deb-murano/contrib/devstack/lib/murano
Filip Blaha 1e8113866d Policy enforcement functional tests - scripts
Shell scripts preparing dsvm environment for policy enforcement tests.
Tests require devstack with Congress installed.
Some original scripts where changed to reuse functionality.
Jenkins job https://review.openstack.org/#/c/150401/

Partially Implements blueprint congress-support-in-murano

Change-Id: Ib3c26168043f74d4e7ec76f3557f8857cf4304a4
2015-02-19 10:22:46 +01:00

266 lines
8.9 KiB
Plaintext

# lib/murano
# Dependencies:
# ``functions`` file
# ``DEST``, ``DATA_DIR``, ``STACK_USER`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
# install_murano
# configure_murano
# start_murano
# stop_murano
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set -o xtrace
# Defaults
# --------
# Set up default repos
MURANO_REPO=${MURANO_REPO:-${GIT_BASE}/stackforge/murano.git}
MURANO_BRANCH=${MURANO_BRANCH:-master}
MURANO_PYTHONCLIENT_REPO=${MURANO_PYTHONCLIENT_REPO:-${GIT_BASE}/stackforge/python-muranoclient.git}
MURANO_PYTHONCLIENT_BRANCH=${MURANO_PYTHONCLIENT_BRANCH:-master}
MURANO_PYTHONCLIENT_DIR=$DEST/python-muranoclient
# Set up default directories
MURANO_DIR=$DEST/murano
MURANO_CONF_DIR=${MURANO_CONF_DIR:-/etc/murano}
MURANO_CONF_FILE=${MURANO_CONF_DIR}/murano.conf
MURANO_POLICY_FILE=${MURANO_CONF_DIR}/policy.json
MURANO_DEBUG=${MURANO_DEBUG:-True}
MURANO_ENABLE_MODEL_POLICY_ENFORCEMENT=${MURANO_ENABLE_MODEL_POLICY_ENFORCEMENT:-False}
MURANO_SERVICE_HOST=${MURANO_SERVICE_HOST:-$SERVICE_HOST}
MURANO_SERVICE_PORT=${MURANO_SERVICE_PORT:-8082}
MURANO_SERVICE_PROTOCOL=${MURANO_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
MURANO_ADMIN_USER=${MURANO_ADMIN_USER:-murano}
MURANO_KEYSTONE_SIGNING_DIR=${MURANO_KEYSTONE_SIGNING_DIR:-/tmp/keystone-signing-muranoapi}
MURANO_DEFAULT_ROUTER=${MURANO_DEFAULT_ROUTER:-''}
MURANO_EXTERNAL_NETWORK=${MURANO_EXTERNAL_NETWORK:-''}
# MURANO_RABBIT_VHOST allows to specify a separate virtual host for Murano services.
# This is not required if all OpenStack services are deployed by devstack scripts
# on a single node. In this case '/' virtual host (which is the default) is enough.
# The problem arise when Murano installed in 'devbox' mode, allowing two or more
# devboxes to use one common OpenStack host. In this case it's better devboxes
# use separated virtual hosts, to avoid conflicts between Murano services.
# This couldn't be done using exitsting variables, so that's why this variable was added.
MURANO_RABBIT_VHOST=${MURANO_RABBIT_VHOST:-''}
# Support entry points installation of console scripts
if [[ -d $MURANO_DIR/bin ]]; then
MURANO_BIN_DIR=$MURANO_DIR/bin
else
MURANO_BIN_DIR=$(get_python_exec_prefix)
fi
# create_murano_accounts() - Set up common required murano accounts
#
# Tenant User Roles
# ------------------------------
# service murano admin
function create_murano_accounts() {
if ! is_service_enabled key; then
return
fi
SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
MURANO_USER=$(openstack user create \
$MURANO_ADMIN_USER \
--password "$SERVICE_PASSWORD" \
--project $SERVICE_TENANT \
--email murano@example.com \
| grep " id " | get_field 2)
openstack role add \
$ADMIN_ROLE \
--project $SERVICE_TENANT \
--user $MURANO_USER
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
MURANO_SERVICE=$(openstack service create \
murano \
--type=application_catalog \
--description="Application Catalog" \
| grep " id " | get_field 2)
openstack endpoint create \
$MURANO_SERVICE \
--region RegionOne \
--publicurl "$MURANO_SERVICE_PROTOCOL://$MURANO_SERVICE_HOST:$MURANO_SERVICE_PORT" \
--adminurl "$MURANO_SERVICE_PROTOCOL://$MURANO_SERVICE_HOST:$MURANO_SERVICE_PORT" \
--internalurl "$MURANO_SERVICE_PROTOCOL://$MURANO_SERVICE_HOST:$MURANO_SERVICE_PORT"
fi
}
function mkdir_chown_stack {
if [[ ! -d "$1" ]]; then
sudo mkdir -p "$1"
fi
sudo chown $STACK_USER "$1"
}
function configure_murano_rpc_backend() {
# Configure the rpc service.
iniset_rpc_backend muranoapi $MURANO_CONF_FILE DEFAULT
# TODO(ruhe): get rid of this ugly workaround.
inicomment $MURANO_CONF_FILE DEFAULT rpc_backend
iniset $MURANO_CONF_FILE rabbitmq host $RABBIT_HOST
iniset $MURANO_CONF_FILE rabbitmq password $RABBIT_PASSWORD
# Set non-default rabbit virtual host if required.
if [[ -n "$MURANO_RABBIT_VHOST" ]]; then
iniset $MURANO_CONF_FILE DEFAULT rabbit_virtual_host $MURANO_RABBIT_VHOST
iniset $MURANO_CONF_FILE rabbitmq virtual_host $MURANO_RABBIT_VHOST
fi
}
function configure_murano_networking {
# Use keyword 'public' if Murano external network was not set.
# If it was set but the network is not exist then
# first available external network will be selected.
local ext_net=${MURANO_EXTERNAL_NETWORK:-'public'}
local ext_net_id=$(neutron net-external-list \
| grep " $ext_net " | get_field 2)
# Try to select first available external network
if [[ -n "$ext_net_id" ]]; then
ext_net_id=$(neutron net-external-list -f csv -c id \
| tail -n +2 | tail -n 1)
fi
# Configure networking options for Murano
if [[ -n "$MURANO_EXTERNAL_NETWORK" ]] && [[ -n "$ext_net_id" ]]; then
iniset $MURANO_CONF_FILE networking external_network $ext_net_id
iniset $MURANO_CONF_FILE networking create_router 'true'
fi
if [[ -n "$MURANO_DEFAULT_ROUTER" ]]; then
iniset $MURANO_CONF_FILE networking router_name $MURANO_DEFAULT_ROUTER
fi
}
# Entry points
# ------------
# configure_murano() - Set config files, create data dirs, etc
function configure_murano {
mkdir_chown_stack "$MURANO_CONF_DIR"
# Generate Murano configuration file and configure common parameters.
oslo-config-generator --namespace keystonemiddleware.auth_token \
--namespace murano \
--namespace oslo.db \
--namespace oslo.messaging \
> $MURANO_CONF_FILE
cp $MURANO_DIR/etc/murano/murano-paste.ini $MURANO_CONF_DIR
cp $MURANO_DIR/etc/murano/policy.json $MURANO_POLICY_FILE
cleanup_murano
iniset $MURANO_CONF_FILE DEFAULT debug $MURANO_DEBUG
iniset $MURANO_CONF_FILE DEFAULT use_syslog $SYSLOG
# Murano Api Configuration
#-------------------------
# Setup keystone_authtoken section
iniset $MURANO_CONF_FILE keystone_authtoken auth_uri "http://${KEYSTONE_AUTH_HOST}:5000/v2.0"
iniset $MURANO_CONF_FILE keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $MURANO_CONF_FILE keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $MURANO_CONF_FILE keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $MURANO_CONF_FILE keystone_authtoken cafile $KEYSTONE_SSL_CA
iniset $MURANO_CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $MURANO_CONF_FILE keystone_authtoken admin_user $MURANO_ADMIN_USER
iniset $MURANO_CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
configure_murano_rpc_backend
# Configure notifications for status information during provisioning
iniset $MURANO_CONF_FILE DEFAULT notification_driver messagingv2
# configure the database.
iniset $MURANO_CONF_FILE database connection `database_connection_url murano`
# Configure keystone auth url
iniset $MURANO_CONF_FILE keystone auth_url "http://${KEYSTONE_AUTH_HOST}:5000/v2.0"
# Configure Murano API URL
iniset $MURANO_CONF_FILE murano url "http://127.0.0.1:8082"
configure_murano_networking
}
# init_murano() - Initialize databases, etc.
function init_murano() {
# (re)create Murano database
recreate_database murano utf8
$MURANO_BIN_DIR/murano-db-manage --config-file $MURANO_CONF_FILE upgrade
$MURANO_BIN_DIR/murano-manage --config-file $MURANO_CONF_FILE import-package $MURANO_DIR/meta/io.murano
}
# install_murano() - Collect source and prepare
function install_murano() {
install_murano_pythonclient
git_clone $MURANO_REPO $MURANO_DIR $MURANO_BRANCH
# TODO(ruhe): use setup_develop once Murano requirements match with global-requirement.txt
# both functions (setup_develop and setup_package) are defined at:
# http://git.openstack.org/cgit/openstack-dev/devstack/tree/functions-common
setup_package $MURANO_DIR -e
}
function install_murano_pythonclient() {
git_clone $MURANO_PYTHONCLIENT_REPO $MURANO_PYTHONCLIENT_DIR $MURANO_PYTHONCLIENT_BRANCH
setup_package $MURANO_PYTHONCLIENT_DIR -e
}
# start_murano() - Start running processes, including screen
function start_murano() {
screen_it murano-api "cd $MURANO_DIR && $MURANO_BIN_DIR/murano-api --config-file $MURANO_CONF_DIR/murano.conf"
screen_it murano-engine "cd $MURANO_DIR && $MURANO_BIN_DIR/murano-engine --config-file $MURANO_CONF_DIR/murano.conf"
}
# stop_murano() - Stop running processes
function stop_murano() {
# Kill the Murano screen windows
screen -S $SCREEN_NAME -p murano-api -X kill
screen -S $SCREEN_NAME -p murano-engine -X kill
}
function cleanup_murano() {
# Cleanup keystone signing dir
sudo rm -rf $MURANO_KEYSTONE_SIGNING_DIR
}
# Restore xtrace
$XTRACE
# Local variables:
# mode: shell-script
# End: