Merge "Fix issues with devstack script"

cyborg/accelerator/drivers/modules/generic.py

@@ -23,7 +23,7 @@ from oslo_log import log as logging
 
 LOG = logging.getLogger(__name__)
 
-# TODO(crushil): REQUIRED_PROPERTIES needs to be filled out.
+# NOTE (crushil): REQUIRED_PROPERTIES needs to be filled out.
 REQUIRED_PROPERTIES = {}
 COMMON_PROPERTIES = REQUIRED_PROPERTIES
 

devstack/lib/cyborg

@@ -24,21 +24,11 @@
 [[ -z "$_CYBORG_DEVSTACK_LIB" ]] || return 0
 declare -r -g _CYBORG_DEVSTACK_LIB=1
 
-# Save xtrace and pipefail settings
-_XTRACE_CYBORG=$(set +o | grep xtrace)
-_PIPEFAIL_CYBORG=$(set +o | grep pipefail)
-set -o xtrace
-set +o pipefail
-
 # Defaults
 # --------
 
 # Set up default directories
 
-GITREPO["virtualbmc"]=${VIRTUALBMC_REPO:-${GIT_BASE}/openstack/virtualbmc.git}
-GITBRANCH["virtualbmc"]=${VIRTUALBMC_BRANCH:-master}
-GITDIR["virtualbmc"]=$DEST/virtualbmc
-
 CYBORG_DIR=$DEST/cyborg
 CYBORG_DEVSTACK_DIR=$CYBORG_DIR/devstack
 CYBORG_DEVSTACK_FILES_DIR=$CYBORG_DEVSTACK_DIR/files
@@ -50,65 +40,15 @@ CYBORG_CONF_FILE=$CYBORG_CONF_DIR/cyborg.conf
 CYBORG_ROOTWRAP_CONF=$CYBORG_CONF_DIR/rootwrap.conf
 CYBORG_POLICY_JSON=$CYBORG_CONF_DIR/policy.json
 
-# Deploy callback timeout can be changed from its default (1800), if required.
-CYBORG_CALLBACK_TIMEOUT=${CYBORG_CALLBACK_TIMEOUT:-}
-
-# driver / hardware type options
-
-if [[ "$CYBORG_VM_ENGINE" == "auto" ]]; then
-    sudo modprobe kvm || true
-    if [ ! -e /dev/kvm ]; then
-        echo "WARNING: Switching to QEMU"
-        CYBORG_VM_ENGINE=qemu
-        if [[ -z "$CYBORG_VM_EMULATOR" ]]; then
-            CYBORG_VM_EMULATOR='/usr/bin/qemu-system-x86_64'
-        fi
-    else
-        CYBORG_VM_ENGINE=kvm
-    fi
-fi
-
-if [[ "$CYBORG_VM_ENGINE" == "kvm" ]]; then
-    # Set this to empty, so configure-vm.py can autodetect location
-    # of KVM binary
-    CYBORG_VM_EMULATOR=""
-fi
-
-
-function setup_virtualbmc {
-    # Install pyghmi from source, if requested, otherwise it will be
-    # downloaded as part of the virtualbmc installation
-    if use_library_from_git "pyghmi"; then
-        git_clone_by_name "pyghmi"
-        setup_dev_lib "pyghmi"
-    fi
-
-    if use_library_from_git "virtualbmc"; then
-        git_clone_by_name "virtualbmc"
-        setup_dev_lib "virtualbmc"
-    else
-        pip_install_gr "virtualbmc"
-    fi
-
-    if [[ ! -d $(dirname $CYBORG_VBMC_CONFIG_FILE) ]]; then
-        mkdir -p $(dirname $CYBORG_VBMC_CONFIG_FILE)
-    fi
-
-    iniset $CYBORG_VBMC_CONFIG_FILE log debug True
-    iniset $CYBORG_VBMC_CONFIG_FILE log logfile $CYBORG_VBMC_LOGFILE
-}
-
 
 # install_cyborg() - Install the things!
 function install_cyborg {
     # make sure all needed service were enabled
     local req_services="key"
-    if is_service_enabled nova && [[ "$VIRT_DRIVER" == "cyborg" ]]; then
-        req_services+=" nova glance neutron"
-    fi
+    req_services+=" nova glance neutron"
     for srv in $req_services; do
         if ! is_service_enabled "$srv"; then
-            die $LINENO "$srv should be enabled for Ironic."
+            die $LINENO "$srv should be enabled for Cyborg."
         fi
     done
 
@@ -119,8 +59,8 @@ function install_cyborg {
 # cleanup_cyborg_config_files() - Remove residual cache/config/log files,
 # left over from previous runs that would need to clean up.
 function cleanup_cyborg_config_files {
-    sudo rm -rf $CYBORG_AUTH_CACHE_DIR $CYBORG_CONF_DIR
-    sudo rm -rf $CYBORG_VM_LOG_DIR/*
+    sudo rm -rf $CYBORG_CONF_DIR
+    sudo rm -rf $CYBORG_AUTH_CACHE_DIR
 }
 
 
@@ -130,12 +70,11 @@ function cleanup_cyborg {
 }
 
 
-# configure_cyborg_dirs() - Create all directories required by Ironic and
+# configure_cyborg_dirs() - Create all directories required by Cyborg and
 # associated services.
 function configure_cyborg_dirs {
     sudo install -d -o $STACK_USER $CYBORG_CONF_DIR $STACK_USER $CYBORG_DATA_DIR \
         $CYBORG_STATE_PATH
-    sudo chown -R $STACK_USER:$STACK_USER $CYBORG_TFTPBOOT_DIR
 
     # Create the logs directory when saving the deploy logs to the filesystem
     if [[ "$CYBORG_DEPLOY_LOGS_STORAGE_BACKEND" == "local" && "$CYBORG_DEPLOY_LOGS_COLLECT" != "never" ]]; then
@@ -156,52 +95,20 @@ function configure_cyborg {
     iniset $CYBORG_CONF_FILE DEFAULT state_path $CYBORG_STATE_PATH
     iniset $CYBORG_CONF_FILE DEFAULT use_syslog $SYSLOG
     iniset $CYBORG_CONF_FILE DEFAULT host $LOCAL_HOSTNAME
+    configure_rootwrap cyborg
 
-    # Configure Ironic conductor, if it was enabled.
+    # Configure Cyborg conductor, if it was enabled.
     if is_service_enabled cyborg-cond; then
         configure_cyborg_conductor
     fi
 
-    # Configure Ironic API, if it was enabled.
+    # Configure Cyborg API, if it was enabled.
     if is_service_enabled cyborg-api; then
         configure_cyborg_api
     fi
 
-    # Format logging
-    setup_logging $CYBORG_CONF_FILE
+    # NOTE(crushil) Need to add logging
 
-    if [[ "$os_VENDOR" =~ (Debian|Ubuntu) ]]; then
-        # The groups change with newer libvirt. Older Ubuntu used
-        # 'libvirtd', but now uses libvirt like Debian. Do a quick check
-        # to see if libvirtd group already exists to handle grenade's case.
-        LIBVIRT_GROUP=$(cut -d ':' -f 1 /etc/group | grep 'libvirtd$' || true)
-        LIBVIRT_GROUP=${LIBVIRT_GROUP:-libvirt}
-    else
-        LIBVIRT_GROUP=libvirtd
-    fi
-    if ! getent group $LIBVIRT_GROUP >/dev/null; then
-        sudo groupadd $LIBVIRT_GROUP
-    fi
-    # NOTE(vsaienko) Add stack to libvirt group when installing without nova.
-    if ! is_service_enabled nova; then
-        add_user_to_group $STACK_USER $LIBVIRT_GROUP
-
-        # This is the basic set of devices allowed / required by all virtual machines.
-        # Add /dev/net/tun to cgroup_device_acl, needed for type=ethernet interfaces
-        if ! sudo grep -q '^cgroup_device_acl' /etc/libvirt/qemu.conf; then
-            cat <<EOF | sudo tee -a /etc/libvirt/qemu.conf
-cgroup_device_acl = [
-    "/dev/null", "/dev/full", "/dev/zero",
-    "/dev/random", "/dev/urandom",
-    "/dev/ptmx", "/dev/kvm", "/dev/kqemu",
-    "/dev/rtc", "/dev/hpet","/dev/net/tun",
-    "/dev/vfio/vfio",
-]
-EOF
-            restart_libvirt
-        fi
-
-    fi
 }
 
 # configure_cyborg_api() - Is used by configure_cyborg(). Performs
@@ -214,8 +121,6 @@ function configure_cyborg_api {
     iniset_rpc_backend cyborg $CYBORG_CONF_FILE
 
     iniset $CYBORG_CONF_FILE conductor automated_clean $CYBORG_AUTOMATED_CLEAN_ENABLED
-
-    cp -p $CYBORG_DIR/etc/cyborg/policy.json $CYBORG_POLICY_JSON
 }
 
 function configure_auth_for {
@@ -241,8 +146,9 @@ function configure_cyborg_conductor {
     # this one is needed for lookup of Cyborg API endpoint via Keystone
     configure_auth_for service_catalog
 
-    cp $CYBORG_DIR/etc/cyborg/rootwrap.conf $CYBORG_ROOTWRAP_CONF
-    cp -r $CYBORG_DIR/etc/cyborg/rootwrap.d $CYBORG_CONF_DIR
+    sudo cp $CYBORG_DIR/etc/cyborg/rootwrap.conf $CYBORG_ROOTWRAP_CONF
+    sudo chmod 0440 $CYBORG_DIR
+    sudo cp -r $CYBORG_DIR/etc/cyborg/rootwrap.d $CYBORG_CONF_DIR
     local cyborg_rootwrap
     cyborg_rootwrap=$(get_rootwrap_location cyborg)
     local rootwrap_isudoer_cmd="$cyborg_rootwrap $CYBORG_CONF_DIR/rootwrap.conf *"
@@ -251,7 +157,7 @@ function configure_cyborg_conductor {
     local tempfile
     tempfile=`mktemp`
     echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_isudoer_cmd" >$tempfile
-    chmod 0440 $tempfile
+    sudo chmod 0440 $tempfile
     sudo chown root:root $tempfile
     sudo mv $tempfile /etc/sudoers.d/cyborg-rootwrap
 
@@ -268,10 +174,8 @@ function create_cyborg_cache_dir {
     # Create cache dir
     sudo mkdir -p $CYBORG_AUTH_CACHE_DIR/api
     sudo chown $STACK_USER $CYBORG_AUTH_CACHE_DIR/api
-    rm -f $CYBORG_AUTH_CACHE_DIR/api/*
     sudo mkdir -p $CYBORG_AUTH_CACHE_DIR/registry
     sudo chown $STACK_USER $CYBORG_AUTH_CACHE_DIR/registry
-    rm -f $CYBORG_AUTH_CACHE_DIR/registry/*
 }
 
 # init_cyborg() - Initialize databases, etc.
@@ -325,16 +229,6 @@ function stop_cyborg {
     stop_process cyborg-agent
 }
 
-        wait_for_nova_resources "count" $total_nodes
-        wait_for_nova_resources "vcpus" $total_cpus
-    fi
-}
-
-function die_if_module_not_loaded {
-    if ! grep -q $1 /proc/modules; then
-        die $LINENO "$1 kernel module is not loaded"
-    fi
-}
 
 # Restore xtrace + pipefail
 $_XTRACE_CYBORG

devstack/plugin.sh

@@ -5,6 +5,7 @@
 # https://docs.openstack.org/devstack/latest/plugins.html
 
 echo_summary "cyborg devstack plugin.sh called: $1/$2"
+source $DEST/cyborg/devstack/lib/cyborg
 
 if is_service_enabled cyborg-api cyborg-cond; then
     if [[ "$1" == "stack" ]]; then
@@ -18,7 +19,6 @@ if is_service_enabled cyborg-api cyborg-cond; then
                 install_libvirt
             fi
             install_cyborg
-            cleanup_cyborg_config_files
 
         elif [[ "$2" == "post-config" ]]; then
         # stack/post-config - Called after the layer 1 and 2 services have been
@@ -28,10 +28,6 @@ if is_service_enabled cyborg-api cyborg-cond; then
             echo_summary "Configuring Cyborg"
             configure_cyborg
 
-            if is_service_enabled key; then
-                create_cyborg_accounts
-            fi
-
         elif [[ "$2" == "extra" ]]; then
         # stack/extra - Called near the end after layer 1 and 2 services have
         # been started.

etc/cyborg/rootwrap.conf

@@ -0,0 +1,23 @@
+# Configuration for cyborg-rootwrap
+# This file should be owned by (and only writable by) the root user
+
+[DEFAULT]
+# List of directories to search executables in, in case filters do not
+# explicitly specify a full path (separated by ',')
+# If not specified, defaults to system PATH environment variable.
+# These directories MUST all be only writable by root !
+exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin
+
+# Enable logging to syslog
+# Default value is False
+use_syslog=False
+
+# Which syslog facility to use.
+# Valid values include auth, authpriv, syslog, user0, user1...
+# Default value is 'syslog'
+syslog_log_facility=syslog
+
+# Which messages to log.
+# INFO means log all usage
+# ERROR means only log unsuccessful attempts
+syslog_log_level=ERROR

etc/cyborg/rootwrap.d/acceleration.filters

@@ -0,0 +1,2 @@
+# cyborg-rootwrap command filters for acceleration nodes
+# This file should be owned by (and only-writeable by) the root user