From 3f34fc4d287fcd2ed7a1be9e116c85a8d336b19e Mon Sep 17 00:00:00 2001
From: Ryan Brady <rbrady@redhat.com>
Date: Wed, 8 Jan 2014 10:25:51 -0500
Subject: [PATCH] Updates cinder element

The previous cinder element was lacking a notty file and didn't
open the required ports in iptables.  This patch also allows a
developer to install the minimum required components for a
single cinder instance or (n) cinder-volume nodes.

This update results in 3 elements
cinder        : common cinder element
cinder-api    : installs the cinder api and scheduler
cinder-volume : installs the cinder volume service

Change-Id: I1ed9f67848be5716135085b6eaebc1f381ad83f9
---
 elements/cinder-api/README.md                 |  1 +
 elements/cinder-api/element-deps              |  4 +++
 elements/cinder-api/install.d/73-cinder-api   |  5 ++++
 .../post-configure.d/73-cinder-api}           |  5 +---
 elements/cinder-volume/README.md              |  1 +
 elements/cinder-volume/element-deps           |  4 +++
 .../cinder-volume/install.d/74-cinder-volume  |  4 +++
 .../post-configure.d/74-cinder-volume         |  5 ++++
 elements/cinder/README.md                     |  2 +-
 elements/cinder/install.d/72-cinder           |  8 ++---
 .../etc/cinder/cinder.conf                    |  8 +----
 .../pre-configure.d/97-cinder-fedora-iptables | 29 +++++++++++++++++++
 .../00-cinder-disable-requiretty              |  8 +++++
 13 files changed, 66 insertions(+), 18 deletions(-)
 create mode 100644 elements/cinder-api/README.md
 create mode 100644 elements/cinder-api/element-deps
 create mode 100755 elements/cinder-api/install.d/73-cinder-api
 rename elements/{cinder/os-refresh-config/post-configure.d/72-cinder => cinder-api/os-refresh-config/post-configure.d/73-cinder-api} (62%)
 create mode 100644 elements/cinder-volume/README.md
 create mode 100644 elements/cinder-volume/element-deps
 create mode 100755 elements/cinder-volume/install.d/74-cinder-volume
 create mode 100755 elements/cinder-volume/os-refresh-config/post-configure.d/74-cinder-volume
 rename elements/cinder/{os-config-applier => os-apply-config}/etc/cinder/cinder.conf (87%)
 create mode 100755 elements/cinder/os-refresh-config/pre-configure.d/97-cinder-fedora-iptables
 create mode 100755 elements/cinder/pre-install.d/00-cinder-disable-requiretty

diff --git a/elements/cinder-api/README.md b/elements/cinder-api/README.md
new file mode 100644
index 000000000..918f1c8d4
--- /dev/null
+++ b/elements/cinder-api/README.md
@@ -0,0 +1 @@
+Installs cinder api and scheduler services.
diff --git a/elements/cinder-api/element-deps b/elements/cinder-api/element-deps
new file mode 100644
index 000000000..9a0768b4d
--- /dev/null
+++ b/elements/cinder-api/element-deps
@@ -0,0 +1,4 @@
+os-svc-install
+os-refresh-config
+source-repositories
+use-ephemeral
diff --git a/elements/cinder-api/install.d/73-cinder-api b/elements/cinder-api/install.d/73-cinder-api
new file mode 100755
index 000000000..27de10f8a
--- /dev/null
+++ b/elements/cinder-api/install.d/73-cinder-api
@@ -0,0 +1,5 @@
+#!/bin/bash
+set -eux
+
+os-svc-daemon cinder-api cinder cinder-api "--config-dir /etc/cinder"
+os-svc-daemon cinder-scheduler cinder cinder-scheduler "--config-dir /etc/cinder"
diff --git a/elements/cinder/os-refresh-config/post-configure.d/72-cinder b/elements/cinder-api/os-refresh-config/post-configure.d/73-cinder-api
similarity index 62%
rename from elements/cinder/os-refresh-config/post-configure.d/72-cinder
rename to elements/cinder-api/os-refresh-config/post-configure.d/73-cinder-api
index 384a552aa..5f67990cc 100755
--- a/elements/cinder/os-refresh-config/post-configure.d/72-cinder
+++ b/elements/cinder-api/os-refresh-config/post-configure.d/73-cinder-api
@@ -4,9 +4,6 @@ set -eu
 /opt/stack/venvs/cinder/bin/cinder-manage db sync
 
 os-svc-enable -n cinder-api
-os-svc-enable -n cinder-volume
 os-svc-enable -n cinder-scheduler
-
 service cinder-api restart
-service cinder-volume restart
-service cinder-scheduler restart
+service cinder-scheduler restart
\ No newline at end of file
diff --git a/elements/cinder-volume/README.md b/elements/cinder-volume/README.md
new file mode 100644
index 000000000..ca20e3858
--- /dev/null
+++ b/elements/cinder-volume/README.md
@@ -0,0 +1 @@
+Installs cinder volume service.
diff --git a/elements/cinder-volume/element-deps b/elements/cinder-volume/element-deps
new file mode 100644
index 000000000..9a0768b4d
--- /dev/null
+++ b/elements/cinder-volume/element-deps
@@ -0,0 +1,4 @@
+os-svc-install
+os-refresh-config
+source-repositories
+use-ephemeral
diff --git a/elements/cinder-volume/install.d/74-cinder-volume b/elements/cinder-volume/install.d/74-cinder-volume
new file mode 100755
index 000000000..98dc4cafc
--- /dev/null
+++ b/elements/cinder-volume/install.d/74-cinder-volume
@@ -0,0 +1,4 @@
+#!/bin/bash
+set -eux
+
+os-svc-daemon cinder-volume cinder cinder-volume "--config-dir /etc/cinder"
\ No newline at end of file
diff --git a/elements/cinder-volume/os-refresh-config/post-configure.d/74-cinder-volume b/elements/cinder-volume/os-refresh-config/post-configure.d/74-cinder-volume
new file mode 100755
index 000000000..8f9da72f3
--- /dev/null
+++ b/elements/cinder-volume/os-refresh-config/post-configure.d/74-cinder-volume
@@ -0,0 +1,5 @@
+#!/bin/bash
+set -eu
+
+os-svc-enable -n cinder-volume
+service cinder-volume restart
\ No newline at end of file
diff --git a/elements/cinder/README.md b/elements/cinder/README.md
index 538a9f299..b04fc5a07 100644
--- a/elements/cinder/README.md
+++ b/elements/cinder/README.md
@@ -7,4 +7,4 @@ cinder:
   verbose: False
     - Print more verbose output (set logging level to INFO instead of default WARNING level).
   debug: False
-    - Print debugging output (set logging level to DEBUG instead of default WARNING level).
+    - Print debugging output (set logging level to DEBUG instead of default WARNING level).
\ No newline at end of file
diff --git a/elements/cinder/install.d/72-cinder b/elements/cinder/install.d/72-cinder
index 77102b69e..af6d9647d 100755
--- a/elements/cinder/install.d/72-cinder
+++ b/elements/cinder/install.d/72-cinder
@@ -5,9 +5,6 @@ install-packages lvm2 libssl-dev tgt
 echo "qpid-python" | tee -a /opt/stack/cinder/requirements.txt
 os-svc-install -n cinder -u cinder -r /opt/stack/cinder -c cinder-all
 
-os-svc-daemon cinder-api cinder cinder-api "--config-dir /etc/cinder"
-os-svc-daemon cinder-volume cinder cinder-volume "--config-dir /etc/cinder"
-os-svc-daemon cinder-scheduler cinder cinder-scheduler "--config-dir /etc/cinder"
 mkdir -p /etc/tgt/conf.d
 install -d -o root -g cinder -m 0770 /var/lib/cinder/volumes
 register-state-path /var/lib/cinder
@@ -15,12 +12,11 @@ echo 'include /etc/tgt/conf.d/cinder_tgt.conf' > /etc/tgt/targets.conf
 echo 'include /mnt/state/var/lib/cinder/volumes/*' > /etc/tgt/conf.d/cinder_tgt.conf
 
 cp -a /opt/stack/cinder/etc/cinder/rootwrap* /etc/cinder
-
-ln -sf /opt/stack/venvs/cinder/bin/cinder-rootwrap /usr/local/bin/cinder-rootwrap
-
 cp /opt/stack/cinder/etc/cinder/api-paste.ini /etc/cinder/api-paste.ini
 cp /opt/stack/cinder/etc/cinder/policy.json /etc/cinder/policy.json
 
+ln -sf /opt/stack/venvs/cinder/bin/cinder-rootwrap /usr/local/bin/cinder-rootwrap
+
 echo "cinder ALL=(root) NOPASSWD: /usr/local/bin/cinder-rootwrap" > /etc/sudoers.d/cinder
 chmod 0440 /etc/sudoers.d/cinder
 visudo -c
diff --git a/elements/cinder/os-config-applier/etc/cinder/cinder.conf b/elements/cinder/os-apply-config/etc/cinder/cinder.conf
similarity index 87%
rename from elements/cinder/os-config-applier/etc/cinder/cinder.conf
rename to elements/cinder/os-apply-config/etc/cinder/cinder.conf
index 7be1e2981..8a974471e 100644
--- a/elements/cinder/os-config-applier/etc/cinder/cinder.conf
+++ b/elements/cinder/os-apply-config/etc/cinder/cinder.conf
@@ -1,5 +1,6 @@
 [DEFAULT]
 
+# allow metadata to override verbose and debug configuration
 {{#cinder.verbose}}
 # Print more verbose output (set logging level to INFO instead
 # of default WARNING level). (boolean value)
@@ -12,13 +13,8 @@ debug={{cinder.debug}}
 {{/cinder.debug}}
 
 state_path = /mnt/state/var/lib/cinder
-
-rootwrap_config=/etc/cinder/rootwrap.conf
 api_paste_config = /etc/cinder/api-paste.ini
 
-iscsi_helper=tgtadm
-volume_name_template = volume-%s
-volume_group = cinder-volumes
 auth_strategy = keystone
 
 sql_connection={{cinder.db}}
@@ -48,8 +44,6 @@ service_protocol = http
 service_host = {{keystone.host}}
 service_port = 5000
 auth_host = {{keystone.host}}
-auth_port = 35357
-auth_protocol = http
 admin_tenant_name = service
 admin_user = cinder
 admin_password = {{cinder.service-password}}
diff --git a/elements/cinder/os-refresh-config/pre-configure.d/97-cinder-fedora-iptables b/elements/cinder/os-refresh-config/pre-configure.d/97-cinder-fedora-iptables
new file mode 100755
index 000000000..2da32b86a
--- /dev/null
+++ b/elements/cinder/os-refresh-config/pre-configure.d/97-cinder-fedora-iptables
@@ -0,0 +1,29 @@
+#!/bin/bash
+set -eu
+
+OK=/var/run/cinder/fedora-iptables.ok
+
+if [ -e $OK ] ; then
+    exit 0
+fi
+
+DISTRO=`lsb_release -si` || true
+
+if [[ "Fedora" = $DISTRO ]]; then
+
+    # Check if the iptables service is active
+    if systemctl is-active iptables.service ; then
+        IPT_FILE=/etc/sysconfig/iptables
+        if [ -f $IPT_FILE ]; then
+            iptables-restore < $IPT_FILE
+        fi
+
+        # Openstack services
+        iptables -I INPUT -p tcp -m multiport --dports 3260, 8776 -j ACCEPT
+
+        iptables-save > $IPT_FILE
+    fi
+
+fi
+
+touch $OK
diff --git a/elements/cinder/pre-install.d/00-cinder-disable-requiretty b/elements/cinder/pre-install.d/00-cinder-disable-requiretty
new file mode 100755
index 000000000..24f4ec694
--- /dev/null
+++ b/elements/cinder/pre-install.d/00-cinder-disable-requiretty
@@ -0,0 +1,8 @@
+#!/bin/bash
+set -e
+
+if [ -d /etc/sudoers.d ]; then
+    echo "Defaults:cinder !requiretty" > /etc/sudoers.d/cinder-notty
+    chmod 0440 /etc/sudoers.d/cinder-notty
+    visudo -c
+fi