...
|
...
|
@@ -175,15 +175,15 @@ function configure_ironic_api {
|
175
|
175
|
function configure_ironic_conductor {
|
176
|
176
|
cp $IRONIC_DIR/etc/ironic/rootwrap.conf $IRONIC_ROOTWRAP_CONF
|
177
|
177
|
cp -r $IRONIC_DIR/etc/ironic/rootwrap.d $IRONIC_CONF_DIR
|
178
|
|
- IRONIC_ROOTWRAP=$(get_rootwrap_location ironic)
|
179
|
|
- ROOTWRAP_ISUDOER_CMD="$IRONIC_ROOTWRAP $IRONIC_CONF_DIR/rootwrap.conf *"
|
|
178
|
+ local ironic_rootwrap=$(get_rootwrap_location ironic)
|
|
179
|
+ local rootwrap_isudoer_cmd="$ironic_rootwrap $IRONIC_CONF_DIR/rootwrap.conf *"
|
180
|
180
|
|
181
|
181
|
# Set up the rootwrap sudoers for ironic
|
182
|
|
- TEMPFILE=`mktemp`
|
183
|
|
- echo "$STACK_USER ALL=(root) NOPASSWD: $ROOTWRAP_ISUDOER_CMD" >$TEMPFILE
|
184
|
|
- chmod 0440 $TEMPFILE
|
185
|
|
- sudo chown root:root $TEMPFILE
|
186
|
|
- sudo mv $TEMPFILE /etc/sudoers.d/ironic-rootwrap
|
|
182
|
+ local tempfile=`mktemp`
|
|
183
|
+ echo "$STACK_USER ALL=(root) NOPASSWD: $rootwrap_isudoer_cmd" >$tempfile
|
|
184
|
+ chmod 0440 $tempfile
|
|
185
|
+ sudo chown root:root $tempfile
|
|
186
|
+ sudo mv $tempfile /etc/sudoers.d/ironic-rootwrap
|
187
|
187
|
|
188
|
188
|
iniset $IRONIC_CONF_FILE DEFAULT rootwrap_config $IRONIC_ROOTWRAP_CONF
|
189
|
189
|
iniset $IRONIC_CONF_FILE DEFAULT enabled_drivers $IRONIC_ENABLED_DRIVERS
|
...
|
...
|
@@ -214,22 +214,22 @@ function create_ironic_cache_dir {
|
214
|
214
|
# service ironic admin # if enabled
|
215
|
215
|
function create_ironic_accounts {
|
216
|
216
|
|
217
|
|
- SERVICE_TENANT=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
218
|
|
- ADMIN_ROLE=$(openstack role list | awk "/ admin / { print \$2 }")
|
|
217
|
+ local service_tenant=$(openstack project list | awk "/ $SERVICE_TENANT_NAME / { print \$2 }")
|
|
218
|
+ local admin_role=$(openstack role list | awk "/ admin / { print \$2 }")
|
219
|
219
|
|
220
|
220
|
# Ironic
|
221
|
221
|
if [[ "$ENABLED_SERVICES" =~ "ir-api" ]]; then
|
222
|
222
|
# Get ironic user if exists
|
223
|
223
|
|
224
|
|
- IRONIC_USER=$(get_or_create_user "ironic" \
|
225
|
|
- "$SERVICE_PASSWORD" $SERVICE_TENANT)
|
226
|
|
- get_or_add_user_role $ADMIN_ROLE $IRONIC_USER $SERVICE_TENANT
|
|
224
|
+ local ironic_user=$(get_or_create_user "ironic" \
|
|
225
|
+ "$SERVICE_PASSWORD" $service_tenant)
|
|
226
|
+ get_or_add_user_role $admin_role $ironic_user $service_tenant
|
227
|
227
|
|
228
|
228
|
if [[ "$KEYSTONE_CATALOG_BACKEND" = 'sql' ]]; then
|
229
|
229
|
|
230
|
|
- IRONIC_SERVICE=$(get_or_create_service "ironic" \
|
|
230
|
+ local ironic_service=$(get_or_create_service "ironic" \
|
231
|
231
|
"baremetal" "Ironic baremetal provisioning service")
|
232
|
|
- get_or_create_endpoint $IRONIC_SERVICE \
|
|
232
|
+ get_or_create_endpoint $ironic_service \
|
233
|
233
|
"$REGION_NAME" \
|
234
|
234
|
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
|
235
|
235
|
"$IRONIC_SERVICE_PROTOCOL://$IRONIC_HOSTPORT" \
|
...
|
...
|
@@ -301,15 +301,15 @@ function configure_ironic_dirs {
|
301
|
301
|
sudo chown -R $STACK_USER $IRONIC_DATA_DIR $IRONIC_STATE_PATH
|
302
|
302
|
sudo chown -R $STACK_USER:$LIBVIRT_GROUP $IRONIC_TFTPBOOT_DIR
|
303
|
303
|
if is_ubuntu; then
|
304
|
|
- PXEBIN=/usr/lib/syslinux/pxelinux.0
|
|
304
|
+ local pxebin=/usr/lib/syslinux/pxelinux.0
|
305
|
305
|
elif is_fedora; then
|
306
|
|
- PXEBIN=/usr/share/syslinux/pxelinux.0
|
|
306
|
+ local pxebin=/usr/share/syslinux/pxelinux.0
|
307
|
307
|
fi
|
308
|
|
- if [ ! -f $PXEBIN ]; then
|
|
308
|
+ if [ ! -f $pxebin ]; then
|
309
|
309
|
die $LINENO "pxelinux.0 (from SYSLINUX) not found."
|
310
|
310
|
fi
|
311
|
311
|
|
312
|
|
- cp $PXEBIN $IRONIC_TFTPBOOT_DIR
|
|
312
|
+ cp $pxebin $IRONIC_TFTPBOOT_DIR
|
313
|
313
|
mkdir -p $IRONIC_TFTPBOOT_DIR/pxelinux.cfg
|
314
|
314
|
}
|
315
|
315
|
|
...
|
...
|
@@ -317,20 +317,20 @@ function create_bridge_and_vms {
|
317
|
317
|
# Call libvirt setup scripts in a new shell to ensure any new group membership
|
318
|
318
|
sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/setup-network"
|
319
|
319
|
if [[ "$IRONIC_VM_LOG_CONSOLE" == "True" ]] ; then
|
320
|
|
- LOG_ARG="$IRONIC_VM_LOG_DIR"
|
|
320
|
+ local log_arg="$IRONIC_VM_LOG_DIR"
|
321
|
321
|
else
|
322
|
|
- LOG_ARG=""
|
|
322
|
+ local log_arg=""
|
323
|
323
|
fi
|
324
|
324
|
sudo su $STACK_USER -c "$IRONIC_SCRIPTS_DIR/create-nodes \
|
325
|
325
|
$IRONIC_VM_SPECS_CPU $IRONIC_VM_SPECS_RAM $IRONIC_VM_SPECS_DISK \
|
326
|
326
|
amd64 $IRONIC_VM_COUNT $IRONIC_VM_NETWORK_BRIDGE $IRONIC_VM_EMULATOR \
|
327
|
|
- $LOG_ARG" >> $IRONIC_VM_MACS_CSV_FILE
|
|
327
|
+ $log_arg" >> $IRONIC_VM_MACS_CSV_FILE
|
328
|
328
|
}
|
329
|
329
|
|
330
|
330
|
function enroll_vms {
|
331
|
331
|
|
332
|
|
- CHASSIS_ID=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2)
|
333
|
|
- IRONIC_NET_ID=$(neutron net-list | grep private | get_field 1)
|
|
332
|
+ local chassis_id=$(ironic chassis-create -d "ironic test chassis" | grep " uuid " | get_field 2)
|
|
333
|
+ local ironic_net_id=$(neutron net-list | grep private | get_field 1)
|
334
|
334
|
local idx=0
|
335
|
335
|
|
336
|
336
|
# work around; need to know what netns neutron uses for private network.
|
...
|
...
|
@@ -339,11 +339,11 @@ function enroll_vms {
|
339
|
339
|
# the instances operation. If we don't do this, the first port creation
|
340
|
340
|
# only happens in the middle of fake baremetal instance's spawning by nova,
|
341
|
341
|
# so we'll end up with unbootable fake baremetal VM due to broken PXE.
|
342
|
|
- PORT_ID=$(neutron port-create private | grep " id " | get_field 2)
|
|
342
|
+ local port_id=$(neutron port-create private | grep " id " | get_field 2)
|
343
|
343
|
|
344
|
344
|
while read MAC; do
|
345
|
345
|
|
346
|
|
- NODE_ID=$(ironic node-create --chassis_uuid $CHASSIS_ID --driver pxe_ssh \
|
|
346
|
+ local node_id=$(ironic node-create --chassis_uuid $chassis_id --driver pxe_ssh \
|
347
|
347
|
-i pxe_deploy_kernel=$IRONIC_DEPLOY_KERNEL_ID \
|
348
|
348
|
-i pxe_deploy_ramdisk=$IRONIC_DEPLOY_RAMDISK_ID \
|
349
|
349
|
-i ssh_virt_type=$IRONIC_SSH_VIRT_TYPE \
|
...
|
...
|
@@ -357,14 +357,14 @@ function enroll_vms {
|
357
|
357
|
-p cpu_arch=x86_64 \
|
358
|
358
|
| grep " uuid " | get_field 2)
|
359
|
359
|
|
360
|
|
- ironic port-create --address $MAC --node_uuid $NODE_ID
|
|
360
|
+ ironic port-create --address $MAC --node_uuid $node_id
|
361
|
361
|
|
362
|
362
|
idx=$((idx+1))
|
363
|
363
|
|
364
|
364
|
done < $IRONIC_VM_MACS_CSV_FILE
|
365
|
365
|
|
366
|
366
|
# create the nova flavor
|
367
|
|
- adjusted_disk=$(($IRONIC_VM_SPECS_DISK - $IRONIC_VM_EPHEMERAL_DISK))
|
|
367
|
+ local adjusted_disk=$(($IRONIC_VM_SPECS_DISK - $IRONIC_VM_EPHEMERAL_DISK))
|
368
|
368
|
nova flavor-create --ephemeral $IRONIC_VM_EPHEMERAL_DISK baremetal auto $IRONIC_VM_SPECS_RAM $adjusted_disk $IRONIC_VM_SPECS_CPU
|
369
|
369
|
# TODO(lucasagomes): Remove the 'baremetal:deploy_kernel_id'
|
370
|
370
|
# and 'baremetal:deploy_ramdisk_id' parameters
|
...
|
...
|
@@ -374,8 +374,8 @@ function enroll_vms {
|
374
|
374
|
|
375
|
375
|
# intentional sleep to make sure the tag has been set to port
|
376
|
376
|
sleep 10
|
377
|
|
- TAPDEV=$(sudo ip netns exec qdhcp-${IRONIC_NET_ID} ip link list | grep tap | cut -d':' -f2 | cut -b2-)
|
378
|
|
- TAG_ID=$(sudo ovs-vsctl show |grep ${TAPDEV} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-)
|
|
377
|
+ local tapdev=$(sudo ip netns exec qdhcp-${ironic_net_id} ip link list | grep tap | cut -d':' -f2 | cut -b2-)
|
|
378
|
+ local tag_id=$(sudo ovs-vsctl show |grep ${tapdev} -A1 -m1 | grep tag | cut -d':' -f2 | cut -b2-)
|
379
|
379
|
|
380
|
380
|
# make sure veth pair is not existing, otherwise delete its links
|
381
|
381
|
sudo ip link show ovs-tap1 && sudo ip link delete ovs-tap1
|
...
|
...
|
@@ -385,12 +385,12 @@ function enroll_vms {
|
385
|
385
|
sudo ip link set dev brbm-tap1 up
|
386
|
386
|
sudo ip link set dev ovs-tap1 up
|
387
|
387
|
|
388
|
|
- sudo ovs-vsctl -- --if-exists del-port ovs-tap1 -- add-port br-int ovs-tap1 tag=$TAG_ID
|
|
388
|
+ sudo ovs-vsctl -- --if-exists del-port ovs-tap1 -- add-port br-int ovs-tap1 tag=$tag_id
|
389
|
389
|
sudo ovs-vsctl -- --if-exists del-port brbm-tap1 -- add-port $IRONIC_VM_NETWORK_BRIDGE brbm-tap1
|
390
|
390
|
|
391
|
391
|
# Remove the port needed only for workaround. For additional info read the
|
392
|
392
|
# comment at the beginning of this function
|
393
|
|
- neutron port-delete $PORT_ID
|
|
393
|
+ neutron port-delete $port_id
|
394
|
394
|
}
|
395
|
395
|
|
396
|
396
|
function configure_iptables {
|
...
|
...
|
@@ -404,11 +404,11 @@ function configure_iptables {
|
404
|
404
|
|
405
|
405
|
function configure_tftpd {
|
406
|
406
|
if is_ubuntu; then
|
407
|
|
- PXEBIN=/usr/lib/syslinux/pxelinux.0
|
|
407
|
+ local pxebin=/usr/lib/syslinux/pxelinux.0
|
408
|
408
|
elif is_fedora; then
|
409
|
|
- PXEBIN=/usr/share/syslinux/pxelinux.0
|
|
409
|
+ local pxebin=/usr/share/syslinux/pxelinux.0
|
410
|
410
|
fi
|
411
|
|
- if [ ! -f $PXEBIN ]; then
|
|
411
|
+ if [ ! -f $pxebin ]; then
|
412
|
412
|
die $LINENO "pxelinux.0 (from SYSLINUX) not found."
|
413
|
413
|
fi
|
414
|
414
|
|
...
|
...
|
@@ -441,12 +441,12 @@ function configure_ironic_ssh_keypair {
|
441
|
441
|
}
|
442
|
442
|
|
443
|
443
|
function ironic_ssh_check {
|
444
|
|
- local KEY_FILE=$1
|
445
|
|
- local FLOATING_IP=$2
|
446
|
|
- local PORT=$3
|
447
|
|
- local DEFAULT_INSTANCE_USER=$4
|
448
|
|
- local ACTIVE_TIMEOUT=$5
|
449
|
|
- if ! timeout $ACTIVE_TIMEOUT sh -c "while ! ssh -p $PORT -o StrictHostKeyChecking=no -i $KEY_FILE ${DEFAULT_INSTANCE_USER}@$FLOATING_IP echo success; do sleep 1; done"; then
|
|
444
|
+ local key_file=$1
|
|
445
|
+ local floating_ip=$2
|
|
446
|
+ local port=$3
|
|
447
|
+ local default_instance_user=$4
|
|
448
|
+ local active_timeout=$5
|
|
449
|
+ if ! timeout $active_timeout sh -c "while ! ssh -p $port -o StrictHostKeyChecking=no -i $key_file ${default_instance_user}@$floating_ip echo success; do sleep 1; done"; then
|
450
|
450
|
die $LINENO "server didn't become ssh-able!"
|
451
|
451
|
fi
|
452
|
452
|
}
|
...
|
...
|
@@ -458,16 +458,17 @@ function configure_ironic_auxiliary {
|
458
|
458
|
}
|
459
|
459
|
|
460
|
460
|
# build deploy kernel+ramdisk, then upload them to glance
|
461
|
|
-# this function sets IRONIC_DEPLOY_KERNEL_ID and IRONIC_DEPLOY_RAMDISK_ID
|
|
461
|
+# this function sets ``IRONIC_DEPLOY_KERNEL_ID``, ``IRONIC_DEPLOY_RAMDISK_ID``
|
462
|
462
|
function upload_baremetal_ironic_deploy {
|
463
|
|
- token=$1
|
|
463
|
+ local token=$1
|
|
464
|
+ declare -g IRONIC_DEPLOY_KERNEL_ID IRONIC_DEPLOY_RAMDISK_ID
|
464
|
465
|
|
465
|
466
|
if [ -z "$IRONIC_DEPLOY_KERNEL" -o -z "$IRONIC_DEPLOY_RAMDISK" ]; then
|
466
|
|
- IRONIC_DEPLOY_KERNEL_PATH=$TOP_DIR/files/ir-deploy.kernel
|
467
|
|
- IRONIC_DEPLOY_RAMDISK_PATH=$TOP_DIR/files/ir-deploy.initramfs
|
|
467
|
+ local IRONIC_DEPLOY_KERNEL_PATH=$TOP_DIR/files/ir-deploy.kernel
|
|
468
|
+ local IRONIC_DEPLOY_RAMDISK_PATH=$TOP_DIR/files/ir-deploy.initramfs
|
468
|
469
|
else
|
469
|
|
- IRONIC_DEPLOY_KERNEL_PATH=$IRONIC_DEPLOY_KERNEL
|
470
|
|
- IRONIC_DEPLOY_RAMDISK_PATH=$IRONIC_DEPLOY_RAMDISK
|
|
470
|
+ local IRONIC_DEPLOY_KERNEL_PATH=$IRONIC_DEPLOY_KERNEL
|
|
471
|
+ local IRONIC_DEPLOY_RAMDISK_PATH=$IRONIC_DEPLOY_RAMDISK
|
471
|
472
|
fi
|
472
|
473
|
|
473
|
474
|
if [ ! -e "$IRONIC_DEPLOY_RAMDISK_PATH" -o ! -e "$IRONIC_DEPLOY_KERNEL_PATH" ]; then
|
...
|
...
|
@@ -508,19 +509,20 @@ function prepare_baremetal_basic_ops {
|
508
|
508
|
git_clone $DIB_REPO $DIB_DIR $DIB_BRANCH
|
509
|
509
|
|
510
|
510
|
# make sure all needed service were enabled
|
|
511
|
+ local srv
|
511
|
512
|
for srv in nova glance key neutron; do
|
512
|
513
|
if ! is_service_enabled "$srv"; then
|
513
|
514
|
die $LINENO "$srv should be enabled for ironic tests"
|
514
|
515
|
fi
|
515
|
516
|
done
|
516
|
517
|
|
517
|
|
- TOKEN=$(keystone token-get | grep ' id ' | get_field 2)
|
518
|
|
- die_if_not_set $LINENO TOKEN "Keystone fail to get token"
|
|
518
|
+ local token=$(keystone token-get | grep ' id ' | get_field 2)
|
|
519
|
+ die_if_not_set $LINENO token "Keystone fail to get token"
|
519
|
520
|
|
520
|
521
|
echo_summary "Creating and uploading baremetal images for ironic"
|
521
|
522
|
|
522
|
523
|
# build and upload separate deploy kernel & ramdisk
|
523
|
|
- upload_baremetal_ironic_deploy $TOKEN
|
|
524
|
+ upload_baremetal_ironic_deploy $token
|
524
|
525
|
|
525
|
526
|
create_bridge_and_vms
|
526
|
527
|
enroll_vms
|
...
|
...
|
@@ -536,9 +538,9 @@ function prepare_baremetal_basic_ops {
|
536
|
536
|
function cleanup_baremetal_basic_ops {
|
537
|
537
|
rm -f $IRONIC_VM_MACS_CSV_FILE
|
538
|
538
|
if [ -f $IRONIC_KEY_FILE ]; then
|
539
|
|
- KEY=`cat $IRONIC_KEY_FILE.pub`
|
|
539
|
+ local key=$(cat $IRONIC_KEY_FILE.pub)
|
540
|
540
|
# remove public key from authorized_keys
|
541
|
|
- grep -v "$KEY" $IRONIC_AUTHORIZED_KEYS_FILE > temp && mv temp $IRONIC_AUTHORIZED_KEYS_FILE
|
|
541
|
+ grep -v "$key" $IRONIC_AUTHORIZED_KEYS_FILE > temp && mv temp $IRONIC_AUTHORIZED_KEYS_FILE
|
542
|
542
|
chmod 0600 $IRONIC_AUTHORIZED_KEYS_FILE
|
543
|
543
|
fi
|
544
|
544
|
sudo rm -rf $IRONIC_DATA_DIR $IRONIC_STATE_PATH
|