From 5fec3bdcd0fc99a10ebd8fd4dfd6b88aaeffb5a6 Mon Sep 17 00:00:00 2001 From: Francisco Redondo Marchena Date: Wed, 21 Jan 2015 18:53:45 +0000 Subject: Setup cinder, glance, nova and keystone to use postgres instead of sqlite --- clusters/openstack-cluster.morph | 8 +++++ openstack-cinder.configure | 2 ++ openstack-glance.configure | 4 +++ openstack-keystone.configure | 2 ++ openstack-nova.configure | 3 +- openstack/etc/cinder/cinder.conf | 2 +- openstack/etc/glance/glance-api.conf | 2 +- openstack/etc/glance/glance-registry.conf | 2 +- openstack/etc/keystone/keystone.conf | 2 +- openstack/etc/nova/nova.conf | 3 +- .../system/openstack-keystone-setup.service | 4 +-- .../systemd/system/openstack-neutron-setup.service | 4 +-- openstack/manifest | 1 - .../usr/share/openstack/openstack-cinder-setup | 24 +++++++++++---- .../usr/share/openstack/openstack-glance-setup | 35 ++++++++++++++++++++-- .../usr/share/openstack/openstack-keystone-setup | 31 +++++++++++++++++-- openstack/usr/share/openstack/openstack-nova-setup | 16 ++++++++-- 17 files changed, 120 insertions(+), 25 deletions(-) diff --git a/clusters/openstack-cluster.morph b/clusters/openstack-cluster.morph index efd9c4c4..e05e54d0 100644 --- a/clusters/openstack-cluster.morph +++ b/clusters/openstack-cluster.morph @@ -22,6 +22,8 @@ systems: KEYSTONE_PUBLIC_URL: http:\/\/localhost:5000\/v2.0 KEYSTONE_INTERNAL_URL: http:\/\/localhost:5000\/v2.0 KEYSTONE_ADMIN_URL: http:\/\/localhost:35357\/v2.0 + KEYSTONE_DB_USER: keystoneDB + KEYSTONE_DB_PASSWORD: veryinsecure IDENTITY_URI: http:\/\/localhost:35357 OPENSTACK_AUTH_HOST: localhost OPENSTACK_AUTH_PORT: 35357 @@ -31,6 +33,8 @@ systems: GLANCE_INTERNAL_URL: http:\/\/localhost:9292 GLANCE_ADMIN_URL: http:\/\/localhost:9292 GLANCE_HOST: localhost + GLANCE_DB_USER: glanceDB + GLANCE_DB_PASSWORD: veryinsecure NOVA_HOST: 127.0.0.1 NOVA_SERVICE_USER: nova NOVA_SERVICE_PASSWORD: veryinsecure @@ -39,6 +43,8 @@ systems: NOVA_ADMIN_URL: \"http:\/\/localhost:8774\/v2\/\%\(tenant_id\)s\" NOVA_NOVNCPROXY_BASE_URL: http:\/\/localhost:6080\/vnc_auto.html NOVA_REGION: regionOne + NOVA_DB_USER: novaDB + NOVA_DB_PASSWORD: veryinsecure CINDER_USER: cinder CINDER_PASSWORD: veryinsecure CINDER_PUBLIC_URL: \"http:\/\/localhost:8776\/v1\/\%\(tenant_id\)s\" @@ -48,6 +54,8 @@ systems: CINDER_PUBLIC_URL_V2: \"http:\/\/localhost:8776\/v2\/\%\(tenant_id\)s\" CINDER_INTERNAL_URL_V2: \"http:\/\/localhost:8776\/v2\/\%\(tenant_id\)s\" CINDER_ADMIN_URL_V2: \"http:\/\/localhost:8776\/v2\/\%\(tenant_id\)s\" + CINDER_DB_USER: cinderDB + CINDER_DB_PASSWORD: veryinsecure NEUTRON_SERVICE_USER: neutron NEUTRON_SERVICE_PASSWORD: veryinsecure NEUTRON_DB_USER: neutronDB diff --git a/openstack-cinder.configure b/openstack-cinder.configure index 5688ee72..335ff512 100644 --- a/openstack-cinder.configure +++ b/openstack-cinder.configure @@ -33,6 +33,8 @@ s/##CINDER_USER_V2##/$CINDER_USER_V2/g s/##CINDER_PUBLIC_URL_V2##/$CINDER_PUBLIC_URL_V2/g s/##CINDER_INTERNAL_URL_V2##/$CINDER_INTERNAL_URL_V2/g s/##CINDER_ADMIN_URL_V2##/$CINDER_ADMIN_URL_V2/g +s/##CINDER_DB_USER##/$CINDER_DB_USER/g +s/##CINDER_DB_PASSWORD##/$CINDER_DB_PASSWORD/g EOF sed -f "$ROOT"/etc/openstack-cinder-setup.sed -i \ diff --git a/openstack-glance.configure b/openstack-glance.configure index a94de93a..6780a64a 100644 --- a/openstack-glance.configure +++ b/openstack-glance.configure @@ -29,6 +29,9 @@ s/##GLANCE_SERVICE_PASSWORD##/$GLANCE_SERVICE_PASSWORD/g s/##GLANCE_PUBLIC_URL##/$GLANCE_PUBLIC_URL/g s/##GLANCE_INTERNAL_URL##/$GLANCE_INTERNAL_URL/g s/##GLANCE_ADMIN_URL##/$GLANCE_ADMIN_URL/g +s/##GLANCE_HOST##/$GLANCE_HOST/g +s/##GLANCE_DB_USER##/$GLANCE_DB_USER/g +s/##GLANCE_DB_PASSWORD##/$GLANCE_DB_PASSWORD/g EOF sed -f "$ROOT"/etc/openstack-glance-setup.sed -i \ @@ -37,6 +40,7 @@ sed -f "$ROOT"/etc/openstack-glance-setup.sed -i \ "$ROOT"/etc/glance/glance-scrubber.conf \ "$ROOT"/etc/glance/glance-cache.conf \ "$ROOT"/etc/cinder/cinder.conf \ + "$ROOT"/etc/nova/nova.conf \ "$ROOT"/usr/share/openstack/openstack-glance-setup ########################################################################## diff --git a/openstack-keystone.configure b/openstack-keystone.configure index 7caaace2..0e7aa2cb 100644 --- a/openstack-keystone.configure +++ b/openstack-keystone.configure @@ -32,6 +32,8 @@ s/##KEYSTONE_ADMIN_URL##/$KEYSTONE_ADMIN_URL/g s/##OPENSTACK_AUTH_HOST##/$OPENSTACK_AUTH_HOST/g s/##OPENSTACK_AUTH_PORT##/$OPENSTACK_AUTH_PORT/g s/##IDENTITY_URI##/$IDENTITY_URI/g +s/##KEYSTONE_DB_USER##/$KEYSTONE_DB_USER/g +s/##KEYSTONE_DB_PASSWORD##/$KEYSTONE_DB_PASSWORD/g EOF sed -f "$ROOT"/etc/openstack-keystone-setup.sed -i \ diff --git a/openstack-nova.configure b/openstack-nova.configure index 842edbf4..83a9d401 100644 --- a/openstack-nova.configure +++ b/openstack-nova.configure @@ -31,8 +31,9 @@ s/##NOVA_INTERNAL_URL##/$NOVA_INTERNAL_URL/g s/##NOVA_ADMIN_URL##/$NOVA_ADMIN_URL/g s/##NOVA_HOST##/$NOVA_HOST/g s/##NOVA_REGION##/$NOVA_REGION/g -s/##GLANCE_HOST##/$GLANCE_HOST/g s/##NOVA_NOVNCPROXY_BASE_URL##/$NOVA_NOVNCPROXY_BASE_URL/g +s/##NOVA_DB_USER##/$NOVA_DB_USER/g +s/##NOVA_DB_PASSWORD##/$NOVA_DB_PASSWORD/g EOF sed -f "$ROOT"/etc/openstack-nova-setup.sed -i \ diff --git a/openstack/etc/cinder/cinder.conf b/openstack/etc/cinder/cinder.conf index e3bce41d..e849d42e 100644 --- a/openstack/etc/cinder/cinder.conf +++ b/openstack/etc/cinder/cinder.conf @@ -2363,7 +2363,7 @@ volume_group=cinder-volumes # Deprecated group/name - [DEFAULT]/sql_connection # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection -connection=sqlite:////var/lib/cinder/cinder.sqlite +connection=postgresql://##CINDER_DB_USER##:##CINDER_DB_PASSWORD##@127.0.0.1/cinder # The SQLAlchemy connection string to use to connect to the # slave database. (string value) diff --git a/openstack/etc/glance/glance-api.conf b/openstack/etc/glance/glance-api.conf index bec62075..709c9280 100644 --- a/openstack/etc/glance/glance-api.conf +++ b/openstack/etc/glance/glance-api.conf @@ -586,7 +586,7 @@ image_cache_dir = /var/lib/glance/image-cache/ # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = -connection=sqlite:////var/lib/glance/glance.sqlite +connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@127.0.0.1/glance # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To diff --git a/openstack/etc/glance/glance-registry.conf b/openstack/etc/glance/glance-registry.conf index 988c2e79..08a58922 100644 --- a/openstack/etc/glance/glance-registry.conf +++ b/openstack/etc/glance/glance-registry.conf @@ -99,7 +99,7 @@ limit_param_default = 25 # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection = -connection=sqlite:////var/lib/glance/glance.sqlite +connection=postgresql://##GLANCE_DB_USER##:##GLANCE_DB_PASSWORD##@127.0.0.1/glance # The SQL mode to be used for MySQL sessions. This option, # including the default, overrides any server-set SQL mode. To diff --git a/openstack/etc/keystone/keystone.conf b/openstack/etc/keystone/keystone.conf index 2295af56..ba837fd9 100644 --- a/openstack/etc/keystone/keystone.conf +++ b/openstack/etc/keystone/keystone.conf @@ -628,7 +628,7 @@ rpc_backend=rabbit # Deprecated group/name - [DATABASE]/sql_connection # Deprecated group/name - [sql]/connection #connection= -connection=sqlite:////var/lib/keystone/keystone.sqlite +connection=postgresql://##KEYSTONE_DB_USER##:##KEYSTONE_DB_PASSWORD##@127.0.0.1/keystone # The SQLAlchemy connection string to use to connect to the # slave database. (string value) diff --git a/openstack/etc/nova/nova.conf b/openstack/etc/nova/nova.conf index b669d2a0..35d103ef 100644 --- a/openstack/etc/nova/nova.conf +++ b/openstack/etc/nova/nova.conf @@ -365,8 +365,7 @@ vnc_keymap="en-us" # DATABASE # ############ [database] -connection=sqlite:////var/lib/nova/nova.sqlite - +connection=postgresql://##NOVA_DB_USER##:##NOVA_DB_PASSWORD##@127.0.0.1/nova ############# # CONDUCTOR # diff --git a/openstack/etc/systemd/system/openstack-keystone-setup.service b/openstack/etc/systemd/system/openstack-keystone-setup.service index 88e3c32e..e7b5377d 100644 --- a/openstack/etc/systemd/system/openstack-keystone-setup.service +++ b/openstack/etc/systemd/system/openstack-keystone-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run openstack-keystone-setup (once) -Requires=local-fs.target -After=local-fs.target +Requires=local-fs.target postgres-server.service +After=local-fs.target postgres-server.service [Service] Type=oneshot diff --git a/openstack/etc/systemd/system/openstack-neutron-setup.service b/openstack/etc/systemd/system/openstack-neutron-setup.service index ae6da897..c90e7122 100644 --- a/openstack/etc/systemd/system/openstack-neutron-setup.service +++ b/openstack/etc/systemd/system/openstack-neutron-setup.service @@ -1,7 +1,7 @@ [Unit] Description=Run openstack-neutron-setup (once) -Requires=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service postgres-server.service -After=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service postgres-server.service +Requires=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service +After=openstack-keystone-setup.service openstack-neutron-network-configuration-one-node.service [Service] Type=oneshot diff --git a/openstack/manifest b/openstack/manifest index c674fd38..a666ea8d 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -16,7 +16,6 @@ 0040755 0 0 /var/lib/glance/image-cache/invalid 0040755 0 0 /var/lib/glance/image-cache/queue 0040755 0 0 /var/lib/glance/images -0040755 0 0 /var/log/glance 0100644 0 0 /etc/glance/logging.conf 0100644 0 0 /etc/glance/glance-api.conf 0100644 0 0 /etc/glance/glance-registry.conf diff --git a/openstack/usr/share/openstack/openstack-cinder-setup b/openstack/usr/share/openstack/openstack-cinder-setup index f97853f6..ade53e92 100644 --- a/openstack/usr/share/openstack/openstack-cinder-setup +++ b/openstack/usr/share/openstack/openstack-cinder-setup @@ -66,18 +66,30 @@ if [ ! -d /var/log/cinder ]; then chown -R cinder:cinder /var/log/cinder fi -# Setup the cinder database -if [ ! -e /var/lib/cinder/cinder.sqlite ]; then - chown -R cinder:cinder /var/lib/cinder - sudo -u cinder cinder-manage db sync -fi - # Create the volumes directory for cinder if [ ! -d /var/lib/cinder/volumes ]; then mkdir -p /var/lib/cinder/volumes chown -R cinder:cinder /var/lib/cinder/volumes fi +# Setup the cinder database +if ! sudo -u postgres psql -lqt | grep -q cinder; then + # Create posgreSQL user + sudo -u postgres createuser \ + --pwprompt --encrypted \ + --no-adduser --no-createdb \ + --no-password \ + ##CINDER_DB_USER## + + sudo -u postgres createdb \ + --owner=##CINDER_DB_USER## \ + cinder + + sudo -u cinder cinder-manage db sync +fi + +chown -R cinder:cinder /var/lib/cinder + # This is only for testing purposes and we need to change it for # something more robust to deploy in production. # This also assumes that the user will add a second disk to its VM diff --git a/openstack/usr/share/openstack/openstack-glance-setup b/openstack/usr/share/openstack/openstack-glance-setup index 8a40de02..d9ee919e 100644 --- a/openstack/usr/share/openstack/openstack-glance-setup +++ b/openstack/usr/share/openstack/openstack-glance-setup @@ -36,13 +36,42 @@ keystone endpoint-create --service-id $(keystone service-list | awk '/ image / --internalurl ##GLANCE_INTERNAL_URL## \ --adminurl ##GLANCE_ADMIN_URL## -# Setup the glance database -if [ ! -e /var/lib/glance/glance.sqlite ]; then - chown -R glance:glance /var/lib/glance +# Create run directory for glance +if [ ! -d /var/run/glance ]; then + mkdir -p /var/run/glance + chown -R glance:glance /var/run/glance +fi + +# Create the lock directory for glance +if [ ! -d /var/lock/glance ]; then + mkdir -p /var/lock/glance + chown -R glance:glance /var/lock/glance +fi + +# Create the log directory for glance +if [ ! -d /var/log/glance ]; then + mkdir -p /var/log/glance chown -R glance:glance /var/log/glance +fi + +# Setup the glance database +if ! sudo -u postgres psql -lqt | grep -q glance; then + # Create posgreSQL user + sudo -u postgres createuser \ + --pwprompt --encrypted \ + --no-adduser --no-createdb \ + --no-password \ + ##GLANCE_DB_USER## + + sudo -u postgres createdb \ + --owner=##GLANCE_DB_USER## \ + glance + sudo -u glance glance-manage db_sync fi +chown -R glance:glance /var/lib/glance + # Remove the one-shot setup service rm /etc/systemd/system/multi-user.target.wants/openstack-glance-setup.service diff --git a/openstack/usr/share/openstack/openstack-keystone-setup b/openstack/usr/share/openstack/openstack-keystone-setup index 2e9a0dcb..9623f129 100644 --- a/openstack/usr/share/openstack/openstack-keystone-setup +++ b/openstack/usr/share/openstack/openstack-keystone-setup @@ -24,13 +24,40 @@ getent passwd keystone >/dev/null || \ useradd --uid 163 -r -g keystone -d /var/lib/keystone -s /sbin/nologin \ -c "OpenStack Keystone Daemons" keystone +# Keystone compute configuration +if [ ! -d /var/run/keystone ]; then + mkdir -p /var/run/keystone + chown -R keystone:keystone /var/run/keystone +fi + +if [ ! -d /var/lock/keystone ]; then + mkdir -p /var/lock/keystone + chown -R keystone:keystone /var/lock/keystone +fi + +if [ ! -d /var/log/keystone ]; then + mkdir -p /var/log/keystone + chown -R keystone:keystone /var/log/keystone +fi + # Setup the keystone database +if ! sudo -u postgres psql -lqt | grep -q keystone; then + # Create posgreSQL user + sudo -u postgres createuser \ + --pwprompt --encrypted \ + --no-adduser --no-createdb \ + --no-password \ + ##KEYSTONE_DB_USER## + + sudo -u postgres createdb \ + --owner=##KEYSTONE_DB_USER## \ + keystone -if [ ! -e /var/lib/keystone/keystone.sqlite ]; then - chown -R keystone:keystone /var/lib/keystone sudo -u keystone keystone-manage db_sync fi +chown -R keystone:keystone /var/lib/keystone + systemctl start openstack-keystone export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN## diff --git a/openstack/usr/share/openstack/openstack-nova-setup b/openstack/usr/share/openstack/openstack-nova-setup index 345d5585..796fbdf5 100644 --- a/openstack/usr/share/openstack/openstack-nova-setup +++ b/openstack/usr/share/openstack/openstack-nova-setup @@ -61,8 +61,18 @@ if [ ! -d /var/lib/nova/instances ]; then fi # Setup the nova database -if [ ! -e /var/lib/nova/nova.sqlite ]; then - chown -R nova:nova /var/lib/nova +if ! sudo -u postgres psql -lqt | grep -q nova; then + # Create posgreSQL user + sudo -u postgres createuser \ + --pwprompt --encrypted \ + --no-adduser --no-createdb \ + --no-password \ + ##NOVA_DB_USER## + + sudo -u postgres createdb \ + --owner=##NOVA_DB_USER## \ + nova + sudo -u nova nova-manage db sync fi @@ -72,6 +82,8 @@ if [ ! -d /usr/share/novnc ]; then chown -R nova:nova /usr/share/novnc fi +chown -R nova:nova /var/lib/nova + # Add nova to the libvirt group usermod -a -G libvirt nova -- cgit v1.2.1