def glusterswiftSetup(): """ Configures gluster-swift Based on the gluster-swift quick start guide: https://github.com/gluster/gluster-swift/blob/master/doc/markdown/quick_start_guide.md Assumes GlusterFS packages are installed """ msg = 'Install gluster-swift' runCheck( msg, 'yum install -y http://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHS/SRPMS/gluster-swift-1.4.8-4.el6.src.rpm' ) #'yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/openstack-swift-2.2.0-1.el7.centos.noarch.rpm') #'yum install -y https://launchpad.net/swift/juno/2.2.0/+download/swift-2.2.0.tar.gz') #'yum install -y https://launchpad.net/swiftonfile/havana/1.10.0-2/+download/glusterfs-openstack-swift-1.10.0-2.5.el6.noarch.rpm') msg = 'Make sure that gluster-swift is enabled at system startup' runCheck( msg, "chkconfig openstack-swift-proxy on\n" "chkconfig openstack-swift-account on\n" "chkconfig openstack-swift-container on\n" "chkconfig openstack-swift-object on") # Fedora 19 Adjustment - might or might not be necessary for CentOS 7 # Currently gluster-swift requires its processes to be run as root. # We need to edit the openstack-swift-*.service files in # /etc/systemd/system/multi-user.target.wants and change the User entry value to root. services = ['proxy', 'account', 'container', 'object'] for service in services: confFile = '/etc/systemd/system/multi-user.target.wants/openstack-swift-%s.service' % ( service) set_parameter(confFile, '', 'User', 'root') msg = 'Restart services' runCheck(msg, 'systemctl --system daemon-reload') # copy the *.conf-gluster files to *.conf files with cd('/etc/swift/'): msg = 'copy the *.conf-gluster files to *.conf files' runCheck( msg, 'for tmpl in *.conf-gluster ; do cp ${tmpl} ${tmpl%.*}.conf; done') msg = 'Generate the ring files' runCheck(msg, 'gluster-swift-gen-builders ' + env_config.swiftVolume) msg = 'Expose the gluster volume' runCheck(msg, 'cd /etc/swift; /usr/bin/gluster-swift-gen-builders myvolume') for service in services: msg = 'Start service ' + service runCheck(msg, 'service %s start' % service)
def compute_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf, "''", 'net.ipv4.conf.all.rp_filter', '0') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.default.rp_filter', '0') msg = "Implement changes on sysctl on compute node " + env.host runCheck(msg, "sysctl -p") installPackagesCompute() # configuration configure_the_Networking_common_components() # same as networking configure_ML2_plug_in_compute() configure_nova_to_use_neutron() msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable openvswitch.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start openvswitch.service') # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = 'Create a symbolic link to Open vSwitch\'s conf file' runCheck( msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini' ) # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: msg = 'Chenge Open vSwitch to look for a symbolic link to to the ML2 conf file' run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") msg = 'Restart Nova service' runCheck(msg, "systemctl restart openstack-nova-compute.service") msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable neutron-openvswitch-agent.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start neutron-openvswitch-agent.service') msg = 'Restart Open vSwitch' runCheck(msg, 'systemctl restart neutron-openvswitch-agent.service')
def configure_block_storage(): block_config_file = '/etc/cinder/cinder.conf' set_parameter(block_config_file, 'DEFAULT', 'control_exchange', 'cinder') set_parameter(block_config_file, 'DEFAULT', 'notification_driver', 'messagingv2') run("systemctl restart openstack-cinder-api.service openstack-cinder-scheduler.service" ) run("systemctl restart openstack-cinder-volume.service")
def glusterswiftSetup(): """ Configures gluster-swift Based on the gluster-swift quick start guide: https://github.com/gluster/gluster-swift/blob/master/doc/markdown/quick_start_guide.md Assumes GlusterFS packages are installed """ msg = 'Install gluster-swift' runCheck(msg, 'yum install -y http://ftp.redhat.com/pub/redhat/linux/enterprise/6Server/en/RHS/SRPMS/gluster-swift-1.4.8-4.el6.src.rpm') #'yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-juno/epel-7/openstack-swift-2.2.0-1.el7.centos.noarch.rpm') #'yum install -y https://launchpad.net/swift/juno/2.2.0/+download/swift-2.2.0.tar.gz') #'yum install -y https://launchpad.net/swiftonfile/havana/1.10.0-2/+download/glusterfs-openstack-swift-1.10.0-2.5.el6.noarch.rpm') msg = 'Make sure that gluster-swift is enabled at system startup' runCheck(msg, "chkconfig openstack-swift-proxy on\n" "chkconfig openstack-swift-account on\n" "chkconfig openstack-swift-container on\n" "chkconfig openstack-swift-object on") # Fedora 19 Adjustment - might or might not be necessary for CentOS 7 # Currently gluster-swift requires its processes to be run as root. # We need to edit the openstack-swift-*.service files in # /etc/systemd/system/multi-user.target.wants and change the User entry value to root. services = ['proxy','account','container','object'] for service in services: confFile = '/etc/systemd/system/multi-user.target.wants/openstack-swift-%s.service' % (service) set_parameter(confFile, '', 'User', 'root') msg = 'Restart services' runCheck(msg, 'systemctl --system daemon-reload') # copy the *.conf-gluster files to *.conf files with cd('/etc/swift/'): msg = 'copy the *.conf-gluster files to *.conf files' runCheck(msg, 'for tmpl in *.conf-gluster ; do cp ${tmpl} ${tmpl%.*}.conf; done') msg = 'Generate the ring files' runCheck(msg, 'gluster-swift-gen-builders '+env_config.swiftVolume) msg = 'Expose the gluster volume' runCheck(msg, 'cd /etc/swift; /usr/bin/gluster-swift-gen-builders myvolume') for service in services: msg = 'Start service ' + service runCheck(msg, 'service %s start' % service)
def compute_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf,"''",'net.ipv4.conf.all.rp_filter','0') set_parameter(sysctl_conf,"''",'net.ipv4.conf.default.rp_filter','0') msg = "Implement changes on sysctl on compute node " + env.host runCheck(msg, "sysctl -p") installPackagesCompute() # configuration configure_the_Networking_common_components() # same as networking configure_ML2_plug_in_compute() configure_nova_to_use_neutron() msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable openvswitch.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start openvswitch.service') # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = 'Create a symbolic link to Open vSwitch\'s conf file' runCheck(msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini') # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: msg = 'Chenge Open vSwitch to look for a symbolic link to to the ML2 conf file' run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") msg = 'Restart Nova service' runCheck(msg, "systemctl restart openstack-nova-compute.service") msg = 'Enable Open vSwitch' runCheck(msg, 'systemctl enable neutron-openvswitch-agent.service') msg = 'Start Open vSwitch' runCheck(msg, 'systemctl start neutron-openvswitch-agent.service') msg = 'Restart Open vSwitch' runCheck(msg, 'systemctl restart neutron-openvswitch-agent.service')
def setOVSConf(): confFile = configs['ovs'] backupConfFile(confFile, backupSuffix) # set bridge mappings mappings = 'external:br-ex,' + ','.join( ['physnet%d:%s' % (tag, bridge[tag]) for tag in vlans]) set_parameter(confFile, 'ovs', 'bridge_mappings', mappings) physnets = ','.join(['physnet' + str(tag) for tag in vlans]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', physnets)
def hardware_accel_check(): """ Determine whether compute node supports hardware acceleration for VMs """ with settings(warn_only=True): output = run("egrep -c '(vmx|svm)' /proc/cpuinfo") if int(output) < 1: print blue("Compute node does not support Hardware acceleration for virtual machines") print blue("Configure libvirt to use QEMU instead of KVM") set_parameter(etc_nova_config_file, 'libvirt', 'virt_type', 'qemu')
def setL3Conf(): confFile = configs['l3'] backupConfFile(confFile, backupSuffix) # When external_network_bridge is set, each L3 agent can be associated # with no more than one external network. This value should be set to the UUID # of that external network. To allow L3 agent support multiple external # networks, both the external_network_bridge and gateway_external_network_id # must be left empty. set_parameter(confFile, 'DEFAULT', 'external_network_bridge', "''") set_parameter(confFile, 'DEFAULT', 'gateway_external_network_id', "''")
def hardware_accel_check(): """ Determine whether compute node supports hardware acceleration for VMs """ with settings(warn_only=True): output = run("egrep -c '(vmx|svm)' /proc/cpuinfo") if int(output) < 1: print blue( "Compute node does not support Hardware acceleration for virtual machines" ) print blue("Configure libvirt to use QEMU instead of KVM") set_parameter(etc_nova_config_file, 'libvirt', 'virt_type', 'qemu')
def configure_metadata_proxy_on_controller(): # to configure the metadata agent, some changes need to be made # on the controller node # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf, 'neutron', 'service_metadata_proxy', 'True') set_parameter(nova_conf, 'neutron', 'metadata_proxy_shared_secret', passwd['METADATA_SECRET']) msg = "Restart Nova service" runCheck(msg, "systemctl restart openstack-nova-api.service")
def configure_metadata_proxy_on_controller(): # to configure the metadata agent, some changes need to be made # on the controller node # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf,'neutron','service_metadata_proxy','True') set_parameter(nova_conf,'neutron','metadata_proxy_shared_secret', passwd['METADATA_SECRET']) msg = "Restart Nova service" runCheck(msg, "systemctl restart openstack-nova-api.service")
def createOrganizationalUnitsAndDefineLocation(): set_parameter(confFile, 'ldap', 'user_tree_dn', 'ou=Users,dc=example,dc=org') set_parameter(confFile, 'ldap', 'user_objectclass', 'inetOrgPerson') set_parameter(confFile, 'ldap', 'group_tree_dn', 'ou=Groups,dc=example,dc=org') set_parameter(confFile, 'ldap', 'group_objectclass', 'groupOfNames')
def finalizeInstallation(): """ Final steps of the installation, such as setting swift.conf and restarting services """ confFile = '/etc/swift/swift.conf' localFile = 'swift.conf' msg = 'Put base config file on node' out = put(localFile,confFile) if out.succeeded: printMessage('good',msg) else: printMessage('oops',msg) # In the [swift-hash] section, configure the hash path prefix and suffix for your environment set_parameter(confFile,'swift-hash','swift_hash_path_prefix',env_config.hashPathPrefix) set_parameter(confFile,'swift-hash','swift_hash_path_suffix',env_config.hashPathSuffix) # In the [storage-policy:0] section, configure the default storage policy set_parameter(confFile,'storage-policy:0','name','Policy-0') set_parameter(confFile,'storage-policy:0','default','yes') msg = 'Change ownership of the configuration directory to swift' run("chown -R swift:swift /etc/swift") execute(startServicesController) execute(startServicesStorage)
def finalizeInstallation(): """ Final steps of the installation, such as setting swift.conf and restarting services """ confFile = '/etc/swift/swift.conf' localFile = 'swift.conf' msg = 'Put base config file on node' out = put(localFile, confFile) if out.succeeded: printMessage('good', msg) else: printMessage('oops', msg) # In the [swift-hash] section, configure the hash path prefix and suffix for your environment set_parameter(confFile, 'swift-hash', 'swift_hash_path_prefix', env_config.hashPathPrefix) set_parameter(confFile, 'swift-hash', 'swift_hash_path_suffix', env_config.hashPathSuffix) # In the [storage-policy:0] section, configure the default storage policy set_parameter(confFile, 'storage-policy:0', 'name', 'Policy-0') set_parameter(confFile, 'storage-policy:0', 'default', 'yes') msg = 'Change ownership of the configuration directory to swift' run("chown -R swift:swift /etc/swift") execute(startServicesController) execute(startServicesStorage)
def configure_object_storage(): object_config_file = '/etc/swift/proxy-server.conf' # get admin credentials to run the CLI commands credentials = env_config.admin_openrc with prefix(credentials): # before each creation, we check a list to avoid duplicates if 'Reseller' in run("keystone role-list"): print(blue("ResellerAdmin already set")) else: runCheck('', 'keystone role-create --name ResellerAdmin') runCheck('Create and add ResellerAdmin to ',"keystone user-role-add --tenant service --user ceilometer " + \ "--role $(keystone role-list | awk '/ResellerAdmin/ {print $2}')") set_parameter(object_config_file, 'filter:keystoneauth', 'operator_roles', 'admin,_member_,ResellerAdmin') set_parameter( object_config_file, 'pipeline:main', 'pipeline', 'authtoken cache healthcheck keystoneauth proxy-logging ceilometer proxy-server' ) set_parameter(object_config_file, 'filter:ceilometer', 'use', 'egg:ceilometer#swift') set_parameter(object_config_file, 'filter:ceilometer', 'log_level', 'WARN') runCheck('add swift to allow access to telemetry config files', "usermod -a -G ceilometer swift") runCheckm('restart swift', "systemctl restart openstack-swift-proxy.service")
def configure_notifications_on_compute(): conf_file = "/etc/nova/nova.conf" set_parameter(conf_file, 'DEFAULT', 'instance_usage_audit', 'True') set_parameter(conf_file, 'DEFAULT', 'instance_usage_audit_period', 'hour') set_parameter(conf_file, 'DEFAULT', 'notify_on_state_change', 'vm_and_task_state') set_parameter(conf_file, 'DEFAULT', 'notification_driver', 'messagingv2')
def configure_ML2_plug_in_network(): # most of the configuration is the same as the controller configure_ML2_plugin_general() # configure the external flat provider network set_parameter(ml2_conf_file, 'ml2_type_flat', 'flat_networks', 'external') # configure the external flat provider network set_parameter(ml2_conf_file, 'ovs', 'enable_tunneling', 'True') set_parameter(ml2_conf_file, 'ovs', 'bridge_mappings', 'external:br-ex') local_ip = env_config.nicDictionary[env.host]['tnlIPADDR'] set_parameter(ml2_conf_file, 'ovs', 'local_ip', local_ip) # enable GRE tunnels set_parameter(ml2_conf_file, 'agent', 'tunnel_types', 'gre')
def configure_ML2_plug_in_network(): # most of the configuration is the same as the controller configure_ML2_plugin_general() # configure the external flat provider network set_parameter(ml2_conf_file,'ml2_type_flat','flat_networks','external') # configure the external flat provider network set_parameter(ml2_conf_file,'ovs','enable_tunneling','True') set_parameter(ml2_conf_file,'ovs','bridge_mappings','external:br-ex') local_ip = env_config.nicDictionary[env.host]['tnlIPADDR'] set_parameter(ml2_conf_file,'ovs','local_ip',local_ip) # enable GRE tunnels set_parameter(ml2_conf_file,'agent','tunnel_types','gre')
def change_cinder_file_for_gluster(): set_parameter(etc_cinder_config_file, 'DEFAULT', 'volume_driver', 'cinder.volume.drivers.glusterfs.GlusterfsDriver') set_parameter(etc_cinder_config_file, 'DEFAULT', 'glusterfs_shares_config', '/etc/cinder/shares.conf') set_parameter(etc_cinder_config_file, 'DEFAULT', 'state_path', cinderGlusterDir) set_parameter(etc_cinder_config_file, 'DEFAULT', 'glusterfs_mount_point_base', "'$state_path'")
def setML2Conf(): confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'local,flat,gre,vxlan') # physnets = ','.join(['physnet%d' % tag for tag in vlans]) # set_parameter(confFile, 'ml2_type_flat', 'flat_networks', 'external,' + physnets) run("sed -i '/flat_networks = external/d' %s" % confFile) run("sed -i '/\[ml2_type_flat\]/a flat_networks = *' %s" % confFile) # set vlan ranges # network_vlan_ranges will be set to, e.g., # physnet208,physnet209,physnet2131:208:2131 # physnets = ','.join(['physnet%d' % tag for tag in vlans]) # set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', # '%s:%s:%s' % (physnets, min(vlans), max(vlans))) # set_parameter(confFile, 'ovs', 'tenant_network_type', 'gre') # set bridge mappings mappings = 'external:br-ex,' + ','.join( ['physnet%d:%s' % (tag, bridge[tag]) for tag in vlans]) set_parameter(confFile, 'ovs', 'bridge_mappings', mappings) physnets = ','.join(['physnet' + str(tag) for tag in vlans]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', physnets)
def network_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf, "''", 'net.ipv4.ip_forward', '1') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.all.rp_filter', '0') set_parameter(sysctl_conf, "''", 'net.ipv4.conf.default.rp_filter', '0') msg = "Implement changes on sysctl" runCheck( msg, "sysctl --system" ) # for more info visit: http://www.commandlinefu.com/commands/view/11891/reload-all-sysctl-variables-without-reboot installPackagesNetwork() # configuration configure_the_Networking_common_components() configure_ML2_plug_in_network() configure_Layer3_agent() configure_DHCP_agent() configure_metadata_agent() configure_Open_vSwitch_service() # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = "Create symbolic link to ml2 conf file" runCheck( msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini' ) # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") # initialize services msg = "Enable neutron services" run("systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service " + \ "neutron-ovs-cleanup.service") msg = "Start neutron services" run("systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service")
def configure_image_service(): RABBIT_PASS = passwd['RABBIT_PASS'] image_config_file_names = [ '/etc/glance/glance-api.conf', '/etc/glance/glance-registry.conf' ] for image_config_file in image_config_file_names: set_parameter(image_config_file, 'DEFAULT', 'notification_driver', 'messagingv2') set_parameter(image_config_file, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(image_config_file, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(image_config_file, 'DEFAULT', 'rabbit_password', RABBIT_PASS) run("systemctl restart openstack-glance-api.service openstack-glance-registry.service" )
def network_deploy(): # edit sysctl.conf # make a backup backupConfFile(sysctl_conf, backupSuffix) set_parameter(sysctl_conf,"''",'net.ipv4.ip_forward','1') set_parameter(sysctl_conf,"''",'net.ipv4.conf.all.rp_filter','0') set_parameter(sysctl_conf,"''",'net.ipv4.conf.default.rp_filter','0') msg = "Implement changes on sysctl" runCheck(msg, "sysctl --system") # for more info visit: http://www.commandlinefu.com/commands/view/11891/reload-all-sysctl-variables-without-reboot installPackagesNetwork() # configuration configure_the_Networking_common_components() configure_ML2_plug_in_network() configure_Layer3_agent() configure_DHCP_agent() configure_metadata_agent() configure_Open_vSwitch_service() # finalize installation # The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini # pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. # If this symbolic link does not exist, create it if 'plugin.ini' not in run('ls /etc/neutron'): msg = "Create symbolic link to ml2 conf file" runCheck(msg, 'ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini') # Due to a packaging bug, the Open vSwitch agent initialization script explicitly looks for # the Open vSwitch plug-in configuration file rather than a symbolic link /etc/neutron/plugin.ini pointing to the ML2 # plug-in configuration file. Run the following commands to resolve this issue: run("cp /usr/lib/systemd/system/neutron-openvswitch-agent.service " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig") run("sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' " + \ "/usr/lib/systemd/system/neutron-openvswitch-agent.service") # initialize services msg = "Enable neutron services" run("systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service " + \ "neutron-ovs-cleanup.service") msg = "Start neutron services" run("systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service " + \ "neutron-dhcp-agent.service neutron-metadata-agent.service")
def setOVSConf(): "Set ovs_neutron_plugin.ini" # This isn't specified in the source (opencloudblog), but the file exists # and it seems like it should also be setup confFile = configs['ovs'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'tenant_network_type', 'vlan') networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ovs', 'network_vlan_ranges', networkVlanRanges)
def configureStorage(): """ Set the account-, container-, and object-server conf files """ serverConfFiles = ['account-server.conf','container-server.conf','object-server.conf'] ip = env_config.nicDictionary['compute1']['mgtIPADDR'] devicepath = swiftGlusterDir # devicepath = '/srv/node' # save base files into the host for fil in serverConfFiles: remotefile = '/etc/swift/' + fil out = put(fil,remotefile) msg = "Save file {} on host {}".format(fil,env.host) if out.succeeded: printMessage('good', msg) else: printMessage('oops', msg) # set variables that are the same in all conf files for confFile in serverConfFiles: set_parameter('/etc/swift/' + confFile,'DEFAULT','bind_ip',ip) set_parameter('/etc/swift/' + confFile,'DEFAULT','user','swift') set_parameter('/etc/swift/' + confFile,'DEFAULT','swift_dir','/etc/swift') set_parameter('/etc/swift/' + confFile,'DEFAULT','devices',devicepath) set_parameter('/etc/swift/' + confFile,'filter:recon','recon_cache_path','/var/cache/swift') # when the device isn't an actual disk, # we need to set mount_check to false set_parameter('/etc/swift/' + confFile,'DEFAULT','mount_check','false') # Edit the account-server.conf file confFile = '/etc/swift/' + serverConfFiles[0] set_parameter(confFile,'DEFAULT','bind_port','6002') set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon account-server'") # Edit the /etc/swift/container-server.conf file confFile = '/etc/swift/' + serverConfFiles[1] set_parameter(confFile,'DEFAULT','bind_port','6001') set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon container-server'") # Edit the /etc/swift/object-server.conf confFile = '/etc/swift/' + serverConfFiles[2] set_parameter(confFile,'DEFAULT','bind_port','6000') set_parameter(confFile,'pipeline:main','pipeline',"'healthcheck recon object-server'") msg = 'Ensure proper ownership of the mount point directory structure' runCheck(msg, "chown -R swift:swift {}".format(devicepath)) msg = 'Create the recon directory' runCheck(msg, "mkdir -p /var/cache/swift") msg = 'Ensure proper ownership of recon directory' runCheck(msg, " chown -R swift:swift /var/cache/swift")
def configure_metadata_agent(): # make a backup backupConfFile(metadata_agent_file, backupSuffix) set_parameter(metadata_agent_file, 'DEFAULT', 'auth_url', 'http://controller:5000/v2.0') set_parameter(metadata_agent_file, 'DEFAULT', 'auth_region', 'regionOne') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_tenant_name', 'service') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_user', 'neutron') set_parameter(metadata_agent_file, 'DEFAULT', 'nova_metadata_ip', 'controller') set_parameter(metadata_agent_file, 'DEFAULT', 'admin_password', passwd['NEUTRON_PASS']) set_parameter(metadata_agent_file, 'DEFAULT', 'metadata_proxy_shared_secret', passwd['METADATA_SECRET']) set_parameter(metadata_agent_file, 'DEFAULT', 'verbose', 'True') set_parameter(metadata_agent_file, 'DEFAULT', 'debug', 'True') execute(configure_metadata_proxy_on_controller)
def setMl2Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'gre,vlan,flat') set_parameter(confFile, 'ml2', 'mechanism_drivers', 'openvswitch') # sort the vlan tags to get the smallest and the largest networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', networkVlanRanges) # Crudini doesn't work with the * character run("sed -i 's/flat_networks = external/flat_networks = */' %s" % confFile) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'integration_bridge' , 'br-int') # TODO: determine whether this should be vlan, gre, or both: # tenant_network_type = type of network a tenant can create # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'vlan') # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'gre,vlan') set_parameter(confFile, 'ovs', 'tenant_network_types' , 'gre,vlan') set_parameter(confFile, 'ovs', 'local_ip' , env_config.nicDictionary[env.host]['tnlIPADDR']) set_parameter(confFile, 'agent', 'l2_population' , 'False')
def setDHCPConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['dhcp'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'DEFAULT', 'dhcp_delete_namespaces', 'True') set_parameter(confFile, 'DEFAULT', 'enable_metadata_network', 'False') set_parameter(confFile, 'DEFAULT', 'enable_isolated_metadata', 'True') set_parameter(confFile, 'DEFAULT', 'use_namespaces', 'True') set_parameter(confFile, 'DEFAULT', 'ovs_use_veth', 'False') set_parameter(confFile, 'DEFAULT', 'dhcp_agent_manager', 'neutron.agent.dhcp_agent.DhcpAgentWithStateReport')
def setL3Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['l3'] backupConfFile(confFile, backupSuffix) # very important - set the two following entries to an empty string # do not leave the default values set_parameter(confFile, 'DEFAULT', 'gateway_external_network_id', '') set_parameter(confFile, 'DEFAULT', 'external_network_bridge', '') # we use the legacy mode - HA and DVR are broken in Juno and should # not used in production environments set_parameter(confFile, 'DEFAULT', 'agent_mode', 'legacy') # nova metadata is deployed only on the network node(s) and listens on 127.0.0.1 node set_parameter(confFile, 'DEFAULT', 'metadata_port', '8775') set_parameter(confFile, 'DEFAULT', 'metadata_ip', '127.0.0.1') set_parameter(confFile, 'DEFAULT', 'enable_metadata_proxy', 'True') set_parameter(confFile, 'DEFAULT', 'handle_internal_only_routers', 'True') set_parameter(confFile, 'DEFAULT', 'router_delete_namespaces', 'True') # veths should be avoided set_parameter(confFile, 'DEFAULT', 'ovs_use_veth', 'False') set_parameter(confFile, 'DEFAULT', 'interface_driver', 'neutron.agent.linux.interface.OVSInterfaceDriver') set_parameter(confFile, 'DEFAULT', 'use_namespaces', 'True') # for testing set_parameter(confFile, 'DEFAULT', 'debug', 'True')
def configure_Layer3_agent(): # make a backup backupConfFile(l3_agent_file, backupSuffix) set_parameter(l3_agent_file,"DEFAULT","interface_driver","neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(l3_agent_file,"DEFAULT","use_namespaces","True") set_parameter(l3_agent_file,"DEFAULT","external_network_bridge","br-ex") set_parameter(l3_agent_file,"DEFAULT","router_delete_namespaces","True") set_parameter(l3_agent_file,"DEFAULT","verbose","True") set_parameter(l3_agent_file,"DEFAULT","debug","True")
def setNeutronConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['neutron'] backupConfFile(confFile, backupSuffix) section = 'DEFAULT' set_parameter(confFile, section, 'max_l3_agents_per_router', '2') set_parameter(confFile, section, 'l3_ha', 'False') set_parameter(confFile, section, 'allow_automatic_l3agent_failover', 'True') set_parameter(confFile, section, 'allow_overlapping_ips', 'True') set_parameter(confFile, section, 'core_plugin', 'ml2') set_parameter(confFile, section, 'service_plugins', 'router') # set_parameter(confFile, section, 'service_plugins', 'router,firewall,lbaas,vpnaas,metering') set_parameter(confFile, section, 'force_gateway_on_subnet', 'True') set_parameter(confFile, section, 'dhcp_options_enabled', 'False') set_parameter(confFile, section, 'dhcp_agents_per_network', '1') set_parameter(confFile, section, 'router_distributed', 'False') set_parameter(confFile, section, 'router_delete_namespaces', 'True') set_parameter(confFile, section, 'check_child_processes', 'True') section = 'securitygroup' set_parameter(confFile, section, 'firewall_driver', 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver') set_parameter(confFile, section, 'enable_ipset', 'True') set_parameter(confFile, section, 'enable_security_group', 'True') section = 'agent' set_parameter(confFile, section, 'enable_distributed_routing', 'False') set_parameter(confFile, section, 'dont_fragment', 'True') set_parameter(confFile, section, 'arp_responder', 'False') # Crudini doesn't work when a variable name is setup more than once, as is service_provider, # so for this one we use sed newLine = ['service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default'] run("sed -i \"/\[service_providers\]/a %s\" %s" % (newLine, confFile))
def configure_ML2_plugin_general(): # The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual # networking framework for instances. However, the controller node does not need the OVS # components because it does not handle instance network traffic. # make a backup backupConfFile(ml2_conf_file, backupSuffix) # set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre') set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre,vlan') set_parameter(ml2_conf_file,'ml2','tenant_network_types','gre') set_parameter(ml2_conf_file,'ml2','mechanism_drivers','openvswitch') set_parameter(ml2_conf_file,'ml2_type_gre','tunnel_id_ranges','1:1000') set_parameter(ml2_conf_file,'securitygroup','enable_security_group','True') set_parameter(ml2_conf_file,'securitygroup','enable_ipset','True') set_parameter(ml2_conf_file,'securitygroup','firewall_driver',\ 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver')
def configure_the_Networking_common_components(): # make a backup backupConfFile(neutron_conf, backupSuffix) # configure RabbitMQ access set_parameter(neutron_conf,'DEFAULT','rpc_backend','rabbit') set_parameter(neutron_conf,'DEFAULT','rabbit_host','controller') set_parameter(neutron_conf,'DEFAULT','rabbit_password',passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf,'DEFAULT','auth_strategy','keystone') set_parameter(neutron_conf,'keystone_authtoken','auth_uri','http://controller:5000/v2.0') set_parameter(neutron_conf,'keystone_authtoken','identity_uri','http://controller:35357') set_parameter(neutron_conf,'keystone_authtoken','admin_tenant_name','service') set_parameter(neutron_conf,'keystone_authtoken','admin_user','neutron') set_parameter(neutron_conf,'keystone_authtoken','admin_password',passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf,'DEFAULT','core_plugin','ml2') set_parameter(neutron_conf,'DEFAULT','service_plugins','router') set_parameter(neutron_conf,'DEFAULT','allow_overlapping_ips','True') set_parameter(neutron_conf,'DEFAULT','verbose','True') set_parameter(neutron_conf,'DEFAULT','debug','True')
def setup_nova_config_files_on_compute(): """ Set up variables on several config files on the compute node """ NOVA_PASS = passwd['NOVA_PASS'] NOVA_DBPASS = passwd['NOVA_DBPASS'] RABBIT_PASS = passwd['RABBIT_PASS'] MANAGEMENT_IP = env_config.nicDictionary[env.host]['mgtIPADDR'] set_parameter(etc_nova_config_file, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_password', RABBIT_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_user', 'nova') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_password', NOVA_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'my_ip', MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'DEFAULT', 'vnc_enabled', 'True') set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_listen', '0.0.0.0') set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_proxyclient_address', MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_base_url', 'http://controller:6080/vnc_auto.html') set_parameter(etc_nova_config_file, 'glance', 'host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'verbose', 'True') set_parameter(etc_nova_config_file, 'libvirt', 'cpu_mode', 'host-passthrough') if 'ipmi5' in check_output('echo $HOSTNAME',shell=True): # set this parameter if we are not in production mode set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_host', '0.0.0.0') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_port', '6080') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_base_url', 'http://129.128.208.164:6080/vnc_auto.html') else: set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_listen', MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_proxyclient_address', MANAGEMENT_IP) hardware_accel_check()
def setup_nova_config_files_on_controller(): NOVA_PASS = passwd['NOVA_PASS'] NOVA_DBPASS = passwd['NOVA_DBPASS'] RABBIT_PASS = passwd['RABBIT_PASS'] CONTROLLER_MANAGEMENT_IP = env_config.nicDictionary['controller']['mgtIPADDR'] set_parameter(etc_nova_config_file, 'database', 'connection', 'mysql://*****:*****@controller/nova'.format(NOVA_DBPASS)) set_parameter(etc_nova_config_file, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_password', RABBIT_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_user', 'nova') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_password', NOVA_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'my_ip', CONTROLLER_MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'glance', 'host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'verbose', 'True') set_parameter(etc_nova_config_file, 'libvirt', 'cpu_mode', 'host-passthrough') if 'ipmi5' in check_output('echo $HOSTNAME',shell=True): # set this parameter if we are not in production mode set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_host', '0.0.0.0') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_port', '6080') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_base_url', 'http://129.128.208.164:6080/vnc_auto.html') else: set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_listen', CONTROLLER_MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_proxyclient_address', CONTROLLER_MANAGEMENT_IP)
def setup_heat_config_files(HEAT_PASS, HEAT_DBPASS, RABBIT_PASS): msg = 'Install packages' runCheck(msg, "yum install -y openstack-heat-api openstack-heat-api-cfn openstack-heat-engine python-heatclient") set_parameter(etc_heat_config_file, 'database', 'connection', 'mysql://*****:*****@controller/heat'.format(HEAT_DBPASS)) set_parameter(etc_heat_config_file, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(etc_heat_config_file, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(etc_heat_config_file, 'DEFAULT', 'rabbit_password', RABBIT_PASS) set_parameter(etc_heat_config_file, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(etc_heat_config_file, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(etc_heat_config_file, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(etc_heat_config_file, 'keystone_authtoken', 'admin_user', 'heat') set_parameter(etc_heat_config_file, 'keystone_authtoken', 'admin_password', HEAT_PASS) set_parameter(etc_heat_config_file, 'ec2authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(etc_heat_config_file, 'DEFAULT', 'heat_metadata_server_url', 'http://controller:8000') set_parameter(etc_heat_config_file, 'DEFAULT', 'heat_waitcondition_server_url', 'http://controller:8000/v1/waitcondition') set_parameter(etc_heat_config_file, 'DEFAULT', 'verbose', 'True')
def setup_nova_conf_file(): set_parameter(etc_nova_config_file, 'glance', 'libvirt_type', 'qemu') set_parameter(etc_nova_config_file, 'DEFAULT', 'instances_path', novaGlusterDir)
def setMl2Conf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['ml2'] backupConfFile(confFile, backupSuffix) set_parameter(confFile, 'ml2', 'type_drivers', 'gre,vlan,flat') set_parameter(confFile, 'ml2', 'mechanism_drivers', 'openvswitch') # sort the vlan tags to get the smallest and the largest networkVlanRanges = 'external:%d:%d' % (sorted(vlans)[0], sorted(vlans)[-1]) set_parameter(confFile, 'ml2_type_vlan', 'network_vlan_ranges', networkVlanRanges) # Crudini doesn't work with the * character run("sed -i 's/flat_networks = external/flat_networks = */' %s" % confFile) set_parameter(confFile, 'ovs', 'bridge_mappings', 'external:br-vlan') set_parameter(confFile, 'ovs', 'integration_bridge', 'br-int') # TODO: determine whether this should be vlan, gre, or both: # tenant_network_type = type of network a tenant can create # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'vlan') # set_parameter(confFile, 'ovs', 'tenant_network_type' , 'gre,vlan') set_parameter(confFile, 'ovs', 'tenant_network_types', 'gre,vlan') set_parameter(confFile, 'ovs', 'local_ip', env_config.nicDictionary[env.host]['tnlIPADDR']) set_parameter(confFile, 'agent', 'l2_population', 'False')
def setNeutronConf(): # Reference: http://www.opencloudblog.com/?p=630 confFile = configs['neutron'] backupConfFile(confFile, backupSuffix) section = 'DEFAULT' set_parameter(confFile, section, 'max_l3_agents_per_router', '2') set_parameter(confFile, section, 'l3_ha', 'False') set_parameter(confFile, section, 'allow_automatic_l3agent_failover', 'True') set_parameter(confFile, section, 'allow_overlapping_ips', 'True') set_parameter(confFile, section, 'core_plugin', 'ml2') set_parameter(confFile, section, 'service_plugins', 'router') # set_parameter(confFile, section, 'service_plugins', 'router,firewall,lbaas,vpnaas,metering') set_parameter(confFile, section, 'force_gateway_on_subnet', 'True') set_parameter(confFile, section, 'dhcp_options_enabled', 'False') set_parameter(confFile, section, 'dhcp_agents_per_network', '1') set_parameter(confFile, section, 'router_distributed', 'False') set_parameter(confFile, section, 'router_delete_namespaces', 'True') set_parameter(confFile, section, 'check_child_processes', 'True') section = 'securitygroup' set_parameter( confFile, section, 'firewall_driver', 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver' ) set_parameter(confFile, section, 'enable_ipset', 'True') set_parameter(confFile, section, 'enable_security_group', 'True') section = 'agent' set_parameter(confFile, section, 'enable_distributed_routing', 'False') set_parameter(confFile, section, 'dont_fragment', 'True') set_parameter(confFile, section, 'arp_responder', 'False') # Crudini doesn't work when a variable name is setup more than once, as is service_provider, # so for this one we use sed newLine = [ 'service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default' ] run("sed -i \"/\[service_providers\]/a %s\" %s" % (newLine, confFile))
def configure_networking_server_component(): # configure neutron.conf with crudini # make a backup backupConfFile(neutron_conf, backupSuffix) # configure database access parameter = 'mysql://*****:*****@controller/neutron'.format( passwd['NEUTRON_DBPASS']) set_parameter(neutron_conf, 'database', 'connection', parameter) # configure RabbitMQ access set_parameter(neutron_conf, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_password', passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(neutron_conf, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(neutron_conf, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_user', 'neutron') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_password', passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf, 'DEFAULT', 'core_plugin', 'ml2') set_parameter(neutron_conf, 'DEFAULT', 'service_plugins', 'router') set_parameter(neutron_conf, 'DEFAULT', 'allow_overlapping_ips', 'True') # set Neutron to notify Nova of of topology changes # get service tenant id with prefix(env_config.admin_openrc): nova_admin_tenant_id = run( 'keystone tenant-list | grep service | cut -d\| -f2') if nova_admin_tenant_id: # if tenant service doesn't exist, this variable will be empty set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_tenant_id', nova_admin_tenant_id) set_parameter(neutron_conf, 'DEFAULT', 'notify_nova_on_port_status_changes', 'True') set_parameter(neutron_conf, 'DEFAULT', 'notify_nova_on_port_data_changes', 'True') set_parameter(neutron_conf, 'DEFAULT', 'nova_url', 'http://controller:8774/v2') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_auth_url', 'http://controller:35357/v2.0') set_parameter(neutron_conf, 'DEFAULT', 'nova_region_name', 'regionOne') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_username', 'nova') set_parameter(neutron_conf, 'DEFAULT', 'nova_admin_password', passwd['NOVA_PASS']) # turn on verbose logging set_parameter(neutron_conf, 'DEFAULT', 'verbose', 'True') set_parameter(neutron_conf, 'DEFAULT', 'debug', 'True')
def configure_ML2_plugin_general(): # The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual # networking framework for instances. However, the controller node does not need the OVS # components because it does not handle instance network traffic. # make a backup backupConfFile(ml2_conf_file, backupSuffix) # set_parameter(ml2_conf_file,'ml2','type_drivers','flat,gre') set_parameter(ml2_conf_file, 'ml2', 'type_drivers', 'flat,gre,vlan') set_parameter(ml2_conf_file, 'ml2', 'tenant_network_types', 'gre') set_parameter(ml2_conf_file, 'ml2', 'mechanism_drivers', 'openvswitch') set_parameter(ml2_conf_file, 'ml2_type_gre', 'tunnel_id_ranges', '1:1000') set_parameter(ml2_conf_file, 'securitygroup', 'enable_security_group', 'True') set_parameter(ml2_conf_file, 'securitygroup', 'enable_ipset', 'True') set_parameter(ml2_conf_file,'securitygroup','firewall_driver',\ 'neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver')
def configure_networking_server_component(): # configure neutron.conf with crudini # make a backup backupConfFile(neutron_conf, backupSuffix) # configure database access parameter = 'mysql://*****:*****@controller/neutron'.format(passwd['NEUTRON_DBPASS']) set_parameter(neutron_conf,'database','connection',parameter) # configure RabbitMQ access set_parameter(neutron_conf,'DEFAULT','rpc_backend','rabbit') set_parameter(neutron_conf,'DEFAULT','rabbit_host','controller') set_parameter(neutron_conf,'DEFAULT','rabbit_password',passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf,'DEFAULT','auth_strategy','keystone') set_parameter(neutron_conf,'keystone_authtoken','auth_uri','http://controller:5000/v2.0') set_parameter(neutron_conf,'keystone_authtoken','identity_uri','http://controller:35357') set_parameter(neutron_conf,'keystone_authtoken','admin_tenant_name','service') set_parameter(neutron_conf,'keystone_authtoken','admin_user','neutron') set_parameter(neutron_conf,'keystone_authtoken','admin_password',passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf,'DEFAULT','core_plugin','ml2') set_parameter(neutron_conf,'DEFAULT','service_plugins','router') set_parameter(neutron_conf,'DEFAULT','allow_overlapping_ips','True') # set Neutron to notify Nova of of topology changes # get service tenant id with prefix(env_config.admin_openrc): nova_admin_tenant_id = run('keystone tenant-list | grep service | cut -d\| -f2') if nova_admin_tenant_id: # if tenant service doesn't exist, this variable will be empty set_parameter(neutron_conf,'DEFAULT','nova_admin_tenant_id',nova_admin_tenant_id) set_parameter(neutron_conf,'DEFAULT','notify_nova_on_port_status_changes','True') set_parameter(neutron_conf,'DEFAULT','notify_nova_on_port_data_changes','True') set_parameter(neutron_conf,'DEFAULT','nova_url','http://controller:8774/v2') set_parameter(neutron_conf,'DEFAULT','nova_admin_auth_url','http://controller:35357/v2.0') set_parameter(neutron_conf,'DEFAULT','nova_region_name','regionOne') set_parameter(neutron_conf,'DEFAULT','nova_admin_username','nova') set_parameter(neutron_conf,'DEFAULT','nova_admin_password',passwd['NOVA_PASS']) # turn on verbose logging set_parameter(neutron_conf,'DEFAULT','verbose','True') set_parameter(neutron_conf,'DEFAULT','debug','True')
def configure_nova_to_use_neutron(): # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf, 'DEFAULT', 'network_api_class', 'nova.network.neutronv2.api.API') set_parameter(nova_conf, 'DEFAULT', 'security_group_api', 'neutron') set_parameter(nova_conf, 'DEFAULT', 'linuxnet_interface_driver', 'nova.network.linux_net.LinuxOVSInterfaceDriver') set_parameter(nova_conf, 'DEFAULT', 'firewall_driver', 'nova.virt.firewall.NoopFirewallDriver') set_parameter(nova_conf, 'neutron', 'url', 'http://controller:9696') set_parameter(nova_conf, 'neutron', 'auth_strategy', 'keystone') set_parameter(nova_conf, 'neutron', 'admin_auth_url', 'http://controller:35357/v2.0') set_parameter(nova_conf, 'neutron', 'admin_tenant_name', 'service') set_parameter(nova_conf, 'neutron', 'admin_username', 'neutron') set_parameter(nova_conf, 'neutron', 'admin_password', passwd['NEUTRON_PASS'])
def configure_nova_to_use_neutron(): # make a backup backupConfFile(nova_conf, backupSuffix) set_parameter(nova_conf,'DEFAULT','network_api_class','nova.network.neutronv2.api.API') set_parameter(nova_conf,'DEFAULT','security_group_api','neutron') set_parameter(nova_conf,'DEFAULT','linuxnet_interface_driver','nova.network.linux_net.LinuxOVSInterfaceDriver') set_parameter(nova_conf,'DEFAULT','firewall_driver','nova.virt.firewall.NoopFirewallDriver') set_parameter(nova_conf,'neutron','url','http://controller:9696') set_parameter(nova_conf,'neutron','auth_strategy','keystone') set_parameter(nova_conf,'neutron','admin_auth_url','http://controller:35357/v2.0') set_parameter(nova_conf,'neutron','admin_tenant_name','service') set_parameter(nova_conf,'neutron','admin_username','neutron') set_parameter(nova_conf,'neutron','admin_password',passwd['NEUTRON_PASS'])
def configure_the_Networking_common_components(): # make a backup backupConfFile(neutron_conf, backupSuffix) # configure RabbitMQ access set_parameter(neutron_conf, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(neutron_conf, 'DEFAULT', 'rabbit_password', passwd['RABBIT_PASS']) # configure Identity service access set_parameter(neutron_conf, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(neutron_conf, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(neutron_conf, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_user', 'neutron') set_parameter(neutron_conf, 'keystone_authtoken', 'admin_password', passwd['NEUTRON_PASS']) # enable ML2 plugin set_parameter(neutron_conf, 'DEFAULT', 'core_plugin', 'ml2') set_parameter(neutron_conf, 'DEFAULT', 'service_plugins', 'router') set_parameter(neutron_conf, 'DEFAULT', 'allow_overlapping_ips', 'True') set_parameter(neutron_conf, 'DEFAULT', 'verbose', 'True') set_parameter(neutron_conf, 'DEFAULT', 'debug', 'True')
def enableLDAPIdentityDriver(): set_parameter(confFile, 'identity', 'driver', 'keystone.identity.backends.ldap.IDENTITY')
def configure_Layer3_agent(): # make a backup backupConfFile(l3_agent_file, backupSuffix) set_parameter(l3_agent_file, "DEFAULT", "interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(l3_agent_file, "DEFAULT", "use_namespaces", "True") set_parameter(l3_agent_file, "DEFAULT", "external_network_bridge", "br-ex") set_parameter(l3_agent_file, "DEFAULT", "router_delete_namespaces", "True") set_parameter(l3_agent_file, "DEFAULT", "verbose", "True") set_parameter(l3_agent_file, "DEFAULT", "debug", "True")
def configure_DHCP_agent(): # make a backup backupConfFile(dhcp_agent_file, backupSuffix) set_parameter(dhcp_agent_file,"DEFAULT","interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(dhcp_agent_file,"DEFAULT","dhcp_driver", "neutron.agent.linux.dhcp.Dnsmasq") set_parameter(dhcp_agent_file,"DEFAULT","use_namespaces","True") set_parameter(dhcp_agent_file,"DEFAULT","dhcp_delete_namespaces","True") set_parameter(dhcp_agent_file,"DEFAULT","verbose","True") set_parameter(dhcp_agent_file,"DEFAULT","debug","True")
def configure_DHCP_agent(): # make a backup backupConfFile(dhcp_agent_file, backupSuffix) set_parameter(dhcp_agent_file, "DEFAULT", "interface_driver", "neutron.agent.linux.interface.OVSInterfaceDriver") set_parameter(dhcp_agent_file, "DEFAULT", "dhcp_driver", "neutron.agent.linux.dhcp.Dnsmasq") set_parameter(dhcp_agent_file, "DEFAULT", "use_namespaces", "True") set_parameter(dhcp_agent_file, "DEFAULT", "dhcp_delete_namespaces", "True") set_parameter(dhcp_agent_file, "DEFAULT", "verbose", "True") set_parameter(dhcp_agent_file, "DEFAULT", "debug", "True")
def configure_metadata_agent(): # make a backup backupConfFile(metadata_agent_file, backupSuffix) set_parameter(metadata_agent_file,'DEFAULT','auth_url','http://controller:5000/v2.0') set_parameter(metadata_agent_file,'DEFAULT','auth_region','regionOne') set_parameter(metadata_agent_file,'DEFAULT','admin_tenant_name','service') set_parameter(metadata_agent_file,'DEFAULT','admin_user','neutron') set_parameter(metadata_agent_file,'DEFAULT','nova_metadata_ip','controller') set_parameter(metadata_agent_file,'DEFAULT','admin_password',passwd['NEUTRON_PASS']) set_parameter(metadata_agent_file,'DEFAULT','metadata_proxy_shared_secret', passwd['METADATA_SECRET']) set_parameter(metadata_agent_file,'DEFAULT','verbose','True') set_parameter(metadata_agent_file,'DEFAULT','debug','True') execute(configure_metadata_proxy_on_controller)
def configureController(): confFile = '/etc/swift/proxy-server.conf' localFile = 'proxy-server.conf' # proxyServerConf is a config file made based on this model: # https://raw.githubusercontent.com/openstack/swift/stable/juno/etc/proxy-server.conf-sample msg = "Put base {} on controller".format(confFile) out = put(localFile,confFile) if out.succeeded: printMessage('good',msg) else: printMessage('oops',msg) # set parameters set_parameter(confFile,'DEFAULT','bind_port','8080') set_parameter(confFile,'DEFAULT','user','swift') set_parameter(confFile,'DEFAULT','swift_dir','/etc/swift') set_parameter(confFile,'pipeline:main','pipeline',"'authtoken cache healthcheck keystoneauth proxy-logging proxy-server'") set_parameter(confFile,'app:proxy-server','allow_account_management','true') set_parameter(confFile,'app:proxy-server','account_autocreate','true') set_parameter(confFile,'filter:keystoneauth','use','egg:swift#keystoneauth') set_parameter(confFile,'filter:keystoneauth','operator_roles','admin,_member_') set_parameter(confFile,'filter:authtoken','paste.filter_factory','keystonemiddleware.auth_token:filter_factory') set_parameter(confFile,'filter:authtoken','auth_uri','http://controller:5000/v2.0') set_parameter(confFile,'filter:authtoken','identity_uri','http://controller:35357') set_parameter(confFile,'filter:authtoken','admin_tenant_name','service') set_parameter(confFile,'filter:authtoken','admin_user','swift') set_parameter(confFile,'filter:authtoken','admin_password',passwd['SWIFT_PASS']) set_parameter(confFile,'filter:authtoken','delay_auth_decision','true') set_parameter(confFile,'filter:cache','memcache_servers','127.0.0.1:11211')
def setup_nova_config_files_on_controller(): NOVA_PASS = passwd['NOVA_PASS'] NOVA_DBPASS = passwd['NOVA_DBPASS'] RABBIT_PASS = passwd['RABBIT_PASS'] CONTROLLER_MANAGEMENT_IP = env_config.nicDictionary['controller'][ 'mgtIPADDR'] set_parameter(etc_nova_config_file, 'database', 'connection', 'mysql://*****:*****@controller/nova'.format(NOVA_DBPASS)) set_parameter(etc_nova_config_file, 'DEFAULT', 'rpc_backend', 'rabbit') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'rabbit_password', RABBIT_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'auth_strategy', 'keystone') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'auth_uri', 'http://controller:5000/v2.0') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'identity_uri', 'http://controller:35357') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_tenant_name', 'service') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_user', 'nova') set_parameter(etc_nova_config_file, 'keystone_authtoken', 'admin_password', NOVA_PASS) set_parameter(etc_nova_config_file, 'DEFAULT', 'my_ip', CONTROLLER_MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'glance', 'host', 'controller') set_parameter(etc_nova_config_file, 'DEFAULT', 'verbose', 'True') set_parameter(etc_nova_config_file, 'libvirt', 'cpu_mode', 'host-passthrough') if 'ipmi5' in check_output('echo $HOSTNAME', shell=True): # set this parameter if we are not in production mode set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_host', '0.0.0.0') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_port', '6080') set_parameter(etc_nova_config_file, 'DEFAULT', 'novncproxy_base_url', 'http://129.128.208.164:6080/vnc_auto.html') else: set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_listen', CONTROLLER_MANAGEMENT_IP) set_parameter(etc_nova_config_file, 'DEFAULT', 'vncserver_proxyclient_address', CONTROLLER_MANAGEMENT_IP)