Redeploy Openstack Controller Grizzly with quantum

3f3a78a1 · Alain Takoudjou · ef4c8b23 · 3f3a78a1 · 3f3a78a1 · 3f3a78a1
Commit 3f3a78a1 authored Oct 02, 2013 by Alain Takoudjou
8 changed files
--- a/software/openstack/instance-main.cfg
+++ b/software/openstack/instance-main.cfg
@@ -111,16 +111,19 @@ shell-path = ${dash:location}/bin/dash

 [install-script]
 recipe = slapos.recipe.template
-url = ${openstack-install:location}/${openstack-install:filename}
-output = $${directory:nova}/openstack_install.sh
+url = ${openstack-grizzly:location}/${openstack-grizzly:filename}
+output = $${directory:nova}/stack_controller_grizzly.sh
 mode = 0700

-nova-url = https://github.com/openstack-dev/devstack.git
+#nova-url = https://github.com/openstack-dev/devstack.git
+image-url = $${slap-parameter:glance-image-url}
+image-name = $${slap-parameter:glance-image-name}
 slap-ipv4 = $${slap-network-information:local-ipv4}
 nova-passwd = $${master-passwd:passwd}
 nova-user = $${slap-parameter:system-user}
 vnc-url = $${request-openstack-vnc-frontend:connection-url}
-devstack-revision = $${slap-parameter:devstack-revision}
+project = $${slap-parameter:project}
+user-name = $${slap-parameter:user-name}

 [nova-conf-run]
 recipe = slapos.recipe.template
@@ -133,6 +136,9 @@ ssh-port = $${tunnel-ipv6-ssh:ipv6-port}
 system-user = $${slap-parameter:system-user}
 system-passwd = $${slap-parameter:system-passwd}
 nova-configure = $${install-script:output}
+keystone-endpoints-script = ${openstack-keystone-endpoints-script:location}/${openstack-keystone-endpoints-script:filename}
+keystone-script = ${openstack-keystone-script:location}/${openstack-keystone-script:filename}
+floating-ip-generate = ${network-floating-ip-generate:location}/${network-floating-ip-generate:filename}
 nova-result = $${directory:log}
 python_path = ${buildout:executable}
 eggs-dir = ${buildout:eggs-directory}
@@ -315,10 +321,14 @@ nbd2-host =
  
 system-user = stack
 system-passwd = openstack
+project = slapos
+user-name = slapos
+glance-image-url = http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img
+glance-image-name = cirros-0.3.1-x86_64

 domain =
 virtual-hard-drive-url =
 virtual-hard-drive-md5sum =

 #Using devstack to auto install openstack. We just specify here the commit to use
-devstack-revision = 0b29d86930fb9ba00dbb8e593b0a9fcee3559810
\ No newline at end of file
+#devstack-revision = 
\ No newline at end of file
--- a/software/openstack/software.cfg
+++ b/software/openstack/software.cfg
@@ -35,7 +35,7 @@ eggs =
 [template-openstack-main]
 recipe = slapos.recipe.template
 url = ${:_profile_base_location_}/instance-main.cfg
-md5sum = 96147d4052fac19fe9a6a72ecc1233ad
+md5sum = bf86f17749961de846ef191bf96c8ad1
 output = ${buildout:directory}/template-openstack-main.cfg
 mode = 0644

@@ -67,12 +67,32 @@ md5sum = 136339c0d704bb11af3839726e24c47f
 [compute-script-run]
 <= template-download
 filename = ssh-configure.py.in
-md5sum = e10b3796e028b65465a05b6a0c6f9762
+md5sum = 2a4f82db89a01ed0866682a30bce185b
+
+[network-floating-ip-generate]
+<= template-download
+filename = network.py
+#md5sum = 

 [openstack-install]
 <= template-download
 filename = openstack-install.sh.in
-md5sum = 1094a575e8bf577b1ed5f2ab91556b1b
+md5sum = 5cd174f8e94f5d975d7940ac65d8e9f4
+
+[openstack-grizzly]
+<= template-download
+filename = stack_controller_grizzly.sh.in
+#md5sum = 
+
+[openstack-keystone-script]
+<= template-download
+filename = keystone_basic.sh
+#md5sum = 
+
+[openstack-keystone-endpoints-script]
+<= template-download
+filename = keystone_endpoints_basic.sh
+#md5sum = 

 [slapos.cookbook-repository]
 recipe = slapos.recipe.build:gitclone
@@ -137,39 +157,44 @@ signature-certificate-list =
 Jinja2 = 2.7.1
 MarkupSafe = 0.18
 Werkzeug = 0.9.4
-apache-libcloud = 0.13.1
+apache-libcloud = 0.13.2
 async = 0.6.1
 buildout-versions = 1.7
 gitdb = 0.5.4
 itsdangerous = 0.23
 lxml = 3.2.3
 meld3 = 0.6.10
-paramiko = 1.11.0
+paramiko = 1.12.0
+plone.recipe.command = 1.1
 pycrypto = 2.6
 slapos.recipe.build = 0.12
 slapos.recipe.cmmi = 0.2
 slapos.recipe.download = 1.0.dev-r4053
 slapos.recipe.template = 2.5
-slapos.toolbox = 0.36
+slapos.toolbox = 0.37
 smmap = 0.8.2
 websockify = 0.5.1
 z3c.recipe.scripts = 1.0.1

 # Required by:
 # slapos.core==0.35.1
-# slapos.toolbox==0.36
+# slapos.toolbox==0.37
 Flask = 0.10.1

 # Required by:
-# slapos.toolbox==0.36
+# slapos.toolbox==0.37
 GitPython = 0.3.2.RC1

 # Required by:
-# slapos.toolbox==0.36
+# slapos.toolbox==0.37
 atomize = 0.1.1

 # Required by:
-# slapos.toolbox==0.36
+# paramiko==1.12.0
+ecdsa = 0.9
+
+# Required by:
+# slapos.toolbox==0.37
 feedparser = 5.1.3

 # Required by:
@@ -193,8 +218,8 @@ netifaces = 0.8-1
 numpy = 1.7.1

 # Required by:
-# slapos.toolbox==0.36
-psutil = 1.0.1
+# slapos.toolbox==0.37
+psutil = 1.1.0

 # Required by:
 # slapos.core==0.35.1
@@ -202,11 +227,11 @@ pyflakes = 0.7.3

 # Required by:
 # slapos.cookbook==0.83.1
-pytz = 2013d
+pytz = 2013.7

 # Required by:
 # slapos.cookbook==0.83.1
-# slapos.toolbox==0.36
+# slapos.toolbox==0.37
 slapos.core = 0.35.1

 # Required by:
@@ -219,9 +244,13 @@ unittest2 = 0.5.1

 # Required by:
 # slapos.cookbook==0.83.1
-# slapos.toolbox==0.36
+# slapos.toolbox==0.37
 xml-marshaller = 0.9.7

 # Required by:
 # slapos.core==0.35.1
-zope.interface = 4.0.5
\ No newline at end of file
+zope.interface = 4.0.5
+cliff = 1.4.5
+cmd2 = 0.6.7
+pyparsing = 2.0.1
+requests = 2.0.0
\ No newline at end of file
--- a/software/openstack/templates/keystone_basic.sh
+++ b/software/openstack/templates/keystone_basic.sh
+#!/bin/bash -xe
+#
+# Keystone basic configuration 
+
+# Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
+
+# Modified by Bilel Msekni / Institut Telecom
+#
+# Modified by Alain Takoudjou Kamdem
+#
+# Support: openstack@lists.launchpad.net
+# License: Apache Software License (ASL) 2.0
+#
+source localrc
+
+
+HOST_IP=${HOST_IP:-10.10.100.51}
+ADMIN_PASSWORD=${ADMIN_PASSWORD:-openstack}
+SERVICE_PASSWORD=${SERVICE_PASSWORD:-openstack}
+export SERVICE_TOKEN="ADMIN"
+export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
+SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service}
+
+get_id () {
+    echo `$@ | awk '/ id / { print $4 }'`
+}
+
+# Tenants
+ADMIN_TENANT=$(get_id keystone tenant-create --name=admin)
+SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME)
+
+
+# Users
+ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com)
+
+
+# Roles
+ADMIN_ROLE=$(get_id keystone role-create --name=admin)
+KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin)
+KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin)
+
+# Add Roles to Users in Tenants
+keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT
+keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT
+
+# The Member role is used by Horizon and Swift
+MEMBER_ROLE=$(get_id keystone role-create --name=Member)
+
+# Configure service users/roles
+NOVA_USER=$(get_id keystone user-create --name=nova --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=nova@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE
+
+GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE
+
+QUANTUM_USER=$(get_id keystone user-create --name=quantum --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE
+
+CINDER_USER=$(get_id keystone user-create --name=cinder --pass="$SERVICE_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com)
+keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE
--- a/software/openstack/templates/keystone_endpoints_basic.sh
+++ b/software/openstack/templates/keystone_endpoints_basic.sh
+#!/bin/bash -xe
+#
+# Keystone basic Endpoints
+
+# Mainly inspired by https://github.com/openstack/keystone/blob/master/tools/sample_data.sh
+
+# Modified by Bilel Msekni / Institut Telecom
+#
+# Modified by Alain Takoudjou Kamdem
+#
+# Support: openstack@lists.launchpad.net
+# License: Apache Software License (ASL) 2.0
+#
+
+source localrc
+# Host address
+HOST_IP=${HOST_IP:-10.10.100.51}
+EXT_HOST_IP=$PUBLIC_ADDRESS
+
+# MySQL definitions
+MYSQL_USER=openstack
+MYSQL_DATABASE=keystone
+MYSQL_HOST=$HOST_IP
+MYSQL_PASSWORD=$MYSQLPASS
+
+# Keystone definitions
+KEYSTONE_REGION=RegionOne
+export SERVICE_TOKEN=ADMIN
+export SERVICE_ENDPOINT="http://${HOST_IP}:35357/v2.0"
+
+while getopts "u:D:p:m:K:R:E:T:vh" opt; do
+  case $opt in
+    u)
+      MYSQL_USER=$OPTARG
+      ;;
+    D)
+      MYSQL_DATABASE=$OPTARG
+      ;;
+    p)
+      MYSQL_PASSWORD=$OPTARG
+      ;;
+    m)
+      MYSQL_HOST=$OPTARG
+      ;;
+    K)
+      MASTER=$OPTARG
+      ;;
+    R)
+      KEYSTONE_REGION=$OPTARG
+      ;;
+    E)
+      export SERVICE_ENDPOINT=$OPTARG
+      ;;
+    T)
+      export SERVICE_TOKEN=$OPTARG
+      ;;
+    v)
+      set -x
+      ;;
+    h)
+      cat <<EOF
+Usage: $0 [-m mysql_hostname] [-u mysql_username] [-D mysql_database] [-p mysql_password]
+       [-K keystone_master ] [ -R keystone_region ] [ -E keystone_endpoint_url ] 
+       [ -T keystone_token ]
+          
+Add -v for verbose mode, -h to display this message.
+EOF
+      exit 0
+      ;;
+    \?)
+      echo "Unknown option -$OPTARG" >&2
+      exit 1
+      ;;
+    :)
+      echo "Option -$OPTARG requires an argument" >&2
+      exit 1
+      ;;
+  esac
+done  
+
+if [ -z "$KEYSTONE_REGION" ]; then
+  echo "Keystone region not set. Please set with -R option or set KEYSTONE_REGION variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$SERVICE_TOKEN" ]; then
+  echo "Keystone service token not set. Please set with -T option or set SERVICE_TOKEN variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$SERVICE_ENDPOINT" ]; then
+  echo "Keystone service endpoint not set. Please set with -E option or set SERVICE_ENDPOINT variable." >&2
+  missing_args="true"
+fi
+
+if [ -z "$MYSQL_PASSWORD" ]; then
+  echo "MySQL password not set. Please set with -p option or set MYSQL_PASSWORD variable." >&2
+  missing_args="true"
+fi
+
+if [ -n "$missing_args" ]; then
+  exit 1
+fi
+ 
+keystone service-create --name nova --type compute --description 'OpenStack Compute Service'
+keystone service-create --name cinder --type volume --description 'OpenStack Volume Service'
+keystone service-create --name glance --type image --description 'OpenStack Image Service'
+keystone service-create --name keystone --type identity --description 'OpenStack Identity'
+keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service'
+keystone service-create --name quantum --type network --description 'OpenStack Networking service'
+
+create_endpoint () {
+  case $1 in
+    compute)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s'
+    ;;
+    volume)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s'
+    ;;
+    image)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9292/v2' --adminurl 'http://'"$HOST_IP"':9292/v2' --internalurl 'http://'"$HOST_IP"':9292/v2'
+    ;;
+    identity)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':5000/v2.0' --adminurl 'http://'"$HOST_IP"':35357/v2.0' --internalurl 'http://'"$HOST_IP"':5000/v2.0'
+    ;;
+    ec2)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':8773/services/Cloud' --adminurl 'http://'"$HOST_IP"':8773/services/Admin' --internalurl 'http://'"$HOST_IP"':8773/services/Cloud'
+    ;;
+    network)
+    keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$EXT_HOST_IP"':9696/' --adminurl 'http://'"$HOST_IP"':9696/' --internalurl 'http://'"$HOST_IP"':9696/'
+    ;;
+  esac
+}
+
+for i in compute volume image object-store identity ec2 network; do
+  id=`mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_PASSWORD" "$MYSQL_DATABASE" -ss -e "SELECT id FROM service WHERE type='"$i"';"` || exit 1
+  create_endpoint $i $id
+done
--- a/software/openstack/templates/network.py
+++ b/software/openstack/templates/network.py
+#!/usr/bin/env python
+
+#Print Network address and generate range of 60 IPV4s for Openstack floatings IPs
+
+import os
+import sys
+from netaddr import IPNetwork
+
+def getNetwork(ipaddress, mask):
+	net = str(IPNetwork('%s/%s' % (ipaddress, mask)).cidr.network)
+	net_cidr = str(IPNetwork('%s/%s' % (ipaddress, mask)).cidr)
+	items = ipaddress.split('.')
+	base = "%s.%s.%s" % (items[0], items[1], items[2])
+	if int(items[3])+60 < 254:
+		ranges = "%s.%s %s.%s" % (base, (int(items[3])+1), 
+			base, (int(items[3])+60))
+	else:
+		ranges = "%s.%s %s.%s" % (base, (int(items[3])-1), 
+			base, (int(items[3])-60))
+	return net + " " + net_cidr + " " + ranges
+	
+if __name__ == '__main__':
+	print getNetwork(sys.argv[1], sys.argv[2])
+	exit(0)
\ No newline at end of file
--- a/software/openstack/templates/openstack-install.sh.in
+++ b/software/openstack/templates/openstack-install.sh.in
@@ -84,5 +84,4 @@ fi
 #Allow openstack images to access to internet
 #sudo iptables -t nat -A POSTROUTING -s $FLOATING_RANGE -j MASQUERADE

-exit 0
-
+exit 0
\ No newline at end of file
--- a/software/openstack/templates/ssh-configure.py.in
+++ b/software/openstack/templates/ssh-configure.py.in
@@ -24,6 +24,9 @@ hostname = '${:host-ip}'
 ssh_run = os.path.join('${:nova-result}', 'nova-configure.log')
 ssh_check = os.path.join('${:nova-result}', 'ssh_check.log')
 nova_configure = '${:nova-configure}'
+keystone_script = '${:keystone-script}'
+keystone_endpoints_script = '${:keystone-endpoints-script}'
+floating_ip_generate_script = '${:floating-ip-generate}'
 instance = '${:instance}'.strip() #Type: manage or compute

 def getClient():
@@ -42,7 +45,7 @@ def installCompute():

  #Install nova components and services
  print "Installing nova..." 
-  install_command = "echo %s | sudo -S /bin/sh configure.sh" % password
+  install_command = "echo %s | sudo -S /bin/bash -xe configure.sh 2>&1 | tee install.log" % password
  stdin, stdout, stderr = client.exec_command(install_command)
  with open(ssh_run, 'a') as output:
    output.write(stdout.read())
@@ -55,17 +58,27 @@ def installCompute():
    output.write(stdout.read())

 def installManage():
-
+  
+  #copy keystone configure and network address generate scripts
+  sftp = client.open_sftp()
+  result = sftp.put(keystone_script, 'keystone_basic.sh' )
+  print 'Keystone Basic Configuration script has been copied successfully! File size: %s' % result.st_size
+  result = sftp.put(keystone_endpoints_script, 'keystone_endpoints_basic.sh' )
+  print 'Keystone Endpoints Configuration script has been copied successfully! File size: %s' % result.st_size
+  result = sftp.put(floating_ip_generate_script, 'network.py' )
+  print 'Network generate script has been copied successfully! File size: %s' % result.st_size
+  sftp.close()
+  
  #Install nova components and services
  print "Downloading and installing Openstack on computer..."
-  install_command = "echo %s | sudo -S /bin/sh configure.sh" % password
+  install_command = "echo %s | sudo -S /bin/bash -xe configure.sh 2>&1 | tee install.log" % password
  stdin, stdout, stderr = client.exec_command(install_command)
  with open(ssh_run, 'w') as output:
    output.write(stdout.read())
-  #Check installation status
+    
  #Check nova service status
  print "Checking nova service status..."
-  nova_command = 'nova-manage service list'
+  nova_command = 'echo %s | sudo -S nova-manage service list' % password
  stdin, stdout, stderr = client.exec_command(nova_command)
  with open(ssh_check, 'w') as output:
    output.write(stdout.read())
@@ -77,11 +90,11 @@ if __name__ == '__main__':
    time.sleep(5)
  try:
    #Try to run openstack command before all other system process are started
-    time.sleep(30)
+    time.sleep(20)
    #Write file configure.sh to use.
    sftp = client.open_sftp()
    result = sftp.put(nova_configure, 'configure.sh' )
-    print 'Nova configuration file has been copied successfully! File size: %s' % result.st_size
+    print 'Nova configuration scipt has been copied successfully! File size: %s' % result.st_size
    sftp.close()
    if instance == "manage":
      installManage()

--- a/software/openstack/templates/stack_controller_grizzly.sh.in
+++ b/software/openstack/templates/stack_controller_grizzly.sh.in