Google Compute Engine API support for OpenStack
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.

247 lines
7.1KB

  1. #!/bin/bash -e
  2. #Parameters to configure
  3. SERVICE_USERNAME=gceapi
  4. SERVICE_PASSWORD=gceapi
  5. SERVICE_TENANT=service
  6. CONNECTION="mysql://gceapi:gceapi@127.0.0.1/gceapi?charset=utf8"
  7. LOG_DIR=/var/log/gceapi
  8. CONF_DIR=/etc/gceapi
  9. SIGNING_DIR=/var/cache/gceapi
  10. #this default values are for devstack. change it for real cloud (NETWORK_API=nova for example)
  11. NETWORK_API=quantum
  12. REGION=RegionOne
  13. #Check for environment
  14. if [[ -z "$OS_AUTH_URL" || -z "$OS_USERNAME" || -z "$OS_PASSWORD" || -z "$OS_TENANT_NAME" ]]; then
  15. echo "Please set OS_AUTH_URL, OS_USERNAME, OS_PASSWORD and OS_TENANT_NAME"
  16. exit 1
  17. fi
  18. #### utilities functions merged from devstack to check required parameter is not empty
  19. # Prints line number and "message" in error format
  20. # err $LINENO "message"
  21. function err() {
  22. local exitcode=$?
  23. errXTRACE=$(set +o | grep xtrace)
  24. set +o xtrace
  25. local msg="[ERROR] ${BASH_SOURCE[2]}:$1 $2"
  26. echo $msg 1>&2;
  27. if [[ -n ${SCREEN_LOGDIR} ]]; then
  28. echo $msg >> "${SCREEN_LOGDIR}/error.log"
  29. fi
  30. $errXTRACE
  31. return $exitcode
  32. }
  33. # Prints backtrace info
  34. # filename:lineno:function
  35. function backtrace {
  36. local level=$1
  37. local deep=$((${#BASH_SOURCE[@]} - 1))
  38. echo "[Call Trace]"
  39. while [ $level -le $deep ]; do
  40. echo "${BASH_SOURCE[$deep]}:${BASH_LINENO[$deep-1]}:${FUNCNAME[$deep-1]}"
  41. deep=$((deep - 1))
  42. done
  43. }
  44. # Prints line number and "message" then exits
  45. # die $LINENO "message"
  46. function die() {
  47. local exitcode=$?
  48. set +o xtrace
  49. local line=$1; shift
  50. if [ $exitcode == 0 ]; then
  51. exitcode=1
  52. fi
  53. backtrace 2
  54. err $line "$*"
  55. exit $exitcode
  56. }
  57. # Checks an environment variable is not set or has length 0 OR if the
  58. # exit code is non-zero and prints "message" and exits
  59. # NOTE: env-var is the variable name without a '$'
  60. # die_if_not_set $LINENO env-var "message"
  61. function die_if_not_set() {
  62. local exitcode=$?
  63. FXTRACE=$(set +o | grep xtrace)
  64. set +o xtrace
  65. local line=$1; shift
  66. local evar=$1; shift
  67. if ! is_set $evar || [ $exitcode != 0 ]; then
  68. die $line "$*"
  69. fi
  70. $FXTRACE
  71. }
  72. # Test if the named environment variable is set and not zero length
  73. # is_set env-var
  74. function is_set() {
  75. local var=\$"$1"
  76. eval "[ -n \"$var\" ]" # For ex.: sh -c "[ -n \"$var\" ]" would be better, but several exercises depends on this
  77. }
  78. #######################################
  79. get_data() {
  80. local match_column=$(($1 + 1))
  81. local regex="$2"
  82. local output_column=$(($3 + 1))
  83. shift 3
  84. output=$("$@" | \
  85. awk -F'|' \
  86. "! /^\+/ && \$${match_column} ~ \"^ *${regex} *\$\" \
  87. { print \$${output_column} }")
  88. echo "$output"
  89. }
  90. get_id () {
  91. get_data 1 id 2 "$@"
  92. }
  93. get_user() {
  94. local username=$1
  95. local user_id=$(get_data 2 $username 1 keystone user-list)
  96. if [ -n "$user_id" ]; then
  97. echo "Found existing $username user" >&2
  98. echo $user_id
  99. else
  100. echo "Creating $username user..." >&2
  101. get_id keystone user-create --name=$username \
  102. --pass="$SERVICE_PASSWORD" \
  103. --tenant $SERVICE_TENANT \
  104. --email=$username@example.com
  105. fi
  106. }
  107. add_role() {
  108. local user_id=$1
  109. local tenant=$2
  110. local role_id=$3
  111. local username=$4
  112. user_roles=$(keystone user-role-list \
  113. --user_id $user_id\
  114. --tenant $tenant 2>/dev/null)
  115. die_if_not_set $LINENO user_roles "Fail to get user_roles for tenant($tenant) and user_id($user_id)"
  116. existing_role=$(get_data 1 $role_id 1 echo "$user_roles")
  117. if [ -n "$existing_role" ]
  118. then
  119. echo "User $username already has role $role_id" >&2
  120. return
  121. fi
  122. keystone user-role-add --tenant $tenant \
  123. --user_id $user_id \
  124. --role_id $role_id
  125. }
  126. # Determines if the given option is present in the INI file
  127. # ini_has_option config-file section option
  128. function ini_has_option() {
  129. local file=$1
  130. local section=$2
  131. local option=$3
  132. local line
  133. line=$(sudo sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
  134. [ -n "$line" ]
  135. }
  136. # Set an option in an INI file
  137. # iniset config-file section option value
  138. function iniset() {
  139. local file=$1
  140. local section=$2
  141. local option=$3
  142. local value=$4
  143. if ! sudo grep -q "^\[$section\]" "$file"; then
  144. # Add section at the end
  145. sudo bash -c "echo -e \"\n[$section]\" >>\"$file\""
  146. fi
  147. if ! ini_has_option "$file" "$section" "$option"; then
  148. # Add it
  149. sudo sed -i -e "/^\[$section\]/ a\\
  150. $option = $value
  151. " "$file"
  152. else
  153. # Replace it
  154. sudo sed -i -e "/^\[$section\]/,/^\[.*\]/ s|^\($option[ \t]*=[ \t]*\).*$|\1$value|" "$file"
  155. fi
  156. }
  157. #create keystone user with admin privileges
  158. ADMIN_ROLE=$(get_data 2 admin 1 keystone role-list)
  159. die_if_not_set $LINENO ADMIN_ROLE "Fail to get ADMIN_ROLE by 'keystone role-list' "
  160. SERVICE_TENANT_ID=$(get_data 2 service 1 keystone tenant-list)
  161. die_if_not_set $LINENO SERVICE_TENANT_ID "Fail to get service tenant 'keystone tenant-list' "
  162. echo ADMIN_ROLE $ADMIN_ROLE
  163. echo SERVICE_TENANT $SERVICE_TENANT
  164. SERVICE_USERID=$(get_user $SERVICE_USERNAME)
  165. die_if_not_set $LINENO SERVICE_USERID "Fail to get user for $SERVICE_USERNAME"
  166. echo SERVICE_USERID $SERVICE_USERID
  167. add_role $SERVICE_USERID $SERVICE_TENANT $ADMIN_ROLE $SERVICE_USERNAME
  168. #create log dir
  169. echo Creating log dir
  170. sudo install -d $LOG_DIR
  171. CONF_FILE=$CONF_DIR/gceapi.conf
  172. APIPASTE_FILE=$CONF_DIR/api-paste.ini
  173. #copy conf files (do not override it)
  174. echo Creating configs
  175. sudo mkdir -p /etc/gceapi > /dev/null
  176. if [ ! -s $CONF_FILE ]; then
  177. sudo cp etc/gceapi/gceapi.conf.sample $CONF_FILE
  178. fi
  179. if [ ! -s $APIPASTE_FILE ]; then
  180. sudo cp etc/gceapi/api-paste.ini $APIPASTE_FILE
  181. fi
  182. sudo cp -nR etc/gceapi/protocols $CONF_DIR
  183. AUTH_CACHE_DIR=${AUTH_CACHE_DIR:-/var/cache/gceapi}
  184. PUBLIC_URL=${OS_AUTH_URL%:*}:8787/
  185. #update default config with some values
  186. iniset $CONF_FILE DEFAULT api_paste_config $APIPASTE_FILE
  187. iniset $CONF_FILE DEFAULT logging_context_format_string "%(asctime)s.%(msecs)03d %(levelname)s %(name)s [%(request_id)s %(user_name)s %(project_name)s] %(instance)s%(message)s"
  188. iniset $CONF_FILE DEFAULT verbose True
  189. iniset $CONF_FILE DEFAULT network_api "$NETWORK_API"
  190. iniset $CONF_FILE DEFAULT region "$REGION"
  191. iniset $CONF_FILE DEFAULT protocol_dir "$CONF_DIR/protocols"
  192. iniset $CONF_FILE DEFAULT keystone_url "$OS_AUTH_URL"
  193. iniset $CONF_FILE database connection "$CONNECTION"
  194. iniset $CONF_FILE keystone_authtoken signing_dir $SIGNING_DIR
  195. iniset $CONF_FILE keystone_authtoken admin_user $SERVICE_USERNAME
  196. iniset $CONF_FILE keystone_authtoken admin_password $SERVICE_PASSWORD
  197. iniset $CONF_FILE keystone_authtoken admin_tenant_name $SERVICE_TENANT
  198. iniset $CONF_FILE keystone_authtoken identity_uri "$OS_AUTH_URL"
  199. #init cache dir
  200. echo Creating signing dir
  201. sudo mkdir -p $AUTH_CACHE_DIR
  202. sudo chown $USER $AUTH_CACHE_DIR
  203. sudo rm -f $AUTH_CACHE_DIR/*
  204. #install it
  205. echo Installing package
  206. sudo python setup.py install
  207. sudo rm -rf build gce_api.egg-info
  208. #recreate database
  209. echo Setuping database
  210. sudo tools/db/gceapi-db-setup deb