Symlink all non Dockerfile resources in images

The only files in the docker image directories that differ majorly between
distros are the Dockerfiles (e.g. different package manager mechanisms,
different repo sources, etc).

The supporting files such as the start.sh/check.sh and config files should
largely stay the same between base images.

This change moves these files up into a "common" directory, and symlinks them
in the same way that the build script is managed. This means when adding a new
base distro only new Dockerfiles need to be created. Also, if a distro does
happen to require a vastly different start.sh script for example, one can
choose to simply not symlink to the common and instead drop in a custom one.

Implements: blueprint refactor-base-image-layout

Change-Id: Ic4db69d31ff54a1fb95af4853a2e5ae490064284
This commit is contained in:
Paul Bourke 2015-06-17 11:14:59 +00:00
parent c2b05b576f
commit 897337cdd6
165 changed files with 3168 additions and 3107 deletions

View File

@ -1,81 +0,0 @@
#!/bin/bash
set -e
: ${BARBICAN_DB_USER:=barbican}
: ${BARBICAN_DB_NAME:=barbican}
: ${KEYSTONE_AUTH_PROTOCOL:=http}
: ${BARBICAN_KEYSTONE_USER:=barbican}
: ${ADMIN_TENANT_NAME:=admin}
if ! [ "$BARBICAN_DB_PASSWORD" ]; then
BARBICAN_DB_PASSWORD=$(openssl rand -hex 15)
export BARBICAN_DB_PASSWORD
fi
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
KEYSTONE_ADMIN_SERVICE_PORT BARBICAN_ADMIN_PASSWORD
fail_unless_db
fail_unless_os_service_running keystone
mysql -h ${MARIADB_SERVICE_HOST} -u root -p"${DB_ROOT_PASSWORD}" mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${BARBICAN_DB_NAME};
GRANT ALL PRIVILEGES ON barbican.* TO
'${BARBICAN_DB_USER}'@'%' IDENTIFIED BY '${BARBICAN_DB_PASSWORD}'
EOF
# config file setup
crudini --set /etc/barbican/barbican-api.conf \
DEFAULT \
sql_connection \
"mysql://${BARBICAN_DB_USER}:${BARBICAN_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${BARBICAN_DB_NAME}"
crudini --set /etc/barbican/barbican-api.conf \
DEFAULT \
log_dir \
"/var/log/barbican/"
crudini --set /etc/barbican/barbican-api.conf \
DEFAULT \
log_file \
"/var/log/barbican/barbican.log"
crudini --set /etc/barbican/barbican-api-paste.ini \
pipeline:barbican_api \
pipeline \
"keystone_authtoken context apiapp"
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
auth_host \
${KEYSTONE_ADMIN_SERVICE_HOST}
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
auth_port \
${KEYSTONE_ADMIN_SERVICE_PORT}
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
auth_protocol \
${KEYSTONE_AUTH_PROTOCOL}
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
admin_tenant_name \
${ADMIN_TENANT_NAME}
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
admin_user \
${BARBICAN_KEYSTONE_USER}
crudini --set /etc/barbican/barbican-api-paste.ini \
filter:keystone_authtoken \
admin_password \
${BARBICAN_KEYSTONE_USER}
# create the required keystone entities for barbican
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
keystone user-get ${BARBICAN_KEYSTONE_USER} > /dev/null 2>&1 || /bin/keystone user-create --name ${BARBICAN_KEYSTONE_USER} --pass ${BARBICAN_ADMIN_PASSWORD}
keystone role-get observer > /dev/null 2>&1 || /bin/keystone role-create --name observer
keystone role-get creator > /dev/null 2>&1 || /bin/keystone role-create --name creator
keystone user-get ${BARBICAN_KEYSTONE_USER} > /dev/null 2>&1 || /bin/keystone user-role-add --user ${BARBICAN_KEYSTONE_USER} --role admin --tenant ${ADMIN_TENANT_NAME}
# launch Barbican using uwsgi
exec uwsgi --master --emperor /etc/barbican/vassals

View File

@ -0,0 +1 @@
../../../common/barbican/start.sh

View File

@ -1 +1 @@
../../../common/kolla-common.sh ../../../common/base/kolla-common.sh

View File

@ -1 +1 @@
../../../common/service_hosts.sh ../../../common/base/service_hosts.sh

View File

@ -1,10 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
exec /usr/bin/ceilometer-alarm-evaluator &
exec /usr/bin/ceilometer-alarm-notifier

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-alarm/start.sh

View File

@ -1,51 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
check_required_vars CEILOMETER_DB_USER CEILOMETER_DB_NAME \
CEILOMETER_DB_PASSWORD KEYSTONE_ADMIN_TOKEN \
KEYSTONE_AUTH_PROTOCOL KEYSTONE_ADMIN_SERVICE_HOST \
KEYSTONE_ADMIN_SERVICE_PORT ADMIN_TENANT_NAME \
CEILOMETER_KEYSTONE_USER CEILOMETER_ADMIN_PASSWORD \
CEILOMETER_API_SERVICE_HOST PUBLIC_IP
fail_unless_os_service_running keystone
fail_unless_db
#TODO(pkilambi): Add mongodb support
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${CEILOMETER_DB_NAME} DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON ${CEILOMETER_DB_NAME}.* TO
'${CEILOMETER_DB_USER}'@'%' IDENTIFIED BY '${CEILOMETER_DB_PASSWORD}'
EOF
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
crux user-create -n ${CEILOMETER_KEYSTONE_USER} \
-p ${CEILOMETER_ADMIN_PASSWORD} \
-t ${ADMIN_TENANT_NAME} \
-r admin
crux service-create -n ${CEILOMETER_KEYSTONE_USER} -t metering \
-d "Ceilometer Telemetry Service"
crux endpoint-create i--remove-all -n ${CEILOMETER_KEYSTONE_USER} -t metering \
-I "${KEYSTONE_AUTH_PROTOCOL}://${CEILOMETER_API_SERVICE_HOST}:8777" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${PUBLIC_IP}:8777" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${CEILOMETER_API_SERVICE_HOST}:8777"
cfg=/etc/ceilometer/ceilometer.conf
crudini --set $cfg \
DEFAULT connection
"mysql://${CEILOMETER_DB_USER}:${CEILOMETER_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${CEILOMETER_DB_NAME}"
exec /usr/bin/ceilometer-api

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-api/start.sh

View File

@ -1,71 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
: ${CEILOMETER_DB_USER:=ceilometer}
: ${CEILOMETER_DB_NAME:=ceilometer}
: ${KEYSTONE_AUTH_PROTOCOL:=http}
: ${CEILOMETER_KEYSTONE_USER:=admin}
: ${CEILOMETER_ADMIN_PASSWORD:=kolla}
: ${ADMIN_TENANT_NAME:=admin}
: ${METERING_SECRET:=ceilometer}
: ${RABBIT_PASSWORD:=guest}
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
KEYSTONE_ADMIN_SERVICE_PORT KEYSTONE_PUBLIC_SERVICE_HOST \
dump_vars
cat > /openrc <<EOF
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
EOF
cfg=/etc/ceilometer/ceilometer.conf
crudini --set $cfg \
DEFAULT rpc_backend rabbit
crudini --set $cfg \
DEFAULT rabbit_host ${RABBITMQ_SERVICE_HOST}
crudini --set $cfg \
DEFAULT rabbit_password ${RABBIT_PASSWORD}
crudini --set $cfg \
keystone_authtoken \
auth_uri \
"http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/"
crudini --set $cfg \
keystone_authtoken \
admin_tenant_name \
"${ADMIN_TENANT_NAME}"
crudini --set $cfg \
keystone_authtoken \
admin_user \
"${CEILOMETER_KEYSTONE_USER}"
crudini --set $cfg \
keystone_authtoken \
admin_password \
${CEILOMETER_ADMIN_PASSWORD}
crudini --set $cfg \
service_credentials \
os_auth_url \
${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/
crudini --set $cfg \
service_credentials \
os_username \
ceilometer
crudini --set $cfg \
service_credentials \
os_tenant_name \
service
crudini --set $cfg \
service_credentials \
os_password \
${CEILOMETER_ADMIN_PASSWORD}
crudini --set $cfg \
publisher
metering_secret
${METERING_SECRET}

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-base/config-ceilometer.sh

View File

@ -1,14 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_AUTH_PROTOCOL \
KEYSTONE_ADMIN_SERVICE_HOST KEYSTONE_ADMIN_SERVICE_PORT
fail_unless_os_service_running keystone
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
exec /usr/bin/ceilometer-agent-central

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-central/start.sh

View File

@ -1,9 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
exec /usr/bin/ceilometer-collector

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-collector/start.sh

View File

@ -1,25 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
check_required_vars KEYSTONE_ADMIN_TOKEN RABBITMQ_SERVICE_HOST RABBIT_PASSWORD
fail_unless_os_service_running keystone
# Nova conf settings
crudini --set /etc/nova/nova.conf DEFAULT instance_usage_audit True
crudini --set /etc/nova/nova.conf DEFAULT instance_usage_audit_period hour
crudini --set /etc/nova/nova.conf DEFAULT notify_on_state_change vm_and_task_state
crudini --set /etc/nova/nova.conf DEFAULT notification_driver nova.openstack.common.notifier.rpc_notifier
crudini --set /etc/nova/nova.conf DEFAULT notification_driver ceilometer.compute.nova_notifier
#ceilometer settings
cfg=/etc/ceilometer/ceilometer.conf
crudini --set $cfg publisher_rpc metering_secret ${KEYSTONE_ADMIN_TOKEN}
crudini --set $cfg rabbit_host ${RABBITMQ_SERVICE_HOST}
crudini --set $cfg rabbit_password ${RABBIT_PASSWORD}
exec /usr/bin/ceilometer-agent-compute

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-compute/start.sh

View File

@ -1,9 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-ceilometer.sh
exec /usr/bin/ceilometer-agent-notification

View File

@ -0,0 +1 @@
../../../../common/ceilometer/ceilometer-notification/start.sh

View File

@ -1,16 +0,0 @@
#!/bin/sh
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! cinder list > /dev/null; then
echo "ERROR: cinder list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-api/check.sh

View File

@ -1,73 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-cinder.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
ADMIN_TENANT_NAME PUBLIC_IP CINDER_API_SERVICE_HOST \
KEYSTONE_AUTH_PROTOCOL KEYSTONE_ADMIN_SERVICE_PORT \
CINDER_KEYSTONE_USER CINDER_KEYSTONE_PASSWORD \
CINDER_API_LOG_FILE CINDER_API_SERVICE_LISTEN \
CINDER_API_SERVICE_PORT CINDER_API_SERVICE_LISTEN
fail_unless_os_service_running keystone
cfg=/etc/cinder/cinder.conf
# Set the auth credentials
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
# Create Keystone User
crux user-create --update \
-n "${CINDER_KEYSTONE_USER}" \
-p "${CINDER_KEYSTONE_PASSWORD}" \
-t "${ADMIN_TENANT_NAME}" \
-r admin
# Configure Keystone
crux endpoint-create --remove-all \
-n cinder \
-t volume \
-P "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v1/\$(tenant_id)s" \
-A "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v1/\$(tenant_id)s" \
-I "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v1/\$(tenant_id)s"
crux endpoint-create --remove-all \
-n cinderv2 \
-t volumev2 \
-P "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v2/\$(tenant_id)s" \
-A "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v2/\$(tenant_id)s" \
-I "http://${CINDER_API_SERVICE_HOST}:${CINDER_API_SERVICE_PORT}/v2/\$(tenant_id)s"
# Logging
crudini --set $cfg \
DEFAULT \
log_file \
"${CINDER_API_LOG_FILE}"
# API Configuration
crudini --set $cfg \
DEFAULT \
osapi_volume_listen \
"${CINDER_API_SERVICE_LISTEN}"
crudini --set $cfg \
DEFAULT \
osapi_volume_listen_port \
"${CINDER_API_SERVICE_PORT}"
crudini --set $cfg \
DEFAULT \
enable_v1_api \
"true"
crudini --set $cfg \
DEFAULT \
enable_v2_api \
"true"
echo "Starting cinder-api"
exec /usr/bin/cinder-api --config-file $cfg

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-api/start.sh

View File

@ -1,36 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-cinder.sh
check_required_vars CINDER_BACKUP_DRIVER CINDER_BACKUP_MANAGER \
CINDER_BACKUP_API_CLASS CINDER_BACKUP_NAME_TEMPLATE
cfg=/etc/cinder/cinder.conf
# volume backup configuration
crudini --set $cfg \
DEFAULT \
backup_driver \
"${CINDER_BACKUP_DRIVER}"
crudini --set $cfg \
DEFAULT \
backup_topic \
"cinder-backup"
crudini --set $cfg \
DEFAULT \
backup_manager \
"${CINDER_BACKUP_MANAGER}"
crudini --set $cfg \
DEFAULT \
backup_api_class \
"${CINDER_BACKUP_API_CLASS}"
crudini --set $cfg \
DEFAULT \
backup_name_template \
"${CINDER_BACKUP_NAME_TEMPLATE}"
echo "Starting cinder-backup"
exec /usr/bin/cinder-backup --config-file $cfg

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-backup/start.sh

View File

@ -1,132 +0,0 @@
#!/bin/sh
set -e
. /opt/kolla/kolla-common.sh
check_required_vars CINDER_DB_PASSWORD CINDER_KEYSTONE_PASSWORD \
KEYSTONE_PUBLIC_SERVICE_HOST RABBITMQ_SERVICE_HOST \
GLANCE_API_SERVICE_HOST MARIADB_SERVICE_HOST \
RABBITMQ_SERVICE_HOST RABBITMQ_SERVICE_PORT \
RABBIT_USERID RABBIT_PASSWORD GLANCE_API_SERVICE_HOST \
GLANCE_API_SERVICE_PORT ADMIN_TENANT_NAME \
CINDER_DB_NAME CINDER_DB_USER CINDER_KEYSTONE_USER \
PUBLIC_IP KEYSTONE_AUTH_PROTOCOL CINDER_LOG_DIR
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
export OS_USERNAME="${CINDER_KEYSTONE_USER}"
export OS_PASSWORD="${CINDER_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
cfg=/etc/cinder/cinder.conf
# Logging
crudini --set $cfg \
DEFAULT \
log_dir \
"${CINDER_LOG_DIR}"
crudini --set $cfg \
DEFAULT \
verbose \
"${VERBOSE_LOGGING}"
crudini --set $cfg \
DEFAULT \
debug \
"${DEBUG_LOGGING}"
# backend
crudini --set $cfg \
DEFAULT \
rpc_backend \
"cinder.openstack.common.rpc.impl_kombu"
# rabbit
crudini --set $cfg \
DEFAULT \
rabbit_host \
"${RABBITMQ_SERVICE_HOST}"
crudini --set $cfg \
DEFAULT \
rabbit_port \
"${RABBITMQ_SERVICE_PORT}"
crudini --set $cfg \
DEFAULT \
rabbit_hosts \
"${RABBITMQ_SERVICE_HOST}:${RABBITMQ_SERVICE_PORT}"
crudini --set $cfg \
DEFAULT \
rabbit_userid \
"${RABBIT_USERID}"
crudini --set $cfg \
DEFAULT \
rabbit_password \
"${RABBIT_PASSWORD}"
crudini --set /etc/cinder/cinder.conf \
DEFAULT \
rabbit_virtual_host \
"/"
crudini --set /etc/cinder/cinder.conf \
DEFAULT \
rabbit_ha_queues \
"False"
# control_exchange
crudini --set /etc/cinder/cinder.conf \
DEFAULT \
control_exchange \
"openstack"
# glance
crudini --set $cfg \
DEFAULT \
glance_host \
"${GLANCE_API_SERVICE_HOST}"
crudini --set $cfg \
DEFAULT \
glance_port \
"${GLANCE_API_SERVICE_PORT}"
# database
crudini --set $cfg \
database \
connection \
"mysql://${CINDER_DB_USER}:${CINDER_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${CINDER_DB_NAME}"
# keystone
crudini --set $cfg \
DEFAULT \
auth_strategy \
"keystone"
crudini --del $cfg \
keystone_authtoken \
auth_protocol
crudini --del $cfg \
keystone_authtoken \
auth_host
crudini --del $cfg \
keystone_authtoken \
auth_port
crudini --set $cfg \
keystone_authtoken \
auth_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
crudini --set $cfg \
keystone_authtoken \
identity_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}"
crudini --set $cfg \
keystone_authtoken \
admin_tenant_name \
"${ADMIN_TENANT_NAME}"
crudini --set $cfg \
keystone_authtoken \
admin_user \
"${CINDER_KEYSTONE_USER}"
crudini --set $cfg \
keystone_authtoken \
admin_password \
"${CINDER_KEYSTONE_PASSWORD}"

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-base/config-cinder.sh

View File

@ -1,32 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-cinder.sh
fail_unless_db
check_required_vars MARIADB_SERVICE_HOST DB_ROOT_PASSWORD \
CINDER_DB_NAME CINDER_DB_USER CINDER_DB_PASSWORD \
CINDER_SCHEDULER_LOG_FILE INIT_CINDER_DB
cfg=/etc/cinder/cinder.conf
if [ "${INIT_CINDER_DB}" == "true" ]; then
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${CINDER_DB_NAME};
GRANT ALL PRIVILEGES ON ${CINDER_DB_NAME}.* TO
'${CINDER_DB_USER}'@'%' IDENTIFIED BY '${CINDER_DB_PASSWORD}'
EOF
su -s /bin/sh -c "cinder-manage db sync" cinder
fi
crudini --set $cfg \
DEFAULT \
log_file \
"${CINDER_SCHEDULER_LOG_FILE}"
echo "Starting cinder-scheduler"
exec /usr/bin/cinder-scheduler --config-file $cfg

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-scheduler/start.sh

View File

@ -1,75 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-cinder.sh
. /opt/kolla/volume-group-create.sh
check_required_vars CINDER_VOLUME_API_LISTEN ISCSI_HELPER ISCSI_IP_ADDRESS \
CINDER_VOLUME_GROUP CINDER_LVM_LO_VOLUME_SIZE \
CINDER_VOLUME_BACKEND_NAME CINDER_VOLUME_DRIVER \
CINDER_ENABLED_BACKEND CINDER_VOLUME_LOG_FILE
cfg=/etc/cinder/cinder.conf
# Logging
crudini --set $cfg \
DEFAULT \
log_file \
"${CINDER_VOLUME_LOG_FILE}"
# IP address on which OpenStack Volume API listens
crudini --set $cfg \
DEFAULT \
osapi_volume_listen \
"${CINDER_VOLUME_API_LISTEN}"
# The IP address that the iSCSI daemon is listening on
crudini --set $cfg \
DEFAULT \
iscsi_ip_address \
"${ISCSI_IP_ADDRESS}"
# Set to false when using loopback devices (testing)
crudini --set $cfg \
DEFAULT \
secure_delete \
"false"
crudini --set $cfg \
DEFAULT \
enabled_backends \
"${CINDER_ENABLED_BACKEND}"
crudini --set $cfg \
lvm57 \
iscsi_helper \
"${ISCSI_HELPER}"
crudini --set $cfg \
lvm57 \
volume_group \
"${CINDER_VOLUME_GROUP}"
crudini --set $cfg \
lvm57 \
volume_driver \
"${CINDER_VOLUME_DRIVER}"
crudini --set $cfg \
lvm57 \
iscsi_ip_address \
"${ISCSI_IP_ADDRESS}"
crudini --set $cfg \
lvm57 \
volume_backend_name \
"${CINDER_VOLUME_BACKEND_NAME}"
sed -i 's/udev_sync = 1/udev_sync = 0/' /etc/lvm/lvm.conf
sed -i 's/udev_rules = 1/udev_rules = 0/' /etc/lvm/lvm.conf
sed -i 's/use_lvmetad = 1/use_lvmetad = 0/' /etc/lvm/lvm.conf
echo "Starting cinder-volume"
exec /usr/bin/cinder-volume --config-file /etc/cinder/cinder.conf

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-volume/start.sh

View File

@ -1,22 +0,0 @@
#!/bin/bash
# The script will create the cinder-volume volume group that will
# allow cinder to create volumes from a backing file.
# This is based off devstack.
set -e
backing_file=/opt/data/cinder_volume
check_required_vars CINDER_LVM_LO_VOLUME_SIZE CINDER_VOLUME_GROUP
if ! vgs ${CINDER_VOLUME_GROUP}; then
[[ ! -f $backing_file ]] && truncate -s ${CINDER_LVM_LO_VOLUMES_SIZE} $backing_file
vg_dev=`losetup -f --show $backing_file`
if ! vgs ${CINDER_VOLUME_GROUP}; then
vgcreate ${CINDER_VOLUME_GROUP} $vg_dev
fi
fi
# Remove iscsi targets
cinder-rtstool get-targets | xargs -rn 1 cinder-rtstool delete

View File

@ -0,0 +1 @@
../../../../common/cinder-app/cinder-volume/volume-group-create.sh

View File

@ -1,37 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-designate.sh
CONF=/etc/designate/designate.conf
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
DESIGNATE_KEYSTONE_USER DESIGNATE_KEYSTONE_PASSWORD \
KEYSTONE_AUTH_PROTOCOL ADMIN_TENANT_NAME \
DESIGNATE_API_SERVICE_HOST DESIGNATE_API_SERVICE_PORT \
KEYSTONE_ADMIN_SERVICE_PORT
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
fail_unless_os_service_running keystone
crux user-create \
-n ${DESIGNATE_KEYSTONE_USER} \
-p ${DESIGNATE_KEYSTONE_PASSWORD} \
-t ${ADMIN_TENANT_NAME} \
-r admin
crux endpoint-create \
--remove-all \
-n ${DESIGNATE_KEYSTONE_USER} \
-t dns \
-I "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${DESIGNATE_API_SERVICE_HOST}:${DESIGNATE_API_SERVICE_PORT}/v1"
crudini --set $CONF service:api api_paste_config "/usr/share/designate/api-paste.ini"
crudini --set $CONF service:api api_port "${DESIGNATE_API_SERVICE_PORT}"
exec /usr/bin/designate-api

View File

@ -0,0 +1 @@
../../../../common/designate/designate-api/start.sh

View File

@ -1,60 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
check_required_vars DESIGNATE_MASTERNS DESIGNATE_SLAVENS DESIGNATE_BIND9_RNDC_KEY \
DESIGNATE_ALLOW_RECURSION
NAMEDCFG=/etc/named.conf
# /var/named is coming from a VOLUME definition but at first boot it needs to
# be populated from the original container since else it would be missing some
# Bind9 core files. These files have been saved during the build phase.
if [ ! -f /var/named/named.ca ]; then
cp -pr /opt/kolla/var-named/* /var/named/
fi
# When rndc adds a new domain, bind adds the call in an nzf file in this
# directory.
chmod 770 /var/named
chown root:named /var/named
# Default Bind9 behavior is to enable recursion, disable if wanted.
if [ "${DESIGNATE_ALLOW_RECURSION}" == "false" ]; then
sed -i -r "s/(recursion) yes/\1 no/" $NAMEDCFG
fi
sed -i -r "/listen-on port 53/d" $NAMEDCFG
sed -i -r "/listen-on-v6/d" $NAMEDCFG
sed -i -r "s,/\* Path to ISC DLV key \*/,allow-new-zones yes;," $NAMEDCFG
sed -i -r "/allow-query .+;/d" $NAMEDCFG
if ! grep -q rndc-key /etc/named.conf; then
cat >> /etc/named.conf <<EOF
include "/etc/rndc.key";
controls {
inet ${DESIGNATE_SLAVENS} allow { ${DESIGNATE_MASTERNS}; } keys { "rndc-key"; };
};
EOF
fi
cat > /etc/rndc.key <<EOF
key "rndc-key" {
algorithm hmac-md5;
secret "${DESIGNATE_BIND9_RNDC_KEY}";
};
EOF
cat > /etc/rndc.conf <<EOF
options {
default-key "rndc-key";
default-server 127.0.0.1;
default-port 953;
};
EOF
cat /etc/rndc.key >> /etc/rndc.conf
chown named /etc/rndc.key
# Launch and keep in the foreground.
exec /usr/sbin/named -u named -g

View File

@ -0,0 +1 @@
../../../../common/designate/designate-backend-bind9/start.sh

View File

@ -1,79 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
get_or_create_domain() {
local DOMAIN_NAME=$1
DOMAIN_ID=$(designate domain-create --name $DOMAIN_NAME | awk '/id/ { print $4; }')
# Searching domain if not created
if [ -z $DOMAIN_ID ]; then
DOMAIN_ID=$(designate domain-list | awk "/$DOMAIN_NAME/ { print \$2; }")
fi
# Fail if domain still don't exist
if [ -z $DOMAIN_ID ]; then
echo "Creating domain failed" 1>&2
exit 1
fi
echo $DOMAIN_ID
}
check_required_vars DESIGNATE_DB_PASSWORD DESIGNATE_KEYSTONE_PASSWORD \
KEYSTONE_PUBLIC_SERVICE_HOST RABBITMQ_SERVICE_HOST \
DESIGNATE_BIND9_RNDC_KEY DESIGNATE_BACKEND \
KEYSTONE_PUBLIC_SERVICE_PORT DESIGNATE_KEYSTONE_USER \
RABBIT_USERID RABBIT_PASSWORD DESIGNATE_DB_USER \
DESIGNATE_DB_NAME KEYSTONE_AUTH_PROTOCOL \
KEYSTONE_ADMIN_SERVICE_HOST KEYSTONE_ADMIN_SERVICE_PORT \
DEBUG_LOGGING DESIGNATE_POOLMAN_POOLID
fail_unless_db
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
export OS_USERNAME="${DESIGNATE_KEYSTONE_USER}"
export OS_PASSWORD="${DESIGNATE_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
conf=/etc/designate/designate.conf
# Regular configuration.
crudini --set $conf DEFAULT log_file ""
crudini --set $conf DEFAULT use_stderr "True"
crudini --set $conf DEFAULT debug "${DEBUG_LOGGING}"
crudini --set $conf DEFAULT rpc_backend "designate.openstack.common.rpc.impl_kombu"
crudini --set $conf oslo_messaging_rabbit rabbit_host "${RABBITMQ_SERVICE_HOST}"
crudini --set $conf oslo_messaging_rabbit rabbit_userid "${RABBIT_USERID}"
crudini --set $conf oslo_messaging_rabbit rabbit_password "${RABBIT_PASSWORD}"
crudini --set $conf storage:sqlalchemy connection "mysql://${DESIGNATE_DB_USER}:${DESIGNATE_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${DESIGNATE_DB_NAME}"
crudini --set $conf service:api auth_strategy "keystone"
crudini --set $conf service:api api_host "${PUBLIC_IP}"
# Eventhough this is a central-scoped item, it's used in other Designate
# components as well. Thus it should be configured here, from designate-base.
crudini --set $conf service:central default_pool_id "${DESIGNATE_POOLMAN_POOLID}"
crudini --set $conf keystone_authtoken identity_uri "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}"
crudini --set $conf keystone_authtoken auth_uri "${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
crudini --set $conf keystone_authtoken admin_tenant_name "${ADMIN_TENANT_NAME}"
crudini --set $conf keystone_authtoken admin_user "${DESIGNATE_KEYSTONE_USER}"
crudini --set $conf keystone_authtoken admin_password "${DESIGNATE_KEYSTONE_PASSWORD}"
if [ "${DESIGNATE_BACKEND}" == "bind9" ]; then
# Configure a key for RNDC so it can connect with Bind9 to create/delete
# zones.
cat > /etc/rndc.key <<EOF
key "rndc-key" {
algorithm hmac-md5;
secret "${DESIGNATE_BIND9_RNDC_KEY}";
};
EOF
fi

View File

@ -0,0 +1 @@
../../../../common/designate/designate-base/config-designate.sh

View File

@ -1,24 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-designate.sh
check_required_vars MARIADB_SERVICE_HOST DB_ROOT_PASSWORD DESIGNATE_DB_NAME \
DESIGNATE_DB_USER DESIGNATE_DB_PASSWORD DESIGNATE_INITDB
fail_unless_db
CONF=/etc/designate/designate.conf
if [ "${DESIGNATE_INITDB}" == "true" ]; then
echo "Configuring database"
mysql -h ${MARIADB_SERVICE_HOST} -u root -p"${DB_ROOT_PASSWORD}" mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${DESIGNATE_DB_NAME};
GRANT ALL PRIVILEGES ON ${DESIGNATE_DB_NAME}.* TO '${DESIGNATE_DB_USER}'@'%' IDENTIFIED BY '${DESIGNATE_DB_PASSWORD}'
EOF
designate-manage database sync
fi
exec /usr/bin/designate-central

View File

@ -0,0 +1 @@
../../../../common/designate/designate-central/start.sh

View File

@ -1,17 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-designate.sh
check_required_vars DESIGNATE_MASTERNS DESIGNATE_MDNS_PORT
CONF=/etc/designate/designate.conf
crudini --set $CONF service:mdns workers "1"
crudini --set $CONF service:mdns host "${DESIGNATE_MASTERNS}"
crudini --set $CONF service:mdns port "${DESIGNATE_MDNS_PORT}"
crudini --set $CONF service:mdns tcp_backlog "100"
crudini --set $CONF service:mdns all_tcp "False"
exec /usr/bin/designate-mdns

View File

@ -0,0 +1 @@
../../../../common/designate/designate-mdns/start.sh

View File

@ -1,54 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-designate.sh
check_required_vars DESIGNATE_MASTERNS DESIGNATE_BACKEND DESIGNATE_SLAVENS \
DESIGNATE_MDNS_PORT DESIGNATE_DNS_PORT DESIGNATE_POOLMAN_POOLID \
DESIGNATE_POOLMAN_TARGETS DESIGNATE_POOLMAN_NSS \
DESIGNATE_POOLMAN_POOLID
CONF=/etc/designate/designate.conf
if [ "${DESIGNATE_BACKEND}" == "bind9" ]; then
TYPE="bind9"
OPTIONS="rndc_host: ${DESIGNATE_SLAVENS}, rndc_key_file: /etc/rndc.key"
else
echo Unsupported backend: ${DESIGNATE_BACKEND}
exit
fi
crudini --set $CONF service:pool_manager workers "1"
crudini --set $CONF service:pool_manager enable_recovery_timer "False"
crudini --set $CONF service:pool_manager periodic_recovery_interval "120"
crudini --set $CONF service:pool_manager enable_sync_timer "True"
crudini --set $CONF service:pool_manager periodic_sync_interval "1800"
crudini --set $CONF service:pool_manager poll_max_retries "10"
crudini --set $CONF service:pool_manager poll_delay "5"
crudini --set $CONF service:pool_manager poll_retry_interval "15"
crudini --set $CONF service:pool_manager pool_id "${DESIGNATE_POOLMAN_POOLID}"
crudini --set $CONF service:pool_manager cache_driver "noop"
# TODO: use this to use memcached
#crudini --set $CONF service:pool_manager cache_driver memcache
#crudini --set $CONF service:pool_manager memcached_servers ${MEMCACHED_HOST}
# Specify the id of the pool managed through pool_manager. Central gets
# configured with this pool_id as well.
crudini --set $CONF service:pool_manager pool_id "${DESIGNATE_POOLMAN_POOLID}"
crudini --set $CONF pool:${DESIGNATE_POOLMAN_POOLID} nameservers "${DESIGNATE_POOLMAN_NSS}"
crudini --set $CONF pool:${DESIGNATE_POOLMAN_POOLID} targets "${DESIGNATE_POOLMAN_TARGETS}"
crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} type "${TYPE}"
crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} options "${OPTIONS}"
# This is the mdns container, which is the master nameserver.
crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} masters "${DESIGNATE_MASTERNS}:${DESIGNATE_MDNS_PORT}"
crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} host "${DESIGNATE_MASTERNS}"
crudini --set $CONF pool_target:${DESIGNATE_POOLMAN_TARGETS} port "${DESIGNATE_DNS_PORT}"
crudini --set $CONF pool_nameserver:${DESIGNATE_POOLMAN_NSS} host "${DESIGNATE_MASTERNS}"
crudini --set $CONF pool_nameserver:${DESIGNATE_POOLMAN_NSS} port "${DESIGNATE_DNS_PORT}"
exec /usr/bin/designate-pool-manager

View File

@ -0,0 +1 @@
../../../../common/designate/designate-poolmanager/start.sh

View File

@ -1,94 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
check_required_vars DB_CLUSTER_BIND_ADDRESS DB_CLUSTER_NAME DB_CLUSTER_NODES \
DB_ROOT_PASSWORD DB_CLUSTER_WSREP_METHOD
CFG=/etc/my.cnf.d/server.cnf
DB_CLUSTER_INIT_SQL=/tmp/mysql-first-time.sql
function configure_files {
crudini --set $CFG mariadb bind-address "${DB_CLUSTER_BIND_ADDRESS}"
crudini --set $CFG mariadb binlog_format "ROW"
crudini --set $CFG mariadb character-set-server "utf8"
crudini --set $CFG mariadb collation-server "utf8_general_ci"
crudini --set $CFG mariadb datadir "/var/lib/mysql"
crudini --set $CFG mariadb default-storage-engine "innodb"
crudini --set $CFG mariadb init-connect "'SET NAMES utf8'"
crudini --set $CFG mariadb innodb_autoinc_lock_mode "2"
crudini --set $CFG mariadb innodb_file_per_table 1
crudini --set $CFG mariadb innodb_flush_log_at_trx_commit "2"
crudini --set $CFG mariadb innodb_locks_unsafe_for_binlog "1"
crudini --set $CFG mariadb innodb_log_file_size "100M"
crudini --set $CFG mariadb query_cache_size "0"
crudini --set $CFG mariadb query_cache_type "0"
crudini --set $CFG mariadb wsrep_cluster_address "gcomm://${DB_CLUSTER_NODES}"
crudini --set $CFG mariadb wsrep_cluster_name "${DB_CLUSTER_NAME}"
crudini --set $CFG mariadb wsrep_provider "/usr/lib64/galera/libgalera_smm.so"
crudini --set $CFG mariadb wsrep_sst_auth "'root:${DB_ROOT_PASSWORD}'"
crudini --set $CFG mariadb wsrep_sst_method "${DB_CLUSTER_WSREP_METHOD}"
}
function bootstrap_database() {
mysqld_safe &
# Waiting for deamon
sleep 10
expect -c '
set timeout 10
spawn mysql_secure_installation
expect "Enter current password for root (enter for none):"
send "\r"
expect "Set root password?"
send "y\r"
expect "New password:"
send "'"${DB_ROOT_PASSWORD}"'\r"
expect "Re-enter new password:"
send "'"${DB_ROOT_PASSWORD}"'\r"
expect "Remove anonymous users?"
send "y\r"
expect "Disallow root login remotely?"
send "n\r"
expect "Remove test database and access to it?"
send "y\r"
expect "Reload privilege tables now?"
send "y\r"
expect eof'
mysqladmin -p"${DB_ROOT_PASSWORD}" shutdown
}
function configure_db {
bootstrap_database
echo "GRANT ALL ON *.* TO 'root'@'%' IDENTIFIED BY '$DB_ROOT_PASSWORD' ;" > $DB_CLUSTER_INIT_SQL
if [ "$MARIADB_DATABASE" ]; then
echo "CREATE DATABASE IF NOT EXISTS $MARIADB_DATABASE ;" >> $DB_CLUSTER_INIT_SQL
fi
if [ "$MARIADB_USER" -a "$MARIADB_PASSWORD" ]; then
echo "CREATE USER '$MARIADB_USER'@'%' IDENTIFIED BY '$MARIADB_PASSWORD' ;" >> $DB_CLUSTER_INIT_SQL
if [ "$MARIADB_DATABASE" ]; then
echo "GRANT ALL ON $MARIADB_DATABASE.* TO '$MARIADB_USER'@'%' ;" >> $DB_CLUSTER_INIT_SQL
fi
fi
echo "FLUSH PRIVILEGES" >> $DB_CLUSTER_INIT_SQL
}
function populate_db {
if [[ $(ls /var/lib/mysql) == "" ]]; then
echo "POPULATING NEW DB"
mysql_install_db
chown -R mysql /var/lib/mysql
else
echo "DB ALREADY EXISTS"
fi
}
function prepare_db {
populate_db
configure_db
configure_files
}

View File

@ -0,0 +1 @@
../../../common/galera/config-galera.sh

View File

@ -1,14 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-galera.sh
check_required_vars DB_CLUSTER_INIT_DB
prepare_db
if [[ "${DB_CLUSTER_INIT_DB}" == "true" ]] && ! [[ -a /var/lib/mysql/cluster.exists ]]; then
DB_CLUSTER_IS_MASTER_NODE="--wsrep-new-cluster"
touch /var/lib/mysql/cluster.exists
fi
mysqld_safe --init-file=$DB_CLUSTER_INIT_SQL $DB_CLUSTER_IS_MASTER_NODE

View File

@ -0,0 +1 @@
../../../common/galera/start.sh

View File

@ -1,17 +0,0 @@
#!/bin/bash
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! glance image-list > /dev/null; then
echo "ERROR: glance image-list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../common/glance/glance-api/check.sh

View File

@ -1,52 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-glance.sh
: ${GLANCE_API_SERVICE_HOST:=$PUBLIC_IP}
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
GLANCE_KEYSTONE_USER GLANCE_KEYSTONE_PASSWORD \
ADMIN_TENANT_NAME GLANCE_API_SERVICE_HOST \
PUBLIC_IP
fail_unless_os_service_running keystone
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
crux user-create --update \
-n "${GLANCE_KEYSTONE_USER}" \
-p "${GLANCE_KEYSTONE_PASSWORD}" \
-t "${ADMIN_TENANT_NAME}" \
-r admin
crux endpoint-create --remove-all \
-n glance -t image \
-I "http://${GLANCE_API_SERVICE_HOST}:9292" \
-P "http://${PUBLIC_IP}:9292" \
-A "http://${GLANCE_API_SERVICE_HOST}:9292"
# turn on notification sending by glance
crudini --set /etc/glance/glance-api.conf \
DEFAULT \
notification_driver \
"messaging"
crudini --set /etc/glance/glance-api.conf \
DEFAULT \
rabbit_host \
"${RABBITMQ_SERVICE_HOST}"
crudini --set /etc/glance/glance-api.conf \
DEFAULT \
registry_host \
"${GLANCE_REGISTRY_SERVICE_HOST}"
crudini --set /etc/glance/glance-api.conf \
DEFAULT \
debug \
"True"
exec /usr/bin/glance-api

View File

@ -0,0 +1 @@
../../../../common/glance/glance-api/start.sh

View File

@ -1,63 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
: ${ADMIN_TENANT_NAME:=admin}
: ${GLANCE_DB_NAME:=glance}
: ${GLANCE_DB_USER:=glance}
: ${GLANCE_KEYSTONE_USER:=glance}
: ${KEYSTONE_AUTH_PROTOCOL:=http}
: ${PUBLIC_IP:=$GLANCE_API_PORT_9292_TCP_ADDR}
check_required_vars GLANCE_DB_PASSWORD GLANCE_KEYSTONE_PASSWORD
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0"
export OS_USERNAME="${GLANCE_KEYSTONE_USER}"
export OS_PASSWORD="${GLANCE_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
for cfg in /etc/glance/glance-api.conf /etc/glance/glance-registry.conf; do
crudini --set $cfg \
DEFAULT \
log_file \
""
for option in auth_protocol auth_host auth_port; do
crudini --del $cfg \
keystone_authtoken \
$option
done
crudini --set $cfg \
keystone_authtoken \
auth_uri \
"http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/"
crudini --set $cfg \
keystone_authtoken \
admin_tenant_name \
"${ADMIN_TENANT_NAME}"
crudini --set $cfg \
keystone_authtoken \
admin_user \
"${GLANCE_KEYSTONE_USER}"
crudini --set $cfg \
keystone_authtoken \
admin_password \
"${GLANCE_KEYSTONE_PASSWORD}"
crudini --set $cfg \
paste_deploy \
flavor \
keystone
crudini --set $cfg \
database \
connection \
"mysql://${GLANCE_DB_USER}:${GLANCE_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${GLANCE_DB_NAME}"
done

View File

@ -0,0 +1 @@
../../../../common/glance/glance-base/config-glance.sh

View File

@ -1,21 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-glance.sh
check_required_vars GLANCE_DB_NAME GLANCE_DB_USER GLANCE_DB_PASSWORD
# lets wait for the DB to be available
wait_for 25 1 check_for_db
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${GLANCE_DB_NAME} DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON ${GLANCE_DB_NAME}.* TO
'${GLANCE_DB_USER}'@'%' IDENTIFIED BY '${GLANCE_DB_PASSWORD}'
EOF
/usr/bin/glance-manage db_sync
exec /usr/bin/glance-registry

View File

@ -0,0 +1 @@
../../../../common/glance/glance-registry/start.sh

View File

@ -1,26 +0,0 @@
global
daemon
maxconn 4096
pidfile /var/run/haproxy.pid
defaults
mode tcp
timeout connect 5s
timeout client 1m
timeout server 1m
option redispatch
balance roundrobin
listen stats :1936
mode http
stats enable
stats hide-version
#stats realm Haproxy\ Statistics
stats uri /
#stats auth Username:Password
{% for service in services %}
listen {{ service.service_name }}
bind 127.0.0.1:{{service.local_port}}
server {{ service.remote_name }} {{ service.remote_addr }}:{{ service.remote_port}} check inter 2s rise 3 fall 2
{% endfor %}

View File

@ -0,0 +1 @@
../../../common/hautoproxy/haproxy.cfg.tmpl

View File

@ -1,65 +0,0 @@
#!/usr/bin/python
'''This script configures and starts a local haproxy instances, bound to
127.0.0.1, that forwards connections all of the discovered
docker/kubernetes environment variables.'''
import argparse
import os
import sys
from jinja2 import Environment, FileSystemLoader
import re
import urlparse
re_url = re.compile(
'^(?P<name>.*)_PORT_(?P<port>\d+)_(?P<proto>(UDP|TCP))$')
def parse_args():
p = argparse.ArgumentParser()
p.add_argument('--output', '-o',
default='/etc/haproxy/haproxy.cfg')
p.add_argument('--no-start', '-n',
action='store_true')
p.add_argument('--template-dir', '-t',
default='/etc/haproxy/templates')
return p.parse_args()
def discover_services():
services = []
for k in os.environ:
mo = re_url.match(k)
if mo:
parts = urlparse.urlparse(os.environ[k])
remote_host,remote_port = parts.netloc.split(':')
service_name = '%(name)s-%(port)s' % mo.groupdict()
services.append({
'remote_name': mo.group('name'),
'remote_addr': remote_host,
'remote_port': remote_port,
'remote_proto': parts.scheme,
'local_port': mo.group('port'),
'service_name': service_name,
})
return services
def main():
args = parse_args()
services = discover_services()
env = Environment(loader=FileSystemLoader(['.',
args.template_dir]))
template = env.get_template('haproxy.cfg.tmpl')
with open(args.output, 'w') as fd:
fd.write(template.render(services=services))
if args.no_start:
return
os.execlp('haproxy', 'haproxy', '-f', args.output, '-db')
if __name__ == '__main__':
main()

View File

@ -0,0 +1 @@
../../../common/hautoproxy/start.py

View File

@ -1,16 +0,0 @@
#!/bin/bash
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! heat stack-list > /dev/null; then
echo "ERROR: heat stack-list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../common/heat/heat-api-cfn/check.sh

View File

@ -1,28 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-heat.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
HEAT_CFN_KEYSTONE_USER HEAT_CFN_KEYSTONE_PASSWORD \
KEYSTONE_AUTH_PROTOCOL KEYSTONE_ADMIN_SERVICE_PORT \
ADMIN_TENANT_NAME HEAT_API_CFN_SERVICE_HOST \
HEAT_API_CFN_SERVICE_PORT
fail_unless_os_service_running keystone
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
crux user-create -n ${HEAT_CFN_KEYSTONE_USER} \
-p ${HEAT_CFN_KEYSTONE_PASSWORD} \
-t ${ADMIN_TENANT_NAME} \
-r admin
crux endpoint-create --remove-all -n ${HEAT_CFN_KEYSTONE_USER} -t cloudformation \
-I "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_CFN_SERVICE_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1"
exec /usr/bin/heat-api-cfn

View File

@ -0,0 +1 @@
../../../../common/heat/heat-api-cfn/start.sh

View File

@ -1,16 +0,0 @@
#!/bin/bash
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! heat stack-list > /dev/null; then
echo "ERROR: heat stack-list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../common/heat/heat-api/check.sh

View File

@ -1,29 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-heat.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
HEAT_KEYSTONE_USER HEAT_KEYSTONE_PASSWORD \
KEYSTONE_AUTH_PROTOCOL ADMIN_TENANT_NAME \
HEAT_API_SERVICE_HOST PUBLIC_IP
fail_unless_os_service_running keystone
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
crux user-create -n ${HEAT_KEYSTONE_USER} \
-p ${HEAT_KEYSTONE_PASSWORD} \
-t ${ADMIN_TENANT_NAME} \
-r admin
crux endpoint-create --remove-all -n ${HEAT_KEYSTONE_USER} -t orchestration \
-I "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_SERVICE_HOST}:8004/v1/%(tenant_id)s" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${PUBLIC_IP}:8004/v1/%(tenant_id)s" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${HEAT_API_SERVICE_HOST}:8004/v1/%(tenant_id)s"
# will use crux after https://github.com/larsks/crux/issues/1 is implemented
openstack role list --os-token="${KEYSTONE_ADMIN_TOKEN}" --os-url $SERVICE_ENDPOINT -f csv | tail -n +2 | awk -F, '{print $2}' | grep heat_stack_user || keystone role-create --name heat_stack_user
exec /usr/bin/heat-api

View File

@ -0,0 +1 @@
../../../../common/heat/heat-api/start.sh

View File

@ -1,67 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
: ${ADMIN_TENANT_NAME:=admin}
: ${HEAT_DB_NAME:=heat}
: ${HEAT_DB_USER:=heat}
: ${HEAT_KEYSTONE_USER:=heat}
: ${HEAT_CFN_KEYSTONE_USER:=heat_cfn}
: ${KEYSTONE_AUTH_PROTOCOL:=http}
: ${PUBLIC_IP:=$HEAT_API_PORT_8004_TCP_ADDR}
: ${RABBIT_USER:=guest}
: ${RABBIT_PASSWORD:=guest}
check_required_vars HEAT_DB_PASSWORD HEAT_KEYSTONE_PASSWORD \
KEYSTONE_PUBLIC_SERVICE_HOST RABBITMQ_SERVICE_HOST
fail_unless_db
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:5000/v2.0"
export OS_USERNAME="${HEAT_KEYSTONE_USER}"
export OS_PASSWORD="${HEAT_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
crudini --set /etc/heat/heat.conf DEFAULT log_file \
""
crudini --set /etc/heat/heat.conf DEFAULT use_stderr \
true
crudini --set /etc/heat/heat.conf DEFAULT rpc_backend \
heat.openstack.common.rpc.impl_kombu
crudini --set /etc/heat/heat.conf DEFAULT rabbit_host \
"${RABBITMQ_SERVICE_HOST}"
crudini --set /etc/heat/heat.conf DEFAULT rabbit_userid \
"${RABBIT_USER}"
crudini --set /etc/heat/heat.conf DEFAULT rabbit_password \
"${RABBIT_PASSWORD}"
crudini --set /etc/heat/heat.conf database connection \
mysql://${HEAT_DB_USER}:${HEAT_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${HEAT_DB_NAME}
crudini --set /etc/heat/heat.conf keystone_authtoken auth_protocol \
"${KEYSTONE_AUTH_PROTOCOL}"
crudini --set /etc/heat/heat.conf keystone_authtoken auth_host \
"${KEYSTONE_PUBLIC_SERVICE_HOST}"
crudini --set /etc/heat/heat.conf keystone_authtoken auth_port \
"${KEYSTONE_PUBLIC_SERVICE_PORT}"
crudini --set /etc/heat/heat.conf keystone_authtoken auth_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
crudini --set /etc/heat/heat.conf keystone_authtoken admin_tenant_name \
"${ADMIN_TENANT_NAME}"
crudini --set /etc/heat/heat.conf keystone_authtoken admin_user \
"${HEAT_KEYSTONE_USER}"
crudini --set /etc/heat/heat.conf keystone_authtoken admin_password \
"${HEAT_KEYSTONE_PASSWORD}"
crudini --set /etc/heat/heat.conf ec2authtoken auth_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
crudini --set /etc/heat/heat.conf DEFAULT heat_metadata_server_url \
http://${HEAT_API_CFN_URL_HOST}:${HEAT_API_CFN_SERVICE_PORT}
crudini --set /etc/heat/heat.conf DEFAULT heat_waitcondition_server_url \
http://${HEAT_API_CFN_URL_HOST}:${HEAT_API_CFN_SERVICE_PORT}/v1/waitcondition

View File

@ -0,0 +1 @@
../../../../common/heat/heat-base/config-heat.sh

View File

@ -1,17 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-heat.sh
check_required_vars HEAT_DB_NAME HEAT_DB_USER HEAT_DB_PASSWORD
fail_unless_db
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${HEAT_DB_NAME} DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON ${HEAT_DB_NAME}.* TO
'${HEAT_DB_USER}'@'%' IDENTIFIED BY '${HEAT_DB_PASSWORD}'
EOF
/usr/bin/heat-manage db_sync
exec /usr/bin/heat-engine

View File

@ -0,0 +1 @@
../../../../common/heat/heat-engine/start.sh

View File

@ -1,36 +0,0 @@
#!/bin/bash
set -e
: ${HORIZON_KEYSTONE_USER:=horizon}
. /opt/kolla/kolla-common.sh
fail_unless_os_service_running keystone
fail_unless_os_service_running glance
fail_unless_os_service_running nova
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:35357/v2.0"
cfg=/etc/openstack-dashboard/local_settings
httpdcfg=/etc/httpd/conf.d/openstack-dashboard.conf
sed -ri 's/ALLOWED_HOSTS = \['\''horizon.example.com'\'', '\''localhost'\''\]/ALLOWED_HOSTS = \['\''*'\'', \]/' /etc/openstack-dashboard/local_settings
sed -ri 's/OPENSTACK_KEYSTONE_URL = \"http:\/\/%s:5000\/v2.0\" % OPENSTACK_HOST/OPENSTACK_KEYSTONE_URL = \"http:\/\/'"$KEYSTONE_PUBLIC_SERVICE_HOST"':5000\/v2.0\"/' /etc/openstack-dashboard/local_settings
sed -ri 's/OPENSTACK_HOST = \"127.0.0.1\"/OPENSTACK_HOST = \"'"$KEYSTONE_PUBLIC_SERVICE_HOST"'\" /' /etc/openstack-dashboard/local_settings
# Make sure we launch horizon using the default value for WEBROOT, which is
# '/'.
sed -ri '/^WEBROOT =.+/d' $cfg
sed -ri 's,^(WSGIScriptAlias) /dashboard (/usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi),\1 / \2,' $httpdcfg
sed -ri 's,^(Alias /dashboard)(/static /usr/share/openstack-dashboard/static),Alias \2,' $httpdcfg
# This step is required because of:
# https://bugzilla.redhat.com/show_bug.cgi?id=1220070
# Running this in the Dockerfile didn't fix the HTTP/500 as a result of the
# missing compress action.
python /usr/share/openstack-dashboard/manage.py compress
/usr/sbin/httpd -DFOREGROUND

View File

@ -0,0 +1 @@
../../../common/horizon/start.sh

View File

@ -1,12 +0,0 @@
#!/bin/bash
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
fi
exit $RES

View File

@ -0,0 +1 @@
../../../common/keystone/check.sh

View File

@ -1,162 +0,0 @@
#!/bin/bash
set -e
# Run Kolla common script
echo "Running the kolla-common script"
. /opt/kolla/kolla-common.sh
# Credentials, token, etc..
: ${ADMIN_USER:=admin}
: ${ADMIN_USER_PASSWORD:=password}
: ${ADMIN_TENANT_NAME:=admin}
: ${KEYSTONE_USER:=keystone}
: ${KEYSTONE_ADMIN_PASSWORD:=password}
: ${KEYSTONE_ADMIN_TOKEN:=changeme}
# DB Settings
: ${INIT_DB:=true}
: ${KEYSTONE_DB_NAME:=keystone}
: ${KEYSTONE_DB_USER:=keystone}
: ${DB_ROOT_PASSWORD:=password}
: ${MARIADB_SERVICE_HOST:=$PUBLIC_IP}
: ${KEYSTONE_DB_PASSWORD:=password}
# Service Addresses/Ports/Version
: ${KEYSTONE_PUBLIC_SERVICE_HOST:=$PUBLIC_IP}
: ${KEYSTONE_ADMIN_SERVICE_HOST:=$PUBLIC_IP}
: ${KEYSTONE_PUBLIC_SERVICE_PORT:=5000}
: ${KEYSTONE_ADMIN_SERVICE_PORT:=35357}
: ${KEYSTONE_API_VERSION:=2.0}
# Logging
: ${LOG_FILE:=/var/log/keystone/keystone.log}
: ${VERBOSE_LOGGING:=true}
: ${DEBUG_LOGGING:=false}
: ${USE_STDERR:=false}
# Token provider, driver, etc..
: ${TOKEN_PROVIDER:=uuid}
: ${TOKEN_DRIVER:=sql}
## Check DB connectivity and required variables
echo "Checking connectivity to the DB"
fail_unless_db
echo "Checking for required variables"
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_DB_PASSWORD \
KEYSTONE_ADMIN_PASSWORD ADMIN_TENANT_NAME \
KEYSTONE_PUBLIC_SERVICE_HOST KEYSTONE_ADMIN_SERVICE_HOST \
PUBLIC_IP
dump_vars
# Setup the Keystone DB
echo "Setting up Keystone DB"
mysql -h ${MARIADB_SERVICE_HOST} -u root -p"${DB_ROOT_PASSWORD}" mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${KEYSTONE_DB_NAME};
GRANT ALL PRIVILEGES ON ${KEYSTONE_DB_NAME}.* TO
'${KEYSTONE_DB_USER}'@'%' IDENTIFIED BY '${KEYSTONE_DB_PASSWORD}'
EOF
# File path and name used by crudini tool
cfg=/etc/keystone/keystone.conf
# Token Configuration
echo "Configuring keystone.conf"
crudini --set $cfg \
DEFAULT \
admin_token \
"${KEYSTONE_ADMIN_TOKEN}"
# Database Configuration
crudini --set $cfg \
database \
connection \
"mysql://${KEYSTONE_DB_USER}:${KEYSTONE_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${KEYSTONE_DB_NAME}"
# Logging
crudini --del $cfg \
DEFAULT \
log_dir
crudini --set $cfg \
DEFAULT \
log_file \
${LOG_FILE}
crudini --set $cfg \
DEFAULT \
verbose \
${VERBOSE_LOGGING}
crudini --set $cfg \
DEFAULT \
debug \
${DEBUG_LOGGING}
crudini --set $cfg \
DEFAULT \
use_stderr \
${USE_STDERR}
# Token Management
crudini --set $cfg \
token \
provider \
keystone.token.providers."${TOKEN_PROVIDER}".Provider
crudini --set $cfg \
token \
driver \
keystone.token.persistence.backends."${TOKEN_DRIVER}".Token
crudini --set $cfg \
revoke \
driver \
keystone.contrib.revoke.backends."${TOKEN_DRIVER}".Revoke
# Setup the openrc auth file
cat > /openrc <<EOF
export OS_AUTH_URL=http://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v${KEYSTONE_API_VERSION}
export OS_USERNAME=${KEYSTONE_USER}
export OS_PASSWORD=${KEYSTONE_ADMIN_PASSWORD}
export OS_TENANT_NAME=${ADMIN_TENANT_NAME}
EOF
# Run PKI Setup script
echo "Setting up PKI"
/usr/bin/keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
# Fix permissions
chown -R keystone:keystone /var/log/keystone
chown -R keystone:keystone /etc/keystone/ssl
chmod -R o-rwx /etc/keystone/ssl
# Initialize the Keystone DB
echo "Initializing Keystone DB"
if [ "${INIT_DB}" == "true" ] ; then
su -s /bin/bash -c "keystone-manage db_sync" keystone
fi
# Start Keystone
echo "Starting Keystone"
/usr/bin/keystone-all &
PID=$!
# Export Keystone service environment variables
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="http://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v${KEYSTONE_API_VERSION}"
# Check to make sure the service is running
echo "Verifying Keystone is running"
while ! curl -o /dev/null -s --fail ${SERVICE_ENDPOINT}; do
echo "waiting for Keystone @ ${SERVICE_ENDPOINT}"
sleep 1;
done
echo "keystone is active @ ${SERVICE_ENDPOINT}"
# Create Keystone tenant, user, role, service and endpoints
echo "Creating Keystone tenant, user, role, service and endpoints"
crux user-create --update \
-n ${ADMIN_USER} -p "${ADMIN_USER_PASSWORD}" \
-t ${ADMIN_TENANT_NAME} -r admin
crux user-create --update \
-n ${KEYSTONE_USER} -p "${KEYSTONE_ADMIN_PASSWORD}" \
-t ${ADMIN_TENANT_NAME} -r admin
crux endpoint-create --remove-all \
-n keystone -t identity \
-I "http://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v${KEYSTONE_API_VERSION}" \
-A "http://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v${KEYSTONE_API_VERSION}" \
-P "http://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v${KEYSTONE_API_VERSION}"
# Wait on all jobs to exit before proceeding (see man wait)
wait

View File

@ -0,0 +1 @@
../../../common/keystone/start.sh

View File

@ -1,16 +0,0 @@
#!/bin/bash
RES=0
. /openrc
if ! keystone token-get > /dev/null; then
echo "ERROR: keystone token-get failed" >&2
RES=1
else
if ! heat stack-list > /dev/null; then
echo "ERROR: heat stack-list failed" >&2
RES=1
fi
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../common/magnum/magnum-api/check.sh

View File

@ -1,27 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-magnum.sh
check_required_vars KEYSTONE_ADMIN_TOKEN KEYSTONE_ADMIN_SERVICE_HOST \
MAGNUM_KEYSTONE_USER MAGNUM_KEYSTONE_PASSWORD \
KEYSTONE_AUTH_PROTOCOL ADMIN_TENANT_NAME \
MAGNUM_API_SERVICE_HOST KEYSTONE_ADMIN_SERVICE_PORT \
MAGNUM_API_SERVICE_PORT
fail_unless_os_service_running keystone
export SERVICE_TOKEN="${KEYSTONE_ADMIN_TOKEN}"
export SERVICE_ENDPOINT="${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_ADMIN_SERVICE_HOST}:${KEYSTONE_ADMIN_SERVICE_PORT}/v2.0"
crux user-create -n ${MAGNUM_KEYSTONE_USER} \
-p ${MAGNUM_KEYSTONE_PASSWORD} \
-t ${ADMIN_TENANT_NAME} \
-r admin
crux endpoint-create --remove-all -n ${MAGNUM_KEYSTONE_USER} -t container \
-I "${KEYSTONE_AUTH_PROTOCOL}://${MAGNUM_API_SERVICE_HOST}:${MAGNUM_API_SERVICE_PORT}/v1" \
-P "${KEYSTONE_AUTH_PROTOCOL}://${MAGNUM_API_SERVICE_HOST}:${MAGNUM_API_SERVICE_PORT}/v1" \
-A "${KEYSTONE_AUTH_PROTOCOL}://${MAGNUM_API_SERVICE_HOST}:${MAGNUM_API_SERVICE_PORT}/v1"
exec /usr/bin/magnum-api

View File

@ -0,0 +1 @@
../../../../common/magnum/magnum-api/start.sh

View File

@ -1,46 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/kolla-common.sh
check_required_vars MAGNUM_DB_PASSWORD MAGNUM_KEYSTONE_PASSWORD \
KEYSTONE_PUBLIC_SERVICE_HOST KEYSTONE_PUBLIC_SERVICE_PORT \
MAGNUM_KEYSTONE_USER ADMIN_TENANT_NAME \
MAGNUM_DB_USER MAGNUM_DB_NAME KEYSTONE_AUTH_PROTOCOL \
KEYSTONE_PUBLIC_SERVICE_PORT RABBITMQ_SERVICE_HOST \
VERBOSE_LOGGING DEBUG_LOGGING
fail_unless_db
dump_vars
cat > /openrc <<EOF
export OS_AUTH_URL="http://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
export OS_USERNAME="${MAGNUM_KEYSTONE_USER}"
export OS_PASSWORD="${MAGNUM_KEYSTONE_PASSWORD}"
export OS_TENANT_NAME="${ADMIN_TENANT_NAME}"
EOF
cfg=/etc/magnum/magnum.conf
crudini --set $cfg DEFAULT log_file ""
crudini --set $cfg DEFAULT verbose "${VERBOSE_LOGGING}"
crudini --set $cfg DEFAULT debug "${DEBUG_LOGGING}"
crudini --set $cfg DEFAULT use_stderr true
crudini --set $cfg DEFAULT rpc_backend magnum.openstack.common.rpc.impl_kombu
crudini --set $cfg DEFAULT admin_user admin
crudini --set $cfg oslo_messaging_rabbit rabbit_host ${RABBITMQ_SERVICE_HOST}
crudini --set $cfg oslo_messaging_rabbit rabbit_userid ${RABBIT_USER}
crudini --set $cfg oslo_messaging_rabbit rabbit_password ${RABBIT_PASSWORD}
crudini --set $cfg database connection \
mysql://${MAGNUM_DB_USER}:${MAGNUM_DB_PASSWORD}@${MARIADB_SERVICE_HOST}/${MAGNUM_DB_NAME}
crudini --set $cfg keystone_authtoken auth_protocol "${KEYSTONE_AUTH_PROTOCOL}"
crudini --set $cfg keystone_authtoken auth_host "${KEYSTONE_PUBLIC_SERVICE_HOST}"
crudini --set $cfg keystone_authtoken auth_port "${KEYSTONE_PUBLIC_SERVICE_PORT}"
crudini --set $cfg keystone_authtoken auth_uri \
"${KEYSTONE_AUTH_PROTOCOL}://${KEYSTONE_PUBLIC_SERVICE_HOST}:${KEYSTONE_PUBLIC_SERVICE_PORT}/v2.0"
crudini --set $cfg keystone_authtoken admin_tenant_name "${ADMIN_TENANT_NAME}"
crudini --set $cfg keystone_authtoken admin_user "${MAGNUM_KEYSTONE_USER}"
crudini --set $cfg keystone_authtoken admin_password \
"${MAGNUM_KEYSTONE_PASSWORD}"
crudini --set $cfg api host ${MAGNUM_API_SERVICE_HOST}

View File

@ -0,0 +1 @@
../../../../common/magnum/magnum-base/config-magnum.sh

View File

@ -1,17 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
. /opt/kolla/config-magnum.sh
check_required_vars MAGNUM_DB_NAME MAGNUM_DB_USER MAGNUM_DB_PASSWORD
fail_unless_db
mysql -h ${MARIADB_SERVICE_HOST} -u root -p${DB_ROOT_PASSWORD} mysql <<EOF
CREATE DATABASE IF NOT EXISTS ${MAGNUM_DB_NAME} DEFAULT CHARACTER SET utf8;
GRANT ALL PRIVILEGES ON ${MAGNUM_DB_NAME}.* TO
'${MAGNUM_DB_USER}'@'%' IDENTIFIED BY '${MAGNUM_DB_PASSWORD}'
EOF
/usr/bin/magnum-db-manage upgrade
exec /usr/bin/magnum-conductor

View File

@ -0,0 +1 @@
../../../../common/magnum/magnum-conductor/start.sh

View File

@ -1,24 +0,0 @@
#!/bin/bash
. /opt/kolla/kolla-common.sh
: ${BIND_ADDRESS:=$PUBLIC_IP}
: ${DB_ROOT_PASSWORD:=$DB_ROOT_PASSWORD}
: ${DEFAULT_STORAGE_ENGINE:=innodb}
: ${COLLATION_SERVER:=utf8_general_ci}
: ${INIT_CONNECT:=SET NAMES utf8}
: ${CHAR_SET_SERVER:=utf8}
: ${INNODB_FILE_PER_TABLE:=true}
: ${DATADIR:=/var/lib/mysql}
: ${TEMP_FILE:='/tmp/mysql-first-time.sql'}
server_cnf=/etc/my.cnf.d/server.cnf
crudini --set $server_cnf mysqld bind-address $BIND_ADDRESS
crudini --set $server_cnf mysqld default-storage-engine $DEFAULT_STORAGE_ENGINE
crudini --set $server_cnf mysqld collation-server $COLLATION_SERVER
crudini --set $server_cnf mysqld init-connect "'${INIT_CONNECT}'"
crudini --set $server_cnf mysqld character-set-server $CHAR_SET_SERVER
if [ "${INNODB_FILE_PER_TABLE}" == "true" ] || ["${INNODB_FILE_PER_TABLE}" == "True" ] ; then
crudini --set $server_cnf mysqld innodb_file_per_table 1
fi

View File

@ -0,0 +1 @@
../../../common/mariadb-app/config-mysql.sh

View File

@ -1,13 +0,0 @@
#!/bin/bash
RES=0
check=$(/usr/bin/neutron agent-list | awk '/ DHCP / {print $9}')
error="ERROR: Neutron DHCP Agent is not alive."
if [[ $check != ":-)" ]]; then
echo $error >&2
RES=1
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/check-scripts/check-dhcp-agent.sh

View File

@ -1,13 +0,0 @@
#!/bin/bash
RES=0
check=$(/usr/bin/neutron agent-list | awk '/ L3 / {print $9}')
error="ERROR: Neutron L3 Agent is not alive."
if [[ $check != ":-)" ]]; then
echo $error >&2
RES=1
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/check-scripts/check-l3-agent.sh

View File

@ -1,13 +0,0 @@
#!/bin/bash
RES=0
check=$(/usr/bin/neutron agent-list | awk '/ Linux / {print $10}')
error="ERROR: Neutron Linux Bridge agent is not alive."
if [[ $check != ":-)" ]]; then
echo $error >&2
RES=1
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/check-scripts/check-linuxbridge-agent.sh

View File

@ -1,13 +0,0 @@
#!/bin/bash
RES=0
check=$(/usr/bin/neutron agent-list | awk '/ Metadata / {print $9}')
error="ERROR: Neutron Metadata Agent is not alive."
if [[ $check != ":-)" ]]; then
echo $error >&2
RES=1
fi
exit $RES

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/check-scripts/check-metadata-agent.sh

View File

@ -1,88 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/config-neutron.sh
. /opt/kolla/config-sudoers.sh
: ${DHCP_DRIVER:=neutron.agent.linux.dhcp.Dnsmasq}
: ${USE_NAMESPACES:=true}
: ${DELETE_NAMESPACES:=true}
: ${DNSMASQ_CONFIG_FILE:=/etc/neutron/dnsmasq/dnsmasq-neutron.conf}
: ${ROOT_HELPER:=sudo neutron-rootwrap /etc/neutron/rootwrap.conf}
mkdir -p $(dirname $DNSMASQ_CONFIG_FILE)
check_required_vars VERBOSE_LOGGING DEBUG_LOGGING MECHANISM_DRIVERS \
DHCP_DRIVER USE_NAMESPACES DELETE_NAMESPACES \
NEUTRON_LOG_DIR DNSMASQ_CONFIG_FILE \
cfg=/etc/neutron/dhcp_agent.ini
neutron_conf=/etc/neutron/neutron.conf
# Workaround bug in dhclient in cirros images which does not correctly
# handle setting checksums of packets when using hardware with checksum
# offloading. See:
# https://www.rdoproject.org/forum/discussion/567/packstack-allinone-grizzly-cirros-image-cannot-get-a-dhcp-address-when-a-centos-image-can/p1
/usr/sbin/iptables -A POSTROUTING -t mangle -p udp --dport bootpc \
-j CHECKSUM --checksum-fill
if [[ ${MECHANISM_DRIVERS} =~ linuxbridge ]]; then
interface_driver="neutron.agent.linux.interface.BridgeInterfaceDriver"
elif [[ ${MECHANISM_DRIVERS} == "openvswitch" ]]; then
interface_driver="neutron.agent.linux.interface.OVSInterfaceDriver"
fi
# Logging
crudini --set $neutron_conf \
DEFAULT \
log_file \
"${NEUTRON_DHCP_AGENT_LOG_FILE}"
# Configure dhcp_agent.ini
crudini --set $cfg \
DEFAULT \
verbose \
"${VERBOSE_LOGGING}"
crudini --set $cfg \
DEFAULT \
debug \
"${DEBUG_LOGGING}"
crudini --set $cfg \
DEFAULT \
interface_driver \
"$interface_driver"
crudini --set $cfg \
DEFAULT \
dhcp_driver \
"${DHCP_DRIVER}"
crudini --set $cfg \
DEFAULT \
use_namespaces \
"${USE_NAMESPACES}"
crudini --set $cfg \
DEFAULT \
delete_namespaces \
"${DELETE_NAMESPACES}"
crudini --set $cfg \
DEFAULT \
dnsmasq_config_file \
"${DNSMASQ_CONFIG_FILE}"
crudini --set $cfg \
DEFAULT \
root_helper \
"${ROOT_HELPER}"
cat > ${DNSMASQ_CONFIG_FILE} <<EOF
dhcp-option-force=26,1450
log-facility=${NEUTRON_LOG_DIR}/neutron-dnsmasq.log
EOF
# Remove any existing qdhcp namespaces
ip netns list | grep qdhcp | while read -r line ; do
ip netns delete $line
done
# Start DHCP Agent
exec /usr/bin/neutron-dhcp-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-dir /etc/neutron

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/config-scripts/config-dhcp-agent.sh

View File

@ -1,85 +0,0 @@
#!/bin/bash
set -e
. /opt/kolla/config-neutron.sh
. /opt/kolla/config-sudoers.sh
: ${USE_NAMESPACES:=true}
check_required_vars VERBOSE_LOGGING DEBUG_LOGGING
cfg=/etc/neutron/l3_agent.ini
neutron_conf=/etc/neutron/neutron.conf
# Logging
crudini --set $neutron_conf \
DEFAULT \
log_file \
"${NEUTRON_L3_AGENT_LOG_FILE}"
# Configure l3_agent.ini
crudini --set $cfg \
DEFAULT \
verbose \
"${VERBOSE_LOGGING}"
crudini --set $cfg \
DEFAULT \
debug \
"${DEBUG_LOGGING}"
if [[ "${MECHANISM_DRIVERS}" =~ linuxbridge ]] ; then
crudini --set $cfg \
DEFAULT \
interface_driver \
"neutron.agent.linux.interface.BridgeInterfaceDriver"
crudini --set $cfg \
DEFAULT \
gateway_external_network_id \
""
crudini --set $cfg \
DEFAULT \
external_network_bridge \
""
elif [[ "${MECHANISM_DRIVERS}" =~ .*openvswitch* ]] ; then
crudini --set $cfg \
DEFAULT \
interface_driver \
"neutron.agent.linux.interface.OVSInterfaceDriver"
crudini --set $cfg \
DEFAULT \
gateway_external_network_id \
"${NEUTRON_FLAT_NETWORK_BRIDGE}"
crudini --set $cfg \
DEFAULT \
external_network_bridge \
"${NEUTRON_FLAT_NETWORK_BRIDGE}"
fi
crudini --set $cfg \
DEFAULT \
use_namespaces \
"${USE_NAMESPACES}"
if [ "${USE_NAMESPACES}" == "false" ] ; then
source /openrc
# Create router if it does not exist
/usr/bin/neutron router-list | grep admin-router || /usr/bin/neutron router-create admin-router
# Set router-id
crudini --set $cfg \
DEFAULT \
router_id \
"$(/usr/bin/neutron router-list | awk '/ admin-router / {print $2}')"
elif [ "${USE_NAMESPACES}" == "true" ] ; then
crudini --set $cfg \
DEFAULT \
router_delete_namespaces \
"true"
fi
# Remove any existing qrouter namespaces
ip netns list | grep qrouter | while read -r line ; do
ip netns delete $line
done
# Start L3 Agent
exec /usr/bin/neutron-l3-agent --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/l3_agent.ini --config-file /etc/neutron/fwaas_driver.ini --config-dir /etc/neutron

View File

@ -0,0 +1 @@
../../../../../common/neutron/neutron-agents/config-scripts/config-l3-agent.sh

Some files were not shown because too many files have changed in this diff Show More