ba23cc73 |
#!/usr/bin/env bash
|
c6c1d439 |
# ``stack.sh`` is an opinionated OpenStack developer installation. It |
e9a4750f |
# installs and configures various combinations of **Cinder**, **Glance**,
# **Heat**, **Horizon**, **Keystone**, **Nova**, **Neutron**, and **Swift** |
ba23cc73 |
|
27f29440 |
# This script's options can be changed by setting appropriate environment
# variables. You can configure things like which git repositories to use,
# services to enable, OS images to use, etc. Default values are located in the
# ``stackrc`` file. If you are crafty you can run the script on multiple nodes
# using shared settings for common resources (eg., mysql or rabbitmq) and build
# a multi-node developer install. |
782b9917 |
|
4a43b7bd |
# To keep this script simple we assume you are running on a recent **Ubuntu** |
5bee0cd4 |
# (14.04 Trusty or newer), **Fedora** (F20 or newer), or **CentOS/RHEL**
# (7 or newer) machine. (It may work on other platforms but support for those
# platforms is left to those who added them to DevStack.) It should work in |
dc97cb71 |
# a VM or physical server. Additionally, we maintain a list of ``deb`` and |
5bee0cd4 |
# ``rpm`` dependencies and other configuration files in this repo. |
24859060 |
|
0e7e897b |
# Learn more and get the most recent version at http://devstack.org |
6edd17f7 |
|
f0247ed2 |
# Print the commands being run so that we can see the command that triggers
# an error. It is also useful for following along as the install occurs.
set -o xtrace
|
4e971118 |
# Make sure custom grep options don't get in the way
unset GREP_OPTIONS
|
27f29440 |
# Make sure umask is sane
umask 022
|
7df9d1be |
# Not all distros have sbin in PATH for regular users.
PATH=$PATH:/usr/local/sbin:/usr/sbin:/sbin
|
dc97cb71 |
# Keep track of the DevStack directory |
51fb22ef |
TOP_DIR=$(cd $(dirname "$0") && pwd)
|
53753293 |
# Check for uninitialized variables, a big cause of bugs
NOUNSET=${NOUNSET:-}
if [[ -n "$NOUNSET" ]]; then
set -o nounset
fi
|
4af2afcd |
# Set start of devstack timestamp
DEVSTACK_START_TIME=$(date +%s) |
dc97cb71 |
# Configuration
# =============
|
d3bf9bdb |
# Sanity Checks
# -------------
# Clean up last environment var cache
if [[ -r $TOP_DIR/.stackenv ]]; then
rm $TOP_DIR/.stackenv
fi
|
dc97cb71 |
# ``stack.sh`` keeps the list of ``deb`` and ``rpm`` dependencies, config |
d3bf9bdb |
# templates and other useful files in the ``files`` subdirectory
FILES=$TOP_DIR/files
if [ ! -d $FILES ]; then
die $LINENO "missing devstack/files"
fi
# ``stack.sh`` keeps function libraries here |
dc97cb71 |
# Make sure ``$TOP_DIR/inc`` directory is present
if [ ! -d $TOP_DIR/inc ]; then
die $LINENO "missing devstack/inc"
fi
# ``stack.sh`` keeps project libraries here |
d3bf9bdb |
# Make sure ``$TOP_DIR/lib`` directory is present
if [ ! -d $TOP_DIR/lib ]; then
die $LINENO "missing devstack/lib"
fi
|
dc97cb71 |
# Check if run in POSIX shell
if [[ "${POSIXLY_CORRECT}" == "y" ]]; then |
1afc28bf |
set +o xtrace |
dc97cb71 |
echo "You are running POSIX compatibility mode, DevStack requires bash 4.2 or newer."
exit 1
fi
|
d3bf9bdb |
# OpenStack is designed to be run as a non-root user; Horizon will fail to run
# as **root** since Apache will not serve content from **root** user).
# ``stack.sh`` must not be run as **root**. It aborts and suggests one course of
# action to create a suitable user account.
if [[ $EUID -eq 0 ]]; then |
1afc28bf |
set +o xtrace
echo "DevStack should be run as a user with sudo permissions, "
echo "not root."
echo "A \"stack\" user configured correctly can be created with:"
echo " $TOP_DIR/tools/create-stack-user.sh" |
d3bf9bdb |
exit 1
fi
|
90dd262c |
# OpenStack is designed to run at a system level, with system level
# installation of python packages. It does not support running under a
# virtual env, and will fail in really odd ways if you do this. Make
# this explicit as it has come up on the mailing list.
if [[ -n "$VIRTUAL_ENV" ]]; then |
1afc28bf |
set +o xtrace |
90dd262c |
echo "You appear to be running under a python virtualenv." |
c1750401 |
echo "DevStack does not support this, as we may break the" |
90dd262c |
echo "virtualenv you are currently in by modifying "
echo "external system-level components the virtualenv relies on." |
c1750401 |
echo "We recommend you use a separate virtual-machine if " |
90dd262c |
echo "you are worried about DevStack taking over your system."
exit 1
fi
|
56037e9a |
# Provide a safety switch for devstack. If you do a lot of devstack,
# on a lot of different environments, you sometimes run it on the
# wrong box. This makes there be a way to prevent that.
if [[ -e $HOME/.no-devstack ]]; then |
1afc28bf |
set +o xtrace |
56037e9a |
echo "You've marked this host as a no-devstack host, to save yourself from"
echo "running devstack accidentally. If this is in error, please remove the"
echo "~/.no-devstack file"
exit 1
fi |
d9de1199 |
|
d3bf9bdb |
# Prepare the environment
# -----------------------
|
53753293 |
# Initialize variables:
LAST_SPINNER_PID=""
|
6563a3ce |
# Import common functions |
c6c1d439 |
source $TOP_DIR/functions
|
893e6636 |
# Import config functions |
bf2ad701 |
source $TOP_DIR/inc/meta-config |
893e6636 |
|
8c2ce6ea |
# Import 'public' stack.sh functions
source $TOP_DIR/lib/stack
|
c6c1d439 |
# Determine what system we are running on. This provides ``os_VENDOR``, |
7710e7fc |
# ``os_RELEASE``, ``os_PACKAGE``, ``os_CODENAME`` |
a9e0a488 |
# and ``DISTRO``
GetDistro |
6edd17f7 |
|
dc97cb71 |
|
48352ee7 |
# Global Settings |
0e8dcedf |
# --------------- |
9122e7b1 |
|
893e6636 |
# Check for a ``localrc`` section embedded in ``local.conf`` and extract if
# ``localrc`` does not already exist
# Phase: local
rm -f $TOP_DIR/.localrc.auto |
cc6af3fc |
extract_localrc_section $TOP_DIR/local.conf $TOP_DIR/localrc $TOP_DIR/.localrc.auto |
893e6636 |
|
1a6d4492 |
# ``stack.sh`` is customizable by setting environment variables. Override a
# default setting via export:: |
9122e7b1 |
# |
428af5a2 |
# export DATABASE_PASSWORD=anothersecret |
9122e7b1 |
# ./stack.sh
# |
1a6d4492 |
# or by setting the variable on the command line:: |
9122e7b1 |
# |
1a6d4492 |
# DATABASE_PASSWORD=simple ./stack.sh
# |
dc97cb71 |
# Persistent variables can be placed in a ``local.conf`` file:: |
9122e7b1 |
# |
dc97cb71 |
# [[local|localrc]] |
428af5a2 |
# DATABASE_PASSWORD=anothersecret
# DATABASE_USER=hellaroot |
9122e7b1 |
#
# We try to have sensible defaults, so you should be able to run ``./stack.sh`` |
dc97cb71 |
# in most cases. ``local.conf`` is not distributed with DevStack and will never |
4a43b7bd |
# be overwritten by a DevStack update. |
9122e7b1 |
# |
df0972c1 |
# DevStack distributes ``stackrc`` which contains locations for the OpenStack |
cc6b4435 |
# repositories, branches to configure, and other configuration defaults. |
dc97cb71 |
# ``stackrc`` sources the ``localrc`` section of ``local.conf`` to allow you to
# safely override those settings. |
4a43b7bd |
|
bbafb1b5 |
if [[ ! -r $TOP_DIR/stackrc ]]; then |
14fd979a |
die $LINENO "missing $TOP_DIR/stackrc - did you grab more than just stack.sh?" |
bbafb1b5 |
fi
source $TOP_DIR/stackrc |
df0972c1 |
|
c973e6c9 |
# Warn users who aren't on an explicitly supported distro, but allow them to
# override check and attempt installation with ``FORCE=yes ./stack`` |
a5ea08b7 |
if [[ ! ${DISTRO} =~ (trusty|vivid|wily|7.0|wheezy|sid|testing|jessie|f22|f23|rhel7|kvmibm1) ]]; then |
c973e6c9 |
echo "WARNING: this script has not been tested on $DISTRO"
if [[ "$FORCE" != "yes" ]]; then
die $LINENO "If you wish to run this script anyway run with FORCE=yes"
fi
fi
|
3710eece |
# Check to see if we are already running DevStack
# Note that this may fail if USE_SCREEN=False
if type -p screen > /dev/null && screen -ls | egrep -q "[0-9]\.$SCREEN_NAME"; then
echo "You are already running a stack.sh session."
echo "To rejoin this session type 'screen -x stack'."
echo "To destroy this session, type './unstack.sh'."
exit 1
fi
|
4a43b7bd |
|
48352ee7 |
# Local Settings |
4a43b7bd |
# --------------
|
48352ee7 |
# Make sure the proxy config is visible to sub-processes
export_proxy_variables |
9122e7b1 |
|
dc97cb71 |
# Remove services which were negated in ``ENABLED_SERVICES`` |
6fd28117 |
# using the "-" prefix (e.g., "-rabbit") instead of |
f04178fd |
# calling disable_service().
disable_negated_services |
c4cd4140 |
|
a79617c1 |
|
d3bf9bdb |
# Configure sudo
# -------------- |
531aeb79 |
|
dc97cb71 |
# We're not as **root** so make sure ``sudo`` is available |
531aeb79 |
is_package_installed sudo || install_package sudo
# UEC images ``/etc/sudoers`` does not have a ``#includedir``, add one
sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers ||
echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers
|
b0160d0f |
# Conditionally setup detailed logging for sudo
if [[ -n "$LOG_SUDO" ]]; then
TEMPFILE=`mktemp`
echo "Defaults log_output" > $TEMPFILE
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/00_logging
fi
|
dc97cb71 |
# Set up DevStack sudoers |
531aeb79 |
TEMPFILE=`mktemp`
echo "$STACK_USER ALL=(root) NOPASSWD:ALL" >$TEMPFILE |
dc97cb71 |
# Some binaries might be under ``/sbin`` or ``/usr/sbin``, so make sure sudo will
# see them by forcing ``PATH`` |
531aeb79 |
echo "Defaults:$STACK_USER secure_path=/sbin:/usr/sbin:/usr/bin:/bin:/usr/local/sbin:/usr/local/bin" >> $TEMPFILE |
ea2fcb55 |
echo "Defaults:$STACK_USER !requiretty" >> $TEMPFILE |
09883c0a |
echo "Defaults env_keep += PS4" >> $TEMPFILE |
531aeb79 |
chmod 0440 $TEMPFILE
sudo chown root:root $TEMPFILE
sudo mv $TEMPFILE /etc/sudoers.d/50_stack_sh |
4a43b7bd |
|
0e8dcedf |
# Configure Distro Repositories
# ----------------------------- |
1a6d4492 |
|
dc97cb71 |
# For Debian/Ubuntu make apt attempt to retry network ops on it's own |
e83f7785 |
if is_ubuntu; then |
9246d96e |
echo 'APT::Acquire::Retries "20";' | sudo tee /etc/apt/apt.conf.d/80retry >/dev/null |
e83f7785 |
fi
|
1a6d4492 |
# Some distros need to add repos beyond the defaults provided by the vendor
# to pick up required packages.
|
95a9ff05 |
function _install_epel_and_rdo { |
dc97cb71 |
# NOTE: We always remove and install latest -- some environments |
ed077b28 |
# use snapshot images, and if EPEL version updates they break
# unless we update them to latest version.
if sudo yum repolist enabled epel | grep -q 'epel'; then
uninstall_package epel-release || true
fi
# This trick installs the latest epel-release from a bootstrap
# repo, then removes itself (as epel-release installed the
# "real" repo).
# |
dc97cb71 |
# You would think that rather than this, you could use |
ed077b28 |
# $releasever directly in .repo file we create below. However
# RHEL gives a $releasever of "6Server" which breaks the path;
# see https://bugzilla.redhat.com/show_bug.cgi?id=1150759
cat <<EOF | sudo tee /etc/yum.repos.d/epel-bootstrap.repo
[epel-bootstrap] |
3682b6de |
name=Bootstrap EPEL |
1f316beb |
mirrorlist=http://mirrors.fedoraproject.org/mirrorlist?repo=epel-7&arch=\$basearch |
3682b6de |
failovermethod=priority
enabled=0
gpgcheck=0
EOF |
a67ef00a |
# Enable a bootstrap repo. It is removed after finishing
# the epel-release installation. |
2f63da9e |
is_package_installed yum-utils || install_package yum-utils |
a67ef00a |
sudo yum-config-manager --enable epel-bootstrap
yum_install epel-release || \ |
ed077b28 |
die $LINENO "Error installing EPEL repo, cannot continue"
sudo rm -f /etc/yum.repos.d/epel-bootstrap.repo |
3e37326a |
# ... and also optional to be enabled |
1f316beb |
sudo yum-config-manager --enable rhel-7-server-optional-rpms
|
95a9ff05 |
# install the lastest RDO |
6e187218 |
is_package_installed rdo-release || yum_install https://rdoproject.org/repos/rdo-release.rpm |
fc99426a |
|
ec47bc1d |
if is_oraclelinux; then
sudo yum-config-manager --enable ol7_optional_latest ol7_addons ol7_MySQL56
fi |
95a9ff05 |
}
|
0e8dcedf |
# Configure Target Directories
# ----------------------------
# Destination path for installation ``DEST``
DEST=${DEST:-/opt/stack} |
23f69d83 |
|
e26232bc |
# Create the destination directory and ensure it is writable by the user |
376b6316 |
# and read/executable by everybody for daemons (e.g. apache run for horizon) |
e26232bc |
sudo mkdir -p $DEST |
e700267e |
safe_chown -R $STACK_USER $DEST
safe_chmod 0755 $DEST |
e26232bc |
|
09a3e715 |
# Destination path for devstack logs
if [[ -n ${LOGDIR:-} ]]; then
mkdir -p $LOGDIR
fi
|
0e8dcedf |
# Destination path for service data
DATA_DIR=${DATA_DIR:-${DEST}/data}
sudo mkdir -p $DATA_DIR
safe_chown -R $STACK_USER $DATA_DIR
# Configure proper hostname |
3ee52c81 |
# Certain services such as rabbitmq require that the local hostname resolves
# correctly. Make sure it exists in /etc/hosts so that is always true.
LOCAL_HOSTNAME=`hostname -s`
if [ -z "`grep ^127.0.0.1 /etc/hosts | grep $LOCAL_HOSTNAME`" ]; then
sudo sed -i "s/\(^127.0.0.1.*\)/\1 $LOCAL_HOSTNAME/" /etc/hosts
fi
|
09a3e715 |
# If you have all the repos installed above already setup (e.g. a CI
# situation where they are on your image) you may choose to skip this
# to speed things up
SKIP_EPEL_INSTALL=$(trueorfalse False SKIP_EPEL_INSTALL)
if is_fedora && [[ $DISTRO == "rhel7" ]] && \
[[ ${SKIP_EPEL_INSTALL} != True ]]; then
_install_epel_and_rdo
fi
|
adcf40d5 |
# Ensure python is installed
# --------------------------
is_package_installed python || install_package python
|
531aeb79 |
|
ffd17680 |
# Configure Logging
# -----------------
# Set up logging level |
53753293 |
VERBOSE=$(trueorfalse True VERBOSE) |
ffd17680 |
# Draw a spinner so the user knows something is happening
function spinner {
local delay=0.75
local spinstr='/-\|'
printf "..." >&3
while [ true ]; do
local temp=${spinstr#?}
printf "[%c]" "$spinstr" >&3
local spinstr=$temp${spinstr%"$temp"}
sleep $delay
printf "\b\b\b" >&3
done
}
function kill_spinner {
if [ ! -z "$LAST_SPINNER_PID" ]; then
kill >/dev/null 2>&1 $LAST_SPINNER_PID
printf "\b\b\bdone\n" >&3
fi
}
# Echo text to the log file, summary log file and stdout
# echo_summary "something to say"
function echo_summary {
if [[ -t 3 && "$VERBOSE" != "True" ]]; then
kill_spinner
echo -n -e $@ >&6
spinner &
LAST_SPINNER_PID=$!
else
echo -e $@ >&6
fi
}
# Echo text only to stdout, no log files
# echo_nolog "something not for the logs"
function echo_nolog {
echo $@ >&3
}
# Set up logging for ``stack.sh``
# Set ``LOGFILE`` to turn on logging
# Append '.xxxxxxxx' to the given name to maintain history
# where 'xxxxxxxx' is a representation of the date the file was created
TIMESTAMP_FORMAT=${TIMESTAMP_FORMAT:-"%F-%H%M%S"} |
dde41d07 |
LOGDAYS=${LOGDAYS:-7}
CURRENT_LOG_TIME=$(date "+$TIMESTAMP_FORMAT") |
ffd17680 |
if [[ -n "$LOGFILE" ]]; then |
ad5cc986 |
# Clean up old log files. Append '.*' to the user-specified
# ``LOGFILE`` to match the date in the search template. |
fc9cc965 |
LOGFILE_DIR="${LOGFILE%/*}" # dirname
LOGFILE_NAME="${LOGFILE##*/}" # basename
mkdir -p $LOGFILE_DIR
find $LOGFILE_DIR -maxdepth 1 -name $LOGFILE_NAME.\* -mtime +$LOGDAYS -exec rm {} \; |
ffd17680 |
LOGFILE=$LOGFILE.${CURRENT_LOG_TIME} |
ad5cc986 |
SUMFILE=$LOGFILE.summary.${CURRENT_LOG_TIME} |
ffd17680 |
# Redirect output according to config
# Set fd 3 to a copy of stdout. So we can set fd 1 without losing
# stdout later.
exec 3>&1
if [[ "$VERBOSE" == "True" ]]; then
# Set fd 1 and 2 to write the log file
exec 1> >( $TOP_DIR/tools/outfilter.py -v -o "${LOGFILE}" ) 2>&1
# Set fd 6 to summary log file
exec 6> >( $TOP_DIR/tools/outfilter.py -o "${SUMFILE}" )
else
# Set fd 1 and 2 to primary logfile
exec 1> >( $TOP_DIR/tools/outfilter.py -o "${LOGFILE}" ) 2>&1
# Set fd 6 to summary logfile and stdout
exec 6> >( $TOP_DIR/tools/outfilter.py -v -o "${SUMFILE}" >&3 )
fi
echo_summary "stack.sh log $LOGFILE"
# Specified logfile name always links to the most recent log |
fc9cc965 |
ln -sf $LOGFILE $LOGFILE_DIR/$LOGFILE_NAME
ln -sf $SUMFILE $LOGFILE_DIR/$LOGFILE_NAME.summary |
ffd17680 |
else
# Set up output redirection without log files
# Set fd 3 to a copy of stdout. So we can set fd 1 without losing
# stdout later.
exec 3>&1
if [[ "$VERBOSE" != "True" ]]; then
# Throw away stdout and stderr
exec 1>/dev/null 2>&1
fi
# Always send summary fd to original stdout
exec 6> >( $TOP_DIR/tools/outfilter.py -v >&3 )
fi
# Set up logging of screen windows
# Set ``SCREEN_LOGDIR`` to turn on logging of screen windows to the |
2af6915e |
# directory specified in ``SCREEN_LOGDIR``, we will log to the file |
ffd17680 |
# ``screen-$SERVICE_NAME-$TIMESTAMP.log`` in that dir and have a link
# ``screen-$SERVICE_NAME.log`` to the latest log file.
# Logs are kept for as long specified in ``LOGDAYS``. |
dde41d07 |
# This is deprecated....logs go in ``LOGDIR``, only symlinks will be here now. |
ffd17680 |
if [[ -n "$SCREEN_LOGDIR" ]]; then
# We make sure the directory is created.
if [[ -d "$SCREEN_LOGDIR" ]]; then
# We cleanup the old logs
find $SCREEN_LOGDIR -maxdepth 1 -name screen-\*.log -mtime +$LOGDAYS -exec rm {} \;
else
mkdir -p $SCREEN_LOGDIR
fi
fi
|
9e11e098 |
# Basic test for ``$DEST`` path permissions (fatal on error unless skipped)
check_path_perm_sanity ${DEST} |
ffd17680 |
# Configure Error Traps
# ---------------------
# Kill background processes on exit
trap exit_trap EXIT
function exit_trap {
local r=$?
jobs=$(jobs -p)
# Only do the kill when we're logging through a process substitution,
# which currently is only to verbose logfile
if [[ -n $jobs && -n "$LOGFILE" && "$VERBOSE" == "True" ]]; then
echo "exit_trap: cleaning up child processes"
kill 2>&1 $jobs
fi
# Kill the last spinner process
kill_spinner
if [[ $r -ne 0 ]]; then
echo "Error on exit" |
4af2afcd |
generate-subunit $DEVSTACK_START_TIME $SECONDS 'fail' >> ${SUBUNIT_OUTPUT} |
ffd17680 |
if [[ -z $LOGDIR ]]; then
$TOP_DIR/tools/worlddump.py
else
$TOP_DIR/tools/worlddump.py -d $LOGDIR
fi |
4af2afcd |
else
generate-subunit $DEVSTACK_START_TIME $SECONDS >> ${SUBUNIT_OUTPUT} |
ffd17680 |
fi
exit $r
}
# Exit on any errors so that errors don't compound
trap err_trap ERR
function err_trap {
local r=$?
set +o xtrace
if [[ -n "$LOGFILE" ]]; then
echo "${0##*/} failed: full log in $LOGFILE"
else
echo "${0##*/} failed"
fi
exit $r
}
# Begin trapping error exit codes
set -o errexit
|
dc97cb71 |
# Print the kernel version
uname -a
|
bd24a8d0 |
# Reset the bundle of CA certificates
SSL_BUNDLE_FILE="$DATA_DIR/ca-bundle.pem"
rm -f $SSL_BUNDLE_FILE
|
0e8dcedf |
# Import common services (database, message queue) configuration
source $TOP_DIR/lib/database
source $TOP_DIR/lib/rpc_backend
|
dc97cb71 |
# Service to enable with SSL if ``USE_SSL`` is True |
3381e09f |
SSL_ENABLED_SERVICES="key,nova,cinder,glance,s-proxy,neutron" |
18d4778c |
if is_service_enabled tls-proxy && [ "$USE_SSL" == "True" ]; then
die $LINENO "tls-proxy and SSL are mutually exclusive"
fi |
d81a0274 |
|
4a43b7bd |
# Configure Projects
# ================== |
67787e6b |
|
7b9341e1 |
# Clone all external plugins
fetch_plugins
|
2af6915e |
# Plugin Phase 0: override_defaults - allow plugins to override |
6e275e17 |
# defaults before other services are run
run_phase override_defaults
|
dc97cb71 |
# Import Apache functions |
d98a5d0a |
source $TOP_DIR/lib/apache |
0049c0c4 |
# Import TLS functions |
c83a7e12 |
source $TOP_DIR/lib/tls |
0049c0c4 |
# Source project function libraries |
0392a10a |
source $TOP_DIR/lib/infra |
1b6b5318 |
source $TOP_DIR/lib/oslo |
d470867f |
source $TOP_DIR/lib/lvm |
b562e6a7 |
source $TOP_DIR/lib/horizon |
d81a0274 |
source $TOP_DIR/lib/keystone |
73f6f25b |
source $TOP_DIR/lib/glance |
bf67c19c |
source $TOP_DIR/lib/nova |
67787e6b |
source $TOP_DIR/lib/cinder |
ece6a332 |
source $TOP_DIR/lib/swift |
bfdad75e |
source $TOP_DIR/lib/heat |
5a9739a4 |
source $TOP_DIR/lib/neutron-legacy |
f127e2f3 |
source $TOP_DIR/lib/ldap |
e0b08d04 |
source $TOP_DIR/lib/dstat |
5cad4d3f |
source $TOP_DIR/lib/dlm |
67787e6b |
|
cdf3d766 |
# Extras Source
# --------------
# Phase: source |
2c65e71a |
run_phase source |
cdf3d766 |
|
c6d47014 |
|
b7490da9 |
# Interactive Configuration
# -------------------------
# Do all interactive config up front before the logging spew begins |
213c4168 |
|
7a549f40 |
# Generic helper to configure passwords
function read_password { |
523f4880 |
local xtrace
xtrace=$(set +o | grep xtrace) |
7a549f40 |
set +o xtrace
var=$1; msg=$2
pw=${!var}
|
9e032c2d |
if [[ -f $RC_DIR/localrc ]]; then
localrc=$TOP_DIR/localrc
else |
975f4209 |
localrc=$TOP_DIR/.localrc.password |
9e032c2d |
fi |
6015c82a |
|
7a549f40 |
# If the password is not defined yet, proceed to prompt user for a password.
if [ ! $pw ]; then
# If there is no localrc file, create one |
b4db2254 |
if [ ! -e $localrc ]; then
touch $localrc |
7a549f40 |
fi
|
975f4209 |
# Presumably if we got this far it can only be that our
# localrc is missing the required password. Prompt user for a
# password and write to localrc.
|
b4db2254 |
echo ''
echo '################################################################################'
echo $msg
echo '################################################################################' |
975f4209 |
echo "This value will be written to ${localrc} file so you don't have to enter it " |
4e6a2b71 |
echo "again. Use only alphanumeric characters." |
b4db2254 |
echo "If you leave this blank, a random default value will be used." |
4e6a2b71 |
pw=" "
while true; do
echo "Enter a password now:"
read -e $var
pw=${!var}
[[ "$pw" = "`echo $pw | tr -cd [:alnum:]`" ]] && break
echo "Invalid chars in password. Try again:"
done |
b4db2254 |
if [ ! $pw ]; then |
f71b500b |
pw=$(generate_hex_string 10) |
7a549f40 |
fi |
b4db2254 |
eval "$var=$pw"
echo "$var=$pw" >> $localrc |
7a549f40 |
fi |
523f4880 |
# restore previous xtrace value
$xtrace |
7a549f40 |
}
|
13dc5ccd |
|
b9182d65 |
# Database Configuration |
dc97cb71 |
# ---------------------- |
b9182d65 |
|
dc97cb71 |
# To select between database backends, add the following to ``local.conf``: |
428af5a2 |
# |
afc29fe5 |
# disable_service mysql
# enable_service postgresql |
428af5a2 |
# |
afc29fe5 |
# The available database backends are listed in ``DATABASE_BACKENDS`` after
# ``lib/database`` is sourced. ``mysql`` is the default. |
782b9917 |
|
a99e5c9b |
initialize_database_backends && echo "Using $DATABASE_TYPE database backend" || echo "No database enabled" |
782b9917 |
|
b9182d65 |
|
b7490da9 |
# Queue Configuration |
dc97cb71 |
# ------------------- |
a841644e |
# Rabbit connection info |
dc97cb71 |
# In multi node DevStack, second node needs ``RABBIT_USERID``, but rabbit |
f6287c2a |
# isn't enabled.
RABBIT_USERID=${RABBIT_USERID:-stackrabbit} |
4a221459 |
if is_service_enabled rabbit; then |
e309e5a9 |
RABBIT_HOST=${RABBIT_HOST:-$SERVICE_HOST} |
4a221459 |
read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
fi |
ba23cc73 |
|
7d28a0e1 |
|
782b9917 |
# Keystone |
dc97cb71 |
# -------- |
782b9917 |
|
5ce44cd6 |
if is_service_enabled keystone; then |
b7490da9 |
# Services authenticate to Identity with servicename/``SERVICE_PASSWORD``
read_password SERVICE_PASSWORD "ENTER A SERVICE_PASSWORD TO USE FOR THE SERVICE AUTHENTICATION."
# Horizon currently truncates usernames and passwords at 20 characters
read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR HORIZON AND KEYSTONE (20 CHARS OR LESS)."
# Keystone can now optionally install OpenLDAP by enabling the ``ldap`` |
dc97cb71 |
# service in ``local.conf`` (e.g. ``enable_service ldap``). |
b7490da9 |
# To clean out the Keystone contents in OpenLDAP set ``KEYSTONE_CLEAR_LDAP`` |
dc97cb71 |
# to ``yes`` (e.g. ``KEYSTONE_CLEAR_LDAP=yes``) in ``local.conf``. To enable the |
b7490da9 |
# Keystone Identity Driver (``keystone.identity.backends.ldap.Identity``)
# set ``KEYSTONE_IDENTITY_BACKEND`` to ``ldap`` (e.g. |
dc97cb71 |
# ``KEYSTONE_IDENTITY_BACKEND=ldap``) in ``local.conf``. |
b7490da9 |
|
dc97cb71 |
# Only request LDAP password if the service is enabled |
b7490da9 |
if is_service_enabled ldap; then
read_password LDAP_PASSWORD "ENTER A PASSWORD TO USE FOR LDAP"
fi
fi |
f127e2f3 |
|
b7490da9 |
# Swift |
dc97cb71 |
# ----- |
b96871e4 |
|
b7490da9 |
if is_service_enabled s-proxy; then
# We only ask for Swift Hash if we have enabled swift service.
# ``SWIFT_HASH`` is a random unique string for a swift cluster that
# can never change.
read_password SWIFT_HASH "ENTER A RANDOM SWIFT HASH." |
abbb0e9a |
if [[ -z "$SWIFT_TEMPURL_KEY" ]] && [[ "$SWIFT_ENABLE_TEMPURLS" == "True" ]]; then
read_password SWIFT_TEMPURL_KEY "ENTER A KEY FOR SWIFT TEMPURLS."
fi |
b7490da9 |
fi |
b3288381 |
|
6816234d |
# Save configuration values
save_stackenv $LINENO
|
6577b468 |
|
30f68e96 |
# Install Packages |
d74257d0 |
# ================ |
7d28a0e1 |
|
4a43b7bd |
# OpenStack uses a fair number of other projects. |
30f68e96 |
|
2d91fe8a |
# Bring down global requirements before any use of pip_install. This is
# necessary to ensure that the constraints file is in place before we
# attempt to apply any constraints to pip installs.
git_clone $REQUIREMENTS_REPO $REQUIREMENTS_DIR $REQUIREMENTS_BRANCH
|
7d28a0e1 |
# Install package requirements |
48352ee7 |
# Source it so the entire environment is available |
7903b795 |
echo_summary "Installing package prerequisites" |
48352ee7 |
source $TOP_DIR/tools/install_prereqs.sh |
47f02060 |
|
dc97cb71 |
# Configure an appropriate Python environment |
8b5d3cf3 |
if [[ "$OFFLINE" != "True" ]]; then |
53753293 |
PYPI_ALTERNATIVE_URL=${PYPI_ALTERNATIVE_URL:-""} $TOP_DIR/tools/install_pip.sh |
8b5d3cf3 |
fi |
1a6d4492 |
|
4af2afcd |
# Install subunit for the subunit output stream
pip_install -U os-testr
|
981ed299 |
TRACK_DEPENDS=${TRACK_DEPENDS:-False}
|
dc97cb71 |
# Install Python packages into a virtualenv so that we can track them |
981ed299 |
if [[ $TRACK_DEPENDS = True ]]; then
echo_summary "Installing Python packages into a virtualenv $DEST/.venv"
pip_install -U virtualenv
rm -rf $DEST/.venv
virtualenv --system-site-packages $DEST/.venv
source $DEST/.venv/bin/activate
$DEST/.venv/bin/pip freeze > $DEST/requires-pre-pip
fi
|
d3121f64 |
# Do the ugly hacks for broken packages and distros |
04a35113 |
source $TOP_DIR/tools/fixup_stuff.sh |
9acc12a3 |
|
5c3a63e6 |
|
b1d8e8e2 |
# Virtual Environment
# -------------------
|
0a9d03d5 |
# Install required infra support libraries
install_infra
|
5c3a63e6 |
# Extras Pre-install
# ------------------
# Phase: pre-install |
2c65e71a |
run_phase stack pre-install |
5c3a63e6 |
|
62d1d698 |
install_rpc_backend
|
5cad4d3f |
# NOTE(sdague): dlm install is conditional on one being enabled by configuration
install_dlm
configure_dlm
|
62d1d698 |
if is_service_enabled $DATABASE_BACKENDS; then
install_database |
7dd890d6 |
fi
if [ -n "$DATABASE_TYPE" ]; then |
5686dbc4 |
install_database_python |
62d1d698 |
fi
if is_service_enabled neutron; then
install_neutron_agent_packages
fi
|
fe51a900 |
# Check Out and Install Source
# ---------------------------- |
4a43b7bd |
|
7903b795 |
echo_summary "Installing OpenStack project source"
|
dc97cb71 |
# Install Oslo libraries |
1b6b5318 |
install_oslo
|
dc97cb71 |
# Install client libraries |
21a9077d |
install_keystoneauth |
d81a0274 |
install_keystoneclient |
73f6f25b |
install_glanceclient |
253a1a35 |
install_cinderclient |
bf67c19c |
install_novaclient |
75195b58 |
if is_service_enabled swift glance horizon; then |
fe51a900 |
install_swiftclient
fi |
75195b58 |
if is_service_enabled neutron nova horizon; then |
b05c8769 |
install_neutronclient |
fe51a900 |
fi |
75195b58 |
if is_service_enabled heat horizon; then
install_heatclient
fi |
fe51a900 |
|
58936fdb |
# Install middleware
install_keystonemiddleware
|
5ce44cd6 |
if is_service_enabled keystone; then |
0abde393 |
if [ "$KEYSTONE_AUTH_HOST" == "$SERVICE_HOST" ]; then |
8c2ce6ea |
stack_install_service keystone |
0abde393 |
configure_keystone
fi |
38df1228 |
fi |
ece6a332 |
|
3cff013d |
if is_service_enabled swift; then |
b6197e6a |
if is_service_enabled ceilometer; then
install_ceilometermiddleware
fi |
8c2ce6ea |
stack_install_service swift |
fe51a900 |
configure_swift
|
9d2647a9 |
# swift3 middleware to provide S3 emulation to Swift |
6ae9ea59 |
if is_service_enabled swift3; then |
dc97cb71 |
# Replace the nova-objectstore port by the swift port |
9d2647a9 |
S3_SERVICE_PORT=8080 |
6ae9ea59 |
git_clone $SWIFT3_REPO $SWIFT3_DIR $SWIFT3_BRANCH |
fe51a900 |
setup_develop $SWIFT3_DIR |
6ae9ea59 |
fi |
e7ce24fc |
fi |
ece6a332 |
|
a6651e94 |
if is_service_enabled g-api n-api; then |
dc97cb71 |
# Image catalog service |
8c2ce6ea |
stack_install_service glance |
fe51a900 |
configure_glance |
e7ce24fc |
fi |
fe51a900 |
if is_service_enabled cinder; then |
dc97cb71 |
# Block volume service |
8c2ce6ea |
stack_install_service cinder |
fe51a900 |
configure_cinder
fi
|
b05c8769 |
if is_service_enabled neutron; then |
dc97cb71 |
# Network service |
8c2ce6ea |
stack_install_service neutron |
b05c8769 |
install_neutron_third_party |
fe51a900 |
fi
|
bf67c19c |
if is_service_enabled nova; then |
dc97cb71 |
# Compute service |
8c2ce6ea |
stack_install_service nova |
fe51a900 |
cleanup_nova
configure_nova |
bf67c19c |
fi |
fe51a900 |
|
a6651e94 |
if is_service_enabled horizon; then |
e385d1e0 |
# django openstack_auth
install_django_openstack_auth |
b562e6a7 |
# dashboard |
8c2ce6ea |
stack_install_service horizon |
e7ce24fc |
fi |
fe51a900 |
|
bfdad75e |
if is_service_enabled heat; then |
8c2ce6ea |
stack_install_service heat |
315971d9 |
install_heat_other |
c3249083 |
cleanup_heat |
bfdad75e |
configure_heat
fi |
b7490da9 |
|
18d4778c |
if is_service_enabled tls-proxy || [ "$USE_SSL" == "True" ]; then |
fe51a900 |
configure_CA
init_CA
init_cert |
dc97cb71 |
# Add name to ``/etc/hosts``.
# Don't be naive and add to existing line! |
67787e6b |
fi |
75a37653 |
|
dc97cb71 |
|
cdf3d766 |
# Extras Install
# --------------
# Phase: install |
2c65e71a |
run_phase stack install |
cdf3d766 |
|
dc97cb71 |
# Install the OpenStack client, needed for most setup commands |
1ffa3321 |
if use_library_from_git "python-openstackclient"; then
git_clone_by_name "python-openstackclient"
setup_dev_lib "python-openstackclient"
else |
60996b1b |
pip_install_gr python-openstackclient |
1ffa3321 |
fi
|
cc6b4435 |
if [[ $TRACK_DEPENDS = True ]]; then |
47f02060 |
$DEST/.venv/bin/pip freeze > $DEST/requires-post-pip |
cc6b4435 |
if ! diff -Nru $DEST/requires-pre-pip $DEST/requires-post-pip > $DEST/requires.diff; then |
e8fa8537 |
echo "Detect some changes for installed packages of pip, in depend tracking mode" |
47f02060 |
cat $DEST/requires.diff
fi
echo "Ran stack.sh in depend tracking mode, bailing out now"
exit 0
fi |
df0972c1 |
|
b7490da9 |
|
ff603ef5 |
# Syslog |
df0972c1 |
# ------ |
ff603ef5 |
if [[ $SYSLOG != "False" ]]; then
if [[ "$SYSLOG_HOST" = "$HOST_IP" ]]; then
# Configure the master host to receive
cat <<EOF >/tmp/90-stack-m.conf
\$ModLoad imrelp
\$InputRELPServerRun $SYSLOG_PORT
EOF
sudo mv /tmp/90-stack-m.conf /etc/rsyslog.d
else
# Set rsyslog to send to remote host
cat <<EOF >/tmp/90-stack-s.conf
*.* :omrelp:$SYSLOG_HOST:$SYSLOG_PORT
EOF
sudo mv /tmp/90-stack-s.conf /etc/rsyslog.d
fi |
e4859f0b |
RSYSLOGCONF="/etc/rsyslog.conf"
if [ -f $RSYSLOGCONF ]; then
sudo cp -b $RSYSLOGCONF $RSYSLOGCONF.bak
if [[ $(grep '$SystemLogRateLimitBurst' $RSYSLOGCONF) ]]; then
sudo sed -i 's/$SystemLogRateLimitBurst\ .*/$SystemLogRateLimitBurst\ 0/' $RSYSLOGCONF
else
sudo sed -i '$ i $SystemLogRateLimitBurst\ 0' $RSYSLOGCONF
fi
if [[ $(grep '$SystemLogRateLimitInterval' $RSYSLOGCONF) ]]; then
sudo sed -i 's/$SystemLogRateLimitInterval\ .*/$SystemLogRateLimitInterval\ 0/' $RSYSLOGCONF
else
sudo sed -i '$ i $SystemLogRateLimitInterval\ 0' $RSYSLOGCONF
fi
fi
|
7903b795 |
echo_summary "Starting rsyslog" |
13dc5ccd |
restart_service rsyslog |
ff603ef5 |
fi
|
df0972c1 |
|
e5d92380 |
# Finalize queue installation
# ---------------------------- |
b0f1c38b |
restart_rpc_backend |
ba23cc73 |
|
df0972c1 |
|
fe7b56cd |
# Export Certificate Authority Bundle
# ----------------------------------- |
bd24a8d0 |
# If certificates were used and written to the SSL bundle file then these
# should be exported so clients can validate their connections.
if [ -f $SSL_BUNDLE_FILE ]; then
export OS_CACERT=$SSL_BUNDLE_FILE
fi
|
428af5a2 |
# Configure database
# ------------------ |
b9182d65 |
|
428af5a2 |
if is_service_enabled $DATABASE_BACKENDS; then
configure_database |
24859060 |
fi
|
b9182d65 |
# Configure screen
# ----------------
|
53753293 |
USE_SCREEN=$(trueorfalse True USE_SCREEN) |
681f3fdd |
if [[ "$USE_SCREEN" == "True" ]]; then
# Create a new named screen to run processes in
screen -d -m -S $SCREEN_NAME -t shell -s /bin/bash
sleep 1
# Set a reasonable status bar |
ff72c505 |
SCREEN_HARDSTATUS=${SCREEN_HARDSTATUS:-} |
681f3fdd |
if [ -z "$SCREEN_HARDSTATUS" ]; then
SCREEN_HARDSTATUS='%{= .} %-Lw%{= .}%> %n%f %t*%{= .}%+Lw%< %-=%{g}(%{d}%H/%l%{g})'
fi
screen -r $SCREEN_NAME -X hardstatus alwayslastline "$SCREEN_HARDSTATUS" |
30396576 |
screen -r $SCREEN_NAME -X setenv PROMPT_COMMAND /bin/true |
0a7a41eb |
fi
|
dc97cb71 |
# Clear ``screenrc`` file |
61bb2c1b |
SCREENRC=$TOP_DIR/$SCREEN_NAME-screenrc
if [[ -e $SCREENRC ]]; then |
8e58c073 |
rm -f $SCREENRC |
61bb2c1b |
fi |
b9182d65 |
|
a9414249 |
# Initialize the directory for service status check
init_service_check |
7d28a0e1 |
|
6816234d |
# Save configuration values
save_stackenv $LINENO
|
dc97cb71 |
# Start Services
# ==============
|
78096b50 |
# Dstat |
dc97cb71 |
# ----- |
1a6d4492 |
|
f1eb0475 |
# A better kind of sysstat, with the top process per time slice |
e0b08d04 |
start_dstat |
921f2dab |
|
893e6636 |
|
d81a0274 |
# Keystone
# --------
|
5ce44cd6 |
if is_service_enabled keystone; then |
7903b795 |
echo_summary "Starting Keystone" |
0abde393 |
if [ "$KEYSTONE_AUTH_HOST" == "$SERVICE_HOST" ]; then
init_keystone
start_keystone |
923be5f7 |
bootstrap_keystone |
0abde393 |
fi |
d81a0274 |
|
c83a7e12 |
if is_service_enabled tls-proxy; then
export OS_CACERT=$INT_CA_DIR/ca-chain.pem |
33d1f86a |
fi
|
7adf15df |
# Rather than just export these, we write them out to a
# intermediate userrc file that can also be used to debug if
# something goes wrong between here and running
# tools/create_userrc.sh (this script relies on services other
# than keystone being available, so we can't call it right now)
cat > $TOP_DIR/userrc_early <<EOF
# Use this for debugging issues before files in accrc are created
# Set up password auth credentials now that Keystone is bootstrapped |
923be5f7 |
export OS_IDENTITY_API_VERSION=3 |
7adf15df |
export OS_AUTH_URL=$KEYSTONE_AUTH_URI
export OS_USERNAME=admin
export OS_USER_DOMAIN_ID=default
export OS_PASSWORD=$ADMIN_PASSWORD
export OS_PROJECT_NAME=admin
export OS_PROJECT_DOMAIN_ID=default
export OS_REGION_NAME=$REGION_NAME
EOF
source $TOP_DIR/userrc_early
|
923be5f7 |
create_keystone_accounts
create_nova_accounts
create_glance_accounts
create_cinder_accounts
create_neutron_accounts
if is_service_enabled swift; then
create_swift_accounts
fi
if is_service_enabled heat; then
create_heat_accounts
fi
|
d81a0274 |
fi
|
7224eecb |
# Write a clouds.yaml file
write_clouds_yaml |
16a2d64f |
|
ca85b799 |
# Horizon |
df0972c1 |
# ------- |
cbe98d56 |
|
a6651e94 |
if is_service_enabled horizon; then |
43f62c08 |
echo_summary "Configuring Horizon"
configure_horizon |
70dc5e05 |
fi |
1c1d1505 |
|
18d350da |
|
d74257d0 |
# Glance
# ------
|
a6651e94 |
if is_service_enabled g-reg; then |
7903b795 |
echo_summary "Configuring Glance" |
73f6f25b |
init_glance |
70dc5e05 |
fi |
75a37653 |
|
8c032d16 |
|
b05c8769 |
# Neutron |
60df29a2 |
# ------- |
7d28a0e1 |
|
b05c8769 |
if is_service_enabled neutron; then
echo_summary "Configuring Neutron" |
b9182d65 |
|
b05c8769 |
configure_neutron |
dc97cb71 |
# Run init_neutron only on the node hosting the Neutron API server |
dd64988f |
if is_service_enabled $DATABASE_BACKENDS && is_service_enabled q-svc; then
init_neutron
fi |
60df29a2 |
fi
|
b05c8769 |
# Some Neutron plugins require network controllers which are not |
66afb47c |
# a part of the OpenStack project. Configure and start them. |
b05c8769 |
if is_service_enabled neutron; then
configure_neutron_third_party
init_neutron_third_party
start_neutron_third_party |
396a014b |
fi
|
b9182d65 |
|
d74257d0 |
# Nova
# ---- |
bd13b708 |
|
6f85ab35 |
if is_service_enabled n-net q-dhcp; then |
55458455 |
# Delete traces of nova networks from prior runs |
d71d6e71 |
# Do not kill any dnsmasq instance spawned by NetworkManager
netman_pid=$(pidof NetworkManager || true)
if [ -z "$netman_pid" ]; then
sudo killall dnsmasq || true
else
sudo ps h -o pid,ppid -C dnsmasq | grep -v $netman_pid | awk '{print $1}' | sudo xargs kill || true
fi
|
55458455 |
clean_iptables |
7a7fb49b |
if is_service_enabled n-net; then
rm -rf ${NOVA_STATE_PATH}/networks
sudo mkdir -p ${NOVA_STATE_PATH}/networks |
a0ced4df |
safe_chown -R ${STACK_USER} ${NOVA_STATE_PATH}/networks |
7a7fb49b |
fi
|
1a6d4492 |
# Force IP forwarding on, just in case |
0b31e867 |
sudo sysctl -w net.ipv4.ip_forward=1 |
70dc5e05 |
fi
|
7d28a0e1 |
|
28fa4e8d |
# Storage Service |
7d28a0e1 |
# ---------------
|
3cff013d |
if is_service_enabled swift; then |
7903b795 |
echo_summary "Configuring Swift" |
ece6a332 |
init_swift |
28fa4e8d |
fi
|
df0972c1 |
|
acff87a2 |
# Volume Service
# --------------
|
67787e6b |
if is_service_enabled cinder; then |
7903b795 |
echo_summary "Configuring Cinder" |
67787e6b |
init_cinder |
acff87a2 |
fi
|
2aa2a89c |
# Compute Service
# ---------------
|
bf67c19c |
if is_service_enabled nova; then
echo_summary "Configuring Nova"
init_nova |
0007f3a6 |
|
86a79694 |
# Additional Nova configuration that is dependent on other services |
b05c8769 |
if is_service_enabled neutron; then
create_nova_conf_neutron |
86a79694 |
elif is_service_enabled n-net; then |
66afb47c |
create_nova_conf_nova_network |
1bfa3d53 |
fi |
fb2a3ae3 |
init_nova_cells |
b62b4ca2 |
fi
|
dc97cb71 |
|
cdf3d766 |
# Extras Configuration
# ====================
# Phase: post-config |
2c65e71a |
run_phase stack post-config |
cdf3d766 |
|
893e6636 |
# Local Configuration
# ===================
|
dc97cb71 |
# Apply configuration from ``local.conf`` if it exists for layer 2 services |
893e6636 |
# Phase: post-config
merge_config_group $TOP_DIR/local.conf post-config
|
d74257d0 |
# Launch Services
# =============== |
30f68e96 |
|
dfcd2003 |
# Only run the services specified in ``ENABLED_SERVICES``
|
ece6a332 |
# Launch Swift Services |
3cff013d |
if is_service_enabled swift; then |
ece6a332 |
echo_summary "Starting Swift"
start_swift
fi
|
73f6f25b |
# Launch the Glance services |
e4fa7213 |
if is_service_enabled glance; then |
7903b795 |
echo_summary "Starting Glance" |
73f6f25b |
start_glance |
d000b22d |
fi
|
dc97cb71 |
|
0b9776d2 |
# Install Images
# ==============
|
dc97cb71 |
# Upload an image to Glance. |
0b9776d2 |
# |
dc97cb71 |
# The default image is CirrOS, a small testing image which lets you login as **root**
# CirrOS has a ``cloud-init`` analog supporting login via keypair and sending |
0b9776d2 |
# scripts as userdata. |
dc97cb71 |
# See https://help.ubuntu.com/community/CloudInit for more on ``cloud-init`` |
0b9776d2 |
if is_service_enabled g-reg; then
|
2f8e08b5 |
echo_summary "Uploading images" |
0b9776d2 |
|
2f8e08b5 |
# Option to upload legacy ami-tty, which works with xenserver
if [[ -n "$UPLOAD_LEGACY_TTY" ]]; then
IMAGE_URLS="${IMAGE_URLS:+${IMAGE_URLS},}https://github.com/downloads/citrix-openstack/warehouse/tty.tgz" |
0b9776d2 |
fi |
2f8e08b5 |
for image_url in ${IMAGE_URLS//,/ }; do |
5aeea6ae |
upload_image $image_url |
2f8e08b5 |
done |
0b9776d2 |
fi
|
def4c141 |
# Create a randomized default value for the keymgr's fixed_key
if is_service_enabled nova; then |
f71b500b |
iniset $NOVA_CONF keymgr fixed_key $(generate_hex_string 32) |
def4c141 |
fi
|
7d28a0e1 |
# Launch the nova-api and wait for it to answer before continuing |
a6651e94 |
if is_service_enabled n-api; then |
7903b795 |
echo_summary "Starting Nova API" |
3a3a2bac |
start_nova_api |
d000b22d |
fi |
1bfa3d53 |
|
37dda8d7 |
if is_service_enabled q-svc; then |
b05c8769 |
echo_summary "Starting Neutron"
start_neutron_service_and_check |
ef1e0802 |
check_neutron_third_party_integration |
8ec719b4 |
elif is_service_enabled $DATABASE_BACKENDS && is_service_enabled n-net; then |
fb2a3ae3 |
NM_CONF=${NOVA_CONF}
if is_service_enabled n-cell; then
NM_CONF=${NOVA_CELLS_CONF}
fi
|
37dda8d7 |
# Create a small network |
fb2a3ae3 |
$NOVA_BIN_DIR/nova-manage --config-file $NM_CONF network create "$PRIVATE_NETWORK_NAME" $FIXED_RANGE 1 $FIXED_NETWORK_SIZE $NETWORK_CREATE_ARGS |
37dda8d7 |
# Create some floating ips |
fb2a3ae3 |
$NOVA_BIN_DIR/nova-manage --config-file $NM_CONF floating create $FLOATING_RANGE --pool=$PUBLIC_NETWORK_NAME |
37dda8d7 |
# Create a second pool |
fb2a3ae3 |
$NOVA_BIN_DIR/nova-manage --config-file $NM_CONF floating create --ip_range=$TEST_FLOATING_RANGE --pool=$TEST_FLOATING_POOL |
1bfa3d53 |
fi
|
b05c8769 |
if is_service_enabled neutron; then
start_neutron_agents |
66afb47c |
fi |
6fbb28d0 |
# Once neutron agents are started setup initial network elements |
7bce8fa3 |
if is_service_enabled q-svc && [[ "$NEUTRON_CREATE_INITIAL_NETWORKS" == "True" ]]; then |
6fbb28d0 |
echo_summary "Creating initial neutron network elements"
create_neutron_initial_network
setup_neutron_debug
fi |
bf67c19c |
if is_service_enabled nova; then
echo_summary "Starting Nova"
start_nova
fi |
67787e6b |
if is_service_enabled cinder; then |
7903b795 |
echo_summary "Starting Cinder" |
67787e6b |
start_cinder |
09718335 |
create_volume_types |
67787e6b |
fi |
b562e6a7 |
|
dc97cb71 |
# Configure and launch Heat engine, api and metadata |
bfdad75e |
if is_service_enabled heat; then |
1bcd2800 |
# Initialize heat |
bad9d89f |
echo_summary "Configuring Heat"
init_heat |
7903b795 |
echo_summary "Starting Heat" |
bfdad75e |
start_heat |
249e36de |
if [ "$HEAT_BUILD_PIP_MIRROR" = "True" ]; then
echo_summary "Building Heat pip mirror"
build_heat_pip_mirror |
2a6009cd |
fi |
bfdad75e |
fi |
7d28a0e1 |
|
43f62c08 |
if is_service_enabled horizon; then
echo_summary "Starting Horizon"
init_horizon
start_horizon
fi
|
bd24a8d0 |
|
50901429 |
# Create account rc files
# =======================
# Creates source able script files for easier user switching.
# This step also creates certificates for tenants and users,
# which is helpful in image bundle steps.
if is_service_enabled nova && is_service_enabled keystone; then
USERRC_PARAMS="-PA --target-dir $TOP_DIR/accrc"
if [ -f $SSL_BUNDLE_FILE ]; then
USERRC_PARAMS="$USERRC_PARAMS --os-cacert $SSL_BUNDLE_FILE"
fi
if [[ "$HEAT_STANDALONE" = "True" ]]; then
USERRC_PARAMS="$USERRC_PARAMS --heat-url http://$HEAT_API_HOST:$HEAT_API_PORT/v1"
fi
$TOP_DIR/tools/create_userrc.sh $USERRC_PARAMS
fi
# Save some values we generated for later use
save_stackenv
|
dc97cb71 |
# Wrapup configuration
# ====================
# local.conf extra
# ---------------- |
893e6636 |
|
dc97cb71 |
# Apply configuration from ``local.conf`` if it exists for layer 2 services |
893e6636 |
# Phase: extra
merge_config_group $TOP_DIR/local.conf extra
|
768295e9 |
# Run extras |
dc97cb71 |
# ---------- |
768295e9 |
|
cdf3d766 |
# Phase: extra |
2c65e71a |
run_phase stack extra |
768295e9 |
|
feb28837 |
|
dc97cb71 |
# local.conf post-extra
# ---------------------
# Apply late configuration from ``local.conf`` if it exists for layer 2 services |
feb28837 |
# Phase: post-extra
merge_config_group $TOP_DIR/local.conf post-extra
|
768295e9 |
|
f5633ddb |
# Run local script |
dc97cb71 |
# ---------------- |
f5633ddb |
# Run ``local.sh`` if it exists to perform user-managed tasks
if [[ -x $TOP_DIR/local.sh ]]; then
echo "Running user script $TOP_DIR/local.sh"
$TOP_DIR/local.sh
fi
|
c71973eb |
# Sanity checks
# =============
|
a9414249 |
# Check the status of running services
service_check |
f5633ddb |
|
c71973eb |
# ensure that all the libraries we think we installed from git,
# actually were.
check_libs_from_git
|
b7490da9 |
|
bbe771a8 |
# Bash completion
# ===============
# Prepare bash completion for OSC
openstack complete | sudo tee /etc/bash_completion.d/osc.bash_completion > /dev/null
|
4bf861c7 |
# If cinder is configured, set global_filter for PV devices
if is_service_enabled cinder; then
if is_ubuntu; then
echo_summary "Configuring lvm.conf global device filter"
set_lvm_filter
else
echo_summary "Skip setting lvm filters for non Ubuntu systems"
fi
fi |
bbe771a8 |
|
dc97cb71 |
|
b94f4bf3 |
# Fin
# ===
|
471de7a3 |
set +o xtrace |
b94f4bf3 |
|
7903b795 |
if [[ -n "$LOGFILE" ]]; then
exec 1>&3
# Force all output to stdout and logs now |
baa8b42a |
exec 1> >( tee -a "${LOGFILE}" ) 2>&1 |
7903b795 |
else
# Force all output to stdout now
exec 1>&3
fi
|
95c33d53 |
# Dump out the time totals
time_totals |
df0972c1 |
|
24859060 |
# Using the cloud |
dc97cb71 |
# =============== |
24859060 |
|
e19d8847 |
echo ""
echo ""
echo "" |
180f5eb6 |
echo "This is your host IP address: $HOST_IP"
if [ "$HOST_IPV6" != "" ]; then
echo "This is your host IPv6 address: $HOST_IPV6"
fi |
e19d8847 |
|
df0972c1 |
# If you installed Horizon on this server you should be able |
40a37006 |
# to access the site using your browser. |
a6651e94 |
if is_service_enabled horizon; then |
7b105c57 |
echo "Horizon is now available at http://$SERVICE_HOST$HORIZON_APACHE_ROOT" |
24859060 |
fi
|
df0972c1 |
# If Keystone is present you can point ``nova`` cli to this server |
5ce44cd6 |
if is_service_enabled keystone; then |
dc97cb71 |
echo "Keystone is serving at $KEYSTONE_SERVICE_URI/" |
df0972c1 |
echo "The default users are: admin and demo"
echo "The password: $ADMIN_PASSWORD" |
24859060 |
fi |
523c405f |
|
afc29fe5 |
# Warn that a deprecated feature was used
if [[ -n "$DEPRECATED_TEXT" ]]; then
echo_summary "WARNING: $DEPRECATED_TEXT" |
ced65179 |
fi
|
4a43b7bd |
# Indicate how long this took to run (bash maintained variable ``SECONDS``) |
7903b795 |
echo_summary "stack.sh completed in $SECONDS seconds." |
8068455a |
# Restore/close logging file descriptors
exec 1>&3
exec 2>&3
exec 3>&-
exec 6>&- |