deleted file mode 100755

@@ -1,251 +0,0 @@

-#!/usr/bin/env bash

-

-# Sanity check

-if [ "$EUID" -ne "0" ]; then

-  echo "This script must be run with root privileges."

-  exit 1

-fi

-

-# Warn users who aren't on natty

-if ! grep -q natty /etc/lsb-release; then

-    echo "WARNING: this script has only been tested on natty"

-fi

-

-# Source params

-source ./stackrc

-

-# Store cwd

-CWD=`pwd`

-

-# Configurable params

-BRIDGE=${BRIDGE:-br0}

-CONTAINER=${CONTAINER:-STACK}

-CONTAINER_IP=${CONTAINER_IP:-192.168.1.50}

-CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24}

-CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0}

-CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1}

-NAMESERVER=${NAMESERVER:-$CONTAINER_GATEWAY}

-COPYENV=${COPYENV:-1}

-DEST=${DEST:-/opt/stack}

-

-# Param string to pass to stack.sh.  Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova"

-STACKSH_PARAMS=${STACKSH_PARAMS:-}

-

-# Option to use the version of devstack on which we are currently working

-USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}

-

-

-# Install deps

-apt-get install -y lxc debootstrap

-

-# Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup

-if ! which cgdelete | grep -q cgdelete; then

-    apt-get install -y g++ bison flex libpam0g-dev make

-    wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2

-    cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2  && tar xfv libcgroup-0.37.1.tar

-    cd libcgroup-0.37.1

-    ./configure

-    make install

-    ldconfig

-fi

-

-# Create lxc configuration

-LXC_CONF=/tmp/$CONTAINER.conf

-cat > $LXC_CONF <<EOF

-lxc.network.type = veth

-lxc.network.link = $BRIDGE

-lxc.network.flags = up

-lxc.network.ipv4 = $CONTAINER_CIDR

-# allow tap/tun devices

-lxc.cgroup.devices.allow = c 10:200 rwm

-EOF

-

-# Shutdown any existing container

-lxc-stop -n $CONTAINER

-

-# This kills zombie containers

-if [ -d /cgroup/$CONTAINER ]; then

-    cgdelete -r cpu,net_cls:$CONTAINER

-fi

-

-# git clone only if directory doesn't exist already.  Since ``DEST`` might not

-# be owned by the installation user, we create the directory and change the

-# ownership to the proper user.

-function git_clone {

-    if [ ! -d $2 ]; then

-        sudo mkdir $2

-        sudo chown `whoami` $2

-        git clone $1 $2

-        cd $2

-        # This checkout syntax works for both branches and tags

-        git checkout $3

-    fi

-}

-

-# Location of the base image directory

-CACHEDIR=/var/cache/lxc/natty/rootfs-amd64

-

-# Provide option to do totally clean install

-if [ "$CLEAR_LXC_CACHE" = "1" ]; then

-    rm -rf $CACHEDIR

-fi

-

-# Warm the base image on first install

-if [ ! -f $CACHEDIR/bootstrapped ]; then

-    # by deleting the container, we force lxc-create to re-bootstrap (lxc is

-    # lazy and doesn't do anything if a container already exists)

-    lxc-destroy -n $CONTAINER

-    # trigger the initial debootstrap

-    lxc-create -n $CONTAINER -t natty -f $LXC_CONF

-    chroot $CACHEDIR apt-get update

-    chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"`

-    chroot $CACHEDIR pip install `cat files/pips/*`

-    touch $CACHEDIR/bootstrapped

-fi

-

-# Clean out code repos if directed to do so

-if [ "$CLEAN" = "1" ]; then

-    rm -rf $CACHEDIR/$DEST

-fi

-

-# Cache openstack code

-mkdir -p $CACHEDIR/$DEST

-git_clone $NOVA_REPO $CACHEDIR/$DEST/nova $NOVA_BRANCH

-git_clone $GLANCE_REPO $CACHEDIR/$DEST/glance $GLANCE_BRANCH

-git_clone $KEYSTONE_REPO $CACHEDIR/$DESTkeystone $KEYSTONE_BRANCH

-git_clone $NOVNC_REPO $CACHEDIR/$DEST/novnc $NOVNC_BRANCH

-git_clone $DASH_REPO $CACHEDIR/$DEST/dash $DASH_BRANCH $DASH_TAG

-git_clone $NOVACLIENT_REPO $CACHEDIR/$DEST/python-novaclient $NOVACLIENT_BRANCH

-git_clone $OPENSTACKX_REPO $CACHEDIR/$DEST/openstackx $OPENSTACKX_BRANCH

-

-# Use this version of devstack?

-if [ "$USE_CURRENT_DEVSTACK" = "1" ]; then

-    rm -rf $CACHEDIR/$DEST/devstack

-    cp -pr $CWD $CACHEDIR/$DEST/devstack

-fi

-

-# Destroy the old container

-lxc-destroy -n $CONTAINER

-

-# If this call is to TERMINATE the container then exit

-if [ "$TERMINATE" = "1" ]; then

-    exit

-fi

-

-# Create the container

-lxc-create -n $CONTAINER -t natty -f $LXC_CONF

-

-# Specify where our container rootfs lives

-ROOTFS=/var/lib/lxc/$CONTAINER/rootfs/

-

-# Create a stack user that is a member of the libvirtd group so that stack

-# is able to interact with libvirt.

-chroot $ROOTFS groupadd libvirtd

-chroot $ROOTFS useradd stack -s /bin/bash -d $DEST -G libvirtd

-

-# a simple password - pass

-echo stack:pass | chroot $ROOTFS chpasswd

-

-# and has sudo ability (in the future this should be limited to only what

-# stack requires)

-echo "stack ALL=(ALL) NOPASSWD: ALL" >> $ROOTFS/etc/sudoers

-

-# Copy kernel modules

-mkdir -p $ROOTFS/lib/modules/`uname -r`/kernel

-cp -p /lib/modules/`uname -r`/modules.dep $ROOTFS/lib/modules/`uname -r`/

-cp -pR /lib/modules/`uname -r`/kernel/net $ROOTFS/lib/modules/`uname -r`/kernel/

-

-# Gracefully cp only if source file/dir exists

-function cp_it {

-    if [ -e $1 ] || [ -d $1 ]; then

-        cp -pRL $1 $2

-    fi

-}

-

-# Copy over your ssh keys and env if desired

-if [ "$COPYENV" = "1" ]; then

-    cp_it ~/.ssh $ROOTFS/$DEST/.ssh

-    cp_it ~/.ssh/id_rsa.pub $ROOTFS/$DEST/.ssh/authorized_keys

-    cp_it ~/.gitconfig $ROOTFS/$DEST/.gitconfig

-    cp_it ~/.vimrc $ROOTFS/$DEST/.vimrc

-    cp_it ~/.bashrc $ROOTFS/$DEST/.bashrc

-fi

-

-# Make our ip address hostnames look nice at the command prompt

-echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/$DEST/.bashrc

-echo "export PS1='${debian_chroot:+($debian_chroot)}\\u@\\H:\\w\\$ '" >> $ROOTFS/etc/profile

-

-# Give stack ownership over $DEST so it may do the work needed

-chroot $ROOTFS chown -R stack $DEST

-

-# Configure instance network

-INTERFACES=$ROOTFS/etc/network/interfaces

-cat > $INTERFACES <<EOF

-auto lo

-iface lo inet loopback

-

-auto eth0

-iface eth0 inet static

-        address $CONTAINER_IP

-        netmask $CONTAINER_NETMASK

-        gateway $CONTAINER_GATEWAY

-EOF

-

-# Configure the runner

-RUN_SH=$ROOTFS/$DEST/run.sh

-cat > $RUN_SH <<EOF

-#!/usr/bin/env bash

-# Make sure dns is set up

-echo "nameserver $NAMESERVER" | sudo resolvconf -a eth0

-sleep 1

-

-# Kill any existing screens

-killall screen

-

-# Install and run stack.sh

-sudo apt-get update

-sudo apt-get -y --force-yes install git-core vim-nox sudo

-if [ ! -d "$DEST/devstack" ]; then

-    git clone git://github.com/cloudbuilders/devstack.git $DEST/devstack

-fi

-cd $DEST/devstack && $STACKSH_PARAMS ./stack.sh > /$DEST/run.sh.log

-echo >> /$DEST/run.sh.log

-echo >> /$DEST/run.sh.log

-echo "All done! Time to start clicking." >> /$DEST/run.sh.log

-EOF

-

-# Make the run.sh executable

-chmod 755 $RUN_SH

-

-# Make runner launch on boot

-RC_LOCAL=$ROOTFS/etc/rc.local

-cat > $RC_LOCAL <<EOF

-#!/bin/sh -e

-su -c "$DEST/run.sh" stack

-EOF

-

-# Configure cgroup directory

-if ! mount | grep -q cgroup; then

-    mkdir -p /cgroup

-    mount none -t cgroup /cgroup

-fi

-

-# Start our container

-lxc-start -d -n $CONTAINER

-

-# Done creating the container, let's tail the log

-echo

-echo "============================================================="

-echo "                          -- YAY! --"

-echo "============================================================="

-echo

-echo "We're done creating the container, about to start tailing the"

-echo "stack.sh log. It will take a second or two to start."

-echo

-echo "Just CTRL-C at any time to stop tailing."

-

-while [ ! -e "$ROOTFS/$DEST/run.sh.log" ]; do

-  sleep 1

-done

-

-tail -F $ROOTFS/$DEST/run.sh.log

deleted file mode 100755

@@ -1,39 +0,0 @@

-#!/usr/bin/env bash

-# Head node host, which runs glance, api, keystone

-HEAD_HOST=${HEAD_HOST:-192.168.1.52}

-COMPUTE_HOSTS=${COMPUTE_HOSTS:-192.168.1.53,192.168.1.54}

-

-# Networking params

-NAMESERVER=${NAMESERVER:-192.168.1.1}

-GATEWAY=${GATEWAY:-192.168.1.1}

-NETMASK=${NETMASK:-255.255.255.0}

-FLOATING_RANGE=${FLOATING_RANGE:-192.168.1.196/30}

-

-# Setting this to 1 shuts down and destroys our containers without relaunching.

-TERMINATE=${TERMINATE:-0}

-

-# Variables common amongst all hosts in the cluster

-COMMON_VARS="MYSQL_HOST=$HEAD_HOST RABBIT_HOST=$HEAD_HOST GLANCE_HOSTPORT=$HEAD_HOST:9292 NET_MAN=FlatDHCPManager FLAT_INTERFACE=eth0 FLOATING_RANGE=$FLOATING_RANGE MULTI_HOST=1"

-

-# Helper to launch containers

-function run_lxc {

-    # For some reason container names with periods can cause issues :/

-    CONTAINER=$1 CONTAINER_IP=$2 CONTAINER_NETMASK=$NETMASK CONTAINER_GATEWAY=$GATEWAY NAMESERVER=$NAMESERVER TERMINATE=$TERMINATE STACKSH_PARAMS="$COMMON_VARS $3" ./build_lxc.sh

-}

-

-# Launch the head node - headnode uses a non-ip domain name,

-# because rabbit won't launch with an ip addr hostname :(

-run_lxc STACKMASTER $HEAD_HOST "ENABLED_SERVICES=g-api,g-reg,key,n-api,n-sch,n-vnc,dash,mysql,rabbit"

-

-# Wait till the head node is up

-if [ ! "$TERMINATE" = "1" ]; then

-    while ! wget -q -O- http://$HEAD_HOST | grep -q username; do

-        echo "Waiting for head node ($HEAD_HOST) to start..."

-        sleep 5

-    done

-fi

-

-# Launch the compute hosts

-for compute_host in ${COMPUTE_HOSTS//,/ }; do

-    run_lxc $compute_host $compute_host "ENABLED_SERVICES=n-cpu,n-net,n-api"

-done

@@ -52,10 +52,17 @@ export NOVA_VERSION=1.1

 # FIXME - why does this need to be specified?

 export NOVA_REGION_NAME=RegionOne

+# set log level to DEBUG (helps debug issues)

+export NOVACLIENT_DEBUG=1

 # Get a token for clients that don't support service catalog

 # ==========================================================

-SERVICE_TOKEN=`curl -s -d  "{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_PROJECT_ID\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`

+

+# manually create a token by querying keystone (sending JSON data).  Keystone 

+# returns a token and catalog of endpoints.  We use python to parse the token

+# and save it.

+

+TOKEN=`curl -s -d  "{\"auth\":{\"passwordCredentials\": {\"username\": \"$NOVA_USERNAME\", \"password\": \"$NOVA_API_KEY\"}}}" -H "Content-type: application/json" http://$HOST:5000/v2.0/tokens | python -c "import sys; import json; tok = json.loads(sys.stdin.read()); print tok['access']['token']['id'];"`

 # Launching a server

 # ==================

@@ -63,9 +70,6 @@ SERVICE_TOKEN=`curl -s -d  "{\"auth\":{\"passwordCredentials\": {\"username\": \

 # List servers for tenant:

 nova list

-# List of flavors:

-nova flavor-list

-

 # Images

 # ------

@@ -73,10 +77,46 @@ nova flavor-list

 nova image-list

 # But we recommend using glance directly

-glance -A $SERVICE_TOKEN index

+glance -A $TOKEN index

+

+# Let's grab the id of the first AMI image to launch

+IMAGE=`glance -A $TOKEN index | egrep ami | cut -d" " -f1`

+

+

+# Flavors

+# -------

+

+# List of flavors:

+nova flavor-list

+

+# and grab the first flavor in the list to launch

+FLAVOR=`nova flavor-list | head -n 4 | tail -n 1 | cut -d"|" -f2`

+

+NAME="firstpost"

+

+nova boot --flavor $FLAVOR --image $IMAGE $NAME

+

+# let's give it 10 seconds to launch

+sleep 10

+

+# check that the status is active

+nova show $NAME | grep status | grep -q ACTIVE

+

+# get the IP of the server

+IP=`nova show $NAME | grep "private network" | cut -d"|" -f3`

+

+# ping it once (timeout of a second)

+ping -c1 -w1 $IP || true

+

+# sometimes the first ping fails (10 seconds isn't enough time for the VM's 

+# network to respond?), so let's wait 5 seconds and really test ping

+sleep 5

+

+ping -c1 -w1 $IP 

+

+# shutdown the server

+nova delete $NAME

+

+# FIXME: validate shutdown within 5 seconds 

+# (nova show $NAME returns 1 or status != ACTIVE)?

-# show details of the active servers::

-#

-#     nova show 1234

-#

-nova list | grep ACTIVE | cut -d \| -f2 | xargs -n1 nova show

deleted file mode 100755

@@ -1,93 +0,0 @@

-#!/bin/bash

-

-# Print some usage info

-function usage {

-  echo "Usage: $0 [OPTION] [host_ip]"

-  echo "Set up temporary networking for LXC"

-  echo ""

-  echo "  -n, --dry-run            Just print the commands that would execute."

-  echo "  -h, --help               Print this usage message."

-  echo ""

-  exit

-}

-

-# Allow passing the ip address on the command line.

-function process_option {

-  case "$1" in

-    -h|--help) usage;;

-    -n|--dry-run) dry_run=1;;

-    *) host_ip="$1"

-  esac

-}

-

-# Set up some defaults

-host_ip=

-dry_run=0

-bridge=br0

-DRIER=

-

-# Process the args

-for arg in "$@"; do

-  process_option $arg

-done

-

-if [ $dry_run ]; then

-  DRIER=echo

-fi

-

-if [ "$UID" -ne "0" ]; then

-  echo "This script must be run with root privileges."

-  exit 1

-fi

-

-# Check for bridge-utils.

-BRCTL=`which brctl`

-if [ ! -x "$BRCTL" ]; then

-  echo "This script requires you to install bridge-utils."

-  echo "Try: sudo apt-get install bridge-utils."

-  exit 1

-fi

-

-# Scare off the nubs.

-echo "====================================================="

-echo

-echo "WARNING"

-echo

-echo "This script will modify your current network setup,"

-echo "this can be a scary thing and it is recommended that"

-echo "you have something equivalent to physical access to"

-echo "this machine before continuing in case your network"

-echo "gets all funky."

-echo

-echo "If you don't want to continue, hit CTRL-C now."

-

-if [ -z "$host_ip" ];

-then

-  echo "Otherwise, please type in your host's ip address and"

-  echo "hit enter."

-  echo

-  echo "====================================================="

-  read host_ip

-else

-  echo "Otherwise hit enter."

-  echo

-  echo "====================================================="

-  read accept

-fi

-

-

-# Add a bridge interface, this will choke if there is already

-# a bridge named $bridge

-$DRIER $BRCTL addbr $bridge

-$DRIER ip addr add 192.168.1.1/24 dev $bridge

-if [ $dry_run ]; then

-  echo "echo 1 > /proc/sys/net/ipv4/ip_forward"

-else

-  echo 1 > /proc/sys/net/ipv4/ip_forward

-fi

-$DRIER ifconfig $bridge up

-

-# Set up the NAT for the instances

-$DRIER iptables -t nat -A POSTROUTING -s 192.168.1.0/24 -j SNAT --to-source $host_ip

-$DRIER iptables -I FORWARD -s 192.168.1.0/24 -j ACCEPT

-

@@ -40,6 +40,9 @@ if [ ! -d $FILES ]; then

     exit 1

 fi

+# Keep track of the current devstack directory.

+TOP_DIR=$(cd $(dirname "$0") && pwd)

+

 # OpenStack is designed to be run as a regular user (Dashboard will fail to run

 # as root, since apache refused to startup serve content from root user).  If

 # stack.sh is run as root, it automatically creates a stack user with

@@ -86,14 +89,14 @@ fi

 # This script is customizable through setting environment variables.  If you

 # want to override a setting you can either::

 #

-#     export MYSQL_PASS=anothersecret

+#     export MYSQL_PASSWORD=anothersecret

 #     ./stack.sh

 #

-# You can also pass options on a single line ``MYSQL_PASS=simple ./stack.sh``

+# You can also pass options on a single line ``MYSQL_PASSWORD=simple ./stack.sh``

 #

 # Additionally, you can put any local variables into a ``localrc`` file, like::

 #

-#     MYSQL_PASS=anothersecret

+#     MYSQL_PASSWORD=anothersecret

 #     MYSQL_USER=hellaroot

 #

 # We try to have sensible defaults, so you should be able to run ``./stack.sh``

@@ -106,7 +109,7 @@ fi

 #

 # If ``localrc`` exists, then ``stackrc`` will load those settings.  This is 

 # useful for changing a branch or repostiory to test other versions.  Also you

-# can store your other settings like **MYSQL_PASS** or **ADMIN_PASSWORD** instead

+# can store your other settings like **MYSQL_PASSWORD** or **ADMIN_PASSWORD** instead

 # of letting devstack generate random ones for you.

 source ./stackrc

@@ -139,6 +142,43 @@ if [ ! -n "$HOST_IP" ]; then

     HOST_IP=`LC_ALL=C /sbin/ifconfig  | grep -m 1 'inet addr:'| cut -d: -f2 | awk '{print $1}'`

 fi

+# Generic helper to configure passwords

+function read_password {

+    set +o xtrace

+    var=$1; msg=$2

+    pw=${!var}

+

+    localrc=$TOP_DIR/localrc

+

+    # If the password is not defined yet, proceed to prompt user for a password.

+    if [ ! $pw ]; then

+        # If there is no localrc file, create one

+        if [ ! -e $localrc ]; then

+            touch $localrc

+        fi

+

+        # Presumably if we got this far it can only be that our localrc is missing 

+        # the required password.  Prompt user for a password and write to localrc.

+        echo ''

+        echo '################################################################################'

+        echo $msg

+        echo '################################################################################'

+        echo "This value will be written to your localrc file so you don't have to enter it again."

+        echo "It is probably best to avoid spaces and weird characters."

+        echo "If you leave this blank, a random default value will be used."

+        echo "Enter a password now:"

+        read $var

+        pw=${!var}

+        if [ ! $pw ]; then

+            pw=`openssl rand -hex 10`

+        fi

+        eval "$var=$pw"

+        echo "$var=$pw" >> $localrc

+    fi

+    set -o xtrace

+}

+

+

 # Nova Network Configuration

 # --------------------------

@@ -187,31 +227,32 @@ FLAT_INTERFACE=${FLAT_INTERFACE:-eth0}

 # By default this script will install and configure MySQL.  If you want to 

 # use an existing server, you can pass in the user/password/host parameters.

-# You will need to send the same ``MYSQL_PASS`` to every host if you are doing

+# You will need to send the same ``MYSQL_PASSWORD`` to every host if you are doing

 # a multi-node devstack installation.

 MYSQL_USER=${MYSQL_USER:-root}

-MYSQL_PASS=${MYSQL_PASS:-`openssl rand -hex 12`}

+read_password MYSQL_PASSWORD "ENTER A PASSWORD TO USE FOR MYSQL."

 MYSQL_HOST=${MYSQL_HOST:-localhost}

 # don't specify /db in this string, so we can use it for multiple services

-BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASS@$MYSQL_HOST}

+BASE_SQL_CONN=${BASE_SQL_CONN:-mysql://$MYSQL_USER:$MYSQL_PASSWORD@$MYSQL_HOST}

 # Rabbit connection info

 RABBIT_HOST=${RABBIT_HOST:-localhost}

 RABBIT_PASSWORD=${RABBIT_PASSWORD:-`openssl rand -hex 12`}

+read_password RABBIT_PASSWORD "ENTER A PASSWORD TO USE FOR RABBIT."

 # Glance connection info.  Note the port must be specified.

 GLANCE_HOSTPORT=${GLANCE_HOSTPORT:-$HOST_IP:9292}

+

 # Keystone

 # --------

 # Service Token - Openstack components need to have an admin token

 # to validate user tokens.

-SERVICE_TOKEN=${SERVICE_TOKEN:-`openssl rand -hex 12`}

+read_password SERVICE_TOKEN "ENTER A SERVICE_TOKEN TO USE FOR THE SERVICE ADMIN TOKEN."

 # Dash currently truncates usernames and passwords at 20 characters

-# so use 10 bytes

-ADMIN_PASSWORD=${ADMIN_PASSWORD:-`openssl rand -hex 10`}

+read_password ADMIN_PASSWORD "ENTER A PASSWORD TO USE FOR DASH AND KEYSTONE (20 CHARS OR LESS)."

 LOGFILE=${LOGFILE:-"$PWD/stack.sh.$$.log"}

 (

@@ -313,8 +354,8 @@ if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then

     # Seed configuration with mysql password so that apt-get install doesn't

     # prompt us for a password upon install.

     cat <<MYSQL_PRESEED | sudo debconf-set-selections

-mysql-server-5.1 mysql-server/root_password password $MYSQL_PASS

-mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASS

+mysql-server-5.1 mysql-server/root_password password $MYSQL_PASSWORD

+mysql-server-5.1 mysql-server/root_password_again password $MYSQL_PASSWORD

 mysql-server-5.1 mysql-server/start_on_boot boolean true

 MYSQL_PRESEED

@@ -325,7 +366,7 @@ MYSQL_PRESEED

         cat <<EOF >$HOME/.my.cnf

 [client]

 user=$MYSQL_USER

-password=$MYSQL_PASS    

+password=$MYSQL_PASSWORD

 host=$MYSQL_HOST

 EOF

         chmod 0600 $HOME/.my.cnf

@@ -334,7 +375,7 @@ EOF

     # Install and start mysql-server

     sudo apt-get -y -q install mysql-server

     # Update the DB to give user ‘$MYSQL_USER’@’%’ full control of the all databases:

-    sudo mysql -uroot -p$MYSQL_PASS -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASS';"

+    sudo mysql -uroot -p$MYSQL_PASSWORD -e "GRANT ALL PRIVILEGES ON *.* TO '$MYSQL_USER'@'%' identified by '$MYSQL_PASSWORD';"

     # Edit /etc/mysql/my.cnf to change ‘bind-address’ from localhost (127.0.0.1) to any (0.0.0.0) and restart the mysql service:

     sudo sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf

@@ -385,8 +426,8 @@ if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then

     mkdir -p $GLANCE_IMAGE_DIR

     # (re)create glance database

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS glance;'

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE glance;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS glance;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE glance;'

     # Copy over our glance-registry.conf

     GLANCE_CONF=$GLANCE_DIR/etc/glance-registry.conf

     cp $FILES/glance-registry.conf $GLANCE_CONF

@@ -515,8 +556,8 @@ fi

 if [[ "$ENABLED_SERVICES" =~ "mysql" ]]; then

     # (re)create nova database

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS nova;'

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE nova;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS nova;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE nova;'

     # (re)create nova database

     $NOVA_DIR/bin/nova-manage db sync

@@ -534,8 +575,8 @@ fi

 if [[ "$ENABLED_SERVICES" =~ "key" ]]; then

     # (re)create keystone database

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'DROP DATABASE IF EXISTS keystone;'

-    mysql -u$MYSQL_USER -p$MYSQL_PASS -e 'CREATE DATABASE keystone;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'DROP DATABASE IF EXISTS keystone;'

+    mysql -u$MYSQL_USER -p$MYSQL_PASSWORD -e 'CREATE DATABASE keystone;'

     # FIXME (anthony) keystone should use keystone.conf.example

     KEYSTONE_CONF=$KEYSTONE_DIR/etc/keystone.conf

@@ -619,55 +660,41 @@ screen_it dash "cd $DASH_DIR && sudo /etc/init.d/apache2 restart; sudo tail -f /

 # Install Images

 # ==============

-# Upload a couple images to glance.  **TTY** is a simple small image that use the 

-# lets you login to it with username/password of user/password.  TTY is useful 

-# for basic functionality.  We all include an Ubuntu cloud build of **Natty**.

-# Natty uses cloud-init, supporting login via keypair and sending scripts as

-# userdata.  

+# Upload an image to glance.

+#

+# The default image is a small ***TTY*** testing image, which lets you login

+# the username/password of root/password.

 #

-# Read more about cloud-init at https://help.ubuntu.com/community/CloudInit

+# TTY also uses cloud-init, supporting login via keypair and sending scripts as

+# userdata.  See https://help.ubuntu.com/community/CloudInit for more on cloud-init

+#

+# Override IMAGE_URLS if you would to launch a different image(s).  

+# Specify IMAGE_URLS as a comma-separated list of uec urls.  Some other options include:

+#   natty: http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz

+#   oneiric: http://uec-images.ubuntu.com/oneiric/current/oneiric-server-cloudimg-amd64.tar.gz

 if [[ "$ENABLED_SERVICES" =~ "g-reg" ]]; then

-    # create a directory for the downloadedthe images tarballs.

+    # Create a directory for the downloaded image tarballs.

     mkdir -p $FILES/images

-    # Debug Image (TTY)

-    # -----------------

-

-    # Downloads the image (ami/aki/ari style), then extracts it.  Upon extraction

-    # we upload to glance with the glance cli tool.  TTY is a stripped down 

-    # version of ubuntu.

-    if [ ! -f $FILES/tty.tgz ]; then

-        wget -c http://images.ansolabs.com/tty.tgz -O $FILES/tty.tgz

-    fi

-

-    # extract ami-tty/image, aki-tty/image & ari-tty/image

-    tar -zxf $FILES/tty.tgz -C $FILES/images

-

-    # Use glance client to add the kernel, ramdisk and finally the root 

-    # filesystem.  We parse the results of the uploads to get glance IDs of the

-    # ramdisk and kernel and use them for the root filesystem.

-    RVAL=`glance add -A $SERVICE_TOKEN name="tty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/aki-tty/image`

-    KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "`

-    RVAL=`glance add -A $SERVICE_TOKEN name="tty-ramdisk" is_public=true container_format=ari disk_format=ari < $FILES/images/ari-tty/image`

-    RAMDISK_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "`

-    glance add -A $SERVICE_TOKEN name="tty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID ramdisk_id=$RAMDISK_ID < $FILES/images/ami-tty/image

-

-    # Ubuntu 11.04 aka Natty

-    # ----------------------

-

-    # Downloaded from ubuntu enterprise cloud images.  This

-    # image doesn't use the ramdisk functionality

-    if [ ! -f $FILES/natty.tgz ]; then

-        wget -c http://uec-images.ubuntu.com/natty/current/natty-server-cloudimg-amd64.tar.gz -O $FILES/natty.tgz

-    fi

-    

-    tar -zxf $FILES/natty.tgz -C $FILES/images

+    for image_url in ${IMAGE_URLS//,/ }; do

+        # Downloads the image (uec ami+aki style), then extracts it.

+        IMAGE_FNAME=`echo "$image_url" | python -c "import sys; print sys.stdin.read().split('/')[-1]"`

+        IMAGE_NAME=`echo "$IMAGE_FNAME" | python -c "import sys; print sys.stdin.read().split('.tar.gz')[0].split('.tgz')[0]"`

+        if [ ! -f $FILES/$IMAGE_FNAME ]; then

+            wget -c $image_url -O $FILES/$IMAGE_FNAME

+        fi

-    RVAL=`glance add -A $SERVICE_TOKEN name="uec-natty-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/natty-server-cloudimg-amd64-vmlinuz-virtual`

-    KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "`

-    glance add -A $SERVICE_TOKEN name="uec-natty" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID < $FILES/images/natty-server-cloudimg-amd64.img

+        # Extract ami and aki files

+        tar -zxf $FILES/$IMAGE_FNAME -C $FILES/images

+        # Use glance client to add the kernel the root filesystem.

+        # We parse the results of the first upload to get the glance ID of the

+        # kernel for use when uploading the root filesystem.

+        RVAL=`glance add -A $SERVICE_TOKEN name="$IMAGE_NAME-kernel" is_public=true container_format=aki disk_format=aki < $FILES/images/$IMAGE_NAME-vmlinuz*`

+        KERNEL_ID=`echo $RVAL | cut -d":" -f2 | tr -d " "`

+        glance add -A $SERVICE_TOKEN name="$IMAGE_NAME" is_public=true container_format=ami disk_format=ami kernel_id=$KERNEL_ID < $FILES/images/$IMAGE_NAME.img

+    done

 fi

 # Fin

@@ -27,6 +27,9 @@ NOVACLIENT_BRANCH=master

 OPENSTACKX_REPO=https://github.com/cloudbuilders/openstackx.git

 OPENSTACKX_BRANCH=diablo

+# Specify a comma-separated list of uec images to download and install into glance.

+IMAGE_URLS=http://smoser.brickies.net/ubuntu/ttylinux-uec/ttylinux-uec-amd64-11.2_2.6.35-15_1.tar.gz

+

 # allow local overrides of env variables

 if [ -f ./localrc ]; then

     source ./localrc

new file mode 100755

@@ -0,0 +1,299 @@

+#!/usr/bin/env bash

+

+# Sanity check

+if [ "$EUID" -ne "0" ]; then

+  echo "This script must be run with root privileges."

+  exit 1

+fi

+

+# Keep track of ubuntu version

+UBUNTU_VERSION=`cat /etc/lsb-release | grep CODENAME | sed 's/.*=//g'`

+

+# Move to top devstack dir

+cd ..

+

+# Abort if localrc is not set

+if [ ! -e ./localrc ]; then

+    echo "You must have a localrc with ALL necessary passwords defined before proceeding."

+    echo "See stack.sh for required passwords."

+    exit 1

+fi

+

+# Source params

+source ./stackrc

+

+# Store cwd

+CWD=`pwd`

+

+# Configurable params

+BRIDGE=${BRIDGE:-br0}

+CONTAINER=${CONTAINER:-STACK}

+CONTAINER_IP=${CONTAINER_IP:-192.168.1.50}

+CONTAINER_CIDR=${CONTAINER_CIDR:-$CONTAINER_IP/24}

+CONTAINER_NETMASK=${CONTAINER_NETMASK:-255.255.255.0}

+CONTAINER_GATEWAY=${CONTAINER_GATEWAY:-192.168.1.1}

+NAMESERVER=${NAMESERVER:-$CONTAINER_GATEWAY}

+COPYENV=${COPYENV:-1}

+DEST=${DEST:-/opt/stack}

+WAIT_TILL_LAUNCH=${WAIT_TILL_LAUNCH:-1}

+

+# Param string to pass to stack.sh.  Like "EC2_DMZ_HOST=192.168.1.1 MYSQL_USER=nova"

+STACKSH_PARAMS=${STACKSH_PARAMS:-}

+

+# Option to use the version of devstack on which we are currently working

+USE_CURRENT_DEVSTACK=${USE_CURRENT_DEVSTACK:-1}

+

+

+# Install deps

+apt-get install -y lxc debootstrap

+

+# Install cgroup-bin from source, since the packaging is buggy and possibly incompatible with our setup

+if ! which cgdelete | grep -q cgdelete; then

+    apt-get install -y g++ bison flex libpam0g-dev make

+    wget http://sourceforge.net/projects/libcg/files/libcgroup/v0.37.1/libcgroup-0.37.1.tar.bz2/download -O /tmp/libcgroup-0.37.1.tar.bz2

+    cd /tmp && bunzip2 libcgroup-0.37.1.tar.bz2  && tar xfv libcgroup-0.37.1.tar

+    cd libcgroup-0.37.1

+    ./configure

+    make install

+    ldconfig

+fi

+

+# Create lxc configuration

+LXC_CONF=/tmp/$CONTAINER.conf

+cat > $LXC_CONF <<EOF

+lxc.network.type = veth

+lxc.network.link = $BRIDGE

+lxc.network.flags = up

+lxc.network.ipv4 = $CONTAINER_CIDR

+# allow tap/tun devices

+lxc.cgroup.devices.allow = c 10:200 rwm

+EOF

+

+# Shutdown any existing container

+lxc-stop -n $CONTAINER

+

+# This kills zombie containers

+if [ -d /cgroup/$CONTAINER ]; then

+    cgdelete -r cpu,net_cls:$CONTAINER

+fi

+

+# git clone only if directory doesn't exist already.  Since ``DEST`` might not

+# be owned by the installation user, we create the directory and change the

+# ownership to the proper user.

+function git_clone {

+    if [ ! -d $2 ]; then

+        sudo mkdir $2

+        sudo chown `whoami` $2

+        git clone $1 $2

+        cd $2

+        # This checkout syntax works for both branches and tags

+        git checkout $3

+    fi

+}

+

+# Helper to create the container

+function create_lxc {

+    if [ "natty" = "$UBUNTU_VERSION" ]; then

+        lxc-create -n $CONTAINER -t natty -f $LXC_CONF

+    else

+        lxc-create -n $CONTAINER -t ubuntu -f $LXC_CONF

+    fi

+}

+

+# Location of the base image directory

+if [ "natty" = "$UBUNTU_VERSION" ]; then

+    CACHEDIR=/var/cache/lxc/natty/rootfs-amd64

+else

+    CACHEDIR=/var/cache/lxc/oneiric/rootfs-amd64

+fi

+

+# Provide option to do totally clean install

+if [ "$CLEAR_LXC_CACHE" = "1" ]; then

+    rm -rf $CACHEDIR

+fi

+

+# Warm the base image on first install

+if [ ! -f $CACHEDIR/bootstrapped ]; then

+    # by deleting the container, we force lxc-create to re-bootstrap (lxc is

+    # lazy and doesn't do anything if a container already exists)

+    lxc-destroy -n $CONTAINER

+    # trigger the initial debootstrap

+    create_lxc

+    chroot $CACHEDIR apt-get update

+    chroot $CACHEDIR apt-get install -y --force-yes `cat files/apts/* | cut -d\# -f1 | egrep -v "(rabbitmq|libvirt-bin|mysql-server)"`

+    chroot $CACHEDIR pip install `cat files/pips/*`

+    touch $CACHEDIR/bootstrapped

+fi

+

+# Clean out code repos if directed to do so

+if [ "$CLEAN" = "1" ]; then

+    rm -rf $CACHEDIR/$DEST