instack-undercloud/elements/undercloud-post-config/os-refresh-config/post-configure.d/98-undercloud-setup

#!/bin/bash

set -eux

OK_FILE=/opt/stack/.undercloud-setup

if [ -f $OK_FILE ]; then
    exit
fi

source /root/tripleo-undercloud-passwords
source /root/stackrc

export INSTACK_ROOT=${INSTACK_ROOT:-""}
if [ -n "$INSTACK_ROOT" ]; then
    export PATH=$PATH:$INSTACK_ROOT/instack-undercloud/scripts
fi

if [ ! -f /root/.ssh/authorized_keys ]; then
    sudo mkdir -p /root/.ssh
    sudo chmod 7000 /root/.ssh/
    sudo touch /root/.ssh/authorized_keys
    sudo chmod 600 /root/.ssh/authorized_keys
fi

if [ ! -f /root/.ssh/id_rsa ]; then
    ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa
fi

cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys

KEYSTONE_SERVICE=keystone
if [ -f /lib/systemd/system/openstack-keystone.service ]; then
    KEYSTONE_SERVICE=openstack-keystone
fi

# Ensure keystone is up before continuing on.
# Waits for up to 2 minutes.
tripleo wait_for 12 10 service $KEYSTONE_SERVICE status

# Because keystone just still isn't up yet...
sleep 20

export UNDERCLOUD_IP=$(os-apply-config --key local-ip --type netaddress)

init-keystone -o $UNDERCLOUD_IP -t $UNDERCLOUD_ADMIN_TOKEN \
    -e admin@example.com -p $UNDERCLOUD_ADMIN_PASSWORD -u root

# Needed by ceilometer user in register-endpoint
if ! openstack role show ResellerAdmin; then
    openstack role create ResellerAdmin
fi

# Create service endpoints and optionally include Ceilometer for UI support
ENDPOINTS_FILE=$(mktemp)
cat > $ENDPOINTS_FILE << EOF
{
    "heat": {
        "password": "$UNDERCLOUD_HEAT_PASSWORD"
    },
    "neutron": {
        "password": "$UNDERCLOUD_NEUTRON_PASSWORD"
    },
    "glance": {
        "password": "$UNDERCLOUD_GLANCE_PASSWORD"
    },
    "nova": {
        "password": "$UNDERCLOUD_NOVA_PASSWORD"
    },
    "novav3": {
        "password": "$UNDERCLOUD_NOVA_PASSWORD"
    },
    "ceilometer": {
        "password": "$UNDERCLOUD_CEILOMETER_PASSWORD"
    },
    "swift": {
        "password": "$UNDERCLOUD_SWIFT_PASSWORD"
    },
    "ironic": {
        "password": "$UNDERCLOUD_IRONIC_PASSWORD"
    },
    "tuskar": {
        "password": "$UNDERCLOUD_TUSKAR_PASSWORD",
        "path": "/v2"
    }
}
EOF

REGISTER_SERVICE_OPTS=

setup-endpoints -s $ENDPOINTS_FILE $REGISTER_SERVICE_OPTS
rm $ENDPOINTS_FILE

if ! openstack role show heat_stack_user; then
    openstack role create heat_stack_user
fi

DHCP_START=$(os-apply-config --key neutron.dhcp_start --type netaddress)
DHCP_END=$(os-apply-config --key neutron.dhcp_end --type netaddress)
NETWORK_CIDR=$(os-apply-config --key neutron.network_cidr --type raw)
NETWORK_GATEWAY=$(os-apply-config --key neutron.network_gateway --type netaddress)
METADATA_SERVER=$UNDERCLOUD_IP
PHYSICAL_NETWORK=ctlplane

NETWORK_JSON=$(mktemp)
jq "." <<EOF > $NETWORK_JSON
{
    "physical": {
        "gateway": "$NETWORK_GATEWAY",
        "metadata_server": "$UNDERCLOUD_IP",
        "cidr": "$NETWORK_CIDR",
        "allocation_start": "$DHCP_START",
        "allocation_end": "$DHCP_END",
        "name": "$PHYSICAL_NETWORK",
        "nameserver": "${UNDERCLOUD_NAMESERVER:-192.168.122.1}"
    }
}
EOF
setup-neutron -n $NETWORK_JSON
rm $NETWORK_JSON

# Delete initial flavors
for flavor in m1.tiny m1.small m1.medium m1.large m1.xlarge; do
    if nova flavor-show "$flavor" &> /dev/null; then
        nova flavor-delete "$flavor"
    fi
done

# Disable nova quotas
nova quota-update --cores -1 --instances -1 --ram -1 $(openstack project show admin | awk '$2=="id" {print $4}')

# instack-prepare-for-overcloud
rm -rf $HOME/.novaclient

# restart openstack-nova-compute
# When installing via puppet, nova-compute fails the first time because the
# ironic user does not yet exist. Now that the user has been created via
# setup-endpoints, we need to restart the service.
systemctl restart openstack-nova-compute

touch $OK_FILE