openstack/devstack
Code Issues Proposed changes
74759aa17a
devstack/lib/quantum
Isaku Yamahata 0dd34df455 lib/quantum: refactor quantum plugins and third party 
As quantum plugin support is coming like floodlight, nvp and nec,
it's worth while to refactor quantum plugin logic so that each plugin can
be modified/enhanced intervening with other quantum plugin.
And new plugin support can be added easily (hopefully) without modifying
core logic.

Change-Id: Ic5ab5b993272fdd3b4e779823323777a845ee681
2013-01-21 11:33:24 +09:00

693 lines
25 KiB
Plaintext
Raw Blame History

# lib/quantum
# functions - funstions specific to quantum
# Dependencies:
# ``functions`` file
# ``DEST`` must be defined
# ``stack.sh`` calls the entry points in this order:
#
# install_quantum
# install_quantumclient
# install_quantum_agent_packages
# install_quantum_third_party
# setup_quantum
# setup_quantumclient
# configure_quantum
# init_quantum
# configure_quantum_third_party
# init_quantum_third_party
# start_quantum_third_party
# create_nova_conf_quantum
# start_quantum_service_and_check
# create_quantum_initial_network
# setup_quantum_debug
# start_quantum_agents
#
# ``unstack.sh`` calls the entry points in this order:
#
# stop_quantum
# Functions in lib/quantum are classified into the following categories:
#
# - entry points (called from stack.sh or unstack.sh)
# - internal functions
# - quantum exercises
# - 3rd party programs
# Quantum Networking
# ------------------
# Make sure that quantum is enabled in ``ENABLED_SERVICES``. If you want
# to run Quantum on this host, make sure that q-svc is also in
# ``ENABLED_SERVICES``.
#
# If you're planning to use the Quantum openvswitch plugin, set
# ``Q_PLUGIN`` to "openvswitch" and make sure the q-agt service is enabled
# in ``ENABLED_SERVICES``. If you're planning to use the Quantum
# linuxbridge plugin, set ``Q_PLUGIN`` to "linuxbridge" and make sure the
# q-agt service is enabled in ``ENABLED_SERVICES``.
#
# See "Quantum Network Configuration" below for additional variables
# that must be set in localrc for connectivity across hosts with
# Quantum.
#
# With Quantum networking the NET_MAN variable is ignored.
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
# Quantum Network Configuration
# -----------------------------
# Set up default directories
QUANTUM_DIR=$DEST/quantum
QUANTUMCLIENT_DIR=$DEST/python-quantumclient
QUANTUM_AUTH_CACHE_DIR=${QUANTUM_AUTH_CACHE_DIR:-/var/cache/quantum}
QUANTUM_CONF_DIR=/etc/quantum
QUANTUM_CONF=$QUANTUM_CONF_DIR/quantum.conf
export QUANTUM_TEST_CONFIG_FILE=${QUANTUM_TEST_CONFIG_FILE:-"$QUANTUM_CONF_DIR/debug.ini"}
# Default Quantum Plugin
Q_PLUGIN=${Q_PLUGIN:-openvswitch}
# Default Quantum Port
Q_PORT=${Q_PORT:-9696}
# Default Quantum Host
Q_HOST=${Q_HOST:-$HOST_IP}
# Default admin username
Q_ADMIN_USERNAME=${Q_ADMIN_USERNAME:-quantum}
# Default auth strategy
Q_AUTH_STRATEGY=${Q_AUTH_STRATEGY:-keystone}
# Use namespace or not
Q_USE_NAMESPACE=${Q_USE_NAMESPACE:-True}
Q_USE_ROOTWRAP=${Q_USE_ROOTWRAP:-True}
# Meta data IP
Q_META_DATA_IP=${Q_META_DATA_IP:-$HOST_IP}
# Allow Overlapping IP among subnets
Q_ALLOW_OVERLAPPING_IP=${Q_ALLOW_OVERLAPPING_IP:-False}
# Use quantum-debug command
Q_USE_DEBUG_COMMAND=${Q_USE_DEBUG_COMMAND:-False}
# The name of the default q-l3 router
Q_ROUTER_NAME=${Q_ROUTER_NAME:-router1}
if is_service_enabled quantum; then
Q_RR_CONF_FILE=$QUANTUM_CONF_DIR/rootwrap.conf
if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
Q_RR_COMMAND="sudo"
else
QUANTUM_ROOTWRAP=$(get_rootwrap_location quantum)
Q_RR_COMMAND="sudo $QUANTUM_ROOTWRAP $Q_RR_CONF_FILE"
fi
# Provider Network Configurations
# --------------------------------
# The following variables control the Quantum openvswitch and
# linuxbridge plugins' allocation of tenant networks and
# availability of provider networks. If these are not configured
# in localrc, tenant networks will be local to the host (with no
# remote connectivity), and no physical resources will be
# available for the allocation of provider networks.
# To use GRE tunnels for tenant networks, set to True in
# localrc. GRE tunnels are only supported by the openvswitch
# plugin, and currently only on Ubuntu.
ENABLE_TENANT_TUNNELS=${ENABLE_TENANT_TUNNELS:-False}
# If using GRE tunnels for tenant networks, specify the range of
# tunnel IDs from which tenant networks are allocated. Can be
# overriden in localrc in necesssary.
TENANT_TUNNEL_RANGES=${TENANT_TUNNEL_RANGE:-1:1000}
# To use VLANs for tenant networks, set to True in localrc. VLANs
# are supported by the openvswitch and linuxbridge plugins, each
# requiring additional configuration described below.
ENABLE_TENANT_VLANS=${ENABLE_TENANT_VLANS:-False}
# If using VLANs for tenant networks, set in localrc to specify
# the range of VLAN VIDs from which tenant networks are
# allocated. An external network switch must be configured to
# trunk these VLANs between hosts for multi-host connectivity.
#
# Example: ``TENANT_VLAN_RANGE=1000:1999``
TENANT_VLAN_RANGE=${TENANT_VLAN_RANGE:-}
# If using VLANs for tenant networks, or if using flat or VLAN
# provider networks, set in localrc to the name of the physical
# network, and also configure OVS_PHYSICAL_BRIDGE for the
# openvswitch agent or LB_PHYSICAL_INTERFACE for the linuxbridge
# agent, as described below.
#
# Example: ``PHYSICAL_NETWORK=default``
PHYSICAL_NETWORK=${PHYSICAL_NETWORK:-}
# With the openvswitch plugin, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in localrc to
# the name of the OVS bridge to use for the physical network. The
# bridge will be created if it does not already exist, but a
# physical interface must be manually added to the bridge as a
# port for external connectivity.
#
# Example: ``OVS_PHYSICAL_BRIDGE=br-eth1``
OVS_PHYSICAL_BRIDGE=${OVS_PHYSICAL_BRIDGE:-}
# With the linuxbridge plugin, if using VLANs for tenant networks,
# or if using flat or VLAN provider networks, set in localrc to
# the name of the network interface to use for the physical
# network.
#
# Example: ``LB_PHYSICAL_INTERFACE=eth1``
LB_PHYSICAL_INTERFACE=${LB_PHYSICAL_INTERFACE:-}
# With the openvswitch plugin, set to True in localrc to enable
# provider GRE tunnels when ``ENABLE_TENANT_TUNNELS`` is False.
#
# Example: ``OVS_ENABLE_TUNNELING=True``
OVS_ENABLE_TUNNELING=${OVS_ENABLE_TUNNELING:-$ENABLE_TENANT_TUNNELS}
fi
# Quantum plugin specific functions
# ---------------------------------
# Please refer to lib/quantum_plugins/README.md for details.
source $TOP_DIR/lib/quantum_plugins/$Q_PLUGIN
# Entry Points
# ------------
# configure_quantum()
# Set common config for all quantum server and agents.
function configure_quantum() {
_configure_quantum_common
iniset_rpc_backend quantum $QUANTUM_CONF DEFAULT
if is_service_enabled q-svc; then
_configure_quantum_service
fi
if is_service_enabled q-agt; then
_configure_quantum_plugin_agent
fi
if is_service_enabled q-dhcp; then
_configure_quantum_dhcp_agent
fi
if is_service_enabled q-l3; then
_configure_quantum_l3_agent
fi
if is_service_enabled q-meta; then
_configure_quantum_metadata_agent
fi
_configure_quantum_debug_command
_cleanup_quantum
}
function create_nova_conf_quantum() {
iniset $NOVA_CONF DEFAULT network_api_class "nova.network.quantumv2.api.API"
iniset $NOVA_CONF DEFAULT quantum_admin_username "$Q_ADMIN_USERNAME"
iniset $NOVA_CONF DEFAULT quantum_admin_password "$SERVICE_PASSWORD"
iniset $NOVA_CONF DEFAULT quantum_admin_auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_AUTH_PORT/v2.0"
iniset $NOVA_CONF DEFAULT quantum_auth_strategy "$Q_AUTH_STRATEGY"
iniset $NOVA_CONF DEFAULT quantum_admin_tenant_name "$SERVICE_TENANT_NAME"
iniset $NOVA_CONF DEFAULT quantum_url "http://$Q_HOST:$Q_PORT"
# set NOVA_VIF_DRIVER and optionally set options in nova_conf
quantum_plugin_create_nova_conf
iniset $NOVA_CONF DEFAULT libvirt_vif_driver "$NOVA_VIF_DRIVER"
iniset $NOVA_CONF DEFAULT linuxnet_interface_driver "$LINUXNET_VIF_DRIVER"
if is_service_enabled q-meta; then
iniset $NOVA_CONF DEFAULT service_quantum_metadata_proxy "True"
fi
}
# create_quantum_accounts() - Set up common required quantum accounts
# Tenant User Roles
# ------------------------------------------------------------------
# service quantum admin # if enabled
# Migrated from keystone_data.sh
function create_quantum_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
if [[ "$ENABLED_SERVICES" =~ "q-svc" ]]; then
QUANTUM_USER=$(keystone user-create \
--name=quantum \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=quantum@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $QUANTUM_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
QUANTUM_SERVICE=$(keystone service-create \
--name=quantum \
--type=network \
--description="Quantum Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
--region RegionOne \
--service_id $QUANTUM_SERVICE \
--publicurl "http://$SERVICE_HOST:9696/" \
--adminurl "http://$SERVICE_HOST:9696/" \
--internalurl "http://$SERVICE_HOST:9696/"
fi
fi
}
function create_quantum_initial_network() {
TENANT_ID=$(keystone tenant-list | grep " demo " | get_field 1)
# Create a small network
# Since quantum command is executed in admin context at this point,
# ``--tenant_id`` needs to be specified.
NET_ID=$(quantum net-create --tenant_id $TENANT_ID "$PRIVATE_NETWORK_NAME" | grep ' id ' | get_field 2)
SUBNET_ID=$(quantum subnet-create --tenant_id $TENANT_ID --ip_version 4 --gateway $NETWORK_GATEWAY $NET_ID $FIXED_RANGE | grep ' id ' | get_field 2)
if is_service_enabled q-l3; then
# Create a router, and add the private subnet as one of its interfaces
if [[ "$Q_USE_NAMESPACE" == "True" ]]; then
# If namespaces are enabled, create a tenant-owned router.
ROUTER_ID=$(quantum router-create --tenant_id $TENANT_ID $Q_ROUTER_NAME | grep ' id ' | get_field 2)
else
# If namespaces are disabled, the L3 agent can only target
# a single router, which should not be tenant-owned.
ROUTER_ID=$(quantum router-create $Q_ROUTER_NAME | grep ' id ' | get_field 2)
fi
quantum router-interface-add $ROUTER_ID $SUBNET_ID
# Create an external network, and a subnet. Configure the external network as router gw
EXT_NET_ID=$(quantum net-create "$PUBLIC_NETWORK_NAME" -- --router:external=True | grep ' id ' | get_field 2)
EXT_GW_IP=$(quantum subnet-create --ip_version 4 $EXT_NET_ID $FLOATING_RANGE -- --enable_dhcp=False | grep 'gateway_ip' | get_field 2)
quantum router-gateway-set $ROUTER_ID $EXT_NET_ID
if is_quantum_ovs_base_plugin && [[ "$Q_USE_NAMESPACE" = "True" ]]; then
CIDR_LEN=${FLOATING_RANGE#*/}
sudo ip addr add $EXT_GW_IP/$CIDR_LEN dev $PUBLIC_BRIDGE
sudo ip link set $PUBLIC_BRIDGE up
ROUTER_GW_IP=`quantum port-list -c fixed_ips -c device_owner | grep router_gateway | awk -F '"' '{ print $8; }'`
sudo route add -net $FIXED_RANGE gw $ROUTER_GW_IP
fi
if [[ "$Q_USE_NAMESPACE" == "False" ]]; then
# Explicitly set router id in l3 agent configuration
iniset $Q_L3_CONF_FILE DEFAULT router_id $ROUTER_ID
fi
fi
}
# init_quantum() - Initialize databases, etc.
function init_quantum() {
:
}
# install_quantum() - Collect source and prepare
function install_quantum() {
git_clone $QUANTUM_REPO $QUANTUM_DIR $QUANTUM_BRANCH
}
# install_quantumclient() - Collect source and prepare
function install_quantumclient() {
git_clone $QUANTUMCLIENT_REPO $QUANTUMCLIENT_DIR $QUANTUMCLIENT_BRANCH
}
# install_quantum_agent_packages() - Collect source and prepare
function install_quantum_agent_packages() {
# install packages that is specific to plugin agent
quantum_plugin_install_agent_packages
}
function setup_quantum() {
setup_develop $QUANTUM_DIR
}
function setup_quantumclient() {
setup_develop $QUANTUMCLIENT_DIR
}
# Start running processes, including screen
function start_quantum_service_and_check() {
# Start the Quantum service
screen_it q-svc "cd $QUANTUM_DIR && python $QUANTUM_DIR/bin/quantum-server --config-file $QUANTUM_CONF --config-file /$Q_PLUGIN_CONF_FILE"
echo "Waiting for Quantum to start..."
if ! timeout $SERVICE_TIMEOUT sh -c "while ! http_proxy= wget -q -O- http://127.0.0.1:9696; do sleep 1; done"; then
echo "Quantum did not start"
exit 1
fi
}
# Start running processes, including screen
function start_quantum_agents() {
# Start up the quantum agents if enabled
screen_it q-agt "python $AGENT_BINARY --config-file $QUANTUM_CONF --config-file /$Q_PLUGIN_CONF_FILE"
screen_it q-dhcp "python $AGENT_DHCP_BINARY --config-file $QUANTUM_CONF --config-file=$Q_DHCP_CONF_FILE"
screen_it q-meta "python $AGENT_META_BINARY --config-file $QUANTUM_CONF --config-file=$Q_META_CONF_FILE"
screen_it q-l3 "python $AGENT_L3_BINARY --config-file $QUANTUM_CONF --config-file=$Q_L3_CONF_FILE"
}
# stop_quantum() - Stop running processes (non-screen)
function stop_quantum() {
if is_service_enabled q-dhcp; then
pid=$(ps aux | awk '/[d]nsmasq.+interface=(tap|ns-)/ { print $2 }')
[ ! -z "$pid" ] && sudo kill -9 $pid
fi
}
# _cleanup_quantum() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function _cleanup_quantum() {
:
}
# _configure_quantum_common()
# Set common config for all quantum server and agents.
# This MUST be called before other _configure_quantum_* functions.
function _configure_quantum_common() {
# Put config files in ``QUANTUM_CONF_DIR`` for everyone to find
if [[ ! -d $QUANTUM_CONF_DIR ]]; then
sudo mkdir -p $QUANTUM_CONF_DIR
fi
sudo chown $STACK_USER $QUANTUM_CONF_DIR
cp $QUANTUM_DIR/etc/quantum.conf $QUANTUM_CONF
# set plugin-specific variables
# Q_PLUGIN_CONF_PATH, Q_PLUGIN_CONF_FILENAME, Q_DB_NAME, Q_PLUGIN_CLASS
quantum_plugin_configure_common
if [[ $Q_PLUGIN_CONF_PATH == '' || $Q_PLUGIN_CONF_FILENAME == '' || $Q_PLUGIN_CLASS == '' ]]; then
echo "Quantum plugin not set.. exiting"
exit 1
fi
# If needed, move config file from ``$QUANTUM_DIR/etc/quantum`` to ``QUANTUM_CONF_DIR``
mkdir -p /$Q_PLUGIN_CONF_PATH
Q_PLUGIN_CONF_FILE=$Q_PLUGIN_CONF_PATH/$Q_PLUGIN_CONF_FILENAME
cp $QUANTUM_DIR/$Q_PLUGIN_CONF_FILE /$Q_PLUGIN_CONF_FILE
database_connection_url dburl $Q_DB_NAME
iniset /$Q_PLUGIN_CONF_FILE DATABASE sql_connection $dburl
unset dburl
_quantum_setup_rootwrap
}
function _configure_quantum_debug_command() {
if [[ "$Q_USE_DEBUG_COMMAND" != "True" ]]; then
return
fi
cp $QUANTUM_DIR/etc/l3_agent.ini $QUANTUM_TEST_CONFIG_FILE
iniset $QUANTUM_TEST_CONFIG_FILE DEFAULT verbose False
iniset $QUANTUM_TEST_CONFIG_FILE DEFAULT debug False
iniset $QUANTUM_TEST_CONFIG_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE
iniset $QUANTUM_TEST_CONFIG_FILE DEFAULT root_helper "$Q_RR_COMMAND"
_quantum_setup_keystone $QUANTUM_TEST_CONFIG_FILE DEFAULT set_auth_url
_quantum_setup_interface_driver $QUANTUM_TEST_CONFIG_FILE
quantum_plugin_configure_debug_command
}
function _configure_quantum_dhcp_agent() {
AGENT_DHCP_BINARY="$QUANTUM_DIR/bin/quantum-dhcp-agent"
Q_DHCP_CONF_FILE=$QUANTUM_CONF_DIR/dhcp_agent.ini
cp $QUANTUM_DIR/etc/dhcp_agent.ini $Q_DHCP_CONF_FILE
iniset $Q_DHCP_CONF_FILE DEFAULT verbose True
iniset $Q_DHCP_CONF_FILE DEFAULT debug True
iniset $Q_DHCP_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE
iniset $Q_DHCP_CONF_FILE DEFAULT state_path $DATA_DIR/quantum
iniset $Q_DHCP_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND"
_quantum_setup_keystone $Q_DHCP_CONF_FILE DEFAULT set_auth_url
_quantum_setup_interface_driver $Q_DHCP_CONF_FILE
quantum_plugin_configure_dhcp_agent
}
function _configure_quantum_l3_agent() {
AGENT_L3_BINARY="$QUANTUM_DIR/bin/quantum-l3-agent"
PUBLIC_BRIDGE=${PUBLIC_BRIDGE:-br-ex}
Q_L3_CONF_FILE=$QUANTUM_CONF_DIR/l3_agent.ini
cp $QUANTUM_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE
iniset $Q_L3_CONF_FILE DEFAULT verbose True
iniset $Q_L3_CONF_FILE DEFAULT debug True
iniset $Q_L3_CONF_FILE DEFAULT use_namespaces $Q_USE_NAMESPACE
iniset $Q_L3_CONF_FILE DEFAULT state_path $DATA_DIR/quantum
iniset $Q_L3_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND"
_quantum_setup_keystone $Q_L3_CONF_FILE DEFAULT set_auth_url
_quantum_setup_interface_driver $Q_L3_CONF_FILE
quantum_plugin_configure_l3_agent
}
function _configure_quantum_metadata_agent() {
AGENT_META_BINARY="$QUANTUM_DIR/bin/quantum-metadata-agent"
Q_META_CONF_FILE=$QUANTUM_CONF_DIR/metadata_agent.ini
cp $QUANTUM_DIR/etc/metadata_agent.ini $Q_META_CONF_FILE
iniset $Q_META_CONF_FILE DEFAULT verbose True
iniset $Q_META_CONF_FILE DEFAULT debug True
iniset $Q_META_CONF_FILE DEFAULT state_path $DATA_DIR/quantum
iniset $Q_META_CONF_FILE DEFAULT nova_metadata_ip $Q_META_DATA_IP
iniset $Q_META_CONF_FILE DEFAULT root_helper "$Q_RR_COMMAND"
_quantum_setup_keystone $Q_META_CONF_FILE DEFAULT set_auth_url
}
# _configure_quantum_plugin_agent() - Set config files for quantum plugin agent
# It is called when q-agt is enabled.
function _configure_quantum_plugin_agent() {
# Specify the default root helper prior to agent configuration to
# ensure that an agent's configuration can override the default.
iniset /$Q_PLUGIN_CONF_FILE AGENT root_helper "$Q_RR_COMMAND"
# Configure agent for plugin
quantum_plugin_configure_plugin_agent
}
# _configure_quantum_service() - Set config files for quantum service
# It is called when q-svc is enabled.
function _configure_quantum_service() {
Q_API_PASTE_FILE=$QUANTUM_CONF_DIR/api-paste.ini
Q_POLICY_FILE=$QUANTUM_CONF_DIR/policy.json
cp $QUANTUM_DIR/etc/api-paste.ini $Q_API_PASTE_FILE
cp $QUANTUM_DIR/etc/policy.json $Q_POLICY_FILE
if is_service_enabled $DATABASE_BACKENDS; then
recreate_database $Q_DB_NAME utf8
else
echo "A database must be enabled in order to use the $Q_PLUGIN Quantum plugin."
exit 1
fi
# Update either configuration file with plugin
iniset $QUANTUM_CONF DEFAULT core_plugin $Q_PLUGIN_CLASS
iniset $QUANTUM_CONF DEFAULT verbose True
iniset $QUANTUM_CONF DEFAULT debug True
iniset $QUANTUM_CONF DEFAULT allow_overlapping_ips $Q_ALLOW_OVERLAPPING_IP
iniset $QUANTUM_CONF DEFAULT auth_strategy $Q_AUTH_STRATEGY
_quantum_setup_keystone $Q_API_PASTE_FILE filter:authtoken
# Configure plugin
quantum_plugin_configure_service
}
# Utility Functions
#------------------
# _quantum_setup_rootwrap() - configure Quantum's rootwrap
function _quantum_setup_rootwrap() {
if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then
return
fi
# Deploy new rootwrap filters files (owned by root).
# Wipe any existing rootwrap.d files first
Q_CONF_ROOTWRAP_D=$QUANTUM_CONF_DIR/rootwrap.d
if [[ -d $Q_CONF_ROOTWRAP_D ]]; then
sudo rm -rf $Q_CONF_ROOTWRAP_D
fi
# Deploy filters to $QUANTUM_CONF_DIR/rootwrap.d
mkdir -p -m 755 $Q_CONF_ROOTWRAP_D
cp -pr $QUANTUM_DIR/etc/quantum/rootwrap.d/* $Q_CONF_ROOTWRAP_D/
sudo chown -R root:root $Q_CONF_ROOTWRAP_D
sudo chmod 644 $Q_CONF_ROOTWRAP_D/*
# Set up rootwrap.conf, pointing to $QUANTUM_CONF_DIR/rootwrap.d
sudo cp -p $QUANTUM_DIR/etc/rootwrap.conf $Q_RR_CONF_FILE
sudo sed -e "s:^filters_path=.*$:filters_path=$Q_CONF_ROOTWRAP_D:" -i $Q_RR_CONF_FILE
sudo chown root:root $Q_RR_CONF_FILE
sudo chmod 0644 $Q_RR_CONF_FILE
# Specify rootwrap.conf as first parameter to quantum-rootwrap
ROOTWRAP_SUDOER_CMD="$QUANTUM_ROOTWRAP $Q_RR_CONF_FILE *"
# Set up the rootwrap sudoers for quantum
TEMPFILE=`mktemp`
echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/quantum-rootwrap
}
# Configures keystone integration for quantum service and agents
function _quantum_setup_keystone() {
local conf_file=$1
local section=$2
local use_auth_url=$3
if [[ -n $use_auth_url ]]; then
iniset $conf_file $section auth_url "$KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_AUTH_HOST:$KEYSTONE_AUTH_PORT/v2.0"
else
iniset $conf_file $section auth_host $KEYSTONE_SERVICE_HOST
iniset $conf_file $section auth_port $KEYSTONE_AUTH_PORT
iniset $conf_file $section auth_protocol $KEYSTONE_SERVICE_PROTOCOL
fi
iniset $conf_file $section admin_tenant_name $SERVICE_TENANT_NAME
iniset $conf_file $section admin_user $Q_ADMIN_USERNAME
iniset $conf_file $section admin_password $SERVICE_PASSWORD
iniset $conf_file $section signing_dir $QUANTUM_AUTH_CACHE_DIR
# Create cache dir
sudo mkdir -p $QUANTUM_AUTH_CACHE_DIR
sudo chown $STACK_USER $QUANTUM_AUTH_CACHE_DIR
rm -f $QUANTUM_AUTH_CACHE_DIR/*
}
function _quantum_setup_interface_driver() {
quantum_plugin_setup_interface_driver $1
}
# Functions for Quantum Exercises
#--------------------------------
function delete_probe() {
local from_net="$1"
net_id=`_get_net_id $from_net`
probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}'`
quantum-debug --os-tenant-name admin --os-username admin probe-delete $probe_id
}
function setup_quantum_debug() {
if [[ "$Q_USE_DEBUG_COMMAND" == "True" ]]; then
public_net_id=`_get_net_id $PUBLIC_NETWORK_NAME`
quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $public_net_id
private_net_id=`_get_net_id $PRIVATE_NETWORK_NAME`
quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-create $private_net_id
fi
}
function teardown_quantum_debug() {
delete_probe $PUBLIC_NETWORK_NAME
delete_probe $PRIVATE_NETWORK_NAME
}
function _get_net_id() {
quantum --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD net-list | grep $1 | awk '{print $2}'
}
function _get_probe_cmd_prefix() {
local from_net="$1"
net_id=`_get_net_id $from_net`
probe_id=`quantum-debug --os-tenant-name admin --os-username admin --os-password $ADMIN_PASSWORD probe-list -c id -c network_id | grep $net_id | awk '{print $2}' | head -n 1`
echo "$Q_RR_COMMAND ip netns exec qprobe-$probe_id"
}
function _ping_check_quantum() {
local from_net=$1
local ip=$2
local timeout_sec=$3
local expected=${4:-"True"}
local check_command=""
probe_cmd=`_get_probe_cmd_prefix $from_net`
if [[ "$expected" = "True" ]]; then
check_command="while ! $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
else
check_command="while $probe_cmd ping -w 1 -c 1 $ip; do sleep 1; done"
fi
if ! timeout $timeout_sec sh -c "$check_command"; then
if [[ "$expected" = "True" ]]; then
echo "[Fail] Couldn't ping server"
else
echo "[Fail] Could ping server"
fi
exit 1
fi
}
# ssh check
function _ssh_check_quantum() {
local from_net=$1
local key_file=$2
local ip=$3
local user=$4
local timeout_sec=$5
local probe_cmd = ""
probe_cmd=`_get_probe_cmd_prefix $from_net`
if ! timeout $timeout_sec sh -c "while ! $probe_cmd ssh -o StrictHostKeyChecking=no -i $key_file ${user}@$ip echo success ; do sleep 1; done"; then
echo "server didn't become ssh-able!"
exit 1
fi
}
# Quantum 3rd party programs
#---------------------------
# please refer to lib/quantum_thirdparty/README.md for details
QUANTUM_THIRD_PARTIES=""
for f in $TOP_DIR/lib/quantum_thirdparty/*; do
third_party=$(basename $f)
if is_service_enabled $third_party; then
source $TOP_DIR/lib/quantum_thirdparty/$third_party
QUANTUM_THIRD_PARTIES="$QUANTUM_THIRD_PARTIES,$third_party"
fi
done
function _quantum_third_party_do() {
for third_party in ${QUANTUM_THIRD_PARTIES//,/ }; do
${1}_${third_party}
done
}
# configure_quantum_third_party() - Set config files, create data dirs, etc
function configure_quantum_third_party() {
_quantum_third_party_do configure
}
# init_quantum_third_party() - Initialize databases, etc.
function init_quantum_third_party() {
_quantum_third_party_do init
}
# install_quantum_third_party() - Collect source and prepare
function install_quantum_third_party() {
_quantum_third_party_do install
}
# start_quantum_third_party() - Start running processes, including screen
function start_quantum_third_party() {
_quantum_third_party_do start
}
# stop_quantum_third_party - Stop running processes (non-screen)
function stop_quantum_third_party() {
_quantum_third_party_do stop
}
# Restore xtrace
$XTRACE
View Git Blame Copy Permalink