Browse code
Make dependency on libvirt dynamic
Fixes bug 1184960
Change-Id: If702807d9ae326bf216a2e076ce61062045d7c6b
Bob Ball authored on 2013/05/31 00:47:19Showing 4 changed files
| ... | ... |
@@ -12,8 +12,8 @@ iptables |
| 12 | 12 |
ebtables |
| 13 | 13 |
sqlite3 |
| 14 | 14 |
sudo |
| 15 |
-kvm |
|
| 16 |
-qemu # dist:wheezy,jessie |
|
| 15 |
+kvm # NOPRIME |
|
| 16 |
+qemu # dist:wheezy,jessie NOPRIME |
|
| 17 | 17 |
libvirt-bin # NOPRIME |
| 18 | 18 |
libjs-jquery-tablesorter # Needed for coverage html reports |
| 19 | 19 |
vlan |
| ... | ... |
@@ -27,7 +27,7 @@ python-paste |
| 27 | 27 |
python-migrate |
| 28 | 28 |
python-gflags |
| 29 | 29 |
python-greenlet |
| 30 |
-python-libvirt |
|
| 30 |
+python-libvirt # NOPRIME |
|
| 31 | 31 |
python-libxml2 |
| 32 | 32 |
python-routes |
| 33 | 33 |
python-netaddr |
| ... | ... |
@@ -7,11 +7,11 @@ genisoimage # required for config_drive |
| 7 | 7 |
iptables |
| 8 | 8 |
iputils |
| 9 | 9 |
kpartx |
| 10 |
-kvm |
|
| 10 |
+kvm # NOPRIME |
|
| 11 | 11 |
# qemu as fallback if kvm cannot be used |
| 12 |
-qemu |
|
| 12 |
+qemu # NOPRIME |
|
| 13 | 13 |
libvirt # NOPRIME |
| 14 |
-libvirt-python |
|
| 14 |
+libvirt-python # NOPRIME |
|
| 15 | 15 |
libxml2-python |
| 16 | 16 |
mysql-community-server # NOPRIME |
| 17 | 17 |
parted |
| ... | ... |
@@ -237,37 +237,39 @@ function configure_nova() {
|
| 237 | 237 |
# Force IP forwarding on, just on case |
| 238 | 238 |
sudo sysctl -w net.ipv4.ip_forward=1 |
| 239 | 239 |
|
| 240 |
- # Attempt to load modules: network block device - used to manage qcow images |
|
| 241 |
- sudo modprobe nbd || true |
|
| 242 |
- |
|
| 243 |
- # Check for kvm (hardware based virtualization). If unable to initialize |
|
| 244 |
- # kvm, we drop back to the slower emulation mode (qemu). Note: many systems |
|
| 245 |
- # come with hardware virtualization disabled in BIOS. |
|
| 246 |
- if [[ "$LIBVIRT_TYPE" == "kvm" ]]; then |
|
| 247 |
- sudo modprobe kvm || true |
|
| 248 |
- if [ ! -e /dev/kvm ]; then |
|
| 249 |
- echo "WARNING: Switching to QEMU" |
|
| 250 |
- LIBVIRT_TYPE=qemu |
|
| 251 |
- if which selinuxenabled 2>&1 > /dev/null && selinuxenabled; then |
|
| 252 |
- # https://bugzilla.redhat.com/show_bug.cgi?id=753589 |
|
| 253 |
- sudo setsebool virt_use_execmem on |
|
| 240 |
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then |
|
| 241 |
+ # Attempt to load modules: network block device - used to manage qcow images |
|
| 242 |
+ sudo modprobe nbd || true |
|
| 243 |
+ |
|
| 244 |
+ # Check for kvm (hardware based virtualization). If unable to initialize |
|
| 245 |
+ # kvm, we drop back to the slower emulation mode (qemu). Note: many systems |
|
| 246 |
+ # come with hardware virtualization disabled in BIOS. |
|
| 247 |
+ if [[ "$LIBVIRT_TYPE" == "kvm" ]]; then |
|
| 248 |
+ sudo modprobe kvm || true |
|
| 249 |
+ if [ ! -e /dev/kvm ]; then |
|
| 250 |
+ echo "WARNING: Switching to QEMU" |
|
| 251 |
+ LIBVIRT_TYPE=qemu |
|
| 252 |
+ if which selinuxenabled 2>&1 > /dev/null && selinuxenabled; then |
|
| 253 |
+ # https://bugzilla.redhat.com/show_bug.cgi?id=753589 |
|
| 254 |
+ sudo setsebool virt_use_execmem on |
|
| 255 |
+ fi |
|
| 254 | 256 |
fi |
| 255 | 257 |
fi |
| 256 |
- fi |
|
| 257 | 258 |
|
| 258 |
- # Install and configure **LXC** if specified. LXC is another approach to |
|
| 259 |
- # splitting a system into many smaller parts. LXC uses cgroups and chroot |
|
| 260 |
- # to simulate multiple systems. |
|
| 261 |
- if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then |
|
| 262 |
- if is_ubuntu; then |
|
| 263 |
- if [[ ! "$DISTRO" > natty ]]; then |
|
| 264 |
- cgline="none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0" |
|
| 265 |
- sudo mkdir -p /cgroup |
|
| 266 |
- if ! grep -q cgroup /etc/fstab; then |
|
| 267 |
- echo "$cgline" | sudo tee -a /etc/fstab |
|
| 268 |
- fi |
|
| 269 |
- if ! mount -n | grep -q cgroup; then |
|
| 270 |
- sudo mount /cgroup |
|
| 259 |
+ # Install and configure **LXC** if specified. LXC is another approach to |
|
| 260 |
+ # splitting a system into many smaller parts. LXC uses cgroups and chroot |
|
| 261 |
+ # to simulate multiple systems. |
|
| 262 |
+ if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then |
|
| 263 |
+ if is_ubuntu; then |
|
| 264 |
+ if [[ ! "$DISTRO" > natty ]]; then |
|
| 265 |
+ cgline="none /cgroup cgroup cpuacct,memory,devices,cpu,freezer,blkio 0 0" |
|
| 266 |
+ sudo mkdir -p /cgroup |
|
| 267 |
+ if ! grep -q cgroup /etc/fstab; then |
|
| 268 |
+ echo "$cgline" | sudo tee -a /etc/fstab |
|
| 269 |
+ fi |
|
| 270 |
+ if ! mount -n | grep -q cgroup; then |
|
| 271 |
+ sudo mount /cgroup |
|
| 272 |
+ fi |
|
| 271 | 273 |
fi |
| 272 | 274 |
fi |
| 273 | 275 |
fi |
| ... | ... |
@@ -278,9 +280,10 @@ function configure_nova() {
|
| 278 | 278 |
configure_baremetal_nova_dirs |
| 279 | 279 |
fi |
| 280 | 280 |
|
| 281 |
- if is_service_enabled quantum && is_quantum_ovs_base_plugin && ! sudo grep -q '^cgroup_device_acl' $QEMU_CONF; then |
|
| 282 |
- # Add /dev/net/tun to cgroup_device_acls, needed for type=ethernet interfaces |
|
| 283 |
- cat <<EOF | sudo tee -a $QEMU_CONF |
|
| 281 |
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then |
|
| 282 |
+ if is_service_enabled quantum && is_quantum_ovs_base_plugin && ! sudo grep -q '^cgroup_device_acl' $QEMU_CONF; then |
|
| 283 |
+ # Add /dev/net/tun to cgroup_device_acls, needed for type=ethernet interfaces |
|
| 284 |
+ cat <<EOF | sudo tee -a $QEMU_CONF |
|
| 284 | 285 |
cgroup_device_acl = [ |
| 285 | 286 |
"/dev/null", "/dev/full", "/dev/zero", |
| 286 | 287 |
"/dev/random", "/dev/urandom", |
| ... | ... |
@@ -288,19 +291,17 @@ cgroup_device_acl = [ |
| 288 | 288 |
"/dev/rtc", "/dev/hpet","/dev/net/tun", |
| 289 | 289 |
] |
| 290 | 290 |
EOF |
| 291 |
- fi |
|
| 292 |
- |
|
| 293 |
- if is_ubuntu; then |
|
| 294 |
- LIBVIRT_DAEMON=libvirt-bin |
|
| 295 |
- else |
|
| 296 |
- LIBVIRT_DAEMON=libvirtd |
|
| 297 |
- fi |
|
| 298 |
- |
|
| 291 |
+ fi |
|
| 299 | 292 |
|
| 293 |
+ if is_ubuntu; then |
|
| 294 |
+ LIBVIRT_DAEMON=libvirt-bin |
|
| 295 |
+ else |
|
| 296 |
+ LIBVIRT_DAEMON=libvirtd |
|
| 297 |
+ fi |
|
| 300 | 298 |
|
| 301 |
- if is_fedora || is_suse; then |
|
| 302 |
- if is_fedora && [[ $DISTRO =~ (rhel6) || "$os_RELEASE" -le "17" ]]; then |
|
| 303 |
- sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla |
|
| 299 |
+ if is_fedora || is_suse; then |
|
| 300 |
+ if is_fedora && [[ $DISTRO =~ (rhel6) || "$os_RELEASE" -le "17" ]]; then |
|
| 301 |
+ sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla |
|
| 304 | 302 |
[libvirt Management Access] |
| 305 | 303 |
Identity=unix-group:$LIBVIRT_GROUP |
| 306 | 304 |
Action=org.libvirt.unix.manage |
| ... | ... |
@@ -308,11 +309,11 @@ ResultAny=yes |
| 308 | 308 |
ResultInactive=yes |
| 309 | 309 |
ResultActive=yes |
| 310 | 310 |
EOF" |
| 311 |
- elif is_suse && [[ $os_RELEASE = 12.2 || "$os_VENDOR" = "SUSE LINUX" ]]; then |
|
| 312 |
- # openSUSE < 12.3 or SLE |
|
| 313 |
- # Work around the fact that polkit-default-privs overrules pklas |
|
| 314 |
- # with 'unix-group:$group'. |
|
| 315 |
- sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla |
|
| 311 |
+ elif is_suse && [[ $os_RELEASE = 12.2 || "$os_VENDOR" = "SUSE LINUX" ]]; then |
|
| 312 |
+ # openSUSE < 12.3 or SLE |
|
| 313 |
+ # Work around the fact that polkit-default-privs overrules pklas |
|
| 314 |
+ # with 'unix-group:$group'. |
|
| 315 |
+ sudo bash -c "cat <<EOF >/etc/polkit-1/localauthority/50-local.d/50-libvirt-remote-access.pkla |
|
| 316 | 316 |
[libvirt Management Access] |
| 317 | 317 |
Identity=unix-user:$USER |
| 318 | 318 |
Action=org.libvirt.unix.manage |
| ... | ... |
@@ -320,13 +321,13 @@ ResultAny=yes |
| 320 | 320 |
ResultInactive=yes |
| 321 | 321 |
ResultActive=yes |
| 322 | 322 |
EOF" |
| 323 |
- else |
|
| 324 |
- # Starting with fedora 18 and opensuse-12.3 enable stack-user to |
|
| 325 |
- # virsh -c qemu:///system by creating a policy-kit rule for |
|
| 326 |
- # stack-user using the new Javascript syntax |
|
| 327 |
- rules_dir=/etc/polkit-1/rules.d |
|
| 328 |
- sudo mkdir -p $rules_dir |
|
| 329 |
- sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules |
|
| 323 |
+ else |
|
| 324 |
+ # Starting with fedora 18 and opensuse-12.3 enable stack-user to |
|
| 325 |
+ # virsh -c qemu:///system by creating a policy-kit rule for |
|
| 326 |
+ # stack-user using the new Javascript syntax |
|
| 327 |
+ rules_dir=/etc/polkit-1/rules.d |
|
| 328 |
+ sudo mkdir -p $rules_dir |
|
| 329 |
+ sudo bash -c "cat <<EOF > $rules_dir/50-libvirt-$STACK_USER.rules |
|
| 330 | 330 |
polkit.addRule(function(action, subject) {
|
| 331 | 331 |
if (action.id == 'org.libvirt.unix.manage' && |
| 332 | 332 |
subject.user == '"$STACK_USER"') {
|
| ... | ... |
@@ -334,21 +335,22 @@ polkit.addRule(function(action, subject) {
|
| 334 | 334 |
} |
| 335 | 335 |
}); |
| 336 | 336 |
EOF" |
| 337 |
- unset rules_dir |
|
| 337 |
+ unset rules_dir |
|
| 338 |
+ fi |
|
| 338 | 339 |
fi |
| 339 |
- fi |
|
| 340 | 340 |
|
| 341 |
- # The user that nova runs as needs to be member of **libvirtd** group otherwise |
|
| 342 |
- # nova-compute will be unable to use libvirt. |
|
| 343 |
- if ! getent group $LIBVIRT_GROUP >/dev/null; then |
|
| 344 |
- sudo groupadd $LIBVIRT_GROUP |
|
| 345 |
- fi |
|
| 346 |
- add_user_to_group $STACK_USER $LIBVIRT_GROUP |
|
| 341 |
+ # The user that nova runs as needs to be member of **libvirtd** group otherwise |
|
| 342 |
+ # nova-compute will be unable to use libvirt. |
|
| 343 |
+ if ! getent group $LIBVIRT_GROUP >/dev/null; then |
|
| 344 |
+ sudo groupadd $LIBVIRT_GROUP |
|
| 345 |
+ fi |
|
| 346 |
+ add_user_to_group $STACK_USER $LIBVIRT_GROUP |
|
| 347 | 347 |
|
| 348 |
- # libvirt detects various settings on startup, as we potentially changed |
|
| 349 |
- # the system configuration (modules, filesystems), we need to restart |
|
| 350 |
- # libvirt to detect those changes. |
|
| 351 |
- restart_service $LIBVIRT_DAEMON |
|
| 348 |
+ # libvirt detects various settings on startup, as we potentially changed |
|
| 349 |
+ # the system configuration (modules, filesystems), we need to restart |
|
| 350 |
+ # libvirt to detect those changes. |
|
| 351 |
+ restart_service $LIBVIRT_DAEMON |
|
| 352 |
+ fi |
|
| 352 | 353 |
|
| 353 | 354 |
|
| 354 | 355 |
# Instance Storage |
| ... | ... |
@@ -436,8 +438,10 @@ function create_nova_conf() {
|
| 436 | 436 |
if is_baremetal; then |
| 437 | 437 |
iniset $NOVA_CONF baremetal sql_connection `database_connection_url nova_bm` |
| 438 | 438 |
fi |
| 439 |
- iniset $NOVA_CONF DEFAULT libvirt_type "$LIBVIRT_TYPE" |
|
| 440 |
- iniset $NOVA_CONF DEFAULT libvirt_cpu_mode "none" |
|
| 439 |
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then |
|
| 440 |
+ iniset $NOVA_CONF DEFAULT libvirt_type "$LIBVIRT_TYPE" |
|
| 441 |
+ iniset $NOVA_CONF DEFAULT libvirt_cpu_mode "none" |
|
| 442 |
+ fi |
|
| 441 | 443 |
iniset $NOVA_CONF DEFAULT instance_name_template "${INSTANCE_NAME_PREFIX}%08x"
|
| 442 | 444 |
iniset $NOVA_CONF DEFAULT osapi_v3_enabled "True" |
| 443 | 445 |
|
| ... | ... |
@@ -636,26 +640,32 @@ function install_novaclient() {
|
| 636 | 636 |
# install_nova() - Collect source and prepare |
| 637 | 637 |
function install_nova() {
|
| 638 | 638 |
if is_service_enabled n-cpu; then |
| 639 |
- if is_ubuntu; then |
|
| 640 |
- install_package libvirt-bin |
|
| 641 |
- elif is_fedora || is_suse; then |
|
| 642 |
- install_package libvirt |
|
| 643 |
- else |
|
| 644 |
- exit_distro_not_supported "libvirt installation" |
|
| 645 |
- fi |
|
| 646 |
- |
|
| 647 |
- # Install and configure **LXC** if specified. LXC is another approach to |
|
| 648 |
- # splitting a system into many smaller parts. LXC uses cgroups and chroot |
|
| 649 |
- # to simulate multiple systems. |
|
| 650 |
- if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then |
|
| 639 |
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then |
|
| 651 | 640 |
if is_ubuntu; then |
| 652 |
- if [[ "$DISTRO" > natty ]]; then |
|
| 653 |
- install_package cgroup-lite |
|
| 654 |
- fi |
|
| 641 |
+ install_package kvm |
|
| 642 |
+ install_package libvirt-bin |
|
| 643 |
+ install_package python-libvirt |
|
| 644 |
+ elif is_fedora || is_suse; then |
|
| 645 |
+ install_package kvm |
|
| 646 |
+ install_package libvirt |
|
| 647 |
+ install_package libvirt-python |
|
| 655 | 648 |
else |
| 656 |
- ### FIXME(dtroyer): figure this out |
|
| 657 |
- echo "RPM-based cgroup not implemented yet" |
|
| 658 |
- yum_install libcgroup-tools |
|
| 649 |
+ exit_distro_not_supported "libvirt installation" |
|
| 650 |
+ fi |
|
| 651 |
+ |
|
| 652 |
+ # Install and configure **LXC** if specified. LXC is another approach to |
|
| 653 |
+ # splitting a system into many smaller parts. LXC uses cgroups and chroot |
|
| 654 |
+ # to simulate multiple systems. |
|
| 655 |
+ if [[ "$LIBVIRT_TYPE" == "lxc" ]]; then |
|
| 656 |
+ if is_ubuntu; then |
|
| 657 |
+ if [[ "$DISTRO" > natty ]]; then |
|
| 658 |
+ install_package cgroup-lite |
|
| 659 |
+ fi |
|
| 660 |
+ else |
|
| 661 |
+ ### FIXME(dtroyer): figure this out |
|
| 662 |
+ echo "RPM-based cgroup not implemented yet" |
|
| 663 |
+ yum_install libcgroup-tools |
|
| 664 |
+ fi |
|
| 659 | 665 |
fi |
| 660 | 666 |
fi |
| 661 | 667 |
fi |
| ... | ... |
@@ -698,9 +708,13 @@ function start_nova() {
|
| 698 | 698 |
screen_it n-cell "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-cells --config-file $NOVA_CELLS_CONF" |
| 699 | 699 |
fi |
| 700 | 700 |
|
| 701 |
- # The group **$LIBVIRT_GROUP** is added to the current user in this script. |
|
| 702 |
- # Use 'sg' to execute nova-compute as a member of the **$LIBVIRT_GROUP** group. |
|
| 703 |
- screen_it n-cpu "cd $NOVA_DIR && sg $LIBVIRT_GROUP '$NOVA_BIN_DIR/nova-compute --config-file $NOVA_CONF_BOTTOM'" |
|
| 701 |
+ if [[ "$VIRT_DRIVER" = 'libvirt' ]]; then |
|
| 702 |
+ # The group **$LIBVIRT_GROUP** is added to the current user in this script. |
|
| 703 |
+ # Use 'sg' to execute nova-compute as a member of the **$LIBVIRT_GROUP** group. |
|
| 704 |
+ screen_it n-cpu "cd $NOVA_DIR && sg $LIBVIRT_GROUP '$NOVA_BIN_DIR/nova-compute --config-file $NOVA_CONF_BOTTOM'" |
|
| 705 |
+ else |
|
| 706 |
+ screen_it n-cpu "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-compute --config-file $NOVA_CONF_BOTTOM" |
|
| 707 |
+ fi |
|
| 704 | 708 |
screen_it n-crt "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-cert" |
| 705 | 709 |
screen_it n-net "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-network --config-file $NOVA_CONF_BOTTOM" |
| 706 | 710 |
screen_it n-sch "cd $NOVA_DIR && $NOVA_BIN_DIR/nova-scheduler --config-file $NOVA_CONF_BOTTOM" |