completed script/config move to CentOS 7

- fix: oversights in scripts
- new: used "systemctl" instead of "service"
- new: added "enable" and "disable" to "stack.sh"

config/computenode/etc/nova/nova.conf

@@ -51,8 +51,6 @@ security_group_api = neutron
 network_api_class = nova.network.neutronv2.api.API
 linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
 firewall_driver = nova.virt.firewall.NoopFirewallDriver
-neutron_metadata_proxy_shared_secret = ${METADATA_SECRET}
-service_neutron_metadata_proxy = true
 
 # misc
 iscsi_helper = tgtadm
@@ -83,3 +81,7 @@ admin_tenant_name = service
 admin_username = neutron
 admin_password = ${NEUTRON_PASS}
 
+# metadata
+service_metadata_proxy = true
+metadata_proxy_shared_secret = ${METADATA_SECRET}
+

config/controlnode/etc/cinder/api-paste.ini

+#############
+# OpenStack #
+#############
+
+[composite:osapi_volume]
+use = call:cinder.api:root_app_factory
+/: apiversions
+/v1: openstack_volume_api_v1
+/v2: openstack_volume_api_v2
+
+[composite:openstack_volume_api_v1]
+use = call:cinder.api.middleware.auth:pipeline_factory
+noauth = faultwrap sizelimit noauth apiv1
+keystone = faultwrap sizelimit authtoken keystonecontext apiv1
+keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1
+
+[composite:openstack_volume_api_v2]
+use = call:cinder.api.middleware.auth:pipeline_factory
+noauth = faultwrap sizelimit noauth apiv2
+keystone = faultwrap sizelimit authtoken keystonecontext apiv2
+keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2
+
+[filter:faultwrap]
+paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory
+
+[filter:noauth]
+paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory
+
+[filter:sizelimit]
+paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory
+
+[app:apiv1]
+paste.app_factory = cinder.api.v1.router:APIRouter.factory
+
+[app:apiv2]
+paste.app_factory = cinder.api.v2.router:APIRouter.factory
+
+[pipeline:apiversions]
+pipeline = faultwrap osvolumeversionapp
+
+[app:osvolumeversionapp]
+paste.app_factory = cinder.api.versions:Versions.factory
+
+##########
+# Shared #
+##########
+
+[filter:keystonecontext]
+paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory
+
+[filter:authtoken]
+paste.filter_factory=keystoneclient.middleware.auth_token:filter_factory
+auth_host=controlnode
+auth_port = 35357
+auth_protocol = http
+admin_tenant_name=service
+admin_user=cinder
+admin_password=${CINDER_PASS}
+

config/controlnode/etc/cinder/cinder.conf

+[DEFAULT]
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# local paths
+state_path = /var/lib/cinder
+lock_path = /var/lock/cinder
+volumes_dir = /var/lib/cinder/volumes
+rootwrap_config = /etc/cinder/rootwrap.conf
+api_paste_confg = /etc/cinder/api-paste.ini
+
+# auth & message queue
+auth_strategy = keystone
+notification_driver = cinder.openstack.common.notifier.rpc_notifier
+rpc_backend = qpid
+qpid_hostname = controlnode
+qpid_username = guest
+qpid_password = ${QPID_PASS}
+control_exchange = cinder
+
+# glance
+glance_host = controlnode
+
+# volumes
+volume_group = vg_cinder
+volume_name_template = volume-%s
+iscsi_helper = lioadm
+
+# misc
+my_ip = ${CONTROLNODE_IP_CTRL}
+
+[database]
+connection = mysql://cinder:${CINDER_DBPASS}@controlnode/cinder
+
+[keystone_authtoken]
+auth_uri = http://controlnode:5000/v2.0
+identity_uri = http://controlnode:35357
+admin_tenant_name = service
+admin_user = cinder
+admin_password = ${CINDER_PASS}
+

config/controlnode/etc/neutron/dhcp_agent.ini

 [DEFAULT]
-ovs_integration_bridge = br-int
-ovs_use_veth = True
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# neutron networking
+interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
+use_namespaces = True
+dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
 

config/controlnode/etc/neutron/l3_agent.ini

+[DEFAULT]
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# neutron networking
+interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+use_namespaces = True
+external_network_bridge = br-ex
+

config/controlnode/etc/neutron/metadata_agent.ini

+[DEFAULT]
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# metadata
+nova_metadata_ip = controlnode
+metadata_proxy_shared_secret = ${METADATA_SECRET}
+
+# keystone configuration deliberately placed in DEFAULT section (according to official guide)
+auth_uri = http://controlnode:5000/v2.0
+auth_region = regionOne
+admin_tenant_name = service
+admin_user = neutron
+admin_password = ${NEUTRON_PASS}
+

config/controlnode/etc/neutron/neutron.conf

@@ -25,14 +25,14 @@ allow_overlapping_ips = True
 agent_down_time = 75
 
 # nova
+notify_nova_on_port_status_changes = True
+notify_nova_on_port_data_changes = True
 nova_url = http://controlnode:8774/v2
-nova_admin_username = nova
-nova_admin_tenant_id = THIS_MUST_BE_SET_LATER
-nova_admin_password = ${NOVA_PASS}
 nova_admin_auth_url = http://controlnode:35357/v2.0
 nova_region_name = regionOne
-notify_nova_on_port_status_changes = True
-notify_nova_on_port_data_changes = True
+nova_admin_username = nova
+nova_admin_tenant_id = TODO_SET_THIS_LATER
+nova_admin_password = ${NOVA_PASS}
 
 [agent]
 root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
@@ -51,5 +51,5 @@ admin_password = ${NEUTRON_PASS}
 [quotas]
 
 [service_providers]
-service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
+service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
 

config/controlnode/etc/neutron/plugins/ryu/ryu.ini

+# DO NOT EDIT
+# this file is a placeholder and will be replaced with a softlink to plugin.ini

config/controlnode/etc/nova/nova.conf

@@ -51,8 +51,6 @@ security_group_api = neutron
 network_api_class = nova.network.neutronv2.api.API
 linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
 firewall_driver = nova.virt.firewall.NoopFirewallDriver
-neutron_metadata_proxy_shared_secret = ${METADATA_SECRET}
-service_neutron_metadata_proxy = true
 
 # misc
 iscsi_helper = tgtadm
@@ -83,3 +81,7 @@ admin_tenant_name = service
 admin_username = neutron
 admin_password = ${NEUTRON_PASS}
 
+# metadata
+service_metadata_proxy = true
+metadata_proxy_shared_secret = ${METADATA_SECRET}
+

config/networknode/etc/neutron/api-paste.ini

@@ -26,4 +26,3 @@ paste.app_factory = neutron.api.versions:Versions.factory
 
 [app:neutronapiapp_v2_0]
 paste.app_factory = neutron.api.v2.router:APIRouter.factory
-

config/networknode/etc/neutron/dhcp_agent.ini

 [DEFAULT]
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# neutron networking
 interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
 dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
 use_namespaces = True
-verbose = True
 dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
-debug = True
 

config/networknode/etc/neutron/l3_agent.ini

 [DEFAULT]
-interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
-use_namespaces = True
+# logging
 verbose = True
 debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# neutron networking
+interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
+use_namespaces = True
+external_network_bridge = br-ex
 

config/networknode/etc/neutron/metadata_agent.ini

 [DEFAULT]
-auth_url = http://controlnode:5000/v2.0
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# metadata
+nova_metadata_ip = controlnode
+metadata_proxy_shared_secret = ${METADATA_SECRET}
+
+# keystone configuration deliberately placed in DEFAULT section (according to official guide)
+auth_uri = http://controlnode:5000/v2.0
 auth_region = regionOne
 admin_tenant_name = service
 admin_user = neutron
 admin_password = ${NEUTRON_PASS}
-nova_metadata_ip = controlnode
-metadata_proxy_shared_secret = ${METADATA_SECRET}
-verbose = True
 

config/networknode/etc/neutron/neutron.conf

 [DEFAULT]
-state_path = /var/lib/neutron/
-lock_path = /var/lock/neutron/
+# logging
+verbose = True
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# local paths
+state_path = /var/lib/neutron
+lock_path = /var/lock/neutron
+api_paste_confg = /etc/neutron/api-paste.ini
+
+# auth & message queue
 auth_strategy = keystone
-rpc_backend = neutron.openstack.common.rpc.impl_qpid
+notification_driver = neutron.openstack.common.notifier.rpc_notifier
+rpc_backend = qpid
 qpid_hostname = controlnode
 qpid_username = guest
 qpid_password = ${QPID_PASS}
+
+# plugins & drivers
 core_plugin = ml2
 service_plugins = router
-verbose = True
-debug = True
-api_paste_config = /etc/neutron/api-paste.ini
-
-[quotas]
+allow_overlapping_ips = True
+agent_down_time = 75
 
 [agent]
 root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
 report_interval = 5
 
+[database]
+connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
+
 [keystone_authtoken]
-auth_uri = http://controlnode:5000
-auth_host = controlnode
-auth_protocol = http
-auth_port = 35357
+auth_uri = http://controlnode:5000/v2.0
+identity_uri = http://controlnode:35357
 admin_tenant_name = service
 admin_user = neutron
 admin_password = ${NEUTRON_PASS}
 
-[database]
-connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
+[quotas]
 
 [service_providers]
-service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
+service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
 

config/networknode/etc/neutron/plugin.ini

 [ml2]
 type_drivers = vlan
 tenant_network_types = vlan
-mechanism_drivers = opendaylight,openvswitch
+mechanism_drivers = openvswitch
 
 [ml2_type_flat]
 
+[ml2_type_gre]
+
 [ml2_type_vlan]
 network_vlan_ranges = physnet1:${SDN_VLAN_RANGES}
 tenant_network_type = vlan
 bridge_mappings = physnet1:br-data
 enable_tunneling = false
 
-[ml2_type_gre]
-
 [ml2_type_vxlan]
 
-[securitygroup]
-firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
-enable_security_group = True
-
 [ml2_odl]
 url = http://${SDNCONTROL_IP_CTRL}:8080/controller/nb/v2/neutron
 username = admin
@@ -26,6 +22,11 @@ password = admin
 session_timeout = 30
 timeout = 10
 
+[securitygroup]
+enable_security_group = True
+enable_ipset = True
+firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
+
 [ovs]
 enable_tunneling = false
 tenant_network_type = vlan
@@ -40,6 +41,3 @@ tenant_network_type = vlan
 [agent]
 root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
 
-[database]
-connection = mysql://neutron:${NEUTRON_DBPASS}@controlnode/neutron
-

config/networknode/etc/neutron/plugins/ryu/ryu.ini

+# DO NOT EDIT
+# this file is a placeholder and will be replaced with a softlink to plugin.ini

config/storagenode/etc/cinder/cinder.conf

 [DEFAULT]
-rootwrap_config = /etc/cinder/rootwrap.conf
-api_paste_confg = /etc/cinder/api-paste.ini
-iscsi_helper = tgtadm
-volume_name_template = volume-%s
-volume_group = vg_cinder
+# logging
 verbose = True
-auth_strategy = keystone
+debug = True
+use_syslog = True
+syslog_log_facility = LOG_LOCAL0
+
+# local paths
 state_path = /var/lib/cinder
 lock_path = /var/lock/cinder
 volumes_dir = /var/lib/cinder/volumes
+rootwrap_config = /etc/cinder/rootwrap.conf
+api_paste_confg = /etc/cinder/api-paste.ini
 
+# auth & message queue
+auth_strategy = keystone
+notification_driver = cinder.openstack.common.notifier.rpc_notifier
 rpc_backend = qpid
-
-glance_host = controlnode
 qpid_hostname = controlnode
 qpid_username = guest
 qpid_password = ${QPID_PASS}
-debug = True
-use_syslog = True
-syslog_log_facility = LOG_LOCAL0
 control_exchange = cinder
-notification_driver = cinder.openstack.common.notifier.rpc_notifier
+
+# glance
+glance_host = controlnode
+
+# volumes
+volume_group = vg_cinder
+volume_name_template = volume-%s
+iscsi_helper = lioadm
+
+# misc
+my_ip = ${STORAGENODE_IP_CTRL}
 
 [database]
 connection = mysql://cinder:${CINDER_DBPASS}@controlnode/cinder
 
 [keystone_authtoken]
-auth_uri = http://controlnode:5000
-auth_host = controlnode
-auth_protocol = http
-auth_port = 35357
-admin_user = cinder
+auth_uri = http://controlnode:5000/v2.0
+identity_uri = http://controlnode:35357
 admin_tenant_name = service
+admin_user = cinder
 admin_password = ${CINDER_PASS}
 

installation/computenode/stack.sh

 #!/bin/bash
 
+usage="usage: $0 [status|start|stop|restart|enable|disable]"
+
 if (( $# != 1 )); then
-	echo "usage: $0 [status|start|stop|restart]";
+	echo "$usage";
 	exit 1;
 fi
 
 doStop=false;
 doStart=false;
 doStatus=false;
+doEnable=false;
+doDisable=false;
 
-if [ "$1" == "status" ]; then
+if   [ "$1" == "status"  ]; then
 	doStatus=true;
-elif   [ "$1" == "start"   ]; then
+elif [ "$1" == "start"   ]; then
 	doStart=true;
 elif [ "$1" == "stop"    ]; then
 	doStop=true;
 elif [ "$1" == "restart" ]; then
 	doStart=true;
 	doStop=true;
+elif [ "$1" == "enable"  ]; then
+	doEnable=true;
+elif [ "$1" == "disable" ]; then
+	doDisable=true;
 else
-	echo "usage: $0 [status|start|stop|restart]";
+	echo "$usage";
 	exit 1;
 fi
 
+# services in starting order
 arr=()
-arr+=(openvswitch)
-arr+=(libvirtd)
-arr+=(messagebus)
-arr+=(neutron-openvswitch-agent)
-arr+=(openstack-nova-compute)
-arr+=(openstack-ceilometer-compute)
+arr+=(openvswitch.service)
+arr+=(libvirtd.service)
+arr+=(target.service)
+arr+=(openstack-cinder-volume.service)
+arr+=(neutron-openvswitch-agent.service)
+arr+=(openstack-nova-compute.service)
 
 if $doStatus; then
 	for i in ${arr[*]}; do
-		service "$i" status;
+		systemctl status  "$i";
 	done
 fi
 
 if $doStop; then
+	# stop in reverse order
 	for i in $(echo ${arr[@]} | tr " " "\n" | tac  - | tr "\n" " "); do
-		service "$i" stop;
+		systemctl stop    "$i";
 	done
 fi
 
 if $doStart; then
 	for i in ${arr[*]}; do
-		service "$i" start;
+		systemctl start   "$i";
+	done
+fi
+
+if $doEnable; then
+	for i in ${arr[*]}; do
+		systemctl enable  "$i";
+	done
+fi
+
+if $doDisable; then
+	# disable in reverse order
+	for i in $(echo ${arr[@]} | tr " " "\n" | tac  - | tr "\n" " "); do
+		systemctl disable "$i";
 	done
 fi

installation/computenode/sub-install.sh

@@ -214,6 +214,7 @@ if [[ $doInstallNeutron == true ]]; then
 	# pointing to the ML2 plug-in configuration file. Run the following commands to resolve this issue:
 	sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' "/usr/lib/systemd/system/neutron-openvswitch-agent.service"
 	
+	# start openvswitch for bridge configuration
 	systemctl enable openvswitch.service
 	systemctl start  openvswitch.service
 	
@@ -227,7 +228,7 @@ if [[ $doInstallNeutron == true ]]; then
 	# restart neutron and nova
 	systemctl restart openstack-nova-compute.service
 	systemctl enable  neutron-openvswitch-agent.service
-	systemctl start   neutron-openvswitch-agent.service
+	systemctl restart neutron-openvswitch-agent.service
 fi
 
 if [[ $doInstallCinder == true ]]; then

installation/controlnode/stack.sh

 #!/bin/bash
 
+usage="usage: $0 [status|start|stop|restart|enable|disable]"
+
 if (( $# != 1 )); then
-	echo "usage: $0 [status|start|stop|restart]";
+	echo "$usage";
 	exit 1;
 fi
 
 doStop=false;
 doStart=false;
 doStatus=false;
+doEnable=false;
+doDisable=false;
 
-if [ "$1" == "status" ]; then
+if   [ "$1" == "status"  ]; then
 	doStatus=true;
-elif   [ "$1" == "start"   ]; then
+elif [ "$1" == "start"   ]; then
 	doStart=true;
 elif [ "$1" == "stop"    ]; then
 	doStop=true;
 elif [ "$1" == "restart" ]; then
 	doStart=true;
 	doStop=true;
+elif [ "$1" == "enable"  ]; then
+	doEnable=true;
+elif [ "$1" == "disable" ]; then
+	doDisable=true;
 else
-	echo "usage: $0 [status|start|stop|restart]";
+	echo "$usage";
 	exit 1;
 fi
 
+# services in starting order
 arr=()
-arr+=(qpidd)
-arr+=(httpd)
-arr+=(memcached)
-arr+=(mongod)
-arr+=(mysqld)
-arr+=(openstack-keystone)
-arr+=(neutron-server)
-arr+=(openstack-ceilometer-alarm-evaluator)