blob: 345d5585219e85114332b814dcfa24253226b440 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
#!/bin/sh
#
# Copyright (C) 2014 Codethink Limited
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
set -e
# Create required system users and groups
getent group nova >/dev/null || groupadd -r --gid 162 nova
getent passwd nova >/dev/null || \
useradd --uid 162 -r -g nova -d /var/lib/nova -s /sbin/nologin \
-c "OpenStack Nova Daemons" nova
# Create the keystone user and services
export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN##
export OS_SERVICE_ENDPOINT='http://localhost:35357/v2.0'
keystone user-create --name ##NOVA_SERVICE_USER## --pass ##NOVA_SERVICE_PASSWORD##
keystone user-role-add --tenant service --user ##NOVA_SERVICE_USER## --role admin
keystone service-create --name nova --type compute --description "OpenStack Compute Service"
keystone endpoint-create --service-id $(keystone service-list | awk '/ compute / {print $2}') \
--publicurl ##NOVA_PUBLIC_URL## \
--internalurl ##NOVA_INTERNAL_URL## \
--adminurl ##NOVA_ADMIN_URL## \
--region ##NOVA_REGION##
# Nova compute configuration
if [ ! -d /var/run/nova ]; then
mkdir -p /var/run/nova
chown -R nova:nova /var/run/nova
fi
if [ ! -d /var/lock/nova ]; then
mkdir -p /var/lock/nova
chown -R nova:nova /var/lock/nova
fi
if [ ! -d /var/log/nova ]; then
mkdir -p /var/log/nova
chown -R nova:nova /var/log/nova
fi
if [ ! -d /var/lib/nova/instances ]; then
mkdir /var/lib/nova/instances
chown -R nova:nova /var/lib/nova/instances
fi
# Setup the nova database
if [ ! -e /var/lib/nova/nova.sqlite ]; then
chown -R nova:nova /var/lib/nova
sudo -u nova nova-manage db sync
fi
# Nova novncproxy needs /usr/share/novnc folder available
if [ ! -d /usr/share/novnc ]; then
mkdir /usr/share/novnc
chown -R nova:nova /usr/share/novnc
fi
# Add nova to the libvirt group
usermod -a -G libvirt nova
# Check existence of Network Block Device module in the kernel
# NOTE: modprobe does not work actually and returns always
# failure, enable this check when modprobe is fixed.
#modprobe nbd
# Remove the one-shot setup service
rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service
# Start nova services
systemctl start openstack-nova-compute
# [1] Never enable openstack-nova-conductor service in a node with
# openstack-nova-compute or the security benefits of removing
# database access from nova-compute will be negated
#systemctl start openstack-nova-conductor
systemctl start openstack-nova-api
systemctl start openstack-nova-cert
systemctl start openstack-nova-consoleauth
systemctl start openstack-nova-scheduler
systemctl start openstack-nova-novncproxy
#systemctl start openstack-nova-xvpnvncproxy
# Create the links to run nova services when system start next times.
ln -s "/etc/systemd/system/openstack-nova-compute.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service"
# See description of why this shouldn't run in a openstack in one node in [1]
#ln -s "/etc/systemd/system/openstack-nova-conductor.service" \
# "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service"
ln -s "/etc/systemd/system/openstack-nova-api.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-api.service"
ln -s "/etc/systemd/system/openstack-nova-cert.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service"
ln -s "/etc/systemd/system/openstack-nova-consoleauth.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service"
ln -s "/etc/systemd/system/openstack-nova-scheduler.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service"
ln -s "/etc/systemd/system/openstack-nova-novncproxy.service" \
"/etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service"
exit 0
|