manila/devstack/plugin.sh
zhongjun 64eaeae6bd [policy in code] Add support for AZ, scheduler and message resource [9/10]
This patch adds policy in code support for availability_zone,
scheduler_stats and message resources.

Change-Id: I9a79b5ececc583e85149cc920321e461e832b245
Partial-Implements: blueprint policy-in-code
2017-12-20 06:22:02 +00:00

1049 lines
44 KiB
Bash
Executable File
Raw Blame History

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

# Plugin file for enabling manila services
# ----------------------------------------
# Save trace setting
XTRACE=$(set +o | grep xtrace)
set -o xtrace
# Entry Points
# ------------
function _clean_share_group {
local vg=$1
local vg_prefix=$2
# Clean out existing shares
for lv in `sudo lvs --noheadings -o lv_name $vg`; do
# vg_prefix prefixes the LVs we want
if [[ "${lv#$vg_prefix}" != "$lv" ]]; then
sudo umount -f $MANILA_MNT_DIR/$lv
sudo lvremove -f $vg/$lv
sudo rm -rf $MANILA_MNT_DIR/$lv
fi
done
}
function _clean_manila_lvm_backing_file {
local vg=$1
# if there is no logical volume left, it's safe to attempt a cleanup
# of the backing file
if [ -z "`sudo lvs --noheadings -o lv_name $vg`" ]; then
# if the backing physical device is a loop device, it was probably setup by devstack
VG_DEV=$(sudo losetup -j $DATA_DIR/${vg}-backing-file | awk -F':' '/backing-file/ { print $1
}')
if [[ -n "$VG_DEV" ]]; then
sudo losetup -d $VG_DEV
rm -f $DATA_DIR/${vg}-backing-file
fi
fi
}
function _clean_zfsonlinux_data {
for filename in "$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/*; do
if [[ $(sudo zpool list | grep $filename) ]]; then
echo "Destroying zpool named $filename"
sudo zpool destroy -f $filename
file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR$filename"
echo "Destroying file named $file"
rm -f $file
fi
done
}
# cleanup_manila - Remove residual data files, anything left over from previous
# runs that a clean run would need to clean up
function cleanup_manila {
# All stuff, that are created by share drivers will be cleaned up by other services.
_clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
_clean_manila_lvm_backing_file $SHARE_GROUP
_clean_zfsonlinux_data
}
# _config_manila_apache_wsgi() - Configure manila-api wsgi application.
function _config_manila_apache_wsgi {
local manila_api_apache_conf
local venv_path=""
manila_api_apache_conf=$(apache_site_config_for manila-api)
sudo cp $MANILA_DIR/devstack/apache-manila.template $manila_api_apache_conf
sudo sed -e "
s|%APACHE_NAME%|$APACHE_NAME|g;
s|%MANILA_BIN_DIR%|$MANILA_BIN_DIR|g;
s|%PORT%|$MANILA_SERVICE_PORT|g;
s|%APIWORKERS%|$API_WORKERS|g;
s|%USER%|$STACK_USER|g;
" -i $manila_api_apache_conf
}
# configure_default_backends - configures default Manila backends with generic driver.
function configure_default_backends {
# Configure two default backends with generic drivers onboard
for group_name in $MANILA_BACKEND1_CONFIG_GROUP_NAME $MANILA_BACKEND2_CONFIG_GROUP_NAME; do
iniset $MANILA_CONF $group_name share_driver $SHARE_DRIVER
if [ "$MANILA_BACKEND1_CONFIG_GROUP_NAME" == "$group_name" ]; then
iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND1_NAME
else
iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND2_NAME
fi
iniset $MANILA_CONF $group_name path_to_public_key $MANILA_PATH_TO_PUBLIC_KEY
iniset $MANILA_CONF $group_name path_to_private_key $MANILA_PATH_TO_PRIVATE_KEY
iniset $MANILA_CONF $group_name service_image_name $MANILA_SERVICE_IMAGE_NAME
iniset $MANILA_CONF $group_name service_instance_user $MANILA_SERVICE_INSTANCE_USER
iniset $MANILA_CONF $group_name driver_handles_share_servers True
if [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
iniset $MANILA_CONF $group_name network_api_class $MANILA_NETWORK_API_CLASS
iniset $MANILA_CONF $group_name neutron_host_id $(hostname)
iniset $MANILA_CONF $group_name neutron_vnic_type $MANILA_NEUTRON_VNIC_TYPE
fi
if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
iniset $MANILA_CONF $group_name service_instance_password $MANILA_SERVICE_INSTANCE_PASSWORD
fi
done
}
# set_config_opts - this allows to set any config opt to any config group,
# parsing env vars by prefix special 'MANILA_OPTGROUP_'.
function set_config_opts {
# expects only one param - name of config group(s) as list separated by commas
GROUP_NAMES=$1
if [[ -n "$GROUP_NAMES" ]]; then
for be in ${GROUP_NAMES//,/ }; do
# get backend_specific opt values
prefix=MANILA_OPTGROUP_$be\_
( set -o posix ; set ) | grep ^$prefix | while read -r line ; do
# parse it to opt names and values
opt=${line#$prefix}
opt_name=${opt%%=*}
opt_value=${opt##*=}
iniset $MANILA_CONF $be $opt_name $opt_value
done
done
fi
}
# set_cinder_quotas - Sets Cinder quotas, that is useful for generic driver,
# which uses Cinder volumes and snapshots.
function set_cinder_quotas {
# Update Cinder configuration to make sure default quotas are enough
# for Manila using Generic driver with parallel testing.
if is_service_enabled cinder; then
if [[ ! "$CINDER_CONF" ]]; then
CINDER_CONF=/etc/cinder/cinder.conf
fi
iniset $CINDER_CONF DEFAULT quota_volumes 50
iniset $CINDER_CONF DEFAULT quota_snapshots 50
iniset $CINDER_CONF DEFAULT quota_gigabytes 1000
fi
}
# configure_manila - Set config files, create data dirs, etc
function configure_manila {
if [[ ! -d $MANILA_CONF_DIR ]]; then
sudo mkdir -p $MANILA_CONF_DIR
fi
sudo chown $STACK_USER $MANILA_CONF_DIR
if [[ -f $MANILA_DIR/etc/manila/policy.json ]]; then
cp -p $MANILA_DIR/etc/manila/policy.json $MANILA_CONF_DIR
fi
# Set the paths of certain binaries
MANILA_ROOTWRAP=$(get_rootwrap_location manila)
# If Manila ships the new rootwrap filters files, deploy them
# (owned by root) and add a parameter to $MANILA_ROOTWRAP
ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP"
if [[ -d $MANILA_DIR/etc/manila/rootwrap.d ]]; then
# Wipe any existing rootwrap.d files first
if [[ -d $MANILA_CONF_DIR/rootwrap.d ]]; then
sudo rm -rf $MANILA_CONF_DIR/rootwrap.d
fi
# Deploy filters to /etc/manila/rootwrap.d
sudo mkdir -m 755 $MANILA_CONF_DIR/rootwrap.d
sudo cp $MANILA_DIR/etc/manila/rootwrap.d/*.filters $MANILA_CONF_DIR/rootwrap.d
sudo chown -R root:root $MANILA_CONF_DIR/rootwrap.d
sudo chmod 644 $MANILA_CONF_DIR/rootwrap.d/*
# Set up rootwrap.conf, pointing to /etc/manila/rootwrap.d
sudo cp $MANILA_DIR/etc/manila/rootwrap.conf $MANILA_CONF_DIR/
sudo sed -e "s:^filters_path=.*$:filters_path=$MANILA_CONF_DIR/rootwrap.d:" -i $MANILA_CONF_DIR/rootwrap.conf
sudo chown root:root $MANILA_CONF_DIR/rootwrap.conf
sudo chmod 0644 $MANILA_CONF_DIR/rootwrap.conf
# Specify rootwrap.conf as first parameter to manila-rootwrap
MANILA_ROOTWRAP="$MANILA_ROOTWRAP $MANILA_CONF_DIR/rootwrap.conf"
ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP *"
fi
TEMPFILE=`mktemp`
echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_MANILA_SUDOER_CMD" >$TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/manila-rootwrap
cp $MANILA_DIR/etc/manila/api-paste.ini $MANILA_API_PASTE_INI
# Remove old conf file if exists
rm -f $MANILA_CONF
configure_auth_token_middleware $MANILA_CONF manila $MANILA_AUTH_CACHE_DIR
iniset $MANILA_CONF DEFAULT auth_strategy keystone
iniset $MANILA_CONF DEFAULT debug True
iniset $MANILA_CONF DEFAULT scheduler_driver $MANILA_SCHEDULER_DRIVER
iniset $MANILA_CONF DEFAULT share_name_template ${SHARE_NAME_PREFIX}%s
iniset $MANILA_CONF DATABASE connection `database_connection_url manila`
iniset $MANILA_CONF DATABASE max_pool_size 40
iniset $MANILA_CONF DEFAULT api_paste_config $MANILA_API_PASTE_INI
iniset $MANILA_CONF DEFAULT rootwrap_config $MANILA_CONF_DIR/rootwrap.conf
iniset $MANILA_CONF DEFAULT osapi_share_extension manila.api.contrib.standard_extensions
iniset $MANILA_CONF DEFAULT state_path $MANILA_STATE_PATH
iniset $MANILA_CONF DEFAULT default_share_type $MANILA_DEFAULT_SHARE_TYPE
iniset $MANILA_CONF DEFAULT default_share_group_type $MANILA_DEFAULT_SHARE_GROUP_TYPE
if ! [[ -z $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL ]]; then
iniset $MANILA_CONF DEFAULT migration_driver_continue_update_interval $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL
fi
if ! [[ -z $MANILA_DATA_COPY_CHECK_HASH ]]; then
iniset $MANILA_CONF DEFAULT check_hash $MANILA_DATA_COPY_CHECK_HASH
fi
iniset $MANILA_CONF DEFAULT enabled_share_protocols $MANILA_ENABLED_SHARE_PROTOCOLS
iniset $MANILA_CONF oslo_concurrency lock_path $MANILA_LOCK_PATH
iniset $MANILA_CONF DEFAULT wsgi_keep_alive False
iniset $MANILA_CONF DEFAULT lvm_share_volume_group $SHARE_GROUP
# Set the replica_state_update_interval
iniset $MANILA_CONF DEFAULT replica_state_update_interval $MANILA_REPLICA_STATE_UPDATE_INTERVAL
if is_service_enabled neutron; then
configure_auth_token_middleware $MANILA_CONF neutron $MANILA_AUTH_CACHE_DIR neutron
fi
if is_service_enabled nova; then
configure_auth_token_middleware $MANILA_CONF nova $MANILA_AUTH_CACHE_DIR nova
fi
if is_service_enabled cinder; then
configure_auth_token_middleware $MANILA_CONF cinder $MANILA_AUTH_CACHE_DIR cinder
fi
# Note: set up config group does not mean that this backend will be enabled.
# To enable it, specify its name explicitly using "enabled_share_backends" opt.
configure_default_backends
default_backends=$MANILA_BACKEND1_CONFIG_GROUP_NAME
if [ "$MANILA_MULTI_BACKEND" = "True" ]; then
default_backends+=,$MANILA_BACKEND2_CONFIG_GROUP_NAME
fi
if [ ! $MANILA_ENABLED_BACKENDS ]; then
# If $MANILA_ENABLED_BACKENDS is not set, use configured backends by default
export MANILA_ENABLED_BACKENDS=$default_backends
fi
iniset $MANILA_CONF DEFAULT enabled_share_backends $MANILA_ENABLED_BACKENDS
if [ ! -f $MANILA_PATH_TO_PRIVATE_KEY ]; then
ssh-keygen -N "" -t rsa -f $MANILA_PATH_TO_PRIVATE_KEY;
fi
iniset $MANILA_CONF DEFAULT manila_service_keypair_name $MANILA_SERVICE_KEYPAIR_NAME
if is_service_enabled tls-proxy; then
# Set the service port for a proxy to take the original
iniset $MANILA_CONF DEFAULT osapi_share_listen_port $MANILA_SERVICE_PORT_INT
fi
if [ "$SYSLOG" != "False" ]; then
iniset $MANILA_CONF DEFAULT use_syslog True
fi
iniset_rpc_backend manila $MANILA_CONF DEFAULT
if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
# Add color to logging output
iniset $MANILA_CONF DEFAULT logging_context_format_string \
"%(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [%(request_id)s %(user_id)s %(project_id)s%(color)s] %(instance)s%(color)s%(message)s"
iniset $MANILA_CONF DEFAULT logging_default_format_string \
"%(asctime)s.%(msecs)d %(color)s%(levelname)s %(name)s [-%(color)s] %(instance)s%(color)s%(message)s"
iniset $MANILA_CONF DEFAULT logging_debug_format_suffix \
"from (pid=%(process)d) %(funcName)s %(pathname)s:%(lineno)d"
iniset $MANILA_CONF DEFAULT logging_exception_prefix \
"%(color)s%(asctime)s.%(msecs)d TRACE %(name)s %(instance)s"
fi
MANILA_CONFIGURE_GROUPS=${MANILA_CONFIGURE_GROUPS:-"$MANILA_ENABLED_BACKENDS"}
set_config_opts $MANILA_CONFIGURE_GROUPS
set_config_opts DEFAULT
if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
_config_manila_apache_wsgi
fi
}
function create_manila_service_keypair {
if is_service_enabled nova; then
local keypair_exists=$( openstack keypair list | grep " $MANILA_SERVICE_KEYPAIR_NAME " )
if [[ -z $keypair_exists ]]; then
openstack keypair create $MANILA_SERVICE_KEYPAIR_NAME --public-key $MANILA_PATH_TO_PUBLIC_KEY
fi
fi
}
function is_driver_enabled {
driver_name=$1
for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
share_driver=$(iniget $MANILA_CONF $BE share_driver)
if [ "$share_driver" == "$driver_name" ]; then
return 0
fi
done
return 1
}
# create_service_share_servers - creates service Nova VMs, one per generic
# driver, and only if it is configured to mode without handling of share servers.
function create_service_share_servers {
created_admin_network=false
for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
driver_handles_share_servers=$(iniget $MANILA_CONF $BE driver_handles_share_servers)
share_driver=$(iniget $MANILA_CONF $BE share_driver)
generic_driver='manila.share.drivers.generic.GenericShareDriver'
if [[ $share_driver == $generic_driver ]]; then
if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
vm_name='manila_service_share_server_'$BE
local vm_exists=$( openstack server list --all-projects | grep " $vm_name " )
if [[ -z $vm_exists ]]; then
private_net_id=$(openstack network show $PRIVATE_NETWORK_NAME -f value -c id)
vm_id=$(openstack server create $vm_name \
--flavor $MANILA_SERVICE_VM_FLAVOR_NAME \
--image $MANILA_SERVICE_IMAGE_NAME \
--nic net-id=$private_net_id \
--security-group $MANILA_SERVICE_SECGROUP \
--key-name $MANILA_SERVICE_KEYPAIR_NAME \
| grep ' id ' | get_field 2)
else
vm_id=$(openstack server show $vm_name -f value -c id)
fi
floating_ip=$(openstack floating ip create $PUBLIC_NETWORK_NAME --subnet $PUBLIC_SUBNET_NAME | grep 'floating_ip_address' | get_field 2)
openstack server add floating ip $vm_id $floating_ip
iniset $MANILA_CONF $BE service_instance_name_or_id $vm_id
iniset $MANILA_CONF $BE service_net_name_or_ip $floating_ip
iniset $MANILA_CONF $BE tenant_net_name_or_ip $PRIVATE_NETWORK_NAME
else
if is_service_enabled neutron; then
if ! [[ -z $MANILA_ADMIN_NET_RANGE ]]; then
if [ $created_admin_network == false ]; then
project_id=$(openstack project show $SERVICE_PROJECT_NAME -c id -f value)
local admin_net_id=$( openstack network show admin_net -f value -c id )
if [[ -z $admin_net_id ]]; then
openstack network create admin_net --project $project_id
admin_net_id=$(openstack network show admin_net -f value -c id)
fi
local admin_subnet_id=$( openstack subnet show admin_subnet -f value -c id )
if [[ -z $admin_subnet_id ]]; then
openstack subnet create admin_subnet --project $project_id --ip-version 4 --network $admin_net_id --gateway None --subnet-range $MANILA_ADMIN_NET_RANGE
admin_subnet_id=$(openstack subnet show admin_subnet -f value -c id)
fi
created_admin_network=true
fi
iniset $MANILA_CONF $BE admin_network_id $admin_net_id
iniset $MANILA_CONF $BE admin_subnet_id $admin_subnet_id
fi
fi
fi
fi
done
configure_data_service_generic_driver
}
function configure_data_service_generic_driver {
enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
share_driver=$(iniget $MANILA_CONF ${enabled_backends[0]} share_driver)
generic_driver='manila.share.drivers.generic.GenericShareDriver'
if [[ $share_driver == $generic_driver ]]; then
driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
iniset $MANILA_CONF DEFAULT data_node_access_ip $PUBLIC_NETWORK_GATEWAY
else
if ! [[ -z $MANILA_DATA_NODE_IP ]]; then
iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_DATA_NODE_IP
fi
fi
fi
}
# create_manila_service_flavor - creates flavor, that will be used by backends
# with configured generic driver to boot Nova VMs with.
function create_manila_service_flavor {
if is_service_enabled nova; then
local flavor_exists=$( openstack flavor list | grep " $MANILA_SERVICE_VM_FLAVOR_NAME " )
if [[ -z $flavor_exists ]]; then
# Create flavor for Manila's service VM
openstack flavor create \
$MANILA_SERVICE_VM_FLAVOR_NAME \
--id $MANILA_SERVICE_VM_FLAVOR_REF \
--ram $MANILA_SERVICE_VM_FLAVOR_RAM \
--disk $MANILA_SERVICE_VM_FLAVOR_DISK \
--vcpus $MANILA_SERVICE_VM_FLAVOR_VCPUS
fi
fi
}
# create_manila_service_image - creates image, that will be used by backends
# with configured generic driver to boot Nova VMs from.
function create_manila_service_image {
if is_service_enabled nova; then
TOKEN=$(openstack token issue -c id -f value)
local image_exists=$( openstack image list | grep " $MANILA_SERVICE_IMAGE_NAME " )
if [[ -z $image_exists ]]; then
# Download Manila's image
if is_service_enabled g-reg; then
upload_image $MANILA_SERVICE_IMAGE_URL $TOKEN
fi
fi
fi
}
# create_manila_service_secgroup - creates security group that is used by
# Nova VMs when generic driver is configured.
function create_manila_service_secgroup {
# Create a secgroup
if ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; then
openstack security group create $MANILA_SERVICE_SECGROUP --description "$MANILA_SERVICE_SECGROUP description"
if ! timeout 30 sh -c "while ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; do sleep 1; done"; then
echo "Security group not created"
exit 1
fi
fi
# Configure Security Group Rules
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q icmp; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol icmp
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 22 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 22
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 2049 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 2049
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 2049 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 2049
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 445 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 445
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 445 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 445
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 139 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 137:139
fi
if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 139 "; then
openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 137:139
fi
# List secgroup rules
openstack security group rule list $MANILA_SERVICE_SECGROUP
}
# create_manila_accounts - Set up common required manila accounts
function create_manila_accounts {
create_service_user "manila"
# Set up Manila v1 service and endpoint
get_or_create_service "manila" "share" "Manila Shared Filesystem Service"
get_or_create_endpoint "share" "$REGION_NAME" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s"
# Set up Manila v2 service and endpoint
get_or_create_service "manilav2" "sharev2" "Manila Shared Filesystem Service V2"
get_or_create_endpoint "sharev2" "$REGION_NAME" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s" \
"$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s"
}
# create_default_share_group_type - create share group type that will be set as default.
function create_default_share_group_type {
local type_exists=$( manila share-group-type-list | grep " $MANILA_DEFAULT_SHARE_GROUP_TYPE " )
if [[ -z $type_exists ]]; then
manila share-group-type-create $MANILA_DEFAULT_SHARE_GROUP_TYPE $MANILA_DEFAULT_SHARE_TYPE
fi
if [[ $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS ]]; then
manila share-group-type-key $MANILA_DEFAULT_SHARE_GROUP_TYPE set $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS
fi
}
# create_default_share_type - create share type that will be set as default.
function create_default_share_type {
echo "Waiting for Manila API to start..."
if ! wait_for_service 60 $MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT; then
die $LINENO "Manila did not start"
fi
enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
local type_exists=$( manila type-list | grep " $MANILA_DEFAULT_SHARE_TYPE " )
if [[ -z $type_exists ]]; then
local command_args="$MANILA_DEFAULT_SHARE_TYPE $driver_handles_share_servers"
#if is_driver_enabled $MANILA_CONTAINER_DRIVER; then
# # TODO(aovchinnikov): Remove this condition when Container driver supports
# # snapshots
# command_args="$command_args --snapshot_support false"
#fi
manila type-create $command_args
fi
if [[ $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS ]]; then
manila type-key $MANILA_DEFAULT_SHARE_TYPE set $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS
fi
}
# create_custom_share_types - create share types suitable for both possible
# driver modes with names "dhss_true" and "dhss_false".
function create_custom_share_types {
manila type-create dhss_true True
if [[ $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS ]]; then
manila type-key dhss_true set $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS
fi
manila type-create dhss_false False
if [[ $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS ]]; then
manila type-key dhss_false set $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS
fi
}
# configure_backing_file - Set up backing file for LVM
function configure_backing_file {
if ! sudo vgs $SHARE_GROUP; then
if [ "$CONFIGURE_BACKING_FILE" = "True" ]; then
SHARE_BACKING_FILE=${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}
# Only create if the file doesn't already exists
[[ -f $SHARE_BACKING_FILE ]] || truncate -s $SHARE_BACKING_FILE_SIZE $SHARE_BACKING_FILE
DEV=`sudo losetup -f --show $SHARE_BACKING_FILE`
else
DEV=$SHARE_BACKING_FILE
fi
# Only create if the loopback device doesn't contain $SHARE_GROUP
if ! sudo vgs $SHARE_GROUP; then sudo vgcreate $SHARE_GROUP $DEV; fi
fi
mkdir -p $MANILA_STATE_PATH/shares
mkdir -p /tmp/shares
}
# init_manila - Initializes database and creates manila dir if absent
function init_manila {
if is_service_enabled $DATABASE_BACKENDS; then
# (re)create manila database
recreate_database manila
$MANILA_BIN_DIR/manila-manage db sync
if [[ $(trueorfalse False MANILA_USE_DOWNGRADE_MIGRATIONS) == True ]]; then
# Use both - upgrade and downgrade migrations to verify that
# downgrade migrations do not break structure of Manila database.
$MANILA_BIN_DIR/manila-manage db downgrade
$MANILA_BIN_DIR/manila-manage db sync
fi
# Display version as debug-action (see bug/1473400)
$MANILA_BIN_DIR/manila-manage db version
fi
if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
if is_service_enabled m-shr; then
# Configure a default volume group called '`lvm-shares`' for the share
# service if it does not yet exist. If you don't wish to use a file backed
# volume group, create your own volume group called ``stack-volumes`` before
# invoking ``stack.sh``.
#
# By default, the backing file is 8G in size, and is stored in ``/opt/stack/data``.
configure_backing_file
fi
elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
if is_service_enabled m-shr; then
SHARE_GROUP=$MANILA_CONTAINER_VOLUME_GROUP_NAME
configure_backing_file
fi
elif [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
if is_service_enabled m-shr; then
mkdir -p $MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR
file_counter=0
MANILA_ZFSONLINUX_SERVICE_IP=${MANILA_ZFSONLINUX_SERVICE_IP:-"127.0.0.1"}
for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
if [[ $file_counter == 0 ]]; then
# NOTE(vponomaryov): create two pools for first ZFS backend
# to cover different use cases that are supported by driver:
# - Support of more than one zpool for share backend.
# - Support of nested datasets.
local first_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/alpha
local second_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/betta
truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $first_file
truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $second_file
sudo zpool create alpha $first_file
sudo zpool create betta $second_file
# Create subdir (nested dataset) for second pool
sudo zfs create betta/subdir
iniset $MANILA_CONF $BE zfs_zpool_list alpha,betta/subdir
elif [[ $file_counter == 1 ]]; then
local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/gamma
truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
sudo zpool create gamma $file
iniset $MANILA_CONF $BE zfs_zpool_list gamma
else
local filename=file"$file_counter"
local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/"$filename"
truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
sudo zpool create $filename $file
iniset $MANILA_CONF $BE zfs_zpool_list $filename
fi
iniset $MANILA_CONF $BE zfs_share_export_ip $MANILA_ZFSONLINUX_SHARE_EXPORT_IP
iniset $MANILA_CONF $BE zfs_service_ip $MANILA_ZFSONLINUX_SERVICE_IP
iniset $MANILA_CONF $BE zfs_dataset_creation_options $MANILA_ZFSONLINUX_DATASET_CREATION_OPTIONS
iniset $MANILA_CONF $BE zfs_use_ssh $MANILA_ZFSONLINUX_USE_SSH
iniset $MANILA_CONF $BE zfs_ssh_username $MANILA_ZFSONLINUX_SSH_USERNAME
iniset $MANILA_CONF $BE replication_domain $MANILA_ZFSONLINUX_REPLICATION_DOMAIN
iniset $MANILA_CONF $BE driver_handles_share_servers False
let "file_counter=file_counter+1"
done
# Install the server's SSH key in our known_hosts file
eval STACK_HOME=~$STACK_USER
ssh-keyscan ${MANILA_ZFSONLINUX_SERVICE_IP} >> $STACK_HOME/.ssh/known_hosts
# If the server is this machine, setup trust for ourselves (otherwise you're on your own)
if [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "127.0.0.1" ] || [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "localhost" ] ; then
# Trust our own SSH keys
eval SSH_USER_HOME=~$MANILA_ZFSONLINUX_SSH_USERNAME
cat $STACK_HOME/.ssh/*.pub >> $SSH_USER_HOME/.ssh/authorized_keys
# Give ssh user sudo access
echo "$MANILA_ZFSONLINUX_SSH_USERNAME ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers > /dev/null
iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_ZFSONLINUX_SERVICE_IP
fi
fi
fi
# Create cache dir
sudo mkdir -p $MANILA_AUTH_CACHE_DIR
sudo chown $STACK_USER $MANILA_AUTH_CACHE_DIR
rm -f $MANILA_AUTH_CACHE_DIR/*
}
# check_nfs_kernel_service_state_ubuntu- Make sure nfsd is running
function check_nfs_kernel_service_state_ubuntu {
# (aovchinnikov): Workaround for nfs-utils bug 1052264
if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
echo "Apparently nfsd is not running. Trying to fix that."
sudo mkdir -p "/media/nfsdonubuntuhelper"
# (aovchinnikov): shell wrapping is needed for cases when a file to be written
# is owned by root.
sudo sh -c "echo '/media/nfsdonubuntuhelper 127.0.0.1(ro)' >> /etc/exports"
sudo service nfs-kernel-server start
fi
if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
echo "Failed to start nfsd. Exiting."
exit 1
fi
}
function _install_nfs_and_samba {
if is_ubuntu; then
install_package nfs-kernel-server nfs-common samba
check_nfs_kernel_service_state_ubuntu
elif is_fedora; then
install_package nfs-utils samba
sudo systemctl enable smb.service
sudo systemctl start smb.service
sudo systemctl enable nfs-server.service
sudo systemctl start nfs-server.service
elif is_suse; then
install_package nfs-kernel-server nfs-utils samba
else
echo "This distro is not supported. Skipping step of NFS and Samba installation."
fi
}
# install_manilaclient - Collect source and prepare
# In order to install from git, add LIBS_FROM_GIT="python-manilaclient"
# to local.conf
function install_manilaclient {
if use_library_from_git "python-manilaclient"; then
git_clone $MANILACLIENT_REPO $MANILACLIENT_DIR $MANILACLIENT_BRANCH
setup_develop $MANILACLIENT_DIR
else
pip_install python-manilaclient
fi
}
# install_manila - Collect source and prepare
function install_manila {
setup_develop $MANILA_DIR
if is_service_enabled m-shr; then
if [[ ! $(systemctl is-active nfs-ganesha.service) == 'active' ]]; then
_install_nfs_and_samba
fi
if [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
if [[ $(sudo zfs list &> /dev/null && sudo zpool list &> /dev/null || echo 'absent') == 'absent' ]]; then
# ZFS not found, try to install it
if is_ubuntu; then
if [[ $(lsb_release -s -d) == *"14.04"* ]]; then
# Trusty
sudo apt-get install -y software-properties-common
sudo apt-add-repository --yes ppa:zfs-native/stable
# Workaround for bug #1609696
sudo apt-mark hold grub*
sudo apt-get -y -q update && sudo apt-get -y -q upgrade
# Workaround for bug #1609696
sudo apt-mark unhold grub*
sudo apt-get install -y linux-headers-generic
sudo apt-get install -y build-essential
sudo apt-get install -y ubuntu-zfs
elif [[ $(lsb_release -s -d) == *"16.04"* ]]; then
# Xenial
sudo apt-get install -y zfsutils-linux
else
echo "Only 'Trusty' and 'Xenial' releases of Ubuntu are supported."
exit 1
fi
else
echo "Manila Devstack plugin supports installation "\
"of ZFS packages only for 'Ubuntu' distros. "\
"Please, install it first by other means or add its support "\
"for your distro."
exit 1
fi
sudo modprobe zfs
sudo modprobe zpool
fi
check_nfs_kernel_service_state_ubuntu
elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
if is_ubuntu; then
echo "Installing docker...."
install_docker_ubuntu
echo "Importing docker image"
import_docker_service_image_ubuntu
elif is_fedora; then
echo "Installing docker...."
install_docker_fedora
echo "Importing docker image"
# TODO(tbarron): See if using a fedora container image
# is faster/smaller because of fewer extra dependencies.
import_docker_service_image_ubuntu
else
echo "Manila Devstack plugin does not support Container Driver on"\
" distros other than Ubuntu or Fedora."
exit 1
fi
fi
fi
}
#configure_samba - Configure node as Samba server
function configure_samba {
if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
# TODO(vponomaryov): add here condition for ZFSonLinux driver too
# when it starts to support SAMBA
samba_daemon_name=smbd
if is_service_enabled m-shr; then
if is_fedora; then
samba_daemon_name=smb
fi
sudo service $samba_daemon_name restart || echo "Couldn't restart '$samba_daemon_name' service"
fi
if [[ -e /usr/share/samba/smb.conf ]]; then
sudo cp /usr/share/samba/smb.conf $SMB_CONF
fi
sudo chown $STACK_USER -R /etc/samba
iniset $SMB_CONF global include registry
iniset $SMB_CONF global security user
if [ ! -d "$SMB_PRIVATE_DIR" ]; then
sudo mkdir $SMB_PRIVATE_DIR
sudo touch $SMB_PRIVATE_DIR/secrets.tdb
fi
for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
iniset $MANILA_CONF $backend_name driver_handles_share_servers False
iniset $MANILA_CONF $backend_name lvm_share_export_ips $MANILA_LVM_SHARE_EXPORT_IPS
done
iniset $MANILA_CONF DEFAULT data_node_access_ip $HOST_IP
fi
}
# start_manila_api - starts manila API services and checks its availability
function start_manila_api {
if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
install_apache_wsgi
enable_apache_site manila-api
restart_apache_server
tail_log m-api /var/log/$APACHE_NAME/manila_api.log
else
run_process m-api "$MANILA_BIN_DIR/manila-api --config-file $MANILA_CONF"
fi
echo "Waiting for Manila API to start..."
if ! wait_for_service $SERVICE_TIMEOUT $MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT; then
die $LINENO "Manila API did not start"
fi
# Start proxies if enabled
if is_service_enabled tls-proxy; then
start_tls_proxy '*' $MANILA_SERVICE_PORT $MANILA_SERVICE_HOST $MANILA_SERVICE_PORT_INT &
fi
}
# start_rest_of_manila - starts non-api manila services
function start_rest_of_manila {
run_process m-shr "$MANILA_BIN_DIR/manila-share --config-file $MANILA_CONF"
run_process m-sch "$MANILA_BIN_DIR/manila-scheduler --config-file $MANILA_CONF"
run_process m-dat "$MANILA_BIN_DIR/manila-data --config-file $MANILA_CONF"
}
# start_manila - start all manila services. This function is kept for compatibility
# reasons with old approach.
function start_manila {
start_manila_api
start_rest_of_manila
}
# stop_manila - Stop running processes
function stop_manila {
# Disable manila api service
if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
disable_apache_site manila-api
restart_apache_server
else
stop_process m-api
fi
# Kill all other manila processes
for serv in m-sch m-shr m-dat; do
stop_process $serv
done
}
# update_tempest - Function used for updating Tempest config if Tempest service enabled
function update_tempest {
if is_service_enabled tempest; then
TEMPEST_CONFIG=${TEMPEST_CONFIG:-$TEMPEST_DIR/etc/tempest.conf}
ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-"admin"}
ADMIN_DOMAIN_NAME=${ADMIN_DOMAIN_NAME:-"Default"}
ADMIN_PASSWORD=${ADMIN_PASSWORD:-"secretadmin"}
if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
iniset $TEMPEST_CONFIG share image_password $MANILA_SERVICE_INSTANCE_PASSWORD
fi
iniset $TEMPEST_CONFIG share image_with_share_tools $MANILA_SERVICE_IMAGE_NAME
iniset $TEMPEST_CONFIG auth admin_username ${ADMIN_USERNAME:-"admin"}
iniset $TEMPEST_CONFIG auth admin_password ${ADMIN_PASSWORD:-"secretadmin"}
iniset $TEMPEST_CONFIG auth admin_tenant_name $ADMIN_TENANT_NAME
iniset $TEMPEST_CONFIG auth admin_domain_name $ADMIN_DOMAIN_NAME
iniset $TEMPEST_CONFIG identity username ${TEMPEST_USERNAME:-"demo"}
iniset $TEMPEST_CONFIG identity password $ADMIN_PASSWORD
iniset $TEMPEST_CONFIG identity tenant_name ${TEMPEST_TENANT_NAME:-"demo"}
iniset $TEMPEST_CONFIG identity domain_name $ADMIN_DOMAIN_NAME
iniset $TEMPEST_CONFIG identity alt_username ${ALT_USERNAME:-"alt_demo"}
iniset $TEMPEST_CONFIG identity alt_password $ADMIN_PASSWORD
iniset $TEMPEST_CONFIG identity alt_tenant_name ${ALT_TENANT_NAME:-"alt_demo"}
iniset $TEMPEST_CONFIG identity alt_domain_name $ADMIN_DOMAIN_NAME
fi
}
function install_docker_ubuntu {
sudo apt-get update
install_package apparmor
install_package docker.io
}
function install_docker_fedora {
sudo yum install -y docker
sudo systemctl enable docker
sudo systemctl start docker
}
function download_image {
local image_url=$1
local image image_fname
image_fname=`basename "$image_url"`
if [[ $image_url != file* ]]; then
# Downloads the image (uec ami+akistyle), then extracts it.
if [[ ! -f $FILES/$image_fname || "$(stat -c "%s" $FILES/$image_fname)" = "0" ]]; then
wget --progress=dot:giga -c $image_url -O $FILES/$image_fname
if [[ $? -ne 0 ]]; then
echo "Not found: $image_url"
return
fi
fi
image="$FILES/${image_fname}"
else
# File based URL (RFC 1738): ``file://host/path``
# Remote files are not considered here.
# unix: ``file:///home/user/path/file``
# windows: ``file:///C:/Documents%20and%20Settings/user/path/file``
image=$(echo $image_url | sed "s/^file:\/\///g")
if [[ ! -f $image || "$(stat -c "%s" $image)" == "0" ]]; then
echo "Not found: $image_url"
return
fi
fi
}
function import_docker_service_image_ubuntu {
GZIPPED_IMG_NAME=`basename "$MANILA_DOCKER_IMAGE_URL"`
IMG_NAME_LOAD=${GZIPPED_IMG_NAME%.*}
LOCAL_IMG_NAME=${IMG_NAME_LOAD%.*}
if [[ "$(sudo docker images -q $LOCAL_IMG_NAME)" == "" ]]; then
download_image $MANILA_DOCKER_IMAGE_URL
# Import image in Docker
gzip -d $FILES/$GZIPPED_IMG_NAME
sudo docker load --input $FILES/$IMG_NAME_LOAD
fi
}
function remove_docker_service_image {
sudo docker rmi $MANILA_DOCKER_IMAGE_ALIAS
}
function install_libraries {
if [ $(trueorfalse False MANILA_MULTI_BACKEND) == True ]; then
if [ $(trueorfalse True RUN_MANILA_HOST_ASSISTED_MIGRATION_TESTS) == True ]; then
if is_ubuntu; then
install_package nfs-common
else
install_package nfs-utils
fi
fi
fi
}
# Main dispatcher
if [[ "$1" == "stack" && "$2" == "install" ]]; then
echo_summary "Installing Manila Client"
install_manilaclient
echo_summary "Installing Manila"
install_manila
set_cinder_quotas
elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
echo_summary "Configuring Manila"
configure_manila
echo_summary "Initializing Manila"
init_manila
echo_summary "Installing extra libraries"
install_libraries
echo_summary "Creating Manila entities for auth service"
create_manila_accounts
# Cinder config update
if is_service_enabled cinder && [[ -n "$CINDER_OVERSUBSCRIPTION_RATIO" ]]; then
CINDER_CONF=${CINDER_CONF:-/etc/cinder/cinder.conf}
CINDER_ENABLED_BACKENDS=$(iniget $CINDER_CONF DEFAULT enabled_backends)
for BN in ${CINDER_ENABLED_BACKENDS//,/ }; do
iniset $CINDER_CONF $BN lvm_max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
done
iniset $CINDER_CONF DEFAULT max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
fi
elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
if is_service_enabled nova; then
echo_summary "Creating Manila service flavor"
create_manila_service_flavor
echo_summary "Creating Manila service security group"
create_manila_service_secgroup
fi
# Skip image downloads when disabled.
# This way vendor Manila driver CI tests can skip
# this potentially long and unnecessary download.
if [ "$MANILA_SERVICE_IMAGE_ENABLED" = "True" ]; then
echo_summary "Creating Manila service image"
create_manila_service_image
else
echo_summary "Skipping download of Manila service image"
fi
if is_service_enabled nova; then
echo_summary "Creating Manila service keypair"
create_manila_service_keypair
fi
echo_summary "Configure Samba server"
configure_samba
echo_summary "Starting Manila API"
start_manila_api
# Workaround for bug #1660304
if [ "$SHARE_DRIVER" != "manila.share.drivers.generic.GenericShareDriver" ]; then
echo_summary "Starting rest of Manila services - scheduler, share and data"
start_rest_of_manila
fi
echo_summary "Creating Manila default share type"
create_default_share_type
echo_summary "Creating Manila default share group type"
create_default_share_group_type
echo_summary "Creating Manila custom share types"
create_custom_share_types
echo_summary "Manila UI is no longer enabled by default. \
Add enable_plugin manila-ui github.com/openstack/manila-ui \
to your local.conf file to enable Manila UI"
elif [[ "$1" == "stack" && "$2" == "test-config" ]]; then
###########################################################################
# NOTE(vponomaryov): Workaround for bug #1660304
# We are able to create Nova VMs now only when last Nova step is performed
# which is registration of cell0. It is registered as last action in
# "post-extra" section.
if is_service_enabled nova; then
echo_summary "Creating Manila service VMs for generic driver \
backends for which handlng of share servers is disabled."
create_service_share_servers
fi
if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
echo_summary "Starting rest of Manila services - scheduler, share and data"
start_rest_of_manila
fi
###########################################################################
echo_summary "Update Tempest config"
update_tempest
fi
if [[ "$1" == "unstack" ]]; then
cleanup_manila
fi
if [[ "$1" == "clean" ]]; then
cleanup_manila
sudo rm -rf /etc/manila
fi
# Restore xtrace
$XTRACE