summaryrefslogtreecommitdiff
path: root/openstack/usr/share/openstack/openstack-nova-setup
blob: 796fbdf59d2bbfeaab91c299ceb2272bcbdc4008 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
#!/bin/sh
#
# Copyright (C) 2014 Codethink Limited
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; version 2 of the License.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License along
# with this program; if not, write to the Free Software Foundation, Inc.,
# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

set -e

# Create required system users and groups

getent group nova >/dev/null || groupadd -r --gid 162 nova
getent passwd nova >/dev/null || \
	useradd --uid 162 -r -g nova -d /var/lib/nova -s /sbin/nologin \
	-c "OpenStack Nova Daemons" nova

# Create the keystone user and services

export OS_SERVICE_TOKEN=##KEYSTONE_TEMPORARY_ADMIN_TOKEN##
export OS_SERVICE_ENDPOINT='http://localhost:35357/v2.0'

keystone user-create --name ##NOVA_SERVICE_USER## --pass ##NOVA_SERVICE_PASSWORD##
keystone user-role-add --tenant service --user ##NOVA_SERVICE_USER## --role admin

keystone service-create --name nova --type compute --description "OpenStack Compute Service"
keystone endpoint-create  --service-id $(keystone service-list | awk '/ compute / {print $2}') \
	    	          --publicurl ##NOVA_PUBLIC_URL## \
	                  --internalurl ##NOVA_INTERNAL_URL## \
	                  --adminurl ##NOVA_ADMIN_URL## \
			  --region ##NOVA_REGION##

# Nova compute configuration
if [ ! -d /var/run/nova ]; then
    mkdir -p /var/run/nova
    chown -R nova:nova /var/run/nova
fi

if [ ! -d /var/lock/nova ]; then
    mkdir -p /var/lock/nova
    chown -R nova:nova /var/lock/nova
fi

if [ ! -d /var/log/nova ]; then
    mkdir -p /var/log/nova
    chown -R nova:nova /var/log/nova
fi

if [ ! -d /var/lib/nova/instances ]; then
    mkdir /var/lib/nova/instances
    chown -R nova:nova /var/lib/nova/instances
fi

# Setup the nova database
if ! sudo -u postgres psql -lqt | grep -q nova; then
    # Create posgreSQL user
    sudo -u postgres createuser \
	    --pwprompt --encrypted \
	    --no-adduser --no-createdb \
	    --no-password \
	    ##NOVA_DB_USER##

    sudo -u postgres createdb \
	    --owner=##NOVA_DB_USER## \
	    nova

    sudo -u nova nova-manage db sync
fi

# Nova novncproxy needs /usr/share/novnc folder available
if [ ! -d /usr/share/novnc ]; then
    mkdir /usr/share/novnc
    chown -R nova:nova /usr/share/novnc
fi

chown -R nova:nova /var/lib/nova

# Add nova to the libvirt group
usermod -a -G libvirt nova

# Check existence of Network Block Device module in the kernel
# NOTE: modprobe does not work actually and returns always
# failure, enable this check when modprobe is fixed.
#modprobe nbd

# Remove the one-shot setup service
rm /etc/systemd/system/multi-user.target.wants/openstack-nova-setup.service

# Start nova services
systemctl start openstack-nova-compute
# [1] Never enable openstack-nova-conductor service in a node with
# openstack-nova-compute or the security benefits of removing
# database access from nova-compute will be negated
#systemctl start openstack-nova-conductor
systemctl start openstack-nova-api
systemctl start openstack-nova-cert
systemctl start openstack-nova-consoleauth
systemctl start openstack-nova-scheduler
systemctl start openstack-nova-novncproxy
#systemctl start openstack-nova-xvpnvncproxy

# Create the links to run nova services when system start next times.
ln -s "/etc/systemd/system/openstack-nova-compute.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-compute.service"
# See description of why this shouldn't run in a openstack in one node in [1]
#ln -s "/etc/systemd/system/openstack-nova-conductor.service" \
#    "/etc/systemd/system/multi-user.target.wants/openstack-nova-conductor.service"

ln -s "/etc/systemd/system/openstack-nova-api.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-api.service"

ln -s "/etc/systemd/system/openstack-nova-cert.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-cert.service"

ln -s "/etc/systemd/system/openstack-nova-consoleauth.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-consoleauth.service"

ln -s "/etc/systemd/system/openstack-nova-scheduler.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-scheduler.service"

ln -s "/etc/systemd/system/openstack-nova-novncproxy.service" \
    "/etc/systemd/system/multi-user.target.wants/openstack-nova-novncproxy.service"

exit 0