...
|
...
|
@@ -91,14 +91,14 @@ set -o xtrace
|
91
|
91
|
# This script is customizable through setting environment variables. If you
|
92
|
92
|
# want to override a setting you can either::
|
93
|
93
|
#
|
94
|
|
-# export MYSQL_PASS=anothersecret
|
|
94
|
+# export MYSQL_PASSWORD=anothersecret
|
95
|
95
|
# ./stack.sh
|
96
|
96
|
#
|
97
|
|
-# You can also pass options on a single line ``MYSQL_PASS=simple ./stack.sh``
|
|
97
|
+# You can also pass options on a single line ``MYSQL_PASSWORD=simple ./stack.sh``
|
98
|
98
|
#
|
99
|
99
|
# Additionally, you can put any local variables into a ``localrc`` file, like::
|
100
|
100
|
#
|
101
|
|
-# MYSQL_PASS=anothersecret
|
|
101
|
+# MYSQL_PASSWORD=anothersecret
|
102
|
102
|
# MYSQL_USER=hellaroot
|
103
|
103
|
#
|
104
|
104
|
# We try to have sensible defaults, so you should be able to run ``./stack.sh``
|
...
|
...
|
@@ -111,7 +111,7 @@ set -o xtrace
|
111
|
111
|
#
|
112
|
112
|
# If ``localrc`` exists, then ``stackrc`` will load those settings. This is
|
113
|
113
|
# useful for changing a branch or repostiory to test other versions. Also you
|
114
|
|
-# can store your other settings like **MYSQL_PASS** or **ADMIN_PASSWORD** instead
|
|
114
|
+# can store your other settings like **MYSQL_PASSWORD** or **ADMIN_PASSWORD** instead
|
115
|
115
|
# of letting devstack generate random ones for you.
|
116
|
116
|
source ./stackrc
|
117
|
117
|
|
...
|
...
|
@@ -146,6 +146,43 @@ if [ ! -n "$HOST_IP" ]; then
|
146
|
146
|
HOST_IP=`LC_ALL=C /sbin/ifconfig | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'`
|
147
|
147
|
fi
|
148
|
148
|
|
|
149
|
+# Generic helper to configure passwords
|
|
150
|
+function read_password {
|
|
151
|
+ set +o xtrace
|
|
152
|
+ var=$1; msg=$2
|
|
153
|
+ pw=${!var}
|
|
154
|
+
|
|
155
|
+ # If the password is not defined yet, proceed to prompt user for a password.
|
|
156
|
+ if [ ! $pw ]; then
|
|
157
|
+ # If there is no localrc file, create one
|
|
158
|
+ if [ ! -e localrc ]; then
|
|
159
|
+ touch localrc
|
|
160
|
+ fi
|
|
161
|
+
|
|
162
|
+ # Presumably if we got this far it can only be that our localrc is missing
|
|
163
|
+ # the required password. Prompt user for a password and write to localrc.
|
|
164
|
+ if ! grep -q $1 localrc; then
|
|
165
|
+ echo ''
|
|
166
|
+ echo '################################################################################'
|
|
167
|
+ echo $msg
|
|
168
|
+ echo '################################################################################'
|
|
169
|
+ echo "This value will be written to your localrc file."
|
|
170
|
+ echo "It is probably best to avoid spaces and weird characters."
|
|
171
|
+ echo "If you leave this blank, a random default value will be used."
|
|
172
|
+ echo "Enter a password now:"
|
|
173
|
+ read $var
|
|
174
|
+ pw=${!var}
|
|
175
|
+ if [ ! $pw ]; then
|
|
176
|
+ pw=`openssl rand -hex 10`
|
|
177
|
+ fi
|
|
178
|
+ eval "$var=$pw"
|
|
179
|
+ echo "$var=$pw" >> localrc
|
|
180
|
+ fi
|
|
181
|
+ fi
|
|
182
|
+ set -o xtrace
|
|
183
|
+}
|
|
184
|
+
|
|
185
|
+
|
149
|
186
|
# Nova Network Configuration
|
150
|
187
|
# --------------------------
|
151
|
188
|
|
...
|
...
|
@@ -194,31 +231,32 @@ FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}
|
194
|
194
|
|
195
|
195
|
# By default this script will install and configure MySQL. If you want to
|
196
|
196
|
# use an existing server, you can pass in the user/password/host parameters.
|
197
|
|
-# You will need to send the same ``MYSQL_PASS`` to every host if you are doing
|
|
197
|
+# You will need to send the same ``MYSQL_PASSWORD`` to every host if you are doing
|
198
|
198
|
# a multi-node devstack installation.
|
199
|
199
|
MYSQL_USER=${MYSQL_USER:-root}
|
200
|
|
-MYSQL_PASS=${MYSQL_PASS:-`openssl rand -hex 12`}
|
|
200
|
+read_password MYSQL_PASSWORD "ENTER A PASSWORD TO USE FOR MYSQL."
|
201
|
201
|
MYSQL_HOST=${MYSQL_HOST:-localhost}
|
202
|
202
|
|
203
|
203
|
# don't specify /db in this string, so we can use it for multiple services
|
204
|
|
-BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST}
|
|
204
|
+BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASSWORD@$MYSQL_HOST}
|
205
|
205
|
|
206
|
206
|
# Rabbit connection info
|
207
|
207
|
RABBIT_HOST=${RABBIT_HOST:-localhost}
|
208
|
208
|
RABBIT_PASSWORD=${RABBIT_PASSWORD:-`openssl rand -hex 12`}
|
|
209
|
+read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."
|
209
|
210
|
|
210
|
211
|
# Glance connection info. Note the port must be specified.
|
211
|
212
|
GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}
|
212
|
213
|
|
|
214
|
+
|
213
|
215
|
# Keystone
|
214
|
216
|
# --------
|
215
|
217
|
|
216
|
218
|
# Service Token - Openstack components need to have an admin token
|
217
|
219
|
# to validate user tokens.
|
218
|
|
-SERVICE_TOKEN=${SERVICE_TOKEN:-`openssl rand -hex 12`}
|
|
220
|
+read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."
|
219
|
221
|
# Dash currently truncates usernames and passwords at 20 characters
|
220
|
|
-# so use 10 bytes
|
221
|
|
-ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 10`}
|
|
222
|
+read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR DASH AND KEYSTONE (20 CHARS OR LESS)."
|
222
|
223
|
|
223
|
224
|
|
224
|
225
|
# Install Packages
|
...
|
...
|
@@ -301,15 +339,15 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then
|
301
|
301
|
# Seed configuration with mysql password so that apt-get install doesn't
|
302
|
302
|
# prompt us for a password upon install.
|
303
|
303
|
cat <<MYSQL_PRESEED | sudo debconf-set-selections
|
304
|
|
-mysql-server-5.1 mysql-server/root_password password $MYSQL_PASS
|
305
|
|
-mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASS
|
|
304
|
+mysql-server-5.1 mysql-server/root_password password $MYSQL_PASSWORD
|
|
305
|
+mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASSWORD
|
306
|
306
|
mysql-server-5.1 mysql-server/start_on_boot boolean true
|
307
|
307
|
MYSQL_PRESEED
|
308
|
308
|
|
309
|
309
|
# Install and start mysql-server
|
310
|
310
|
sudo apt-get -y -q install mysql-server
|
311
|
311
|
# Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases:
|
312
|
|
- sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';"
|
|
312
|
+ sudo mysql -uroot -p$MYSQL_PASSWORD -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASSWORD';"
|
313
|
313
|
|
314
|
314
|
# Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service:
|
315
|
315
|
sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf
|
...
|
...
|
@@ -360,8 +398,8 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then
|
360
|
360
|
mkdir -p $GLANCE_IMAGE_DIR
|
361
|
361
|
|
362
|
362
|
# (re)create glance database
|
363
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS glance;'
|
364
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;'
|
|
363
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS glance;'
|
|
364
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE glance;'
|
365
|
365
|
# Copy over our glance-registry.conf
|
366
|
366
|
GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf
|
367
|
367
|
cp $FILES/glance-registry.conf $GLANCE_CONF
|
...
|
...
|
@@ -490,8 +528,8 @@ fi
|
490
|
490
|
|
491
|
491
|
if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then
|
492
|
492
|
# (re)create nova database
|
493
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS nova;'
|
494
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE nova;'
|
|
493
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS nova;'
|
|
494
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE nova;'
|
495
|
495
|
|
496
|
496
|
# (re)create nova database
|
497
|
497
|
$NOVA_DIR/bin/nova-manage db sync
|
...
|
...
|
@@ -509,8 +547,8 @@ fi
|
509
|
509
|
|
510
|
510
|
if [[ "$ENABLED_SERVICES" =~ "key" ]]; then
|
511
|
511
|
# (re)create keystone database
|
512
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS keystone;'
|
513
|
|
- mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE keystone;'
|
|
512
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS keystone;'
|
|
513
|
+ mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE keystone;'
|
514
|
514
|
|
515
|
515
|
# FIXME (anthony) keystone should use keystone.conf.example
|
516
|
516
|
KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf
|