openstack/instack-undercloud
Code Issues Proposed changes
8457aafdf3
instack-undercloud/elements/undercloud-post-config/os-refresh-config/post-configure.d/98-undercloud-setup
James Slagle d183c7e223 Re-use existing passwords 
Check for the existence of tripleo-undercloud-passwords and reuse the
users/passwords/secrets from that file during instack-install-undercloud
if it exists.

This makes instack-install-undercloud re-runnable. Since user's are
already defined with passwords in Keystone, we need to reuse existing
ones on subsequent runs.

Additional users/passwords/secrets are written out to the
tripleo-undercloud-passwords file since this makes them much easier to
reread.

There is also no longer a need for the 00-cleanup script at all after
the migration to Puppet. This was part of the problem of
instack-install-undercloud not being re-runnable b/c the $OK file from
98-undercloud-setup was getting deleted so that script was re-running
causing all sorts of problems.

98-undercloud-setup itself has a small change where I experimented with
making it entirely re-runnable itself, but that got complex with the
call to setup-neutron, so I stopped going down that road. Still, the
small change is valuable to have.

Change-Id: I3cb3d8f695314840c2d77a2ec9fbea1ac9b8d52e
2015-03-18 17:23:58 -04:00

116 lines
3.4 KiB
Bash
Executable File
Raw Blame History

#!/bin/bash
set -eux
OK_FILE=/opt/stack/.undercloud-setup
if [ -f $OK_FILE ]; then
exit
fi
source /root/tripleo-undercloud-passwords
source /root/stackrc
export INSTACK_ROOT=${INSTACK_ROOT:-""}
if [ -n "$INSTACK_ROOT" ]; then
export PATH=$PATH:$INSTACK_ROOT/instack-undercloud/scripts
fi
if [ ! -f /root/.ssh/authorized_keys ]; then
sudo mkdir -p /root/.ssh
sudo chmod 7000 /root/.ssh/
sudo touch /root/.ssh/authorized_keys
sudo chmod 600 /root/.ssh/authorized_keys
fi
if [ ! -f /root/.ssh/id_rsa ]; then
ssh-keygen -b 1024 -N '' -f /root/.ssh/id_rsa
fi
cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys
KEYSTONE_SERVICE=keystone
if [ -f /lib/systemd/system/openstack-keystone.service ]; then
KEYSTONE_SERVICE=openstack-keystone
fi
# Ensure keystone is up before continuing on.
# Waits for up to 2 minutes.
tripleo wait_for 12 10 service $KEYSTONE_SERVICE status
# Because keystone just still isn't up yet...
sleep 20
export UNDERCLOUD_IP=$(os-apply-config --key local-ip --type netaddress)
init-keystone -o $UNDERCLOUD_IP -t $UNDERCLOUD_ADMIN_TOKEN \
-e admin@example.com -p $UNDERCLOUD_ADMIN_PASSWORD -u root
# Create service endpoints and optionally include Ceilometer for UI support
ENDPOINT_LIST="--glance-password $UNDERCLOUD_GLANCE_PASSWORD
--heat-password $UNDERCLOUD_HEAT_PASSWORD
--neutron-password $UNDERCLOUD_NEUTRON_PASSWORD
--nova-password $UNDERCLOUD_NOVA_PASSWORD
--tuskar-password $UNDERCLOUD_TUSKAR_PASSWORD
--ironic-password $UNDERCLOUD_IRONIC_PASSWORD
--ceilometer-password $UNDERCLOUD_CEILOMETER_PASSWORD"
REGISTER_SERVICE_OPTS=
# Needed by ceilometer user in register-endpoint
if ! keystone role-get ResellerAdmin; then
keystone role-create --name=ResellerAdmin
fi
# TODO: this needs to be switched over to use os-cloud-config's setup-endpoints
tripleo setup-endpoints $UNDERCLOUD_IP $ENDPOINT_LIST $REGISTER_SERVICE_OPTS
if ! keystone role-get heat_stack_user; then
keystone role-create --name heat_stack_user
fi
DHCP_START=$(os-apply-config --key neutron.dhcp_start --type netaddress)
DHCP_END=$(os-apply-config --key neutron.dhcp_end --type netaddress)
NETWORK_CIDR=$(os-apply-config --key neutron.network_cidr --type raw)
NETWORK_GATEWAY=$(os-apply-config --key neutron.network_gateway --type netaddress)
METADATA_SERVER=$UNDERCLOUD_IP
PHYSICAL_NETWORK=ctlplane
NETWORK_JSON=$(mktemp)
jq "." <<EOF > $NETWORK_JSON
{
"physical": {
"gateway": "$NETWORK_GATEWAY",
"metadata_server": "$UNDERCLOUD_IP",
"cidr": "$NETWORK_CIDR",
"allocation_start": "$DHCP_START",
"allocation_end": "$DHCP_END",
"name": "$PHYSICAL_NETWORK",
"nameserver": "${UNDERCLOUD_NAMESERVER:-192.168.122.1}"
}
}
EOF
setup-neutron -n $NETWORK_JSON
rm $NETWORK_JSON
# Delete initial flavors
for flavor in m1.tiny m1.small m1.medium m1.large m1.xlarge; do
if nova flavor-show "$flavor" &> /dev/null; then
nova flavor-delete "$flavor"
fi
done
# Disable nova quotas
nova quota-update --cores -1 --instances -1 --ram -1 $(keystone tenant-get admin | awk '$2=="id" {print $4}')
# instack-prepare-for-overcloud
rm -rf $HOME/.novaclient
# restart openstack-nova-compute
# When installing via puppet, nova-compute fails the first time because the
# ironic user does not yet exist. Now that the user has been created via
# setup-endpoints, we need to restart the service.
systemctl restart openstack-nova-compute
touch $OK_FILE
View Git Blame Copy Permalink