diff options
Diffstat (limited to 'openstack/usr/share/openstack/openstack-nova-setup')
| -rw-r--r-- | openstack/usr/share/openstack/openstack-nova-setup | 133 |
1 files changed, 133 insertions, 0 deletions
diff --git a/openstack/usr/share/openstack/openstack-nova-setup b/openstack/usr/share/openstack/openstack-nova-setup new file mode 100644 index 00000000..7168e7c2 --- /dev/null +++ b/openstack/usr/share/openstack/openstack-nova-setup @@ -0,0 +1,133 @@ +#!/bin/sh +# +# Copyright (C) 2014 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + +set -e + +# Create required system users and groups + +getent group nova >/dev/null || groupadd -r --gid 162 nova +getent passwd nova >/dev/null || \ + useradd --uid 162 -r -g nova -d /var/lib/nova -s /sbin/nologin \ + -c "OpenStack Nova Daemons" nova + +# Create the keystone user and services + +export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN## +export OS_SERVICE_ENDPOINT='http://onenode:35357/v2.0' + +keystone user-create --name ##NOVA_SERVICE_USER## --pass ##NOVA_SERVICE_PASSWORD## +keystone user-role-add --tenant service --user ##NOVA_SERVICE_USER## --role admin + +keystone service-create --name nova --type compute --description "OpenStack Compute Service" +keystone endpoint-create --service-id $(keystone service-list | awk '/ compute / {print $2}') \ + --publicurl ##NOVA_PUBLIC_URL## \ + --internalurl ##NOVA_INTERNAL_URL## \ + --adminurl ##NOVA_ADMIN_URL## \ + --region ##NOVA_REGION## + +# Nova compute configuration +if [ ! -d /var/run/nova ]; then + mkdir -p /var/run/nova + chown -R nova:nova /var/run/nova +fi + +if [ ! -d /var/lock/nova ]; then + mkdir -p /var/lock/nova + chown -R nova:nova /var/lock/nova +fi + +if [ ! -d /var/log/nova ]; then + mkdir -p /var/log/nova + chown -R nova:nova /var/log/nova +fi + +if [ ! -d /var/lib/nova/instances ]; then + mkdir /var/lib/nova/instances + chown -R nova:nova /var/lib/nova/instances +fi + +# Setup the nova database +if ! sudo -u postgres psql -lqt | grep -q nova; then + # Create posgreSQL user + sudo -u postgres createuser \ + --pwprompt --encrypted \ + --no-adduser --no-createdb \ + --no-password \ + ##NOVA_DB_USER## + + sudo -u postgres createdb \ + --owner=##NOVA_DB_USER## \ + nova + + sudo -u nova nova-manage db sync +fi + +# Nova novncproxy needs /usr/share/novnc folder available +if [ ! -d /usr/share/novnc ]; then + mkdir /usr/share/novnc + chown -R nova:nova /usr/share/novnc +fi + +chown -R nova:nova /var/lib/nova + +# Add nova to the libvirt group +usermod -a -G libvirt nova + +# Check existence of Network Block Device module in the kernel +# NOTE: modprobe does not work actually and returns always +# failure, enable this check when modprobe is fixed. +#modprobe nbd + +# Remove the one-shot setup service +rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service + +# Start nova services +systemctl start openstack-nova-compute +# [1] Never enable openstack-nova-conductor service in a node with +# openstack-nova-compute or the security benefits of removing +# database access from nova-compute will be negated +#systemctl start openstack-nova-conductor +systemctl start openstack-nova-api +systemctl start openstack-nova-cert +systemctl start openstack-nova-consoleauth +systemctl start openstack-nova-scheduler +systemctl start openstack-nova-novncproxy +#systemctl start openstack-nova-xvpnvncproxy + +# Create the links to run nova services when system start next times. +ln -s "/etc/systemd/system/openstack-nova-compute.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service" +# See description of why this shouldn't run in a openstack in one node in [1] +#ln -s "/etc/systemd/system/openstack-nova-conductor.service" \ +# "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service" + +ln -s "/etc/systemd/system/openstack-nova-api.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-api.service" + +ln -s "/etc/systemd/system/openstack-nova-cert.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service" + +ln -s "/etc/systemd/system/openstack-nova-consoleauth.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service" + +ln -s "/etc/systemd/system/openstack-nova-scheduler.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service" + +ln -s "/etc/systemd/system/openstack-nova-novncproxy.service" \ + "/etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service" + +exit 0 |