#!/bin/sh # # Copyright (C) 2014 Codethink Limited # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; version 2 of the License. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License along # with this program; if not, write to the Free Software Foundation, Inc., # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. set -e # Create required system users and groups getent group nova >/dev/null || groupadd -r --gid 162 nova getent passwd nova >/dev/null || \ useradd --uid 162 -r -g nova -d /var/lib/nova -s /sbin/nologin \ -c "OpenStack Nova Daemons" nova # Create the keystone user and services export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN## export OS_SERVICE_ENDPOINT='http://onenode:35357/v2.0' keystone user-create --name ##NOVA_SERVICE_USER## --pass ##NOVA_SERVICE_PASSWORD## keystone user-role-add --tenant service --user ##NOVA_SERVICE_USER## --role admin keystone service-create --name nova --type compute --description "OpenStack Compute Service" keystone endpoint-create --service-id $(keystone service-list | awk '/ compute / {print $2}') \ --publicurl ##NOVA_PUBLIC_URL## \ --internalurl ##NOVA_INTERNAL_URL## \ --adminurl ##NOVA_ADMIN_URL## \ --region ##NOVA_REGION## # Nova compute configuration if [ ! -d /var/run/nova ]; then mkdir -p /var/run/nova chown -R nova:nova /var/run/nova fi if [ ! -d /var/lock/nova ]; then mkdir -p /var/lock/nova chown -R nova:nova /var/lock/nova fi if [ ! -d /var/log/nova ]; then mkdir -p /var/log/nova chown -R nova:nova /var/log/nova fi if [ ! -d /var/lib/nova/instances ]; then mkdir /var/lib/nova/instances chown -R nova:nova /var/lib/nova/instances fi # Setup the nova database if ! sudo -u postgres psql -lqt | grep -q nova; then # Create posgreSQL user sudo -u postgres createuser \ --pwprompt --encrypted \ --no-adduser --no-createdb \ --no-password \ ##NOVA_DB_USER## sudo -u postgres createdb \ --owner=##NOVA_DB_USER## \ nova sudo -u nova nova-manage db sync fi # Nova novncproxy needs to know the ip of the novnc host # this is a workaround to make nova known which is the novnc host eth_ip="$(ip addr | perl -pe 'if (/^\d+: ([^:]+)/) { $iface=$1; } if (m@^\s*inet ([^/]+)/@) { print "$iface $1\n"; } $_=undef;' | grep "^br-eth0" | head -1 | awk '{ print $2 } ')" sed -i "s/\#\#NOVNC_HOST\#\#/$eth_ip/g" /etc/nova/nova.conf chown -R nova:nova /var/lib/nova # Add nova to the libvirt group usermod -a -G libvirt nova # Check existence of Network Block Device module in the kernel # NOTE: modprobe does not work actually and returns always # failure, enable this check when modprobe is fixed. #modprobe nbd # Remove the one-shot setup service rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service # Start nova services systemctl start openstack-nova-compute # [1] Never enable openstack-nova-conductor service in a node with # openstack-nova-compute or the security benefits of removing # database access from nova-compute will be negated #systemctl start openstack-nova-conductor systemctl start openstack-nova-api systemctl start openstack-nova-cert systemctl start openstack-nova-consoleauth systemctl start openstack-nova-scheduler systemctl start openstack-nova-novncproxy #systemctl start openstack-nova-xvpnvncproxy # Create the links to run nova services when system start next times. ln -s "/etc/systemd/system/openstack-nova-compute.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service" # See description of why this shouldn't run in a openstack in one node in [1] #ln -s "/etc/systemd/system/openstack-nova-conductor.service" \ # "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service" ln -s "/etc/systemd/system/openstack-nova-api.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-api.service" ln -s "/etc/systemd/system/openstack-nova-cert.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service" ln -s "/etc/systemd/system/openstack-nova-consoleauth.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service" ln -s "/etc/systemd/system/openstack-nova-scheduler.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service" ln -s "/etc/systemd/system/openstack-nova-novncproxy.service" \ "/etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service" exit 0