diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..dcf51ce --- /dev/null +++ b/.gitignore @@ -0,0 +1,4 @@ +*~ +.*.sw? +.prereqs +.tox diff --git a/LICENSE b/LICENSE new file mode 100644 index 0000000..67db858 --- /dev/null +++ b/LICENSE @@ -0,0 +1,175 @@ + + Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. diff --git a/LICENSE.md b/LICENSE.md new file mode 100644 index 0000000..5c304d1 --- /dev/null +++ b/LICENSE.md @@ -0,0 +1,201 @@ +Apache License + Version 2.0, January 2004 + http://www.apache.org/licenses/ + + TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION + + 1. Definitions. + + "License" shall mean the terms and conditions for use, reproduction, + and distribution as defined by Sections 1 through 9 of this document. + + "Licensor" shall mean the copyright owner or entity authorized by + the copyright owner that is granting the License. + + "Legal Entity" shall mean the union of the acting entity and all + other entities that control, are controlled by, or are under common + control with that entity. For the purposes of this definition, + "control" means (i) the power, direct or indirect, to cause the + direction or management of such entity, whether by contract or + otherwise, or (ii) ownership of fifty percent (50%) or more of the + outstanding shares, or (iii) beneficial ownership of such entity. + + "You" (or "Your") shall mean an individual or Legal Entity + exercising permissions granted by this License. + + "Source" form shall mean the preferred form for making modifications, + including but not limited to software source code, documentation + source, and configuration files. + + "Object" form shall mean any form resulting from mechanical + transformation or translation of a Source form, including but + not limited to compiled object code, generated documentation, + and conversions to other media types. + + "Work" shall mean the work of authorship, whether in Source or + Object form, made available under the License, as indicated by a + copyright notice that is included in or attached to the work + (an example is provided in the Appendix below). + + "Derivative Works" shall mean any work, whether in Source or Object + form, that is based on (or derived from) the Work and for which the + editorial revisions, annotations, elaborations, or other modifications + represent, as a whole, an original work of authorship. For the purposes + of this License, Derivative Works shall not include works that remain + separable from, or merely link (or bind by name) to the interfaces of, + the Work and Derivative Works thereof. + + "Contribution" shall mean any work of authorship, including + the original version of the Work and any modifications or additions + to that Work or Derivative Works thereof, that is intentionally + submitted to Licensor for inclusion in the Work by the copyright owner + or by an individual or Legal Entity authorized to submit on behalf of + the copyright owner. For the purposes of this definition, "submitted" + means any form of electronic, verbal, or written communication sent + to the Licensor or its representatives, including but not limited to + communication on electronic mailing lists, source code control systems, + and issue tracking systems that are managed by, or on behalf of, the + Licensor for the purpose of discussing and improving the Work, but + excluding communication that is conspicuously marked or otherwise + designated in writing by the copyright owner as "Not a Contribution." + + "Contributor" shall mean Licensor and any individual or Legal Entity + on behalf of whom a Contribution has been received by Licensor and + subsequently incorporated within the Work. + + 2. Grant of Copyright License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + copyright license to reproduce, prepare Derivative Works of, + publicly display, publicly perform, sublicense, and distribute the + Work and such Derivative Works in Source or Object form. + + 3. Grant of Patent License. Subject to the terms and conditions of + this License, each Contributor hereby grants to You a perpetual, + worldwide, non-exclusive, no-charge, royalty-free, irrevocable + (except as stated in this section) patent license to make, have made, + use, offer to sell, sell, import, and otherwise transfer the Work, + where such license applies only to those patent claims licensable + by such Contributor that are necessarily infringed by their + Contribution(s) alone or by combination of their Contribution(s) + with the Work to which such Contribution(s) was submitted. If You + institute patent litigation against any entity (including a + cross-claim or counterclaim in a lawsuit) alleging that the Work + or a Contribution incorporated within the Work constitutes direct + or contributory patent infringement, then any patent licenses + granted to You under this License for that Work shall terminate + as of the date such litigation is filed. + + 4. Redistribution. You may reproduce and distribute copies of the + Work or Derivative Works thereof in any medium, with or without + modifications, and in Source or Object form, provided that You + meet the following conditions: + + (a) You must give any other recipients of the Work or + Derivative Works a copy of this License; and + + (b) You must cause any modified files to carry prominent notices + stating that You changed the files; and + + (c) You must retain, in the Source form of any Derivative Works + that You distribute, all copyright, patent, trademark, and + attribution notices from the Source form of the Work, + excluding those notices that do not pertain to any part of + the Derivative Works; and + + (d) If the Work includes a "NOTICE" text file as part of its + distribution, then any Derivative Works that You distribute must + include a readable copy of the attribution notices contained + within such NOTICE file, excluding those notices that do not + pertain to any part of the Derivative Works, in at least one + of the following places: within a NOTICE text file distributed + as part of the Derivative Works; within the Source form or + documentation, if provided along with the Derivative Works; or, + within a display generated by the Derivative Works, if and + wherever such third-party notices normally appear. The contents + of the NOTICE file are for informational purposes only and + do not modify the License. You may add Your own attribution + notices within Derivative Works that You distribute, alongside + or as an addendum to the NOTICE text from the Work, provided + that such additional attribution notices cannot be construed + as modifying the License. + + You may add Your own copyright statement to Your modifications and + may provide additional or different license terms and conditions + for use, reproduction, or distribution of Your modifications, or + for any such Derivative Works as a whole, provided Your use, + reproduction, and distribution of the Work otherwise complies with + the conditions stated in this License. + + 5. Submission of Contributions. Unless You explicitly state otherwise, + any Contribution intentionally submitted for inclusion in the Work + by You to the Licensor shall be under the terms and conditions of + this License, without any additional terms or conditions. + Notwithstanding the above, nothing herein shall supersede or modify + the terms of any separate license agreement you may have executed + with Licensor regarding such Contributions. + + 6. Trademarks. This License does not grant permission to use the trade + names, trademarks, service marks, or product names of the Licensor, + except as required for reasonable and customary use in describing the + origin of the Work and reproducing the content of the NOTICE file. + + 7. Disclaimer of Warranty. Unless required by applicable law or + agreed to in writing, Licensor provides the Work (and each + Contributor provides its Contributions) on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or + implied, including, without limitation, any warranties or conditions + of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A + PARTICULAR PURPOSE. You are solely responsible for determining the + appropriateness of using or redistributing the Work and assume any + risks associated with Your exercise of permissions under this License. + + 8. Limitation of Liability. In no event and under no legal theory, + whether in tort (including negligence), contract, or otherwise, + unless required by applicable law (such as deliberate and grossly + negligent acts) or agreed to in writing, shall any Contributor be + liable to You for damages, including any direct, indirect, special, + incidental, or consequential damages of any character arising as a + result of this License or out of the use or inability to use the + Work (including but not limited to damages for loss of goodwill, + work stoppage, computer failure or malfunction, or any and all + other commercial damages or losses), even if such Contributor + has been advised of the possibility of such damages. + + 9. Accepting Warranty or Additional Liability. While redistributing + the Work or Derivative Works thereof, You may choose to offer, + and charge a fee for, acceptance of support, warranty, indemnity, + or other liability obligations and/or rights consistent with this + License. However, in accepting such obligations, You may act only + on Your own behalf and on Your sole responsibility, not on behalf + of any other Contributor, and only if You agree to indemnify, + defend, and hold each Contributor harmless for any liability + incurred by, or claims asserted against, such Contributor by reason + of your accepting any such warranty or additional liability. + + END OF TERMS AND CONDITIONS + + APPENDIX: How to apply the Apache License to your work. + + To apply the Apache License to your work, attach the following + boilerplate notice, with the fields enclosed by brackets "{}" + replaced with your own identifying information. (Don't include + the brackets!) The text should be enclosed in the appropriate + comment syntax for the file format. We also recommend that a + file or class name and description of purpose be included on the + same "printed page" as the copyright notice for easier + identification within third-party archives. + + Copyright {yyyy} {name of copyright owner} + + Licensed under the Apache License, Version 2.0 (the "License"); + you may not use this file except in compliance with the License. + You may obtain a copy of the License at + + http://www.apache.org/licenses/LICENSE-2.0 + + Unless required by applicable law or agreed to in writing, software + distributed under the License is distributed on an "AS IS" BASIS, + WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + See the License for the specific language governing permissions and + limitations under the License. diff --git a/devstack/lib/ceph b/devstack/lib/ceph new file mode 100644 index 0000000..3f234c9 --- /dev/null +++ b/devstack/lib/ceph @@ -0,0 +1,542 @@ +#!/bin/bash +# +# lib/ceph +# Functions to control the configuration +# and operation of the **Ceph** storage service + +# Dependencies: +# +# - ``functions`` file +# - ``CEPH_DATA_DIR`` or ``DATA_DIR`` must be defined + +# ``stack.sh`` calls the entry points in this order: +# +# - install_ceph +# - configure_ceph +# - init_ceph +# - start_ceph +# - stop_ceph +# - cleanup_ceph + +# Save trace setting +XTRACE=$(set +o | grep xtrace) +set +o xtrace + + +# Defaults +# -------- + +CEPH_RELEASE=${CEPH_RELEASE:-hammer} + +# Set ``CEPH_DATA_DIR`` to the location of Ceph drives and objects. +# Default is the common DevStack data directory. +CEPH_DATA_DIR=${CEPH_DATA_DIR:-/var/lib/ceph} +CEPH_DISK_IMAGE=${CEPH_DATA_DIR}/drives/images/ceph.img + +# Set ``CEPH_CONF_DIR`` to the location of the configuration files. +# Default is ``/etc/ceph``. +CEPH_CONF_DIR=${CEPH_CONF_DIR:-/etc/ceph} + +# DevStack will create a loop-back disk formatted as XFS to store the +# Ceph data. Set ``CEPH_LOOPBACK_DISK_SIZE`` to the disk size in +# kilobytes. +# Default is 1 gigabyte. +CEPH_LOOPBACK_DISK_SIZE_DEFAULT=8G +CEPH_LOOPBACK_DISK_SIZE=\ +${CEPH_LOOPBACK_DISK_SIZE:-$CEPH_LOOPBACK_DISK_SIZE_DEFAULT} + +# Common +CEPH_FSID=$(uuidgen) +CEPH_CONF_FILE=${CEPH_CONF_DIR}/ceph.conf + +# Glance +GLANCE_CEPH_USER=${GLANCE_CEPH_USER:-glance} +GLANCE_CEPH_POOL=${GLANCE_CEPH_POOL:-images} +GLANCE_CEPH_POOL_PG=${GLANCE_CEPH_POOL_PG:-8} +GLANCE_CEPH_POOL_PGP=${GLANCE_CEPH_POOL_PGP:-8} + +# Nova +NOVA_CEPH_POOL=${NOVA_CEPH_POOL:-vms} +NOVA_CEPH_POOL_PG=${NOVA_CEPH_POOL_PG:-8} +NOVA_CEPH_POOL_PGP=${NOVA_CEPH_POOL_PGP:-8} + +# Cinder +CINDER_CEPH_POOL=${CINDER_CEPH_POOL:-volumes} +CINDER_CEPH_POOL_PG=${CINDER_CEPH_POOL_PG:-8} +CINDER_CEPH_POOL_PGP=${CINDER_CEPH_POOL_PGP:-8} +CINDER_CEPH_USER=${CINDER_CEPH_USER:-cinder} +CINDER_CEPH_UUID=${CINDER_CEPH_UUID:-$(uuidgen)} + +# Set ``CEPH_REPLICAS`` to configure how many replicas are to be +# configured for your Ceph cluster. By default we are configuring +# only one replica since this is way less CPU and memory intensive. If +# you are planning to test Ceph replication feel free to increase this value +CEPH_REPLICAS=${CEPH_REPLICAS:-1} +CEPH_REPLICAS_SEQ=$(seq ${CEPH_REPLICAS}) + +# Rados gateway +CEPH_RGW_PORT=${CEPH_RGW_PORT:-8080} + +# Connect to an existing Ceph cluster +REMOTE_CEPH=$(trueorfalse False REMOTE_CEPH) +REMOTE_CEPH_ADMIN_KEY_PATH=\ +${REMOTE_CEPH_ADMIN_KEY_PATH:-$CEPH_CONF_DIR/ceph.client.admin.keyring} +REMOTE_CEPH_RGW=$(trueorfalse False REMOTE_CEPH_RGW) + +# Cinder encrypted volume tests are not supported with a Ceph backend due to +# bug 1463525. +ATTACH_ENCRYPTED_VOLUME_AVAILABLE=False + +# Functions +# ------------ + +function get_ceph_version { +local ceph_version_str +ceph_version_str=$(sudo ceph daemon mon.$(hostname) version\ +| cut -d '"' -f 4 | cut -f 1,2 -d '.') + +echo $ceph_version_str +} + +# import_libvirt_secret_ceph() - Imports Cinder user key into libvirt +# so it can connect to the Ceph cluster while attaching a Cinder block device +function import_libvirt_secret_ceph { +cat </dev/null + + ${CINDER_CEPH_UUID} + + client.${CINDER_CEPH_USER} secret + + +EOF +sudo virsh secret-define --file secret.xml +sudo virsh secret-set-value --secret ${CINDER_CEPH_UUID} \ +--base64 $(sudo ceph -c ${CEPH_CONF_FILE} \ +auth get-key client.${CINDER_CEPH_USER}) + +sudo rm -f secret.xml +} + +# undefine_virsh_secret() - Undefine Cinder key secret from libvirt +function undefine_virsh_secret { +if is_service_enabled cinder || is_service_enabled nova; then + local virsh_uuid + virsh_uuid=$(sudo virsh secret-list | awk '/^ ?[0-9a-z]/ { print $1 }') + sudo virsh secret-undefine ${virsh_uuid} >/dev/null 2>&1 +fi +} + +# check_os_support_ceph() - Check if the OS provides a decent version of Ceph +function check_os_support_ceph { +if [[ ! ${DISTRO} =~ (trusty|f21|f22) ]]; then + echo "WARNING: your distro $DISTRO does not provide \ + (at least) the Firefly release. \ + Please use Ubuntu Trusty or Fedora 20 (and higher)" + if [[ "$FORCE_CEPH_INSTALL" != "yes" ]]; then + die $LINENO "If you wish to install Ceph on this distribution anyway \ + run with FORCE_CEPH_INSTALL=yes, \ + this assumes that YOU will setup the proper repositories" + fi + NO_UPDATE_REPOS=False +fi +} + +# cleanup_ceph() - Remove residual data files, anything left over from previous +# runs that a clean run would need to clean up +function cleanup_ceph_remote { +# do a proper cleanup from here to avoid leftover on the remote Ceph cluster +if is_service_enabled glance; then + sudo ceph osd pool delete $GLANCE_CEPH_POOL $GLANCE_CEPH_POOL \ + --yes-i-really-really-mean-it > /dev/null 2>&1 + + sudo ceph auth del client.$GLANCE_CEPH_USER > /dev/null 2>&1 +fi +if is_service_enabled cinder; then + sudo ceph osd pool delete $CINDER_CEPH_POOL $CINDER_CEPH_POOL \ + --yes-i-really-really-mean-it > /dev/null 2>&1 + + sudo ceph auth del client.$CINDER_CEPH_USER > /dev/null 2>&1 +fi +if is_service_enabled c-bak; then + sudo ceph osd pool delete $CINDER_BAK_CEPH_POOL $CINDER_BAK_CEPH_POOL \ + --yes-i-really-really-mean-it > /dev/null 2>&1 + + sudo ceph auth del client.$CINDER_BAK_CEPH_USER > /dev/null 2>&1 +fi +if is_service_enabled nova; then + iniset $NOVA_CONF libvirt rbd_secret_uuid "" + sudo ceph osd pool delete $NOVA_CEPH_POOL $NOVA_CEPH_POOL \ + --yes-i-really-really-mean-it > /dev/null 2>&1 +fi +} + +function cleanup_ceph_embedded { +sudo killall -w -9 ceph-mon ceph-osd radosgw +sudo rm -rf ${CEPH_DATA_DIR}/*/* +if egrep -q ${CEPH_DATA_DIR} /proc/mounts; then + sudo umount ${CEPH_DATA_DIR} +fi +if [[ -e ${CEPH_DISK_IMAGE} ]]; then + sudo rm -f ${CEPH_DISK_IMAGE} +fi + +# purge ceph config file and keys +sudo rm -rf ${CEPH_CONF_DIR}/* +} + +function cleanup_ceph_general { +undefine_virsh_secret +} + +# configure_ceph() - Set config files, create data dirs, etc +function configure_ceph { +local count=0 + +# create a backing file disk +create_disk ${CEPH_DISK_IMAGE} ${CEPH_DATA_DIR} ${CEPH_LOOPBACK_DISK_SIZE} + +# populate ceph directory +sudo mkdir -p \ +${CEPH_DATA_DIR}/{bootstrap-mds,bootstrap-osd,mds,mon,osd,tmp,radosgw} + +# create ceph monitor initial key and directory +sudo ceph-authtool /var/lib/ceph/tmp/keyring.mon.$(hostname) \ +--create-keyring --name=mon. --add-key=$(ceph-authtool --gen-print-key) \ +--cap mon 'allow *' + +sudo mkdir /var/lib/ceph/mon/ceph-$(hostname) + +# create a default ceph configuration file +cat </dev/null +[global] +fsid = ${CEPH_FSID} +mon_initial_members = $(hostname) +mon_host = ${SERVICE_HOST} +auth_cluster_required = cephx +auth_service_required = cephx +auth_client_required = cephx +filestore_xattr_use_omap = true +osd crush chooseleaf type = 0 +osd journal size = 100 +EOF + +# bootstrap the ceph monitor +sudo ceph-mon -c ${CEPH_CONF_FILE} --mkfs -i $(hostname) \ +--keyring /var/lib/ceph/tmp/keyring.mon.$(hostname) + +if is_ubuntu; then + sudo touch /var/lib/ceph/mon/ceph-$(hostname)/upstart + sudo initctl emit ceph-mon id=$(hostname) +else + sudo touch /var/lib/ceph/mon/ceph-$(hostname)/sysvinit + sudo service ceph start mon.$(hostname) +fi + +# wait for the admin key to come up +# otherwise we will not be able to do the actions below +until [ -f ${CEPH_CONF_DIR}/ceph.client.admin.keyring ]; do + echo_summary "Waiting for the Ceph admin key to be ready..." + + count=$(($count + 1)) + if [ $count -eq 3 ]; then + die $LINENO "Maximum of 3 retries reached" + fi + sleep 5 +done + +# pools data and metadata were removed in the Giant release +# so depending on the version we apply different commands +local ceph_version +ceph_version=$(get_ceph_version) +# change pool replica size according to the CEPH_REPLICAS set by the user +if [[ ${ceph_version%%.*} -eq 0 ]] && [[ ${ceph_version##*.} -lt 87 ]]; then + sudo ceph -c ${CEPH_CONF_FILE} osd pool set rbd size ${CEPH_REPLICAS} + sudo ceph -c ${CEPH_CONF_FILE} osd pool set data size ${CEPH_REPLICAS} + sudo ceph -c ${CEPH_CONF_FILE} osd pool set metadata size ${CEPH_REPLICAS} +else + sudo ceph -c ${CEPH_CONF_FILE} osd pool set rbd size ${CEPH_REPLICAS} +fi + +# create a simple rule to take OSDs instead of host with CRUSH +# then apply this rules to the default pool +if [[ $CEPH_REPLICAS -ne 1 ]]; then + sudo ceph -c ${CEPH_CONF_FILE} \ + osd crush rule create-simple devstack default osd + + RULE_ID=$(sudo ceph -c ${CEPH_CONF_FILE} \ + osd crush rule dump devstack | awk '/rule_id/ {print $3}' | cut -d ',' -f1) + + sudo ceph -c ${CEPH_CONF_FILE} \ + osd pool set rbd crush_ruleset ${RULE_ID} + sudo ceph -c ${CEPH_CONF_FILE} \ + osd pool set data crush_ruleset ${RULE_ID} + sudo ceph -c ${CEPH_CONF_FILE} \ + osd pool set metadata crush_ruleset ${RULE_ID} +fi + +# create the OSD(s) +for rep in ${CEPH_REPLICAS_SEQ}; do + OSD_ID=$(sudo ceph -c ${CEPH_CONF_FILE} osd create) + sudo mkdir -p ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID} + sudo ceph-osd -c ${CEPH_CONF_FILE} -i ${OSD_ID} --mkfs + + sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create osd.${OSD_ID} \ + mon 'allow profile osd ' osd 'allow *' | \ + sudo tee ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/keyring + + # ceph's init script is parsing ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/ + # and looking for a file 'upstart' or 'sysinitv' + # thanks to these 'touches' we are able to control OSDs daemons + # from the init script. + if is_ubuntu; then + sudo touch ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/upstart + else + sudo touch ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/sysvinit + fi +done + +# bootstrap rados gateway +sudo mkdir ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname) +sudo ceph auth get-or-create client.radosgw.$(hostname) \ +osd 'allow rwx' mon 'allow rw' \ +-o /etc/ceph/ceph.client.radosgw.$(hostname).keyring + +sudo cp /etc/ceph/ceph.client.radosgw.$(hostname).keyring \ +${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/keyring + +if is_ubuntu; then + sudo touch ${CEPH_DATA_DIR}/osd/ceph-${OSD_ID}/{upstart,done} +else + sudo touch \ + ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/{sysvinit,done} +fi +} + +function configure_ceph_embedded_rgw { +# keystone endpoint for radosgw +if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then + local swift_service + swift_service=$(get_or_create_service "swift" \ + "object-store" "Swift Service") + + get_or_create_endpoint $swift_service \ + "$REGION_NAME" \ + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:${CEPH_RGW_PORT}/swift/v1" \ + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:${CEPH_RGW_PORT}/swift/v1" \ + "$SWIFT_SERVICE_PROTOCOL://$SERVICE_HOST:${CEPH_RGW_PORT}/swift/v1" +fi + +if [[ ! "$(egrep "\[client.radosgw\]" ${CEPH_CONF_FILE})" ]]; then + cat </dev/null +[client.radosgw.$(hostname)] +host = $(hostname) +keyring = /var/lib/ceph/radosgw/ceph-radosgw.$(hostname)/keyring +rgw socket path = /tmp/radosgw-$(hostname).sock +log file = /var/log/ceph/radosgw-$(hostname).log +rgw data = /var/lib/ceph/radosgw/ceph-radosgw.$(hostname) +rgw print continue = false +rgw frontends = civetweb port=${CEPH_RGW_PORT} +rgw keystone url = http://${SERVICE_HOST}:35357 +rgw keystone admin token = ${SERVICE_TOKEN} +rgw keystone accepted roles = Member, _member_, admin +rgw s3 auth use keystone = true +nss db path = ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/nss +EOF +fi + +# radosgw needs to access keystone's revocation list +sudo mkdir ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/nss +sudo openssl x509 -in /etc/keystone/ssl/certs/ca.pem -pubkey | \ +sudo certutil \ +-d ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/nss \ +-A -n ca -t "TCu,Cu,Tuw" + +sudo openssl x509 -in /etc/keystone/ssl/certs/signing_cert.pem -pubkey | \ +sudo certutil -A \ +-d ${CEPH_DATA_DIR}/radosgw/ceph-radosgw.$(hostname)/nss \ +-n signing_cert -t "P,P,P" +} + +function configure_ceph_remote_radosgw { +if [[ -z "$CEPH_REMOTE_RGW_URL" ]]; then + die $LINENO \ + "You activated REMOTE_CEPH_RGW thus CEPH_REMOTE_RGW_URL must be defined" +else + local swift_service + swift_service=$(get_or_create_service "swift" \ + "object-store" "Swift Service") + get_or_create_endpoint $swift_service \ + "$REGION_NAME" \ + "$SWIFT_SERVICE_PROTOCOL://$CEPH_REMOTE_RGW_URL:${CEPH_RGW_PORT}/swift/v1"\ + "$SWIFT_SERVICE_PROTOCOL://$CEPH_REMOTE_RGW_URL:${CEPH_RGW_PORT}/swift/v1"\ + "$SWIFT_SERVICE_PROTOCOL://$CEPH_REMOTE_RGW_URL:${CEPH_RGW_PORT}/swift/v1" +fi +} + +function configure_ceph_embedded_glance { +# configure Glance service options, ceph pool, ceph user and ceph key +sudo ceph -c ${CEPH_CONF_FILE} osd pool \ +set ${GLANCE_CEPH_POOL} size ${CEPH_REPLICAS} +if [[ $CEPH_REPLICAS -ne 1 ]]; then + sudo ceph -c ${CEPH_CONF_FILE} osd pool \ + set ${GLANCE_CEPH_POOL} crush_ruleset ${RULE_ID} +fi +} + +# configure_ceph_glance() - Glance config needs to come after Glance is set up +function configure_ceph_glance { +sudo ceph -c ${CEPH_CONF_FILE} osd pool create \ +${GLANCE_CEPH_POOL} ${GLANCE_CEPH_POOL_PG} ${GLANCE_CEPH_POOL_PGP} + +sudo ceph -c ${CEPH_CONF_FILE} auth \ +get-or-create client.${GLANCE_CEPH_USER} \ +mon "allow r" \ +osd "allow class-read object_prefix rbd_children, \ +allow rwx pool=${GLANCE_CEPH_POOL}" | \ +sudo tee ${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring + +sudo chown ${STACK_USER}:$(id -g -n $whoami) \ +${CEPH_CONF_DIR}/ceph.client.${GLANCE_CEPH_USER}.keyring + +iniset $GLANCE_API_CONF DEFAULT show_image_direct_url True +iniset $GLANCE_API_CONF glance_store default_store rbd +iniset $GLANCE_API_CONF glance_store stores "file, http, rbd" +iniset $GLANCE_API_CONF glance_store rbd_store_ceph_conf $CEPH_CONF_FILE +iniset $GLANCE_API_CONF glance_store rbd_store_user $GLANCE_CEPH_USER +iniset $GLANCE_API_CONF glance_store rbd_store_pool $GLANCE_CEPH_POOL +} + +function configure_ceph_embedded_nova { +# configure Nova service options, ceph pool, ceph user and ceph key +sudo ceph -c ${CEPH_CONF_FILE} osd pool \ +set ${NOVA_CEPH_POOL} size ${CEPH_REPLICAS} + +if [[ $CEPH_REPLICAS -ne 1 ]]; then + sudo ceph -c ${CEPH_CONF_FILE} osd pool \ + set ${NOVA_CEPH_POOL} crush_ruleset ${RULE_ID} +fi +} + +# configure_ceph_nova() - Nova config needs to come after Nova is set up +function configure_ceph_nova { +sudo ceph -c ${CEPH_CONF_FILE} osd pool create \ +${NOVA_CEPH_POOL} ${NOVA_CEPH_POOL_PG} ${NOVA_CEPH_POOL_PGP} + +iniset $NOVA_CONF libvirt rbd_user ${CINDER_CEPH_USER} +iniset $NOVA_CONF libvirt rbd_secret_uuid ${CINDER_CEPH_UUID} +iniset $NOVA_CONF libvirt inject_key false +iniset $NOVA_CONF libvirt inject_partition -2 +iniset $NOVA_CONF libvirt disk_cachemodes "network=writeback" +iniset $NOVA_CONF libvirt images_type rbd +iniset $NOVA_CONF libvirt images_rbd_pool ${NOVA_CEPH_POOL} +iniset $NOVA_CONF libvirt images_rbd_ceph_conf ${CEPH_CONF_FILE} + +if ! is_service_enabled cinder; then + sudo ceph -c ${CEPH_CONF_FILE} \ + auth get-or-create client.${CINDER_CEPH_USER} \ + mon "allow r" \ + osd "allow class-read object_prefix rbd_children, \ + allow rwx pool=${CINDER_CEPH_POOL}, allow rwx pool=${NOVA_CEPH_POOL}, \ + allow rwx pool=${GLANCE_CEPH_POOL}" | \ + sudo tee ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring \ + > /dev/null + + sudo chown ${STACK_USER}:$(id -g -n $whoami) \ + ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring + fi +} + +function configure_ceph_embedded_cinder { +# Configure Cinder service options, ceph pool, ceph user and ceph key +sudo ceph -c ${CEPH_CONF_FILE} osd pool \ + set ${CINDER_CEPH_POOL} size ${CEPH_REPLICAS} + +if [[ $CEPH_REPLICAS -ne 1 ]]; then + sudo ceph -c ${CEPH_CONF_FILE} osd pool \ + set ${CINDER_CEPH_POOL} crush_ruleset ${RULE_ID} +fi +} + +# configure_ceph_cinder() - Cinder config needs to come after Cinder is set up +function configure_ceph_cinder { +sudo ceph -c ${CEPH_CONF_FILE} osd pool create \ +${CINDER_CEPH_POOL} ${CINDER_CEPH_POOL_PG} ${CINDER_CEPH_POOL_PGP} + +sudo ceph -c ${CEPH_CONF_FILE} auth get-or-create \ +client.${CINDER_CEPH_USER} \ +mon "allow r" \ +osd "allow class-read object_prefix rbd_children, \ +allow rwx pool=${CINDER_CEPH_POOL}, allow rwx pool=${NOVA_CEPH_POOL}, \ +allow rwx pool=${GLANCE_CEPH_POOL}" | \ +sudo tee ${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring + +sudo chown ${STACK_USER}:$(id -g -n $whoami) \ +${CEPH_CONF_DIR}/ceph.client.${CINDER_CEPH_USER}.keyring +} + +# init_ceph() - Initialize databases, etc. +function init_ceph { +# clean up from previous (possibly aborted) runs +# make sure to kill all ceph processes first +sudo pkill -f ceph-mon || true +sudo pkill -f ceph-osd || true +sudo pkill -f radosgw || true +} + +# install_ceph() - Collect source and prepare +function install_ceph_remote { +install_package ceph-common +} + +function install_ceph { +if is_ubuntu; then + wget -q -O- 'https://download.ceph.com/keys/release.asc' \ + | sudo apt-key add - + + echo deb http://ceph.com/debian-${CEPH_RELEASE} $(lsb_release -sc) main \ + | sudo tee /etc/apt/sources.list.d/ceph.list + + install_package ceph radosgw libnss3-tools +elif is_fedora; then + sudo rpm --import 'https://download.ceph.com/keys/release.asc' + + sudo rpm \ + -Uvh http://ceph.com/rpm/fc20/x86_64/ceph-${CEPH_RELEASE}.el6.noarch.rpm + + install_package ceph ceph-radosgw +fi +} + +# start_ceph() - Start running processes, including screen +function start_ceph { +if is_ubuntu; then + sudo initctl emit ceph-mon id=$(hostname) + for id in $(sudo ceph -c ${CEPH_CONF_FILE} osd ls); do + sudo start ceph-osd id=${id} + done +else + sudo service ceph start +fi + +# FIXME: Some issues with radosgw start, disabling it for now +#sudo service radosgw start +} + +# stop_ceph() - Stop running processes (non-screen) +function stop_ceph { +if is_ubuntu; then + sudo service ceph-mon-all stop > /dev/null 2>&1 + sudo service ceph-osd-all stop > /dev/null 2>&1 +else + sudo service ceph stop > /dev/null 2>&1 +fi +sudo service radosgw stop > /dev/null 2>&1 +} + + +# Restore xtrace +$XTRACE + +## Local variables: +## mode: shell-script +## End: diff --git a/devstack/override-defaults b/devstack/override-defaults new file mode 100644 index 0000000..5f7dc79 --- /dev/null +++ b/devstack/override-defaults @@ -0,0 +1,4 @@ +# Plug-in overrides + +CINDER_DRIVER=ceph +CINDER_ENABLED_BACKENDS=ceph diff --git a/devstack/plugin.sh b/devstack/plugin.sh new file mode 100644 index 0000000..57e89a2 --- /dev/null +++ b/devstack/plugin.sh @@ -0,0 +1,89 @@ +# ceph.sh - DevStack extras script to install Ceph + +if [[ "$1" == "source" ]]; then + # Initial source + source $TOP_DIR/lib/ceph +elif [[ "$1" == "stack" && "$2" == "pre-install" ]]; then + echo_summary "Installing Ceph" + check_os_support_ceph + if [ "$REMOTE_CEPH" = "False" ]; then + install_ceph + echo_summary "Configuring Ceph" + configure_ceph + # NOTE (leseb): we do everything here + # because we need to have Ceph started before the main + # OpenStack components. + # Ceph OSD must start here otherwise we can't upload any images. + echo_summary "Initializing Ceph" + init_ceph + start_ceph + else + install_ceph_remote + fi +elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then + if is_service_enabled glance; then + echo_summary "Configuring Glance for Ceph" + configure_ceph_glance + fi + if is_service_enabled nova; then + echo_summary "Configuring Nova for Ceph" + configure_ceph_nova + fi + if is_service_enabled cinder; then + echo_summary "Configuring Cinder for Ceph" + configure_ceph_cinder + fi + if is_service_enabled cinder || is_service_enabled nova; then + # NOTE (leseb): the part below is a requirement + # to attach Ceph block devices + echo_summary "Configuring libvirt secret" + import_libvirt_secret_ceph + fi + + if [ "$REMOTE_CEPH" = "False" ]; then + if is_service_enabled glance; then + echo_summary "Configuring Glance for Ceph" + configure_ceph_embedded_glance + fi + if is_service_enabled nova; then + echo_summary "Configuring Nova for Ceph" + configure_ceph_embedded_nova + fi + if is_service_enabled cinder; then + echo_summary "Configuring Cinder for Ceph" + configure_ceph_embedded_cinder + fi + # FIXME: Fix this once radosgw service is running + + #echo_summary "Configuring Rados Gateway with Keystone for Swift" + #configure_ceph_embedded_rgw + fi + if [ "$REMOTE_CEPH_RGW" = "True" ]; then + if is_service_enabled swift; then + die $LINENO \ + "You can not activate both Swift and Ceph Rados Gateway, \ + please disable Swift or set REMOTE_CEPH_RGW=False" + else + configure_ceph_remote_radosgw + fi + fi +fi + +if [[ "$1" == "unstack" ]]; then + if [ "$REMOTE_CEPH" = "True" ]; then + cleanup_ceph_remote + else + cleanup_ceph_embedded + stop_ceph + fi + cleanup_ceph_general +fi + +if [[ "$1" == "clean" ]]; then + if [ "$REMOTE_CEPH" = "True" ]; then + cleanup_ceph_remote + else + cleanup_ceph_embedded + fi + cleanup_ceph_general +fi diff --git a/devstack/settings b/devstack/settings new file mode 100644 index 0000000..5a6e5b3 --- /dev/null +++ b/devstack/settings @@ -0,0 +1,25 @@ +# Devstack settings + +# CEPH_PLUGIN_DIR contains the path to devstack-plugin-ceph/devstack directory + +CEPH_PLUGIN_DIR=$(readlink -f $(dirname ${BASH_SOURCE[0]})) + +# HACK: Disable devstack ceph hook scripts +# TODO: Remove this hack once DEVSTACK_GATE_CEPH +# is removed from the ceph plugin job defn + +disable_service ceph + +# Add ceph plugin specific settings +# NOTE: Currently these are redundant since ceph +# plugin job defn defines them already, but +# once DEVSTACK_GATE_CEPH is removed, these +# won't be redundant, so its ok to have these +# anyways. + +TEMPEST_STORAGE_PROTOCOL=ceph +CEPH_LOOPBACK_DISK_SIZE=8G + +# Source plugin's lib/ceph + +source $CEPH_PLUGIN_DIR/lib/ceph diff --git a/tox.ini b/tox.ini new file mode 100644 index 0000000..20ecbaa --- /dev/null +++ b/tox.ini @@ -0,0 +1,25 @@ +[tox] +minversion = 1.6 +skipsdist = True +envlist = bashate + +[testenv] +usedevelop = False +install_command = pip install {opts} {packages} + +[testenv:bashate] +deps = bashate +whitelist_externals = bash +commands = bash -c "find {toxinidir} \ + -not \( -type d -name .?\* -prune \) \ # prune all 'dot' dirs + -not \( -type d -name doc -prune \) \ # skip documentation + -type f \ # only files + -not -name \*~ \ # skip editors, readme, etc + -not -name \*.md \ + \( \ + -name \*.sh -or \ + -name \*rc -or \ + -name functions\* -or \ + -wholename \*/lib/\* \ # /lib files are shell, but + \) \ # have no extension + -print0 | xargs -0 bashate -v"