openstack
/
manila
Code Issues Proposed changes
manila/contrib/devstack/lib/manila

357 lines
14 KiB
Plaintext
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# lib/manila
# Install and start **Manila** file shares service
# Dependencies:
# - functions
# - DEST, DATA_DIR, STACK_USER must be defined
# SERVICE_{TENANT_NAME|PASSWORD} must be defined
# ``KEYSTONE_TOKEN_FORMAT`` must be defined
# stack.sh
# ---------
# install_manila #
# configure_manila #
# init_manila #
# start_manila #
# stop_manila #
# cleanup_manila #
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set +o xtrace
# Defaults
# --------
MANILA_REPO_ROOT=stackforge
MANILA_GIT_BASE=${MANILA_GIT_BASE:-https://github.com}
MANILA_REPO=${MANILA_GIT_BASE}/${MANILA_REPO_ROOT}/manila.git
MANILA_BRANCH=master
MANILACLIENT_REPO=${MANILA_GIT_BASE}/${MANILA_REPO_ROOT}/python-manilaclient.git
MANILACLIENT_BRANCH=master
SHARE_BACKING_FILE_SIZE=${SHARE_BACKING_FILE_SIZE:-8400M}
MANILA_SECURE_DELETE=`trueorfalse True $MANILA_SECURE_DELETE`
# set up default driver
MANILA_DRIVER=${MANILA_DRIVER:-default}
# set up default directories
MANILA_DIR=$DEST/manila
MANILACLIENT_DIR=$DEST/python-manilaclient
MANILA_STATE_PATH=${MANILA_STATE_PATH:=$DATA_DIR/manila}
MANILA_MNT_DIR=${MANILA_MNT_DIR:=$MANILA_STATE_PATH/mnt}
MANILA_AUTH_CACHE_DIR=${MANILA_AUTH_CACHE_DIR:-/var/cache/manila}
MANILA_CONF_DIR=/etc/manila
MANILA_CONF=$MANILA_CONF_DIR/manila.conf
MANILA_API_PASTE_INI=$MANILA_CONF_DIR/api-paste.ini
# Public facing bits
MANILA_SERVICE_HOST=${MANILA_SERVICE_HOST:-$SERVICE_HOST}
MANILA_SERVICE_PORT=${MANILA_SERVICE_PORT:-8786}
MANILA_SERVICE_PORT_INT=${MANILA_SERVICE_PORT_INT:-18776}
MANILA_SERVICE_PROTOCOL=${MANILA_SERVICE_PROTOCOL:-$SERVICE_PROTOCOL}
# Support entry points installation of console scripts
if [[ -d $MANILA_DIR/bin ]]; then
MANILA_BIN_DIR=$MANILA_DIR/bin
else
MANILA_BIN_DIR=/usr/local/bin
fi
SHARE_GROUP=${SHARE_GROUP:-stack-shares}
SHARE_NAME_PREFIX=${SHARE_NAME_PREFIX:-share-}
SHARE_EXPORT_IP=${SHARE_EXPORT_IP:-$HOST_IP}
SHARE_DRIVER=${SHARE_DRIVER:-manila.share.drivers.lvm.LVMShareDriver}
MANILA_SCHEDULER_DRIVER=${MANILA_SCHEDULER_DRIVER:-manila.scheduler.simple.SimpleScheduler}
CIFS_HELPER=${CIFS_HELPER:-manila.share.drivers.lvm.CIFSNetConfHelper}
function _clean_share_group() {
local vg=$1
local vg_prefix=$2
# Clean out existing shares
for lv in `sudo lvs --noheadings -o lv_name $vg`; do
# vg_prefix prefixes the LVs we want
if [[ "${lv#$vg_prefix}" != "$lv" ]]; then
sudo umount $MANILA_MNT_DIR/$lv
sudo lvremove -f $vg/$lv
sudo rm -rf $MANILA_MNT_DIR/$lv
fi
done
}
# _clean_share_group removes all manila shares from the specified shares group
_clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
function _clean_lvm_backing_file() {
local vg=$1
# if there is no logical volume left, it's safe to attempt a cleanup
# of the backing file
if [ -z "`sudo lvs --noheadings -o lv_name $vg`" ]; then
# if the backing physical device is a loop device, it was probably setup by devstack
VG_DEV=$(sudo losetup -j $DATA_DIR/${vg}-backing-file | awk -F':' '/backing-file/ { print $1}')
if [[ -n "$VG_DEV" ]]; then
sudo losetup -d $VG_DEV
rm -f $DATA_DIR/${vg}-backing-file
fi
fi
}
# cleanup_manila() - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_manila() {
# ensure the volume group is cleared up because fails might
# leave dead volumes in the group
# Campsite rule: leave behind a share volume group at least as clean as we found it
# _clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
_clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
_clean_lvm_backing_file $SHARE_GROUP
}
# configure_manila() - Set config files, create data dirs, etc
function configure_manila() {
setup_develop $MANILA_DIR
setup_develop $MANILACLIENT_DIR
if [[ ! -d $MANILA_CONF_DIR ]]; then
sudo mkdir -p $MANILA_CONF_DIR
fi
sudo chown $STACK_USER $MANILA_CONF_DIR
cp -p $MANILA_DIR/etc/manila/policy.json $MANILA_CONF_DIR
# Set the paths of certain binaries
MANILA_ROOTWRAP=$(get_rootwrap_location manila)
# If Manila ships the new rootwrap filters files, deploy them
# (owned by root) and add a parameter to $MANILA_ROOTWRAP
ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP"
if [[ -d $MANILA_DIR/etc/manila/rootwrap.d ]]; then
# Wipe any existing rootwrap.d files first
if [[ -d $MANILA_CONF_DIR/rootwrap.d ]]; then
sudo rm -rf $MANILA_CONF_DIR/rootwrap.d
fi
# Deploy filters to /etc/manila/rootwrap.d
sudo mkdir -m 755 $MANILA_CONF_DIR/rootwrap.d
sudo cp $MANILA_DIR/etc/manila/rootwrap.d/*.filters $MANILA_CONF_DIR/rootwrap.d
sudo chown -R root:root $MANILA_CONF_DIR/rootwrap.d
sudo chmod 644 $MANILA_CONF_DIR/rootwrap.d/*
# Set up rootwrap.conf, pointing to /etc/manila/rootwrap.d
sudo cp $MANILA_DIR/etc/manila/rootwrap.conf $MANILA_CONF_DIR/
sudo sed -e "s:^filters_path=.*$:filters_path=$MANILA_CONF_DIR/rootwrap.d:" -i $MANILA_CONF_DIR/rootwrap.conf
sudo chown root:root $MANILA_CONF_DIR/rootwrap.conf
sudo chmod 0644 $MANILA_CONF_DIR/rootwrap.conf
# Specify rootwrap.conf as first parameter to manila-rootwrap
MANILA_ROOTWRAP="$MANILA_ROOTWRAP $MANILA_CONF_DIR/rootwrap.conf"
ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP *"
fi
TEMPFILE=`mktemp`
echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_MANILA_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/manila-rootwrap
cp $MANILA_DIR/etc/manila/api-paste.ini $MANILA_API_PASTE_INI
iniset $MANILA_API_PASTE_INI filter:authtoken auth_host $KEYSTONE_AUTH_HOST
iniset $MANILA_API_PASTE_INI filter:authtoken auth_port $KEYSTONE_AUTH_PORT
iniset $MANILA_API_PASTE_INI filter:authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
iniset $MANILA_API_PASTE_INI filter:authtoken admin_tenant_name $SERVICE_TENANT_NAME
iniset $MANILA_API_PASTE_INI filter:authtoken admin_user manila
iniset $MANILA_API_PASTE_INI filter:authtoken admin_password $SERVICE_PASSWORD
iniset $MANILA_API_PASTE_INI filter:authtoken signing_dir $MANILA_AUTH_CACHE_DIR
cp $MANILA_DIR/etc/manila/manila.conf.sample $MANILA_CONF
iniset $MANILA_CONF DEFAULT auth_strategy keystone
iniset $MANILA_CONF DEFAULT debug True
iniset $MANILA_CONF DEFAULT verbose True
iniset $MANILA_CONF DEFAULT scheduler_driver $MANILA_SCHEDULER_DRIVER
iniset $MANILA_CONF DEFAULT share_export_ip $SHARE_EXPORT_IP
iniset $MANILA_CONF DEFAULT share_volume_group $SHARE_GROUP
iniset $MANILA_CONF DEFAULT share_name_template ${SHARE_NAME_PREFIX}%s
iniset $MANILA_CONF DEFAULT iscsi_helper tgtadm
iniset $MANILA_CONF DEFAULT sql_connection `database_connection_url manila`
iniset $MANILA_CONF DEFAULT api_paste_config $MANILA_API_PASTE_INI
iniset $MANILA_CONF DEFAULT rootwrap_config $MANILA_CONF_DIR/rootwrap.conf
iniset $MANILA_CONF DEFAULT osapi_share_extension manila.api.openstack.share.contrib.standard_extensions
iniset $MANILA_CONF DEFAULT state_path $MANILA_STATE_PATH
iniset $MANILA_CONF DEFAULT share_driver $SHARE_DRIVER
iniset $MANILA_CONF DEFAULT share_lvm_helpers CIFS=$CIFS_HELPER,NFS=manila.share.drivers.lvm.NFSHelper
iniset $MANILA_CONF DEFAULT path_to_key /home/stack/.ssh/id_rsa.pub
iniset $MANILA_CONF DEFAULT nova_admin_password $SERVICE_PASSWORD
iniset $MANILA_CONF DEFAULT cinder_admin_password $SERVICE_PASSWORD
iniset $MANILA_CONF DEFAULT neutron_admin_password $SERVICE_PASSWORD
if is_service_enabled tls-proxy; then
# Set the service port for a proxy to take the original
iniset $MANILA_CONF DEFAULT osapi_share_listen_port $MANILA_SERVICE_PORT_INT
fi
if [ "$SYSLOG" != "False" ]; then
iniset $MANILA_CONF DEFAULT use_syslog True
fi
iniset_rpc_backend manila $MANILA_CONF DEFAULT
if [[ "$MANILA_SECURE_DELETE" == "False" ]]; then
iniset $MANILA_CONF DEFAULT secure_delete False
iniset $MANILA_CONF DEFAULT share_clear none
fi
if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
# Add color to logging output
iniset $MANILA_CONF DEFAULT logging_context_format_string "%(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s%(color)s] %(instance)s%(color)s%(message)s"
iniset $MANILA_CONF DEFAULT logging_default_format_string "%(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [-%(color)s] %(instance)s%(color)s%(message)s"
iniset $MANILA_CONF DEFAULT logging_debug_format_suffix "from (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d"
iniset $MANILA_CONF DEFAULT logging_exception_prefix "%(color)s%(asctime)s.%(msecs)d TRACE %(name)s %(instance)s"
fi
}
# create_manila_accounts() - Set up common required manila accounts
# Tenant User Roles
# ------------------------------------------------------------------
# service manila admin # if enabled
# Migrated from keystone_data.sh
function create_manila_accounts() {
SERVICE_TENANT=$(keystone tenant-list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
ADMIN_ROLE=$(keystone role-list | awk "/ admin / { print \$2 }")
# Manila
if [[ "$ENABLED_SERVICES" =~ "m-api" ]]; then
MANILA_USER=$(keystone user-create \
--name=manila \
--pass="$SERVICE_PASSWORD" \
--tenant_id $SERVICE_TENANT \
--email=manila@example.com \
| grep " id " | get_field 2)
keystone user-role-add \
--tenant_id $SERVICE_TENANT \
--user_id $MANILA_USER \
--role_id $ADMIN_ROLE
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
MANILA_SERVICE=$(keystone service-create \
--name=manila \
--type=share \
--description="Manila Shared Filesystem Service" \
| grep " id " | get_field 2)
keystone endpoint-create \
--region RegionOne \
--service_id $MANILA_SERVICE \
--publicurl "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
--adminurl "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
--internalurl "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s"
fi
fi
}
# init_manila() - Initialize database and volume group
function init_manila() {
# Force nova volumes off
# NOVA_ENABLED_APIS=$(echo $NOVA_ENABLED_APIS | sed "s/osapi_volume,//")
if is_service_enabled $DATABASE_BACKENDS; then
# (re)create manila database
recreate_database manila utf8
# (re)create manila database
$MANILA_BIN_DIR/manila-manage db sync
fi
if is_service_enabled m-shr; then
# Configure a default volume group called '`stack-shares`' for the share
# service if it does not yet exist. If you don't wish to use a file backed
# volume group, create your own volume group called ``stack-volumes`` before
# invoking ``stack.sh``.
#
# By default, the backing file is 8G in size, and is stored in ``/opt/stack/data``.
if ! sudo vgs $SHARE_GROUP; then
SHARE_BACKING_FILE=${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}
# Only create if the file doesn't already exists
[[ -f $SHARE_BACKING_FILE ]] || truncate -s $SHARE_BACKING_FILE_SIZE $SHARE_BACKING_FILE
DEV=`sudo losetup -f --show $SHARE_BACKING_FILE`
# Only create if the loopback device doesn't contain $SHARE_GROUP
if ! sudo vgs $SHARE_GROUP; then sudo vgcreate $SHARE_GROUP $DEV; fi
fi
mkdir -p $MANILA_STATE_PATH/shares
if sudo vgs $SHARE_GROUP; then
_clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
fi
fi
# Create cache dir
sudo mkdir -p $MANILA_AUTH_CACHE_DIR
sudo chown $STACK_USER $MANILA_AUTH_CACHE_DIR
rm -f $MANILA_AUTH_CACHE_DIR/*
}
# install_manila() - Collect source and prepare
function install_manila() {
git_clone $MANILA_REPO $MANILA_DIR $MANILA_BRANCH
git_clone $MANILACLIENT_REPO $MANILACLIENT_DIR $MANILACLIENT_BRANCH
if is_service_enabled m-shr; then
if is_ubuntu; then
sudo apt-get install -y nfs-kernel-server nfs-common samba
elif is_fedora; then
sudo yum install -y nfs-utils nfs-utils-lib samba
fi
fi
}
# apply config.d approach (e.g. Oneiric does not have this)
function _configure_tgt_for_config_d() {
if [[ ! -d /etc/tgt/conf.d/ ]]; then
sudo mkdir -p /etc/tgt/conf.d
echo "include /etc/tgt/conf.d/*.conf" | sudo tee -a /etc/tgt/targets.conf
fi
}
# start_manila() - Start running processes, including screen
function start_manila() {
samba_daemon_name=smbd
if is_service_enabled m-shr; then
if is_fedora; then
samba_daemon_name=smb
fi
stop_service $samba_daemon_name
fi
screen_it m-api "cd $MANILA_DIR && $MANILA_BIN_DIR/manila-api --config-file $MANILA_CONF"
screen_it m-shr "sudo service $samba_daemon_name stop; devloop='sudo losetup -j ${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}'; if [[ \$( \$devloop ) != *'/dev/loop'* ]]; then sudo losetup -f ${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}; fi; cd $MANILA_DIR && $MANILA_BIN_DIR/manila-share --config-file $MANILA_CONF"
screen_it m-sch "cd $MANILA_DIR && $MANILA_BIN_DIR/manila-scheduler --config-file $MANILA_CONF"
# Start proxies if enabled
if is_service_enabled m-api && is_service_enabled tls-proxy; then
start_tls_proxy '*' $MANILA_SERVICE_PORT $MANILA_SERVICE_HOST $MANILA_SERVICE_PORT_INT &
fi
}
# stop_manila() - Stop running processes
function stop_manila() {
# Kill the manila screen windows
for serv in m-api m-sch m-shr; do
screen -S $SCREEN_NAME -p $serv -X kill
done
}
# Restore xtrace
$XTRACE
View Git Blame Copy Permalink