diff --git a/snap/patches/openvswitch/0001-ovs-kmod-ctl-source-ovs-lib-dynamically.patch b/patches/openvswitch/0001-ovs-kmod-ctl-source-ovs-lib-dynamically.patch similarity index 100% rename from snap/patches/openvswitch/0001-ovs-kmod-ctl-source-ovs-lib-dynamically.patch rename to patches/openvswitch/0001-ovs-kmod-ctl-source-ovs-lib-dynamically.patch diff --git a/scripts/mysql/mysql-startup b/scripts/mysql/mysql-startup new file mode 100755 index 0000000..2c027cd --- /dev/null +++ b/scripts/mysql/mysql-startup @@ -0,0 +1,75 @@ +#!/bin/bash +# Copyright (c) 2017, Oracle and/or its affiliates. All rights reserved. +# +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program; if not, write to the Free Software +# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA + +set -e +init_config() { + mkdir "${CONFDIR}" + echo "Generating config file in ${CONFFILE}..." + touch "${CONFFILE}" + echo "[mysqld]" >> ${CONFFILE} + echo "pid-file=${RUNDIR}/mysqld.pid" >> ${CONFFILE} + echo "socket=${RUNDIR}/mysqld.sock" >> ${CONFFILE} + echo "datadir=${DATADIR}" >> ${CONFFILE} + echo "log-error=${LOGDIR}/error.log" >> ${CONFFILE} + echo "secure-file-priv=${FILESDIR}" >> ${CONFFILE} + echo "basedir=${BASEDIR}" >> ${CONFFILE} + echo "[mysql]" >> ${CONFFILE} + echo "socket=${RUNDIR}/mysqld.sock" >> ${CONFFILE} + echo "Done" +} + +init_database() { + echo "Initializing new database in ${DATADIR}..." + mkdir "${DATADIR}" + mysqld --defaults-file="${CONFFILE}" --initialize + echo "Done" + cat ${LOGDIR}/error.log | grep "temporary password" +} + +USERID=$(id -u) +if [ "${USERID}" = "0" ];then + MYSQL_SNAPDIR="${SNAP_COMMON}" +else + MYSQL_SNAPDIR="${SNAP_USER_COMMON}" +fi +DATADIR="${MYSQL_SNAPDIR}/data" +RUNDIR="${MYSQL_SNAPDIR}/run" +LOGDIR="${MYSQL_SNAPDIR}/log" +CONFDIR="${MYSQL_SNAPDIR}/conf" +CONFFILE="${CONFDIR}/my.cnf" +FILESDIR="${MYSQL_SNAPDIR}/files" +BASEDIR="${SNAP}/usr" + +[ -d "${LOGDIR}" ] || mkdir "${LOGDIR}" +[ -f "${LOGDIR}/error.log" ] || touch "${LOGDIR}/error.log" +[ -d "${FILESDIR}" ] || mkdir "${FILESDIR}" +[ -d "${RUNDIR}" ] || mkdir "${RUNDIR}" +[ -d "${CONFDIR}" ] || init_config +[ -d "${DATADIR}" ] || init_database + +if [ "${USERID}" = "0" ]; +then + # Ensure mysql user exists and that the correct permissions are set on various directories + getent group mysql || addgroup mysql + adduser --system --disabled-login --ingroup mysql --home /nonexistent --gecos "MySQL Server" --shell /bin/false mysql >/dev/null + chown -R mysql:mysql "${LOGDIR}" "${FILESDIR}" "${DATADIR}" "${RUNDIR}" + chmod 750 "${LOGDIR}" "${DATADIR}" + chmod 770 "${FILESDIR}" + chmod 755 "${RUNDIR}" + VARS="--user=mysql" +fi +echo "user=root" >> ${CONFFILE} +echo "password=`sudo cat /var/snap/microstack/common/log/error.log | grep "temporary password" | cut -d " " -f11`" >> ${CONFFILE} diff --git a/snap/bin/sudo b/snap/bin/sudo new file mode 100755 index 0000000..b3f018c --- /dev/null +++ b/snap/bin/sudo @@ -0,0 +1,5 @@ +#!/bin/bash +# fake sudo script - as daemons run as root use of real sudo is not required +# strip sudo off args and re-exec command + +${@} diff --git a/snap/etc/glance/glance.conf.d/database.conf b/snap/etc/glance/glance.conf.d/database.conf new file mode 100644 index 0000000..d41f73f --- /dev/null +++ b/snap/etc/glance/glance.conf.d/database.conf @@ -0,0 +1,2 @@ +[database] +connection = mysql+pymysql://glance:glance@localhost/glance diff --git a/snap/etc/glance/glance.conf.d/keystone.conf b/snap/etc/glance/glance.conf.d/keystone.conf new file mode 100644 index 0000000..313889e --- /dev/null +++ b/snap/etc/glance/glance.conf.d/keystone.conf @@ -0,0 +1,13 @@ +[keystone_authtoken] +auth_uri = http://localhost:5000 +auth_url = http://localhost:5000 +memcached_servers = localhost:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = glance +password = glance + +[paste_deploy] +flavor = keystone diff --git a/snap/etc/keystone/keystone.conf.d/database.conf b/snap/etc/keystone/keystone.conf.d/database.conf new file mode 100644 index 0000000..e551120 --- /dev/null +++ b/snap/etc/keystone/keystone.conf.d/database.conf @@ -0,0 +1,2 @@ +[database] +connection = mysql+pymysql://keystone:keystone@localhost/keystone diff --git a/snap/etc/neutron/dhcp_agent.ini b/snap/etc/neutron/dhcp_agent.ini new file mode 100644 index 0000000..c509e82 --- /dev/null +++ b/snap/etc/neutron/dhcp_agent.ini @@ -0,0 +1,4 @@ +[DEFAULT] +interface_driver = openvswitch +dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq +enable_isolated_metadata = True diff --git a/snap/etc/neutron/l3_agent.ini b/snap/etc/neutron/l3_agent.ini new file mode 100644 index 0000000..015179f --- /dev/null +++ b/snap/etc/neutron/l3_agent.ini @@ -0,0 +1,2 @@ +[DEFAULT] +interface_driver = openvswitch diff --git a/snap/etc/neutron/metadata_agent.ini b/snap/etc/neutron/metadata_agent.ini new file mode 100644 index 0000000..22dc623 --- /dev/null +++ b/snap/etc/neutron/metadata_agent.ini @@ -0,0 +1,3 @@ +[DEFAULT] +nova_metadata_ip = localhost +metadata_proxy_shared_secret = supersecret diff --git a/snap/etc/neutron/neutron.conf.d/database.conf b/snap/etc/neutron/neutron.conf.d/database.conf new file mode 100644 index 0000000..1028c5c --- /dev/null +++ b/snap/etc/neutron/neutron.conf.d/database.conf @@ -0,0 +1,2 @@ +[database] +connection = mysql+pymysql://neutron:neutron@localhost/neutron diff --git a/snap/etc/neutron/neutron.conf.d/keystone.conf b/snap/etc/neutron/neutron.conf.d/keystone.conf new file mode 100644 index 0000000..ca65656 --- /dev/null +++ b/snap/etc/neutron/neutron.conf.d/keystone.conf @@ -0,0 +1,13 @@ +[DEFAULT] +auth_strategy = keystone + +[keystone_authtoken] +auth_uri = http://localhost:5000 +auth_url = http://localhost:5000 +memcached_servers = localhost:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = neutron +password = neutron diff --git a/snap/etc/neutron/neutron.conf.d/nova.conf b/snap/etc/neutron/neutron.conf.d/nova.conf new file mode 100644 index 0000000..9eaada9 --- /dev/null +++ b/snap/etc/neutron/neutron.conf.d/nova.conf @@ -0,0 +1,13 @@ +[DEFAULT] +notify_nova_on_port_status_changes = True +notify_nova_on_port_data_changes = True + +[nova] +auth_url = http://localhost:5000 +auth_type = password +project_domain_name = default +user_domain_name = default +region_name = RegionOne +project_name = service +username = nova +password = nova diff --git a/snap/etc/neutron/neutron.conf.d/workers.conf b/snap/etc/neutron/neutron.conf.d/workers.conf new file mode 100644 index 0000000..c804948 --- /dev/null +++ b/snap/etc/neutron/neutron.conf.d/workers.conf @@ -0,0 +1,3 @@ +[DEFAULT] +api_workers = 4 +rpc_workers = 4 diff --git a/snap/etc/neutron/plugins/ml2/ml2_conf.ini b/snap/etc/neutron/plugins/ml2/ml2_conf.ini index 8b0de27..f86ee82 100644 --- a/snap/etc/neutron/plugins/ml2/ml2_conf.ini +++ b/snap/etc/neutron/plugins/ml2/ml2_conf.ini @@ -1,6 +1,6 @@ [ml2] -mechanism_drivers = openvswitch,l2population -extension_drivers = port_security +mechanism_drivers = openvswitch +extension_drivers = port_security,trunk,qos tenant_network_types = geneve,gre,vxlan [ml2_type_geneve] diff --git a/snap/etc/neutron/plugins/ml2/openvswitch_agent.ini b/snap/etc/neutron/plugins/ml2/openvswitch_agent.ini new file mode 100644 index 0000000..45d070c --- /dev/null +++ b/snap/etc/neutron/plugins/ml2/openvswitch_agent.ini @@ -0,0 +1,7 @@ +# Snap provided defaults for neutron-openvswitch-agent +[securitygroup] +enable_security_group = True +firewall_driver = iptables_hybrid + +[AGENT] +tunnel_types = geneve,vxlan,gre diff --git a/snap/etc/nova/nova.conf b/snap/etc/nova/nova.conf index a91150c..ccf8ad9 100644 --- a/snap/etc/nova/nova.conf +++ b/snap/etc/nova/nova.conf @@ -1,7 +1,4 @@ # Snap distribution defaults - do not change, override in $SNAP_COMMON/etc/nova.conf.d -[DEFAULT] -logdir=/var/snap/nova/common/log/ - [wsgi] secure_proxy_ssl_header = HTTP_X_FORWARDED_PROTO diff --git a/snap/etc/nova/nova.conf.d/database.conf b/snap/etc/nova/nova.conf.d/database.conf new file mode 100644 index 0000000..875e1f9 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/database.conf @@ -0,0 +1,5 @@ +[database] +connection = mysql+pymysql://nova:nova@localhost/nova + +[api_database] +connection = mysql+pymysql://nova_api:nova_api@localhost/nova_api diff --git a/snap/etc/nova/nova.conf.d/glance.conf b/snap/etc/nova/nova.conf.d/glance.conf new file mode 100644 index 0000000..3c7673b --- /dev/null +++ b/snap/etc/nova/nova.conf.d/glance.conf @@ -0,0 +1,2 @@ +[glance] +api_servers = http://localhost:9292 diff --git a/snap/etc/nova/nova.conf.d/hypervisor.conf b/snap/etc/nova/nova.conf.d/hypervisor.conf new file mode 100644 index 0000000..2623e32 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/hypervisor.conf @@ -0,0 +1,8 @@ +[DEFAULT] +compute_driver = libvirt.LibvirtDriver + +[workarounds] +disable_rootwrap = True + +[libvirt] +virt_type = kvm diff --git a/snap/etc/nova/nova.conf.d/keystone.conf b/snap/etc/nova/nova.conf.d/keystone.conf new file mode 100644 index 0000000..d9c6f60 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/keystone.conf @@ -0,0 +1,13 @@ +[keystone_authtoken] +auth_uri = http://localhost:5000 +auth_url = http://localhost:5000 +memcached_servers = localhost:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = nova +password = nova + +[paste_deploy] +flavor = keystone diff --git a/snap/etc/nova/nova.conf.d/neutron.conf b/snap/etc/nova/nova.conf.d/neutron.conf new file mode 100644 index 0000000..fbdd280 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/neutron.conf @@ -0,0 +1,15 @@ +[DEFAULT] +use_neutron = True +firewall_driver = nova.virt.firewall.NoopFirewallDriver + +[neutron] +url = http://localhost:9696 +auth_url = http://localhost:5000 +memcached_servers = localhost:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +region_name = RegionOne +project_name = service +username = neutron +password = neutron diff --git a/snap/etc/nova/nova.conf.d/nova-placement.conf b/snap/etc/nova/nova.conf.d/nova-placement.conf new file mode 100644 index 0000000..4503a1d --- /dev/null +++ b/snap/etc/nova/nova.conf.d/nova-placement.conf @@ -0,0 +1,9 @@ +[placement] +os_region_name = RegionOne +project_domain_name = default +project_name = service +auth_type = password +user_domain_name = default +auth_url = http://localhost:5000 +username = placement +password = placement diff --git a/snap/etc/nova/nova.conf.d/rabbitmq.conf b/snap/etc/nova/nova.conf.d/rabbitmq.conf new file mode 100644 index 0000000..7988700 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/rabbitmq.conf @@ -0,0 +1,2 @@ +[DEFAULT] +transport_url = rabbit://openstack:rabbitmq@localhost diff --git a/snap/etc/nova/nova.conf.d/scheduler.conf b/snap/etc/nova/nova.conf.d/scheduler.conf new file mode 100644 index 0000000..6dc1b29 --- /dev/null +++ b/snap/etc/nova/nova.conf.d/scheduler.conf @@ -0,0 +1,3 @@ +[scheduler] +discover_hosts_in_cells_interval = 30 +scheduler_driver = filter_scheduler diff --git a/snap/etc/nova/nova.conf.d/workers.conf b/snap/etc/nova/nova.conf.d/workers.conf new file mode 100644 index 0000000..459d11a --- /dev/null +++ b/snap/etc/nova/nova.conf.d/workers.conf @@ -0,0 +1,9 @@ +[DEFAULT] +osapi_compute_workers = 4 +metadata_workers = 4 + +[conductor] +workers = 4 + +[scheduler] +workers = 4 diff --git a/snap/hooks/configure b/snap/hooks/configure index 6c5402f..0a5b4ec 100755 --- a/snap/hooks/configure +++ b/snap/hooks/configure @@ -1,5 +1,10 @@ #!/bin/bash -e +# Openstack Prep +# which openstack || echo "This snap currently requires the python openstack client to be installed and in your path. The intent is to add the client in before development is complete."; exit 1 + +# QEMU Setup +echo "qemu setup" driver="$(snapctl get driver)" if [[ -n $driver && ! $driver =~ (LIBVIRT|QEMU) ]]; then @@ -15,3 +20,30 @@ if [[ $driver != $driver_saved ]]; then echo "$driver" > $SNAP_COMMON/driver snapctl restart $SNAP_NAME fi + +# MySQL Setup +MYSQL_PASSWORD=fnord # TODO use snapctl + +echo "ALTER USER 'root'@'localhost' IDENTIFIED BY 'fnord';" | mysql-start-client -u root + +# Keystone Setup +echo "CREATE DATABASE IF NOT EXISTS keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';" | mysql-start-client -u root -p"$MYSQL_PASSWORD" + +snap-openstack keystone-manage fernet_setup --keystone-user root --keystone-group root +snap-openstack keystone-manage db_sync + +sudo systemctl restart snap.microstack.* + +openstack user show admin || { + snap-openstack keystone-manage bootstrap \ + --bootstrap-password $OS_PASSWORD \ + --bootstrap-admin-url http://localhost:35357/v3/ \ + --bootstrap-internal-url http://localhost:35357/v3/ \ + --bootstrap-public-url http://localhost:5000/v3/ \ + --bootstrap-region-id RegionOne +} + +openstack project show service || { + openstack project create --domain default --description "Service Project" service +} + diff --git a/snap/hooks/install b/snap/hooks/install index 4eca4cc..bcb7173 100755 --- a/snap/hooks/install +++ b/snap/hooks/install @@ -3,3 +3,62 @@ set -e install -D $SNAP/var/snap/microstack/common/libvirt/libvirtd.conf $SNAP_COMMON/libvirt/libvirtd.conf sed -i 's/unix_sock_group = "libvirtd"/unix_sock_group = "sudo"/' $SNAP_COMMON/libvirt/libvirtd.conf + +# Mysql setup script +set -e +init_config() { + mkdir "${CONFDIR}" + echo "Generating config file in ${CONFFILE}..." + touch "${CONFFILE}" + echo "[mysqld]" >> ${CONFFILE} + echo "pid-file=${RUNDIR}/mysqld.pid" >> ${CONFFILE} + echo "socket=${RUNDIR}/mysqld.sock" >> ${CONFFILE} + echo "datadir=${DATADIR}" >> ${CONFFILE} + echo "log-error=${LOGDIR}/error.log" >> ${CONFFILE} + echo "secure-file-priv=${FILESDIR}" >> ${CONFFILE} + echo "basedir=${BASEDIR}" >> ${CONFFILE} + echo "[mysql]" >> ${CONFFILE} + echo "socket=${RUNDIR}/mysqld.sock" >> ${CONFFILE} + echo "Done" +} + +init_database() { + echo "Initializing new database in ${DATADIR}..." + mkdir "${DATADIR}" + mysqld --defaults-file="${CONFFILE}" --initialize + echo "Done" + cat ${LOGDIR}/error.log | grep "temporary password" +} + +USERID=$(id -u) +if [ "${USERID}" = "0" ];then + MYSQL_SNAPDIR="${SNAP_COMMON}" +else + MYSQL_SNAPDIR="${SNAP_USER_COMMON}" +fi +DATADIR="${MYSQL_SNAPDIR}/data" +RUNDIR="${MYSQL_SNAPDIR}/run" +LOGDIR="${MYSQL_SNAPDIR}/log" +CONFDIR="${MYSQL_SNAPDIR}/conf" +CONFFILE="${CONFDIR}/my.cnf" +FILESDIR="${MYSQL_SNAPDIR}/files" +BASEDIR="${SNAP}/usr" + +[ -d "${LOGDIR}" ] || mkdir "${LOGDIR}" +[ -f "${LOGDIR}/error.log" ] || touch "${LOGDIR}/error.log" +[ -d "${FILESDIR}" ] || mkdir "${FILESDIR}" +[ -d "${RUNDIR}" ] || mkdir "${RUNDIR}" +[ -d "${CONFDIR}" ] || init_config +[ -d "${DATADIR}" ] || init_database + +if [ "${USERID}" = "0" ]; +then + # Ensure mysql user exists and that the correct permissions are set on various directories + getent group mysql || addgroup mysql + adduser --system --disabled-login --ingroup mysql --home /nonexistent --gecos "MySQL Server" --shell /bin/false mysql >/dev/null + chown -R mysql:mysql "${LOGDIR}" "${FILESDIR}" "${DATADIR}" "${RUNDIR}" + chmod 750 "${LOGDIR}" "${DATADIR}" + chmod 770 "${FILESDIR}" + chmod 755 "${RUNDIR}" + VARS="--user=mysql" +fi diff --git a/snap/snap-openstack.yaml b/snap/snap-openstack.yaml index 5541177..a6417c2 100644 --- a/snap/snap-openstack.yaml +++ b/snap/snap-openstack.yaml @@ -10,11 +10,14 @@ setup: - "{snap_common}/etc/nginx/sites-enabled" - "{snap_common}/etc/nginx/snap/sites-enabled" - "{snap_common}/etc/glance/glance.conf.d" - - "{snap_common}/etc/horizon/horizon.conf.d" - - "{snap_common}/etc/uwsgi/snap" + - "{snap_common}/etc/horizon/horizon.conf.d" + - "{snap_common}/etc/keystone/uwsgi/snap" + - "{snap_common}/etc/cinder/uwsgi/snap" + - "{snap_common}/etc/nova/uwsgi/snap" + - "{snap_common}/etc/horizon/uwsgi/snap" - "{snap_common}/fernet-keys" - "{snap_common}/lib" - - "{snap_common}/lib/images" + - "{snap_common}/lib/images" - "{snap_common}/lock" - "{snap_common}/log" - "{snap_common}/run" @@ -31,6 +34,8 @@ setup: # TODO add local_settings.py horizon-snap.conf.j2: "{snap_common}/etc/horizon/horizon.conf.d/horizon-snap.conf" horizon-nginx.conf.j2: "{snap_common}/etc/nginx/snap/sites-enabled/horizon.conf" + chmod: + "{snap_common}/instances": 0755 entry_points: keystone-manage: binary: "{snap}/bin/keystone-manage" @@ -42,9 +47,9 @@ entry_points: - "{snap_common}/etc/keystone/keystone.conf.d" keystone-uwsgi: type: uwsgi - uwsgi-dir: "{snap_common}/etc/uwsgi/snap" - uwsgi-dir-override: "{snap_common}/etc/uwsgi" - uwsgi-log: "{snap_common}/log/uwsgi.log" + uwsgi-dir: "{snap_common}/etc/keystone/uwsgi/snap" + uwsgi-dir-override: "{snap_common}/etc/keystone/uwsgi" + uwsgi-log: "{snap_common}/log/keystone-uwsgi.log" config-files: - "{snap}/etc/keystone/keystone.conf" config-files-override: @@ -53,8 +58,7 @@ entry_points: - "{snap_common}/etc/keystone/keystone.conf.d" log-file: "{snap_common}/log/keystone.log" templates: - admin.ini.j2: "{snap_common}/etc/uwsgi/snap/admin.ini" - public.ini.j2: "{snap_common}/etc/uwsgi/snap/public.ini" + keystone-api.ini.j2: "{snap_common}/etc/keystone/uwsgi/snap/keystone-api.ini" nginx: type: nginx config-file: "{snap_common}/etc/nginx/snap/nginx.conf" @@ -70,9 +74,9 @@ entry_points: log-file: "{snap_common}/log/nova-api-os-compute.log" nova-uwsgi: type: uwsgi - uwsgi-dir: "{snap_common}/etc/uwsgi/snap" - uwsgi-dir-override: "{snap_common}/etc/uwsgi" - uwsgi-log: "{snap_common}/log/uwsgi.log" + uwsgi-dir: "{snap_common}/etc/nova/uwsgi/snap" + uwsgi-dir-override: "{snap_common}/etc/nova/uwsgi" + uwsgi-log: "{snap_common}/log/nova-uwsgi.log" config-files: - "{snap}/etc/nova/nova.conf" config-files-override: @@ -82,7 +86,7 @@ entry_points: log-file: "{snap_common}/log/nova-placement-api.log" templates: nova-placement-api.ini.j2: - "{snap_common}/etc/uwsgi/snap/nova-placement-api.ini" + "{snap_common}/etc/nova/uwsgi/snap/nova-placement-api.ini" nova-conductor: binary: "{snap}/bin/nova-conductor" config-files: @@ -101,15 +105,24 @@ entry_points: config-dirs: - "{snap_common}/etc/nova/nova.conf.d" log-file: "{snap_common}/log/nova-scheduler.log" - nova-consoleauth: - binary: "{snap}/bin/nova-consoleauth" + nova-compute: + binary: "{snap}/bin/nova-compute" config-files: - "{snap}/etc/nova/nova.conf" config-files-override: - "{snap_common}/etc/nova/nova.conf" config-dirs: - "{snap_common}/etc/nova/nova.conf.d" - log-file: "{snap_common}/log/nova-consoleauth.log" + log-file: "{snap_common}/log/nova-compute.log" + nova-api-metadata: + binary: "{snap}/bin/nova-api-metadata" + config-files: + - "{snap}/etc/nova/nova.conf" + config-files-override: + - "{snap_common}/etc/nova/nova.conf" + config-dirs: + - "{snap_common}/etc/nova/nova.conf.d" + log-file: "{snap_common}/log/nova-api-metadata.log" nova-manage: binary: "{snap}/bin/nova-manage" config-files: @@ -139,6 +152,66 @@ entry_points: config-dirs: - "{snap_common}/etc/neutron/neutron.conf.d" log-file: "{snap_common}/log/neutron-server.log" + neutron-openvswitch-agent: + binary: "{snap}/bin/neutron-openvswitch-agent" + config-files: + - "{snap}/etc/neutron/neutron.conf" + - "{snap}/etc/neutron/plugins/ml2/openvswitch_agent.ini" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + - "{snap_common}/etc/neutron/plugins/ml2/openvswitch_agent.ini" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + log-file: "{snap_common}/log/neutron-openvswitch-agent.log" + neutron-ovs-cleanup: + binary: "{snap}/bin/neutron-ovs-cleanup" + config-files: + - "{snap}/etc/neutron/neutron.conf" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + neutron-netns-cleanup: + binary: "{snap}/bin/neutron-netns-cleanup" + config-files: + - "{snap}/etc/neutron/neutron.conf" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + neutron-l3-agent: + binary: "{snap}/bin/neutron-l3-agent" + config-files: + - "{snap}/etc/neutron/neutron.conf" + - "{snap}/etc/neutron/l3_agent.ini" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + - "{snap_common}/etc/neutron/l3_agent.ini" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + log-file: "{snap_common}/log/neutron-l3-agent.log" + neutron-dhcp-agent: + binary: "{snap}/bin/neutron-dhcp-agent" + config-files: + - "{snap}/etc/neutron/neutron.conf" + - "{snap}/etc/neutron/dhcp_agent.ini" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + - "{snap_common}/etc/neutron/dhcp_agent.ini" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + log-file: "{snap_common}/log/neutron-dhcp-agent.log" + neutron-metadata-agent: + binary: "{snap}/bin/neutron-metadata-agent" + config-files: + - "{snap}/etc/neutron/neutron.conf" + - "{snap}/etc/neutron/metadata_agent.ini" + config-files-override: + - "{snap_common}/etc/neutron/neutron.conf" + - "{snap_common}/etc/neutron/metadata_agent.ini" + config-dirs: + - "{snap_common}/etc/neutron/neutron.conf.d" + log-file: "{snap_common}/log/neutron-metadata-agent.log" glance-manage: binary: "{snap}/bin/glance-manage" config-files: @@ -202,9 +275,9 @@ entry_points: log-file: "{snap_common}/log/cinder-volume.log" cinder-uwsgi: type: uwsgi - uwsgi-dir: "{snap_common}/etc/uwsgi/snap" - uwsgi-dir-override: "{snap_common}/etc/uwsgi" - uwsgi-log: "{snap_common}/log/uwsgi.log" + uwsgi-dir: "{snap_common}/etc/cinder/uwsgi/snap" + uwsgi-dir-override: "{snap_common}/etc/cinder/uwsgi" + uwsgi-log: "{snap_common}/log/cinder-uwsgi.log" config-files: - "{snap}/etc/cinder/cinder.conf" config-files-override: @@ -213,18 +286,18 @@ entry_points: - "{snap_common}/etc/cinder/cinder.conf.d" log-file: "{snap_common}/log/cinder-api.log" templates: - cinder-api.ini.j2: "{snap_common}/etc/uwsgi/snap/cinder-api.ini" + cinder-api.ini.j2: "{snap_common}/etc/cinder/uwsgi/snap/cinder-api.ini" horizon-uwsgi: type: uwsgi - uwsgi-dir: "{snap_common}/etc/uwsgi/snap" - uwsgi-dir-override: "{snap_common}/etc/uwsgi" - uwsgi-log: "{snap_common}/log/uwsgi.log" + uwsgi-dir: "{snap_common}/etc/horizon/uwsgi/snap" + uwsgi-dir-override: "{snap_common}/etc/horizon/uwsgi" + uwsgi-log: "{snap_common}/log/horizon-uwsgi.log" config-files: - "{snap}/etc/horizon/horizon.conf" config-files-override: - "{snap_common}/etc/horizon/horizon.conf" config-dirs: - "{snap_common}/etc/horizon/horizon.conf.d" - log-file: "{snap_common}/log/horizon-api.log" + log-file: "{snap_common}/log/horizon.log" templates: - horizon-api.ini.j2: "{snap_common}/etc/uwsgi/snap/horizon-api.ini" + horizon.ini.j2: "{snap_common}/etc/horizon/uwsgi/snap/horizon.ini" diff --git a/snap/templates/admin.ini.j2 b/snap/templates/admin.ini.j2 deleted file mode 100644 index fd4e4f0..0000000 --- a/snap/templates/admin.ini.j2 +++ /dev/null @@ -1,11 +0,0 @@ -[uwsgi] -wsgi-file = {{ snap }}/bin/keystone-wsgi-admin -uwsgi-socket = {{ snap_common }}/run/admin.sock -buffer-size = 65535 -master = true -enable-threads = true -processes = 4 -thunder-lock = true -lazy-apps = true -home = {{ snap }}/usr -pyargv = {{ pyargv }} diff --git a/snap/templates/horizon-api.ini.j2 b/snap/templates/horizon.ini.j2 similarity index 83% rename from snap/templates/horizon-api.ini.j2 rename to snap/templates/horizon.ini.j2 index 04d7aaf..68297ac 100644 --- a/snap/templates/horizon-api.ini.j2 +++ b/snap/templates/horizon.ini.j2 @@ -4,8 +4,8 @@ # the service it provides, and you may even need to provide multiple uwsgi files # if there is more than one wsgi application. [uwsgi] -wsgi-file = {{ snap }}/bin/horizon-wsgi-file-name -uwsgi-socket = {{ snap_common }}/run/api-name.sock +wsgi-file = {{ snap }}/bin/horizon-wsgi +uwsgi-socket = {{ snap_common }}/run/horizon.sock buffer-size = 65535 master = true enable-threads = true diff --git a/snap/templates/public.ini.j2 b/snap/templates/keystone-api.ini.j2 similarity index 79% rename from snap/templates/public.ini.j2 rename to snap/templates/keystone-api.ini.j2 index 7357d53..6072a39 100644 --- a/snap/templates/public.ini.j2 +++ b/snap/templates/keystone-api.ini.j2 @@ -1,6 +1,6 @@ [uwsgi] wsgi-file = {{ snap }}/bin/keystone-wsgi-public -uwsgi-socket = {{ snap_common }}/run/public.sock +uwsgi-socket = {{ snap_common }}/run/keystone-api.sock buffer-size = 65535 master = true enable-threads = true diff --git a/snap/templates/keystone-nginx.conf.j2 b/snap/templates/keystone-nginx.conf.j2 index a39bada..6172998 100644 --- a/snap/templates/keystone-nginx.conf.j2 +++ b/snap/templates/keystone-nginx.conf.j2 @@ -5,16 +5,6 @@ server { location / { include {{ snap }}/usr/conf/uwsgi_params; uwsgi_param SCRIPT_NAME ''; - uwsgi_pass unix://{{ snap_common }}/run/public.sock; - } -} -server { - listen 35357; - access_log {{ snap_common }}/log/nginx-access.log; - error_log {{ snap_common }}/log/nginx-error.log; - location / { - include {{ snap }}/usr/conf/uwsgi_params; - uwsgi_param SCRIPT_NAME ''; - uwsgi_pass unix://{{ snap_common }}/run/admin.sock; + uwsgi_pass unix://{{ snap_common }}/run/keystone-api.sock; } } diff --git a/snap/templates/nova-snap.conf.j2 b/snap/templates/nova-snap.conf.j2 index f683970..330511f 100644 --- a/snap/templates/nova-snap.conf.j2 +++ b/snap/templates/nova-snap.conf.j2 @@ -2,6 +2,9 @@ # Set state path to writable directory state_path = {{ snap_common }}/lib +# Set logging directory +log-dir = {{ snap_common }}/log + [oslo_concurrency] # Oslo Concurrency lock path lock_path = {{ snap_common }}/lock diff --git a/snapcraft.yaml b/snapcraft.yaml index 9319a24..84cf7f2 100644 --- a/snapcraft.yaml +++ b/snapcraft.yaml @@ -12,8 +12,28 @@ environment: PATH: $SNAP/usr/sbin:$SNAP/usr/bin:$SNAP/sbin:$SNAP/bin:$PATH LC_ALL: C OS_PLACEMENT_CONFIG_DIR: $SNAP/etc/nova/ + # admin rc (TODO: put this someplace more sensible) + OS_PROJECT_DOMAIN_NAME: default + OS_USER_DOMAIN_NAME: default + OS_PROJECT_NAME: admin + OS_USERNAME: admin + OS_PASSWORD: keystone + OS_AUTH_URL: http://localhost:5000 + OS_IDENTITY_API_VERSION: 3 + OS_IMAGE_API_VERSION: 2 apps: + # Openstack + openstack: + command: openstack + plugs: + - network + configure-the-things: + command: bin/configure-the-things.sh + plugs: + - network + - process-control + # Keystone keystone-uwsgi: command: snap-openstack keystone-uwsgi @@ -46,11 +66,22 @@ apps: daemon: simple plugs: - network - nova-consoleauth: - command: snap-openstack nova-consoleauth + nova-compute: + command: snap-openstack nova-compute daemon: simple plugs: - - network + - network-bind + - network-control + - firewall-control + - hardware-observe + - libvirt + - openvswitch + nova-api-metadata: + command: snap-openstack nova-api-metadata + daemon: simple + plugs: + - network-bind + - firewall-control nova-manage: command: snap-openstack nova-manage plugs: @@ -62,7 +93,58 @@ apps: daemon: simple plugs: - network-bind - neutron-manage: + neutron-openvswitch-agent: + command: snap-openstack neutron-openvswitch-agent + daemon: simple + plugs: + - network-bind + - network-control + - network-observe + - firewall-control + - process-control + - system-observe + - openvswitch + neutron-l3-agent: + command: snap-openstack neutron-l3-agent + daemon: simple + plugs: + - network-bind + - network-control + - network-observe + - firewall-control + - process-control + - system-observe + - openvswitch + neutron-dhcp-agent: + command: snap-openstack neutron-dhcp-agent + daemon: simple + plugs: + - network + - network-bind + - network-control + - network-observe + - process-control + - system-observe + - openvswitch + neutron-metadata-agent: + command: snap-openstack neutron-metadata-agent + daemon: simple + plugs: + - network + - network-bind + - network-control + neutron-ovs-cleanup: + command: snap-openstack neutron-ovs-cleanup + plugs: + - network + - network-control + - openvswitch + neutron-netns-cleanup: + command: snap-openstack neutron-netns-cleanup + plugs: + - network + - network-control + neutron-db-manage: command: snap-openstack neutron-db-manage plugs: - network @@ -209,7 +291,7 @@ apps: - network # Horizon - uwsgi: + horizon-uwsgi: command: snap-openstack horizon-uwsgi daemon: simple plugs: @@ -236,6 +318,10 @@ parts: - libssl-dev - libsqlite3-dev + configure-the-things: + plugin: dump + source: src/experiments + keystone-config: after: [keystone] plugin: dump @@ -245,6 +331,7 @@ parts: etc/*.ini: etc/keystone/ etc/*.json: etc/keystone/ etc/*.templates: etc/keystone/ + filesets: etc: - etc/keystone/*.conf @@ -261,6 +348,7 @@ parts: python-version: python2 source: http://tarballs.openstack.org/nova/nova-stable-rocky.tar.gz python-packages: + - libvirt-python - pymysql - uwsgi - python-memcached @@ -272,6 +360,11 @@ parts: - libssl-dev - libxml2-dev - libxslt1-dev + - libvirt-dev + stage-packages: + - conntrack + - coreutils + - qemu-utils nova-config: after: [nova] @@ -357,7 +450,7 @@ parts: # Openvswitch ovs-patches: - source: snap/patches/ + source: patches/ plugin: dump organize: '*' : patches/ @@ -554,7 +647,7 @@ parts: mysql-start-server: bin/mysql-start-server mysql-start-client: bin/mysql-start-client - # RabbitMQa + # RabbitMQ rabbitmq-server: source: ./scripts/rabbitmq plugin: dump diff --git a/src/experiments/bin/configure-the-things.sh b/src/experiments/bin/configure-the-things.sh new file mode 100755 index 0000000..319504f --- /dev/null +++ b/src/experiments/bin/configure-the-things.sh @@ -0,0 +1,9 @@ +#!/bin/bash + +set -ex + +/var/snap/microstack/common/bin/configure-the-things.sh + +exit 0 + +microstack.mysql-client -u root -p$(`sudo cat /var/snap/microstack/common/log/error.log | grep "temporary password" | cut -d " " -f11`) --connect-expired-password | echo "ALTER USER 'root'@'localhost' IDENTIFIED BY 'fnord';" diff --git a/tests/configure-the-things.sh b/tests/configure-the-things.sh new file mode 100644 index 0000000..af2dd31 --- /dev/null +++ b/tests/configure-the-things.sh @@ -0,0 +1,37 @@ +#!/bin/bash +# This is a script that helps test configure and install hook commands, +# without the need to rebuild the snap with each change. It works in +# concert with a "configure-the-things" app in the snap, which will +# find and run this script if you put it in the right place. +# To use this script: +# 1) Install microstack on a machine +# 2) Copy (or symlink) this script into +# /var/snap/microstack/common/bin/configure-the-things.sh +# 3) Run microstack.configure-the-things + +set -ex + +MYSQL_PASSWORD=fnord # TODO use snapctl +MYSQL_TMP_PASSWORD=`sudo cat /var/snap/microstack/common/log/error.log | grep "temporary password" | cut -d " " -f11` + +echo "ALTER USER 'root'@'localhost' IDENTIFIED BY 'fnord';" | microstack.mysql-client -u root -p"$MYSQL_TMP_PASSWORD" --connect-expired-password + +echo "CREATE DATABASE IF NOT EXISTS keystone; GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';" | sudo microstack.mysql-client -u root -p"$MYSQL_PASSWORD" + +sudo microstack.keystone-manage fernet_setup --keystone-user root --keystone-group root +sudo microstack.keystone-manage db_sync + +sudo systemctl restart snap.microstack.* + +microstack.openstack user show admin || { + sudo microstack.keystone-manage bootstrap \ + --bootstrap-password $OS_PASSWORD \ + --bootstrap-admin-url http://localhost:5000/v3/ \ + --bootstrap-internal-url http://localhost:5000/v3/ \ + --bootstrap-public-url http://localhost:5000/v3/ \ + --bootstrap-region-id RegionOne +} + +microstack.openstack project show service || { + microstack.openstack project create --domain default --description "Service Project" service +}