From eb5f7d081841925c5324411e6861119404e26a5d Mon Sep 17 00:00:00 2001 From: Pedro Alvarez Date: Tue, 14 Apr 2015 09:51:00 +0000 Subject: Openstack: Make Nova configurable Change-Id: Ia5e2450351359d35fd2aa37b75534178d8305936 Signed-off-by: Pedro Alvarez Signed-off-by: Francisco Redondo Marchena Signed-off-by: Richard Maw --- openstack-nova.configure | 115 +++++++++++++++++++++ openstack/manifest | 17 +++ .../lib/systemd/system/openstack-nova-api.service | 12 +++ .../lib/systemd/system/openstack-nova-cert.service | 12 +++ .../systemd/system/openstack-nova-compute.service | 13 +++ .../system/openstack-nova-conductor.service | 13 +++ .../system/openstack-nova-consoleauth.service | 12 +++ .../system/openstack-nova-novncproxy.service | 12 +++ .../system/openstack-nova-scheduler.service | 12 +++ .../system/openstack-nova-serialproxy.service | 12 +++ .../systemd/system/openstack-nova-setup.service | 9 ++ openstack/usr/share/openstack/nova.yml | 102 ++++++++++++++++++ .../usr/share/openstack/nova/nova-compute.conf | 4 + openstack/usr/share/openstack/nova/nova.conf | 112 ++++++++++---------- systems/openstack-system-x86_64.morph | 1 + 15 files changed, 404 insertions(+), 54 deletions(-) create mode 100644 openstack-nova.configure create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-api.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-cert.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-compute.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-conductor.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-scheduler.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service create mode 100644 openstack/usr/lib/systemd/system/openstack-nova-setup.service create mode 100644 openstack/usr/share/openstack/nova.yml create mode 100644 openstack/usr/share/openstack/nova/nova-compute.conf diff --git a/openstack-nova.configure b/openstack-nova.configure new file mode 100644 index 00000000..3605f8b9 --- /dev/null +++ b/openstack-nova.configure @@ -0,0 +1,115 @@ +#!/bin/sh + +# Copyright (C) 2014-2015 Codethink Limited +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program. If not, see . + +set -e + +ROOT="$1" + +########################################################################## + +ln -sf "/usr/lib/systemd/system/openstack-nova-setup.service" \ + "$ROOT/etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service" + +########################################################################## +# Enable libvirtd and libvirt-guests services +########################################################################## + +wants_dir="$ROOT"/usr/lib/systemd/system/multi-user.target.wants +mkdir -p "$wants_dir" +mkdir -p "$ROOT"/var/lock/subsys +ln -sf ../libvirtd.service "$wants_dir/libvirtd.service" + +########################################################################## +# Change iprange for the interal libvirt to avoid clashes +# with eth0 ip range +########################################################################## + +sed -i "s/192\.168\.122\./192\.168\.1\./g" \ + "$ROOT"/etc/libvirt/qemu/networks/default.xml + +########################################################################## +# Check variables +########################################################################## + + +if [ -z "$NOVA_SERVICE_USER" -a \ + -z "$NOVA_SERVICE_PASSWORD" -a \ + -z "$NOVA_DB_USER" -a \ + -z "$NOVA_DB_PASSWORD" -a \ + -z "$NOVA_VIRT_TYPE" -a \ + -z "$NEUTRON_SERVICE_USER" -a \ + -z "$NEUTRON_SERVICE_PASSWORD" -a \ + -z "$METADATA_PROXY_SHARED_SECRET" -a \ + -z "$RABBITMQ_HOST" -a \ + -z "$RABBITMQ_USER" -a \ + -z "$RABBITMQ_PASSWORD" -a \ + -z "$RABBITMQ_PORT" -a \ + -z "$CONTROLLER_HOST_ADDRESS" -a \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -a \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + # No NOVA options defined, do nothing. + exit 0 +fi + +if [ -z "$NOVA_SERVICE_USER" -o \ + -z "$NOVA_SERVICE_PASSWORD" -o \ + -z "$NOVA_DB_USER" -o \ + -z "$NOVA_DB_PASSWORD" -o \ + -z "$NOVA_VIRT_TYPE" -o \ + -z "$NEUTRON_SERVICE_USER" -o \ + -z "$NEUTRON_SERVICE_PASSWORD" -o \ + -z "$METADATA_PROXY_SHARED_SECRET" -o \ + -z "$RABBITMQ_HOST" -o \ + -z "$RABBITMQ_USER" -o \ + -z "$RABBITMQ_PASSWORD" -o \ + -z "$RABBITMQ_PORT" -o \ + -z "$CONTROLLER_HOST_ADDRESS" -o \ + -z "$MANAGEMENT_INTERFACE_IP_ADDRESS" -o \ + -z "$KEYSTONE_TEMPORARY_ADMIN_TOKEN" ]; then + echo Some options required for Nova were defined, but not all. + exit 1 +fi + +########################################################################## +# Generate configuration file +########################################################################## + +OPENSTACK_DATA="$ROOT/etc/openstack" +mkdir -p "$OPENSTACK_DATA" + +python <<'EOF' >"$OPENSTACK_DATA/nova.conf" +import os, sys, yaml + +nova_configuration={ + 'NOVA_SERVICE_USER': os.environ['NOVA_SERVICE_USER'], + 'NOVA_SERVICE_PASSWORD': os.environ['NOVA_SERVICE_PASSWORD'], + 'NOVA_DB_USER': os.environ['NOVA_DB_USER'], + 'NOVA_DB_PASSWORD': os.environ['NOVA_DB_PASSWORD'], + 'NOVA_VIRT_TYPE': os.environ['NOVA_VIRT_TYPE'], + 'NEUTRON_SERVICE_USER': os.environ['NEUTRON_SERVICE_USER'], + 'NEUTRON_SERVICE_PASSWORD': os.environ['NEUTRON_SERVICE_PASSWORD'], + 'METADATA_PROXY_SHARED_SECRET': os.environ['METADATA_PROXY_SHARED_SECRET'], + 'RABBITMQ_HOST': os.environ['RABBITMQ_HOST'], + 'RABBITMQ_USER': os.environ['RABBITMQ_USER'], + 'RABBITMQ_PASSWORD': os.environ['RABBITMQ_PASSWORD'], + 'RABBITMQ_PORT': os.environ['RABBITMQ_PORT'], + 'CONTROLLER_HOST_ADDRESS': os.environ['CONTROLLER_HOST_ADDRESS'], + 'MANAGEMENT_INTERFACE_IP_ADDRESS': os.environ['MANAGEMENT_INTERFACE_IP_ADDRESS'], + 'KEYSTONE_TEMPORARY_ADMIN_TOKEN': os.environ['KEYSTONE_TEMPORARY_ADMIN_TOKEN'], +} + +yaml.dump(nova_configuration, sys.stdout, default_flow_style=False) +EOF diff --git a/openstack/manifest b/openstack/manifest index 02155ed2..6876f1ba 100644 --- a/openstack/manifest +++ b/openstack/manifest @@ -22,6 +22,14 @@ 0100644 0 0 /usr/share/openstack/keystone/keystone.conf 0100644 0 0 /usr/share/openstack/keystone/policy.json 0100644 0 0 /usr/share/openstack/keystone/keystone-paste.ini +0040755 0 0 /usr/share/openstack/nova +0100644 0 0 /usr/share/openstack/nova.yml +0100644 0 0 /usr/share/openstack/nova/logging.conf +0100644 0 0 /usr/share/openstack/nova/nova.conf +0100644 0 0 /usr/share/openstack/nova/nova-compute.conf +0100644 0 0 /usr/share/openstack/nova/policy.json +0100644 0 0 /usr/share/openstack/nova/cells.json +0100644 0 0 /usr/share/openstack/nova/api-paste.ini 0040755 0 0 /usr/share/openstack/postgres 0100644 0 0 /usr/share/openstack/postgres/pg_hba.conf 0100644 0 0 /usr/share/openstack/postgres/postgresql.conf @@ -33,6 +41,15 @@ 0100644 0 0 /usr/lib/systemd/system/openstack-glance-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-api.service 0100644 0 0 /usr/lib/systemd/system/openstack-glance-registry.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-setup.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-compute.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-conductor.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-api.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-scheduler.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-consoleauth.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-novncproxy.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-cert.service +0100644 0 0 /usr/lib/systemd/system/openstack-nova-serialproxy.service 0100644 0 0 /usr/lib/systemd/system/rabbitmq-server.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-setup.service 0100644 0 0 /usr/lib/systemd/system/openstack-cinder-api.service diff --git a/openstack/usr/lib/systemd/system/openstack-nova-api.service b/openstack/usr/lib/systemd/system/openstack-nova-api.service new file mode 100644 index 00000000..8ee9cefa --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-api.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Compute Service (code-named Nova) API server +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-api --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-cert.service b/openstack/usr/lib/systemd/system/openstack-nova-cert.service new file mode 100644 index 00000000..b2a2e1cc --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-cert.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Cert +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-cert --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-compute.service b/openstack/usr/lib/systemd/system/openstack-nova-compute.service new file mode 100644 index 00000000..95a3a872 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-compute.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Compute Service (code-named Nova) compute server +After=syslog.target network-online.target libvirtd.service +Wants=network-online.target +Requires=libvirtd.service + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-compute --config-file /etc/nova/nova.conf --config-file /etc/nova/nova-compute.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-conductor.service b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service new file mode 100644 index 00000000..1d2ece69 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-conductor.service @@ -0,0 +1,13 @@ +[Unit] +Description=Database-access support for Compute nodes (nova-conductor) +After=syslog.target network-online.target libvirtd.service +Wants=network-online.target +Requires=libvirtd.service + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-conductor --config-file /etc/nova/nova.conf --logfile /var/log/nova/conductor.log + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service new file mode 100644 index 00000000..66442d11 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-consoleauth.service @@ -0,0 +1,12 @@ +[Unit] +Description=Openstack Console Auth (nova-consoleauth) +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-consoleauth --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service new file mode 100644 index 00000000..597f357a --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-novncproxy.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova NoVNC proxy +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-novncproxy --config-file /etc/nova/nova.conf --web /usr/share/novnc + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service new file mode 100644 index 00000000..d317b624 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-scheduler.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Scheduler +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-scheduler --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service new file mode 100644 index 00000000..2d95c1fa --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-serialproxy.service @@ -0,0 +1,12 @@ +[Unit] +Description=OpenStack Nova Serial Proxy +After=syslog.target network-online.target +Wants=network-online.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-serialproxy --config-file /etc/nova/nova.conf + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/lib/systemd/system/openstack-nova-setup.service b/openstack/usr/lib/systemd/system/openstack-nova-setup.service new file mode 100644 index 00000000..a4ad6ae7 --- /dev/null +++ b/openstack/usr/lib/systemd/system/openstack-nova-setup.service @@ -0,0 +1,9 @@ +[Unit] +Description=Run nova-setup Ansible scripts +After=local-fs.target libvirtd.service openstack-keystone-setup.service postgres-server.service + +[Service] +ExecStart=/usr/bin/ansible-playbook -v -M /usr/share/ansible/ansible-openstack-modules -i /usr/share/openstack/hosts /usr/share/openstack/nova.yml + +[Install] +WantedBy=multi-user.target diff --git a/openstack/usr/share/openstack/nova.yml b/openstack/usr/share/openstack/nova.yml new file mode 100644 index 00000000..c1122c60 --- /dev/null +++ b/openstack/usr/share/openstack/nova.yml @@ -0,0 +1,102 @@ +--- +- hosts: localhost + vars_files: + - "/etc/openstack/nova.conf" + tasks: + - name: Create the nova user. + user: + name: nova + comment: Openstack Nova Daemons + shell: /sbin/nologin + home: /var/lib/nova + groups: libvirt + append: yes + + - name: Create the /var folders for nova + file: + path: "{{ item }}" + state: directory + owner: nova + group: nova + with_items: + - /var/run/nova + - /var/lock/nova + - /var/log/nova + - /var/lib/nova + - /var/lib/nova/instances + + - file: path=/etc/nova state=directory + - name: Add the configuration needed for nova in /etc/nova using templates + template: + src: /usr/share/openstack/nova/{{ item }} + dest: /etc/nova/{{ item }} + with_lines: + - cd /usr/share/openstack/nova && find -type f + + - name: Create nova service user in service tenant + keystone_user: + user: "{{ NOVA_SERVICE_USER }}" + password: "{{ NOVA_SERVICE_PASSWORD }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Assign admin role to nova service user in the service tenant + keystone_user: + role: admin + user: "{{ NOVA_SERVICE_USER }}" + tenant: service + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Add nova endpoint + keystone_service: + name: nova + type: compute + description: Openstack Compute Service + publicurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + internalurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + adminurl: 'http://{{ CONTROLLER_HOST_ADDRESS }}:8774/v2/%(tenant_id)s' + region: 'regionOne' + token: "{{ KEYSTONE_TEMPORARY_ADMIN_TOKEN }}" + + - name: Create postgresql user for nova + postgresql_user: + name: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + password: "{{ NOVA_DB_PASSWORD }}" + sudo: yes + sudo_user: nova + + - name: Create database for nova services + postgresql_db: + name: nova + owner: "{{ NOVA_DB_USER }}" + login_host: "{{ CONTROLLER_HOST_ADDRESS }}" + sudo: yes + sudo_user: nova + + - name: Initiate nova database + nova_manage: + action: dbsync + sudo: yes + sudo_user: nova + + + +# [1] Never enable openstack-nova-conductor service in a node with +# openstack-nova-compute or the security benefits of removing +# database access from nova-compute will be negated +#systemctl start openstack-nova-conductor + - name: Enable and start openstack-nova services + service: + name: "{{ item }}" + enabled: yes + state: started + with_items: + - openstack-nova-api.service + - openstack-nova-cert.service + - openstack-nova-compute.service + - openstack-nova-consoleauth.service + - openstack-nova-novncproxy.service + - openstack-nova-scheduler.service + - openstack-nova-serialproxy.service +# - openstack-nova-conductor.service diff --git a/openstack/usr/share/openstack/nova/nova-compute.conf b/openstack/usr/share/openstack/nova/nova-compute.conf new file mode 100644 index 00000000..b19de1d3 --- /dev/null +++ b/openstack/usr/share/openstack/nova/nova-compute.conf @@ -0,0 +1,4 @@ +[DEFAULT] +compute_driver=libvirt.LibvirtDriver +[libvirt] +virt_type={{ NOVA_VIRT_TYPE }} diff --git a/openstack/usr/share/openstack/nova/nova.conf b/openstack/usr/share/openstack/nova/nova.conf index abda2151..04cec1c6 100644 --- a/openstack/usr/share/openstack/nova/nova.conf +++ b/openstack/usr/share/openstack/nova/nova.conf @@ -76,23 +76,23 @@ # The RabbitMQ broker address where a single node is used. # (string value) -#rabbit_host=localhost +rabbit_host={{ RABBITMQ_HOST }} # The RabbitMQ broker port where a single node is used. # (integer value) -#rabbit_port=5672 +rabbit_port={{ RABBITMQ_PORT }} # RabbitMQ HA cluster host:port pairs. (list value) #rabbit_hosts=$rabbit_host:$rabbit_port # Connect over SSL for RabbitMQ. (boolean value) -#rabbit_use_ssl=false +rabbit_use_ssl=false # The RabbitMQ userid. (string value) -#rabbit_userid=guest +rabbit_userid={{ RABBITMQ_USER }} # The RabbitMQ password. (string value) -#rabbit_password=guest +rabbit_password={{ RABBITMQ_PASSWORD }} # the RabbitMQ login method (string value) #rabbit_login_method=AMQPLAIN @@ -177,7 +177,7 @@ # The messaging driver to use, defaults to rabbit. Other # drivers include qpid and zmq. (string value) -#rpc_backend=rabbit +rpc_backend=rabbit # The default exchange under which topics are scoped. May be # overridden by an exchange name specified in the @@ -241,7 +241,7 @@ # # IP address of this host (string value) -#my_ip=10.0.0.1 +my_ip={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Name of this node. This can be an opaque identifier. It is # not necessarily a hostname, FQDN, or IP address. However, @@ -290,7 +290,7 @@ # Top-level directory for maintaining nova's state (string # value) -#state_path=$pybasedir +state_path=/var/lib/nova # @@ -376,7 +376,7 @@ #periodic_fuzzy_delay=60 # A list of APIs to enable by default (list value) -#enabled_apis=ec2,osapi_compute,metadata +enabled_apis=ec2,osapi_compute,metadata # A list of APIs with enabled SSL (list value) #enabled_ssl_apis= @@ -470,7 +470,7 @@ # Path to the rootwrap configuration file to use for running # commands as root (string value) -#rootwrap_config=/etc/nova/rootwrap.conf +rootwrap_config=/etc/nova/rootwrap.conf # Explicitly specify the temporary working directory (string # value) @@ -483,7 +483,7 @@ # File name for the paste.deploy config for nova-api (string # value) -#api_paste_config=api-paste.ini +api_paste_config=api-paste.ini # A python format string that is used as the template to # generate log lines. The following values can be formatted @@ -527,7 +527,7 @@ # The strategy to use for auth: noauth or keystone. (string # value) -#auth_strategy=keystone +auth_strategy=keystone # Treat X-Forwarded-For as the canonical remote address. Only # enable this if you have a sanitizing proxy. (boolean value) @@ -640,7 +640,7 @@ # osapi_compute_extension option with # nova.api.openstack.compute.contrib.select_extensions (list # value) -#osapi_compute_ext_list= +osapi_compute_extension=nova.api.openstack.compute.contrib.standard_extensions # @@ -1078,11 +1078,11 @@ # Template string to be used to generate instance names # (string value) -#instance_name_template=instance-%08x +instance_name_template=instance-%08x # Template string to be used to generate snapshot names # (string value) -#snapshot_name_template=snapshot-%s +snapshot_name_template=snapshot-%s # @@ -1146,7 +1146,7 @@ # The full class name of the network API class to use (string # value) -#network_api_class=nova.network.api.API +network_api_class=nova.network.neutronv2.api.API # @@ -1264,7 +1264,7 @@ #dnsmasq_config_file= # Driver used to create ethernet devices. (string value) -#linuxnet_interface_driver=nova.network.linux_net.LinuxBridgeInterfaceDriver +linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver # Name of Open vSwitch bridge used with linuxnet (string # value) @@ -1416,7 +1416,7 @@ # # The full class name of the security API class (string value) -#security_group_api=nova +security_group_api=neutron # @@ -1472,7 +1472,7 @@ #disable_process_locking=false # Directory to use for lock files. (string value) -#lock_path= +lock_path=/var/lock/nova # @@ -1556,7 +1556,7 @@ # Use syslog for logging. Existing syslog format is DEPRECATED # during I, and will change in J to honor RFC5424. (boolean # value) -#use_syslog=false +use_syslog=True # (Optional) Enables or disables syslog rfc5424 format for # logging. If enabled, prefixes the MSG part of the syslog @@ -1734,7 +1734,7 @@ # Which filter class names to use for filtering hosts when not # specified in the request. (list value) -#scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter +scheduler_default_filters=RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter # Which weight class names to use for weighing hosts (list # value) @@ -1759,7 +1759,7 @@ # # Default driver to use for the scheduler (string value) -#scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler +scheduler_driver=nova.scheduler.filter_scheduler.FilterScheduler # How often (in seconds) to run periodic tasks in the # scheduler driver of your choice. Please note this is likely @@ -1867,7 +1867,7 @@ # include: libvirt.LibvirtDriver, xenapi.XenAPIDriver, # fake.FakeDriver, baremetal.BareMetalDriver, # vmwareapi.VMwareVCDriver, hyperv.HyperVDriver (string value) -#compute_driver= +compute_driver=libvirt.LibvirtDriver # The default format an ephemeral_volume will be formatted # with on creation. (string value) @@ -1898,7 +1898,7 @@ # Firewall driver (defaults to hypervisor specific iptables # driver) (string value) -#firewall_driver= +firewall_driver=nova.virt.firewall.NoopFirewallDriver # Whether to allow network traffic from same network (boolean # value) @@ -1959,7 +1959,7 @@ # Location of VNC console proxy, in the form # "http://127.0.0.1:6080/vnc_auto.html" (string value) -#novncproxy_base_url=http://127.0.0.1:6080/vnc_auto.html +novncproxy_base_url=http://{{ MANAGEMENT_INTERFACE_IP_ADDRESS }}:6080/vnc_auto.html # Location of nova xvp VNC console proxy, in the form # "http://127.0.0.1:6081/console" (string value) @@ -1967,17 +1967,17 @@ # IP address on which instance vncservers should listen # (string value) -#vncserver_listen=127.0.0.1 +vncserver_listen=0.0.0.0 # The address to which proxy clients (like nova-xvpvncproxy) # should connect (string value) -#vncserver_proxyclient_address=127.0.0.1 +vncserver_proxyclient_address={{ MANAGEMENT_INTERFACE_IP_ADDRESS }} # Enable VNC related features (boolean value) -#vnc_enabled=true +vnc_enabled=true # Keymap for VNC (string value) -#vnc_keymap=en-us +vnc_keymap=en-us # @@ -2366,7 +2366,7 @@ # # Perform nova-conductor operations locally (boolean value) -#use_local=false +use_local=true # The topic on which conductor nodes listen (string value) #topic=conductor @@ -2409,22 +2409,22 @@ # Default glance hostname or IP address (string value) # Deprecated group/name - [DEFAULT]/glance_host -#host=$my_ip +host={{ CONTROLLER_HOST_ADDRESS }} # Default glance port (integer value) # Deprecated group/name - [DEFAULT]/glance_port -#port=9292 +port=9292 # Default protocol to use when connecting to glance. Set to # https for SSL. (string value) # Deprecated group/name - [DEFAULT]/glance_protocol -#protocol=http +protocol=http # A list of the glance api servers available to nova. Prefix # with https:// for ssl-based glance api servers. # ([hostname|ip]:port) (list value) # Deprecated group/name - [DEFAULT]/glance_api_servers -#api_servers= +api_servers=$host:$port # Allow to perform insecure SSL (https) requests to glance # (boolean value) @@ -2626,23 +2626,23 @@ # Port of the admin Identity API endpoint. Deprecated, use # identity_uri. (integer value) -#auth_port=35357 +auth_port=35357 # Protocol of the admin Identity API endpoint (http or https). # Deprecated, use identity_uri. (string value) -#auth_protocol=https +auth_protocol=http # Complete public Identity API endpoint (string value) -#auth_uri= +auth_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:5000/v2.0 # Complete admin Identity API endpoint. This should specify # the unversioned root endpoint e.g. https://localhost:35357/ # (string value) -#identity_uri= +identity_uri=http://{{ CONTROLLER_HOST_ADDRESS }}:35357 # API version of the admin Identity API endpoint (string # value) -#auth_version= +auth_version=v2.0 # Do not handle authorization requests within the middleware, # but delegate the authorization decision to downstream WSGI @@ -2666,14 +2666,14 @@ #admin_token= # Keystone account username (string value) -#admin_user= +admin_user={{ NOVA_SERVICE_USER }} # Keystone account password (string value) -#admin_password= +admin_password={{ NOVA_SERVICE_PASSWORD }} # Keystone service account tenant name to validate user tokens # (string value) -#admin_tenant_name=admin +admin_tenant_name=service # Env key for the swift cache (string value) #cache= @@ -2809,7 +2809,7 @@ # Libvirt domain type (valid options are: kvm, lxc, qemu, uml, # xen) (string value) -#virt_type=kvm +virt_type={{ NOVA_VIRT_TYPE }} # Override the default libvirt URI (which is dependent on # virt_type) (string value) @@ -3126,12 +3126,12 @@ # Set flag to indicate Neutron will proxy metadata requests # and resolve instance ids. (boolean value) # Deprecated group/name - [DEFAULT]/service_neutron_metadata_proxy -#service_metadata_proxy=false +service_metadata_proxy=True # Shared secret to validate proxies Neutron metadata requests # (string value) # Deprecated group/name - [DEFAULT]/neutron_metadata_proxy_shared_secret -#metadata_proxy_shared_secret= +metadata_proxy_shared_secret={{ METADATA_PROXY_SHARED_SECRET }} # @@ -3140,7 +3140,7 @@ # URL for connecting to neutron (string value) # Deprecated group/name - [DEFAULT]/neutron_url -#url=http://127.0.0.1:9696 +url=http://{{ CONTROLLER_HOST_ADDRESS }}:9696 # Timeout value for connecting to neutron in seconds (integer # value) @@ -3154,12 +3154,12 @@ # Username for connecting to neutron in admin context (string # value) # Deprecated group/name - [DEFAULT]/neutron_admin_username -#admin_username= +admin_username={{ NEUTRON_SERVICE_USER }} # Password for connecting to neutron in admin context (string # value) # Deprecated group/name - [DEFAULT]/neutron_admin_password -#admin_password= +admin_password={{ NEUTRON_SERVICE_PASSWORD }} # Tenant id for connecting to neutron in admin context (string # value) @@ -3171,7 +3171,7 @@ # Note that with Keystone V3 tenant names are only unique # within a domain. (string value) # Deprecated group/name - [DEFAULT]/neutron_admin_tenant_name -#admin_tenant_name= +admin_tenant_name=service # Region name for connecting to neutron in admin context # (string value) @@ -3181,7 +3181,7 @@ # Authorization URL for connecting to neutron in admin context # (string value) # Deprecated group/name - [DEFAULT]/neutron_admin_auth_url -#admin_auth_url=http://localhost:5000/v2.0 +admin_auth_url=http://{{ CONTROLLER_HOST_ADDRESS }}:35357/v2.0 # If set, ignore any SSL validation issues (boolean value) # Deprecated group/name - [DEFAULT]/neutron_api_insecure @@ -3190,7 +3190,7 @@ # Authorization strategy for connecting to neutron in admin # context (string value) # Deprecated group/name - [DEFAULT]/neutron_auth_strategy -#auth_strategy=keystone +auth_strategy=keystone # Name of Integration Bridge used by Open vSwitch (string # value) @@ -3252,7 +3252,7 @@ # # Host on which to listen for incoming requests (string value) -#serialproxy_host=0.0.0.0 +serialproxy_host=127.0.0.1 # Port on which to listen for incoming requests (integer # value) @@ -3264,7 +3264,7 @@ # # Enable serial console related features (boolean value) -#enabled=false +enabled=false # Range of TCP ports to use for serial ports on compute hosts # (string value) @@ -3315,7 +3315,7 @@ #server_proxyclient_address=127.0.0.1 # Enable spice related features (boolean value) -#enabled=false +enabled=false # Enable spice guest agent support (boolean value) #agent_enabled=true @@ -3802,4 +3802,8 @@ # (integer value) #sg_retry_interval=5 +[database] +# The SQLAlchemy connection string to use to connect to the +# database. (string value) +connection=postgresql://{{ NOVA_DB_USER }}:{{ NOVA_DB_PASSWORD }}@{{ CONTROLLER_HOST_ADDRESS }}/nova diff --git a/systems/openstack-system-x86_64.morph b/systems/openstack-system-x86_64.morph index 1b53df06..17c1bbff 100644 --- a/systems/openstack-system-x86_64.morph +++ b/systems/openstack-system-x86_64.morph @@ -66,3 +66,4 @@ configuration-extensions: - openstack-keystone - openstack-glance - openstack-cinder +- openstack-nova -- cgit v1.2.1