e8bc2b82a0
Most of the services create the service user with the admin permission. This is unnecessary for token validation and they should be restricted to only having the service role. Change-Id: Id7a9366d2c6a36139240f64371002362dc2d8d3b
240 lines
7.0 KiB
Bash
240 lines
7.0 KiB
Bash
#!/bin/bash
|
|
#
|
|
# lib/zaqar
|
|
# Install and start **Zaqar** service
|
|
|
|
# To enable a minimal set of Zaqar services, add the following to localrc:
|
|
#
|
|
# enable_service zaqar-server
|
|
#
|
|
# Dependencies:
|
|
# - functions
|
|
# - OS_AUTH_URL for auth in api
|
|
# - DEST set to the destination directory
|
|
# - SERVICE_PASSWORD, SERVICE_TENANT_NAME for auth in api
|
|
# - STACK_USER service user
|
|
|
|
# stack.sh
|
|
# ---------
|
|
# install_zaqar
|
|
# configure_zaqar
|
|
# init_zaqar
|
|
# start_zaqar
|
|
# stop_zaqar
|
|
# cleanup_zaqar
|
|
# cleanup_zaqar_mongodb
|
|
|
|
# Save trace setting
|
|
XTRACE=$(set +o | grep xtrace)
|
|
set +o xtrace
|
|
|
|
|
|
# Defaults
|
|
# --------
|
|
|
|
# Set up default directories
|
|
ZAQAR_DIR=$DEST/zaqar
|
|
ZAQARCLIENT_DIR=$DEST/python-zaqarclient
|
|
ZAQAR_CONF_DIR=/etc/zaqar
|
|
ZAQAR_CONF=$ZAQAR_CONF_DIR/zaqar.conf
|
|
ZAQAR_API_LOG_DIR=/var/log/zaqar
|
|
ZAQAR_API_LOG_FILE=$ZAQAR_API_LOG_DIR/queues.log
|
|
ZAQAR_AUTH_CACHE_DIR=${ZAQAR_AUTH_CACHE_DIR:-/var/cache/zaqar}
|
|
|
|
# Support potential entry-points console scripts
|
|
ZAQAR_BIN_DIR=$(get_python_exec_prefix)
|
|
|
|
# Set up database backend
|
|
ZAQAR_BACKEND=${ZAQAR_BACKEND:-mongodb}
|
|
|
|
|
|
# Set Zaqar repository
|
|
ZAQAR_REPO=${ZAQAR_REPO:-${GIT_BASE}/openstack/zaqar.git}
|
|
ZAQAR_BRANCH=${ZAQAR_BRANCH:-master}
|
|
|
|
# Set client library repository
|
|
ZAQARCLIENT_REPO=${ZAQARCLIENT_REPO:-${GIT_BASE}/openstack/python-zaqarclient.git}
|
|
ZAQARCLIENT_BRANCH=${ZAQARCLIENT_BRANCH:-master}
|
|
|
|
# Set Zaqar Connection Info
|
|
ZAQAR_SERVICE_HOST=${ZAQAR_SERVICE_HOST:-$SERVICE_HOST}
|
|
ZAQAR_SERVICE_PORT=${ZAQAR_SERVICE_PORT:-8888}
|
|
ZAQAR_SERVICE_PROTOCOL=${ZAQAR_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
|
|
|
|
# Tell Tempest this project is present
|
|
TEMPEST_SERVICES+=,zaqar
|
|
|
|
|
|
# Functions
|
|
# ---------
|
|
|
|
# Test if any Zaqar services are enabled
|
|
# is_zaqar_enabled
|
|
function is_zaqar_enabled {
|
|
[[ ,${ENABLED_SERVICES} =~ ,"zaqar-" ]] && return 0
|
|
return 1
|
|
}
|
|
|
|
# cleanup_zaqar() - Cleans up general things from previous
|
|
# runs and storage specific left overs.
|
|
function cleanup_zaqar {
|
|
if [ "$ZAQAR_BACKEND" = 'mongodb' ] ; then
|
|
cleanup_zaqar_mongodb
|
|
fi
|
|
}
|
|
|
|
# cleanup_zaqar_mongodb() - Remove residual data files, anything left over from previous
|
|
# runs that a clean run would need to clean up
|
|
function cleanup_zaqar_mongodb {
|
|
if ! timeout $SERVICE_TIMEOUT sh -c "while ! mongo zaqar --eval 'db.dropDatabase();'; do sleep 1; done"; then
|
|
die $LINENO "Mongo DB did not start"
|
|
else
|
|
full_version=$(mongo zaqar --eval 'db.dropDatabase();')
|
|
mongo_version=`echo $full_version | cut -d' ' -f4`
|
|
required_mongo_version='2.2'
|
|
if [[ $mongo_version < $required_mongo_version ]]; then
|
|
die $LINENO "Zaqar needs Mongo DB version >= 2.2 to run."
|
|
fi
|
|
fi
|
|
}
|
|
|
|
# configure_zaqarclient() - Set config files, create data dirs, etc
|
|
function configure_zaqarclient {
|
|
setup_develop $ZAQARCLIENT_DIR
|
|
}
|
|
|
|
# configure_zaqar() - Set config files, create data dirs, etc
|
|
function configure_zaqar {
|
|
setup_develop $ZAQAR_DIR
|
|
|
|
[ ! -d $ZAQAR_CONF_DIR ] && sudo mkdir -m 755 -p $ZAQAR_CONF_DIR
|
|
sudo chown $USER $ZAQAR_CONF_DIR
|
|
|
|
[ ! -d $ZAQAR_API_LOG_DIR ] && sudo mkdir -m 755 -p $ZAQAR_API_LOG_DIR
|
|
sudo chown $USER $ZAQAR_API_LOG_DIR
|
|
|
|
iniset $ZAQAR_CONF DEFAULT debug True
|
|
iniset $ZAQAR_CONF DEFAULT verbose True
|
|
iniset $ZAQAR_CONF DEFAULT admin_mode True
|
|
iniset $ZAQAR_CONF DEFAULT use_syslog $SYSLOG
|
|
iniset $ZAQAR_CONF DEFAULT log_file $ZAQAR_API_LOG_FILE
|
|
iniset $ZAQAR_CONF 'drivers:transport:wsgi' bind $ZAQAR_SERVICE_HOST
|
|
|
|
configure_auth_token_middleware $ZAQAR_CONF zaqar $ZAQAR_AUTH_CACHE_DIR
|
|
|
|
if [ "$ZAQAR_BACKEND" = 'mysql' ] || [ "$ZAQAR_BACKEND" = 'postgresql' ] ; then
|
|
iniset $ZAQAR_CONF drivers storage sqlalchemy
|
|
iniset $ZAQAR_CONF 'drivers:storage:sqlalchemy' uri `database_connection_url zaqar`
|
|
elif [ "$ZAQAR_BACKEND" = 'mongodb' ] ; then
|
|
iniset $ZAQAR_CONF drivers storage mongodb
|
|
iniset $ZAQAR_CONF 'drivers:storage:mongodb' uri mongodb://localhost:27017/zaqar
|
|
configure_mongodb
|
|
elif [ "$ZAQAR_BACKEND" = 'redis' ] ; then
|
|
iniset $ZAQAR_CONF drivers storage redis
|
|
iniset $ZAQAR_CONF 'drivers:storage:redis' uri redis://localhost:6379
|
|
configure_redis
|
|
fi
|
|
|
|
if is_service_enabled qpid || [ -n "$RABBIT_HOST" ] && [ -n "$RABBIT_PASSWORD" ]; then
|
|
iniset $ZAQAR_CONF DEFAULT notification_driver messaging
|
|
iniset $ZAQAR_CONF DEFAULT control_exchange zaqar
|
|
fi
|
|
iniset_rpc_backend zaqar $ZAQAR_CONF DEFAULT
|
|
|
|
cleanup_zaqar
|
|
}
|
|
|
|
function configure_redis {
|
|
if is_ubuntu; then
|
|
install_package redis-server
|
|
elif is_fedora; then
|
|
install_package redis
|
|
else
|
|
exit_distro_not_supported "redis installation"
|
|
fi
|
|
|
|
install_package python-redis
|
|
}
|
|
|
|
function configure_mongodb {
|
|
# Set nssize to 2GB. This increases the number of namespaces supported
|
|
# # per database.
|
|
if is_ubuntu; then
|
|
sudo sed -i -e "
|
|
s|[^ \t]*#[ \t]*\(nssize[ \t]*=.*\$\)|\1|
|
|
s|^\(nssize[ \t]*=[ \t]*\).*\$|\1 2047|
|
|
" /etc/mongodb.conf
|
|
restart_service mongodb
|
|
elif is_fedora; then
|
|
sudo sed -i '/--nssize/!s/OPTIONS=\"/OPTIONS=\"--nssize 2047 /' /etc/sysconfig/mongod
|
|
restart_service mongod
|
|
fi
|
|
}
|
|
|
|
# init_zaqar() - Initialize etc.
|
|
function init_zaqar {
|
|
# Create cache dir
|
|
sudo mkdir -p $ZAQAR_AUTH_CACHE_DIR
|
|
sudo chown $STACK_USER $ZAQAR_AUTH_CACHE_DIR
|
|
rm -f $ZAQAR_AUTH_CACHE_DIR/*
|
|
}
|
|
|
|
# install_zaqar() - Collect source and prepare
|
|
function install_zaqar {
|
|
git_clone $ZAQAR_REPO $ZAQAR_DIR $ZAQAR_BRANCH
|
|
setup_develop $ZAQAR_DIR
|
|
}
|
|
|
|
# install_zaqarclient() - Collect source and prepare
|
|
function install_zaqarclient {
|
|
git_clone $ZAQARCLIENT_REPO $ZAQARCLIENT_DIR $ZAQARCLIENT_BRANCH
|
|
setup_develop $ZAQARCLIENT_DIR
|
|
}
|
|
|
|
# start_zaqar() - Start running processes, including screen
|
|
function start_zaqar {
|
|
if [[ "$USE_SCREEN" = "False" ]]; then
|
|
run_process zaqar-server "zaqar-server --config-file $ZAQAR_CONF --daemon"
|
|
else
|
|
run_process zaqar-server "zaqar-server --config-file $ZAQAR_CONF"
|
|
fi
|
|
|
|
echo "Waiting for Zaqar to start..."
|
|
if ! timeout $SERVICE_TIMEOUT sh -c "while ! wget --no-proxy -q -O- $ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT/v1/health; do sleep 1; done"; then
|
|
die $LINENO "Zaqar did not start"
|
|
fi
|
|
}
|
|
|
|
# stop_zaqar() - Stop running processes
|
|
function stop_zaqar {
|
|
local serv
|
|
# Kill the zaqar screen windows
|
|
for serv in zaqar-server; do
|
|
screen -S $SCREEN_NAME -p $serv -X kill
|
|
done
|
|
}
|
|
|
|
function create_zaqar_accounts {
|
|
create_service_user "zaqar"
|
|
|
|
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
|
|
|
local zaqar_service=$(get_or_create_service "zaqar" \
|
|
"messaging" "Zaqar Service")
|
|
get_or_create_endpoint $zaqar_service \
|
|
"$REGION_NAME" \
|
|
"$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \
|
|
"$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT" \
|
|
"$ZAQAR_SERVICE_PROTOCOL://$ZAQAR_SERVICE_HOST:$ZAQAR_SERVICE_PORT"
|
|
fi
|
|
|
|
}
|
|
|
|
|
|
# Restore xtrace
|
|
$XTRACE
|
|
|
|
# Local variables:
|
|
# mode: shell-script
|
|
# End:
|