Shared filesystem management project for OpenStack.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

1278 lines
54KB

  1. #!/bin/bash
  2. # Plugin file for enabling manila services
  3. # ----------------------------------------
  4. # Save trace setting
  5. XTRACE=$(set +o | grep xtrace)
  6. set -o xtrace
  7. # Entry Points
  8. # ------------
  9. function _clean_share_group {
  10. local vg=$1
  11. local vg_prefix=$2
  12. # Clean out existing shares
  13. for lv in `sudo lvs --noheadings -o lv_name $vg`; do
  14. # vg_prefix prefixes the LVs we want
  15. if [[ "${lv#$vg_prefix}" != "$lv" ]]; then
  16. sudo umount -f $MANILA_MNT_DIR/$lv
  17. sudo lvremove -f $vg/$lv
  18. sudo rm -rf $MANILA_MNT_DIR/$lv
  19. fi
  20. done
  21. }
  22. function _clean_manila_lvm_backing_file {
  23. local vg=$1
  24. # if there is no logical volume left, it's safe to attempt a cleanup
  25. # of the backing file
  26. if [ -z "`sudo lvs --noheadings -o lv_name $vg`" ]; then
  27. # if the backing physical device is a loop device, it was probably setup by devstack
  28. VG_DEV=$(sudo losetup -j $DATA_DIR/${vg}-backing-file | awk -F':' '/backing-file/ { print $1
  29. }')
  30. if [[ -n "$VG_DEV" ]]; then
  31. sudo losetup -d $VG_DEV
  32. rm -f $DATA_DIR/${vg}-backing-file
  33. fi
  34. fi
  35. }
  36. function _clean_zfsonlinux_data {
  37. for filename in "$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/*; do
  38. if [[ $(sudo zpool list | grep $filename) ]]; then
  39. echo "Destroying zpool named $filename"
  40. sudo zpool destroy -f $filename
  41. file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR$filename"
  42. echo "Destroying file named $file"
  43. rm -f $file
  44. fi
  45. done
  46. }
  47. # cleanup_manila - Remove residual data files, anything left over from previous
  48. # runs that a clean run would need to clean up
  49. function cleanup_manila {
  50. # All stuff, that are created by share drivers will be cleaned up by other services.
  51. _clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
  52. _clean_manila_lvm_backing_file $SHARE_GROUP
  53. _clean_zfsonlinux_data
  54. if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  55. remove_uwsgi_config "$MANILA_UWSGI_CONF" "$MANILA_WSGI"
  56. fi
  57. }
  58. # _config_manila_apache_wsgi() - Configure manila-api wsgi application.
  59. function _config_manila_apache_wsgi {
  60. local manila_api_apache_conf
  61. local venv_path=""
  62. manila_api_apache_conf=$(apache_site_config_for manila-api)
  63. sudo cp $MANILA_DIR/devstack/apache-manila.template $manila_api_apache_conf
  64. sudo sed -e "
  65. s|%APACHE_NAME%|$APACHE_NAME|g;
  66. s|%MANILA_BIN_DIR%|$MANILA_BIN_DIR|g;
  67. s|%PORT%|$REAL_MANILA_SERVICE_PORT|g;
  68. s|%APIWORKERS%|$API_WORKERS|g;
  69. s|%USER%|$STACK_USER|g;
  70. " -i $manila_api_apache_conf
  71. }
  72. # configure_default_backends - configures default Manila backends with generic driver.
  73. function configure_default_backends {
  74. # Configure two default backends with generic drivers onboard
  75. for group_name in $MANILA_BACKEND1_CONFIG_GROUP_NAME $MANILA_BACKEND2_CONFIG_GROUP_NAME; do
  76. iniset $MANILA_CONF $group_name share_driver $SHARE_DRIVER
  77. if [ "$MANILA_BACKEND1_CONFIG_GROUP_NAME" == "$group_name" ]; then
  78. iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND1_NAME
  79. else
  80. iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND2_NAME
  81. fi
  82. iniset $MANILA_CONF $group_name path_to_public_key $MANILA_PATH_TO_PUBLIC_KEY
  83. iniset $MANILA_CONF $group_name path_to_private_key $MANILA_PATH_TO_PRIVATE_KEY
  84. iniset $MANILA_CONF $group_name service_image_name $MANILA_SERVICE_IMAGE_NAME
  85. iniset $MANILA_CONF $group_name service_instance_user $MANILA_SERVICE_INSTANCE_USER
  86. iniset $MANILA_CONF $group_name driver_handles_share_servers True
  87. if [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  88. iniset $MANILA_CONF $group_name network_api_class $MANILA_NETWORK_API_CLASS
  89. iniset $MANILA_CONF $group_name neutron_host_id $(hostname)
  90. iniset $MANILA_CONF $group_name neutron_vnic_type $MANILA_NEUTRON_VNIC_TYPE
  91. fi
  92. if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  93. iniset $MANILA_CONF $group_name service_instance_password $MANILA_SERVICE_INSTANCE_PASSWORD
  94. fi
  95. if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
  96. iniset $MANILA_CONF $group_name ssh_conn_timeout $MANILA_SSH_TIMEOUT
  97. fi
  98. done
  99. }
  100. # set_config_opts - this allows to set any config opt to any config group,
  101. # parsing env vars by prefix special 'MANILA_OPTGROUP_'.
  102. function set_config_opts {
  103. # expects only one param - name of config group(s) as list separated by commas
  104. GROUP_NAMES=$1
  105. if [[ -n "$GROUP_NAMES" ]]; then
  106. for be in ${GROUP_NAMES//,/ }; do
  107. # get backend_specific opt values
  108. prefix=MANILA_OPTGROUP_$be\_
  109. ( set -o posix ; set ) | grep ^$prefix | while read -r line ; do
  110. # parse it to opt names and values
  111. opt=${line#$prefix}
  112. opt_name=${opt%%=*}
  113. opt_value=${opt##*=}
  114. iniset $MANILA_CONF $be $opt_name $opt_value
  115. done
  116. done
  117. fi
  118. }
  119. # set_cinder_quotas - Sets Cinder quotas, that is useful for generic driver,
  120. # which uses Cinder volumes and snapshots.
  121. function set_cinder_quotas {
  122. # Update Cinder configuration to make sure default quotas are enough
  123. # for Manila using Generic driver with parallel testing.
  124. if is_service_enabled cinder; then
  125. if [[ ! "$CINDER_CONF" ]]; then
  126. CINDER_CONF=/etc/cinder/cinder.conf
  127. fi
  128. iniset $CINDER_CONF DEFAULT quota_volumes 50
  129. iniset $CINDER_CONF DEFAULT quota_snapshots 50
  130. iniset $CINDER_CONF DEFAULT quota_gigabytes 1000
  131. fi
  132. }
  133. function set_backend_availability_zones {
  134. ENABLED_BACKENDS=$1
  135. echo_summary "Setting up backend_availability_zone option \
  136. for any enabled backends that do not use the Generic driver. \
  137. Availability zones for the Generic driver must coincide with those \
  138. created for Nova and Cinder."
  139. local zonenum
  140. generic_driver='manila.share.drivers.generic.GenericShareDriver'
  141. for BE in ${ENABLED_BACKENDS//,/ }; do
  142. share_driver=$(iniget $MANILA_CONF $BE share_driver)
  143. if [[ $share_driver != $generic_driver ]]; then
  144. zone="manila-zone-$((zonenum++))"
  145. iniset $MANILA_CONF $BE backend_availability_zone $zone
  146. fi
  147. done
  148. }
  149. # configure_manila - Set config files, create data dirs, etc
  150. function configure_manila {
  151. if [[ ! -d $MANILA_CONF_DIR ]]; then
  152. sudo mkdir -p $MANILA_CONF_DIR
  153. fi
  154. sudo chown $STACK_USER $MANILA_CONF_DIR
  155. if [[ -f $MANILA_DIR/etc/manila/policy.json ]]; then
  156. cp -p $MANILA_DIR/etc/manila/policy.json $MANILA_CONF_DIR
  157. fi
  158. # Set the paths of certain binaries
  159. MANILA_ROOTWRAP=$(get_rootwrap_location manila)
  160. # If Manila ships the new rootwrap filters files, deploy them
  161. # (owned by root) and add a parameter to $MANILA_ROOTWRAP
  162. ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP"
  163. if [[ -d $MANILA_DIR/etc/manila/rootwrap.d ]]; then
  164. # Wipe any existing rootwrap.d files first
  165. if [[ -d $MANILA_CONF_DIR/rootwrap.d ]]; then
  166. sudo rm -rf $MANILA_CONF_DIR/rootwrap.d
  167. fi
  168. # Deploy filters to /etc/manila/rootwrap.d
  169. sudo mkdir -m 755 $MANILA_CONF_DIR/rootwrap.d
  170. sudo cp $MANILA_DIR/etc/manila/rootwrap.d/*.filters $MANILA_CONF_DIR/rootwrap.d
  171. sudo chown -R root:root $MANILA_CONF_DIR/rootwrap.d
  172. sudo chmod 644 $MANILA_CONF_DIR/rootwrap.d/*
  173. # Set up rootwrap.conf, pointing to /etc/manila/rootwrap.d
  174. sudo cp $MANILA_DIR/etc/manila/rootwrap.conf $MANILA_CONF_DIR/
  175. sudo sed -e "s:^filters_path=.*$:filters_path=$MANILA_CONF_DIR/rootwrap.d:" -i $MANILA_CONF_DIR/rootwrap.conf
  176. sudo chown root:root $MANILA_CONF_DIR/rootwrap.conf
  177. sudo chmod 0644 $MANILA_CONF_DIR/rootwrap.conf
  178. # Specify rootwrap.conf as first parameter to manila-rootwrap
  179. MANILA_ROOTWRAP="$MANILA_ROOTWRAP $MANILA_CONF_DIR/rootwrap.conf"
  180. ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP *"
  181. fi
  182. TEMPFILE=`mktemp`
  183. echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_MANILA_SUDOER_CMD" >$TEMPFILE
  184. chmod 0440 $TEMPFILE
  185. sudo chown root:root $TEMPFILE
  186. sudo mv $TEMPFILE /etc/sudoers.d/manila-rootwrap
  187. cp $MANILA_DIR/etc/manila/api-paste.ini $MANILA_API_PASTE_INI
  188. # Remove old conf file if exists
  189. rm -f $MANILA_CONF
  190. configure_keystone_authtoken_middleware $MANILA_CONF manila
  191. iniset $MANILA_CONF DEFAULT auth_strategy keystone
  192. iniset $MANILA_CONF DEFAULT debug True
  193. iniset $MANILA_CONF DEFAULT scheduler_driver $MANILA_SCHEDULER_DRIVER
  194. iniset $MANILA_CONF DEFAULT share_name_template ${SHARE_NAME_PREFIX}%s
  195. iniset $MANILA_CONF DATABASE connection `database_connection_url manila`
  196. iniset $MANILA_CONF DATABASE max_pool_size 40
  197. iniset $MANILA_CONF DEFAULT api_paste_config $MANILA_API_PASTE_INI
  198. iniset $MANILA_CONF DEFAULT rootwrap_config $MANILA_CONF_DIR/rootwrap.conf
  199. iniset $MANILA_CONF DEFAULT osapi_share_extension manila.api.contrib.standard_extensions
  200. iniset $MANILA_CONF DEFAULT state_path $MANILA_STATE_PATH
  201. # Note: Sample share types will still be created if the below is False
  202. if [ $(trueorfalse False MANILA_CONFIGURE_DEFAULT_TYPES) == True ]; then
  203. iniset $MANILA_CONF DEFAULT default_share_type $MANILA_DEFAULT_SHARE_TYPE
  204. iniset $MANILA_CONF DEFAULT default_share_group_type $MANILA_DEFAULT_SHARE_GROUP_TYPE
  205. fi
  206. if ! [[ -z $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL ]]; then
  207. iniset $MANILA_CONF DEFAULT migration_driver_continue_update_interval $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL
  208. fi
  209. if ! [[ -z $MANILA_DATA_COPY_CHECK_HASH ]]; then
  210. iniset $MANILA_CONF DEFAULT check_hash $MANILA_DATA_COPY_CHECK_HASH
  211. fi
  212. iniset $MANILA_CONF DEFAULT enabled_share_protocols $MANILA_ENABLED_SHARE_PROTOCOLS
  213. iniset $MANILA_CONF oslo_concurrency lock_path $MANILA_LOCK_PATH
  214. iniset $MANILA_CONF DEFAULT wsgi_keep_alive False
  215. iniset $MANILA_CONF DEFAULT lvm_share_volume_group $SHARE_GROUP
  216. # Set the replica_state_update_interval
  217. iniset $MANILA_CONF DEFAULT replica_state_update_interval $MANILA_REPLICA_STATE_UPDATE_INTERVAL
  218. if is_service_enabled neutron; then
  219. configure_keystone_authtoken_middleware $MANILA_CONF neutron neutron
  220. fi
  221. if is_service_enabled nova; then
  222. configure_keystone_authtoken_middleware $MANILA_CONF nova nova
  223. fi
  224. if is_service_enabled cinder; then
  225. configure_keystone_authtoken_middleware $MANILA_CONF cinder cinder
  226. fi
  227. # Note: set up config group does not mean that this backend will be enabled.
  228. # To enable it, specify its name explicitly using "enabled_share_backends" opt.
  229. configure_default_backends
  230. default_backends=$MANILA_BACKEND1_CONFIG_GROUP_NAME
  231. if [ "$MANILA_MULTI_BACKEND" = "True" ]; then
  232. default_backends+=,$MANILA_BACKEND2_CONFIG_GROUP_NAME
  233. fi
  234. if [ ! $MANILA_ENABLED_BACKENDS ]; then
  235. # If $MANILA_ENABLED_BACKENDS is not set, use configured backends by default
  236. export MANILA_ENABLED_BACKENDS=$default_backends
  237. fi
  238. iniset $MANILA_CONF DEFAULT enabled_share_backends $MANILA_ENABLED_BACKENDS
  239. if [ ! -f $MANILA_PATH_TO_PRIVATE_KEY ]; then
  240. ssh-keygen -N "" -t rsa -f $MANILA_PATH_TO_PRIVATE_KEY;
  241. fi
  242. iniset $MANILA_CONF DEFAULT manila_service_keypair_name $MANILA_SERVICE_KEYPAIR_NAME
  243. REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT
  244. if is_service_enabled tls-proxy; then
  245. # Set the protocol to 'https', update the endpoint base and set the default port
  246. MANILA_SERVICE_PROTOCOL="https"
  247. MANILA_ENDPOINT_BASE="${MANILA_ENDPOINT_BASE/http:/https:}"
  248. REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT_INT
  249. # Set the service port for a proxy to take the original
  250. iniset $MANILA_CONF DEFAULT osapi_share_listen_port $REAL_MANILA_SERVICE_PORT
  251. iniset $MANILA_CONF oslo_middleware enable_proxy_headers_parsing True
  252. fi
  253. iniset_rpc_backend manila $MANILA_CONF DEFAULT
  254. setup_logging $MANILA_CONF
  255. MANILA_CONFIGURE_GROUPS=${MANILA_CONFIGURE_GROUPS:-"$MANILA_ENABLED_BACKENDS"}
  256. set_config_opts $MANILA_CONFIGURE_GROUPS
  257. set_config_opts DEFAULT
  258. set_backend_availability_zones $MANILA_ENABLED_BACKENDS
  259. if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  260. write_uwsgi_config "$MANILA_UWSGI_CONF" "$MANILA_WSGI" "/share"
  261. fi
  262. if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  263. _config_manila_apache_wsgi
  264. fi
  265. }
  266. function create_manila_service_keypair {
  267. if is_service_enabled nova; then
  268. local keypair_exists=$( openstack keypair list | grep " $MANILA_SERVICE_KEYPAIR_NAME " )
  269. if [[ -z $keypair_exists ]]; then
  270. openstack keypair create $MANILA_SERVICE_KEYPAIR_NAME --public-key $MANILA_PATH_TO_PUBLIC_KEY
  271. fi
  272. fi
  273. }
  274. function is_driver_enabled {
  275. driver_name=$1
  276. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  277. share_driver=$(iniget $MANILA_CONF $BE share_driver)
  278. if [ "$share_driver" == "$driver_name" ]; then
  279. return 0
  280. fi
  281. done
  282. return 1
  283. }
  284. # create_service_share_servers - creates service Nova VMs, one per generic
  285. # driver, and only if it is configured to mode without handling of share servers.
  286. function create_service_share_servers {
  287. created_admin_network=false
  288. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  289. driver_handles_share_servers=$(iniget $MANILA_CONF $BE driver_handles_share_servers)
  290. share_driver=$(iniget $MANILA_CONF $BE share_driver)
  291. generic_driver='manila.share.drivers.generic.GenericShareDriver'
  292. if [[ $share_driver == $generic_driver ]]; then
  293. if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  294. vm_name='manila_service_share_server_'$BE
  295. local vm_exists=$( openstack server list --all-projects | grep " $vm_name " )
  296. if [[ -z $vm_exists ]]; then
  297. private_net_id=$(openstack network show $PRIVATE_NETWORK_NAME -f value -c id)
  298. vm_id=$(openstack server create $vm_name \
  299. --flavor $MANILA_SERVICE_VM_FLAVOR_NAME \
  300. --image $MANILA_SERVICE_IMAGE_NAME \
  301. --nic net-id=$private_net_id \
  302. --security-group $MANILA_SERVICE_SECGROUP \
  303. --key-name $MANILA_SERVICE_KEYPAIR_NAME \
  304. | grep ' id ' | get_field 2)
  305. else
  306. vm_id=$(openstack server show $vm_name -f value -c id)
  307. fi
  308. floating_ip=$(openstack floating ip create $PUBLIC_NETWORK_NAME --subnet $PUBLIC_SUBNET_NAME | grep 'floating_ip_address' | get_field 2)
  309. # TODO(rishabh-d-dave): For time being circumvent the bug -
  310. # https://bugs.launchpad.net/python-openstackclient/+bug/1747721
  311. # Once fixed, replace the following 3 lines by -
  312. # openstack server add floating ip $vm_id $floating_ip
  313. vm_port_id=$(openstack port list --server $vm_id -c ID -f \
  314. value)
  315. openstack floating ip set --port $vm_port_id $floating_ip
  316. iniset $MANILA_CONF $BE service_instance_name_or_id $vm_id
  317. iniset $MANILA_CONF $BE service_net_name_or_ip $floating_ip
  318. iniset $MANILA_CONF $BE tenant_net_name_or_ip $PRIVATE_NETWORK_NAME
  319. else
  320. if is_service_enabled neutron; then
  321. if ! [[ -z $MANILA_ADMIN_NET_RANGE ]]; then
  322. if [ $created_admin_network == false ]; then
  323. project_id=$(openstack project show $SERVICE_PROJECT_NAME -c id -f value)
  324. local admin_net_id=$( openstack network show admin_net -f value -c id )
  325. if [[ -z $admin_net_id ]]; then
  326. openstack network create admin_net --project $project_id
  327. admin_net_id=$(openstack network show admin_net -f value -c id)
  328. fi
  329. local admin_subnet_id=$( openstack subnet show admin_subnet -f value -c id )
  330. if [[ -z $admin_subnet_id ]]; then
  331. openstack subnet create admin_subnet --project $project_id --ip-version 4 --network $admin_net_id --gateway None --subnet-range $MANILA_ADMIN_NET_RANGE
  332. admin_subnet_id=$(openstack subnet show admin_subnet -f value -c id)
  333. fi
  334. created_admin_network=true
  335. fi
  336. iniset $MANILA_CONF $BE admin_network_id $admin_net_id
  337. iniset $MANILA_CONF $BE admin_subnet_id $admin_subnet_id
  338. fi
  339. fi
  340. fi
  341. fi
  342. done
  343. configure_data_service_generic_driver
  344. }
  345. function configure_data_service_generic_driver {
  346. enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  347. share_driver=$(iniget $MANILA_CONF ${enabled_backends[0]} share_driver)
  348. generic_driver='manila.share.drivers.generic.GenericShareDriver'
  349. if [[ $share_driver == $generic_driver ]]; then
  350. driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  351. if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  352. iniset $MANILA_CONF DEFAULT data_node_access_ips $PUBLIC_NETWORK_GATEWAY
  353. else
  354. if ! [[ -z $MANILA_DATA_NODE_IP ]]; then
  355. iniset $MANILA_CONF DEFAULT data_node_access_ips $MANILA_DATA_NODE_IP
  356. fi
  357. fi
  358. fi
  359. }
  360. # create_manila_service_flavor - creates flavor, that will be used by backends
  361. # with configured generic driver to boot Nova VMs with.
  362. function create_manila_service_flavor {
  363. if is_service_enabled nova; then
  364. local flavor_exists=$( openstack flavor list | grep " $MANILA_SERVICE_VM_FLAVOR_NAME " )
  365. if [[ -z $flavor_exists ]]; then
  366. # Create flavor for Manila's service VM
  367. openstack flavor create \
  368. $MANILA_SERVICE_VM_FLAVOR_NAME \
  369. --id $MANILA_SERVICE_VM_FLAVOR_REF \
  370. --ram $MANILA_SERVICE_VM_FLAVOR_RAM \
  371. --disk $MANILA_SERVICE_VM_FLAVOR_DISK \
  372. --vcpus $MANILA_SERVICE_VM_FLAVOR_VCPUS
  373. fi
  374. fi
  375. }
  376. # create_manila_service_image - creates image, that will be used by backends
  377. # with configured generic driver to boot Nova VMs from.
  378. function create_manila_service_image {
  379. if is_service_enabled nova; then
  380. TOKEN=$(openstack token issue -c id -f value)
  381. local image_exists=$( openstack image list | grep " $MANILA_SERVICE_IMAGE_NAME " )
  382. if [[ -z $image_exists ]]; then
  383. # Download Manila's image
  384. if is_service_enabled g-reg; then
  385. upload_image $MANILA_SERVICE_IMAGE_URL $TOKEN
  386. fi
  387. fi
  388. fi
  389. }
  390. # create_manila_service_secgroup - creates security group that is used by
  391. # Nova VMs when generic driver is configured.
  392. function create_manila_service_secgroup {
  393. # Create a secgroup
  394. if ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; then
  395. openstack security group create $MANILA_SERVICE_SECGROUP --description "$MANILA_SERVICE_SECGROUP description"
  396. if ! timeout 30 sh -c "while ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; do sleep 1; done"; then
  397. echo "Security group not created"
  398. exit 1
  399. fi
  400. fi
  401. # Configure Security Group Rules
  402. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q icmp; then
  403. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol icmp
  404. fi
  405. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 22 "; then
  406. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 22
  407. fi
  408. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 2049 "; then
  409. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 2049
  410. fi
  411. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 2049 "; then
  412. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 2049
  413. fi
  414. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 445 "; then
  415. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 445
  416. fi
  417. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 445 "; then
  418. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 445
  419. fi
  420. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 139 "; then
  421. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 137:139
  422. fi
  423. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 139 "; then
  424. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 137:139
  425. fi
  426. # List secgroup rules
  427. openstack security group rule list $MANILA_SERVICE_SECGROUP
  428. }
  429. # create_manila_accounts - Set up common required manila accounts
  430. function create_manila_accounts {
  431. create_service_user "manila"
  432. get_or_create_service "manila" "share" "Manila Shared Filesystem Service"
  433. get_or_create_endpoint "share" "$REGION_NAME" \
  434. "$MANILA_ENDPOINT_BASE/v1/\$(project_id)s"
  435. # Set up Manila v2 service and endpoint
  436. get_or_create_service "manilav2" "sharev2" "Manila Shared Filesystem Service V2"
  437. get_or_create_endpoint "sharev2" "$REGION_NAME" \
  438. "$MANILA_ENDPOINT_BASE/v2/\$(project_id)s"
  439. }
  440. # create_default_share_group_type - create share group type that will be set as default.
  441. function create_default_share_group_type {
  442. local type_exists=$( manila share-group-type-list | grep " $MANILA_DEFAULT_SHARE_GROUP_TYPE " )
  443. if [[ -z $type_exists ]]; then
  444. manila share-group-type-create $MANILA_DEFAULT_SHARE_GROUP_TYPE $MANILA_DEFAULT_SHARE_TYPE
  445. fi
  446. if [[ $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS ]]; then
  447. manila share-group-type-key $MANILA_DEFAULT_SHARE_GROUP_TYPE set $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS
  448. fi
  449. }
  450. # create_default_share_type - create share type that will be set as default
  451. # if $MANILA_CONFIGURE_DEFAULT_TYPES is set to True, if set to False, the share
  452. # type identified by $MANILA_DEFAULT_SHARE_TYPE is still created, but not
  453. # configured as default.
  454. function create_default_share_type {
  455. enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  456. driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  457. local type_exists=$( manila type-list | grep " $MANILA_DEFAULT_SHARE_TYPE " )
  458. if [[ -z $type_exists ]]; then
  459. local command_args="$MANILA_DEFAULT_SHARE_TYPE $driver_handles_share_servers"
  460. #if is_driver_enabled $MANILA_CONTAINER_DRIVER; then
  461. # # TODO(aovchinnikov): Remove this condition when Container driver supports
  462. # # snapshots
  463. # command_args="$command_args --snapshot_support false"
  464. #fi
  465. manila type-create $command_args
  466. fi
  467. if [[ $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS ]]; then
  468. manila type-key $MANILA_DEFAULT_SHARE_TYPE set $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS
  469. fi
  470. }
  471. # create_custom_share_types - create share types suitable for both possible
  472. # driver modes with names "dhss_true" and "dhss_false".
  473. function create_custom_share_types {
  474. manila type-create dhss_true True
  475. if [[ $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS ]]; then
  476. manila type-key dhss_true set $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS
  477. fi
  478. manila type-create dhss_false False
  479. if [[ $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS ]]; then
  480. manila type-key dhss_false set $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS
  481. fi
  482. }
  483. # configure_backing_file - Set up backing file for LVM
  484. function configure_backing_file {
  485. sudo vgscan
  486. if ! sudo vgs $SHARE_GROUP; then
  487. if [ "$CONFIGURE_BACKING_FILE" = "True" ]; then
  488. SHARE_BACKING_FILE=${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}
  489. # Only create if the file doesn't already exists
  490. [[ -f $SHARE_BACKING_FILE ]] || truncate -s $SHARE_BACKING_FILE_SIZE $SHARE_BACKING_FILE
  491. DEV=`sudo losetup -f --show $SHARE_BACKING_FILE`
  492. else
  493. DEV=$SHARE_BACKING_FILE
  494. fi
  495. # Only create if the loopback device doesn't contain $SHARE_GROUP
  496. if ! sudo vgs $SHARE_GROUP; then sudo vgcreate $SHARE_GROUP $DEV; fi
  497. fi
  498. mkdir -p $MANILA_STATE_PATH/shares
  499. mkdir -p /tmp/shares
  500. }
  501. # init_manila - Initializes database and creates manila dir if absent
  502. function init_manila {
  503. if is_service_enabled $DATABASE_BACKENDS; then
  504. # (re)create manila database
  505. recreate_database manila
  506. $MANILA_BIN_DIR/manila-manage db sync
  507. if [[ $(trueorfalse False MANILA_USE_DOWNGRADE_MIGRATIONS) == True ]]; then
  508. # Use both - upgrade and downgrade migrations to verify that
  509. # downgrade migrations do not break structure of Manila database.
  510. $MANILA_BIN_DIR/manila-manage db downgrade
  511. $MANILA_BIN_DIR/manila-manage db sync
  512. fi
  513. # Display version as debug-action (see bug/1473400)
  514. $MANILA_BIN_DIR/manila-manage db version
  515. fi
  516. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  517. if is_service_enabled m-shr; then
  518. # Configure a default volume group called '`lvm-shares`' for the share
  519. # service if it does not yet exist. If you don't wish to use a file backed
  520. # volume group, create your own volume group called ``stack-volumes`` before
  521. # invoking ``stack.sh``.
  522. #
  523. # By default, the backing file is 8G in size, and is stored in ``/opt/stack/data``.
  524. configure_backing_file
  525. fi
  526. elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  527. if is_service_enabled m-shr; then
  528. SHARE_GROUP=$MANILA_CONTAINER_VOLUME_GROUP_NAME
  529. configure_backing_file
  530. fi
  531. elif [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  532. if is_service_enabled m-shr; then
  533. mkdir -p $MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR
  534. file_counter=0
  535. MANILA_ZFSONLINUX_SERVICE_IP=${MANILA_ZFSONLINUX_SERVICE_IP:-"127.0.0.1"}
  536. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  537. if [[ $file_counter == 0 ]]; then
  538. # NOTE(vponomaryov): create two pools for first ZFS backend
  539. # to cover different use cases that are supported by driver:
  540. # - Support of more than one zpool for share backend.
  541. # - Support of nested datasets.
  542. local first_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/alpha
  543. local second_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/betta
  544. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $first_file
  545. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $second_file
  546. sudo zpool create alpha $first_file
  547. sudo zpool create betta $second_file
  548. # Create subdir (nested dataset) for second pool
  549. sudo zfs create betta/subdir
  550. iniset $MANILA_CONF $BE zfs_zpool_list alpha,betta/subdir
  551. elif [[ $file_counter == 1 ]]; then
  552. local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/gamma
  553. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  554. sudo zpool create gamma $file
  555. iniset $MANILA_CONF $BE zfs_zpool_list gamma
  556. else
  557. local filename=file"$file_counter"
  558. local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/"$filename"
  559. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  560. sudo zpool create $filename $file
  561. iniset $MANILA_CONF $BE zfs_zpool_list $filename
  562. fi
  563. iniset $MANILA_CONF $BE zfs_share_export_ip $MANILA_ZFSONLINUX_SHARE_EXPORT_IP
  564. iniset $MANILA_CONF $BE zfs_service_ip $MANILA_ZFSONLINUX_SERVICE_IP
  565. iniset $MANILA_CONF $BE zfs_dataset_creation_options $MANILA_ZFSONLINUX_DATASET_CREATION_OPTIONS
  566. iniset $MANILA_CONF $BE zfs_use_ssh $MANILA_ZFSONLINUX_USE_SSH
  567. iniset $MANILA_CONF $BE zfs_ssh_username $MANILA_ZFSONLINUX_SSH_USERNAME
  568. iniset $MANILA_CONF $BE replication_domain $MANILA_ZFSONLINUX_REPLICATION_DOMAIN
  569. iniset $MANILA_CONF $BE driver_handles_share_servers False
  570. let "file_counter=file_counter+1"
  571. done
  572. # Install the server's SSH key in our known_hosts file
  573. eval STACK_HOME=~$STACK_USER
  574. ssh-keyscan ${MANILA_ZFSONLINUX_SERVICE_IP} >> $STACK_HOME/.ssh/known_hosts
  575. # If the server is this machine, setup trust for ourselves (otherwise you're on your own)
  576. if [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "127.0.0.1" ] || [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "localhost" ] ; then
  577. # Trust our own SSH keys
  578. eval SSH_USER_HOME=~$MANILA_ZFSONLINUX_SSH_USERNAME
  579. cat $STACK_HOME/.ssh/*.pub >> $SSH_USER_HOME/.ssh/authorized_keys
  580. # Give ssh user sudo access
  581. echo "$MANILA_ZFSONLINUX_SSH_USERNAME ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers > /dev/null
  582. iniset $MANILA_CONF DEFAULT data_node_access_ips $MANILA_ZFSONLINUX_SERVICE_IP
  583. fi
  584. fi
  585. fi
  586. }
  587. # check_nfs_kernel_service_state_ubuntu- Make sure nfsd is running
  588. function check_nfs_kernel_service_state_ubuntu {
  589. # (aovchinnikov): Workaround for nfs-utils bug 1052264
  590. if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  591. echo "Apparently nfsd is not running. Trying to fix that."
  592. sudo mkdir -p "/media/nfsdonubuntuhelper"
  593. # (aovchinnikov): shell wrapping is needed for cases when a file to be written
  594. # is owned by root.
  595. sudo sh -c "echo '/media/nfsdonubuntuhelper 127.0.0.1(ro)' >> /etc/exports"
  596. sudo service nfs-kernel-server start
  597. fi
  598. if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  599. echo "Failed to start nfsd. Exiting."
  600. exit 1
  601. fi
  602. }
  603. function _install_nfs_and_samba {
  604. if is_ubuntu; then
  605. install_package nfs-kernel-server nfs-common samba
  606. check_nfs_kernel_service_state_ubuntu
  607. elif is_fedora; then
  608. install_package nfs-utils samba
  609. sudo systemctl enable smb.service
  610. sudo systemctl start smb.service
  611. sudo systemctl enable nfs-server.service
  612. sudo systemctl start nfs-server.service
  613. elif is_suse; then
  614. install_package nfs-kernel-server nfs-utils samba
  615. else
  616. echo "This distro is not supported. Skipping step of NFS and Samba installation."
  617. fi
  618. }
  619. # install_manilaclient - Collect source and prepare
  620. # In order to install from git, add LIBS_FROM_GIT="python-manilaclient"
  621. # to local.conf
  622. function install_manilaclient {
  623. if use_library_from_git "python-manilaclient"; then
  624. git_clone $MANILACLIENT_REPO $MANILACLIENT_DIR $MANILACLIENT_BRANCH
  625. setup_develop $MANILACLIENT_DIR
  626. else
  627. pip_install python-manilaclient
  628. fi
  629. }
  630. # install_manila - Collect source and prepare
  631. function install_manila {
  632. setup_develop $MANILA_DIR
  633. if is_service_enabled m-shr; then
  634. if [[ ! $(systemctl is-active nfs-ganesha.service) == 'active' ]] ; then
  635. if [ "$SHARE_DRIVER" != "manila.share.drivers.cephfs.driver.CephFSDriver" ] ; then
  636. _install_nfs_and_samba
  637. fi
  638. fi
  639. if [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  640. if [[ $(sudo zfs list &> /dev/null && sudo zpool list &> /dev/null || echo 'absent') == 'absent' ]]; then
  641. # ZFS not found, try to install it
  642. if is_ubuntu; then
  643. if [[ $(lsb_release -s -d) == *"14.04"* ]]; then
  644. # Trusty
  645. sudo apt-get install -y software-properties-common
  646. sudo apt-add-repository --yes ppa:zfs-native/stable
  647. # Workaround for bug #1609696
  648. sudo apt-mark hold grub*
  649. sudo apt-get -y -q update && sudo apt-get -y -q upgrade
  650. # Workaround for bug #1609696
  651. sudo apt-mark unhold grub*
  652. sudo apt-get install -y linux-headers-generic
  653. sudo apt-get install -y build-essential
  654. sudo apt-get install -y ubuntu-zfs
  655. elif [[ $(echo $(lsb_release -rs) '>=' 16.04 | bc -l) == 1 ]]; then
  656. # Xenial and beyond
  657. sudo apt-get install -y zfsutils-linux
  658. else
  659. echo "Only 'Trusty', 'Xenial' and newer releases of Ubuntu are supported."
  660. exit 1
  661. fi
  662. else
  663. echo "Manila Devstack plugin supports installation "\
  664. "of ZFS packages only for 'Ubuntu' distros. "\
  665. "Please, install it first by other means or add its support "\
  666. "for your distro."
  667. exit 1
  668. fi
  669. sudo modprobe zfs
  670. sudo modprobe zpool
  671. fi
  672. check_nfs_kernel_service_state_ubuntu
  673. elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  674. if is_ubuntu; then
  675. echo "Installing docker...."
  676. install_docker_ubuntu
  677. echo "Importing docker image"
  678. import_docker_service_image_ubuntu
  679. elif is_fedora; then
  680. echo "Installing docker...."
  681. install_docker_fedora
  682. echo "Importing docker image"
  683. # TODO(tbarron): See if using a fedora container image
  684. # is faster/smaller because of fewer extra dependencies.
  685. import_docker_service_image_ubuntu
  686. else
  687. echo "Manila Devstack plugin does not support Container Driver on"\
  688. " distros other than Ubuntu or Fedora."
  689. exit 1
  690. fi
  691. fi
  692. fi
  693. }
  694. #configure_samba - Configure node as Samba server
  695. function configure_samba {
  696. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  697. # TODO(vponomaryov): add here condition for ZFSonLinux driver too
  698. # when it starts to support SAMBA
  699. samba_daemon_name=smbd
  700. if is_service_enabled m-shr; then
  701. if is_fedora; then
  702. samba_daemon_name=smb
  703. fi
  704. sudo service $samba_daemon_name restart || echo "Couldn't restart '$samba_daemon_name' service"
  705. fi
  706. if [[ -e /usr/share/samba/smb.conf ]]; then
  707. sudo cp /usr/share/samba/smb.conf $SMB_CONF
  708. fi
  709. sudo chown $STACK_USER -R /etc/samba
  710. iniset $SMB_CONF global include registry
  711. iniset $SMB_CONF global security user
  712. if [ ! -d "$SMB_PRIVATE_DIR" ]; then
  713. sudo mkdir $SMB_PRIVATE_DIR
  714. sudo touch $SMB_PRIVATE_DIR/secrets.tdb
  715. fi
  716. for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  717. iniset $MANILA_CONF $backend_name driver_handles_share_servers False
  718. iniset $MANILA_CONF $backend_name lvm_share_export_ips $MANILA_LVM_SHARE_EXPORT_IPS
  719. done
  720. iniset $MANILA_CONF DEFAULT data_node_access_ips $HOST_IP
  721. fi
  722. }
  723. # start_manila_api - starts manila API services and checks its availability
  724. function start_manila_api {
  725. # NOTE(vkmc) If both options are set to true we are using uwsgi
  726. # as the preferred way to deploy manila. See
  727. # https://governance.openstack.org/tc/goals/pike/deploy-api-in-wsgi.html#uwsgi-vs-mod-wsgi
  728. # for more details
  729. if [ $(trueorfalse False MANILA_USE_UWSGI) == True ] && [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  730. MSG="Both MANILA_USE_UWSGI and MANILA_USE_MOD_WSGI are set to True.
  731. Using UWSGI as the preferred option
  732. Set MANILA_USE_UWSGI to False to deploy manila api with MOD_WSGI"
  733. warn $LINENO $MSG
  734. fi
  735. if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  736. echo "Deploying with UWSGI"
  737. run_process m-api "$MANILA_BIN_DIR/uwsgi --ini $MANILA_UWSGI_CONF --procname-prefix manila-api"
  738. elif [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  739. echo "Deploying with MOD_WSGI"
  740. install_apache_wsgi
  741. enable_apache_site manila-api
  742. restart_apache_server
  743. tail_log m-api /var/log/$APACHE_NAME/manila_api.log
  744. else
  745. echo "Deploying with built-in server"
  746. run_process m-api "$MANILA_BIN_DIR/manila-api --config-file $MANILA_CONF"
  747. fi
  748. echo "Waiting for Manila API to start..."
  749. # This is a health check against the manila-api service we just started.
  750. # We use the port ($REAL_MANILA_SERVICE_PORT) here because we want to hit
  751. # the bare service endpoint, even if the tls tunnel should be enabled.
  752. # We're making sure that the internal port is checked using unencryted
  753. # traffic at this point.
  754. local MANILA_HEALTH_CHECK_URL=$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$REAL_MANILA_SERVICE_PORT
  755. if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  756. MANILA_HEALTH_CHECK_URL=$MANILA_ENDPOINT_BASE
  757. fi
  758. if ! wait_for_service $SERVICE_TIMEOUT $MANILA_HEALTH_CHECK_URL; then
  759. die $LINENO "Manila API did not start"
  760. fi
  761. # Start proxies if enabled
  762. #
  763. # If tls-proxy is enabled and MANILA_USE_UWSGI is set to True, a generic
  764. # http-services-tls-proxy will be set up to handle tls-termination to
  765. # manila as well as all the other https services, we don't need to
  766. # create our own.
  767. if [ $(trueorfalse False MANILA_USE_UWSGI) == False ] && is_service_enabled tls-proxy; then
  768. start_tls_proxy manila '*' $MANILA_SERVICE_PORT $MANILA_SERVICE_HOST $MANILA_SERVICE_PORT_INT
  769. fi
  770. }
  771. # start_rest_of_manila - starts non-api manila services
  772. function start_rest_of_manila {
  773. run_process m-shr "$MANILA_BIN_DIR/manila-share --config-file $MANILA_CONF"
  774. run_process m-sch "$MANILA_BIN_DIR/manila-scheduler --config-file $MANILA_CONF"
  775. run_process m-dat "$MANILA_BIN_DIR/manila-data --config-file $MANILA_CONF"
  776. }
  777. # start_manila - start all manila services. This function is kept for compatibility
  778. # reasons with old approach.
  779. function start_manila {
  780. start_manila_api
  781. start_rest_of_manila
  782. }
  783. # stop_manila - Stop running processes
  784. function stop_manila {
  785. # Disable manila api service
  786. if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  787. disable_apache_site manila-api
  788. restart_apache_server
  789. else
  790. stop_process m-api
  791. fi
  792. # Kill all other manila processes
  793. for serv in m-sch m-shr m-dat; do
  794. stop_process $serv
  795. done
  796. }
  797. function install_manila_tempest_plugin {
  798. MANILA_TEMPEST_PLUGIN_REPO=${MANILA_TEMPEST_PLUGIN_REPO:-${GIT_BASE}/openstack/manila-tempest-plugin.git}
  799. MANILA_TEMPEST_PLUGIN_BRANCH=${MANILA_TEMPEST_PLUGIN_BRANCH:-master}
  800. MANILA_TEMPEST_PLUGIN_DIR=$DEST/manila-tempest-plugin
  801. git_clone $MANILA_TEMPEST_PLUGIN_REPO $MANILA_TEMPEST_PLUGIN_DIR $MANILA_TEMPEST_PLUGIN_BRANCH
  802. setup_develop $MANILA_TEMPEST_PLUGIN_DIR
  803. }
  804. # update_tempest - Function used for updating Tempest config if Tempest service enabled
  805. function update_tempest {
  806. if is_service_enabled tempest; then
  807. TEMPEST_CONFIG=${TEMPEST_CONFIG:-$TEMPEST_DIR/etc/tempest.conf}
  808. ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-"admin"}
  809. ADMIN_DOMAIN_NAME=${ADMIN_DOMAIN_NAME:-"Default"}
  810. ADMIN_PASSWORD=${ADMIN_PASSWORD:-"secretadmin"}
  811. if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  812. iniset $TEMPEST_CONFIG share image_password $MANILA_SERVICE_INSTANCE_PASSWORD
  813. fi
  814. iniset $TEMPEST_CONFIG share image_with_share_tools $MANILA_SERVICE_IMAGE_NAME
  815. iniset $TEMPEST_CONFIG auth admin_username ${ADMIN_USERNAME:-"admin"}
  816. iniset $TEMPEST_CONFIG auth admin_password ${ADMIN_PASSWORD:-"secretadmin"}
  817. iniset $TEMPEST_CONFIG auth admin_tenant_name $ADMIN_TENANT_NAME
  818. iniset $TEMPEST_CONFIG auth admin_domain_name $ADMIN_DOMAIN_NAME
  819. iniset $TEMPEST_CONFIG identity username ${TEMPEST_USERNAME:-"demo"}
  820. iniset $TEMPEST_CONFIG identity password $ADMIN_PASSWORD
  821. iniset $TEMPEST_CONFIG identity tenant_name ${TEMPEST_TENANT_NAME:-"demo"}
  822. iniset $TEMPEST_CONFIG identity domain_name $ADMIN_DOMAIN_NAME
  823. iniset $TEMPEST_CONFIG identity alt_username ${ALT_USERNAME:-"alt_demo"}
  824. iniset $TEMPEST_CONFIG identity alt_password $ADMIN_PASSWORD
  825. iniset $TEMPEST_CONFIG identity alt_tenant_name ${ALT_TENANT_NAME:-"alt_demo"}
  826. iniset $TEMPEST_CONFIG identity alt_domain_name $ADMIN_DOMAIN_NAME
  827. fi
  828. }
  829. function install_docker_ubuntu {
  830. sudo apt-get update
  831. install_package apparmor
  832. install_package docker.io
  833. }
  834. function install_docker_fedora {
  835. sudo yum install -y docker
  836. sudo systemctl enable docker
  837. sudo systemctl start docker
  838. }
  839. function download_image {
  840. local image_url=$1
  841. local image image_fname
  842. image_fname=`basename "$image_url"`
  843. if [[ $image_url != file* ]]; then
  844. # Downloads the image (uec ami+akistyle), then extracts it.
  845. if [[ ! -f $FILES/$image_fname || "$(stat -c "%s" $FILES/$image_fname)" = "0" ]]; then
  846. wget --progress=dot:giga -c $image_url -O $FILES/$image_fname
  847. if [[ $? -ne 0 ]]; then
  848. echo "Not found: $image_url"
  849. return
  850. fi
  851. fi
  852. image="$FILES/${image_fname}"
  853. else
  854. # File based URL (RFC 1738): ``file://host/path``
  855. # Remote files are not considered here.
  856. # unix: ``file:///home/user/path/file``
  857. # windows: ``file:///C:/Documents%20and%20Settings/user/path/file``
  858. image=$(echo $image_url | sed "s/^file:\/\///g")
  859. if [[ ! -f $image || "$(stat -c "%s" $image)" == "0" ]]; then
  860. echo "Not found: $image_url"
  861. return
  862. fi
  863. fi
  864. }
  865. function import_docker_service_image_ubuntu {
  866. GZIPPED_IMG_NAME=`basename "$MANILA_DOCKER_IMAGE_URL"`
  867. IMG_NAME_LOAD=${GZIPPED_IMG_NAME%.*}
  868. LOCAL_IMG_NAME=${IMG_NAME_LOAD%.*}
  869. if [[ "$(sudo docker images -q $LOCAL_IMG_NAME)" == "" ]]; then
  870. download_image $MANILA_DOCKER_IMAGE_URL
  871. # Import image in Docker
  872. gzip -d $FILES/$GZIPPED_IMG_NAME
  873. sudo docker load --input $FILES/$IMG_NAME_LOAD
  874. fi
  875. }
  876. function remove_docker_service_image {
  877. sudo docker rmi $MANILA_DOCKER_IMAGE_ALIAS
  878. }
  879. function install_libraries {
  880. if [ $(trueorfalse False MANILA_MULTI_BACKEND) == True ]; then
  881. if [ $(trueorfalse True RUN_MANILA_HOST_ASSISTED_MIGRATION_TESTS) == True ]; then
  882. if is_ubuntu; then
  883. install_package nfs-common
  884. else
  885. install_package nfs-utils
  886. fi
  887. fi
  888. fi
  889. }
  890. function setup_ipv6 {
  891. # This will fail with multiple default routes and is not needed in CI
  892. # but may be useful when developing with devstack locally
  893. if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
  894. # save IPv6 default route to add back later after enabling forwarding
  895. local default_route=$(ip -6 route | grep default | cut -d ' ' -f1,2,3,4,5)
  896. fi
  897. # make sure those system values are set
  898. sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=0
  899. sudo sysctl -w net.ipv6.conf.all.accept_ra=2
  900. sudo sysctl -w net.ipv6.conf.all.forwarding=1
  901. # Disable in-band as our communication is only internal
  902. sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE other_config:disable-in-band=true
  903. # Create address scopes and subnet pools
  904. openstack address scope create --share --ip-version 4 scope-v4
  905. openstack address scope create --share --ip-version 6 scope-v6
  906. openstack subnet pool create $SUBNETPOOL_NAME_V4 --default-prefix-length $SUBNETPOOL_SIZE_V4 --pool-prefix $SUBNETPOOL_PREFIX_V4 --address-scope scope-v4 --default --share
  907. openstack subnet pool create $SUBNETPOOL_NAME_V6 --default-prefix-length $SUBNETPOOL_SIZE_V6 --pool-prefix $SUBNETPOOL_PREFIX_V6 --address-scope scope-v6 --default --share
  908. # Create example private network and router
  909. openstack router create $Q_ROUTER_NAME
  910. openstack network create $PRIVATE_NETWORK_NAME
  911. openstack subnet create --ip-version 6 --use-default-subnet-pool --ipv6-address-mode $IPV6_ADDRESS_MODE --ipv6-ra-mode $IPV6_RA_MODE --network $PRIVATE_NETWORK_NAME $IPV6_PRIVATE_SUBNET_NAME
  912. openstack subnet create --ip-version 4 --use-default-subnet-pool --network $PRIVATE_NETWORK_NAME $PRIVATE_SUBNET_NAME
  913. openstack router add subnet $Q_ROUTER_NAME $IPV6_PRIVATE_SUBNET_NAME
  914. openstack router add subnet $Q_ROUTER_NAME $PRIVATE_SUBNET_NAME
  915. # Create public network
  916. openstack network create $PUBLIC_NETWORK_NAME --external --default --provider-network-type flat --provider-physical-network $PUBLIC_PHYSICAL_NETWORK
  917. local public_gateway_ipv6=$(openstack subnet create $IPV6_PUBLIC_SUBNET_NAME --ip-version 6 --network $PUBLIC_NETWORK_NAME --subnet-pool $SUBNETPOOL_NAME_V6 --no-dhcp -c gateway_ip -f value)
  918. local public_gateway_ipv4=$(openstack subnet create $PUBLIC_SUBNET_NAME --ip-version 4 --network $PUBLIC_NETWORK_NAME --subnet-range $FLOATING_RANGE --no-dhcp -c gateway_ip -f value)
  919. # Set router to use public network
  920. openstack router set --external-gateway $PUBLIC_NETWORK_NAME $Q_ROUTER_NAME
  921. # Configure interfaces due to NEUTRON_CREATE_INITIAL_NETWORKS=False
  922. local ipv4_cidr_len=${FLOATING_RANGE#*/}
  923. sudo ip -6 addr add "$public_gateway_ipv6"/$SUBNETPOOL_SIZE_V6 dev $PUBLIC_BRIDGE
  924. sudo ip addr add $PUBLIC_NETWORK_GATEWAY/"$ipv4_cidr_len" dev $PUBLIC_BRIDGE
  925. # Enabling interface is needed due to NEUTRON_CREATE_INITIAL_NETWORKS=False
  926. sudo ip link set $PUBLIC_BRIDGE up
  927. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  928. for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  929. iniset $MANILA_CONF $backend_name lvm_share_export_ips $public_gateway_ipv4,$public_gateway_ipv6
  930. done
  931. iniset $MANILA_CONF DEFAULT data_node_access_ips $public_gateway_ipv4
  932. fi
  933. if [ "$SHARE_DRIVER" == "manila.share.drivers.cephfs.driver.CephFSDriver" ]; then
  934. for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  935. iniset $MANILA_CONF $backend_name cephfs_ganesha_export_ips $public_gateway_ipv4,$public_gateway_ipv6
  936. done
  937. iniset $MANILA_CONF DEFAULT data_node_access_ips $public_gateway_ipv4
  938. fi
  939. # install Quagga for setting up the host routes dynamically
  940. install_package quagga
  941. # set Quagga daemons
  942. (
  943. echo "zebra=yes"
  944. echo "bgpd=yes"
  945. echo "ospfd=no"
  946. echo "ospf6d=no"
  947. echo "ripd=no"
  948. echo "ripngd=no"
  949. echo "isisd=no"
  950. echo "babeld=no"
  951. ) | sudo tee /etc/quagga/daemons > /dev/null
  952. # set Quagga zebra.conf
  953. (
  954. echo "hostname dsvm"
  955. echo "password openstack"
  956. echo "log file /var/log/quagga/zebra.log"
  957. ) | sudo tee /etc/quagga/zebra.conf > /dev/null
  958. # set Quagga vtysh.conf
  959. (
  960. echo "service integrated-vtysh-config"
  961. echo "username quagga nopassword"
  962. ) | sudo tee /etc/quagga/vtysh.conf > /dev/null
  963. # set Quagga bgpd.conf
  964. (
  965. echo "log file /var/log/quagga/bgpd.log"
  966. echo "bgp multiple-instance"
  967. echo "router bgp 200"
  968. echo " bgp router-id 1.2.3.4"
  969. echo " neighbor $public_gateway_ipv6 remote-as 100"
  970. echo " neighbor $public_gateway_ipv6 passive"
  971. echo " address-family ipv6"
  972. echo " neighbor $public_gateway_ipv6 activate"
  973. echo "line vty"
  974. echo "debug bgp events"
  975. echo "debug bgp filters"
  976. echo "debug bgp fsm"
  977. echo "debug bgp keepalives"
  978. echo "debug bgp updates"
  979. ) | sudo tee /etc/quagga/bgpd.conf > /dev/null
  980. # Quagga logging
  981. sudo mkdir -p /var/log/quagga
  982. sudo touch /var/log/quagga/zebra.log
  983. sudo touch /var/log/quagga/bgpd.log
  984. sudo chown -R quagga:quagga /var/log/quagga
  985. GetOSVersion
  986. QUAGGA_SERVICES="zebra bgpd"
  987. if [[ is_ubuntu && "$os_CODENAME" == "xenial" ]]; then
  988. # In Ubuntu Xenial, the services bgpd and zebra are under
  989. # one systemd unit: quagga
  990. QUAGGA_SERVICES="quagga"
  991. elif is_fedora; then
  992. # Disable SELinux rule that conflicts with Zebra
  993. sudo setsebool -P zebra_write_config 1
  994. fi
  995. sudo systemctl enable $QUAGGA_SERVICES
  996. sudo systemctl restart $QUAGGA_SERVICES
  997. # log the systemd status
  998. sudo systemctl status $QUAGGA_SERVICES
  999. # This will fail with mutltiple default routes and is not needed in CI
  1000. # but may be useful when developing with devstack locally
  1001. if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
  1002. # add default IPv6 route back
  1003. if ! [[ -z $default_route ]]; then
  1004. # "replace" should ignore "RTNETLINK answers: File exists"
  1005. # error if the route wasn't flushed by the bgp setup we did earlier.
  1006. sudo ip -6 route replace $default_route
  1007. fi
  1008. fi
  1009. }
  1010. # Main dispatcher
  1011. if [[ "$1" == "stack" && "$2" == "install" ]]; then
  1012. echo_summary "Installing Manila Client"
  1013. install_manilaclient
  1014. echo_summary "Installing Manila"
  1015. install_manila
  1016. set_cinder_quotas
  1017. elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
  1018. echo_summary "Configuring Manila"
  1019. configure_manila
  1020. echo_summary "Initializing Manila"
  1021. init_manila
  1022. echo_summary "Installing extra libraries"
  1023. install_libraries
  1024. echo_summary "Creating Manila entities for auth service"
  1025. create_manila_accounts
  1026. # Cinder config update
  1027. if is_service_enabled cinder && [[ -n "$CINDER_OVERSUBSCRIPTION_RATIO" ]]; then
  1028. CINDER_CONF=${CINDER_CONF:-/etc/cinder/cinder.conf}
  1029. CINDER_ENABLED_BACKENDS=$(iniget $CINDER_CONF DEFAULT enabled_backends)
  1030. for BN in ${CINDER_ENABLED_BACKENDS//,/ }; do
  1031. iniset $CINDER_CONF $BN lvm_max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
  1032. done
  1033. iniset $CINDER_CONF DEFAULT max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
  1034. fi
  1035. elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
  1036. if is_service_enabled nova; then
  1037. echo_summary "Creating Manila service flavor"
  1038. create_manila_service_flavor
  1039. echo_summary "Creating Manila service security group"
  1040. create_manila_service_secgroup
  1041. fi
  1042. # Skip image downloads when disabled.
  1043. # This way vendor Manila driver CI tests can skip
  1044. # this potentially long and unnecessary download.
  1045. if [ "$MANILA_SERVICE_IMAGE_ENABLED" = "True" ]; then
  1046. echo_summary "Creating Manila service image"
  1047. create_manila_service_image
  1048. else
  1049. echo_summary "Skipping download of Manila service image"
  1050. fi
  1051. if is_service_enabled nova; then
  1052. echo_summary "Creating Manila service keypair"
  1053. create_manila_service_keypair
  1054. fi
  1055. echo_summary "Configure Samba server"
  1056. configure_samba
  1057. echo_summary "Configuring IPv6"
  1058. if [ $(trueorfalse False MANILA_SETUP_IPV6) == True ]; then
  1059. setup_ipv6
  1060. fi
  1061. echo_summary "Starting Manila API"
  1062. start_manila_api
  1063. # Workaround for bug #1660304
  1064. if [ "$SHARE_DRIVER" != "manila.share.drivers.generic.GenericShareDriver" ]; then
  1065. echo_summary "Starting rest of Manila services - scheduler, share and data"
  1066. start_rest_of_manila
  1067. fi
  1068. echo_summary "Creating Manila default share type"
  1069. create_default_share_type
  1070. echo_summary "Creating Manila default share group type"
  1071. create_default_share_group_type
  1072. echo_summary "Creating Manila custom share types"
  1073. create_custom_share_types
  1074. echo_summary "Manila UI is no longer enabled by default. \
  1075. Add enable_plugin manila-ui https://git.openstack.org/openstack/manila-ui \
  1076. to your local.conf file to enable Manila UI"
  1077. elif [[ "$1" == "stack" && "$2" == "test-config" ]]; then
  1078. ###########################################################################
  1079. # NOTE(vponomaryov): Workaround for bug #1660304
  1080. # We are able to create Nova VMs now only when last Nova step is performed
  1081. # which is registration of cell0. It is registered as last action in
  1082. # "post-extra" section.
  1083. if is_service_enabled nova; then
  1084. echo_summary "Creating Manila service VMs for generic driver \
  1085. backends for which handlng of share servers is disabled."
  1086. create_service_share_servers
  1087. fi
  1088. if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
  1089. echo_summary "Starting rest of Manila services - scheduler, share and data"
  1090. start_rest_of_manila
  1091. fi
  1092. ###########################################################################
  1093. if [ $(trueorfalse False MANILA_INSTALL_TEMPEST_PLUGIN_SYSTEMWIDE) == True ]; then
  1094. echo_summary "Fetching and installing manila-tempest-plugin system-wide"
  1095. install_manila_tempest_plugin
  1096. export DEPRECATED_TEXT="$DEPRECATED_TEXT\nInstalling
  1097. manila-tempest-plugin can be done with the help of its own DevStack
  1098. plugin by adding: \n\n\t'enable_plugin manila-tempest-plugin
  1099. https://opendev.org/openstack/manila-tempest-plugin'.\n\nManila's
  1100. DevStack plugin will stop installing it automatically."
  1101. fi
  1102. echo_summary "Update Tempest config"
  1103. update_tempest
  1104. fi
  1105. if [[ "$1" == "unstack" ]]; then
  1106. cleanup_manila
  1107. fi
  1108. if [[ "$1" == "clean" ]]; then
  1109. cleanup_manila
  1110. sudo rm -rf /etc/manila
  1111. fi
  1112. # Restore xtrace
  1113. $XTRACE