Shared filesystem management project for OpenStack.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

1252 lines
52 KiB

  1. #!/bin/bash
  2. # Plugin file for enabling manila services
  3. # ----------------------------------------
  4. # Save trace setting
  5. XTRACE=$(set +o | grep xtrace)
  6. set -o xtrace
  7. # Entry Points
  8. # ------------
  9. function _clean_share_group {
  10. local vg=$1
  11. local vg_prefix=$2
  12. # Clean out existing shares
  13. for lv in `sudo lvs --noheadings -o lv_name $vg`; do
  14. # vg_prefix prefixes the LVs we want
  15. if [[ "${lv#$vg_prefix}" != "$lv" ]]; then
  16. sudo umount -f $MANILA_MNT_DIR/$lv
  17. sudo lvremove -f $vg/$lv
  18. sudo rm -rf $MANILA_MNT_DIR/$lv
  19. fi
  20. done
  21. }
  22. function _clean_manila_lvm_backing_file {
  23. local vg=$1
  24. # if there is no logical volume left, it's safe to attempt a cleanup
  25. # of the backing file
  26. if [ -z "`sudo lvs --noheadings -o lv_name $vg`" ]; then
  27. # if the backing physical device is a loop device, it was probably setup by devstack
  28. VG_DEV=$(sudo losetup -j $DATA_DIR/${vg}-backing-file | awk -F':' '/backing-file/ { print $1
  29. }')
  30. if [[ -n "$VG_DEV" ]]; then
  31. sudo losetup -d $VG_DEV
  32. rm -f $DATA_DIR/${vg}-backing-file
  33. fi
  34. fi
  35. }
  36. function _clean_zfsonlinux_data {
  37. for filename in "$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/*; do
  38. if [[ $(sudo zpool list | grep $filename) ]]; then
  39. echo "Destroying zpool named $filename"
  40. sudo zpool destroy -f $filename
  41. file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR$filename"
  42. echo "Destroying file named $file"
  43. rm -f $file
  44. fi
  45. done
  46. }
  47. # cleanup_manila - Remove residual data files, anything left over from previous
  48. # runs that a clean run would need to clean up
  49. function cleanup_manila {
  50. # All stuff, that are created by share drivers will be cleaned up by other services.
  51. _clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
  52. _clean_manila_lvm_backing_file $SHARE_GROUP
  53. _clean_zfsonlinux_data
  54. }
  55. # _config_manila_apache_wsgi() - Configure manila-api wsgi application.
  56. function _config_manila_apache_wsgi {
  57. local manila_api_apache_conf
  58. local venv_path=""
  59. manila_api_apache_conf=$(apache_site_config_for manila-api)
  60. sudo cp $MANILA_DIR/devstack/apache-manila.template $manila_api_apache_conf
  61. sudo sed -e "
  62. s|%APACHE_NAME%|$APACHE_NAME|g;
  63. s|%MANILA_BIN_DIR%|$MANILA_BIN_DIR|g;
  64. s|%PORT%|$REAL_MANILA_SERVICE_PORT|g;
  65. s|%APIWORKERS%|$API_WORKERS|g;
  66. s|%USER%|$STACK_USER|g;
  67. " -i $manila_api_apache_conf
  68. }
  69. # configure_default_backends - configures default Manila backends with generic driver.
  70. function configure_default_backends {
  71. # Configure two default backends with generic drivers onboard
  72. for group_name in $MANILA_BACKEND1_CONFIG_GROUP_NAME $MANILA_BACKEND2_CONFIG_GROUP_NAME; do
  73. iniset $MANILA_CONF $group_name share_driver $SHARE_DRIVER
  74. if [ "$MANILA_BACKEND1_CONFIG_GROUP_NAME" == "$group_name" ]; then
  75. iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND1_NAME
  76. else
  77. iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND2_NAME
  78. fi
  79. iniset $MANILA_CONF $group_name path_to_public_key $MANILA_PATH_TO_PUBLIC_KEY
  80. iniset $MANILA_CONF $group_name path_to_private_key $MANILA_PATH_TO_PRIVATE_KEY
  81. iniset $MANILA_CONF $group_name service_image_name $MANILA_SERVICE_IMAGE_NAME
  82. iniset $MANILA_CONF $group_name service_instance_user $MANILA_SERVICE_INSTANCE_USER
  83. iniset $MANILA_CONF $group_name driver_handles_share_servers True
  84. if [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  85. iniset $MANILA_CONF $group_name network_api_class $MANILA_NETWORK_API_CLASS
  86. iniset $MANILA_CONF $group_name neutron_host_id $(hostname)
  87. iniset $MANILA_CONF $group_name neutron_vnic_type $MANILA_NEUTRON_VNIC_TYPE
  88. fi
  89. if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  90. iniset $MANILA_CONF $group_name service_instance_password $MANILA_SERVICE_INSTANCE_PASSWORD
  91. fi
  92. if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
  93. iniset $MANILA_CONF $group_name ssh_conn_timeout $MANILA_SSH_TIMEOUT
  94. fi
  95. done
  96. }
  97. # set_config_opts - this allows to set any config opt to any config group,
  98. # parsing env vars by prefix special 'MANILA_OPTGROUP_'.
  99. function set_config_opts {
  100. # expects only one param - name of config group(s) as list separated by commas
  101. GROUP_NAMES=$1
  102. if [[ -n "$GROUP_NAMES" ]]; then
  103. for be in ${GROUP_NAMES//,/ }; do
  104. # get backend_specific opt values
  105. prefix=MANILA_OPTGROUP_$be\_
  106. ( set -o posix ; set ) | grep ^$prefix | while read -r line ; do
  107. # parse it to opt names and values
  108. opt=${line#$prefix}
  109. opt_name=${opt%%=*}
  110. opt_value=${opt##*=}
  111. iniset $MANILA_CONF $be $opt_name $opt_value
  112. done
  113. done
  114. fi
  115. }
  116. # set_cinder_quotas - Sets Cinder quotas, that is useful for generic driver,
  117. # which uses Cinder volumes and snapshots.
  118. function set_cinder_quotas {
  119. # Update Cinder configuration to make sure default quotas are enough
  120. # for Manila using Generic driver with parallel testing.
  121. if is_service_enabled cinder; then
  122. if [[ ! "$CINDER_CONF" ]]; then
  123. CINDER_CONF=/etc/cinder/cinder.conf
  124. fi
  125. iniset $CINDER_CONF DEFAULT quota_volumes 50
  126. iniset $CINDER_CONF DEFAULT quota_snapshots 50
  127. iniset $CINDER_CONF DEFAULT quota_gigabytes 1000
  128. fi
  129. }
  130. # configure_manila - Set config files, create data dirs, etc
  131. function configure_manila {
  132. if [[ ! -d $MANILA_CONF_DIR ]]; then
  133. sudo mkdir -p $MANILA_CONF_DIR
  134. fi
  135. sudo chown $STACK_USER $MANILA_CONF_DIR
  136. if [[ -f $MANILA_DIR/etc/manila/policy.json ]]; then
  137. cp -p $MANILA_DIR/etc/manila/policy.json $MANILA_CONF_DIR
  138. fi
  139. # Set the paths of certain binaries
  140. MANILA_ROOTWRAP=$(get_rootwrap_location manila)
  141. # If Manila ships the new rootwrap filters files, deploy them
  142. # (owned by root) and add a parameter to $MANILA_ROOTWRAP
  143. ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP"
  144. if [[ -d $MANILA_DIR/etc/manila/rootwrap.d ]]; then
  145. # Wipe any existing rootwrap.d files first
  146. if [[ -d $MANILA_CONF_DIR/rootwrap.d ]]; then
  147. sudo rm -rf $MANILA_CONF_DIR/rootwrap.d
  148. fi
  149. # Deploy filters to /etc/manila/rootwrap.d
  150. sudo mkdir -m 755 $MANILA_CONF_DIR/rootwrap.d
  151. sudo cp $MANILA_DIR/etc/manila/rootwrap.d/*.filters $MANILA_CONF_DIR/rootwrap.d
  152. sudo chown -R root:root $MANILA_CONF_DIR/rootwrap.d
  153. sudo chmod 644 $MANILA_CONF_DIR/rootwrap.d/*
  154. # Set up rootwrap.conf, pointing to /etc/manila/rootwrap.d
  155. sudo cp $MANILA_DIR/etc/manila/rootwrap.conf $MANILA_CONF_DIR/
  156. sudo sed -e "s:^filters_path=.*$:filters_path=$MANILA_CONF_DIR/rootwrap.d:" -i $MANILA_CONF_DIR/rootwrap.conf
  157. sudo chown root:root $MANILA_CONF_DIR/rootwrap.conf
  158. sudo chmod 0644 $MANILA_CONF_DIR/rootwrap.conf
  159. # Specify rootwrap.conf as first parameter to manila-rootwrap
  160. MANILA_ROOTWRAP="$MANILA_ROOTWRAP $MANILA_CONF_DIR/rootwrap.conf"
  161. ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP *"
  162. fi
  163. TEMPFILE=`mktemp`
  164. echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_MANILA_SUDOER_CMD" >$TEMPFILE
  165. chmod 0440 $TEMPFILE
  166. sudo chown root:root $TEMPFILE
  167. sudo mv $TEMPFILE /etc/sudoers.d/manila-rootwrap
  168. cp $MANILA_DIR/etc/manila/api-paste.ini $MANILA_API_PASTE_INI
  169. # Remove old conf file if exists
  170. rm -f $MANILA_CONF
  171. configure_auth_token_middleware $MANILA_CONF manila $MANILA_AUTH_CACHE_DIR
  172. iniset $MANILA_CONF DEFAULT auth_strategy keystone
  173. iniset $MANILA_CONF DEFAULT debug True
  174. iniset $MANILA_CONF DEFAULT scheduler_driver $MANILA_SCHEDULER_DRIVER
  175. iniset $MANILA_CONF DEFAULT share_name_template ${SHARE_NAME_PREFIX}%s
  176. iniset $MANILA_CONF DATABASE connection `database_connection_url manila`
  177. iniset $MANILA_CONF DATABASE max_pool_size 40
  178. iniset $MANILA_CONF DEFAULT api_paste_config $MANILA_API_PASTE_INI
  179. iniset $MANILA_CONF DEFAULT rootwrap_config $MANILA_CONF_DIR/rootwrap.conf
  180. iniset $MANILA_CONF DEFAULT osapi_share_extension manila.api.contrib.standard_extensions
  181. iniset $MANILA_CONF DEFAULT state_path $MANILA_STATE_PATH
  182. # Note: Sample share types will still be created if the below is False
  183. if [ $(trueorfalse False MANILA_CONFIGURE_DEFAULT_TYPES) == True ]; then
  184. iniset $MANILA_CONF DEFAULT default_share_type $MANILA_DEFAULT_SHARE_TYPE
  185. iniset $MANILA_CONF DEFAULT default_share_group_type $MANILA_DEFAULT_SHARE_GROUP_TYPE
  186. fi
  187. if ! [[ -z $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL ]]; then
  188. iniset $MANILA_CONF DEFAULT migration_driver_continue_update_interval $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL
  189. fi
  190. if ! [[ -z $MANILA_DATA_COPY_CHECK_HASH ]]; then
  191. iniset $MANILA_CONF DEFAULT check_hash $MANILA_DATA_COPY_CHECK_HASH
  192. fi
  193. iniset $MANILA_CONF DEFAULT enabled_share_protocols $MANILA_ENABLED_SHARE_PROTOCOLS
  194. iniset $MANILA_CONF oslo_concurrency lock_path $MANILA_LOCK_PATH
  195. iniset $MANILA_CONF DEFAULT wsgi_keep_alive False
  196. iniset $MANILA_CONF DEFAULT lvm_share_volume_group $SHARE_GROUP
  197. # Set the replica_state_update_interval
  198. iniset $MANILA_CONF DEFAULT replica_state_update_interval $MANILA_REPLICA_STATE_UPDATE_INTERVAL
  199. if is_service_enabled neutron; then
  200. configure_auth_token_middleware $MANILA_CONF neutron $MANILA_AUTH_CACHE_DIR neutron
  201. fi
  202. if is_service_enabled nova; then
  203. configure_auth_token_middleware $MANILA_CONF nova $MANILA_AUTH_CACHE_DIR nova
  204. fi
  205. if is_service_enabled cinder; then
  206. configure_auth_token_middleware $MANILA_CONF cinder $MANILA_AUTH_CACHE_DIR cinder
  207. fi
  208. # Note: set up config group does not mean that this backend will be enabled.
  209. # To enable it, specify its name explicitly using "enabled_share_backends" opt.
  210. configure_default_backends
  211. default_backends=$MANILA_BACKEND1_CONFIG_GROUP_NAME
  212. if [ "$MANILA_MULTI_BACKEND" = "True" ]; then
  213. default_backends+=,$MANILA_BACKEND2_CONFIG_GROUP_NAME
  214. fi
  215. if [ ! $MANILA_ENABLED_BACKENDS ]; then
  216. # If $MANILA_ENABLED_BACKENDS is not set, use configured backends by default
  217. export MANILA_ENABLED_BACKENDS=$default_backends
  218. fi
  219. iniset $MANILA_CONF DEFAULT enabled_share_backends $MANILA_ENABLED_BACKENDS
  220. if [ ! -f $MANILA_PATH_TO_PRIVATE_KEY ]; then
  221. ssh-keygen -N "" -t rsa -f $MANILA_PATH_TO_PRIVATE_KEY;
  222. fi
  223. iniset $MANILA_CONF DEFAULT manila_service_keypair_name $MANILA_SERVICE_KEYPAIR_NAME
  224. REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT
  225. if is_service_enabled tls-proxy; then
  226. # Set the protocol to 'https', and set the default port
  227. MANILA_SERVICE_PROTOCOL="https"
  228. REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT_INT
  229. # Set the service port for a proxy to take the original
  230. iniset $MANILA_CONF DEFAULT osapi_share_listen_port $REAL_MANILA_SERVICE_PORT
  231. iniset $MANILA_CONF oslo_middleware enable_proxy_headers_parsing True
  232. fi
  233. iniset_rpc_backend manila $MANILA_CONF DEFAULT
  234. setup_logging $MANILA_CONF
  235. MANILA_CONFIGURE_GROUPS=${MANILA_CONFIGURE_GROUPS:-"$MANILA_ENABLED_BACKENDS"}
  236. set_config_opts $MANILA_CONFIGURE_GROUPS
  237. set_config_opts DEFAULT
  238. if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  239. _config_manila_apache_wsgi
  240. fi
  241. }
  242. function create_manila_service_keypair {
  243. if is_service_enabled nova; then
  244. local keypair_exists=$( openstack keypair list | grep " $MANILA_SERVICE_KEYPAIR_NAME " )
  245. if [[ -z $keypair_exists ]]; then
  246. openstack keypair create $MANILA_SERVICE_KEYPAIR_NAME --public-key $MANILA_PATH_TO_PUBLIC_KEY
  247. fi
  248. fi
  249. }
  250. function is_driver_enabled {
  251. driver_name=$1
  252. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  253. share_driver=$(iniget $MANILA_CONF $BE share_driver)
  254. if [ "$share_driver" == "$driver_name" ]; then
  255. return 0
  256. fi
  257. done
  258. return 1
  259. }
  260. # create_service_share_servers - creates service Nova VMs, one per generic
  261. # driver, and only if it is configured to mode without handling of share servers.
  262. function create_service_share_servers {
  263. created_admin_network=false
  264. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  265. driver_handles_share_servers=$(iniget $MANILA_CONF $BE driver_handles_share_servers)
  266. share_driver=$(iniget $MANILA_CONF $BE share_driver)
  267. generic_driver='manila.share.drivers.generic.GenericShareDriver'
  268. if [[ $share_driver == $generic_driver ]]; then
  269. if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  270. vm_name='manila_service_share_server_'$BE
  271. local vm_exists=$( openstack server list --all-projects | grep " $vm_name " )
  272. if [[ -z $vm_exists ]]; then
  273. private_net_id=$(openstack network show $PRIVATE_NETWORK_NAME -f value -c id)
  274. vm_id=$(openstack server create $vm_name \
  275. --flavor $MANILA_SERVICE_VM_FLAVOR_NAME \
  276. --image $MANILA_SERVICE_IMAGE_NAME \
  277. --nic net-id=$private_net_id \
  278. --security-group $MANILA_SERVICE_SECGROUP \
  279. --key-name $MANILA_SERVICE_KEYPAIR_NAME \
  280. | grep ' id ' | get_field 2)
  281. else
  282. vm_id=$(openstack server show $vm_name -f value -c id)
  283. fi
  284. floating_ip=$(openstack floating ip create $PUBLIC_NETWORK_NAME --subnet $PUBLIC_SUBNET_NAME | grep 'floating_ip_address' | get_field 2)
  285. openstack server add floating ip $vm_id $floating_ip
  286. iniset $MANILA_CONF $BE service_instance_name_or_id $vm_id
  287. iniset $MANILA_CONF $BE service_net_name_or_ip $floating_ip
  288. iniset $MANILA_CONF $BE tenant_net_name_or_ip $PRIVATE_NETWORK_NAME
  289. else
  290. if is_service_enabled neutron; then
  291. if ! [[ -z $MANILA_ADMIN_NET_RANGE ]]; then
  292. if [ $created_admin_network == false ]; then
  293. project_id=$(openstack project show $SERVICE_PROJECT_NAME -c id -f value)
  294. local admin_net_id=$( openstack network show admin_net -f value -c id )
  295. if [[ -z $admin_net_id ]]; then
  296. openstack network create admin_net --project $project_id
  297. admin_net_id=$(openstack network show admin_net -f value -c id)
  298. fi
  299. local admin_subnet_id=$( openstack subnet show admin_subnet -f value -c id )
  300. if [[ -z $admin_subnet_id ]]; then
  301. openstack subnet create admin_subnet --project $project_id --ip-version 4 --network $admin_net_id --gateway None --subnet-range $MANILA_ADMIN_NET_RANGE
  302. admin_subnet_id=$(openstack subnet show admin_subnet -f value -c id)
  303. fi
  304. created_admin_network=true
  305. fi
  306. iniset $MANILA_CONF $BE admin_network_id $admin_net_id
  307. iniset $MANILA_CONF $BE admin_subnet_id $admin_subnet_id
  308. fi
  309. fi
  310. fi
  311. fi
  312. done
  313. configure_data_service_generic_driver
  314. }
  315. function configure_data_service_generic_driver {
  316. enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  317. share_driver=$(iniget $MANILA_CONF ${enabled_backends[0]} share_driver)
  318. generic_driver='manila.share.drivers.generic.GenericShareDriver'
  319. if [[ $share_driver == $generic_driver ]]; then
  320. driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  321. if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  322. iniset $MANILA_CONF DEFAULT data_node_access_ip $PUBLIC_NETWORK_GATEWAY
  323. else
  324. if ! [[ -z $MANILA_DATA_NODE_IP ]]; then
  325. iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_DATA_NODE_IP
  326. fi
  327. fi
  328. fi
  329. }
  330. # create_manila_service_flavor - creates flavor, that will be used by backends
  331. # with configured generic driver to boot Nova VMs with.
  332. function create_manila_service_flavor {
  333. if is_service_enabled nova; then
  334. local flavor_exists=$( openstack flavor list | grep " $MANILA_SERVICE_VM_FLAVOR_NAME " )
  335. if [[ -z $flavor_exists ]]; then
  336. # Create flavor for Manila's service VM
  337. openstack flavor create \
  338. $MANILA_SERVICE_VM_FLAVOR_NAME \
  339. --id $MANILA_SERVICE_VM_FLAVOR_REF \
  340. --ram $MANILA_SERVICE_VM_FLAVOR_RAM \
  341. --disk $MANILA_SERVICE_VM_FLAVOR_DISK \
  342. --vcpus $MANILA_SERVICE_VM_FLAVOR_VCPUS
  343. fi
  344. fi
  345. }
  346. # create_manila_service_image - creates image, that will be used by backends
  347. # with configured generic driver to boot Nova VMs from.
  348. function create_manila_service_image {
  349. if is_service_enabled nova; then
  350. TOKEN=$(openstack token issue -c id -f value)
  351. local image_exists=$( openstack image list | grep " $MANILA_SERVICE_IMAGE_NAME " )
  352. if [[ -z $image_exists ]]; then
  353. # Download Manila's image
  354. if is_service_enabled g-reg; then
  355. upload_image $MANILA_SERVICE_IMAGE_URL $TOKEN
  356. fi
  357. fi
  358. fi
  359. }
  360. # create_manila_service_secgroup - creates security group that is used by
  361. # Nova VMs when generic driver is configured.
  362. function create_manila_service_secgroup {
  363. # Create a secgroup
  364. if ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; then
  365. openstack security group create $MANILA_SERVICE_SECGROUP --description "$MANILA_SERVICE_SECGROUP description"
  366. if ! timeout 30 sh -c "while ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; do sleep 1; done"; then
  367. echo "Security group not created"
  368. exit 1
  369. fi
  370. fi
  371. # Configure Security Group Rules
  372. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q icmp; then
  373. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol icmp
  374. fi
  375. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 22 "; then
  376. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 22
  377. fi
  378. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 2049 "; then
  379. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 2049
  380. fi
  381. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 2049 "; then
  382. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 2049
  383. fi
  384. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 445 "; then
  385. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 445
  386. fi
  387. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 445 "; then
  388. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 445
  389. fi
  390. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 139 "; then
  391. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 137:139
  392. fi
  393. if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 139 "; then
  394. openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 137:139
  395. fi
  396. # List secgroup rules
  397. openstack security group rule list $MANILA_SERVICE_SECGROUP
  398. }
  399. # create_manila_accounts - Set up common required manila accounts
  400. function create_manila_accounts {
  401. create_service_user "manila"
  402. # Set up Manila v1 service and endpoint
  403. get_or_create_service "manila" "share" "Manila Shared Filesystem Service"
  404. get_or_create_endpoint "share" "$REGION_NAME" \
  405. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
  406. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s" \
  407. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v1/\$(tenant_id)s"
  408. # Set up Manila v2 service and endpoint
  409. get_or_create_service "manilav2" "sharev2" "Manila Shared Filesystem Service V2"
  410. get_or_create_endpoint "sharev2" "$REGION_NAME" \
  411. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s" \
  412. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s" \
  413. "$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$MANILA_SERVICE_PORT/v2/\$(tenant_id)s"
  414. }
  415. # create_default_share_group_type - create share group type that will be set as default.
  416. function create_default_share_group_type {
  417. local type_exists=$( manila share-group-type-list | grep " $MANILA_DEFAULT_SHARE_GROUP_TYPE " )
  418. if [[ -z $type_exists ]]; then
  419. manila share-group-type-create $MANILA_DEFAULT_SHARE_GROUP_TYPE $MANILA_DEFAULT_SHARE_TYPE
  420. fi
  421. if [[ $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS ]]; then
  422. manila share-group-type-key $MANILA_DEFAULT_SHARE_GROUP_TYPE set $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS
  423. fi
  424. }
  425. # create_default_share_type - create share type that will be set as default
  426. # if $MANILA_CONFIGURE_DEFAULT_TYPES is set to True, if set to False, the share
  427. # type identified by $MANILA_DEFAULT_SHARE_TYPE is still created, but not
  428. # configured as default.
  429. function create_default_share_type {
  430. enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  431. driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  432. local type_exists=$( manila type-list | grep " $MANILA_DEFAULT_SHARE_TYPE " )
  433. if [[ -z $type_exists ]]; then
  434. local command_args="$MANILA_DEFAULT_SHARE_TYPE $driver_handles_share_servers"
  435. #if is_driver_enabled $MANILA_CONTAINER_DRIVER; then
  436. # # TODO(aovchinnikov): Remove this condition when Container driver supports
  437. # # snapshots
  438. # command_args="$command_args --snapshot_support false"
  439. #fi
  440. manila type-create $command_args
  441. fi
  442. if [[ $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS ]]; then
  443. manila type-key $MANILA_DEFAULT_SHARE_TYPE set $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS
  444. fi
  445. }
  446. # create_custom_share_types - create share types suitable for both possible
  447. # driver modes with names "dhss_true" and "dhss_false".
  448. function create_custom_share_types {
  449. manila type-create dhss_true True
  450. if [[ $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS ]]; then
  451. manila type-key dhss_true set $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS
  452. fi
  453. manila type-create dhss_false False
  454. if [[ $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS ]]; then
  455. manila type-key dhss_false set $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS
  456. fi
  457. }
  458. # configure_backing_file - Set up backing file for LVM
  459. function configure_backing_file {
  460. if ! sudo vgs $SHARE_GROUP; then
  461. if [ "$CONFIGURE_BACKING_FILE" = "True" ]; then
  462. SHARE_BACKING_FILE=${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}
  463. # Only create if the file doesn't already exists
  464. [[ -f $SHARE_BACKING_FILE ]] || truncate -s $SHARE_BACKING_FILE_SIZE $SHARE_BACKING_FILE
  465. DEV=`sudo losetup -f --show $SHARE_BACKING_FILE`
  466. else
  467. DEV=$SHARE_BACKING_FILE
  468. fi
  469. # Only create if the loopback device doesn't contain $SHARE_GROUP
  470. if ! sudo vgs $SHARE_GROUP; then sudo vgcreate $SHARE_GROUP $DEV; fi
  471. fi
  472. mkdir -p $MANILA_STATE_PATH/shares
  473. mkdir -p /tmp/shares
  474. }
  475. # init_manila - Initializes database and creates manila dir if absent
  476. function init_manila {
  477. if is_service_enabled $DATABASE_BACKENDS; then
  478. # (re)create manila database
  479. recreate_database manila
  480. $MANILA_BIN_DIR/manila-manage db sync
  481. if [[ $(trueorfalse False MANILA_USE_DOWNGRADE_MIGRATIONS) == True ]]; then
  482. # Use both - upgrade and downgrade migrations to verify that
  483. # downgrade migrations do not break structure of Manila database.
  484. $MANILA_BIN_DIR/manila-manage db downgrade
  485. $MANILA_BIN_DIR/manila-manage db sync
  486. fi
  487. # Display version as debug-action (see bug/1473400)
  488. $MANILA_BIN_DIR/manila-manage db version
  489. fi
  490. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  491. if is_service_enabled m-shr; then
  492. # Configure a default volume group called '`lvm-shares`' for the share
  493. # service if it does not yet exist. If you don't wish to use a file backed
  494. # volume group, create your own volume group called ``stack-volumes`` before
  495. # invoking ``stack.sh``.
  496. #
  497. # By default, the backing file is 8G in size, and is stored in ``/opt/stack/data``.
  498. configure_backing_file
  499. fi
  500. elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  501. if is_service_enabled m-shr; then
  502. SHARE_GROUP=$MANILA_CONTAINER_VOLUME_GROUP_NAME
  503. configure_backing_file
  504. fi
  505. elif [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  506. if is_service_enabled m-shr; then
  507. mkdir -p $MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR
  508. file_counter=0
  509. MANILA_ZFSONLINUX_SERVICE_IP=${MANILA_ZFSONLINUX_SERVICE_IP:-"127.0.0.1"}
  510. for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  511. if [[ $file_counter == 0 ]]; then
  512. # NOTE(vponomaryov): create two pools for first ZFS backend
  513. # to cover different use cases that are supported by driver:
  514. # - Support of more than one zpool for share backend.
  515. # - Support of nested datasets.
  516. local first_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/alpha
  517. local second_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/betta
  518. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $first_file
  519. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $second_file
  520. sudo zpool create alpha $first_file
  521. sudo zpool create betta $second_file
  522. # Create subdir (nested dataset) for second pool
  523. sudo zfs create betta/subdir
  524. iniset $MANILA_CONF $BE zfs_zpool_list alpha,betta/subdir
  525. elif [[ $file_counter == 1 ]]; then
  526. local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/gamma
  527. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  528. sudo zpool create gamma $file
  529. iniset $MANILA_CONF $BE zfs_zpool_list gamma
  530. else
  531. local filename=file"$file_counter"
  532. local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/"$filename"
  533. truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  534. sudo zpool create $filename $file
  535. iniset $MANILA_CONF $BE zfs_zpool_list $filename
  536. fi
  537. iniset $MANILA_CONF $BE zfs_share_export_ip $MANILA_ZFSONLINUX_SHARE_EXPORT_IP
  538. iniset $MANILA_CONF $BE zfs_service_ip $MANILA_ZFSONLINUX_SERVICE_IP
  539. iniset $MANILA_CONF $BE zfs_dataset_creation_options $MANILA_ZFSONLINUX_DATASET_CREATION_OPTIONS
  540. iniset $MANILA_CONF $BE zfs_use_ssh $MANILA_ZFSONLINUX_USE_SSH
  541. iniset $MANILA_CONF $BE zfs_ssh_username $MANILA_ZFSONLINUX_SSH_USERNAME
  542. iniset $MANILA_CONF $BE replication_domain $MANILA_ZFSONLINUX_REPLICATION_DOMAIN
  543. iniset $MANILA_CONF $BE driver_handles_share_servers False
  544. let "file_counter=file_counter+1"
  545. done
  546. # Install the server's SSH key in our known_hosts file
  547. eval STACK_HOME=~$STACK_USER
  548. ssh-keyscan ${MANILA_ZFSONLINUX_SERVICE_IP} >> $STACK_HOME/.ssh/known_hosts
  549. # If the server is this machine, setup trust for ourselves (otherwise you're on your own)
  550. if [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "127.0.0.1" ] || [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "localhost" ] ; then
  551. # Trust our own SSH keys
  552. eval SSH_USER_HOME=~$MANILA_ZFSONLINUX_SSH_USERNAME
  553. cat $STACK_HOME/.ssh/*.pub >> $SSH_USER_HOME/.ssh/authorized_keys
  554. # Give ssh user sudo access
  555. echo "$MANILA_ZFSONLINUX_SSH_USERNAME ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers > /dev/null
  556. iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_ZFSONLINUX_SERVICE_IP
  557. fi
  558. fi
  559. fi
  560. # Create cache dir
  561. sudo mkdir -p $MANILA_AUTH_CACHE_DIR
  562. sudo chown $STACK_USER $MANILA_AUTH_CACHE_DIR
  563. rm -f $MANILA_AUTH_CACHE_DIR/*
  564. }
  565. # check_nfs_kernel_service_state_ubuntu- Make sure nfsd is running
  566. function check_nfs_kernel_service_state_ubuntu {
  567. # (aovchinnikov): Workaround for nfs-utils bug 1052264
  568. if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  569. echo "Apparently nfsd is not running. Trying to fix that."
  570. sudo mkdir -p "/media/nfsdonubuntuhelper"
  571. # (aovchinnikov): shell wrapping is needed for cases when a file to be written
  572. # is owned by root.
  573. sudo sh -c "echo '/media/nfsdonubuntuhelper 127.0.0.1(ro)' >> /etc/exports"
  574. sudo service nfs-kernel-server start
  575. fi
  576. if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  577. echo "Failed to start nfsd. Exiting."
  578. exit 1
  579. fi
  580. }
  581. function _install_nfs_and_samba {
  582. if is_ubuntu; then
  583. install_package nfs-kernel-server nfs-common samba
  584. check_nfs_kernel_service_state_ubuntu
  585. elif is_fedora; then
  586. install_package nfs-utils samba
  587. sudo systemctl enable smb.service
  588. sudo systemctl start smb.service
  589. sudo systemctl enable nfs-server.service
  590. sudo systemctl start nfs-server.service
  591. elif is_suse; then
  592. install_package nfs-kernel-server nfs-utils samba
  593. else
  594. echo "This distro is not supported. Skipping step of NFS and Samba installation."
  595. fi
  596. }
  597. # install_manilaclient - Collect source and prepare
  598. # In order to install from git, add LIBS_FROM_GIT="python-manilaclient"
  599. # to local.conf
  600. function install_manilaclient {
  601. if use_library_from_git "python-manilaclient"; then
  602. git_clone $MANILACLIENT_REPO $MANILACLIENT_DIR $MANILACLIENT_BRANCH
  603. setup_develop $MANILACLIENT_DIR
  604. else
  605. pip_install python-manilaclient
  606. fi
  607. }
  608. # install_manila - Collect source and prepare
  609. function install_manila {
  610. setup_develop $MANILA_DIR
  611. if is_service_enabled m-shr; then
  612. if [[ ! $(systemctl is-active nfs-ganesha.service) == 'active' ]]; then
  613. _install_nfs_and_samba
  614. fi
  615. if [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  616. if [[ $(sudo zfs list &> /dev/null && sudo zpool list &> /dev/null || echo 'absent') == 'absent' ]]; then
  617. # ZFS not found, try to install it
  618. if is_ubuntu; then
  619. if [[ $(lsb_release -s -d) == *"14.04"* ]]; then
  620. # Trusty
  621. sudo apt-get install -y software-properties-common
  622. sudo apt-add-repository --yes ppa:zfs-native/stable
  623. # Workaround for bug #1609696
  624. sudo apt-mark hold grub*
  625. sudo apt-get -y -q update && sudo apt-get -y -q upgrade
  626. # Workaround for bug #1609696
  627. sudo apt-mark unhold grub*
  628. sudo apt-get install -y linux-headers-generic
  629. sudo apt-get install -y build-essential
  630. sudo apt-get install -y ubuntu-zfs
  631. elif [[ $(lsb_release -s -d) == *"16.04"* ]]; then
  632. # Xenial
  633. sudo apt-get install -y zfsutils-linux
  634. else
  635. echo "Only 'Trusty' and 'Xenial' releases of Ubuntu are supported."
  636. exit 1
  637. fi
  638. else
  639. echo "Manila Devstack plugin supports installation "\
  640. "of ZFS packages only for 'Ubuntu' distros. "\
  641. "Please, install it first by other means or add its support "\
  642. "for your distro."
  643. exit 1
  644. fi
  645. sudo modprobe zfs
  646. sudo modprobe zpool
  647. fi
  648. check_nfs_kernel_service_state_ubuntu
  649. elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  650. if is_ubuntu; then
  651. echo "Installing docker...."
  652. install_docker_ubuntu
  653. echo "Importing docker image"
  654. import_docker_service_image_ubuntu
  655. elif is_fedora; then
  656. echo "Installing docker...."
  657. install_docker_fedora
  658. echo "Importing docker image"
  659. # TODO(tbarron): See if using a fedora container image
  660. # is faster/smaller because of fewer extra dependencies.
  661. import_docker_service_image_ubuntu
  662. else
  663. echo "Manila Devstack plugin does not support Container Driver on"\
  664. " distros other than Ubuntu or Fedora."
  665. exit 1
  666. fi
  667. fi
  668. fi
  669. }
  670. #configure_samba - Configure node as Samba server
  671. function configure_samba {
  672. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  673. # TODO(vponomaryov): add here condition for ZFSonLinux driver too
  674. # when it starts to support SAMBA
  675. samba_daemon_name=smbd
  676. if is_service_enabled m-shr; then
  677. if is_fedora; then
  678. samba_daemon_name=smb
  679. fi
  680. sudo service $samba_daemon_name restart || echo "Couldn't restart '$samba_daemon_name' service"
  681. fi
  682. if [[ -e /usr/share/samba/smb.conf ]]; then
  683. sudo cp /usr/share/samba/smb.conf $SMB_CONF
  684. fi
  685. sudo chown $STACK_USER -R /etc/samba
  686. iniset $SMB_CONF global include registry
  687. iniset $SMB_CONF global security user
  688. if [ ! -d "$SMB_PRIVATE_DIR" ]; then
  689. sudo mkdir $SMB_PRIVATE_DIR
  690. sudo touch $SMB_PRIVATE_DIR/secrets.tdb
  691. fi
  692. for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  693. iniset $MANILA_CONF $backend_name driver_handles_share_servers False
  694. iniset $MANILA_CONF $backend_name lvm_share_export_ips $MANILA_LVM_SHARE_EXPORT_IPS
  695. done
  696. iniset $MANILA_CONF DEFAULT data_node_access_ip $HOST_IP
  697. fi
  698. }
  699. # start_manila_api - starts manila API services and checks its availability
  700. function start_manila_api {
  701. if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  702. install_apache_wsgi
  703. enable_apache_site manila-api
  704. restart_apache_server
  705. tail_log m-api /var/log/$APACHE_NAME/manila_api.log
  706. else
  707. run_process m-api "$MANILA_BIN_DIR/manila-api --config-file $MANILA_CONF"
  708. fi
  709. echo "Waiting for Manila API to start..."
  710. # This is a health check against the manila-api service we just started.
  711. # We use the port ($REAL_MANILA_SERVICE_PORT) here because we want to hit
  712. # the bare service endpoint, even if the tls tunnel should be enabled.
  713. # We're making sure that the internal port is checked using unencryted
  714. # traffic at this point.
  715. if ! wait_for_service $SERVICE_TIMEOUT $MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$REAL_MANILA_SERVICE_PORT; then
  716. die $LINENO "Manila API did not start"
  717. fi
  718. # Start proxies if enabled
  719. if is_service_enabled tls-proxy; then
  720. start_tls_proxy manila '*' $MANILA_SERVICE_PORT $MANILA_SERVICE_HOST $MANILA_SERVICE_PORT_INT
  721. fi
  722. }
  723. # start_rest_of_manila - starts non-api manila services
  724. function start_rest_of_manila {
  725. run_process m-shr "$MANILA_BIN_DIR/manila-share --config-file $MANILA_CONF"
  726. run_process m-sch "$MANILA_BIN_DIR/manila-scheduler --config-file $MANILA_CONF"
  727. run_process m-dat "$MANILA_BIN_DIR/manila-data --config-file $MANILA_CONF"
  728. }
  729. # start_manila - start all manila services. This function is kept for compatibility
  730. # reasons with old approach.
  731. function start_manila {
  732. start_manila_api
  733. start_rest_of_manila
  734. }
  735. # stop_manila - Stop running processes
  736. function stop_manila {
  737. # Disable manila api service
  738. if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  739. disable_apache_site manila-api
  740. restart_apache_server
  741. else
  742. stop_process m-api
  743. fi
  744. # Kill all other manila processes
  745. for serv in m-sch m-shr m-dat; do
  746. stop_process $serv
  747. done
  748. }
  749. function install_manila_tempest_plugin {
  750. MANILA_TEMPEST_PLUGIN_REPO=${MANILA_TEMPEST_PLUGIN_REPO:-${GIT_BASE}/openstack/manila-tempest-plugin.git}
  751. MANILA_TEMPEST_PLUGIN_BRANCH=${MANILA_TEMPEST_PLUGIN_BRANCH:-master}
  752. MANILA_TEMPEST_PLUGIN_DIR=$DEST/manila-tempest-plugin
  753. git_clone $MANILA_TEMPEST_PLUGIN_REPO $MANILA_TEMPEST_PLUGIN_DIR $MANILA_TEMPEST_PLUGIN_BRANCH
  754. setup_develop $MANILA_TEMPEST_PLUGIN_DIR
  755. }
  756. # update_tempest - Function used for updating Tempest config if Tempest service enabled
  757. function update_tempest {
  758. if is_service_enabled tempest; then
  759. if [[ "$(trueorfalse False MANILA_SETUP_IPV6)" == "True" ]]; then
  760. # The public network was created by us, so set it explicitly in
  761. # tempest.conf
  762. public_net_id=$(openstack network list --name $PUBLIC_NETWORK_NAME -f value -c ID )
  763. iniset $TEMPEST_CONFIG network public_network_id $public_net_id
  764. fi
  765. TEMPEST_CONFIG=${TEMPEST_CONFIG:-$TEMPEST_DIR/etc/tempest.conf}
  766. ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-"admin"}
  767. ADMIN_DOMAIN_NAME=${ADMIN_DOMAIN_NAME:-"Default"}
  768. ADMIN_PASSWORD=${ADMIN_PASSWORD:-"secretadmin"}
  769. if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  770. iniset $TEMPEST_CONFIG share image_password $MANILA_SERVICE_INSTANCE_PASSWORD
  771. fi
  772. iniset $TEMPEST_CONFIG share image_with_share_tools $MANILA_SERVICE_IMAGE_NAME
  773. iniset $TEMPEST_CONFIG auth admin_username ${ADMIN_USERNAME:-"admin"}
  774. iniset $TEMPEST_CONFIG auth admin_password ${ADMIN_PASSWORD:-"secretadmin"}
  775. iniset $TEMPEST_CONFIG auth admin_tenant_name $ADMIN_TENANT_NAME
  776. iniset $TEMPEST_CONFIG auth admin_domain_name $ADMIN_DOMAIN_NAME
  777. iniset $TEMPEST_CONFIG identity username ${TEMPEST_USERNAME:-"demo"}
  778. iniset $TEMPEST_CONFIG identity password $ADMIN_PASSWORD
  779. iniset $TEMPEST_CONFIG identity tenant_name ${TEMPEST_TENANT_NAME:-"demo"}
  780. iniset $TEMPEST_CONFIG identity domain_name $ADMIN_DOMAIN_NAME
  781. iniset $TEMPEST_CONFIG identity alt_username ${ALT_USERNAME:-"alt_demo"}
  782. iniset $TEMPEST_CONFIG identity alt_password $ADMIN_PASSWORD
  783. iniset $TEMPEST_CONFIG identity alt_tenant_name ${ALT_TENANT_NAME:-"alt_demo"}
  784. iniset $TEMPEST_CONFIG identity alt_domain_name $ADMIN_DOMAIN_NAME
  785. fi
  786. }
  787. function install_docker_ubuntu {
  788. sudo apt-get update
  789. install_package apparmor
  790. install_package docker.io
  791. }
  792. function install_docker_fedora {
  793. sudo yum install -y docker
  794. sudo systemctl enable docker
  795. sudo systemctl start docker
  796. }
  797. function download_image {
  798. local image_url=$1
  799. local image image_fname
  800. image_fname=`basename "$image_url"`
  801. if [[ $image_url != file* ]]; then
  802. # Downloads the image (uec ami+akistyle), then extracts it.
  803. if [[ ! -f $FILES/$image_fname || "$(stat -c "%s" $FILES/$image_fname)" = "0" ]]; then
  804. wget --progress=dot:giga -c $image_url -O $FILES/$image_fname
  805. if [[ $? -ne 0 ]]; then
  806. echo "Not found: $image_url"
  807. return
  808. fi
  809. fi
  810. image="$FILES/${image_fname}"
  811. else
  812. # File based URL (RFC 1738): ``file://host/path``
  813. # Remote files are not considered here.
  814. # unix: ``file:///home/user/path/file``
  815. # windows: ``file:///C:/Documents%20and%20Settings/user/path/file``
  816. image=$(echo $image_url | sed "s/^file:\/\///g")
  817. if [[ ! -f $image || "$(stat -c "%s" $image)" == "0" ]]; then
  818. echo "Not found: $image_url"
  819. return
  820. fi
  821. fi
  822. }
  823. function import_docker_service_image_ubuntu {
  824. GZIPPED_IMG_NAME=`basename "$MANILA_DOCKER_IMAGE_URL"`
  825. IMG_NAME_LOAD=${GZIPPED_IMG_NAME%.*}
  826. LOCAL_IMG_NAME=${IMG_NAME_LOAD%.*}
  827. if [[ "$(sudo docker images -q $LOCAL_IMG_NAME)" == "" ]]; then
  828. download_image $MANILA_DOCKER_IMAGE_URL
  829. # Import image in Docker
  830. gzip -d $FILES/$GZIPPED_IMG_NAME
  831. sudo docker load --input $FILES/$IMG_NAME_LOAD
  832. fi
  833. }
  834. function remove_docker_service_image {
  835. sudo docker rmi $MANILA_DOCKER_IMAGE_ALIAS
  836. }
  837. function install_libraries {
  838. if [ $(trueorfalse False MANILA_MULTI_BACKEND) == True ]; then
  839. if [ $(trueorfalse True RUN_MANILA_HOST_ASSISTED_MIGRATION_TESTS) == True ]; then
  840. if is_ubuntu; then
  841. install_package nfs-common
  842. else
  843. install_package nfs-utils
  844. fi
  845. fi
  846. fi
  847. }
  848. function allow_host_ports_for_share_mounting {
  849. if [[ $MANILA_ENABLED_SHARE_PROTOCOLS =~ NFS ]]; then
  850. # 111 and 2049 are for rpcbind and NFS
  851. # Other ports are for NFSv3 statd, mountd and lockd daemons
  852. MANILA_TCP_PORTS=(2049 111 32803 892 875 662)
  853. MANILA_UDP_PORTS=(111 32769 892 875 662)
  854. fi
  855. if [[ $MANILA_ENABLED_SHARE_PROTOCOLS =~ CEPHFS ]]; then
  856. # clients need access to the ceph daemons
  857. MANILA_TCP_PORTS=(${MANILA_TCP_PORTS[*]} 6789 6800:7300)
  858. fi
  859. if [[ -v MANILA_TCP_PORTS || -v MANILA_UDP_PORTS ]]; then
  860. for ipcmd in iptables ip6tables; do
  861. sudo $ipcmd -N manila-storage
  862. sudo $ipcmd -I INPUT 1 -j manila-storage
  863. for port in ${MANILA_TCP_PORTS[*]}; do
  864. sudo $ipcmd -A manila-storage -m tcp -p tcp --dport $port -j ACCEPT
  865. done
  866. for port in ${MANILA_UDP_PORTS[*]}; do
  867. sudo $ipcmd -A manila-storage -m udp -p udp --dport $port -j ACCEPT
  868. done
  869. done
  870. fi
  871. }
  872. function setup_ipv6 {
  873. # This will fail with multiple default routes and is not needed in CI
  874. # but may be useful when developing with devstack locally
  875. if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
  876. # save IPv6 default route to add back later after enabling forwarding
  877. local default_route=$(ip -6 route | grep default | cut -d ' ' -f1,2,3,4,5)
  878. fi
  879. # make sure those system values are set
  880. sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=0
  881. sudo sysctl -w net.ipv6.conf.all.accept_ra=2
  882. sudo sysctl -w net.ipv6.conf.all.forwarding=1
  883. # Disable in-band as our communication is only internal
  884. sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE other_config:disable-in-band=true
  885. # Create address scopes and subnet pools
  886. neutron address-scope-create --shared scope-v4 4
  887. neutron address-scope-create --shared scope-v6 6
  888. openstack subnet pool create $SUBNETPOOL_NAME_V4 --default-prefix-length $SUBNETPOOL_SIZE_V4 --pool-prefix $SUBNETPOOL_PREFIX_V4 --address-scope scope-v4 --default --share
  889. openstack subnet pool create $SUBNETPOOL_NAME_V6 --default-prefix-length $SUBNETPOOL_SIZE_V6 --pool-prefix $SUBNETPOOL_PREFIX_V6 --address-scope scope-v6 --default --share
  890. # Create example private network and router
  891. openstack router create $Q_ROUTER_NAME
  892. openstack network create $PRIVATE_NETWORK_NAME
  893. openstack subnet create --ip-version 6 --use-default-subnet-pool --ipv6-address-mode $IPV6_ADDRESS_MODE --ipv6-ra-mode $IPV6_RA_MODE --network $PRIVATE_NETWORK_NAME $IPV6_PRIVATE_SUBNET_NAME
  894. openstack subnet create --ip-version 4 --use-default-subnet-pool --network $PRIVATE_NETWORK_NAME $PRIVATE_SUBNET_NAME
  895. openstack router add subnet $Q_ROUTER_NAME $IPV6_PRIVATE_SUBNET_NAME
  896. openstack router add subnet $Q_ROUTER_NAME $PRIVATE_SUBNET_NAME
  897. # Create public network
  898. openstack network create $PUBLIC_NETWORK_NAME --external --default --provider-network-type flat --provider-physical-network $PUBLIC_PHYSICAL_NETWORK
  899. local public_gateway_ipv6=$(openstack subnet create $IPV6_PUBLIC_SUBNET_NAME --ip-version 6 --network $PUBLIC_NETWORK_NAME --subnet-pool $SUBNETPOOL_NAME_V6 --no-dhcp -c gateway_ip -f value)
  900. local public_gateway_ipv4=$(openstack subnet create $PUBLIC_SUBNET_NAME --ip-version 4 --network $PUBLIC_NETWORK_NAME --subnet-range $FLOATING_RANGE --no-dhcp -c gateway_ip -f value)
  901. # Set router to use public network
  902. openstack router set --external-gateway $PUBLIC_NETWORK_NAME $Q_ROUTER_NAME
  903. # Configure interfaces due to NEUTRON_CREATE_INITIAL_NETWORKS=False
  904. local ipv4_cidr_len=${FLOATING_RANGE#*/}
  905. sudo ip -6 addr add "$public_gateway_ipv6"/$SUBNETPOOL_SIZE_V6 dev $PUBLIC_BRIDGE
  906. sudo ip addr add $PUBLIC_NETWORK_GATEWAY/"$ipv4_cidr_len" dev $PUBLIC_BRIDGE
  907. # Enabling interface is needed due to NEUTRON_CREATE_INITIAL_NETWORKS=False
  908. sudo ip link set $PUBLIC_BRIDGE up
  909. if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  910. for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  911. iniset $MANILA_CONF $backend_name lvm_share_export_ips $public_gateway_ipv4,$public_gateway_ipv6
  912. done
  913. iniset $MANILA_CONF DEFAULT data_node_access_ip $public_gateway_ipv4
  914. fi
  915. # install Quagga for setting up the host routes dynamically
  916. install_package quagga
  917. # set Quagga daemons
  918. (
  919. echo "zebra=yes"
  920. echo "bgpd=yes"
  921. echo "ospfd=no"
  922. echo "ospf6d=no"
  923. echo "ripd=no"
  924. echo "ripngd=no"
  925. echo "isisd=no"
  926. echo "babeld=no"
  927. ) | sudo tee /etc/quagga/daemons > /dev/null
  928. # set Quagga zebra.conf
  929. (
  930. echo "hostname dsvm"
  931. echo "password openstack"
  932. echo "log file /var/log/quagga/zebra.log"
  933. ) | sudo tee /etc/quagga/zebra.conf > /dev/null
  934. # set Quagga bgpd.conf
  935. (
  936. echo "log file /var/log/quagga/bgpd.log"
  937. echo "bgp multiple-instance"
  938. echo "router bgp 200"
  939. echo " bgp router-id 1.2.3.4"
  940. echo " neighbor ::1 remote-as 100"
  941. echo " neighbor ::1 passive"
  942. echo " address-family ipv6"
  943. echo " neighbor ::1 activate"
  944. echo "line vty"
  945. echo "debug bgp events"
  946. echo "debug bgp filters"
  947. echo "debug bgp fsm"
  948. echo "debug bgp keepalives"
  949. echo "debug bgp updates"
  950. ) | sudo tee /etc/quagga/bgpd.conf > /dev/null
  951. if is_ubuntu; then
  952. sudo systemctl enable quagga
  953. sudo systemctl restart quagga
  954. else
  955. # Disable SELinux rule that conflicts with Zebra
  956. sudo setsebool -P zebra_write_config 1
  957. sudo systemctl enable zebra
  958. sudo systemctl enable bgpd
  959. sudo systemctl restart zebra
  960. sudo systemctl restart bgpd
  961. fi
  962. # This will fail with mutltiple default routes and is not needed in CI
  963. # but may be useful when developing with devstack locally
  964. if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
  965. # add default IPv6 route back
  966. if ! [[ -z $default_route ]]; then
  967. sudo ip -6 route add $default_route
  968. fi
  969. fi
  970. }
  971. function setup_bgp_for_ipv6 {
  972. neutron bgp-speaker-create --ip-version 6 --local-as 100 bgpspeaker
  973. neutron bgp-speaker-network-add bgpspeaker $PUBLIC_NETWORK_NAME
  974. neutron bgp-peer-create --peer-ip ::1 --remote-as 200 bgppeer
  975. neutron bgp-speaker-peer-add bgpspeaker bgppeer
  976. }
  977. # Main dispatcher
  978. if [[ "$1" == "stack" && "$2" == "install" ]]; then
  979. echo_summary "Installing Manila Client"
  980. install_manilaclient
  981. echo_summary "Installing Manila"
  982. install_manila
  983. set_cinder_quotas
  984. elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
  985. echo_summary "Configuring Manila"
  986. configure_manila
  987. echo_summary "Initializing Manila"
  988. init_manila
  989. echo_summary "Installing extra libraries"
  990. install_libraries
  991. echo_summary "Creating Manila entities for auth service"
  992. create_manila_accounts
  993. # Cinder config update
  994. if is_service_enabled cinder && [[ -n "$CINDER_OVERSUBSCRIPTION_RATIO" ]]; then
  995. CINDER_CONF=${CINDER_CONF:-/etc/cinder/cinder.conf}
  996. CINDER_ENABLED_BACKENDS=$(iniget $CINDER_CONF DEFAULT enabled_backends)
  997. for BN in ${CINDER_ENABLED_BACKENDS//,/ }; do
  998. iniset $CINDER_CONF $BN lvm_max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
  999. done
  1000. iniset $CINDER_CONF DEFAULT max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
  1001. fi
  1002. elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
  1003. if is_service_enabled nova; then
  1004. echo_summary "Creating Manila service flavor"
  1005. create_manila_service_flavor
  1006. echo_summary "Creating Manila service security group"
  1007. create_manila_service_secgroup
  1008. fi
  1009. # Skip image downloads when disabled.
  1010. # This way vendor Manila driver CI tests can skip
  1011. # this potentially long and unnecessary download.
  1012. if [ "$MANILA_SERVICE_IMAGE_ENABLED" = "True" ]; then
  1013. echo_summary "Creating Manila service image"
  1014. create_manila_service_image
  1015. else
  1016. echo_summary "Skipping download of Manila service image"
  1017. fi
  1018. if is_service_enabled nova; then
  1019. echo_summary "Creating Manila service keypair"
  1020. create_manila_service_keypair
  1021. fi
  1022. echo_summary "Configure Samba server"
  1023. configure_samba
  1024. echo_summary "Configuring IPv6"
  1025. if [ $(trueorfalse False MANILA_SETUP_IPV6) == True ]; then
  1026. setup_ipv6
  1027. fi
  1028. echo_summary "Starting Manila API"
  1029. start_manila_api
  1030. # Workaround for bug #1660304
  1031. if [ "$SHARE_DRIVER" != "manila.share.drivers.generic.GenericShareDriver" ]; then
  1032. echo_summary "Starting rest of Manila services - scheduler, share and data"
  1033. start_rest_of_manila
  1034. fi
  1035. echo_summary "Creating Manila default share type"
  1036. create_default_share_type
  1037. echo_summary "Creating Manila default share group type"
  1038. create_default_share_group_type
  1039. echo_summary "Creating Manila custom share types"
  1040. create_custom_share_types
  1041. echo_summary "Manila UI is no longer enabled by default. \
  1042. Add enable_plugin manila-ui github.com/openstack/manila-ui \
  1043. to your local.conf file to enable Manila UI"
  1044. elif [[ "$1" == "stack" && "$2" == "test-config" ]]; then
  1045. ###########################################################################
  1046. # NOTE(vponomaryov): Workaround for bug #1660304
  1047. # We are able to create Nova VMs now only when last Nova step is performed
  1048. # which is registration of cell0. It is registered as last action in
  1049. # "post-extra" section.
  1050. if is_service_enabled nova; then
  1051. echo_summary "Creating Manila service VMs for generic driver \
  1052. backends for which handlng of share servers is disabled."
  1053. create_service_share_servers
  1054. fi
  1055. if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
  1056. echo_summary "Starting rest of Manila services - scheduler, share and data"
  1057. start_rest_of_manila
  1058. fi
  1059. ###########################################################################
  1060. if [ $(trueorfalse False MANILA_INSTALL_TEMPEST_PLUGIN_SYSTEMWIDE) == True ]; then
  1061. echo_summary "Fetching and installing manila-tempest-plugin system-wide"
  1062. install_manila_tempest_plugin
  1063. export DEPRECATED_TEXT="$DEPRECATED_TEXT\nInstalling
  1064. manila-tempest-plugin can be done with the help of its own DevStack
  1065. plugin by adding: \n\n\t'enable_plugin manila-tempest-plugin
  1066. https://opendev.org/openstack/manila-tempest-plugin'.\n\nManila's
  1067. DevStack plugin will stop installing it automatically."
  1068. fi
  1069. echo_summary "Update Tempest config"
  1070. update_tempest
  1071. if [[ "$(trueorfalse False MANILA_ALLOW_NAS_SERVER_PORTS_ON_HOST)" == "True" ]]; then
  1072. echo_summary "Allowing IPv4 and IPv6 access to NAS ports on the host"
  1073. allow_host_ports_for_share_mounting
  1074. fi
  1075. if [[ "$(trueorfalse False MANILA_SETUP_IPV6)" == "True" ]]; then
  1076. # Now that all plugins are loaded, setup BGP
  1077. echo_summary "Setting up BGP speaker to advertise routes to project networks"
  1078. setup_bgp_for_ipv6
  1079. fi
  1080. fi
  1081. if [[ "$1" == "unstack" ]]; then
  1082. cleanup_manila
  1083. fi
  1084. if [[ "$1" == "clean" ]]; then
  1085. cleanup_manila
  1086. sudo rm -rf /etc/manila
  1087. fi
  1088. # Restore xtrace
  1089. $XTRACE