Retire Tripleo: remove repo content
TripleO project is retiring - https://review.opendev.org/c/openstack/governance/+/905145 this commit remove the content of this project repo Change-Id: Ic209179b0be9c3746a702ccea2dd35e883e78bee
This commit is contained in:
parent
2ce67c3dbb
commit
a43311b7ef
24
.gitignore
vendored
24
.gitignore
vendored
@ -1,24 +0,0 @@
|
||||
*.pyc
|
||||
*.qcow2
|
||||
elements/seed-stack-config/local.json
|
||||
|
||||
# Unit test / coverage reports
|
||||
.stestr
|
||||
.tox
|
||||
.venv
|
||||
|
||||
# Packages
|
||||
*.egg-info
|
||||
dist
|
||||
build
|
||||
|
||||
# pbr generates these
|
||||
AUTHORS
|
||||
ChangeLog
|
||||
|
||||
# Editors
|
||||
*.sw?
|
||||
*~
|
||||
|
||||
# Files created by releasenotes build
|
||||
releasenotes/build
|
@ -1,3 +0,0 @@
|
||||
[DEFAULT]
|
||||
test_path=./tests/
|
||||
top_dir=./
|
24
HACKING.rst
24
HACKING.rst
@ -1,24 +0,0 @@
|
||||
TripleO Style Guidelines
|
||||
========================
|
||||
|
||||
- Step 1: Read the OpenStack Style Guidelines [1]_.
|
||||
- Step 2: Read the tripleo-incubator HACKING.rst [2]_.
|
||||
- Step 3: Read on.
|
||||
|
||||
Element Specific Guidelines
|
||||
---------------------------
|
||||
|
||||
- Idempotency. A new version of metadata can be pushed at any time, for example
|
||||
due to a `heat stack-update`. Elements' os-refresh-config scripts must handle
|
||||
this gracefully. If they cannot be fully idempotent, they must fence their
|
||||
once-only sections.
|
||||
|
||||
For example, the keepalived element's configure.d script either reloads or
|
||||
restarts the service based on whether it appears to be already running.
|
||||
Another method of fencing would be to write a marker to ephemeral storage on
|
||||
first execution and skip once-only sections if the marker is present.
|
||||
|
||||
References
|
||||
----------
|
||||
.. [1] https://docs.openstack.org/hacking/latest/
|
||||
.. [2] http://docs.openstack.org/developer/tripleo-incubator/HACKING.html
|
202
LICENSE
202
LICENSE
@ -1,202 +0,0 @@
|
||||
|
||||
Apache License
|
||||
Version 2.0, January 2004
|
||||
http://www.apache.org/licenses/
|
||||
|
||||
TERMS AND CONDITIONS FOR USE, REPRODUCTION, AND DISTRIBUTION
|
||||
|
||||
1. Definitions.
|
||||
|
||||
"License" shall mean the terms and conditions for use, reproduction,
|
||||
and distribution as defined by Sections 1 through 9 of this document.
|
||||
|
||||
"Licensor" shall mean the copyright owner or entity authorized by
|
||||
the copyright owner that is granting the License.
|
||||
|
||||
"Legal Entity" shall mean the union of the acting entity and all
|
||||
other entities that control, are controlled by, or are under common
|
||||
control with that entity. For the purposes of this definition,
|
||||
"control" means (i) the power, direct or indirect, to cause the
|
||||
direction or management of such entity, whether by contract or
|
||||
otherwise, or (ii) ownership of fifty percent (50%) or more of the
|
||||
outstanding shares, or (iii) beneficial ownership of such entity.
|
||||
|
||||
"You" (or "Your") shall mean an individual or Legal Entity
|
||||
exercising permissions granted by this License.
|
||||
|
||||
"Source" form shall mean the preferred form for making modifications,
|
||||
including but not limited to software source code, documentation
|
||||
source, and configuration files.
|
||||
|
||||
"Object" form shall mean any form resulting from mechanical
|
||||
transformation or translation of a Source form, including but
|
||||
not limited to compiled object code, generated documentation,
|
||||
and conversions to other media types.
|
||||
|
||||
"Work" shall mean the work of authorship, whether in Source or
|
||||
Object form, made available under the License, as indicated by a
|
||||
copyright notice that is included in or attached to the work
|
||||
(an example is provided in the Appendix below).
|
||||
|
||||
"Derivative Works" shall mean any work, whether in Source or Object
|
||||
form, that is based on (or derived from) the Work and for which the
|
||||
editorial revisions, annotations, elaborations, or other modifications
|
||||
represent, as a whole, an original work of authorship. For the purposes
|
||||
of this License, Derivative Works shall not include works that remain
|
||||
separable from, or merely link (or bind by name) to the interfaces of,
|
||||
the Work and Derivative Works thereof.
|
||||
|
||||
"Contribution" shall mean any work of authorship, including
|
||||
the original version of the Work and any modifications or additions
|
||||
to that Work or Derivative Works thereof, that is intentionally
|
||||
submitted to Licensor for inclusion in the Work by the copyright owner
|
||||
or by an individual or Legal Entity authorized to submit on behalf of
|
||||
the copyright owner. For the purposes of this definition, "submitted"
|
||||
means any form of electronic, verbal, or written communication sent
|
||||
to the Licensor or its representatives, including but not limited to
|
||||
communication on electronic mailing lists, source code control systems,
|
||||
and issue tracking systems that are managed by, or on behalf of, the
|
||||
Licensor for the purpose of discussing and improving the Work, but
|
||||
excluding communication that is conspicuously marked or otherwise
|
||||
designated in writing by the copyright owner as "Not a Contribution."
|
||||
|
||||
"Contributor" shall mean Licensor and any individual or Legal Entity
|
||||
on behalf of whom a Contribution has been received by Licensor and
|
||||
subsequently incorporated within the Work.
|
||||
|
||||
2. Grant of Copyright License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
copyright license to reproduce, prepare Derivative Works of,
|
||||
publicly display, publicly perform, sublicense, and distribute the
|
||||
Work and such Derivative Works in Source or Object form.
|
||||
|
||||
3. Grant of Patent License. Subject to the terms and conditions of
|
||||
this License, each Contributor hereby grants to You a perpetual,
|
||||
worldwide, non-exclusive, no-charge, royalty-free, irrevocable
|
||||
(except as stated in this section) patent license to make, have made,
|
||||
use, offer to sell, sell, import, and otherwise transfer the Work,
|
||||
where such license applies only to those patent claims licensable
|
||||
by such Contributor that are necessarily infringed by their
|
||||
Contribution(s) alone or by combination of their Contribution(s)
|
||||
with the Work to which such Contribution(s) was submitted. If You
|
||||
institute patent litigation against any entity (including a
|
||||
cross-claim or counterclaim in a lawsuit) alleging that the Work
|
||||
or a Contribution incorporated within the Work constitutes direct
|
||||
or contributory patent infringement, then any patent licenses
|
||||
granted to You under this License for that Work shall terminate
|
||||
as of the date such litigation is filed.
|
||||
|
||||
4. Redistribution. You may reproduce and distribute copies of the
|
||||
Work or Derivative Works thereof in any medium, with or without
|
||||
modifications, and in Source or Object form, provided that You
|
||||
meet the following conditions:
|
||||
|
||||
(a) You must give any other recipients of the Work or
|
||||
Derivative Works a copy of this License; and
|
||||
|
||||
(b) You must cause any modified files to carry prominent notices
|
||||
stating that You changed the files; and
|
||||
|
||||
(c) You must retain, in the Source form of any Derivative Works
|
||||
that You distribute, all copyright, patent, trademark, and
|
||||
attribution notices from the Source form of the Work,
|
||||
excluding those notices that do not pertain to any part of
|
||||
the Derivative Works; and
|
||||
|
||||
(d) If the Work includes a "NOTICE" text file as part of its
|
||||
distribution, then any Derivative Works that You distribute must
|
||||
include a readable copy of the attribution notices contained
|
||||
within such NOTICE file, excluding those notices that do not
|
||||
pertain to any part of the Derivative Works, in at least one
|
||||
of the following places: within a NOTICE text file distributed
|
||||
as part of the Derivative Works; within the Source form or
|
||||
documentation, if provided along with the Derivative Works; or,
|
||||
within a display generated by the Derivative Works, if and
|
||||
wherever such third-party notices normally appear. The contents
|
||||
of the NOTICE file are for informational purposes only and
|
||||
do not modify the License. You may add Your own attribution
|
||||
notices within Derivative Works that You distribute, alongside
|
||||
or as an addendum to the NOTICE text from the Work, provided
|
||||
that such additional attribution notices cannot be construed
|
||||
as modifying the License.
|
||||
|
||||
You may add Your own copyright statement to Your modifications and
|
||||
may provide additional or different license terms and conditions
|
||||
for use, reproduction, or distribution of Your modifications, or
|
||||
for any such Derivative Works as a whole, provided Your use,
|
||||
reproduction, and distribution of the Work otherwise complies with
|
||||
the conditions stated in this License.
|
||||
|
||||
5. Submission of Contributions. Unless You explicitly state otherwise,
|
||||
any Contribution intentionally submitted for inclusion in the Work
|
||||
by You to the Licensor shall be under the terms and conditions of
|
||||
this License, without any additional terms or conditions.
|
||||
Notwithstanding the above, nothing herein shall supersede or modify
|
||||
the terms of any separate license agreement you may have executed
|
||||
with Licensor regarding such Contributions.
|
||||
|
||||
6. Trademarks. This License does not grant permission to use the trade
|
||||
names, trademarks, service marks, or product names of the Licensor,
|
||||
except as required for reasonable and customary use in describing the
|
||||
origin of the Work and reproducing the content of the NOTICE file.
|
||||
|
||||
7. Disclaimer of Warranty. Unless required by applicable law or
|
||||
agreed to in writing, Licensor provides the Work (and each
|
||||
Contributor provides its Contributions) on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
||||
implied, including, without limitation, any warranties or conditions
|
||||
of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A
|
||||
PARTICULAR PURPOSE. You are solely responsible for determining the
|
||||
appropriateness of using or redistributing the Work and assume any
|
||||
risks associated with Your exercise of permissions under this License.
|
||||
|
||||
8. Limitation of Liability. In no event and under no legal theory,
|
||||
whether in tort (including negligence), contract, or otherwise,
|
||||
unless required by applicable law (such as deliberate and grossly
|
||||
negligent acts) or agreed to in writing, shall any Contributor be
|
||||
liable to You for damages, including any direct, indirect, special,
|
||||
incidental, or consequential damages of any character arising as a
|
||||
result of this License or out of the use or inability to use the
|
||||
Work (including but not limited to damages for loss of goodwill,
|
||||
work stoppage, computer failure or malfunction, or any and all
|
||||
other commercial damages or losses), even if such Contributor
|
||||
has been advised of the possibility of such damages.
|
||||
|
||||
9. Accepting Warranty or Additional Liability. While redistributing
|
||||
the Work or Derivative Works thereof, You may choose to offer,
|
||||
and charge a fee for, acceptance of support, warranty, indemnity,
|
||||
or other liability obligations and/or rights consistent with this
|
||||
License. However, in accepting such obligations, You may act only
|
||||
on Your own behalf and on Your sole responsibility, not on behalf
|
||||
of any other Contributor, and only if You agree to indemnify,
|
||||
defend, and hold each Contributor harmless for any liability
|
||||
incurred by, or claims asserted against, such Contributor by reason
|
||||
of your accepting any such warranty or additional liability.
|
||||
|
||||
END OF TERMS AND CONDITIONS
|
||||
|
||||
APPENDIX: How to apply the Apache License to your work.
|
||||
|
||||
To apply the Apache License to your work, attach the following
|
||||
boilerplate notice, with the fields enclosed by brackets "[]"
|
||||
replaced with your own identifying information. (Don't include
|
||||
the brackets!) The text should be enclosed in the appropriate
|
||||
comment syntax for the file format. We also recommend that a
|
||||
file or class name and description of purpose be included on the
|
||||
same "printed page" as the copyright notice for easier
|
||||
identification within third-party archives.
|
||||
|
||||
Copyright [yyyy] [name of copyright owner]
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License");
|
||||
you may not use this file except in compliance with the License.
|
||||
You may obtain a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS,
|
||||
WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
|
||||
See the License for the specific language governing permissions and
|
||||
limitations under the License.
|
@ -1,3 +0,0 @@
|
||||
include README.md
|
||||
graft elements
|
||||
graft docs
|
109
README.rst
109
README.rst
@ -1,103 +1,10 @@
|
||||
========================
|
||||
Team and repository tags
|
||||
========================
|
||||
This project is no longer maintained.
|
||||
|
||||
.. image:: https://governance.openstack.org/tc/badges/tripleo-image-elements.svg
|
||||
:target: https://governance.openstack.org/tc/reference/tags/index.html
|
||||
The contents of this repository are still available in the Git
|
||||
source code management system. To see the contents of this
|
||||
repository before it reached its end of life, please check out the
|
||||
previous commit with "git checkout HEAD^1".
|
||||
|
||||
.. Change things from this point on
|
||||
|
||||
Image building rules for OpenStack images
|
||||
=========================================
|
||||
|
||||
These elements are used to build disk images for deploying OpenStack via Heat.
|
||||
They are built as part of the TripleO_ umbrella project.
|
||||
|
||||
.. _TripleO: https://wiki.openstack.org/wiki/TripleO
|
||||
|
||||
Instructions
|
||||
------------
|
||||
|
||||
Checkout this source tree and also the diskimage builder, export an
|
||||
ELEMENTS_PATH to add elements from this tree, and build any disk images you
|
||||
need::
|
||||
|
||||
virtualenv .
|
||||
source bin/activate
|
||||
pip install dib-utils pyyaml
|
||||
git clone https://opendev.org/openstack/diskimage-builder.git
|
||||
git clone https://opendev.org/openstack/tripleo-image-elements.git
|
||||
export ELEMENTS_PATH=tripleo-image-elements/elements
|
||||
diskimage-builder/bin/disk-image-create -u base vm bootstrap local-config stackuser heat-cfntools -a i386 -o bootstrap
|
||||
|
||||
Common element combinations
|
||||
---------------------------
|
||||
|
||||
Always include heat-cfntools in images that you intend to boot via heat : if
|
||||
that is not done, then the user ssh keys are not reliably pulled down from the
|
||||
metadata server due to interactions with cloud-init.
|
||||
|
||||
Architecture
|
||||
------------
|
||||
|
||||
OpenStack images are intended to be deployed and maintained using Nova + Heat.
|
||||
|
||||
As such they should strive to be stateless, maintained entirely via automation.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
||||
In a running OpenStack there are several categories of config.
|
||||
|
||||
- per user - e.g. ssh key registration with nova: we repeat this sort
|
||||
of config every time we add a user.
|
||||
- local node - e.g. nova.conf or ovs-vsctl add-br br-ex : settings that
|
||||
apply individually to machines
|
||||
- inter-node - e.g. credentials on rabbitmq for a given nova compute node
|
||||
- application state - e.g. 'neutron net-create ...' : settings that
|
||||
apply to the whole cluster not on a per-user / per-tenant basis
|
||||
|
||||
We have five places we can do configuration in TripleO:
|
||||
- image build time
|
||||
- in-instance heat-driven (ORC scripts)
|
||||
- from outside via APIs
|
||||
- orchestrated by Heat
|
||||
|
||||
Our current heuristic for deciding where to do any particular configuration
|
||||
step:
|
||||
|
||||
- per user config should be done from the outside via APIs, even for
|
||||
users like 'admin' that we know we'll have. Note that service accounts
|
||||
are different - they are a form of inter-node configuration.
|
||||
- local node configuration should be done via ORC driven by Heat and/or
|
||||
configuration management system metadata.
|
||||
- inter-node configuration should be done by working through Heat. For
|
||||
instance, creating a rabbit account for a nova compute node is something
|
||||
that Heat should arrange, though the act of creating is probably done by a
|
||||
script on the rabbit server - triggered by Heat - and applying the config is
|
||||
done on the compute node by the local node script - again triggered by Heat.
|
||||
- application state changes should be done from outside via APIs
|
||||
|
||||
|
||||
Copyright
|
||||
=========
|
||||
|
||||
Copyright 2012,2013 Hewlett-Packard Development Company, L.P.
|
||||
Copyright (c) 2012 NTT DOCOMO, INC.
|
||||
|
||||
All Rights Reserved.
|
||||
|
||||
Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
not use this file except in compliance with the License. You may obtain
|
||||
a copy of the License at
|
||||
|
||||
http://www.apache.org/licenses/LICENSE-2.0
|
||||
|
||||
Unless required by applicable law or agreed to in writing, software
|
||||
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
License for the specific language governing permissions and limitations
|
||||
under the License.
|
||||
|
||||
Release notes for the project can be found at:
|
||||
https://docs.openstack.org/releasenotes/tripleo-image-elements
|
||||
For any further questions, please email
|
||||
openstack-discuss@lists.openstack.org or join #openstack-dev on
|
||||
OFTC.
|
||||
|
@ -1,3 +0,0 @@
|
||||
openstackdocstheme>=2.2.1 # Apache-2.0
|
||||
sphinx>=2.0.0,!=2.1.0 # BSD
|
||||
reno>=3.1.0 # Apache-2.0
|
@ -1,245 +0,0 @@
|
||||
# -*- coding: utf-8 -*-
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
#
|
||||
|
||||
# If extensions (or modules to document with autodoc) are in another directory,
|
||||
# add these directories to sys.path here. If the directory is relative to the
|
||||
# documentation root, use os.path.abspath to make it absolute, like shown here.
|
||||
# sys.path.insert(0, os.path.abspath('.'))
|
||||
|
||||
# -- General configuration ------------------------------------------------
|
||||
|
||||
# If your documentation needs a minimal Sphinx version, state it here.
|
||||
# needs_sphinx = '1.0'
|
||||
|
||||
# Add any Sphinx extension module names here, as strings. They can be
|
||||
# extensions coming with Sphinx (named 'sphinx.ext.*') or your custom
|
||||
# ones.
|
||||
extensions = ['openstackdocstheme']
|
||||
templates_path = ['_templates']
|
||||
# The suffix of source filenames.
|
||||
source_suffix = '.rst'
|
||||
master_doc = 'index'
|
||||
|
||||
# General information about the project.
|
||||
project = 'TripleO Image Elements'
|
||||
copyright = '2014, OpenStack Developers'
|
||||
|
||||
# The version info for the project you're documenting, acts as replacement for
|
||||
# |version| and |release|, also used in various other places throughout the
|
||||
# built documents.
|
||||
#
|
||||
# The short X.Y version.
|
||||
version = '0.0'
|
||||
# The full version, including alpha/beta/rc tags.
|
||||
release = '0.0'
|
||||
|
||||
# The language for content autogenerated by Sphinx. Refer to documentation
|
||||
# for a list of supported languages.
|
||||
# language = None
|
||||
|
||||
# There are two options for replacing |today|: either, you set today to some
|
||||
# non-false value, then it is used:
|
||||
# today = ''
|
||||
# Else, today_fmt is used as the format for a strftime call.
|
||||
# today_fmt = '%B %d, %Y'
|
||||
|
||||
# List of patterns, relative to source directory, that match files and
|
||||
# directories to ignore when looking for source files.
|
||||
exclude_patterns = ['_build']
|
||||
|
||||
# The reST default role (used for this markup: `text`) to use for all
|
||||
# documents.
|
||||
# default_role = None
|
||||
|
||||
# If true, '()' will be appended to :func: etc. cross-reference text.
|
||||
# add_function_parentheses = True
|
||||
|
||||
# If true, the current module name will be prepended to all description
|
||||
# unit titles (such as .. function::).
|
||||
# add_module_names = True
|
||||
|
||||
# If true, sectionauthor and moduleauthor directives will be shown in the
|
||||
# output. They are ignored by default.
|
||||
# show_authors = False
|
||||
|
||||
# A list of ignored prefixes for module index sorting.
|
||||
# modindex_common_prefix = []
|
||||
|
||||
# If true, keep warnings as "system message" paragraphs in the built documents.
|
||||
# keep_warnings = False
|
||||
|
||||
|
||||
# -- Options for HTML output ----------------------------------------------
|
||||
|
||||
# The theme to use for HTML and HTML Help pages. See the documentation for
|
||||
# a list of builtin themes.
|
||||
html_theme = 'openstackdocs'
|
||||
|
||||
# Theme options are theme-specific and customize the look and feel of a theme
|
||||
# further. For a list of options available for each theme, see the
|
||||
# documentation.
|
||||
# html_theme_options = {}
|
||||
|
||||
# Add any paths that contain custom themes here, relative to this directory.
|
||||
# html_theme_path = []
|
||||
|
||||
# The name for this set of Sphinx documents. If None, it defaults to
|
||||
# "<project> v<release> documentation".
|
||||
# html_title = None
|
||||
|
||||
# A shorter title for the navigation bar. Default is the same as html_title.
|
||||
# html_short_title = None
|
||||
|
||||
# The name of an image file (relative to this directory) to place at the top
|
||||
# of the sidebar.
|
||||
# html_logo = None
|
||||
|
||||
# The name of an image file (within the static path) to use as favicon of the
|
||||
# docs. This file should be a Windows icon file (.ico) being 16x16 or 32x32
|
||||
# pixels large.
|
||||
# html_favicon = None
|
||||
|
||||
# Add any paths that contain custom static files (such as style sheets) here,
|
||||
# relative to this directory. They are copied after the builtin static files,
|
||||
# so a file named "default.css" will overwrite the builtin "default.css".
|
||||
html_static_path = ['_static']
|
||||
|
||||
# Add any extra paths that contain custom files (such as robots.txt or
|
||||
# .htaccess) here, relative to this directory. These files are copied
|
||||
# directly to the root of the documentation.
|
||||
# html_extra_path = []
|
||||
|
||||
# If not '', a 'Last updated on:' timestamp is inserted at every page bottom,
|
||||
# using the given strftime format.
|
||||
# html_last_updated_fmt = '%b %d, %Y'
|
||||
|
||||
# If true, SmartyPants will be used to convert quotes and dashes to
|
||||
# typographically correct entities.
|
||||
# html_use_smartypants = True
|
||||
|
||||
# Custom sidebar templates, maps document names to template names.
|
||||
# html_sidebars = {}
|
||||
|
||||
# Additional templates that should be rendered to pages, maps page names to
|
||||
# template names.
|
||||
# html_additional_pages = {}
|
||||
|
||||
# If false, no module index is generated.
|
||||
# html_domain_indices = True
|
||||
|
||||
# If false, no index is generated.
|
||||
# html_use_index = True
|
||||
|
||||
# If true, the index is split into individual pages for each letter.
|
||||
# html_split_index = False
|
||||
|
||||
# If true, links to the reST sources are added to the pages.
|
||||
# html_show_sourcelink = True
|
||||
|
||||
# If true, "Created using Sphinx" is shown in the HTML footer. Default is True.
|
||||
# html_show_sphinx = True
|
||||
|
||||
# If true, "(C) Copyright ..." is shown in the HTML footer. Default is True.
|
||||
# html_show_copyright = True
|
||||
|
||||
# If true, an OpenSearch description file will be output, and all pages will
|
||||
# contain a <link> tag referring to it. The value of this option must be the
|
||||
# base URL from which the finished HTML is served.
|
||||
# html_use_opensearch = ''
|
||||
|
||||
# This is the file name suffix for HTML files (e.g. ".xhtml").
|
||||
# html_file_suffix = None
|
||||
|
||||
# Output file base name for HTML help builder.
|
||||
htmlhelp_basename = 'TripleOImageElementsdoc'
|
||||
|
||||
|
||||
# -- Options for LaTeX output ---------------------------------------------
|
||||
|
||||
latex_elements = {}
|
||||
|
||||
# Grouping the document tree into LaTeX files. List of tuples
|
||||
# (source start file, target name, title,
|
||||
# author, documentclass [howto, manual, or own class]).
|
||||
latex_documents = [
|
||||
('index', 'TripleOImageElements.tex',
|
||||
'TripleO Image Elements Documentation',
|
||||
'OpenStack Developers', 'manual'),
|
||||
]
|
||||
|
||||
# The name of an image file (relative to this directory) to place at the top of
|
||||
# the title page.
|
||||
# latex_logo = None
|
||||
|
||||
# For "manual" documents, if this is true, then toplevel headings are parts,
|
||||
# not chapters.
|
||||
# latex_use_parts = False
|
||||
|
||||
# If true, show page references after internal links.
|
||||
# latex_show_pagerefs = False
|
||||
|
||||
# If true, show URL addresses after external links.
|
||||
# latex_show_urls = False
|
||||
|
||||
# Documents to append as an appendix to all manuals.
|
||||
# latex_appendices = []
|
||||
|
||||
# If false, no module index is generated.
|
||||
# latex_domain_indices = True
|
||||
|
||||
|
||||
# -- Options for manual page output ---------------------------------------
|
||||
|
||||
# One entry per manual page. List of tuples
|
||||
# (source start file, name, description, authors, manual section).
|
||||
man_pages = [
|
||||
('index', 'tripleoimageelements', 'TripleO Image Elements Documentation',
|
||||
['OpenStack Developers'], 1)
|
||||
]
|
||||
|
||||
# If true, show URL addresses after external links.
|
||||
# man_show_urls = False
|
||||
|
||||
|
||||
# -- Options for Texinfo output -------------------------------------------
|
||||
|
||||
# Grouping the document tree into Texinfo files. List of tuples
|
||||
# (source start file, target name, title, author,
|
||||
# dir menu entry, description, category)
|
||||
texinfo_documents = [
|
||||
('index', 'TripleOImageElements',
|
||||
'TripleO Image Elements Documentation',
|
||||
'OpenStack Developers', 'TripleOImageElements',
|
||||
'One line description of project.',
|
||||
'Miscellaneous'),
|
||||
]
|
||||
|
||||
# Documents to append as an appendix to all manuals.
|
||||
# texinfo_appendices = []
|
||||
|
||||
# If false, no module index is generated.
|
||||
# texinfo_domain_indices = True
|
||||
|
||||
# How to display URL addresses: 'footnote', 'no', or 'inline'.
|
||||
# texinfo_show_urls = 'footnote'
|
||||
|
||||
# If true, do not generate a @detailmenu in the "Top" node's menu.
|
||||
# texinfo_no_detailmenu = False
|
||||
|
||||
# openstackdocstheme options
|
||||
openstackdocs_repo_name = 'openstack/tripleo-image-elements'
|
||||
openstackdocs_auto_name = False
|
||||
openstackdocs_bug_project = 'tripleo'
|
||||
openstackdocs_bug_tag = 'documentation'
|
@ -1,22 +0,0 @@
|
||||
.. TripleO Image Elements documentation master file, created by
|
||||
sphinx-quickstart on Fri Apr 18 09:19:09 2014.
|
||||
You can adapt this file completely to your liking, but it should at least
|
||||
contain the root `toctree` directive.
|
||||
|
||||
Welcome to TripleO Image Elements's documentation!
|
||||
==================================================
|
||||
|
||||
Contents:
|
||||
|
||||
.. toctree::
|
||||
:maxdepth: 2
|
||||
|
||||
|
||||
|
||||
Indices and tables
|
||||
==================
|
||||
|
||||
* :ref:`genindex`
|
||||
* :ref:`modindex`
|
||||
* :ref:`search`
|
||||
|
@ -1,3 +0,0 @@
|
||||
enable-packages-install
|
||||
|
||||
This element will set the install types to package for all elements.
|
@ -1 +0,0 @@
|
||||
export DIB_DEFAULT_INSTALLTYPE=package
|
@ -1,7 +0,0 @@
|
||||
interface-names
|
||||
===============
|
||||
|
||||
net.ifnames may be 0 in /etc/default/grub which can make generating a
|
||||
configuration for the network interfaces difficult. The default in RHEL7
|
||||
was to not have this defined. The kernel args can be tuned later in the
|
||||
deployment so we want to clean it out if it is defined in grub.
|
@ -1,10 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
if [ -f /etc/default/grub ]; then
|
||||
# net.ifacenames is defined and set to 0 starting with RHEL8.
|
||||
# This is a change from RHEL7 which can affect network configurations.
|
||||
sed -i 's/net.ifnames=0//g' /etc/default/grub
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
# https://bugs.centos.org/view.php?id=17133
|
||||
rm -f /etc/sysconfig/network-scripts/ifcfg-ens*
|
||||
# https://bugs.launchpad.net/tripleo/+bug/1931495
|
||||
rm -f /etc/sysconfig/network-scripts/ifcfg-eth*
|
@ -1,8 +0,0 @@
|
||||
##iptables
|
||||
|
||||
This element installs a single script that consolidates the logic required
|
||||
to handle inserting iptables rules. This script uses the check (-C) argument
|
||||
to check whether a rule matching the specification does exist in the selected
|
||||
chain before inserting it.
|
||||
|
||||
RULE: The rule to insert into iptables
|
@ -1,51 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# Script to add iptables rules per element
|
||||
#
|
||||
# The only input argument is an iptables rule without the command option.
|
||||
# This case covers all of the current usage of elements that insert rules
|
||||
# in the 97-iptables files.
|
||||
# Example usage:
|
||||
# add-rule INPUT -p tcp -m multiport --dports 3260,8776 -j ACCEPT
|
||||
# add-rule INPUT -p tcp --dport 4730 -j ACCEPT
|
||||
# add-rule FORWARD -d 192.0.2.0/24 -j ACCEPT
|
||||
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
RULE="$@"
|
||||
|
||||
DISTRO=`lsb_release -si` || true
|
||||
|
||||
|
||||
if [[ "RedHatEnterpriseServer RedHatEnterpriseWorkstation CentOS Fedora" =~ "$DISTRO" ]]; then
|
||||
IPT_FILE=
|
||||
# Check if the iptables service is active
|
||||
if systemctl is-active iptables.service ; then
|
||||
IPT_FILE=/etc/sysconfig/iptables
|
||||
fi
|
||||
if [ -f "$IPT_FILE" ]; then
|
||||
|
||||
iptables-restore < $IPT_FILE
|
||||
fi
|
||||
|
||||
if [ -n "$IPT_FILE" ]; then
|
||||
|
||||
iptables -C $RULE || iptables -I $RULE
|
||||
|
||||
iptables-save > $IPT_FILE
|
||||
fi
|
||||
|
||||
elif [[ "Debian Ubuntu" =~ "$DISTRO" ]]; then
|
||||
# NOTE(kiall): os-svc-restart etc don't support the custom 'save'
|
||||
# action, so we grab the name and call the service
|
||||
# binary "by hand" instead.
|
||||
SERVICE_NAME=$(svc-map iptables-persistent)
|
||||
|
||||
service $SERVICE_NAME reload
|
||||
|
||||
iptables -C $RULE || iptables -I $RULE
|
||||
|
||||
service $SERVICE_NAME save
|
||||
|
||||
fi
|
@ -1,103 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Copyright 2014 Hewlett-Packard Development Company, L.P.
|
||||
# All Rights Reserved.
|
||||
#
|
||||
# Licensed under the Apache License, Version 2.0 (the "License"); you may
|
||||
# not use this file except in compliance with the License. You may obtain
|
||||
# a copy of the License at
|
||||
#
|
||||
# http://www.apache.org/licenses/LICENSE-2.0
|
||||
#
|
||||
# Unless required by applicable law or agreed to in writing, software
|
||||
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
|
||||
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
|
||||
# License for the specific language governing permissions and limitations
|
||||
# under the License.
|
||||
|
||||
set -eu
|
||||
set -o pipefail
|
||||
|
||||
SCRIPT_NAME=$(basename $0)
|
||||
|
||||
function show_usage () {
|
||||
|
||||
cat << EOF
|
||||
usage: '$SCRIPT_NAME INPUTFILE'
|
||||
|
||||
Script to configure iptables.
|
||||
|
||||
Positional arguments:
|
||||
INPUTFILE File containing required configuration details.
|
||||
|
||||
An input file is parsed and iptables rules are configured accordingly.
|
||||
Rules are applied idempotently (ie duplicate rules are not created)
|
||||
and non-destructively (existing rules are not deleted/recreated).
|
||||
|
||||
The input file is essentially set of iptables command arguments, with
|
||||
the restriction that each line should start with one of:
|
||||
'-A', '-D', '-I', '-N', '-F' or '-X'.
|
||||
|
||||
Lines beginning with '#' and lines containing only whitespace are ignored.
|
||||
|
||||
Sample input file contents:
|
||||
|
||||
-N stunnel-INPUT
|
||||
-A stunnel-INPUT -p tcp --dport 5000 -j REJECT
|
||||
-A stunnel-INPUT -j RETURN
|
||||
-I INPUT -p tcp -j stunnel-INPUT
|
||||
EOF
|
||||
|
||||
exit 1
|
||||
}
|
||||
|
||||
function check() {
|
||||
check_chain_name ${@:2}
|
||||
iptables $@ > /dev/null 2>&1
|
||||
}
|
||||
|
||||
function check_chain_name() {
|
||||
# Verify that a chain name is supplied
|
||||
grep -qEv '^[[:space:]]*-|^[[:space:]]*$' < <(echo $@)
|
||||
if [ $? -ne 0 ]; then
|
||||
echo "$SCRIPT_NAME: bad input (no chain) \"$LINE\""
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
function apply() {
|
||||
iptables $@
|
||||
echo "$SCRIPT_NAME: iptables $@"
|
||||
}
|
||||
|
||||
[ $# -ne 1 ] && show_usage
|
||||
|
||||
FILE=$1
|
||||
|
||||
if [ ! -r $FILE ]; then
|
||||
echo "$SCRIPT_NAME: Cannot read input file ${FILE}."
|
||||
exit 1
|
||||
fi
|
||||
|
||||
while read LINE
|
||||
do
|
||||
CMD=${LINE:0:2}
|
||||
ARGLIST=${LINE:2}
|
||||
case "$CMD" in
|
||||
-A | -I)
|
||||
check -C $ARGLIST || apply $LINE
|
||||
;;
|
||||
-D)
|
||||
check -C $ARGLIST && apply $LINE
|
||||
;;
|
||||
-F | -X)
|
||||
check -L $ARGLIST && apply $LINE
|
||||
;;
|
||||
-N)
|
||||
check -L $ARGLIST || apply $LINE
|
||||
;;
|
||||
*)
|
||||
echo "$SCRIPT_NAME: bad input \"$LINE\""
|
||||
exit 1
|
||||
;;
|
||||
esac
|
||||
done < <(grep -Ev "^[[:space:]]*$|^#" $FILE)
|
@ -1,12 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
install-packages iptables
|
||||
|
||||
|
||||
if [[ "ubuntu debian" =~ "$DISTRO_NAME" ]]; then
|
||||
# Note in later versions will
|
||||
# need netfilter-persistent package
|
||||
install-packages iptables-persistent
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
if [[ "rhel rhel7 centos7 fedora" =~ "$DISTRO_NAME" ]]; then
|
||||
echo '# empty ruleset created by tripleo-image-elements' > /etc/sysconfig/iptables
|
||||
echo '# empty ruleset created by tripleo-image-elements' > /etc/sysconfig/ip6tables
|
||||
|
||||
fi
|
@ -1,9 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
if [[ "ubuntu debian" =~ "$DISTRO_NAME" ]]; then
|
||||
# Disable save of iptables rules on package install
|
||||
debconf-set-selections <<< "iptables-persistent iptables-persistent/autosave_v4 boolean false"
|
||||
debconf-set-selections <<< "iptables-persistent iptables-persistent/autosave_v6 boolean false"
|
||||
fi
|
@ -1,4 +0,0 @@
|
||||
iptables-persistent:
|
||||
default: iptables-persistent
|
||||
ubuntu: iptables-persistent
|
||||
debian: netfilter-persistent
|
@ -1,7 +0,0 @@
|
||||
======================
|
||||
ironic-agent-multipath
|
||||
======================
|
||||
Updates the ironic agent, installing multipath and
|
||||
iscsi package, and enabling needed modules by default,
|
||||
to execute a modprobe for the needed drivers before it is started.
|
||||
|
@ -1,3 +0,0 @@
|
||||
install-static
|
||||
package-installs
|
||||
select-boot-kernel-initrd
|
@ -1,2 +0,0 @@
|
||||
iscsi-initiator-utils:
|
||||
device-mapper-multipath:
|
@ -1,9 +0,0 @@
|
||||
qla4xxx
|
||||
cxgb3i
|
||||
cxgb4i
|
||||
bnx2i
|
||||
be2iscsi
|
||||
iscsi_boot_sysfs
|
||||
iscsi_ibft
|
||||
iscsi_tcp
|
||||
target_core_mod
|
@ -1,15 +0,0 @@
|
||||
network-gateway
|
||||
===============
|
||||
|
||||
The network-gateway element allows for setting a network interface that will be
|
||||
used as the default gateway. This is useful in deployments where they may be
|
||||
external DHCP services offering leases, and the deployer would like to make the
|
||||
route from one of those leases the default.
|
||||
|
||||
Currently only supported on ifcfg network configuration style systems.
|
||||
|
||||
Configuration
|
||||
=============
|
||||
|
||||
network-config:
|
||||
gateway-dev: eth1
|
@ -1,24 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
# This script must run after init-neutron-ovs, otherwise the default route may
|
||||
# be overwritten.
|
||||
|
||||
set -eux
|
||||
set -o pipefail
|
||||
|
||||
new_gatewaydev=$(os-apply-config --key network-config.gateway-dev --type raw --key-default '')
|
||||
|
||||
if [ -z "$new_gatewaydev" ]; then
|
||||
echo "\$new_gatewaydev not set"
|
||||
exit 0
|
||||
fi
|
||||
|
||||
if grep -e "^\s*GATEWAYDEV=" /etc/sysconfig/network; then
|
||||
sed -i "s/GATEWAYDEV=.*/GATEWAYDEV=$new_gatewaydev/" /etc/sysconfig/network
|
||||
else
|
||||
echo "GATEWAYDEV=$new_gatewaydev" >> /etc/sysconfig/network
|
||||
fi
|
||||
|
||||
# Restart the device to pick up the change immediately.
|
||||
ifdown $new_gatewaydev
|
||||
ifup $new_gatewaydev
|
@ -1,5 +0,0 @@
|
||||
Install openvswitch from packages.
|
||||
|
||||
Enables the openvswitch service for systemd systems and
|
||||
and adds an upstart script service to override the default
|
||||
sysv one on systems with upstart.
|
@ -1,2 +0,0 @@
|
||||
os-svc-install
|
||||
package-installs
|
@ -1,22 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
if [ "$DIB_INIT_SYSTEM" == "systemd" ] ; then
|
||||
os-svc-enable -n openvswitch-switch
|
||||
fi
|
||||
|
||||
if [ "$DIB_INIT_SYSTEM" == "upstart" ] ; then
|
||||
echo "start on starting cloud-init-nonet" >> /etc/init/openvswitch-switch.override
|
||||
if [ ! -f /etc/init/openvswitch-switch.conf ] ; then
|
||||
cat << 'EOF' > /etc/init/openvswitch-switch.conf
|
||||
# openvswitch-switch
|
||||
# the purpose of this job is
|
||||
# * start openvwitch-switch in upstart rather than SysV startup
|
||||
pre-start script
|
||||
export RUNLEVEL=2
|
||||
/etc/init.d/openvswitch-switch start
|
||||
end script
|
||||
post-stop exec /etc/init.d/openvswitch-switch stop
|
||||
EOF
|
||||
fi
|
||||
fi
|
@ -1 +0,0 @@
|
||||
openvswitch-switch_package:
|
@ -1,10 +0,0 @@
|
||||
{
|
||||
"family": {
|
||||
"redhat": {
|
||||
"openvswitch-switch_package": "openvswitch"
|
||||
}
|
||||
},
|
||||
"default": {
|
||||
"openvswitch-switch_package": "openvswitch-switch"
|
||||
}
|
||||
}
|
@ -1,6 +0,0 @@
|
||||
Install os-apply-config.
|
||||
|
||||
The contents of os-apply-config subdirectory in templates will be installed
|
||||
into the default template directory automatically.
|
||||
|
||||
An os-refresh-config hook is created to invoke os-apply-config automatically.
|
@ -1,3 +0,0 @@
|
||||
os-refresh-config
|
||||
package-installs
|
||||
pip-manifest
|
@ -1,3 +0,0 @@
|
||||
if [ -z "${OS_APPLY_CONFIG_VENV_DIR:-}" ]; then
|
||||
export OS_APPLY_CONFIG_VENV_DIR=${OPENSTACK_VENV_DIR:-"/opt/stack/venvs/os-apply-config"}
|
||||
fi
|
@ -1,6 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
|
||||
TEMPLATE_ROOT=$(os-apply-config --print-templates)
|
||||
mkdir -p $TEMPLATE_ROOT
|
@ -1,10 +0,0 @@
|
||||
#!/bin/bash
|
||||
# Note that this relies on the detail that all elements share one dir
|
||||
# inside the chroot. This will copy all the files that elements have
|
||||
# added to element/os-apply-config into the appropriate location.
|
||||
set -eux
|
||||
TEMPLATE_ROOT=$(os-apply-config --print-templates)
|
||||
TEMPLATE_SOURCE=$(dirname $0)/../os-apply-config
|
||||
|
||||
mkdir -p $TEMPLATE_ROOT
|
||||
[ -d $TEMPLATE_SOURCE ] && rsync --exclude='.*.swp' -Cr $TEMPLATE_SOURCE/ $TEMPLATE_ROOT/
|
@ -1,39 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
manifest=$(get-pip-manifest os-apply-config)
|
||||
|
||||
env | sort
|
||||
|
||||
if [[ "$DISTRO_NAME" == "debian" ]] && [[ "$DIB_RELEASE" == "stable" || "$DIB_RELEASE" == "bullseye" ]]
|
||||
then
|
||||
virtualenv $OS_APPLY_CONFIG_VENV_DIR
|
||||
else
|
||||
virtualenv --setuptools $OS_APPLY_CONFIG_VENV_DIR
|
||||
fi
|
||||
|
||||
set +u
|
||||
source $OS_APPLY_CONFIG_VENV_DIR/bin/activate
|
||||
set -u
|
||||
|
||||
if [ -n "$manifest" ]; then
|
||||
use-pip-manifest $manifest
|
||||
else
|
||||
# bug #1201253 : virtualenv-1.10.1 embeds setuptools-0.9.8, which
|
||||
# doesn't manage correctly HTTPS sockets when downloading pbr from
|
||||
# https://pypi.python.org/simple/ if using http_proxy and https_proxy
|
||||
# envvars
|
||||
$OS_APPLY_CONFIG_VENV_DIR/bin/pip install -U 'setuptools>=1.0'
|
||||
# bug #1293812 : Avoid easy_install triggering on pbr.
|
||||
$OS_APPLY_CONFIG_VENV_DIR/bin/pip install -U 'pbr>=0.11'
|
||||
$OS_APPLY_CONFIG_VENV_DIR/bin/pip install -U os-apply-config
|
||||
fi
|
||||
|
||||
# Write the manifest of what was installed
|
||||
write-pip-manifest os-apply-config
|
||||
|
||||
ln -s $OS_APPLY_CONFIG_VENV_DIR/bin/os-apply-config /usr/local/bin/os-apply-config
|
||||
|
||||
set +u
|
||||
deactivate
|
||||
set -u
|
@ -1,4 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -ue
|
||||
|
||||
exec os-apply-config
|
@ -1,4 +0,0 @@
|
||||
os-apply-config:
|
||||
installtype: package
|
||||
rsync:
|
||||
phase: pre-install.d
|
@ -1,17 +0,0 @@
|
||||
{
|
||||
"release": {
|
||||
"debian": {
|
||||
"bullseye": {
|
||||
"os-apply-config": "python3-os-apply-config"
|
||||
}
|
||||
}
|
||||
},
|
||||
"family": {
|
||||
"debian": {
|
||||
"os-apply-config": "python-os-apply-config"
|
||||
}
|
||||
},
|
||||
"default": {
|
||||
"os-apply-config": "os-apply-config"
|
||||
}
|
||||
}
|
@ -1,122 +0,0 @@
|
||||
Setup os-collect-config to run as a system service. By default it will
|
||||
run os-refresh-config on any changes.
|
||||
|
||||
Configuration
|
||||
-------------
|
||||
|
||||
Heat Metadata can be used to configure os-collect-config:
|
||||
|
||||
os-collect-config:
|
||||
command: os-refresh-config
|
||||
cachedir: /var/run/os-collect-config
|
||||
collectors:
|
||||
- heat_local
|
||||
- ec2
|
||||
- cfn
|
||||
polling_interval: 300
|
||||
cfn:
|
||||
metadata_url: http://foo:8000/v1
|
||||
heat_metadata_hint: /var/lib/heat-cfntools/cfn-metadata-server
|
||||
stack_name: required-stack-name
|
||||
access_key_id: abcdefghijklmnop091234
|
||||
secret_access_key: fffeeeeddddccccaaaa99999
|
||||
path: ThisResource.Metadata
|
||||
ca_certificate: /etc/ssl/ca.crt
|
||||
ec2:
|
||||
metadata_url: http://169.254.169.254/latest/meta-data
|
||||
heat_local:
|
||||
path: /var/lib/heat-cfntools/cfn-init-data
|
||||
|
||||
Note that `metadata_url` is optional, as it should be determined by the
|
||||
file `heat_metadata_hint` refers to. This file is injected by Heat via
|
||||
cloud-init at first boot. Those two parameters are the only optional
|
||||
parameters. All of the others are required for the cfn data source
|
||||
to function. Note that `ca_certificate` is also optional but required
|
||||
in many cases where the metadata api is behind ssl.
|
||||
|
||||
`ec2` and `heat_local` do not require any configuration to work.
|
||||
|
||||
Typically the cfn collector is configured via EC2 metadata in a Heat
|
||||
template:
|
||||
|
||||
Resources:
|
||||
myserver:
|
||||
Type: OS::Nova::Server
|
||||
Properties:
|
||||
...
|
||||
Metadata:
|
||||
os-collect-config:
|
||||
cfn:
|
||||
access_key_id:
|
||||
Ref: Key
|
||||
path: MyServerConfig.Metadata
|
||||
secret_access_key:
|
||||
Fn::GetAtt:
|
||||
- Key
|
||||
- SecretAccessKey
|
||||
stack_name:
|
||||
Ref: AWS::StackName
|
||||
ca_certificate: /etc/ssl/ca.crt
|
||||
|
||||
The EC2 collector takes this metadata, passes it to os-apply-config
|
||||
which in turn writes it out to /etc/os-collect-config.conf.
|
||||
|
||||
Note that the configuration references some other resources - a key
|
||||
and access key, which are declared using:
|
||||
|
||||
Resources:
|
||||
Key:
|
||||
Properties:
|
||||
UserName:
|
||||
Ref: User
|
||||
Type: AWS::IAM::AccessKey
|
||||
User:
|
||||
Properties:
|
||||
Policies:
|
||||
- Ref: AccessPolicy
|
||||
Type: AWS::IAM::User
|
||||
|
||||
Note also that the IAM::User references an access policy which should
|
||||
look like:
|
||||
|
||||
Resources:
|
||||
AccessPolicy:
|
||||
Properties:
|
||||
AllowedResources:
|
||||
- MyServerConfig
|
||||
Type: OS::Heat::AccessPolicy
|
||||
|
||||
and, finally, the crucial bit is the MyServerConfig policy which is
|
||||
referenced in the cfn collector configuration and the access policy:
|
||||
|
||||
Resources:
|
||||
MyServerConfig:
|
||||
Metadata:
|
||||
os-collect-config:
|
||||
cfn:
|
||||
access_key_id:
|
||||
Ref: Key
|
||||
path: MyServerConfig.Metadata
|
||||
secret_access_key:
|
||||
Fn::GetAtt:
|
||||
- Key
|
||||
- SecretAccessKey
|
||||
stack_name:
|
||||
Ref: AWS::StackName
|
||||
nova:
|
||||
...
|
||||
keystone:
|
||||
...
|
||||
Properties:
|
||||
ImageId: '0'
|
||||
InstanceType: foo
|
||||
Type: AWS::AutoScaling::LaunchConfiguration
|
||||
|
||||
Essentially, this AutoScaling::LaunchConfiguration resource is a bunch
|
||||
of boilerplate gunk to provide a metadata container from where the
|
||||
os-collect-config cfn collector can pull configuration which will be
|
||||
applied by os-apply-config. There's a os-collect-config section to
|
||||
ensure the configuration from the EC2 metadata doesn't get
|
||||
overwritten. And the rest is dummy values for the
|
||||
LaunchConfiguration's required properties.
|
||||
|
@ -1,6 +0,0 @@
|
||||
os-apply-config
|
||||
os-refresh-config
|
||||
os-svc-install
|
||||
package-installs
|
||||
pip-manifest
|
||||
source-repositories
|
@ -1,3 +0,0 @@
|
||||
if [ -z "${OS_COLLECT_CONFIG_VENV_DIR:-}" ]; then
|
||||
export OS_COLLECT_CONFIG_VENV_DIR=${OPENSTACK_VENV_DIR:-"/opt/stack/venvs/os-collect-config"}
|
||||
fi
|
@ -1,4 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
os-svc-enable -n os-collect-config
|
@ -1,80 +0,0 @@
|
||||
#!/bin/bash
|
||||
set -eux
|
||||
|
||||
manifest=$(get-pip-manifest os-collect-config)
|
||||
|
||||
if [[ "$DISTRO_NAME" == "debian" ]] && [[ "$DIB_RELEASE" == "stable" || "$DIB_RELEASE" == "bullseye" ]]
|
||||
then
|
||||
virtualenv $OS_COLLECT_CONFIG_VENV_DIR
|
||||
else
|
||||
virtualenv --setuptools $OS_COLLECT_CONFIG_VENV_DIR
|
||||
fi
|
||||
|
||||
set +u
|
||||
source $OS_COLLECT_CONFIG_VENV_DIR/bin/activate
|
||||
set -u
|
||||
|
||||
if [ -n "$manifest" ]; then
|
||||
use-pip-manifest $manifest
|
||||
else
|
||||
# Need setuptools>=1.0 to manage connections when
|
||||
# downloading from pypi using http_proxy and https_proxy
|
||||
$OS_COLLECT_CONFIG_VENV_DIR/bin/pip install -U 'setuptools>=1.0'
|
||||
# bug #1293812 : Avoid easy_install triggering on pbr.
|
||||
$OS_COLLECT_CONFIG_VENV_DIR/bin/pip install -U 'pbr>=0.11'
|
||||
$OS_COLLECT_CONFIG_VENV_DIR/bin/pip install -U os-collect-config
|
||||
fi
|
||||
|
||||
# Write the manifest of what was installed
|
||||
write-pip-manifest os-collect-config
|
||||
|
||||
ln -s $OS_COLLECT_CONFIG_VENV_DIR/bin/os-collect-config /usr/local/bin/os-collect-config
|
||||
|
||||
# Minimal static config for bootstrapping
|
||||
cat > /etc/os-collect-config.conf <<eof
|
||||
[DEFAULT]
|
||||
command=os-refresh-config
|
||||
eof
|
||||
chmod 600 /etc/os-collect-config.conf
|
||||
|
||||
if [ "$DIB_INIT_SYSTEM" == "upstart" ] ; then
|
||||
cat > /etc/init/os-collect-config.conf <<eof
|
||||
start on runlevel [2345]
|
||||
stop on runlevel [016]
|
||||
respawn
|
||||
|
||||
# We're logging to syslog
|
||||
console none
|
||||
|
||||
exec os-collect-config 2>&1 | logger -t os-collect-config
|
||||
eof
|
||||
|
||||
elif [ "$DIB_INIT_SYSTEM" == "systemd" ] ; then
|
||||
if [ -d "/lib/systemd" ]; then
|
||||
path=/lib/systemd/system/os-collect-config.service
|
||||
else
|
||||
path=/usr/lib/systemd/system/os-collect-config.service
|
||||
fi
|
||||
cat > $path <<eof
|
||||
[Unit]
|
||||
Description=Collect metadata and run hook commands.
|
||||
After=cloud-config.service
|
||||
Before=crond.service
|
||||
|
||||
[Service]
|
||||
ExecStart=/usr/local/bin/os-collect-config
|
||||
Restart=on-failure
|
||||
|
||||
[Install]
|
||||
WantedBy=multi-user.target
|
||||
eof
|
||||
|
||||
else
|
||||
echo Only systems with systemd or upstart are supported.
|
||||
exit 1
|
||||
fi
|
||||
os-svc-enable -n os-collect-config
|
||||
|
||||
set +u
|
||||
deactivate
|
||||
set -u
|
@ -1,60 +0,0 @@
|
||||
[DEFAULT]
|
||||
{{^os-collect-config.command}}
|
||||
command = os-refresh-config
|
||||
{{/os-collect-config.command}}
|
||||
{{#os-collect-config}}
|
||||
{{#command}}
|
||||
command = {{command}}
|
||||
{{/command}}
|
||||
{{#polling_interval}}
|
||||
polling_interval = {{polling_interval}}
|
||||
{{/polling_interval}}
|
||||
{{#cachedir}}
|
||||
cachedir = {{cachedir}}
|
||||
{{/cachedir}}
|
||||
{{#collectors}}
|
||||
collectors = {{.}}
|
||||
{{/collectors}}
|
||||
|
||||
{{#cfn}}
|
||||
[cfn]
|
||||
{{#metadata_url}}
|
||||
metadata_url = {{metadata_url}}
|
||||
{{/metadata_url}}
|
||||
stack_name = {{stack_name}}
|
||||
secret_access_key = {{secret_access_key}}
|
||||
access_key_id = {{access_key_id}}
|
||||
path = {{path}}
|
||||
{{#ca_certificate}}
|
||||
ca_certificate = {{.}}
|
||||
{{/ca_certificate}}
|
||||
{{/cfn}}
|
||||
|
||||
{{#heat}}
|
||||
[heat]
|
||||
auth_url = {{auth_url}}
|
||||
user_id = {{user_id}}
|
||||
password = {{password}}
|
||||
project_id = {{project_id}}
|
||||
stack_id = {{stack_id}}
|
||||
resource_name = {{resource_name}}
|
||||
{{/heat}}
|
||||
|
||||
{{#zaqar}}
|
||||
[zaqar]
|
||||
auth_url = {{auth_url}}
|
||||
user_id = {{user_id}}
|
||||
password = {{password}}
|
||||
project_id = {{project_id}}
|
||||
queue_id = {{queue_id}}
|
||||
{{#use_websockets}}
|
||||
use_websockets = {{.}}
|
||||
{{/use_websockets}}
|
||||
{{/zaqar}}
|
||||
|
||||
{{#request}}
|
||||
[request]
|
||||
metadata_url = {{metadata_url}}
|
||||
{{/request}}
|
||||
|
||||
{{/os-collect-config}}
|
@ -1 +0,0 @@
|
||||
mode: 0600
|
@ -1,10 +0,0 @@
|
||||
os-collect-config:
|
||||
installtype: package
|
||||
build-essential:
|
||||
libxml2-dev:
|
||||
libz-dev:
|
||||
libxslt-dev:
|
||||
python-dev:
|
||||
dib_python_version: 2
|
||||
python3-dev:
|
||||
dib_python_version: 3
|
@ -1,32 +0,0 @@
|
||||
{
|
||||
"release": {
|
||||
"ubuntu": {
|
||||
"focal": {
|
||||
"python-dev": "python3-dev"
|
||||
}
|
||||
}
|
||||
},
|
||||
"release": {
|
||||
"debian": {
|
||||
"bullseye": {
|
||||
"os-collect-config": "python3-os-collect-config"
|
||||
}
|
||||
}
|
||||
},
|
||||
"family": {
|
||||
"debian": {
|
||||
"os-collect-config": "python-os-collect-config"
|
||||
},
|
||||
"suse": {
|
||||
"libxml2-dev": "libxml2-devel",
|
||||
"libz-dev": "zlib-devel",
|
||||
"libxslt-dev": "libxslt-devel",
|
||||
"python-dev": "python-devel",
|
||||
"python3-dev": "python3-devel",
|
||||
"build-essential": "pattern:devel_basis"
|
||||
}
|
||||
},
|
||||
"default": {
|
||||
"os-collect-config": "os-collect-config"
|
||||
}
|
||||
}
|
@ -1,40 +0,0 @@
|
||||
Install os-refresh-config
|
||||
=========================
|
||||
|
||||
os-refresh-config uses dib-run-parts to run scripts in a pre-defined set
|
||||
of directories. Its intended purpose is to quiesce (pre-configure.d),
|
||||
configure (configure.d), migrate (migration.d), and then activate
|
||||
(post-configure.d) a configuration on first boot or in response to Heat
|
||||
Metadata changes.
|
||||
|
||||
To cause a script to be run on every os-refresh-config run, install
|
||||
it into one of the following directories:
|
||||
|
||||
/opt/stack/os-config-refresh/pre-configure.d
|
||||
/opt/stack/os-config-refresh/configure.d
|
||||
/opt/stack/os-config-refresh/migration.d
|
||||
/opt/stack/os-config-refresh/post-configure.d
|
||||
|
||||
If you want to have os-refresh-config run on any updates to a particular
|
||||
Resource in the heat stack, you will need at the minimum the following snippet
|
||||
of json in this instance's Metadata:
|
||||
|
||||
{
|
||||
"OpenStack::Config": {
|
||||
"heat": {
|
||||
"access_key_id": {"Ref": "ApiKeyResource"},
|
||||
"secret_key": {"Fn::GetAtt": [ "ApiKeyResource", "SecretAccessKey" ]},
|
||||
"refresh": [ {"resource": "SomeResource"} ],
|
||||
"stack": {Ref: 'AWS::Stack'},
|
||||
"region": {Ref: 'AWS::Region'}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
If you would like to signal a wait condition at the end of
|
||||
post-configure.d, a generic name of 'completion-handle' can be used
|
||||
like so:
|
||||
|
||||
{
|
||||
"completion-handle": {"Ref": "CompletionHandleName"}
|
||||
}
|
@ -1,5 +0,0 @@
|
||||
os-apply-config
|
||||
package-installs
|
||||
pip-and-virtualenv
|
||||
pip-manifest
|
||||
source-repositories
|
@ -1,7 +0,0 @@
|
||||
#!/bin/bash
|
||||
|
||||
set -eux
|
||||
|
||||
SCRIPT_BASE=$(os-refresh-config --print-base)
|
||||
SCRIPT_SOURCE=$(dirname $0)/../os-refresh-config
|
||||
rsync -r $SCRIPT_SOURCE/ $SCRIPT_BASE/
|
@ -1,46 +0,0 @@
|
||||
#!/bin/bash
|
||||
# We need to install this early in install.d because other elements will
|
||||
# need to use os-refresh-config --print-base to know where to put files
|
||||
|
||||