; then - # Create posgreSQL user - sudo -u postgres createuser \ - --pwprompt --encrypted \ - --no-adduser --no-createdb \ - --no-password \ - ##CINDER_DB_USER## - - sudo -u postgres createdb \ - --owner=##CINDER_DB_USER## \ - cinder - - sudo -u cinder cinder-manage db sync -fi - -chown -R cinder:cinder /var/lib/cinder - -# This is only for testing purposes and we need to change it for -# something more robust to deploy in production. -# This also assumes that the user will add a second disk to its VM -# and if it does not find sdb or vda it will fail. -if [ $(ls /sys/block | grep -v sda | grep [vs]d | wc -l) -ne 1 ]; then - echo "Error: More than one or none block device found, cinder will not be able to create a VG." - exit 1 -else - device=/dev/$(ls /sys/block | grep -v sda | grep [vs]d) -fi - -# Create a physical volume -pvcreate -ff -y $device - -# Create a volume group named "cinder-volumes" -vgcreate -y cinder-volumes $device - -# Remove the one-shot setup service -rm /etc/systemd/system/multi-user.target.wants/openstack-cinder-setup.service - -# Start cinder services -systemctl start openstack-cinder-api -systemctl start openstack-cinder-scheduler -systemctl start openstack-cinder-volume -systemctl start openstack-cinder-backup - -# Create the links to run nova services when system start next times. -ln -s "/etc/systemd/system/openstack-cinder-api.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-cinder-api.service" - -ln -s "/etc/systemd/system/openstack-cinder-scheduler.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-cinder-scheduler.service" - -ln -s "/etc/systemd/system/openstack-cinder-volume.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-cinder-volume.service" - -ln -s "/etc/systemd/system/openstack-cinder-backup.service" \ - "/etc/systemd/system/multi-user.target.wants/openstack-cinder-backup.service" - -exit 0 |