Browse code
Merge branch 'master' into pause
Jesse Andrews authored on 2011/10/28 04:15:24Showing 3 changed files
| ... | ... |
@@ -82,11 +82,11 @@ nova boot --flavor $FLAVOR --image $IMAGE $NAME --security_groups=$SECGROUP |
| 82 | 82 |
# Waiting for boot |
| 83 | 83 |
# ---------------- |
| 84 | 84 |
|
| 85 |
-# let's give it 10 seconds to launch |
|
| 86 |
-sleep 10 |
|
| 87 |
- |
|
| 88 |
-# check that the status is active |
|
| 89 |
-nova show $NAME | grep status | grep -q ACTIVE |
|
| 85 |
+# check that the status is active within 10 seconds |
|
| 86 |
+if ! timeout 10 sh -c "while ! nova show $NAME | grep status | grep -q ACTIVE; do sleep 1; done"; then |
|
| 87 |
+ echo "server didn't become active!" |
|
| 88 |
+ exit 1 |
|
| 89 |
+fi |
|
| 90 | 90 |
|
| 91 | 91 |
# get the IP of the server |
| 92 | 92 |
IP=`nova show $NAME | grep "private network" | cut -d"|" -f3` |
| ... | ... |
@@ -94,14 +94,13 @@ IP=`nova show $NAME | grep "private network" | cut -d"|" -f3` |
| 94 | 94 |
# for single node deployments, we can ping private ips |
| 95 | 95 |
MULTI_HOST=${MULTI_HOST:-0}
|
| 96 | 96 |
if [ "$MULTI_HOST" = "0" ]; then |
| 97 |
- # ping it once (timeout of a second) |
|
| 98 |
- ping -c1 -w1 $IP || true |
|
| 99 |
- |
|
| 100 | 97 |
# sometimes the first ping fails (10 seconds isn't enough time for the VM's |
| 101 |
- # network to respond?), so let's wait 5 seconds and really test ping |
|
| 102 |
- sleep 5 |
|
| 103 |
- |
|
| 104 |
- ping -c1 -w1 $IP |
|
| 98 |
+ # network to respond?), so let's ping for 15 seconds with a timeout |
|
| 99 |
+ # of a second. |
|
| 100 |
+ if ! timeout 15 sh -c "while ! ping -c1 -w1 $IP; do sleep 1; done"; then |
|
| 101 |
+ echo "Couldn't ping server" |
|
| 102 |
+ exit 1 |
|
| 103 |
+ fi |
|
| 105 | 104 |
fi |
| 106 | 105 |
|
| 107 | 106 |
# Security Groups & Floating IPs |
| ... | ... |
@@ -122,11 +121,11 @@ FLOATING_IP=`nova floating-ip-list | grep None | head -1 | cut -d '|' -f2 | sed |
| 122 | 122 |
# add floating ip to our server |
| 123 | 123 |
nova add-floating-ip $NAME $FLOATING_IP |
| 124 | 124 |
|
| 125 |
-# sleep for a smidge |
|
| 126 |
-sleep 5 |
|
| 127 |
- |
|
| 128 |
-# ping our floating ip |
|
| 129 |
-ping -c1 -w1 $FLOATING_IP |
|
| 125 |
+# test we can ping our floating ip within 10 seconds |
|
| 126 |
+if ! timeout 10 sh -c "while ! ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then |
|
| 127 |
+ echo "Couldn't ping server with floating ip" |
|
| 128 |
+ exit 1 |
|
| 129 |
+fi |
|
| 130 | 130 |
|
| 131 | 131 |
# pause the VM and verify we can't ping it anymore |
| 132 | 132 |
nova pause $NAME |
| ... | ... |
@@ -148,12 +147,10 @@ ping -c1 -w1 $FLOATING_IP |
| 148 | 148 |
# dis-allow icmp traffic (ping) |
| 149 | 149 |
nova secgroup-delete-rule $SECGROUP icmp -1 -1 0.0.0.0/0 |
| 150 | 150 |
|
| 151 |
-# sleep for a smidge |
|
| 152 |
-sleep 5 |
|
| 153 |
- |
|
| 154 |
-# ping our floating ip |
|
| 155 |
-if ( ping -c1 -w1 $FLOATING_IP ); then |
|
| 151 |
+# test we can aren't able to ping our floating ip within 10 seconds |
|
| 152 |
+if ! timeout 10 sh -c "while ping -c1 -w1 $FLOATING_IP; do sleep 1; done"; then |
|
| 156 | 153 |
print "Security group failure - ping should not be allowed!" |
| 154 |
+ echo "Couldn't ping server with floating ip" |
|
| 157 | 155 |
exit 1 |
| 158 | 156 |
fi |
| 159 | 157 |
|
| ... | ... |
@@ -1 +1,47 @@ |
| 1 |
-socat |
|
| 1 |
+Cmnd_Alias NOVACMDS = /bin/chmod /var/lib/nova/tmp/*/root/.ssh, \ |
|
| 2 |
+ /bin/chown /var/lib/nova/tmp/*/root/.ssh, \ |
|
| 3 |
+ /bin/chown, \ |
|
| 4 |
+ /bin/chmod, \ |
|
| 5 |
+ /bin/dd, \ |
|
| 6 |
+ /sbin/ifconfig, \ |
|
| 7 |
+ /sbin/ip, \ |
|
| 8 |
+ /sbin/route, \ |
|
| 9 |
+ /sbin/iptables, \ |
|
| 10 |
+ /sbin/iptables-save, \ |
|
| 11 |
+ /sbin/iptables-restore, \ |
|
| 12 |
+ /sbin/ip6tables-save, \ |
|
| 13 |
+ /sbin/ip6tables-restore, \ |
|
| 14 |
+ /sbin/kpartx, \ |
|
| 15 |
+ /sbin/losetup, \ |
|
| 16 |
+ /sbin/lvcreate, \ |
|
| 17 |
+ /sbin/lvdisplay, \ |
|
| 18 |
+ /sbin/lvremove, \ |
|
| 19 |
+ /bin/mkdir, \ |
|
| 20 |
+ /bin/mount, \ |
|
| 21 |
+ /sbin/pvcreate, \ |
|
| 22 |
+ /usr/bin/tee, \ |
|
| 23 |
+ /sbin/tune2fs, \ |
|
| 24 |
+ /bin/umount, \ |
|
| 25 |
+ /sbin/vgcreate, \ |
|
| 26 |
+ /usr/bin/virsh, \ |
|
| 27 |
+ /usr/bin/qemu-nbd, \ |
|
| 28 |
+ /usr/sbin/brctl, \ |
|
| 29 |
+ /sbin/brctl, \ |
|
| 30 |
+ /usr/sbin/radvd, \ |
|
| 31 |
+ /usr/sbin/vblade-persist, \ |
|
| 32 |
+ /sbin/pvcreate, \ |
|
| 33 |
+ /sbin/aoe-discover, \ |
|
| 34 |
+ /sbin/vgcreate, \ |
|
| 35 |
+ /bin/aoe-stat, \ |
|
| 36 |
+ /bin/kill, \ |
|
| 37 |
+ /sbin/vconfig, \ |
|
| 38 |
+ /usr/sbin/ietadm, \ |
|
| 39 |
+ /sbin/vgs, \ |
|
| 40 |
+ /sbin/iscsiadm, \ |
|
| 41 |
+ /usr/bin/socat, \ |
|
| 42 |
+ /sbin/parted, \ |
|
| 43 |
+ /usr/sbin/dnsmasq, \ |
|
| 44 |
+ /usr/bin/arping |
|
| 45 |
+ |
|
| 46 |
+%USER% ALL = (root) NOPASSWD: SETENV: NOVACMDS |
|
| 47 |
+ |
| ... | ... |
@@ -116,6 +116,15 @@ if [[ $EUID -eq 0 ]]; then |
| 116 | 116 |
exec su -c "set -e; cd $STACK_DIR; bash stack.sh" stack |
| 117 | 117 |
fi |
| 118 | 118 |
exit 1 |
| 119 |
+else |
|
| 120 |
+ # Our user needs passwordless priviledges for certain commands which nova |
|
| 121 |
+ # uses internally. |
|
| 122 |
+ # Natty uec images sudoers does not have a '#includedir'. add one. |
|
| 123 |
+ sudo grep -q "^#includedir.*/etc/sudoers.d" /etc/sudoers || |
|
| 124 |
+ echo "#includedir /etc/sudoers.d" | sudo tee -a /etc/sudoers |
|
| 125 |
+ sudo cp $FILES/sudo/nova /etc/sudoers.d/stack_sh_nova |
|
| 126 |
+ sudo sed -e "s,%USER%,$USER,g" -i /etc/sudoers.d/stack_sh_nova |
|
| 127 |
+ sudo chmod 0440 /etc/sudoers.d/stack_sh_nova |
|
| 119 | 128 |
fi |
| 120 | 129 |
|
| 121 | 130 |
# Set the destination directories for openstack projects |
| ... | ... |
@@ -364,8 +373,6 @@ cd $DASH_DIR/openstack-dashboard; sudo python setup.py develop |
| 364 | 364 |
# it since we are going to run the services in screen for simple |
| 365 | 365 |
cp $FILES/screenrc ~/.screenrc |
| 366 | 366 |
|
| 367 |
-## TODO: update current user to allow sudo for all commands in files/sudo/* |
|
| 368 |
- |
|
| 369 | 367 |
# Rabbit |
| 370 | 368 |
# --------- |
| 371 | 369 |
|