Commit 22b9d622 authored by Jan Siersch's avatar Jan Siersch
Browse files

completed script/config move to CentOS 7

- fix: oversights in scripts
- new: used "systemctl" instead of "service"
- new: added "enable" and "disable" to "stack.sh"
parent c2f6d5bf
......@@ -51,8 +51,6 @@ security_group_api = neutron
network_api_class = nova.network.neutronv2.api.API
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
neutron_metadata_proxy_shared_secret = ${METADATA_SECRET}
service_neutron_metadata_proxy = true
# misc
iscsi_helper = tgtadm
......@@ -83,3 +81,7 @@ admin_tenant_name = service
admin_username = neutron
admin_password = ${NEUTRON_PASS}
# metadata
service_metadata_proxy = true
metadata_proxy_shared_secret = ${METADATA_SECRET}
#############
# OpenStack #
#############
[composite:osapi_volume]
use = call:cinder.api:root_app_factory
/: apiversions
/v1: openstack_volume_api_v1
/v2: openstack_volume_api_v2
[composite:openstack_volume_api_v1]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = faultwrap sizelimit noauth apiv1
keystone = faultwrap sizelimit authtoken keystonecontext apiv1
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
[composite:openstack_volume_api_v2]
use = call:cinder.api.middleware.auth:pipeline_factory
noauth = faultwrap sizelimit noauth apiv2
keystone = faultwrap sizelimit authtoken keystonecontext apiv2
keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
[filter:faultwrap]
paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
[filter:noauth]
paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
[filter:sizelimit]
paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
[app:apiv1]
paste.app_factory = cinder.api.v1.router:APIRouter.factory
[app:apiv2]
paste.app_factory = cinder.api.v2.router:APIRouter.factory
[pipeline:apiversions]
pipeline = faultwrap osvolumeversionapp
[app:osvolumeversionapp]
paste.app_factory = cinder.api.versions:Versions.factory
##########
# Shared #
##########
[filter:keystonecontext]
paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
[filter:authtoken]
paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
auth_host=controlnode
auth_port = 35357
auth_protocol = http
admin_tenant_name=service
admin_user=cinder
admin_password=${CINDER_PASS}
[DEFAULT]
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# local paths
state_path = /var/lib/cinder
lock_path = /var/lock/cinder
volumes_dir = /var/lib/cinder/volumes
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
# auth & message queue
auth_strategy = keystone
notification_driver = cinder.openstack.common.notifier.rpc_notifier
rpc_backend = qpid
qpid_hostname = controlnode
qpid_username = guest
qpid_password = ${QPID_PASS}
control_exchange = cinder
# glance
glance_host = controlnode
# volumes
volume_group = vg_cinder
volume_name_template = volume-%s
iscsi_helper = lioadm
# misc
my_ip = ${CONTROLNODE_IP_CTRL}
[database]
connection = mysql://cinder:${CINDER_DBPASS}@controlnode/cinder
[keystone_authtoken]
auth_uri = http://controlnode:5000/v2.0
identity_uri = http://controlnode:35357
admin_tenant_name = service
admin_user = cinder
admin_password = ${CINDER_PASS}
[DEFAULT]
ovs_integration_bridge = br-int
ovs_use_veth = True
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# neutron networking
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
[DEFAULT]
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# neutron networking
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
[DEFAULT]
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# metadata
nova_metadata_ip = controlnode
metadata_proxy_shared_secret = ${METADATA_SECRET}
# keystone configuration deliberately placed in DEFAULT section (according to official guide)
auth_uri = http://controlnode:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = ${NEUTRON_PASS}
......@@ -25,14 +25,14 @@ allow_overlapping_ips = True
agent_down_time = 75
# nova
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controlnode:8774/v2
nova_admin_username = nova
nova_admin_tenant_id = THIS_MUST_BE_SET_LATER
nova_admin_password = ${NOVA_PASS}
nova_admin_auth_url = http://controlnode:35357/v2.0
nova_region_name = regionOne
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_admin_username = nova
nova_admin_tenant_id = TODO_SET_THIS_LATER
nova_admin_password = ${NOVA_PASS}
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
......@@ -51,5 +51,5 @@ admin_password = ${NEUTRON_PASS}
[quotas]
[service_providers]
service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
# DO NOT EDIT
# this file is a placeholder and will be replaced with a softlink to plugin.ini
......@@ -51,8 +51,6 @@ security_group_api = neutron
network_api_class = nova.network.neutronv2.api.API
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
neutron_metadata_proxy_shared_secret = ${METADATA_SECRET}
service_neutron_metadata_proxy = true
# misc
iscsi_helper = tgtadm
......@@ -83,3 +81,7 @@ admin_tenant_name = service
admin_username = neutron
admin_password = ${NEUTRON_PASS}
# metadata
service_metadata_proxy = true
metadata_proxy_shared_secret = ${METADATA_SECRET}
......@@ -26,4 +26,3 @@ paste.app_factory = neutron.api.versions:Versions.factory
[app:neutronapiapp_v2_0]
paste.app_factory = neutron.api.v2.router:APIRouter.factory
[DEFAULT]
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# neutron networking
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
verbose = True
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
debug = True
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# neutron networking
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
[DEFAULT]
auth_url = http://controlnode:5000/v2.0
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# metadata
nova_metadata_ip = controlnode
metadata_proxy_shared_secret = ${METADATA_SECRET}
# keystone configuration deliberately placed in DEFAULT section (according to official guide)
auth_uri = http://controlnode:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = ${NEUTRON_PASS}
nova_metadata_ip = controlnode
metadata_proxy_shared_secret = ${METADATA_SECRET}
verbose = True
[DEFAULT]
state_path = /var/lib/neutron/
lock_path = /var/lock/neutron/
# logging
verbose = True
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# local paths
state_path = /var/lib/neutron
lock_path = /var/lock/neutron
api_paste_confg = /etc/neutron/api-paste.ini
# auth & message queue
auth_strategy = keystone
rpc_backend = neutron.openstack.common.rpc.impl_qpid
notification_driver = neutron.openstack.common.notifier.rpc_notifier
rpc_backend = qpid
qpid_hostname = controlnode
qpid_username = guest
qpid_password = ${QPID_PASS}
# plugins & drivers
core_plugin = ml2
service_plugins = router
verbose = True
debug = True
api_paste_config = /etc/neutron/api-paste.ini
[quotas]
allow_overlapping_ips = True
agent_down_time = 75
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
report_interval = 5
[database]
connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
[keystone_authtoken]
auth_uri = http://controlnode:5000
auth_host = controlnode
auth_protocol = http
auth_port = 35357
auth_uri = http://controlnode:5000/v2.0
identity_uri = http://controlnode:35357
admin_tenant_name = service
admin_user = neutron
admin_password = ${NEUTRON_PASS}
[database]
connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
[quotas]
[service_providers]
service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
[ml2]
type_drivers = vlan
tenant_network_types = vlan
mechanism_drivers = opendaylight,openvswitch
mechanism_drivers = openvswitch
[ml2_type_flat]
[ml2_type_gre]
[ml2_type_vlan]
network_vlan_ranges = physnet1:${SDN_VLAN_RANGES}
tenant_network_type = vlan
bridge_mappings = physnet1:br-data
enable_tunneling = false
[ml2_type_gre]
[ml2_type_vxlan]
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = True
[ml2_odl]
url = http://${SDNCONTROL_IP_CTRL}:8080/controller/nb/v2/neutron
username = admin
......@@ -26,6 +22,11 @@ password = admin
session_timeout = 30
timeout = 10
[securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
enable_tunneling = false
tenant_network_type = vlan
......@@ -40,6 +41,3 @@ tenant_network_type = vlan
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[database]
connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
# DO NOT EDIT
# this file is a placeholder and will be replaced with a softlink to plugin.ini
[DEFAULT]
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
iscsi_helper = tgtadm
volume_name_template = volume-%s
volume_group = vg_cinder
# logging
verbose = True
auth_strategy = keystone
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
# local paths
state_path = /var/lib/cinder
lock_path = /var/lock/cinder
volumes_dir = /var/lib/cinder/volumes
rootwrap_config = /etc/cinder/rootwrap.conf
api_paste_confg = /etc/cinder/api-paste.ini
# auth & message queue
auth_strategy = keystone
notification_driver = cinder.openstack.common.notifier.rpc_notifier
rpc_backend = qpid
glance_host = controlnode
qpid_hostname = controlnode
qpid_username = guest
qpid_password = ${QPID_PASS}
debug = True
use_syslog = True
syslog_log_facility = LOG_LOCAL0
control_exchange = cinder
notification_driver = cinder.openstack.common.notifier.rpc_notifier
# glance
glance_host = controlnode
# volumes
volume_group = vg_cinder
volume_name_template = volume-%s
iscsi_helper = lioadm
# misc
my_ip = ${STORAGENODE_IP_CTRL}
[database]
connection = mysql://cinder:${CINDER_DBPASS}@controlnode/cinder
[keystone_authtoken]
auth_uri = http://controlnode:5000
auth_host = controlnode
auth_protocol = http
auth_port = 35357
admin_user = cinder
auth_uri = http://controlnode:5000/v2.0
identity_uri = http://controlnode:35357
admin_tenant_name = service
admin_user = cinder
admin_password = ${CINDER_PASS}
#!/bin/bash
usage="usage: $0 [status|start|stop|restart|enable|disable]"
if (( $# != 1 )); then
echo "usage: $0 [status|start|stop|restart]";
echo "$usage";
exit 1;
fi
doStop=false;
doStart=false;
doStatus=false;
doEnable=false;
doDisable=false;
if [ "$1" == "status" ]; then
if [ "$1" == "status" ]; then
doStatus=true;
elif [ "$1" == "start" ]; then
elif [ "$1" == "start" ]; then
doStart=true;
elif [ "$1" == "stop" ]; then
doStop=true;
elif [ "$1" == "restart" ]; then
doStart=true;
doStop=true;
elif [ "$1" == "enable" ]; then
doEnable=true;
elif [ "$1" == "disable" ]; then
doDisable=true;
else
echo "usage: $0 [status|start|stop|restart]";
echo "$usage";
exit 1;
fi
# services in starting order
arr=()
arr+=(openvswitch)
arr+=(libvirtd)
arr+=(messagebus)
arr+=(neutron-openvswitch-agent)
arr+=(openstack-nova-compute)
arr+=(openstack-ceilometer-compute)
arr+=(openvswitch.service)
arr+=(libvirtd.service)
arr+=(target.service)
arr+=(openstack-cinder-volume.service)
arr+=(neutron-openvswitch-agent.service)
arr+=(openstack-nova-compute.service)
if $doStatus; then
for i in ${arr[*]}; do
service "$i" status;
systemctl status "$i";
done
fi
if $doStop; then
# stop in reverse order
for i in $(echo ${arr[@]} | tr " " "\n" | tac - | tr "\n" " "); do
service "$i" stop;
systemctl stop "$i";
done
fi
if $doStart; then
for i in ${arr[*]}; do
service "$i" start;
systemctl start "$i";
done
fi
if $doEnable; then
for i in ${arr[*]}; do
systemctl enable "$i";
done
fi
if $doDisable; then
# disable in reverse order
for i in $(echo ${arr[@]} | tr " " "\n" | tac - | tr "\n" " "); do
systemctl disable "$i";
done
fi
......@@ -214,6 +214,7 @@ if [[ $doInstallNeutron == true ]]; then
# pointing to the ML2 plug-in configuration file. Run the following commands to resolve this issue:
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' "/usr/lib/systemd/system/neutron-openvswitch-agent.service"
# start openvswitch for bridge configuration
systemctl enable openvswitch.service
systemctl start openvswitch.service
......@@ -227,7 +228,7 @@ if [[ $doInstallNeutron == true ]]; then
# restart neutron and nova
systemctl restart openstack-nova-compute.service
systemctl enable neutron-openvswitch-agent.service
systemctl start neutron-openvswitch-agent.service
systemctl restart neutron-openvswitch-agent.service
fi
if [[ $doInstallCinder == true ]]; then
......
#!/bin/bash
usage="usage: $0 [status|start|stop|restart|enable|disable]"
if (( $# != 1 )); then
echo "usage: $0 [status|start|stop|restart]";
echo "$usage";
exit 1;
fi
doStop=false;
doStart=false;
doStatus=false;
doEnable=false;
doDisable=false;
if [ "$1" == "status" ]; then
if [ "$1" == "status" ]; then
doStatus=true;
elif [ "$1" == "start" ]; then
elif [ "$1" == "start" ]; then
doStart=true;
elif [ "$1" == "stop" ]; then
doStop=true;
elif [ "$1" == "restart" ]; then
doStart=true;
doStop=true;
elif [ "$1" == "enable" ]; then
doEnable=true;
elif [ "$1" == "disable" ]; then
doDisable=true;
else
echo "usage: $0 [status|start|stop|restart]";
echo "$usage";
exit 1;
fi
# services in starting order
arr=()
arr+=(qpidd)
arr+=(httpd)
arr+=(memcached)
arr+=(mongod)
arr+=(mysqld)
arr+=(openstack-keystone)
arr+=(neutron-server)
arr+=(openstack-ceilometer-alarm-evaluator)