Change install scripts to use cinder

Fixes bug #1073164

Change-Id: Id483b028d19dbbc30984299120b87fd020f19903
Signed-off-by: Jeff Peeler <jpeeler@redhat.com>

bin/cinder-keystone-setup

@@ -0,0 +1,17 @@
+#!/bin/bash
+
+set +e
+
+SERVICE_PASSWORD='servicepass'
+CINDER_USERNAME='cinder'
+
+source `dirname $0`/heat-keystone-setup
+
+ADMIN_ROLE=$(get_data 2 admin 1 keystone role-list)
+SERVICE_TENANT=$(get_data 2 service 1 keystone tenant-list)
+
+CINDER_USERID=$(get_user $CINDER_USERNAME)
+add_role $CINDER_USERID $SERVICE_TENANT $ADMIN_ROLE $CINDER_USERNAME
+
+CINDER_SERVICE=$(get_service cinder volume "Cinder Volume Service")
+add_endpoint $CINDER_SERVICE 'http://localhost:8776/v1/$(tenant_id)s'

bin/heat-keystone-setup

@@ -68,7 +68,7 @@ get_user() {
         get_id keystone user-create --name=$username \
                                     --pass="$SERVICE_PASSWORD" \
                                     --tenant_id $SERVICE_TENANT \
-                                    --email=heat@example.com
+                                    --email=$username@example.com
     fi
 }
 
@@ -128,9 +128,16 @@ get_endpoint() {
 delete_endpoint() {
     local service_type=$1
 
+    case $service_type in
+        volume) urlsuffix='\\\\$\\\\(tenant_id)s';;
+        orchestration) urlsuffix='%[(]tenant_id[)]s';;
+        # cloudformation has no hash suffix
+        *) urlsuffix=''
+    esac
+
     local url=$(get_data 1 "${service_type}[.]publicURL" 2 \
                 get_endpoint $service_type 2>/dev/null | \
-                    sed -e "s/${TENANT_ID}/%[(]tenant_id[)]s/")
+                sed -r "s/[a-f0-9]{32}/$urlsuffix/")
 
     if [ -n "$url" ]; then
         local endpoints=$(get_data 3 $url 1 keystone endpoint-list)
@@ -186,38 +193,43 @@ add_endpoint() {
         --publicurl "$url" --adminurl "$url" --internalurl "$url" >&2
 }
 
+keystone_setup() {
+    TENANT_ID=$(get_data 1 tenant_id 2 keystone token-get)
+    set_admin_token
 
-TENANT_ID=$(get_data 1 tenant_id 2 keystone token-get)
-set_admin_token
+    ADMIN_ROLE=$(get_data 2 admin 1 keystone role-list)
+    SERVICE_TENANT=$(get_data 2 service 1 keystone tenant-list)
+    SERVICE_PASSWORD=${SERVICE_PASSWORD:-$OS_PASSWORD}
+    if [[ "$SERVICE_PASSWORD" == "$OS_PASSWORD" ]]; then
+        echo "Using the OS_PASSWORD for the SERVICE_PASSWORD." >&2
+    fi
 
-ADMIN_ROLE=$(get_data 2 admin 1 keystone role-list)
-SERVICE_TENANT=$(get_data 2 service 1 keystone tenant-list)
-SERVICE_PASSWORD=${SERVICE_PASSWORD:-$OS_PASSWORD}
-if [[ "$SERVICE_PASSWORD" == "$OS_PASSWORD" ]]; then
-    echo "Using the OS_PASSWORD for the SERVICE_PASSWORD." >&2
+    echo ADMIN_ROLE $ADMIN_ROLE
+    echo SERVICE_TENANT $SERVICE_TENANT
+    echo SERVICE_PASSWORD $SERVICE_PASSWORD
+    echo SERVICE_TOKEN $SERVICE_TOKEN
+
+    HEAT_USERNAME="heat"
+    HEAT_USERID=$(get_user $HEAT_USERNAME)
+    echo HEAT_USERID $HEAT_USERID
+    add_role $HEAT_USERID $SERVICE_TENANT $ADMIN_ROLE $HEAT_USERNAME
+
+    # Create a special role which template-defined "stack users" are
+    # assigned to in the engine when they are created, this allows them
+    # to be more easily differentiated from other users (e.g so we can
+    # lock down these implicitly untrusted users via RBAC policy)
+    STACK_USER_ROLE="heat_stack_user"
+    create_role $STACK_USER_ROLE
+
+    HEAT_CFN_SERVICE=$(get_service heat-cfn cloudformation \
+                       "Heat CloudFormation API")
+    add_endpoint $HEAT_CFN_SERVICE 'http://localhost:8000/v1'
+
+    HEAT_OS_SERVICE=$(get_service heat orchestration \
+                      "Heat API")
+    add_endpoint $HEAT_OS_SERVICE 'http://localhost:8004/v1/%(tenant_id)s'
+}
+
+if [[ ${BASH_SOURCE[0]} == ${0} ]]; then
+    keystone_setup
 fi
-
-echo ADMIN_ROLE $ADMIN_ROLE
-echo SERVICE_TENANT $SERVICE_TENANT
-echo SERVICE_PASSWORD $SERVICE_PASSWORD
-echo SERVICE_TOKEN $SERVICE_TOKEN
-
-HEAT_USERNAME="heat"
-HEAT_USERID=$(get_user $HEAT_USERNAME)
-echo HEAT_USERID $HEAT_USERID
-add_role $HEAT_USERID $SERVICE_TENANT $ADMIN_ROLE $HEAT_USERNAME
-
-# Create a special role which template-defined "stack users" are
-# assigned to in the engine when they are created, this allows them
-# to be more easily differentiated from other users (e.g so we can
-# lock down these implicitly untrusted users via RBAC policy)
-STACK_USER_ROLE="heat_stack_user"
-create_role $STACK_USER_ROLE
-
-HEAT_CFN_SERVICE=$(get_service heat-cfn cloudformation \
-                   "Heat CloudFormation API")
-add_endpoint $HEAT_CFN_SERVICE 'http://localhost:8000/v1'
-
-HEAT_OS_SERVICE=$(get_service heat orchestration \
-                  "Heat API")
-add_endpoint $HEAT_OS_SERVICE 'http://localhost:8004/v1/%(tenant_id)s'

setup.py

@@ -49,5 +49,6 @@ setuptools.setup(
              'bin/heat-engine',
              'bin/heat-watch',
              'bin/heat-db-setup',
+             'bin/cinder-keystone-setup',
              'bin/heat-keystone-setup'],
     py_modules=[])

tools/openstack

@@ -21,21 +21,41 @@
 
 BASE_DIR=`dirname $0`
 
+if [[ $1 = '--with-cinder' ]]; then
+    with_cinder=1
+else
+    with_cinder=0
+fi
+
+if [[ `lsb_release -sr` -gt 17 || $with_cinder ]]; then
+    VOLUME_SERVICE="openstack-cinder"
+    VOLUME_PATH="/var/lib/cinder/cinder-volumes.img"
+    VOLUME_NAME="cinder-volumes"
+else
+    VOLUME_SERVICE="openstack-nova"
+    VOLUME_PATH="/var/lib/nova/nova-volumes.img"
+    VOLUME_NAME="nova-volumes"
+fi
+
 action=$1
 if [ -z "$action" ]
 then
     echo "openstack [start|stop|install|erase|status]"
     echo
-    echo "This tool is designed to control OpenStack on a Fedora 16/17 system"
+    echo "This tool is designed to control OpenStack on a Fedora 16+ system"
     echo
     echo "start - Starts OpenStack"
     echo "stop - Stops OpenStack"
     echo "restart - Restart OpenStack"
     echo "install - Installs a fresh OpenStack system with Keystone from RPM repostories"
     echo "erase - permanently destroys an existing installation of OpenStack"
+    echo "status - show service status for all required OpenStack services"
 fi
 
-OS_SERVICES=(qpidd mysqld openstack-keystone tgtd openstack-glance-api openstack-glance-registry openstack-nova-api openstack-nova-objectstore openstack-nova-compute openstack-nova-network openstack-nova-volume openstack-nova-scheduler openstack-nova-cert)
+OS_SERVICES=(qpidd mysqld openstack-keystone tgtd openstack-glance-api openstack-glance-registry openstack-nova-api openstack-nova-objectstore openstack-nova-compute openstack-nova-network openstack-nova-scheduler openstack-nova-cert $VOLUME_SERVICE-volume)
+if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+    OS_SERVICES+=($VOLUME_SERVICE-api $VOLUME_SERVICE-scheduler)
+fi
 
 function os_status() {
     for service in ${OS_SERVICES[@]}
@@ -79,7 +99,6 @@ function os_check_status() {
     done
 }
 
-
 function os_start() {
     action=start
     sudo systemctl $action qpidd.service mysqld.service
@@ -90,16 +109,24 @@ function os_start() {
     do
         sudo systemctl $action openstack-glance-$svc.service
     done
-    if ! sudo vgs | grep -q nova-volumes
-    then
-        sudo vgcreate nova-volumes $(sudo losetup --show -f /var/lib/nova/nova-volumes.img)
+
+    if ! sudo vgs | grep -q $VOLUME_NAME; then
+        sudo vgcreate $VOLUME_NAME $(sudo losetup --show -f $VOLUME_PATH)
     fi
 
-    for svc in api cert objectstore compute volume scheduler
+    for svc in api cert objectstore compute scheduler
     do
         sudo systemctl $action openstack-nova-$svc.service
     done
 
+    sudo systemctl $action $VOLUME_SERVICE-volume.service
+    if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+        for svc in api scheduler
+        do
+            sudo systemctl $action $VOLUME_SERVICE-$svc.service
+        done
+    fi
+
     # This must be started after openstack-nova-cert due to an SELinux
     # policy problem. See https://bugzilla.redhat.com/show_bug.cgi?id=857747
     sleep 2
@@ -109,10 +136,19 @@ function os_start() {
 function os_stop() {
     action=stop
     sudo systemctl $action openstack-keystone.service tgtd.service
-    for svc in api objectstore compute network volume scheduler cert
+    for svc in api objectstore compute network scheduler cert
     do
         sudo systemctl $action openstack-nova-$svc.service
     done
+
+    sudo systemctl $action $VOLUME_SERVICE-volume.service
+    if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+        for svc in api scheduler
+        do
+            sudo systemctl $action $VOLUME_SERVICE-$svc.service
+        done
+    fi
+
     for svc in api registry
     do
         sudo systemctl $action openstack-glance-$svc.service
@@ -151,21 +187,23 @@ function os_erase() {
     sudo openstack-db --service nova --drop $*
     sudo openstack-db --service glance --drop $*
     sudo openstack-db --service keystone --drop $*
+    if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+        sudo openstack-db --service cinder --drop $*
+    fi
+
     sudo yum -q -y erase openstack-utils
 
-    sudo vgchange -an nova-volumes
+    sudo vgchange -an $VOLUME_NAME
     sudo losetup -d /dev/loop0
-    sudo rm -f /var/lib/nova/nova-volumes.img
-    sudo rm -rf /etc/{glance,nova,swift,keystone,openstack-dashboard} /var/lib/{glance,nova,swift,keystone} /var/log/{glance,nova,swift,keystone} /var/run/{glance,nova,swift,keystone}
+    sudo rm -f $VOLUME_PATH
+    sudo rm -rf /etc/{glance,nova,swift,keystone,openstack-dashboard,cinder} /var/lib/{glance,nova,swift,keystone,cinder} /var/log/{glance,nova,swift,keystone,cinder} /var/run/{glance,nova,swift,keystone,cinder}
     rm -f $HOME/.openstack/.keystonerc
 }
 
-
-
 function os_install() {
     sudo yum -q -y groupinstall Virtualization
-    sudo yum -q -y install openstack-utils openstack-nova openstack-glance openstack-keystone openstack-dashboard scsi-target-utils qpid-cpp-server mysql-server qpid-cpp-server-daemon
-    sudo dd if=/dev/zero of=/var/lib/nova/nova-volumes.img bs=1M seek=20k count=0
+    sudo yum -q -y install openstack-utils openstack-nova openstack-glance openstack-keystone openstack-dashboard scsi-target-utils qpid-cpp-server mysql-server qpid-cpp-server-daemon $VOLUME_SERVICE
+    sudo dd if=/dev/zero of=$VOLUME_PATH bs=1M seek=20k count=0
     sudo systemctl start mysqld.service
     sudo systemctl enable libvirtd.service
     sudo systemctl start libvirtd.service
@@ -174,6 +212,9 @@ function os_install() {
     sudo openstack-db --service nova --init $*
     sudo openstack-db --service glance --init $*
     sudo openstack-db --service keystone --init $*
+    if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+        sudo openstack-db --service cinder --init $*
+    fi
 
     # Create a keystone RC file
     mkdir -p $HOME/.openstack
@@ -208,11 +249,24 @@ EOF
     sudo openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
     sudo openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password servicepass
 
+    if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
+        sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_tenant_name service
+        sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_user cinder
+        sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_password servicepass
+        sudo openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
+        # must disable implicit osapi_volume
+        sudo openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis ec2,osapi_compute,metadata
+        sudo openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
+    fi
+
     os_stop
     sleep 1
-    sudo rm -rf /var/log/{glance,nova,swift,keystone}/*
+    sudo rm -rf /var/log/{glance,nova,swift,keystone,cinder}/*
     os_start
     sleep 1
+    if [[ $VOLUME_SERVICE -eq "openstack-cinder" ]]; then
+        ${BASE_DIR}/../bin/cinder-keystone-setup
+    fi
     echo "Installation Complete."
 
     echo "Checking all expected services are running"

tools/pip-requires

@@ -29,4 +29,5 @@ python-keystoneclient
 python-memcached
 python-swiftclient
 python-quantumclient
+python-cinderclient
 PyYAML>=3.1.0