heat/tools/openstack
Steven Hardy 57975d377a heat tools : openstack script fixes for grizzly
Update tools/openstack so it works with the grizzly preview repo
(tested on F18 with both grizzly repo and folsom distro packages)

fixes bug #1164605

Change-Id: I347a53c9be677131dad37f9fbeb1ed5eb9cb810b
2013-04-09 10:12:18 +01:00

386 lines
14 KiB
Bash
Executable File

#!/bin/bash
# vim: tabstop=4 shiftwidth=4 softtabstop=4
#
# Copyright (C) 2012, Red Hat, Inc.
# Angus Salkeld <asalkeld@redhat.com>
# Steven Dake <sdake@redhat.com>
#
# Licensed under the Apache License, Version 2.0 (the "License"); you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
# sleep 1 = systemd's definition of start is different from mine
BASE_DIR=`dirname $0`
if [[ $1 = '--with-cinder' ]]; then
with_cinder=1
else
with_cinder=0
fi
FEDORA_VERSION=$(cat /etc/fedora-release | awk '{print $3}')
if [[ $FEDORA_VERSION -gt 17 || $with_cinder -eq 1 ]]; then
VOLUME_SERVICE="openstack-cinder"
VOLUME_PATH="/var/lib/cinder/cinder-volumes.img"
VOLUME_NAME="cinder-volumes"
else
VOLUME_SERVICE="openstack-nova"
VOLUME_PATH="/var/lib/nova/nova-volumes.img"
VOLUME_NAME="nova-volumes"
fi
action=$1
if [ -z "$action" ]
then
echo "openstack [start|stop|install|erase|status]"
echo
echo "This tool is designed to control OpenStack on a Fedora 16+ system"
echo
echo "start - Starts OpenStack"
echo "stop - Stops OpenStack"
echo "restart - Restart OpenStack"
echo "install - Installs a fresh OpenStack system with Keystone from RPM repostories"
echo "erase - permanently destroys an existing installation of OpenStack"
echo "status - show service status for all required OpenStack services"
fi
os_dist='unknown'
function check_os_version() {
#determine which OpenStack version we'll be running
os_version=$(rpm -q openstack-nova-common --qf='%{VERSION}')
case $os_version in
2012.1|2012.1.*) os_dist='essex';;
2012.2|2012.2.*) os_dist='folsom';;
2013.1|2013.1.*) os_dist='grizzly';;
*) echo 'Could not detect installed OpenStack version';;
esac
echo "Detected os_version $os_version os_dist=$os_dist"
}
function os_status() {
for service in ${OS_SERVICES[@]}
do
output=$(systemctl show "$service.service" --property=ActiveState)
running=(${output//=/ }) #ActiveState=active
echo "$service ${running[1]}" | awk '{ printf "%-40s %s\n", $1, $2}'
done
}
OS_STATUS="OK"
function os_check_status() {
# If a service is not running, we try again up to MAX_TRIES times
MAX_TRIES=5
for service in ${OS_SERVICES[@]}
do
attempts=0
while [[ ${attempts} < ${MAX_TRIES} ]]
do
attempts=$((${attempts} + 1))
output=$(systemctl show "$service.service" --property=ActiveState)
running=${output#ActiveState=} #ActiveState=active
if [[ ${running} != "active" ]]
then
echo "Service ${service} does not seem to be running, waiting 1s ${attempts}/${MAX_TRIES}"
OS_STATUS="FAIL ${service} : ${running}"
sleep 1
else
echo "${service} ${running}" | awk '{ printf "%-40s %s\n", $1, $2}'
OS_STATUS="OK"
break
fi
done
# If we get here and OS_STATUS != OK then we return as something failed
if [[ ${OS_STATUS} != "OK" ]]
then
echo "Service ${service} has failed to start, check logs for errors"
break
fi
done
}
function os_start() {
action=start
sudo systemctl $action qpidd.service mysqld.service
sleep 1
sudo systemctl $action openstack-keystone.service tgtd.service
sleep 1
for svc in api registry
do
sudo systemctl $action openstack-glance-$svc.service
done
if ! sudo vgs | grep -q $VOLUME_NAME; then
sudo vgcreate $VOLUME_NAME $(sudo losetup --show -f $VOLUME_PATH)
fi
for svc in api cert objectstore compute scheduler
do
sudo systemctl $action openstack-nova-$svc.service
done
sudo systemctl $action $VOLUME_SERVICE-volume.service
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
for svc in api scheduler
do
sudo systemctl $action $VOLUME_SERVICE-$svc.service
done
fi
# This must be started after openstack-nova-cert due to an SELinux
# policy problem. See https://bugzilla.redhat.com/show_bug.cgi?id=857747
sleep 2
sudo systemctl $action openstack-nova-network.service
# conductor service is new for grizzly
if [ "$os_dist" = 'grizzly' ]; then
sudo systemctl $action openstack-nova-conductor.service
fi
}
function os_stop() {
action=stop
sudo systemctl $action openstack-keystone.service tgtd.service
for svc in api objectstore compute network scheduler cert
do
sudo systemctl $action openstack-nova-$svc.service
done
sudo systemctl $action $VOLUME_SERVICE-volume.service
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
for svc in api scheduler
do
sudo systemctl $action $VOLUME_SERVICE-$svc.service
done
fi
for svc in api registry
do
sudo systemctl $action openstack-glance-$svc.service
done
}
function os_restart() {
action=restart
os_stop
sleep 1
os_start
}
function os_erase() {
for net in `sudo nova-manage network list |
awk '/^[[:digit:]]/ { print $9 }'`
do
sudo nova-manage network delete --uuid $net
done
os_stop
sleep 1
# Kill dnsmasq processes
if find /var/lib/nova/networks -name '*.pid'; then
sudo kill `cat /var/lib/nova/networks/*.pid`
fi
sudo rm -f /var/lib/libvirt/qemu/save/instance-000*
sudo rm -f /var/lib/libvirt/qemu/instance-000*
sudo yum -q -y erase python-glance* python-nova* python-keystone* openstack-swift* openstack-dashboard
sudo systemctl start mysqld.service
sleep 1
sudo openstack-db --yes --service nova --drop $*
sudo openstack-db --yes --service glance --drop $*
sudo openstack-db --yes --service keystone --drop $*
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
sudo openstack-db --yes --service cinder --drop $*
fi
sudo yum -q -y erase openstack-utils
sudo vgchange -an $VOLUME_NAME
sudo losetup -d /dev/loop0
sudo rm -f $VOLUME_PATH
sudo rm -rf /etc/{glance,nova,swift,keystone,openstack-dashboard,cinder} /var/lib/{glance,nova,swift,keystone,cinder} /var/log/{glance,nova,swift,keystone,cinder} /var/run/{glance,nova,swift,keystone,cinder}
rm -f $HOME/.openstack/.keystonerc
}
function os_install() {
sudo yum -q -y groupinstall Virtualization
sudo yum -q -y install openstack-utils openstack-nova openstack-glance openstack-keystone openstack-dashboard scsi-target-utils qpid-cpp-server qpid-cpp-server-daemon $VOLUME_SERVICE
check_os_version
sudo dd if=/dev/zero of=$VOLUME_PATH bs=1M seek=20k count=0
# Note if mysql-server is not installed, this will fail
# and openstack-db --yes will install/start it
sudo systemctl start mysqld.service
sudo systemctl enable libvirtd.service
sudo systemctl start libvirtd.service
sleep 1
# Configure the databases
sudo openstack-db --yes --service nova --init $*
sudo openstack-db --yes --service glance --init $*
sudo openstack-db --yes --service keystone --init $*
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
sudo openstack-db --yes --service cinder --init $*
fi
# Create a keystone RC file
# Note that keystone bug #1073291 "fix" removes a chunk of stuff from
# /usr/share/openstack-keystone/sample_data.sh (called from
# openstack-keystone-sample-data below), so for grizzly we have to align
# our RC file with the hardcoded values, because the password variables
# are now ignored, also the admin tenant is no longer created.
# I raised bug #1166182 to potentially fix this, but for now workaround:
mkdir -p $HOME/.openstack
if [ "$os_dist" = 'grizzly' ]; then
cat > $HOME/.openstack/keystonerc <<EOF
export ADMIN_TOKEN=$(openssl rand -hex 10)
export OS_USERNAME=admin
export OS_PASSWORD=secrete
export OS_TENANT_NAME=demo
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/
export OS_AUTH_STRATEGY=keystone
EOF
else
cat > $HOME/.openstack/keystonerc <<EOF
export ADMIN_TOKEN=$(openssl rand -hex 10)
export OS_USERNAME=admin
export OS_PASSWORD=verybadpass
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/
export OS_AUTH_STRATEGY=keystone
EOF
fi
# Install keystone catalog
source $HOME/.openstack/keystonerc
sudo openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
# Need to setup pki on grizzly or you get "Unable to sign token." error
if [ "$os_dist" = 'grizzly' ]; then
keystone-manage pki_setup
chown -R keystone /etc/keystone/ssl/
fi
sudo systemctl start openstack-keystone.service
sleep 1
sudo ADMIN_PASSWORD=$OS_PASSWORD SERVICE_PASSWORD=servicepass openstack-keystone-sample-data
# Configure nova to use keystone
sudo openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service
sudo openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_user nova
if [ "$os_dist" = 'grizzly' ]; then
sudo openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password nova
else
sudo openstack-config --set /etc/nova/api-paste.ini filter:authtoken admin_password servicepass
fi
sudo openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
# Configure glance to use keystone
sudo openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
sudo openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
sudo openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
sudo openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
if [ "$os_dist" = 'grizzly' ]; then
sudo openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password glance
else
sudo openstack-config --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password servicepass
fi
sudo openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
sudo openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
sudo openstack-config --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password servicepass
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_tenant_name service
sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_user cinder
sudo openstack-config --set /etc/cinder/api-paste.ini filter:authtoken admin_password servicepass
sudo openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
# must disable implicit osapi_volume
sudo openstack-config --set /etc/nova/nova.conf DEFAULT enabled_apis ec2,osapi_compute,metadata
sudo openstack-config --set /etc/nova/nova.conf DEFAULT volume_api_class nova.volume.cinder.API
fi
os_stop
sleep 1
sudo rm -rf /var/log/{glance,nova,swift,keystone,cinder}/*
os_start
sleep 1
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
${BASE_DIR}/../bin/cinder-keystone-setup
fi
echo "Installation Complete."
echo "Checking all expected services are running"
os_check_status
if [[ ${OS_STATUS} != "OK" ]]
then
echo "Service failed to start : ${OS_STATUS}, cannot continue"
exit 1
fi
echo "Testing nova and glance. If any errors are displayed, the install failed..."
# Create additional flavors required by heat templates
${BASE_DIR}/nova_create_flavors.sh
nova flavor-list
glance index
echo
echo "note: This tool does not create a network. Creating a network"
echo "depends on your environment. An example network create operation:"
echo
echo " sudo nova-manage network create demonet 10.0.0.0/24 1 256 --bridge=demonetbr0"
echo
echo -e "The network range here should *not* be one used on your existing physical\n network."
echo "It should be a range dedicated for the network that OpenStack will configure."
echo "If 10.0.0.0/24 clashes with your local network, pick another range."
}
OS_SERVICES=(qpidd mysqld openstack-keystone tgtd openstack-glance-api openstack-glance-registry openstack-nova-api openstack-nova-objectstore openstack-nova-compute openstack-nova-network openstack-nova-scheduler openstack-nova-cert $VOLUME_SERVICE-volume)
if [[ $VOLUME_SERVICE == "openstack-cinder" ]]; then
OS_SERVICES+=($VOLUME_SERVICE-api $VOLUME_SERVICE-scheduler)
fi
check_os_version
if [ "$os_dist" = 'grizzly' ]; then
OS_SERVICES+=(openstack-nova-conductor)
fi
case $action in
"")
;;
start)
os_start
;;
stop)
os_stop
;;
restart)
os_restart
;;
erase)
shift
os_erase $*
;;
install)
shift
os_install $*
;;
status)
os_status
;;
*)
echo "The action \"$action\" is not supported."
;;
esac