System for quickly installing an OpenStack cloud from upstream git for testing and development.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

stack.sh 44KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495969798991001011021031041051061071081091101111121131141151161171181191201211221231241251261271281291301311321331341351361371381391401411421431441451461471481491501511521531541551561571581591601611621631641651661671681691701711721731741751761771781791801811821831841851861871881891901911921931941951961971981992002012022032042052062072082092102112122132142152162172182192202212222232242252262272282292302312322332342352362372382392402412422432442452462472482492502512522532542552562572582592602612622632642652662672682692702712722732742752762772782792802812822832842852862872882892902912922932942952962972982993003013023033043053063073083093103113123133143153163173183193203213223233243253263273283293303313323333343353363373383393403413423433443453463473483493503513523533543553563573583593603613623633643653663673683693703713723733743753763773783793803813823833843853863873883893903913923933943953963973983994004014024034044054064074084094104114124134144154164174184194204214224234244254264274284294304314324334344354364374384394404414424434444454464474484494504514524534544554564574584594604614624634644654664674684694704714724734744754764774784794804814824834844854864874884894904914924934944954964974984995005015025035045055065075085095105115125135145155165175185195205215225235245255265275285295305315325335345355365375385395405415425435445455465475485495505515525535545555565575585595605615625635645655665675685695705715725735745755765775785795805815825835845855865875885895905915925935945955965975985996006016026036046056066076086096106116126136146156166176186196206216226236246256266276286296306316326336346356366376386396406416426436446456466476486496506516526536546556566576586596606616626636646656666676686696706716726736746756766776786796806816826836846856866876886896906916926936946956966976986997007017027037047057067077087097107117127137147157167177187197207217227237247257267277287297307317327337347357367377387397407417427437447457467477487497507517527537547557567577587597607617627637647657667677687697707717727737747757767777787797807817827837847857867877887897907917927937947957967977987998008018028038048058068078088098108118128138148158168178188198208218228238248258268278288298308318328338348358368378388398408418428438448458468478488498508518528538548558568578588598608618628638648658668678688698708718728738748758768778788798808818828838848858868878888898908918928938948958968978988999009019029039049059069079089099109119129139149159169179189199209219229239249259269279289299309319329339349359369379389399409419429439449459469479489499509519529539549559569579589599609619629639649659669679689699709719729739749759769779789799809819829839849859869879889899909919929939949959969979989991000100110021003100410051006100710081009101010111012101310141015101610171018101910201021102210231024102510261027102810291030103110321033103410351036103710381039104010411042104310441045104610471048104910501051105210531054105510561057105810591060106110621063106410651066106710681069107010711072107310741075107610771078107910801081108210831084108510861087108810891090109110921093109410951096109710981099110011011102110311041105110611071108110911101111111211131114111511161117111811191120112111221123112411251126112711281129113011311132113311341135113611371138113911401141114211431144114511461147114811491150115111521153115411551156115711581159116011611162116311641165116611671168116911701171117211731174117511761177117811791180118111821183118411851186118711881189119011911192119311941195119611971198119912001201120212031204120512061207120812091210121112121213121412151216121712181219122012211222122312241225122612271228122912301231123212331234123512361237123812391240124112421243124412451246124712481249125012511252125312541255125612571258125912601261126212631264126512661267126812691270127112721273127412751276127712781279128012811282128312841285128612871288128912901291129212931294129512961297129812991300130113021303130413051306130713081309131013111312131313141315131613171318131913201321132213231324132513261327132813291330133113321333133413351336133713381339134013411342134313441345134613471348134913501351135213531354135513561357135813591360136113621363136413651366136713681369137013711372137313741375137613771378137913801381138213831384138513861387138813891390139113921393139413951396139713981399140014011402140314041405140614071408140914101411141214131414141514161417141814191420142114221423142414251426142714281429143014311432143314341435143614371438143914401441144214431444144514461447144814491450145114521453145414551456145714581459146014611462146314641465146614671468146914701471147214731474147514761477147814791480148114821483148414851486148714881489149014911492149314941495149614971498149915001501150215031504150515061507150815091510151115121513151415151516151715181519152015211522152315241525152615271528152915301531153215331534153515361537153815391540154115421543154415451546154715481549155015511552155315541555155615571558155915601561156215631564
  1. #!/usr/bin/env bash
  2. # ``stack.sh`` is an opinionated OpenStack developer installation. It
  3. # installs and configures various combinations of **Cinder**, **Glance**,
  4. # **Horizon**, **Keystone**, **Nova**, **Neutron**, and **Swift**
  5. # This script's options can be changed by setting appropriate environment
  6. # variables. You can configure things like which git repositories to use,
  7. # services to enable, OS images to use, etc. Default values are located in the
  8. # ``stackrc`` file. If you are crafty you can run the script on multiple nodes
  9. # using shared settings for common resources (eg., mysql or rabbitmq) and build
  10. # a multi-node developer install.
  11. # To keep this script simple we assume you are running on a recent **Ubuntu**
  12. # (16.04 Xenial or newer), **Fedora** (F24 or newer), or **CentOS/RHEL**
  13. # (7 or newer) machine. (It may work on other platforms but support for those
  14. # platforms is left to those who added them to DevStack.) It should work in
  15. # a VM or physical server. Additionally, we maintain a list of ``deb`` and
  16. # ``rpm`` dependencies and other configuration files in this repo.
  17. # Learn more and get the most recent version at http://devstack.org
  18. # Print the commands being run so that we can see the command that triggers
  19. # an error. It is also useful for following along as the install occurs.
  20. set -o xtrace
  21. # Make sure custom grep options don't get in the way
  22. unset GREP_OPTIONS
  23. # NOTE(sdague): why do we explicitly set locale when running stack.sh?
  24. #
  25. # Devstack is written in bash, and many functions used throughout
  26. # devstack process text coming off a command (like the ip command)
  27. # and do transforms using grep, sed, cut, awk on the strings that are
  28. # returned. Many of these programs are internationalized, which is
  29. # great for end users, but means that the strings that devstack
  30. # functions depend upon might not be there in other locales. We thus
  31. # need to pin the world to an english basis during the runs.
  32. #
  33. # Previously we used the C locale for this, every system has it, and
  34. # it gives us a stable sort order. It does however mean that we
  35. # effectively drop unicode support.... boo! :(
  36. #
  37. # With python3 being more unicode aware by default, that's not the
  38. # right option. While there is a C.utf8 locale, some distros are
  39. # shipping it as C.UTF8 for extra confusingness. And it's support
  40. # isn't super clear across distros. This is made more challenging when
  41. # trying to support both out of the box distros, and the gate which
  42. # uses diskimage builder to build disk images in a different way than
  43. # the distros do.
  44. #
  45. # So... en_US.utf8 it is. That's existed for a very long time. It is a
  46. # compromise position, but it is the least worse idea at the time of
  47. # this comment.
  48. #
  49. # We also have to unset other variables that might impact LC_ALL
  50. # taking effect.
  51. unset LANG
  52. unset LANGUAGE
  53. LC_ALL=en_US.utf8
  54. export LC_ALL
  55. # Clear all OpenStack related envvars
  56. unset `env | grep -E '^OS_' | cut -d = -f 1`
  57. # Make sure umask is sane
  58. umask 022
  59. # Not all distros have sbin in PATH for regular users.
  60. PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin
  61. # Keep track of the DevStack directory
  62. TOP_DIR=$(cd $(dirname "$0") && pwd)
  63. # Check for uninitialized variables, a big cause of bugs
  64. NOUNSET=${NOUNSET:-}
  65. if [[ -n "$NOUNSET" ]]; then
  66. set -o nounset
  67. fi
  68. # Set start of devstack timestamp
  69. DEVSTACK_START_TIME=$(date +%s)
  70. # Configuration
  71. # =============
  72. # Sanity Checks
  73. # -------------
  74. # Clean up last environment var cache
  75. if [[ -r $TOP_DIR/.stackenv ]]; then
  76. rm $TOP_DIR/.stackenv
  77. fi
  78. # ``stack.sh`` keeps the list of ``deb`` and ``rpm`` dependencies, config
  79. # templates and other useful files in the ``files`` subdirectory
  80. FILES=$TOP_DIR/files
  81. if [ ! -d $FILES ]; then
  82. die $LINENO "missing devstack/files"
  83. fi
  84. # ``stack.sh`` keeps function libraries here
  85. # Make sure ``$TOP_DIR/inc`` directory is present
  86. if [ ! -d $TOP_DIR/inc ]; then
  87. die $LINENO "missing devstack/inc"
  88. fi
  89. # ``stack.sh`` keeps project libraries here
  90. # Make sure ``$TOP_DIR/lib`` directory is present
  91. if [ ! -d $TOP_DIR/lib ]; then
  92. die $LINENO "missing devstack/lib"
  93. fi
  94. # Check if run in POSIX shell
  95. if [[ "${POSIXLY_CORRECT}" == "y" ]]; then
  96. set +o xtrace
  97. echo "You are running POSIX compatibility mode, DevStack requires bash 4.2 or newer."
  98. exit 1
  99. fi
  100. # OpenStack is designed to be run as a non-root user; Horizon will fail to run
  101. # as **root** since Apache will not serve content from **root** user).
  102. # ``stack.sh`` must not be run as **root**. It aborts and suggests one course of
  103. # action to create a suitable user account.
  104. if [[ $EUID -eq 0 ]]; then
  105. set +o xtrace
  106. echo "DevStack should be run as a user with sudo permissions, "
  107. echo "not root."
  108. echo "A \"stack\" user configured correctly can be created with:"
  109. echo " $TOP_DIR/tools/create-stack-user.sh"
  110. exit 1
  111. fi
  112. # OpenStack is designed to run at a system level, with system level
  113. # installation of python packages. It does not support running under a
  114. # virtual env, and will fail in really odd ways if you do this. Make
  115. # this explicit as it has come up on the mailing list.
  116. if [[ -n "$VIRTUAL_ENV" ]]; then
  117. set +o xtrace
  118. echo "You appear to be running under a python virtualenv."
  119. echo "DevStack does not support this, as we may break the"
  120. echo "virtualenv you are currently in by modifying "
  121. echo "external system-level components the virtualenv relies on."
  122. echo "We recommend you use a separate virtual-machine if "
  123. echo "you are worried about DevStack taking over your system."
  124. exit 1
  125. fi
  126. # Provide a safety switch for devstack. If you do a lot of devstack,
  127. # on a lot of different environments, you sometimes run it on the
  128. # wrong box. This makes there be a way to prevent that.
  129. if [[ -e $HOME/.no-devstack ]]; then
  130. set +o xtrace
  131. echo "You've marked this host as a no-devstack host, to save yourself from"
  132. echo "running devstack accidentally. If this is in error, please remove the"
  133. echo "~/.no-devstack file"
  134. exit 1
  135. fi
  136. # Prepare the environment
  137. # -----------------------
  138. # Initialize variables:
  139. LAST_SPINNER_PID=""
  140. # Import common functions
  141. source $TOP_DIR/functions
  142. # Import config functions
  143. source $TOP_DIR/inc/meta-config
  144. # Import 'public' stack.sh functions
  145. source $TOP_DIR/lib/stack
  146. # Determine what system we are running on. This provides ``os_VENDOR``,
  147. # ``os_RELEASE``, ``os_PACKAGE``, ``os_CODENAME``
  148. # and ``DISTRO``
  149. GetDistro
  150. # Global Settings
  151. # ---------------
  152. # Check for a ``localrc`` section embedded in ``local.conf`` and extract if
  153. # ``localrc`` does not already exist
  154. # Phase: local
  155. rm -f $TOP_DIR/.localrc.auto
  156. extract_localrc_section $TOP_DIR/local.conf $TOP_DIR/localrc $TOP_DIR/.localrc.auto
  157. # ``stack.sh`` is customizable by setting environment variables. Override a
  158. # default setting via export:
  159. #
  160. # export DATABASE_PASSWORD=anothersecret
  161. # ./stack.sh
  162. #
  163. # or by setting the variable on the command line:
  164. #
  165. # DATABASE_PASSWORD=simple ./stack.sh
  166. #
  167. # Persistent variables can be placed in a ``local.conf`` file:
  168. #
  169. # [[local|localrc]]
  170. # DATABASE_PASSWORD=anothersecret
  171. # DATABASE_USER=hellaroot
  172. #
  173. # We try to have sensible defaults, so you should be able to run ``./stack.sh``
  174. # in most cases. ``local.conf`` is not distributed with DevStack and will never
  175. # be overwritten by a DevStack update.
  176. #
  177. # DevStack distributes ``stackrc`` which contains locations for the OpenStack
  178. # repositories, branches to configure, and other configuration defaults.
  179. # ``stackrc`` sources the ``localrc`` section of ``local.conf`` to allow you to
  180. # safely override those settings.
  181. if [[ ! -r $TOP_DIR/stackrc ]]; then
  182. die $LINENO "missing $TOP_DIR/stackrc - did you grab more than just stack.sh?"
  183. fi
  184. source $TOP_DIR/stackrc
  185. # write /etc/devstack-version
  186. write_devstack_version
  187. # Warn users who aren't on an explicitly supported distro, but allow them to
  188. # override check and attempt installation with ``FORCE=yes ./stack``
  189. if [[ ! ${DISTRO} =~ (xenial|artful|bionic|stretch|jessie|f28|f29|opensuse-15.0|opensuse-15.1|opensuse-tumbleweed|rhel7) ]]; then
  190. echo "WARNING: this script has not been tested on $DISTRO"
  191. if [[ "$FORCE" != "yes" ]]; then
  192. die $LINENO "If you wish to run this script anyway run with FORCE=yes"
  193. fi
  194. fi
  195. # Local Settings
  196. # --------------
  197. # Make sure the proxy config is visible to sub-processes
  198. export_proxy_variables
  199. # Remove services which were negated in ``ENABLED_SERVICES``
  200. # using the "-" prefix (e.g., "-rabbit") instead of
  201. # calling disable_service().
  202. disable_negated_services
  203. # Configure sudo
  204. # --------------
  205. # We're not as **root** so make sure ``sudo`` is available
  206. is_package_installed sudo || install_package sudo
  207. # UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
  208. sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
  209. echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
  210. # Conditionally setup detailed logging for sudo
  211. if [[ -n "$LOG_SUDO" ]]; then
  212. TEMPFILE=`mktemp`
  213. echo "Defaults log_output" > $TEMPFILE
  214. chmod 0440 $TEMPFILE
  215. sudo chown root:root $TEMPFILE
  216. sudo mv $TEMPFILE /etc/sudoers.d/00_logging
  217. fi
  218. # Set up DevStack sudoers
  219. TEMPFILE=`mktemp`
  220. echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE
  221. # Some binaries might be under ``/sbin`` or ``/usr/sbin``, so make sure sudo will
  222. # see them by forcing ``PATH``
  223. echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE
  224. echo "Defaults:$STACK_USER !requiretty" >> $TEMPFILE
  225. chmod 0440 $TEMPFILE
  226. sudo chown root:root $TEMPFILE
  227. sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh
  228. # Configure Distro Repositories
  229. # -----------------------------
  230. # For Debian/Ubuntu make apt attempt to retry network ops on it's own
  231. if is_ubuntu; then
  232. echo 'APT::Acquire::Retries "20";' | sudo tee /etc/apt/apt.conf.d/80retry >/dev/null
  233. fi
  234. # Some distros need to add repos beyond the defaults provided by the vendor
  235. # to pick up required packages.
  236. function _install_epel {
  237. # NOTE: We always remove and install latest -- some environments
  238. # use snapshot images, and if EPEL version updates they break
  239. # unless we update them to latest version.
  240. if sudo yum repolist enabled epel | grep -q 'epel'; then
  241. uninstall_package epel-release || true
  242. fi
  243. # This trick installs the latest epel-release from a bootstrap
  244. # repo, then removes itself (as epel-release installed the
  245. # "real" repo).
  246. #
  247. # You would think that rather than this, you could use
  248. # $releasever directly in .repo file we create below. However
  249. # RHEL gives a $releasever of "6Server" which breaks the path;
  250. # see https://bugzilla.redhat.com/show_bug.cgi?id=1150759
  251. cat <<EOF | sudo tee /etc/yum.repos.d/epel-bootstrap.repo
  252. [epel-bootstrap]
  253. name=Bootstrap EPEL
  254. mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch
  255. failovermethod=priority
  256. enabled=0
  257. gpgcheck=0
  258. EOF
  259. # Enable a bootstrap repo. It is removed after finishing
  260. # the epel-release installation.
  261. is_package_installed yum-utils || install_package yum-utils
  262. sudo yum-config-manager --enable epel-bootstrap
  263. yum_install epel-release || \
  264. die $LINENO "Error installing EPEL repo, cannot continue"
  265. sudo rm -f /etc/yum.repos.d/epel-bootstrap.repo
  266. }
  267. function _install_rdo {
  268. # There are multiple options for this, including using CloudSIG
  269. # repositories (centos-release-*), trunk versions, etc. Since
  270. # we're not interested in the actual openstack distributions
  271. # (since we're using git to run!) but only peripherial packages
  272. # like kvm or ovs, this has been reliable.
  273. # TODO(ianw): figure out how to best mirror -- probably use infra
  274. # mirror RDO reverse proxy. We could either have test
  275. # infrastructure set it up disabled like EPEL, or fiddle it here.
  276. # Per the point above, it's a bunch of repos so starts getting a
  277. # little messy...
  278. if ! is_package_installed rdo-release ; then
  279. if [[ "$TARGET_BRANCH" == "master" ]]; then
  280. yum_install https://rdoproject.org/repos/rdo-release.rpm
  281. else
  282. # Get latest rdo-release-$rdo_release RPM package version
  283. rdo_release=$(echo $TARGET_BRANCH | sed "s|stable/||g")
  284. yum_install https://rdoproject.org/repos/openstack-$rdo_release/rdo-release-$rdo_release.rpm
  285. fi
  286. fi
  287. # Also enable optional for RHEL7 proper. Note this is a silent
  288. # no-op on other platforms.
  289. sudo yum-config-manager --enable rhel-7-server-optional-rpms
  290. # Enable the Software Collections (SCL) repository for CentOS.
  291. # This repository includes useful software (e.g. the Go Toolset)
  292. # which is not present in the main repository.
  293. if [[ "$os_VENDOR" =~ (CentOS) ]]; then
  294. yum_install centos-release-scl
  295. fi
  296. if is_oraclelinux; then
  297. sudo yum-config-manager --enable ol7_optional_latest ol7_addons ol7_MySQL56
  298. fi
  299. }
  300. # Configure Target Directories
  301. # ----------------------------
  302. # Destination path for installation ``DEST``
  303. DEST=${DEST:-/opt/stack}
  304. # Create the destination directory and ensure it is writable by the user
  305. # and read/executable by everybody for daemons (e.g. apache run for horizon)
  306. sudo mkdir -p $DEST
  307. safe_chown -R $STACK_USER $DEST
  308. safe_chmod 0755 $DEST
  309. # Destination path for devstack logs
  310. if [[ -n ${LOGDIR:-} ]]; then
  311. mkdir -p $LOGDIR
  312. fi
  313. # Destination path for service data
  314. DATA_DIR=${DATA_DIR:-${DEST}/data}
  315. sudo mkdir -p $DATA_DIR
  316. safe_chown -R $STACK_USER $DATA_DIR
  317. safe_chmod 0755 $DATA_DIR
  318. # Configure proper hostname
  319. # Certain services such as rabbitmq require that the local hostname resolves
  320. # correctly. Make sure it exists in /etc/hosts so that is always true.
  321. LOCAL_HOSTNAME=`hostname -s`
  322. if ! fgrep -qwe "$LOCAL_HOSTNAME" /etc/hosts; then
  323. sudo sed -i "s/\(^127.0.0.1.*\)/\1 $LOCAL_HOSTNAME/" /etc/hosts
  324. fi
  325. # If you have all the repos installed above already setup (e.g. a CI
  326. # situation where they are on your image) you may choose to skip this
  327. # to speed things up
  328. SKIP_EPEL_INSTALL=$(trueorfalse False SKIP_EPEL_INSTALL)
  329. if [[ $DISTRO == "rhel7" ]]; then
  330. # If we have /etc/ci/mirror_info.sh assume we're on a OpenStack CI
  331. # node, where EPEL is installed (but disabled) and already
  332. # pointing at our internal mirror
  333. if [[ -f /etc/ci/mirror_info.sh ]]; then
  334. SKIP_EPEL_INSTALL=True
  335. sudo yum-config-manager --enable epel
  336. fi
  337. if [[ ${SKIP_EPEL_INSTALL} != True ]]; then
  338. _install_epel
  339. fi
  340. # Along with EPEL, CentOS (and a-likes) require some packages only
  341. # available in RDO repositories (e.g. OVS, or later versions of
  342. # kvm) to run.
  343. _install_rdo
  344. fi
  345. # Ensure python is installed
  346. # --------------------------
  347. is_package_installed python || install_package python
  348. # Configure Logging
  349. # -----------------
  350. # Set up logging level
  351. VERBOSE=$(trueorfalse True VERBOSE)
  352. VERBOSE_NO_TIMESTAMP=$(trueorfalse False VERBOSE)
  353. # Draw a spinner so the user knows something is happening
  354. function spinner {
  355. local delay=0.75
  356. local spinstr='/-\|'
  357. printf "..." >&3
  358. while [ true ]; do
  359. local temp=${spinstr#?}
  360. printf "[%c]" "$spinstr" >&3
  361. local spinstr=$temp${spinstr%"$temp"}
  362. sleep $delay
  363. printf "\b\b\b" >&3
  364. done
  365. }
  366. function kill_spinner {
  367. if [ ! -z "$LAST_SPINNER_PID" ]; then
  368. kill >/dev/null 2>&1 $LAST_SPINNER_PID
  369. printf "\b\b\bdone\n" >&3
  370. fi
  371. }
  372. # Echo text to the log file, summary log file and stdout
  373. # echo_summary "something to say"
  374. function echo_summary {
  375. if [[ -t 3 && "$VERBOSE" != "True" ]]; then
  376. kill_spinner
  377. echo -n -e $@ >&6
  378. spinner &
  379. LAST_SPINNER_PID=$!
  380. else
  381. echo -e $@ >&6
  382. fi
  383. }
  384. # Echo text only to stdout, no log files
  385. # echo_nolog "something not for the logs"
  386. function echo_nolog {
  387. echo $@ >&3
  388. }
  389. # Set up logging for ``stack.sh``
  390. # Set ``LOGFILE`` to turn on logging
  391. # Append '.xxxxxxxx' to the given name to maintain history
  392. # where 'xxxxxxxx' is a representation of the date the file was created
  393. TIMESTAMP_FORMAT=${TIMESTAMP_FORMAT:-"%F-%H%M%S"}
  394. LOGDAYS=${LOGDAYS:-7}
  395. CURRENT_LOG_TIME=$(date "+$TIMESTAMP_FORMAT")
  396. if [[ -n "$LOGFILE" ]]; then
  397. # Clean up old log files. Append '.*' to the user-specified
  398. # ``LOGFILE`` to match the date in the search template.
  399. LOGFILE_DIR="${LOGFILE%/*}" # dirname
  400. LOGFILE_NAME="${LOGFILE##*/}" # basename
  401. mkdir -p $LOGFILE_DIR
  402. find $LOGFILE_DIR -maxdepth 1 -name $LOGFILE_NAME.\* -mtime +$LOGDAYS -exec rm {} \;
  403. LOGFILE=$LOGFILE.${CURRENT_LOG_TIME}
  404. SUMFILE=$LOGFILE.summary.${CURRENT_LOG_TIME}
  405. # Redirect output according to config
  406. # Set fd 3 to a copy of stdout. So we can set fd 1 without losing
  407. # stdout later.
  408. exec 3>&1
  409. if [[ "$VERBOSE" == "True" ]]; then
  410. _of_args="-v"
  411. if [[ "$VERBOSE_NO_TIMESTAMP" == "True" ]]; then
  412. _of_args="$_of_args --no-timestamp"
  413. fi
  414. # Set fd 1 and 2 to write the log file
  415. exec 1> >( $TOP_DIR/tools/outfilter.py $_of_args -o "${LOGFILE}" ) 2>&1
  416. # Set fd 6 to summary log file
  417. exec 6> >( $TOP_DIR/tools/outfilter.py -o "${SUMFILE}" )
  418. else
  419. # Set fd 1 and 2 to primary logfile
  420. exec 1> >( $TOP_DIR/tools/outfilter.py -o "${LOGFILE}" ) 2>&1
  421. # Set fd 6 to summary logfile and stdout
  422. exec 6> >( $TOP_DIR/tools/outfilter.py -v -o "${SUMFILE}" >&3 )
  423. fi
  424. echo_summary "stack.sh log $LOGFILE"
  425. # Specified logfile name always links to the most recent log
  426. ln -sf $LOGFILE $LOGFILE_DIR/$LOGFILE_NAME
  427. ln -sf $SUMFILE $LOGFILE_DIR/$LOGFILE_NAME.summary
  428. else
  429. # Set up output redirection without log files
  430. # Set fd 3 to a copy of stdout. So we can set fd 1 without losing
  431. # stdout later.
  432. exec 3>&1
  433. if [[ "$VERBOSE" != "True" ]]; then
  434. # Throw away stdout and stderr
  435. exec 1>/dev/null 2>&1
  436. fi
  437. # Always send summary fd to original stdout
  438. exec 6> >( $TOP_DIR/tools/outfilter.py -v >&3 )
  439. fi
  440. # Basic test for ``$DEST`` path permissions (fatal on error unless skipped)
  441. check_path_perm_sanity ${DEST}
  442. # Configure Error Traps
  443. # ---------------------
  444. # Kill background processes on exit
  445. trap exit_trap EXIT
  446. function exit_trap {
  447. local r=$?
  448. jobs=$(jobs -p)
  449. # Only do the kill when we're logging through a process substitution,
  450. # which currently is only to verbose logfile
  451. if [[ -n $jobs && -n "$LOGFILE" && "$VERBOSE" == "True" ]]; then
  452. echo "exit_trap: cleaning up child processes"
  453. kill 2>&1 $jobs
  454. fi
  455. #Remove timing data file
  456. if [ -f "$OSCWRAP_TIMER_FILE" ] ; then
  457. rm "$OSCWRAP_TIMER_FILE"
  458. fi
  459. # Kill the last spinner process
  460. kill_spinner
  461. if [[ $r -ne 0 ]]; then
  462. echo "Error on exit"
  463. # If we error before we've installed os-testr, this will fail.
  464. if type -p generate-subunit > /dev/null; then
  465. generate-subunit $DEVSTACK_START_TIME $SECONDS 'fail' >> ${SUBUNIT_OUTPUT}
  466. fi
  467. if [[ -z $LOGDIR ]]; then
  468. $TOP_DIR/tools/worlddump.py
  469. else
  470. $TOP_DIR/tools/worlddump.py -d $LOGDIR
  471. fi
  472. else
  473. # If we error before we've installed os-testr, this will fail.
  474. if type -p generate-subunit > /dev/null; then
  475. generate-subunit $DEVSTACK_START_TIME $SECONDS >> ${SUBUNIT_OUTPUT}
  476. fi
  477. fi
  478. exit $r
  479. }
  480. # Exit on any errors so that errors don't compound
  481. trap err_trap ERR
  482. function err_trap {
  483. local r=$?
  484. set +o xtrace
  485. if [[ -n "$LOGFILE" ]]; then
  486. echo "${0##*/} failed: full log in $LOGFILE"
  487. else
  488. echo "${0##*/} failed"
  489. fi
  490. exit $r
  491. }
  492. # Begin trapping error exit codes
  493. set -o errexit
  494. # Print the kernel version
  495. uname -a
  496. # Reset the bundle of CA certificates
  497. SSL_BUNDLE_FILE="$DATA_DIR/ca-bundle.pem"
  498. rm -f $SSL_BUNDLE_FILE
  499. # Import common services (database, message queue) configuration
  500. source $TOP_DIR/lib/database
  501. source $TOP_DIR/lib/rpc_backend
  502. # Configure Projects
  503. # ==================
  504. # Clone all external plugins
  505. fetch_plugins
  506. # Plugin Phase 0: override_defaults - allow plugins to override
  507. # defaults before other services are run
  508. run_phase override_defaults
  509. # Import Apache functions
  510. source $TOP_DIR/lib/apache
  511. # Import TLS functions
  512. source $TOP_DIR/lib/tls
  513. # Source project function libraries
  514. source $TOP_DIR/lib/infra
  515. source $TOP_DIR/lib/libraries
  516. source $TOP_DIR/lib/lvm
  517. source $TOP_DIR/lib/horizon
  518. source $TOP_DIR/lib/keystone
  519. source $TOP_DIR/lib/glance
  520. source $TOP_DIR/lib/nova
  521. source $TOP_DIR/lib/placement
  522. source $TOP_DIR/lib/cinder
  523. source $TOP_DIR/lib/swift
  524. source $TOP_DIR/lib/neutron
  525. source $TOP_DIR/lib/ldap
  526. source $TOP_DIR/lib/dstat
  527. source $TOP_DIR/lib/tcpdump
  528. source $TOP_DIR/lib/etcd3
  529. # Extras Source
  530. # --------------
  531. # Phase: source
  532. run_phase source
  533. # Interactive Configuration
  534. # -------------------------
  535. # Do all interactive config up front before the logging spew begins
  536. # Generic helper to configure passwords
  537. function read_password {
  538. local xtrace
  539. xtrace=$(set +o | grep xtrace)
  540. set +o xtrace
  541. var=$1; msg=$2
  542. pw=${!var}
  543. if [[ -f $RC_DIR/localrc ]]; then
  544. localrc=$TOP_DIR/localrc
  545. else
  546. localrc=$TOP_DIR/.localrc.password
  547. fi
  548. # If the password is not defined yet, proceed to prompt user for a password.
  549. if [ ! $pw ]; then
  550. # If there is no localrc file, create one
  551. if [ ! -e $localrc ]; then
  552. touch $localrc
  553. fi
  554. # Presumably if we got this far it can only be that our
  555. # localrc is missing the required password. Prompt user for a
  556. # password and write to localrc.
  557. echo ''
  558. echo '################################################################################'
  559. echo $msg
  560. echo '################################################################################'
  561. echo "This value will be written to ${localrc} file so you don't have to enter it "
  562. echo "again. Use only alphanumeric characters."
  563. echo "If you leave this blank, a random default value will be used."
  564. pw=" "
  565. while true; do
  566. echo "Enter a password now:"
  567. read -e $var
  568. pw=${!var}
  569. [[ "$pw" = "`echo $pw | tr -cd [:alnum:]`" ]] && break
  570. echo "Invalid chars in password. Try again:"
  571. done
  572. if [ ! $pw ]; then
  573. pw=$(generate_hex_string 10)
  574. fi
  575. eval "$var=$pw"
  576. echo "$var=$pw" >> $localrc
  577. fi
  578. # restore previous xtrace value
  579. $xtrace
  580. }
  581. # Database Configuration
  582. # ----------------------
  583. # To select between database backends, add the following to ``local.conf``:
  584. #
  585. # disable_service mysql
  586. # enable_service postgresql
  587. #
  588. # The available database backends are listed in ``DATABASE_BACKENDS`` after
  589. # ``lib/database`` is sourced. ``mysql`` is the default.
  590. if initialize_database_backends; then
  591. echo "Using $DATABASE_TYPE database backend"
  592. # Last chance for the database password. This must be handled here
  593. # because read_password is not a library function.
  594. read_password DATABASE_PASSWORD "ENTER A PASSWORD TO USE FOR THE DATABASE."
  595. else
  596. echo "No database enabled"
  597. fi
  598. # Queue Configuration
  599. # -------------------
  600. # Rabbit connection info
  601. # In multi node DevStack, second node needs ``RABBIT_USERID``, but rabbit
  602. # isn't enabled.
  603. if is_service_enabled rabbit; then
  604. read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
  605. fi
  606. # Keystone
  607. # --------
  608. if is_service_enabled keystone; then
  609. # Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
  610. read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
  611. # Horizon currently truncates usernames and passwords at 20 characters
  612. read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
  613. # Keystone can now optionally install OpenLDAP by enabling the ``ldap``
  614. # service in ``local.conf`` (e.g. ``enable_service ldap``).
  615. # To clean out the Keystone contents in OpenLDAP set ``KEYSTONE_CLEAR_LDAP``
  616. # to ``yes`` (e.g. ``KEYSTONE_CLEAR_LDAP=yes``) in ``local.conf``. To enable the
  617. # Keystone Identity Driver (``keystone.identity.backends.ldap.Identity``)
  618. # set ``KEYSTONE_IDENTITY_BACKEND`` to ``ldap`` (e.g.
  619. # ``KEYSTONE_IDENTITY_BACKEND=ldap``) in ``local.conf``.
  620. # Only request LDAP password if the service is enabled
  621. if is_service_enabled ldap; then
  622. read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
  623. fi
  624. fi
  625. # Nova
  626. # -----
  627. if is_service_enabled nova && [[ "$VIRT_DRIVER" == 'xenserver' ]]; then
  628. # Look for the backend password here because read_password
  629. # is not a library function.
  630. read_password XENAPI_PASSWORD "ENTER A PASSWORD TO USE FOR XEN."
  631. fi
  632. # Swift
  633. # -----
  634. if is_service_enabled s-proxy; then
  635. # We only ask for Swift Hash if we have enabled swift service.
  636. # ``SWIFT_HASH`` is a random unique string for a swift cluster that
  637. # can never change.
  638. read_password SWIFT_HASH "ENTER A RANDOM SWIFT HASH."
  639. if [[ -z "$SWIFT_TEMPURL_KEY" ]] && [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]]; then
  640. read_password SWIFT_TEMPURL_KEY "ENTER A KEY FOR SWIFT TEMPURLS."
  641. fi
  642. fi
  643. # Save configuration values
  644. save_stackenv $LINENO
  645. # Install Packages
  646. # ================
  647. # OpenStack uses a fair number of other projects.
  648. # Bring down global requirements before any use of pip_install. This is
  649. # necessary to ensure that the constraints file is in place before we
  650. # attempt to apply any constraints to pip installs.
  651. git_clone $REQUIREMENTS_REPO $REQUIREMENTS_DIR $REQUIREMENTS_BRANCH
  652. # Install package requirements
  653. # Source it so the entire environment is available
  654. echo_summary "Installing package prerequisites"
  655. source $TOP_DIR/tools/install_prereqs.sh
  656. # Configure an appropriate Python environment
  657. if [[ "$OFFLINE" != "True" ]]; then
  658. PYPI_ALTERNATIVE_URL=${PYPI_ALTERNATIVE_URL:-""} $TOP_DIR/tools/install_pip.sh
  659. fi
  660. # Install subunit for the subunit output stream
  661. pip_install -U os-testr
  662. TRACK_DEPENDS=${TRACK_DEPENDS:-False}
  663. # Install Python packages into a virtualenv so that we can track them
  664. if [[ $TRACK_DEPENDS = True ]]; then
  665. echo_summary "Installing Python packages into a virtualenv $DEST/.venv"
  666. pip_install -U virtualenv
  667. rm -rf $DEST/.venv
  668. virtualenv --system-site-packages $DEST/.venv
  669. source $DEST/.venv/bin/activate
  670. $DEST/.venv/bin/pip freeze > $DEST/requires-pre-pip
  671. fi
  672. # Do the ugly hacks for broken packages and distros
  673. source $TOP_DIR/tools/fixup_stuff.sh
  674. fixup_all
  675. if [[ "$USE_SYSTEMD" == "True" ]]; then
  676. pip_install_gr systemd-python
  677. # the default rate limit of 1000 messages / 30 seconds is not
  678. # sufficient given how verbose our logging is.
  679. iniset -sudo /etc/systemd/journald.conf "Journal" "RateLimitBurst" "0"
  680. sudo systemctl restart systemd-journald
  681. fi
  682. # Virtual Environment
  683. # -------------------
  684. # Install required infra support libraries
  685. install_infra
  686. # Install bindep
  687. $VIRTUALENV_CMD $DEST/bindep-venv
  688. # TODO(ianw) : optionally install from zuul checkout?
  689. $DEST/bindep-venv/bin/pip install bindep
  690. export BINDEP_CMD=${DEST}/bindep-venv/bin/bindep
  691. # Install packages as defined in plugin bindep.txt files
  692. pkgs="$( _get_plugin_bindep_packages )"
  693. if [[ -n "${pkgs}" ]]; then
  694. install_package ${pkgs}
  695. fi
  696. # Extras Pre-install
  697. # ------------------
  698. # Phase: pre-install
  699. run_phase stack pre-install
  700. # NOTE(danms): Set global limits before installing anything
  701. set_systemd_override DefaultLimitNOFILE ${ULIMIT_NOFILE}
  702. install_rpc_backend
  703. restart_rpc_backend
  704. if is_service_enabled $DATABASE_BACKENDS; then
  705. install_database
  706. fi
  707. if [ -n "$DATABASE_TYPE" ]; then
  708. install_database_python
  709. fi
  710. if is_service_enabled neutron; then
  711. install_neutron_agent_packages
  712. fi
  713. if is_service_enabled etcd3; then
  714. install_etcd3
  715. fi
  716. # Setup TLS certs
  717. # ---------------
  718. # Do this early, before any webservers are set up to ensure
  719. # we don't run into problems with missing certs when apache
  720. # is restarted.
  721. if is_service_enabled tls-proxy; then
  722. configure_CA
  723. init_CA
  724. init_cert
  725. fi
  726. # Check Out and Install Source
  727. # ----------------------------
  728. echo_summary "Installing OpenStack project source"
  729. # Install additional libraries
  730. install_libs
  731. # Install uwsgi
  732. install_apache_uwsgi
  733. # Install client libraries
  734. install_keystoneauth
  735. install_keystoneclient
  736. install_glanceclient
  737. install_cinderclient
  738. install_novaclient
  739. if is_service_enabled swift glance horizon; then
  740. install_swiftclient
  741. fi
  742. if is_service_enabled neutron nova horizon; then
  743. install_neutronclient
  744. fi
  745. # Install middleware
  746. install_keystonemiddleware
  747. if is_service_enabled keystone; then
  748. if [ "$KEYSTONE_AUTH_HOST" == "$SERVICE_HOST" ]; then
  749. stack_install_service keystone
  750. configure_keystone
  751. fi
  752. fi
  753. if is_service_enabled swift; then
  754. if is_service_enabled ceilometer; then
  755. install_ceilometermiddleware
  756. fi
  757. stack_install_service swift
  758. configure_swift
  759. # s3api middleware to provide S3 emulation to Swift
  760. if is_service_enabled s3api; then
  761. # Replace the nova-objectstore port by the swift port
  762. S3_SERVICE_PORT=8080
  763. fi
  764. fi
  765. if is_service_enabled g-api n-api; then
  766. # Image catalog service
  767. stack_install_service glance
  768. configure_glance
  769. fi
  770. if is_service_enabled cinder; then
  771. # Block volume service
  772. stack_install_service cinder
  773. configure_cinder
  774. fi
  775. if is_service_enabled neutron; then
  776. # Network service
  777. stack_install_service neutron
  778. fi
  779. if is_service_enabled nova; then
  780. # Compute service
  781. stack_install_service nova
  782. configure_nova
  783. fi
  784. if is_service_enabled placement; then
  785. # placement api
  786. stack_install_service placement
  787. configure_placement
  788. fi
  789. # create a placement-client fake service to know we need to configure
  790. # placement connectivity. We configure the placement service for nova
  791. # if placement-api or placement-client is active, and n-cpu on the
  792. # same box.
  793. if is_service_enabled placement placement-client; then
  794. if is_service_enabled n-cpu || is_service_enabled n-sch; then
  795. configure_placement_nova_compute
  796. fi
  797. fi
  798. if is_service_enabled horizon; then
  799. # dashboard
  800. stack_install_service horizon
  801. fi
  802. if is_service_enabled tls-proxy; then
  803. fix_system_ca_bundle_path
  804. if python3_enabled ; then
  805. fix_system_ca_bundle_path python3
  806. fi
  807. fi
  808. # Extras Install
  809. # --------------
  810. # Phase: install
  811. run_phase stack install
  812. # Install the OpenStack client, needed for most setup commands
  813. if use_library_from_git "python-openstackclient"; then
  814. git_clone_by_name "python-openstackclient"
  815. setup_dev_lib "python-openstackclient"
  816. else
  817. pip_install_gr python-openstackclient
  818. fi
  819. # Installs alias for osc so that we can collect timing for all
  820. # osc commands. Alias dies with stack.sh.
  821. install_oscwrap
  822. if [[ $TRACK_DEPENDS = True ]]; then
  823. $DEST/.venv/bin/pip freeze > $DEST/requires-post-pip
  824. if ! diff -Nru $DEST/requires-pre-pip $DEST/requires-post-pip > $DEST/requires.diff; then
  825. echo "Detect some changes for installed packages of pip, in depend tracking mode"
  826. cat $DEST/requires.diff
  827. fi
  828. echo "Ran stack.sh in depend tracking mode, bailing out now"
  829. exit 0
  830. fi
  831. # Syslog
  832. # ------
  833. if [[ $SYSLOG != "False" ]]; then
  834. if [[ "$SYSLOG_HOST" = "$HOST_IP" ]]; then
  835. # Configure the master host to receive
  836. cat <<EOF | sudo tee /etc/rsyslog.d/90-stack-m.conf >/dev/null
  837. \$ModLoad imrelp
  838. \$InputRELPServerRun $SYSLOG_PORT
  839. EOF
  840. else
  841. # Set rsyslog to send to remote host
  842. cat <<EOF | sudo tee /etc/rsyslog.d/90-stack-s.conf >/dev/null
  843. *.* :omrelp:$SYSLOG_HOST:$SYSLOG_PORT
  844. EOF
  845. fi
  846. RSYSLOGCONF="/etc/rsyslog.conf"
  847. if [ -f $RSYSLOGCONF ]; then
  848. sudo cp -b $RSYSLOGCONF $RSYSLOGCONF.bak
  849. if [[ $(grep '$SystemLogRateLimitBurst' $RSYSLOGCONF) ]]; then
  850. sudo sed -i 's/$SystemLogRateLimitBurst\ .*/$SystemLogRateLimitBurst\ 0/' $RSYSLOGCONF
  851. else
  852. sudo sed -i '$ i $SystemLogRateLimitBurst\ 0' $RSYSLOGCONF
  853. fi
  854. if [[ $(grep '$SystemLogRateLimitInterval' $RSYSLOGCONF) ]]; then
  855. sudo sed -i 's/$SystemLogRateLimitInterval\ .*/$SystemLogRateLimitInterval\ 0/' $RSYSLOGCONF
  856. else
  857. sudo sed -i '$ i $SystemLogRateLimitInterval\ 0' $RSYSLOGCONF
  858. fi
  859. fi
  860. echo_summary "Starting rsyslog"
  861. restart_service rsyslog
  862. fi
  863. # Export Certificate Authority Bundle
  864. # -----------------------------------
  865. # If certificates were used and written to the SSL bundle file then these
  866. # should be exported so clients can validate their connections.
  867. if [ -f $SSL_BUNDLE_FILE ]; then
  868. export OS_CACERT=$SSL_BUNDLE_FILE
  869. fi
  870. # Configure database
  871. # ------------------
  872. if is_service_enabled $DATABASE_BACKENDS; then
  873. configure_database
  874. fi
  875. # Save configuration values
  876. save_stackenv $LINENO
  877. # Kernel Samepage Merging (KSM)
  878. # -----------------------------
  879. # Processes that mark their memory as mergeable can share identical memory
  880. # pages if KSM is enabled. This is particularly useful for nova + libvirt
  881. # backends but any other setup that marks its memory as mergeable can take
  882. # advantage. The drawback is there is higher cpu load; however, we tend to
  883. # be memory bound not cpu bound so enable KSM by default but allow people
  884. # to opt out if the CPU time is more important to them.
  885. if [[ $ENABLE_KSM == "True" ]] ; then
  886. if [[ -f /sys/kernel/mm/ksm/run ]] ; then
  887. sudo sh -c "echo 1 > /sys/kernel/mm/ksm/run"
  888. fi
  889. fi
  890. # Start Services
  891. # ==============
  892. # Dstat
  893. # -----
  894. # A better kind of sysstat, with the top process per time slice
  895. start_dstat
  896. # Run a background tcpdump for debugging
  897. # Note: must set TCPDUMP_ARGS with the enabled service
  898. if is_service_enabled tcpdump; then
  899. start_tcpdump
  900. fi
  901. # Etcd
  902. # -----
  903. # etcd is a distributed key value store that provides a reliable way to store data across a cluster of machines
  904. if is_service_enabled etcd3; then
  905. start_etcd3
  906. fi
  907. # Keystone
  908. # --------
  909. # Rather than just export these, we write them out to a
  910. # intermediate userrc file that can also be used to debug if
  911. # something goes wrong between here and running
  912. # tools/create_userrc.sh (this script relies on services other
  913. # than keystone being available, so we can't call it right now)
  914. cat > $TOP_DIR/userrc_early <<EOF
  915. # Use this for debugging issues before files in accrc are created
  916. # Set up password auth credentials now that Keystone is bootstrapped
  917. export OS_IDENTITY_API_VERSION=3
  918. export OS_AUTH_URL=$KEYSTONE_AUTH_URI
  919. export OS_USERNAME=admin
  920. export OS_USER_DOMAIN_ID=default
  921. export OS_PASSWORD=$ADMIN_PASSWORD
  922. export OS_PROJECT_NAME=admin
  923. export OS_PROJECT_DOMAIN_ID=default
  924. export OS_REGION_NAME=$KEYSTONE_REGION_NAME
  925. EOF
  926. if is_service_enabled tls-proxy; then
  927. echo "export OS_CACERT=$INT_CA_DIR/ca-chain.pem" >> $TOP_DIR/userrc_early
  928. start_tls_proxy http-services '*' 443 $SERVICE_HOST 80
  929. fi
  930. source $TOP_DIR/userrc_early
  931. if is_service_enabled keystone; then
  932. echo_summary "Starting Keystone"
  933. if [ "$KEYSTONE_AUTH_HOST" == "$SERVICE_HOST" ]; then
  934. init_keystone
  935. start_keystone
  936. bootstrap_keystone
  937. fi
  938. create_keystone_accounts
  939. if is_service_enabled nova; then
  940. create_nova_accounts
  941. fi
  942. if is_service_enabled glance; then
  943. create_glance_accounts
  944. fi
  945. if is_service_enabled cinder; then
  946. create_cinder_accounts
  947. fi
  948. if is_service_enabled neutron; then
  949. create_neutron_accounts
  950. fi
  951. if is_service_enabled swift; then
  952. create_swift_accounts
  953. fi
  954. fi
  955. # Write a clouds.yaml file
  956. write_clouds_yaml
  957. # Horizon
  958. # -------
  959. if is_service_enabled horizon; then
  960. echo_summary "Configuring Horizon"
  961. configure_horizon
  962. fi
  963. # Glance
  964. # ------
  965. if is_service_enabled g-reg; then
  966. echo_summary "Configuring Glance"
  967. init_glance
  968. fi
  969. # Neutron
  970. # -------
  971. if is_service_enabled neutron; then
  972. echo_summary "Configuring Neutron"
  973. configure_neutron
  974. # Run init_neutron only on the node hosting the Neutron API server
  975. if is_service_enabled $DATABASE_BACKENDS && is_service_enabled neutron; then
  976. init_neutron
  977. fi
  978. fi
  979. # Nova
  980. # ----
  981. if is_service_enabled q-dhcp; then
  982. # Delete traces of nova networks from prior runs
  983. # Do not kill any dnsmasq instance spawned by NetworkManager
  984. netman_pid=$(pidof NetworkManager || true)
  985. if [ -z "$netman_pid" ]; then
  986. sudo killall dnsmasq || true
  987. else
  988. sudo ps h -o pid,ppid -C dnsmasq | grep -v $netman_pid | awk '{print $1}' | sudo xargs kill || true
  989. fi
  990. clean_iptables
  991. # Force IP forwarding on, just in case
  992. sudo sysctl -w net.ipv4.ip_forward=1
  993. fi
  994. # Storage Service
  995. # ---------------
  996. if is_service_enabled swift; then
  997. echo_summary "Configuring Swift"
  998. init_swift
  999. fi
  1000. # Volume Service
  1001. # --------------
  1002. if is_service_enabled cinder; then
  1003. echo_summary "Configuring Cinder"
  1004. init_cinder
  1005. fi
  1006. # Placement Service
  1007. # ---------------
  1008. if is_service_enabled placement; then
  1009. echo_summary "Configuring placement"
  1010. init_placement
  1011. fi
  1012. # Compute Service
  1013. # ---------------
  1014. if is_service_enabled nova; then
  1015. echo_summary "Configuring Nova"
  1016. init_nova
  1017. # Additional Nova configuration that is dependent on other services
  1018. # TODO(stephenfin): Is it possible for neutron to *not* be enabled now? If
  1019. # not, remove the if here
  1020. if is_service_enabled neutron; then
  1021. configure_neutron_nova
  1022. fi
  1023. fi
  1024. # Extras Configuration
  1025. # ====================
  1026. # Phase: post-config
  1027. run_phase stack post-config
  1028. # Local Configuration
  1029. # ===================
  1030. # Apply configuration from ``local.conf`` if it exists for layer 2 services
  1031. # Phase: post-config
  1032. merge_config_group $TOP_DIR/local.conf post-config
  1033. # Launch Services
  1034. # ===============
  1035. # Only run the services specified in ``ENABLED_SERVICES``
  1036. # Launch Swift Services
  1037. if is_service_enabled swift; then
  1038. echo_summary "Starting Swift"
  1039. start_swift
  1040. fi
  1041. # Launch the Glance services
  1042. if is_service_enabled glance; then
  1043. echo_summary "Starting Glance"
  1044. start_glance
  1045. fi
  1046. # Install Images
  1047. # ==============
  1048. # Upload an image to Glance.
  1049. #
  1050. # The default image is CirrOS, a small testing image which lets you login as **root**
  1051. # CirrOS has a ``cloud-init`` analog supporting login via keypair and sending
  1052. # scripts as userdata.
  1053. # See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init``
  1054. if is_service_enabled g-reg; then
  1055. echo_summary "Uploading images"
  1056. for image_url in ${IMAGE_URLS//,/ }; do
  1057. upload_image $image_url
  1058. done
  1059. fi
  1060. # NOTE(lyarwood): By default use a single hardcoded fixed_key across devstack
  1061. # deployments. This ensures the keys match across nova and cinder across all
  1062. # hosts.
  1063. FIXED_KEY=${FIXED_KEY:-bae3516cc1c0eb18b05440eba8012a4a880a2ee04d584a9c1579445e675b12defdc716ec}
  1064. if is_service_enabled nova; then
  1065. iniset $NOVA_CONF key_manager fixed_key "$FIXED_KEY"
  1066. iniset $NOVA_CPU_CONF key_manager fixed_key "$FIXED_KEY"
  1067. fi
  1068. if is_service_enabled cinder; then
  1069. iniset $CINDER_CONF key_manager fixed_key "$FIXED_KEY"
  1070. fi
  1071. # Launch the nova-api and wait for it to answer before continuing
  1072. if is_service_enabled n-api; then
  1073. echo_summary "Starting Nova API"
  1074. start_nova_api
  1075. fi
  1076. if is_service_enabled neutron-api; then
  1077. echo_summary "Starting Neutron"
  1078. start_neutron_api
  1079. elif is_service_enabled q-svc; then
  1080. echo_summary "Starting Neutron"
  1081. configure_neutron_after_post_config
  1082. start_neutron_service_and_check
  1083. fi
  1084. # Start placement before any of the service that are likely to want
  1085. # to use it to manage resource providers.
  1086. if is_service_enabled placement; then
  1087. echo_summary "Starting Placement"
  1088. start_placement
  1089. fi
  1090. if is_service_enabled neutron; then
  1091. start_neutron
  1092. fi
  1093. # Once neutron agents are started setup initial network elements
  1094. if is_service_enabled q-svc && [[ "$NEUTRON_CREATE_INITIAL_NETWORKS" == "True" ]]; then
  1095. echo_summary "Creating initial neutron network elements"
  1096. create_neutron_initial_network
  1097. fi
  1098. if is_service_enabled nova; then
  1099. echo_summary "Starting Nova"
  1100. start_nova
  1101. create_flavors
  1102. fi
  1103. if is_service_enabled cinder; then
  1104. echo_summary "Starting Cinder"
  1105. start_cinder
  1106. create_volume_types
  1107. fi
  1108. if is_service_enabled horizon; then
  1109. echo_summary "Starting Horizon"
  1110. init_horizon
  1111. start_horizon
  1112. fi
  1113. # Create account rc files
  1114. # =======================
  1115. # Creates source able script files for easier user switching.
  1116. # This step also creates certificates for tenants and users,
  1117. # which is helpful in image bundle steps.
  1118. if is_service_enabled nova && is_service_enabled keystone; then
  1119. USERRC_PARAMS="-PA --target-dir $TOP_DIR/accrc"
  1120. if [ -f $SSL_BUNDLE_FILE ]; then
  1121. USERRC_PARAMS="$USERRC_PARAMS --os-cacert $SSL_BUNDLE_FILE"
  1122. fi
  1123. $TOP_DIR/tools/create_userrc.sh $USERRC_PARAMS
  1124. fi
  1125. # Save some values we generated for later use
  1126. save_stackenv
  1127. # Wrapup configuration
  1128. # ====================
  1129. # local.conf extra
  1130. # ----------------
  1131. # Apply configuration from ``local.conf`` if it exists for layer 2 services
  1132. # Phase: extra
  1133. merge_config_group $TOP_DIR/local.conf extra
  1134. # Run extras
  1135. # ----------
  1136. # Phase: extra
  1137. run_phase stack extra
  1138. # local.conf post-extra
  1139. # ---------------------
  1140. # Apply late configuration from ``local.conf`` if it exists for layer 2 services
  1141. # Phase: post-extra
  1142. merge_config_group $TOP_DIR/local.conf post-extra
  1143. # Sanity checks
  1144. # =============
  1145. # Check that computes are all ready
  1146. #
  1147. # TODO(sdague): there should be some generic phase here.
  1148. if is_service_enabled n-cpu; then
  1149. is_nova_ready
  1150. fi
  1151. # Check the status of running services
  1152. service_check
  1153. # Configure nova cellsv2
  1154. # ----------------------
  1155. # Do this late because it requires compute hosts to have started
  1156. if is_service_enabled n-api; then
  1157. if is_service_enabled n-cpu; then
  1158. $TOP_DIR/tools/discover_hosts.sh
  1159. else
  1160. # Some CI systems like Hyper-V build the control plane on
  1161. # Linux, and join in non Linux Computes after setup. This
  1162. # allows them to delay the processing until after their whole
  1163. # environment is up.
  1164. echo_summary "SKIPPING Cell setup because n-cpu is not enabled. You will have to do this manually before you have a working environment."
  1165. fi
  1166. # Run the nova-status upgrade check command which can also be used
  1167. # to verify the base install. Note that this is good enough in a
  1168. # single node deployment, but in a multi-node setup it won't verify
  1169. # any subnodes - that would have to be driven from whatever tooling
  1170. # is deploying the subnodes, e.g. the zuul v3 devstack-multinode job.
  1171. $NOVA_BIN_DIR/nova-status --config-file $NOVA_CONF upgrade check
  1172. fi
  1173. # Run local script
  1174. # ----------------
  1175. # Run ``local.sh`` if it exists to perform user-managed tasks
  1176. if [[ -x $TOP_DIR/local.sh ]]; then
  1177. echo "Running user script $TOP_DIR/local.sh"
  1178. $TOP_DIR/local.sh
  1179. fi
  1180. # Bash completion
  1181. # ===============
  1182. # Prepare bash completion for OSC
  1183. openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
  1184. # If cinder is configured, set global_filter for PV devices
  1185. if is_service_enabled cinder; then
  1186. if is_ubuntu; then
  1187. echo_summary "Configuring lvm.conf global device filter"
  1188. set_lvm_filter
  1189. else
  1190. echo_summary "Skip setting lvm filters for non Ubuntu systems"
  1191. fi
  1192. fi
  1193. # Run test-config
  1194. # ---------------
  1195. # Phase: test-config
  1196. run_phase stack test-config
  1197. # Apply late configuration from ``local.conf`` if it exists for layer 2 services
  1198. # Phase: test-config
  1199. merge_config_group $TOP_DIR/local.conf test-config
  1200. # Fin
  1201. # ===
  1202. set +o xtrace
  1203. if [[ -n "$LOGFILE" ]]; then
  1204. exec 1>&3
  1205. # Force all output to stdout and logs now
  1206. exec 1> >( tee -a "${LOGFILE}" ) 2>&1
  1207. else
  1208. # Force all output to stdout now
  1209. exec 1>&3
  1210. fi
  1211. # Dump out the time totals
  1212. time_totals
  1213. # Using the cloud
  1214. # ===============
  1215. echo ""
  1216. echo ""
  1217. echo ""
  1218. echo "This is your host IP address: $HOST_IP"
  1219. if [ "$HOST_IPV6" != "" ]; then
  1220. echo "This is your host IPv6 address: $HOST_IPV6"
  1221. fi
  1222. # If you installed Horizon on this server you should be able
  1223. # to access the site using your browser.
  1224. if is_service_enabled horizon; then
  1225. echo "Horizon is now available at http://$SERVICE_HOST$HORIZON_APACHE_ROOT"
  1226. fi
  1227. # If Keystone is present you can point ``nova`` cli to this server
  1228. if is_service_enabled keystone; then
  1229. echo "Keystone is serving at $KEYSTONE_SERVICE_URI/"
  1230. echo "The default users are: admin and demo"
  1231. echo "The password: $ADMIN_PASSWORD"
  1232. fi
  1233. # Warn that a deprecated feature was used
  1234. if [[ -n "$DEPRECATED_TEXT" ]]; then
  1235. echo
  1236. echo -e "WARNING: $DEPRECATED_TEXT"
  1237. echo
  1238. fi
  1239. # If USE_SYSTEMD is enabled, tell the user about using it.
  1240. if [[ "$USE_SYSTEMD" == "True" ]]; then
  1241. echo
  1242. echo "Services are running under systemd unit files."
  1243. echo "For more information see: "
  1244. echo "https://docs.openstack.org/devstack/latest/systemd.html"
  1245. echo
  1246. fi
  1247. # Useful info on current state
  1248. cat /etc/devstack-version
  1249. echo
  1250. # Indicate how long this took to run (bash maintained variable ``SECONDS``)
  1251. echo_summary "stack.sh completed in $SECONDS seconds."
  1252. # Restore/close logging file descriptors
  1253. exec 1>&3
  1254. exec 2>&3
  1255. exec 3>&-
  1256. exec 6>&-