diff --git a/README.md b/README.md index 295c5334d..74091615b 100644 --- a/README.md +++ b/README.md @@ -1,9 +1,18 @@ Image building tools for Openstack ================================== -These tools are the components of tripleo (https://github.com/tripleo/incubator) -that do the plumbing involved in building disk images. Specific configs live -in the incubator repository, while the reusable tools live here. +These tools are the components of TripleO (https://github.com/tripleo/incubator) +umbrella project that do the plumbing involved in building disk images. + +This repository has the core functionality for building disk images, file +system images and ramdisk images for use with OpenStack (both virtual and bare +metal). The core functionality includes the various operating system specific +modules for disk/filesystem images, and deployment and hardware inventory +ramdisks. + +The TripleO project also develops elements that can be used to deploy +OpenStack itself. These live in the TripleO elements repository +(https://github.com/stackforge/tripleo-image-elements). What tools are there? --------------------- diff --git a/docs/ci.md b/docs/ci.md index a1159e14d..c3cb18b45 100644 --- a/docs/ci.md +++ b/docs/ci.md @@ -14,42 +14,18 @@ Jenkins * Grant jenkin builders sudo [may want lxc containers or cloud instances for security isolation] * Jobs to build: - * bootstrap VM from-scratch (archive bootstrap.qcow2). + * base ubuntu VM. - disk-image-create vm base devstack -o bootstrap -a i386 + disk-image-create vm base -o base -a i386 - * devstack nova-bm execution (archive the resulting image). - Chained off of the bootstrap vm build - - ssh into the node, run demo/scripts/demo - - * bootstrap VM via image-build chain (archive bm-cloud.qcow2). - - disk-image-create vm base glance nova-bm swift mysql haproxy-api \ - haproxy-mysql cinder quantum rabbitmq -o bootstrap-prod - - * baremetal SPOF node build (archive the resulting image). - - disk-image-create base mysql haproxy-mysql haproxy-api local-boot \ - rabbitmq -o baremetal-spof - - * baremetal demo node build (archive the resulting image). - - disk-image-create base vm glance nova-bm swift cinder quantum \ - -o bootstrap-prod - - * ramdisk deploy image buil + * ramdisk deploy image build ramdisk-image-create deploy - * Tempest w/baremetal using libvirt networking as the power API. - take a bootstrap baremetal devstack from above, N VM 'bare metal' nodes, - and run tempest in that environment. - Copyright ========= -Copyright 2012 Hewlett-Packard Development Company, L.P. +Copyright 2012, 2013 Hewlett-Packard Development Company, L.P. Copyright (c) 2012 NTT DOCOMO, INC. All Rights Reserved. diff --git a/elements/cinder-config/config/etc/cinder/api-paste.ini b/elements/cinder-config/config/etc/cinder/api-paste.ini deleted file mode 100644 index 21c6ba294..000000000 --- a/elements/cinder-config/config/etc/cinder/api-paste.ini +++ /dev/null @@ -1,61 +0,0 @@ -############# -# OpenStack # -############# - -[composite:osapi_volume] -use = call:cinder.api:root_app_factory -/: apiversions -/v1: openstack_volume_api_v1 -/v2: openstack_volume_api_v2 - -[composite:openstack_volume_api_v1] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv1 -keystone = faultwrap sizelimit authtoken keystonecontext apiv1 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv1 - -[composite:openstack_volume_api_v2] -use = call:cinder.api.middleware.auth:pipeline_factory -noauth = faultwrap sizelimit noauth apiv2 -keystone = faultwrap sizelimit authtoken keystonecontext apiv2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext apiv2 - -[filter:faultwrap] -paste.filter_factory = cinder.api.middleware.fault:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = cinder.api.middleware.auth:NoAuthMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = cinder.api.middleware.sizelimit:RequestBodySizeLimiter.factory - -[app:apiv1] -paste.app_factory = cinder.api.v1.router:APIRouter.factory - -[app:apiv2] -paste.app_factory = cinder.api.v2.router:APIRouter.factory - -[pipeline:apiversions] -pipeline = faultwrap osvolumeversionapp - -[app:osvolumeversionapp] -paste.app_factory = cinder.api.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = cinder.api.middleware.auth:CinderKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -service_protocol = http -service_host = {{keystone.host}} -service_port = 5000 -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -admin_tenant_name = service -admin_user = cinder -admin_password = {{service-password}} diff --git a/elements/cinder-config/config/etc/cinder/cinder.conf b/elements/cinder-config/config/etc/cinder/cinder.conf deleted file mode 100644 index 77f8b17ab..000000000 --- a/elements/cinder-config/config/etc/cinder/cinder.conf +++ /dev/null @@ -1,20 +0,0 @@ -[DEFAULT] -debug = True - -state_path = /var/run/cinder - -rootwrap_config=/etc/cinder/rootwrap.conf -api_paste_config = /etc/cinder/api-paste.ini - -iscsi_helper=tgtadm -volume_name_template = volume-%s -volume_group = cinder-volumes -verbose = True -auth_strategy = keystone - -sql_connection={{cinder.db}} - -rabbit_host = {{rabbit.host}} -rabbit_port = 5672 -rabbit_userid = {{rabbit.user}} -rabbit_password = {{rabbit.password}} diff --git a/elements/cinder-config/config/etc/cinder/policy.json b/elements/cinder-config/config/etc/cinder/policy.json deleted file mode 100644 index a4fd911f3..000000000 --- a/elements/cinder-config/config/etc/cinder/policy.json +++ /dev/null @@ -1,34 +0,0 @@ -{ - "context_is_admin": [["role:admin"]], - "admin_or_owner": [["is_admin:True"], ["project_id:%(project_id)s"]], - "default": [["rule:admin_or_owner"]], - - "admin_api": [["is_admin:True"]], - - "volume:create": [], - "volume:get_all": [], - "volume:get_volume_metadata": [], - "volume:get_snapshot": [], - "volume:get_all_snapshots": [], - - "volume_extension:types_manage": [["rule:admin_api"]], - "volume_extension:types_extra_specs": [["rule:admin_api"]], - "volume_extension:extended_snapshot_attributes": [], - "volume_extension:volume_image_metadata": [], - - "volume_extension:quotas:show": [], - "volume_extension:quotas:update_for_project": [["rule:admin_api"]], - "volume_extension:quotas:update_for_user": [["rule:admin_or_projectadmin"]], - "volume_extension:quota_classes": [], - - "volume_extension:volume_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:reset_status": [["rule:admin_api"]], - "volume_extension:volume_admin_actions:force_delete": [["rule:admin_api"]], - "volume_extension:snapshot_admin_actions:force_delete": [["rule:admin_api"]], - - "volume_extension:volume_host_attribute": [["rule:admin_api"]], - "volume_extension:volume_tenant_attribute": [["rule:admin_api"]], - "volume_extension:hosts": [["rule:admin_api"]], - "volume_extension:services": [["rule:admin_api"]], - "volume:services": [["rule:admin_api"]] -} diff --git a/elements/cinder-config/config/etc/cinder/rootwrap.conf b/elements/cinder-config/config/etc/cinder/rootwrap.conf deleted file mode 100644 index dfa8a99cc..000000000 --- a/elements/cinder-config/config/etc/cinder/rootwrap.conf +++ /dev/null @@ -1,27 +0,0 @@ -# Configuration for cinder-rootwrap -# This file should be owned by (and only-writeable by) the root user - -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/cinder/rootwrap.d,/usr/share/cinder/rootwrap - -# List of directories to search executables in, in case filters do not -# explicitely specify a full path (separated by ',') -# If not specified, defaults to system PATH environment variable. -# These directories MUST all be only writeable by root ! -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin - -# Enable logging to syslog -# Default value is False -use_syslog=False - -# Which syslog facility to use. -# Valid values include auth, authpriv, syslog, user0, user1... -# Default value is 'syslog' -syslog_log_facility=syslog - -# Which messages to log. -# INFO means log all usage -# ERROR means only log unsuccessful attempts -syslog_log_level=ERROR diff --git a/elements/cinder-config/config/etc/cinder/rootwrap.d/volume.filters b/elements/cinder-config/config/etc/cinder/rootwrap.d/volume.filters deleted file mode 100644 index a51cad891..000000000 --- a/elements/cinder-config/config/etc/cinder/rootwrap.d/volume.filters +++ /dev/null @@ -1,55 +0,0 @@ -# cinder-rootwrap command filters for volume nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# cinder/volume/iscsi.py: iscsi_helper '--op' ... -ietadm: CommandFilter, /usr/sbin/ietadm, root -tgtadm: CommandFilter, /usr/sbin/tgtadm, root -tgt-admin: CommandFilter, /usr/sbin/tgt-admin, root - -# cinder/volume/driver.py: 'vgs', '--noheadings', '-o', 'name' -vgs: CommandFilter, /sbin/vgs, root - -# cinder/volume/driver.py: 'lvcreate', '-L', sizestr, '-n', volume_name,.. -# cinder/volume/driver.py: 'lvcreate', '-L', ... -lvcreate: CommandFilter, /sbin/lvcreate, root - -# cinder/volume/driver.py: 'dd', 'if=%s' % srcstr, 'of=%s' % deststr,... -dd: CommandFilter, /bin/dd, root - -# cinder/volume/driver.py: 'lvremove', '-f', %s/%s % ... -lvremove: CommandFilter, /sbin/lvremove, root - -# cinder/volume/driver.py: 'lvdisplay', '--noheading', '-C', '-o', 'Attr',.. -lvdisplay: CommandFilter, /sbin/lvdisplay, root - -# cinder/volume/driver.py: 'iscsiadm', '-m', 'discovery', '-t',... -# cinder/volume/driver.py: 'iscsiadm', '-m', 'node', '-T', ... -iscsiadm: CommandFilter, /sbin/iscsiadm, root -iscsiadm_usr: CommandFilter, /usr/bin/iscsiadm, root - -# cinder/volume/drivers/lvm.py: 'shred', '-n3' -# cinder/volume/drivers/lvm.py: 'shred', '-n0', '-z', '-s%dMiB' -shred: CommandFilter, /usr/bin/shred, root - -#cinder/volume/.py: utils.temporary_chown(path, 0), ... -chown: CommandFilter, /bin/chown, root - -# cinder/volume/driver.py -dmsetup: CommandFilter, /sbin/dmsetup, root -dmsetup_usr: CommandFilter, /usr/sbin/dmsetup, root -ln: CommandFilter, /bin/ln, root -qemu-img: CommandFilter, /usr/bin/qemu-img, root -env: CommandFilter, /usr/bin/env, root - -# cinder/volume/driver.py: utils.read_file_as_root() -cat: CommandFilter, /bin/cat, root - -# cinder/volume/nfs.py -stat: CommandFilter, /usr/bin/stat, root -mount: CommandFilter, /bin/mount, root -df: CommandFilter, /bin/df, root -truncate: CommandFilter, /usr/bin/truncate, root -chmod: CommandFilter, /bin/chmod, root -rm: CommandFilter, /bin/rm, root -lvs: CommandFilter, /sbin/lvs, root diff --git a/elements/cinder-config/config/etc/default/iscsitarget b/elements/cinder-config/config/etc/default/iscsitarget deleted file mode 100644 index 70d645c8d..000000000 --- a/elements/cinder-config/config/etc/default/iscsitarget +++ /dev/null @@ -1,2 +0,0 @@ -ISCSITARGET_ENABLE=true - diff --git a/elements/cinder-config/element-deps b/elements/cinder-config/element-deps deleted file mode 100644 index c2199a4e6..000000000 --- a/elements/cinder-config/element-deps +++ /dev/null @@ -1 +0,0 @@ -os-config-applier diff --git a/elements/cinder/README.md b/elements/cinder/README.md deleted file mode 100644 index 1497c878e..000000000 --- a/elements/cinder/README.md +++ /dev/null @@ -1 +0,0 @@ -Install cinder service from git. diff --git a/elements/cinder/element-deps b/elements/cinder/element-deps deleted file mode 100644 index 6bde56d4e..000000000 --- a/elements/cinder/element-deps +++ /dev/null @@ -1,4 +0,0 @@ -os-svc-install -os-refresh-config -os-config-applier -cinder-config diff --git a/elements/cinder/install.d/72-cinder b/elements/cinder/install.d/72-cinder deleted file mode 100755 index fff7dd8aa..000000000 --- a/elements/cinder/install.d/72-cinder +++ /dev/null @@ -1,16 +0,0 @@ -#!/bin/bash -set -eux - -install-packages lvm2 -os-svc-install -n cinder -u cinder -r https://github.com/openstack/cinder.git -c cinder-all - -os-svc-daemon cinder-api cinder cinder-api "--config-dir /etc/cinder" -os-svc-daemon cinder-volume cinder cinder-volume "--config-dir /etc/cinder" -os-svc-daemon cinder-scheduler cinder cinder-scheduler "--config-dir /etc/cinder" -mkdir -p /etc/tgt/conf.d -echo 'include /etc/tgt/conf.d/cinder_tgt.conf' > /etc/tgt/targets.conf -echo 'include /var/run/cinder/volumes/*' > /etc/tgt/conf.d/cinder_tgt.conf - -echo "cinder ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/cinder -chmod 0440 /etc/sudoers.d/cinder -visudo -c diff --git a/elements/cinder/os-refresh-config/migration.d/72-cinder-resize-volume-groups b/elements/cinder/os-refresh-config/migration.d/72-cinder-resize-volume-groups deleted file mode 100755 index 9b1e8264e..000000000 --- a/elements/cinder/os-refresh-config/migration.d/72-cinder-resize-volume-groups +++ /dev/null @@ -1,15 +0,0 @@ -#!/bin/bash -set -eu - -# TODO: resize volume group in response to config changes. -# TODO: is there a safe way to shrink a volume group? -vol_group=cinder-volumes -vol_file=/var/run/cinder/$vol_group-backing-file -size=$(os-config-applier --key cinder.volume_size_mb --type int)M - -if ! vgs $vol_group; then - [[ -f $vol_file ]] || truncate -s $size $vol_file - dev=`sudo losetup -f --show $vol_file` - if ! vgs $vol_group; then vgcreate $vol_group $dev; fi - mkdir -p /var/run/cinder/volumes -fi diff --git a/elements/cinder/os-refresh-config/post-configure.d/72-cinder b/elements/cinder/os-refresh-config/post-configure.d/72-cinder deleted file mode 100755 index f838be0b2..000000000 --- a/elements/cinder/os-refresh-config/post-configure.d/72-cinder +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -eu - -service iscsitarget restart -service open-iscsi restart -service cinder-api restart -service cinder-volume restart -service cinder-scheduler restart diff --git a/elements/cinder/os-refresh-config/pre-configure.d/72-cinder b/elements/cinder/os-refresh-config/pre-configure.d/72-cinder deleted file mode 100755 index 925333ee7..000000000 --- a/elements/cinder/os-refresh-config/pre-configure.d/72-cinder +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -eu - -# installation requires building a kernel module. -# - TODO: use generic 'install-packages' instead of apt-get once -# it is available from first-boot scripts. -DEBIAN_FRONTEND=noninteractive apt-get install --yes linux-headers-`uname -r` -DEBIAN_FRONTEND=noninteractive apt-get install --yes iscsitarget iscsitarget-dkms openvswitch-datapath-dkms diff --git a/elements/devstack/README.md b/elements/devstack/README.md deleted file mode 100644 index 8249e703d..000000000 --- a/elements/devstack/README.md +++ /dev/null @@ -1,5 +0,0 @@ -Creates an image prepped to make a devstack baremetal cloud. See -incubator/scripts/demo within the built image. - -Forces a 16GB image to allow room for Swift, Cinder and instance -disk images. diff --git a/elements/devstack/block-device-size.d/10-size b/elements/devstack/block-device-size.d/10-size deleted file mode 100755 index 9db084ef4..000000000 --- a/elements/devstack/block-device-size.d/10-size +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Add the stack user we recommend folk use. - -set -e - -if (( '16' '>' $IMAGE_SIZE )); then - echo IMAGE_SIZE=16 -fi diff --git a/elements/devstack/element-deps b/elements/devstack/element-deps deleted file mode 100644 index 929d3c3b3..000000000 --- a/elements/devstack/element-deps +++ /dev/null @@ -1 +0,0 @@ -stackuser diff --git a/elements/devstack/install.d/52-image-toolchain b/elements/devstack/install.d/52-image-toolchain deleted file mode 100755 index 296b5bbbd..000000000 --- a/elements/devstack/install.d/52-image-toolchain +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -# Install the image creation toolchain so folk can create their own images -# (also includes the bootstrap-from-devstack facilities needed until we have -# full image mastering of openstack). - -set -e -set -o xtrace - -install-packages git -if [ -n "$http_proxy" ]; then - sudo -Hiu stack git config --global http.proxy $http_proxy -fi -sudo -Hiu stack git clone https://github.com/tripleo/incubator-bootstrap.git incubator diff --git a/elements/devstack/install.d/53-devstack b/elements/devstack/install.d/53-devstack deleted file mode 100755 index 8599d7c23..000000000 --- a/elements/devstack/install.d/53-devstack +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -# Initialize devstack in the bootstrap image - -set -e -set -o xtrace - -install-packages git -if [ -n "$http_proxy" ]; then - sudo -Hiu stack git config --global http.proxy $http_proxy -fi -sudo -Hiu stack git clone https://github.com/openstack-dev/devstack.git diff --git a/elements/devstack/install.d/97-haveged b/elements/devstack/install.d/97-haveged deleted file mode 100755 index 1c1b2db8e..000000000 --- a/elements/devstack/install.d/97-haveged +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# Install the haveged daemon so ssh config on startup isn't glacial. - -set -e -set -o xtrace - -install-packages haveged diff --git a/elements/devstack/install.d/98-baremetal-network b/elements/devstack/install.d/98-baremetal-network deleted file mode 100755 index 286fcec92..000000000 --- a/elements/devstack/install.d/98-baremetal-network +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -# Configure eth1, the baremetal network. - -set -e -set -o xtrace - -cat << EOF >> /etc/network/interfaces - -auto eth1 -iface eth1 inet static - # This matches the localrc we have configured for demo environments. - # It is unroutable and not suitable for production: it is a test network. - address 192.0.2.1 - netmask 255.255.255.0 - # Expose the metadata service needed by the nodes as they boot. - up iptables -t nat -A PREROUTING -d 169.254.169.254 -p tcp -m tcp --dport 80 -j REDIRECT --to-port 8775 - # Grant access to the rest of the world by routing via the bootstrap node - # (libvirt rejects traffic from unknown ip addresses, meaning that using - # the default libvirt nat environment requires the MASQUERADE for the bare - # metal nodes unless you reconfigure libvirt as well). Alternatively you - # can create a second bridge on your machine and attached eth0 to that - # (with an appropriate static config (or dhcp on the bridge). - up iptables -t nat -A POSTROUTING -s 192.0.2.0/24 -o eth0 -j MASQUERADE - # This matches the client range defined in localrc. - up ip addr add 192.0.2.33/29 dev eth1 -EOF diff --git a/elements/devstack/install.d/99-ssh b/elements/devstack/install.d/99-ssh deleted file mode 100755 index 2134c1988..000000000 --- a/elements/devstack/install.d/99-ssh +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Regenerate host keys now. XXX: Really should be a cloud-init task, should get -# that working. - -set -e -set -o xtrace - -dpkg-reconfigure openssh-server diff --git a/elements/glance/README.md b/elements/glance/README.md deleted file mode 100644 index f808598ca..000000000 --- a/elements/glance/README.md +++ /dev/null @@ -1 +0,0 @@ -Installs glance service from git. diff --git a/elements/glance/element-deps b/elements/glance/element-deps deleted file mode 100644 index 4ee9e8624..000000000 --- a/elements/glance/element-deps +++ /dev/null @@ -1,3 +0,0 @@ -os-svc-install -os-refresh-config -os-config-applier diff --git a/elements/glance/install.d/75-glance b/elements/glance/install.d/75-glance deleted file mode 100755 index e779c3f06..000000000 --- a/elements/glance/install.d/75-glance +++ /dev/null @@ -1,13 +0,0 @@ -#!/bin/bash -set -eux - -# TODO: use trunk instead of folsom -# trunk glance currently results in CRITICAL 'duplicate config entry log-format' errors: -# https://bugs.launchpad.net/ubuntu/+source/python-glanceclient/+bug/1131327 -os-svc-install -n glance -u glance -r https://github.com/openstack/glance.git -b stable/folsom - -mkdir -p /var/lib/glance/images && chown -R glance:glance /var/lib/glance/images -os-svc-daemon glance-api glance glance-api "--debug --log-config /etc/glance/logging.conf" -os-svc-daemon glance-reg glance glance-registry "--debug --log-config /etc/glance/logging.conf" - -install -m 0755 -o glance -g glance -d /var/log/glance diff --git a/elements/glance/os-config-applier/etc/glance/glance-api-paste.ini b/elements/glance/os-config-applier/etc/glance/glance-api-paste.ini deleted file mode 100644 index e83ee81da..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-api-paste.ini +++ /dev/null @@ -1,68 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -# Use this pipeline for no auth or image caching - DEFAULT -[pipeline:glance-api] -pipeline = versionnegotiation unauthenticated-context rootapp - -# Use this pipeline for image caching and no auth -[pipeline:glance-api-caching] -pipeline = versionnegotiation unauthenticated-context cache rootapp - -# Use this pipeline for caching w/ management interface but no auth -[pipeline:glance-api-cachemanagement] -pipeline = versionnegotiation unauthenticated-context cache cachemanage rootapp - -# Use this pipeline for keystone auth -[pipeline:glance-api-keystone] -pipeline = versionnegotiation authtoken context rootapp - -# Use this pipeline for keystone auth with image caching -[pipeline:glance-api-keystone+caching] -pipeline = versionnegotiation authtoken context cache rootapp - -# Use this pipeline for keystone auth with caching and cache management -[pipeline:glance-api-keystone+cachemanagement] -pipeline = versionnegotiation authtoken context cache cachemanage rootapp - -[composite:rootapp] -paste.composite_factory = glance.api:root_app_factory -/: apiversions -/v1: apiv1app -/v2: apiv2app - -[app:apiversions] -paste.app_factory = glance.api.versions:create_resource - -[app:apiv1app] -paste.app_factory = glance.api.v1.router:API.factory - -[app:apiv2app] -paste.app_factory = glance.api.v2.router:API.factory - -[filter:versionnegotiation] -paste.filter_factory = glance.api.middleware.version_negotiation:VersionNegotiationFilter.factory - -[filter:cache] -paste.filter_factory = glance.api.middleware.cache:CacheFilter.factory - -[filter:cachemanage] -paste.filter_factory = glance.api.middleware.cache_manage:CacheManageFilter.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystone.middleware.auth_token:filter_factory -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -admin_tenant_name = service -admin_user = glance -admin_password = {{service-password}} diff --git a/elements/glance/os-config-applier/etc/glance/glance-api.conf b/elements/glance/os-config-applier/etc/glance/glance-api.conf deleted file mode 100644 index fcbbb7668..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-api.conf +++ /dev/null @@ -1,83 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -debug = True - -default_store = file - -bind_host = 0.0.0.0 -bind_port = 9292 - -log_file = /var/log/glance/api.log - -sql_connection = {{glance.db}} - -workers = 1 - - -registry_host = 0.0.0.0 -registry_port = 9191 -notifier_strategy = noop - -rabbit_host = {{rabbit.host}} -rabbit_port = 5672 -rabbit_use_ssl = false -rabbit_userid = guest -rabbit_password = {{rabbit.password}} -rabbit_virtual_host = / -rabbit_notification_exchange = glance -rabbit_notification_topic = notifications -rabbit_durable_queues = False - -# Configuration options if sending notifications via Qpid (these are -# the defaults) -qpid_notification_exchange = glance -qpid_notification_topic = notifications -qpid_host = localhost -qpid_port = 5672 -qpid_username = -qpid_password = -qpid_sasl_mechanisms = -qpid_reconnect_timeout = 0 -qpid_reconnect_limit = 0 -qpid_reconnect_interval_min = 0 -qpid_reconnect_interval_max = 0 -qpid_reconnect_interval = 0 -qpid_heartbeat = 5 -# Set to 'ssl' to enable SSL -qpid_protocol = tcp -qpid_tcp_nodelay = True - -filesystem_store_datadir = /var/lib/glance/images/ - -swift_store_auth_version = 2 -swift_store_auth_address = {{keystone.host}}:5000/v2.0/ - -swift_store_user = {{swift.store_user}} -swift_store_key = {{swift.store_key}} -swift_store_container = glance -swift_store_create_container_on_put = False -swift_store_large_object_size = 5120 -swift_store_large_object_chunk_size = 200 -swift_enable_snet = False - -delayed_delete = False -scrub_time = 43200 -scrubber_datadir = /var/lib/glance/scrubber - -image_cache_dir = /var/lib/glance/image-cache/ - -[keystone_authtoken] -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -admin_tenant_name = service -admin_user = glance -admin_password = {{service-password}} - -[paste_deploy] -flavor = keystone diff --git a/elements/glance/os-config-applier/etc/glance/glance-cache.conf b/elements/glance/os-config-applier/etc/glance/glance-cache.conf deleted file mode 100644 index e9be08a20..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-cache.conf +++ /dev/null @@ -1,32 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -log_file = /var/log/glance/image-cache.log -image_cache_dir = /var/lib/glance/image-cache/ -image_cache_stall_time = 86400 -image_cache_invalid_entry_grace_period = 3600 -image_cache_max_size = 10737418240 - -registry_host = 0.0.0.0 -registry_port = 9191 - -filesystem_store_datadir = /var/lib/glance/images/ -swift_store_auth_version = 2 -swift_store_auth_address = 127.0.0.1:5000/v2.0/ -swift_store_user = jdoe:jdoe -swift_store_key = a86850deb2742ec3cb41518e26aa2d89 -swift_store_container = glance -swift_store_create_container_on_put = False -swift_store_large_object_size = 5120 -swift_store_large_object_chunk_size = 200 -swift_enable_snet = False - -s3_store_host = 127.0.0.1:8080/v1.0/ -s3_store_access_key = <20-char AWS access key> -s3_store_secret_key = <40-char AWS secret key> -s3_store_bucket = glance -s3_store_create_bucket_on_put = False diff --git a/elements/glance/os-config-applier/etc/glance/glance-registry-paste.ini b/elements/glance/os-config-applier/etc/glance/glance-registry-paste.ini deleted file mode 100644 index e11d91922..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-registry-paste.ini +++ /dev/null @@ -1,31 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -# Use this pipeline for no auth - DEFAULT -[pipeline:glance-registry] -pipeline = unauthenticated-context registryapp - -# Use this pipeline for keystone auth -[pipeline:glance-registry-keystone] -pipeline = authtoken context registryapp - -[app:registryapp] -paste.app_factory = glance.registry.api.v1:API.factory - -[filter:context] -paste.filter_factory = glance.api.middleware.context:ContextMiddleware.factory - -[filter:unauthenticated-context] -paste.filter_factory = glance.api.middleware.context:UnauthenticatedContextMiddleware.factory - -[filter:authtoken] -paste.filter_factory = keystone.middleware.auth_token:filter_factory -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -admin_tenant_name = service -admin_user = glance -admin_password = {{service-password}} diff --git a/elements/glance/os-config-applier/etc/glance/glance-registry.conf b/elements/glance/os-config-applier/etc/glance/glance-registry.conf deleted file mode 100644 index 405b9cfb0..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-registry.conf +++ /dev/null @@ -1,29 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -bind_host = 0.0.0.0 -bind_port = 9191 - -log_file = /var/log/glance/registry.log -backlog = 4096 - -sql_connection = {{glance.db}} -sql_idle_timeout = 3600 - -api_limit_max = 1000 -limit_param_default = 25 - -[keystone_authtoken] -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -admin_tenant_name = service -admin_user = glance -admin_password = {{service-password}} - -[paste_deploy] -flavor = keystone diff --git a/elements/glance/os-config-applier/etc/glance/glance-scrubber.conf b/elements/glance/os-config-applier/etc/glance/glance-scrubber.conf deleted file mode 100644 index 8fb504970..000000000 --- a/elements/glance/os-config-applier/etc/glance/glance-scrubber.conf +++ /dev/null @@ -1,41 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -# Show more verbose log output (sets INFO log level output) -#verbose = False - -# Show debugging output in logs (sets DEBUG log level output) -#debug = False - -# Log to this file. Make sure you do not set the same log -# file for both the API and registry servers! -log_file = /var/log/glance/scrubber.log - -# Send logs to syslog (/dev/log) instead of to file specified by `log_file` -#use_syslog = False - -# Should we run our own loop or rely on cron/scheduler to run us -daemon = False - -# Loop time between checking for new items to schedule for delete -wakeup_time = 300 - -# Directory that the scrubber will use to remind itself of what to delete -# Make sure this is also set in glance-api.conf -scrubber_datadir = /var/lib/glance/scrubber - -# Only one server in your deployment should be designated the cleanup host -cleanup_scrubber = False - -# pending_delete items older than this time are candidates for cleanup -cleanup_scrubber_time = 86400 - -# Address to find the registry server for cleanups -registry_host = 0.0.0.0 - -# Port the registry server is listening on -registry_port = 9191 diff --git a/elements/glance/os-config-applier/etc/glance/logging.conf b/elements/glance/os-config-applier/etc/glance/logging.conf deleted file mode 100644 index 2cdac3121..000000000 --- a/elements/glance/os-config-applier/etc/glance/logging.conf +++ /dev/null @@ -1,58 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[loggers] -keys=root,api,registry,combined - -[formatters] -keys=normal,normal_with_name,debug - -[handlers] -keys=production,devel - -[logger_root] -level=NOTSET -handlers=devel - -[logger_glance] -level=INFO -handlers=devel - -[logger_api] -level=DEBUG -handlers=devel -qualname=api - -[logger_registry] -level=DEBUG -handlers=devel -qualname=glance-registry - -[logger_combined] -level=DEBUG -handlers=devel -qualname=glance-combined - -[handler_production] -class=handlers.SysLogHandler -level=ERROR -formatter=normal_with_name -args=(('localhost', handlers.SYSLOG_UDP_PORT), handlers.SysLogHandler.LOG_USER) - -[handler_devel] -class=StreamHandler -level=NOTSET -formatter=debug -args=(sys.stdout,) - -[formatter_normal] -format=%(asctime)s %(levelname)s %(message)s - -[formatter_normal_with_name] -format=(%(name)s): %(asctime)s %(levelname)s %(message)s - -[formatter_debug] -format=(%(name)s): %(asctime)s %(levelname)s %(module)s %(funcName)s %(message)s diff --git a/elements/glance/os-config-applier/etc/glance/policy.json b/elements/glance/os-config-applier/etc/glance/policy.json deleted file mode 100644 index 30ef83cfe..000000000 --- a/elements/glance/os-config-applier/etc/glance/policy.json +++ /dev/null @@ -1,4 +0,0 @@ -{ - "default": "", - "manage_image_cache": "role:admin" -} diff --git a/elements/glance/os-config-applier/etc/glance/schema-image.json b/elements/glance/os-config-applier/etc/glance/schema-image.json deleted file mode 100644 index 01de2a970..000000000 --- a/elements/glance/os-config-applier/etc/glance/schema-image.json +++ /dev/null @@ -1,16 +0,0 @@ -{ - "kernel_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the kernel when booting an AMI-style image." - }, - "ramdisk_id": { - "type": "string", - "pattern": "^([0-9a-fA-F]){8}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){4}-([0-9a-fA-F]){12}$", - "description": "ID of image stored in Glance that should be used as the ramdisk when booting an AMI-style image." - }, - "instance_uuid": { - "type": "string", - "description": "ID of instance used to create this image." - } -} diff --git a/elements/glance/os-refresh-config/post-configure.d/75-glance b/elements/glance/os-refresh-config/post-configure.d/75-glance deleted file mode 100755 index eb548a056..000000000 --- a/elements/glance/os-refresh-config/post-configure.d/75-glance +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -eu - -service glance-api restart -service glance-reg restart diff --git a/elements/heat-cfntools/README.md b/elements/heat-cfntools/README.md deleted file mode 100644 index b9ebdd9e6..000000000 --- a/elements/heat-cfntools/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Install the Heat cfntools (for CloudFormation) to enable HEAT -templates to make use of advanced features of HEAT such as watches and -AWS::CloudFormation::Init diff --git a/elements/heat-cfntools/element-deps b/elements/heat-cfntools/element-deps deleted file mode 100644 index e375b247c..000000000 --- a/elements/heat-cfntools/element-deps +++ /dev/null @@ -1,2 +0,0 @@ -os-config-applier -os-refresh-config diff --git a/elements/heat-cfntools/install.d/05-heat-cfntools b/elements/heat-cfntools/install.d/05-heat-cfntools deleted file mode 100755 index f2cb2b0ff..000000000 --- a/elements/heat-cfntools/install.d/05-heat-cfntools +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -set -uex - -install-packages \ - python-pip python-psutil - -# Boto in Ubuntu 12.10 is too old. Newer boto's aren't -# supported by heat-api-cfn. Bug ref: http://pad.lv/1122472 -pip install 'boto==2.5.2' heat-cfntools -cfn-create-aws-symlinks --source /usr/local/bin diff --git a/elements/heat-cfntools/install.d/10-ec2-user b/elements/heat-cfntools/install.d/10-ec2-user deleted file mode 100755 index fbbc767cb..000000000 --- a/elements/heat-cfntools/install.d/10-ec2-user +++ /dev/null @@ -1,33 +0,0 @@ -#!/bin/bash -# Until http://pad.lv/1101347 is fixed, we need this user to be able to -# Log on to heat booted machines using the given SSH keypair - -set -uex - -# This is a specific workaround for Ubuntu -distro=$(lsb_release -is || :) -if [ "$distro" != "Ubuntu" ] ; then - exit 0 -fi - -# Setup ec2-user as expected by HEAT -if ! getent passwd ec2-user ; then - useradd -m -G admin ec2-user -s /bin/bash -fi -if ! [ -e /etc/sudoers.d/ec2-user ] ; then - echo "ec2-user ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/ec2-user - chmod 0440 /etc/sudoers.d/ec2-user - visudo -c -fi - -# We must pin to this fixed cloud-init from the demo ppa to ensure keys -# are installed. This can be removed if http://pad.lv/1100920 is ever -# fixed in the distro -cat > /etc/apt/preferences.d/cloud-init-from-ppa < /etc/apt/sources.list.d/jenkins.list diff --git a/elements/keystone-config/element-deps b/elements/keystone-config/element-deps deleted file mode 100644 index c2199a4e6..000000000 --- a/elements/keystone-config/element-deps +++ /dev/null @@ -1 +0,0 @@ -os-config-applier diff --git a/elements/keystone-config/os-config-applier/etc/keystone/keystone.conf b/elements/keystone-config/os-config-applier/etc/keystone/keystone.conf deleted file mode 100644 index 3eb9dde8e..000000000 --- a/elements/keystone-config/os-config-applier/etc/keystone/keystone.conf +++ /dev/null @@ -1,124 +0,0 @@ -[DEFAULT] -admin_token = {{admin-token}} - -debug = True - -[sql] -connection = {{keystone.db}} - -[identity] -driver = keystone.identity.backends.sql.Identity - -[catalog] -driver = keystone.catalog.backends.sql.Catalog - -[token] -driver = keystone.token.backends.kvs.Token - -# Amount of time a token should remain valid (in seconds) -# expiration = 86400 - -[policy] -# driver = keystone.policy.backends.sql.Policy - -[ec2] -# driver = keystone.contrib.ec2.backends.kvs.Ec2 - -[ssl] -#enable = True -#certfile = /etc/keystone/ssl/certs/keystone.pem -#keyfile = /etc/keystone/ssl/private/keystonekey.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#cert_required = True - -[signing] -#token_format = PKI -#certfile = /etc/keystone/ssl/certs/signing_cert.pem -#keyfile = /etc/keystone/ssl/private/signing_key.pem -#ca_certs = /etc/keystone/ssl/certs/ca.pem -#key_size = 1024 -#valid_days = 3650 -#ca_password = None - -[ldap] - -[filter:debug] -paste.filter_factory = keystone.common.wsgi:Debug.factory - -[filter:token_auth] -paste.filter_factory = keystone.middleware:TokenAuthMiddleware.factory - -[filter:admin_token_auth] -paste.filter_factory = keystone.middleware:AdminTokenAuthMiddleware.factory - -[filter:xml_body] -paste.filter_factory = keystone.middleware:XmlBodyMiddleware.factory - -[filter:json_body] -paste.filter_factory = keystone.middleware:JsonBodyMiddleware.factory - -[filter:user_crud_extension] -paste.filter_factory = keystone.contrib.user_crud:CrudExtension.factory - -[filter:crud_extension] -paste.filter_factory = keystone.contrib.admin_crud:CrudExtension.factory - -[filter:ec2_extension] -paste.filter_factory = keystone.contrib.ec2:Ec2Extension.factory - -[filter:s3_extension] -paste.filter_factory = keystone.contrib.s3:S3Extension.factory - -[filter:url_normalize] -paste.filter_factory = keystone.middleware:NormalizingFilter.factory - -[filter:sizelimit] -paste.filter_factory = keystone.middleware:RequestBodySizeLimiter.factory - -[filter:stats_monitoring] -paste.filter_factory = keystone.contrib.stats:StatsMiddleware.factory - -[filter:stats_reporting] -paste.filter_factory = keystone.contrib.stats:StatsExtension.factory - -[app:public_service] -paste.app_factory = keystone.service:public_app_factory - -[app:service_v3] -paste.app_factory = keystone.service:v3_app_factory - -[app:admin_service] -paste.app_factory = keystone.service:admin_app_factory - -[pipeline:public_api] -pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug ec2_extension user_crud_extension public_service - -[pipeline:admin_api] -pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension crud_extension admin_service - -[pipeline:api_v3] -pipeline = sizelimit stats_monitoring url_normalize token_auth admin_token_auth xml_body json_body debug stats_reporting ec2_extension s3_extension service_v3 - -[app:public_version_service] -paste.app_factory = keystone.service:public_version_app_factory - -[app:admin_version_service] -paste.app_factory = keystone.service:admin_version_app_factory - -[pipeline:public_version_api] -pipeline = sizelimit stats_monitoring url_normalize xml_body public_version_service - -[pipeline:admin_version_api] -pipeline = sizelimit stats_monitoring url_normalize xml_body admin_version_service - -[composite:main] -use = egg:Paste#urlmap -/v2.0 = public_api -/v3 = api_v3 -/ = public_version_api - -[composite:admin] -use = egg:Paste#urlmap -/v2.0 = admin_api -/v3 = api_v3 -/ = admin_version_api diff --git a/elements/keystone-config/os-config-applier/etc/keystone/logging.conf b/elements/keystone-config/os-config-applier/etc/keystone/logging.conf deleted file mode 100644 index 52d64cef0..000000000 --- a/elements/keystone-config/os-config-applier/etc/keystone/logging.conf +++ /dev/null @@ -1,33 +0,0 @@ -[loggers] -keys=root - -[formatters] -keys=normal,normal_with_name,debug - -[handlers] -keys=production,devel - -[logger_root] -level=WARNING -handlers= - -[handler_production] -class=handlers.SysLogHandler -level=ERROR -formatter=normal_with_name -args=(('localhost', handlers.SYSLOG_UDP_PORT), handlers.SysLogHandler.LOG_USER) - -[handler_devel] -class=StreamHandler -level=NOTSET -formatter=debug -args=(sys.stdout,) - -[formatter_normal] -format=%(asctime)s %(levelname)s %(message)s - -[formatter_normal_with_name] -format=(%(name)s): %(asctime)s %(levelname)s %(message)s - -[formatter_debug] -format=(%(name)s): %(asctime)s %(levelname)s %(module)s %(funcName)s %(message)s diff --git a/elements/keystone-config/os-config-applier/etc/keystone/policy.json b/elements/keystone-config/os-config-applier/etc/keystone/policy.json deleted file mode 100644 index aaf209242..000000000 --- a/elements/keystone-config/os-config-applier/etc/keystone/policy.json +++ /dev/null @@ -1,57 +0,0 @@ -{ - "admin_required": [["role:admin"], ["is_admin:1"]], - - "identity:get_service": [["rule:admin_required"]], - "identity:list_services": [["rule:admin_required"]], - "identity:create_service": [["rule:admin_required"]], - "identity:update_service": [["rule:admin_required"]], - "identity:delete_service": [["rule:admin_required"]], - - "identity:get_endpoint": [["rule:admin_required"]], - "identity:list_endpoints": [["rule:admin_required"]], - "identity:create_endpoint": [["rule:admin_required"]], - "identity:update_endpoint": [["rule:admin_required"]], - "identity:delete_endpoint": [["rule:admin_required"]], - - "identity:get_domain": [["rule:admin_required"]], - "identity:list_domains": [["rule:admin_required"]], - "identity:create_domain": [["rule:admin_required"]], - "identity:update_domain": [["rule:admin_required"]], - "identity:delete_domain": [["rule:admin_required"]], - - "identity:get_project": [["rule:admin_required"]], - "identity:list_projects": [["rule:admin_required"]], - "identity:list_user_projects": [["rule:admin_required"], ["user_id:%(user_id)s"]], - "identity:create_project": [["rule:admin_required"]], - "identity:update_project": [["rule:admin_required"]], - "identity:delete_project": [["rule:admin_required"]], - - "identity:get_user": [["rule:admin_required"]], - "identity:list_users": [["rule:admin_required"]], - "identity:create_user": [["rule:admin_required"]], - "identity:update_user": [["rule:admin_required"]], - "identity:delete_user": [["rule:admin_required"]], - - "identity:get_credential": [["rule:admin_required"]], - "identity:list_credentials": [["rule:admin_required"]], - "identity:create_credential": [["rule:admin_required"]], - "identity:update_credential": [["rule:admin_required"]], - "identity:delete_credential": [["rule:admin_required"]], - - "identity:get_role": [["rule:admin_required"]], - "identity:list_roles": [["rule:admin_required"]], - "identity:create_role": [["rule:admin_required"]], - "identity:update_roles": [["rule:admin_required"]], - "identity:delete_roles": [["rule:admin_required"]], - - "identity:check_grant": [["rule:admin_required"]], - "identity:list_grants": [["rule:admin_required"]], - "identity:create_grant": [["rule:admin_required"]], - "identity:revoke_grant": [["rule:admin_required"]], - - "identity:get_policy": [["rule:admin_required"]], - "identity:list_policies": [["rule:admin_required"]], - "identity:create_policy": [["rule:admin_required"]], - "identity:update_policy": [["rule:admin_required"]], - "identity:delete_policy": [["rule:admin_required"]] -} diff --git a/elements/keystone/README.md b/elements/keystone/README.md deleted file mode 100644 index bc2053d23..000000000 --- a/elements/keystone/README.md +++ /dev/null @@ -1,4 +0,0 @@ -This element installs the Keystone service from git. - -Upon booting the image, the service should be running on port 5000. - diff --git a/elements/keystone/element-deps b/elements/keystone/element-deps deleted file mode 100644 index 24f46dd7d..000000000 --- a/elements/keystone/element-deps +++ /dev/null @@ -1,3 +0,0 @@ -keystone-config -os-refresh-config -os-svc-install diff --git a/elements/keystone/install.d/05-keystone b/elements/keystone/install.d/05-keystone deleted file mode 100755 index 43a045701..000000000 --- a/elements/keystone/install.d/05-keystone +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -set -eux -os-svc-install -n keystone -u keystone -r https://github.com/openstack/keystone.git -c "/opt/stack/keystone/bin/keystone-all" diff --git a/elements/keystone/install.d/70-keystone b/elements/keystone/install.d/70-keystone deleted file mode 100755 index 7aa40ce6b..000000000 --- a/elements/keystone/install.d/70-keystone +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/bash -set -eux - -os-svc-install -n keystone -u keystone -r https://github.com/openstack/keystone.git -os-svc-daemon keystone keystone keystone-all "--config-dir /etc/keystone --log-config /etc/keystone/logging.conf" -install -m 0755 -o keystone -g keystone -d /etc/keystone/ssl - -install -m 0755 -o root -g root $(dirname $0)/../post-configure \ - $(os-refresh-config --print-base)/post-configure.d/70-keystone diff --git a/elements/keystone/post-configure b/elements/keystone/post-configure deleted file mode 100755 index 3e6d8dde6..000000000 --- a/elements/keystone/post-configure +++ /dev/null @@ -1,3 +0,0 @@ -#!/bin/bash -set -eu -service keystone restart diff --git a/elements/mysql-migration/README.md b/elements/mysql-migration/README.md deleted file mode 100644 index c106d1350..000000000 --- a/elements/mysql-migration/README.md +++ /dev/null @@ -1,41 +0,0 @@ -Migrate data from another MySQL server into the local one using -os-config-applier and os-refresh-config. - -Please note the migration process is *destructive* to any data currently -in the MySQL database running on the target host. Safeguards are in -place to ensure the process only happens once on any machine. - -Configuration -------------- - -Pass in Heat Metadata with the following structure in the -OpenStack::Config sub-key. - - mysql: - users: - root: - username: rootuser - password: XXXXXXX - dump: - username: dumpuser - password: XXXXXXX - mysql-migration: - bootstrap_host: x.y.z - slave_user: slave-bot1 - slave_password: XXXXXXXX - -The migration process assumes `dump` and `root` exist on the -`bootstrap_host` and have access from this host. - -The `dump` user will be used to dump data from `bootstrap_host`. The -`root` user will be used for localhost access after the database is -migrated. If `slave_user` and `slave_password` are set to non-empty -strings, replication will be setup against the `bootstrap_host` using -this user/password combination. - -Special /root/.my.cnf ---------------------- - -As a convenience, we copy the given `dump` and `root` user names and -passwords to /root/.my.cnf after migration. If this file is overwritten, -they will also be available as /root/metadata.my.cnf diff --git a/elements/mysql-migration/element-deps b/elements/mysql-migration/element-deps deleted file mode 100644 index 2800bb881..000000000 --- a/elements/mysql-migration/element-deps +++ /dev/null @@ -1,3 +0,0 @@ -mysql -os-config-applier -os-refresh-config diff --git a/elements/mysql-migration/os-config-applier/etc/mysql/migration_default b/elements/mysql-migration/os-config-applier/etc/mysql/migration_default deleted file mode 100644 index ea575cebd..000000000 --- a/elements/mysql-migration/os-config-applier/etc/mysql/migration_default +++ /dev/null @@ -1,4 +0,0 @@ -MIGRATION_HOST={{mysql-migration.bootstrap_host}} -MIGRATION_USER={{mysql-migration.slave_user}} -MIGRATION_PASSWORD={{mysql-migration.slave_password}} -MIGRATION_DUMP_USER={{mysql-migration.users.dump.username}} diff --git a/elements/mysql-migration/os-config-applier/root/metadata.my.cnf b/elements/mysql-migration/os-config-applier/root/metadata.my.cnf deleted file mode 100644 index b0e705849..000000000 --- a/elements/mysql-migration/os-config-applier/root/metadata.my.cnf +++ /dev/null @@ -1,10 +0,0 @@ -{{#mysql-migration.users.root}} -[client] -user={{username}} -password={{password}} -{{/mysql-migration.users.root}} -{{#mysql-migration.users.dump}} -[mysqldump] -user={{username}} -password={{password}} -{{/mysql-migration.users.dump}} diff --git a/elements/mysql-migration/os-refresh-config/migration.d/10-bootstrap-mysql b/elements/mysql-migration/os-refresh-config/migration.d/10-bootstrap-mysql deleted file mode 100755 index 2427fc423..000000000 --- a/elements/mysql-migration/os-refresh-config/migration.d/10-bootstrap-mysql +++ /dev/null @@ -1,78 +0,0 @@ -#!/bin/bash -# -# Copyright 2013 Hewlett-Packard Development Company, L.P. -# All Rights Reserved. -# -# Licensed under the Apache License, Version 2.0 (the "License"); you may -# not use this file except in compliance with the License. You may obtain -# a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, software -# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT -# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the -# License for the specific language governing permissions and limitations -# under the License. - -set -eux -set -o pipefail - -# Quietly go away unless a migration has been asked for -DEFAULTS=/etc/mysql/migration_default -[ -e $DEFAULTS ] || exit 0 -source $DEFAULTS - -DONE_FILE=/etc/mysql/migration_done -if [ -e $DONE_FILE ] ; then - echo migration from [$MIGRATION_HOST] already completed. - ls -l $DONE_FILE - exit 0 -fi - -# MySQL may be stopped pre-configuration, so try to start it -if [ -d /etc/init ] ; then - # Upstart: During initial boot, mysql will start in parallel with os-refresh-config - # wait-for-state is a job that allows blocking until a particular state is reached. - start wait-for-state WAIT_FOR=mysql WAITER=$(basename $0) WAIT_FOREVER=Y TARGET_GOAL=start WAIT_STATE=running -else - service mysql start || : -fi - -local_mysql() { - if [ -e /root/.my.cnf ] ; then - mysql --defaults-extra-file=/root/.my.cnf "$@" - else - mysql "$@" - fi -} - -local_mysql -e 'SHOW GRANTS' -# This runs as root. We assume root has a .my.cnf or access -# via localhost. -if [ -n "$MIGRATION_HOST" ] ; then - local_mysql -e 'STOP SLAVE' || : - # If we are planning on setting up a full slave - SLAVE_OPTS="" - if [ -n "$MIGRATION_USER" ] && [ -n "$MIGRATION_PASSWORD" ] ; then - local_mysql -e "CHANGE MASTER TO master_host='${MIGRATION_HOST}', master_user='${MIGRATION_USER}', master_password='${MIGRATION_PASSWORD}'" - SLAVE_OPTS="--master-data" - fi - mysqldump --defaults-extra-file=/root/metadata.my.cnf \ - -u $MIGRATION_DUMP_USER \ - --single-transaction \ - --all-databases \ - $SLAVE_OPTS -h $MIGRATION_HOST | local_mysql - - # After this following command, our ~/.my.cnf may stop working as its - # password may change due to the dump loaded above. - local_mysql -e 'FLUSH PRIVILEGES' - - # Now that database has been loaded, use creds that should match - cp -f /root/metadata.my.cnf /root/.my.cnf - # Now get the slave going if creds were provided - if [ -n "$MIGRATION_USER" ] && [ -n "$MIGRATION_PASSWORD" ] ; then - local_mysql -e "START SLAVE" - fi - touch $DONE_FILE -fi diff --git a/elements/mysql/README.md b/elements/mysql/README.md deleted file mode 100644 index 39a6ab8c6..000000000 --- a/elements/mysql/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Sets up a MySQL server install in the image. - -TODO: auto-tune settings based on host resources or metadata service. diff --git a/elements/mysql/element-deps b/elements/mysql/element-deps deleted file mode 100644 index e375b247c..000000000 --- a/elements/mysql/element-deps +++ /dev/null @@ -1,2 +0,0 @@ -os-config-applier -os-refresh-config diff --git a/elements/mysql/install.d/10-mysql b/elements/mysql/install.d/10-mysql deleted file mode 100755 index ef83e3302..000000000 --- a/elements/mysql/install.d/10-mysql +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/sh - -# Install controller base requiered packages - -set -e -set -o xtrace - -install -D -m 0644 -o root -g root $(dirname $0)/my.cnf /etc/mysql/my.cnf -install $(dirname $0)/mysql-set-server-id.upstart /etc/init/mysql-set-server-id.conf - -install-packages sysstat mytop percona-toolkit mysql-server-5.5 mysql-client-5.5 python-mysqldb diff --git a/elements/mysql/install.d/97-haveged b/elements/mysql/install.d/97-haveged deleted file mode 100755 index 1c1b2db8e..000000000 --- a/elements/mysql/install.d/97-haveged +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash -# Install the haveged daemon so ssh config on startup isn't glacial. - -set -e -set -o xtrace - -install-packages haveged diff --git a/elements/mysql/install.d/99-clean-apt b/elements/mysql/install.d/99-clean-apt deleted file mode 100755 index 14aff99ed..000000000 --- a/elements/mysql/install.d/99-clean-apt +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# Build iscsi modules with installed kernel - -set -e -set -o xtrace - -apt-get clean - - diff --git a/elements/mysql/install.d/my.cnf b/elements/mysql/install.d/my.cnf deleted file mode 100644 index 3afe9a533..000000000 --- a/elements/mysql/install.d/my.cnf +++ /dev/null @@ -1,64 +0,0 @@ -[mysql] -port = 3306 -socket = /var/run/mysqld/mysqld.sock - -[mysqld] - -# GENERAL # -user = mysql -default_storage_engine = InnoDB -socket = /var/run/mysqld/mysqld.sock -pid_file = /var/lib/mysql/mysql.pid -bind-address = 0.0.0.0 - -# MyISAM # -key_buffer_size = 32M -myisam_recover = FORCE,BACKUP - -# SAFETY # -max_allowed_packet = 16M -max_connect_errors = 1000000 -skip_name_resolve -sysdate_is_now = 1 -innodb = FORCE -innodb_strict_mode = 1 - -# DATA STORAGE # -datadir = /var/lib/mysql/ - -# CACHES AND LIMITS # -tmp_table_size = 32M -max_heap_table_size = 32M -query_cache_type = 0 -query_cache_size = 0 -max_connections = 500 -thread_cache_size = 50 -open_files_limit = 65535 -table_definition_cache = 4096 -table_open_cache = 4096 - -# INNODB # -innodb_flush_method = O_DIRECT -innodb_log_files_in_group = 2 -innodb_log_file_size = 64M -innodb_flush_log_at_trx_commit = 2 -innodb_file_per_table = 1 -innodb_buffer_pool_size = 592M -# TODO -# innodb_read_io_threads -# innodb_write_io_threads - - -# LOGGING # -log_error = /var/log/mysql/error.log -log_queries_not_using_indexes = 1 -slow_query_log = 1 -slow_query_log_file = /var/log/mysql/mysql-slow.log - -# server_id set in /etc/mysql/conf.d/server_id.cnf -# server_id = 1 -log_bin = /var/lib/mysql/mysql-bin -expire_logs_days = 7 -max_binlog_size = 100M -binlog_format = ROW -!includedir /etc/mysql/conf.d/ diff --git a/elements/mysql/install.d/mysql-set-server-id.upstart b/elements/mysql/install.d/mysql-set-server-id.upstart deleted file mode 100644 index 78454e2d5..000000000 --- a/elements/mysql/install.d/mysql-set-server-id.upstart +++ /dev/null @@ -1,27 +0,0 @@ -# vim: syntax=upstart -description "Set mysql server_id based on instance-id" - -start on starting mysql -task - -env INSTANCE_ID="/var/lib/cloud/data/instance-id" -env CONF_TARGET="/etc/mysql/conf.d/server_id.cnf" - -pre-start script - if ! [ -e $INSTANCE_ID ] ; then - stop - exit 0 - fi -end script - -script - instance=$(cat $INSTANCE_ID) - server_id=$(python -c "print 0x${instance##i-}") - cat > $CONF_TARGET.new < /etc/apt/sources.list.d/percona -#deb http://repo.percona.com/apt $VER main -#deb-src http://repo.percona.com/apt $VER main -#EOL diff --git a/elements/nova-api/README.md b/elements/nova-api/README.md deleted file mode 100644 index 135ae30fc..000000000 --- a/elements/nova-api/README.md +++ /dev/null @@ -1,2 +0,0 @@ -Installs Nova API service from github. - diff --git a/elements/nova-api/element-deps b/elements/nova-api/element-deps deleted file mode 100644 index 2167c86fb..000000000 --- a/elements/nova-api/element-deps +++ /dev/null @@ -1 +0,0 @@ -os-svc-install diff --git a/elements/nova-api/install.d/05-nova-api b/elements/nova-api/install.d/05-nova-api deleted file mode 100755 index 54afdac78..000000000 --- a/elements/nova-api/install.d/05-nova-api +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/sh -set -eux - -os-svc-install -n nova-api -u nova -r https://github.com/openstack/nova.git -c "/opt/stack/nova/bin/nova-api" - diff --git a/elements/nova-vm/README.md b/elements/nova-vm/README.md deleted file mode 100644 index 3af659955..000000000 --- a/elements/nova-vm/README.md +++ /dev/null @@ -1 +0,0 @@ -Sets up a nova (kvm) install in the image. diff --git a/elements/nova-vm/first-boot.d/05-ipforwarding b/elements/nova-vm/first-boot.d/05-ipforwarding deleted file mode 100755 index 4824cfcf7..000000000 --- a/elements/nova-vm/first-boot.d/05-ipforwarding +++ /dev/null @@ -1,5 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace -sed -i -r 's/^\s*#(net\.ipv4\.ip_forward=1.*)/\1/' /etc/sysctl.conf -echo 1 > /proc/sys/net/ipv4/ip_forward diff --git a/elements/nova-vm/first-boot.d/10-ntp b/elements/nova-vm/first-boot.d/10-ntp deleted file mode 100755 index 860e3fb2c..000000000 --- a/elements/nova-vm/first-boot.d/10-ntp +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -ntpfile=`mktemp` -cat << EOF > $ntpfile -server ntp.ubuntu.com iburst -server 127.127.1.0 -fudge 127.127.1.0 stratum 10 -EOF - -mv /etc/ntp.conf /etc/ntp.conf.orig -mv $ntpfile /etc/ntp.conf -service ntp restart diff --git a/elements/nova-vm/first-boot.d/15-mysql b/elements/nova-vm/first-boot.d/15-mysql deleted file mode 100755 index fe3d5a30d..000000000 --- a/elements/nova-vm/first-boot.d/15-mysql +++ /dev/null @@ -1,44 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace - -source $(dirname $0)/defaults -#MYSQL_ADMPASS -#MYSQL_NOVAPASS -#MYSQL_GLANCEPASS -#MYSQL_KEYSTONEPASS -#MYSQL_CINDERPASS - - -service mysql stop || true -MYSQL_BOOTSTRAP="/usr/sbin/mysqld --bootstrap --user=mysql --skip-grant-tables" -sqltfile=`mktemp` -cat < $sqltfile -USE mysql; -UPDATE user SET password=PASSWORD("$MYSQL_ADMPASS") WHERE user='root'; -EOF -$MYSQL_BOOTSTRAP < $sqltfile -rm -f $sqltfile -sed -i 's/^bind-address/#bind-address/' /etc/mysql/my.cnf -service mysql start - -sqltfile=`mktemp` -cat < $sqltfile -CREATE DATABASE IF NOT EXISTS nova; -GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '${MYSQL_NOVAPASS}'; -GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '${MYSQL_NOVAPASS}'; - -CREATE DATABASE IF NOT EXISTS cinder; -GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '${MYSQL_CINDERPASS}'; - -CREATE DATABASE IF NOT EXISTS keystone; -GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '${MYSQL_KEYSTONEPASS}'; - -CREATE DATABASE IF NOT EXISTS glance; -GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '${MYSQL_GLANCEPASS}'; - -FLUSH PRIVILEGES; -EOF - -mysql -uroot --password=$MYSQL_ADMPASS < $sqltfile -rm -f sqltfile diff --git a/elements/nova-vm/first-boot.d/20-rabbitmq b/elements/nova-vm/first-boot.d/20-rabbitmq deleted file mode 100755 index 62d5d4420..000000000 --- a/elements/nova-vm/first-boot.d/20-rabbitmq +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace - -source $(dirname $0)/defaults -#RABBIT_PASS - -rabbitmqctl change_password guest ${RABBIT_PASS} diff --git a/elements/nova-vm/first-boot.d/30-keystone b/elements/nova-vm/first-boot.d/30-keystone deleted file mode 100755 index 88e700742..000000000 --- a/elements/nova-vm/first-boot.d/30-keystone +++ /dev/null @@ -1,19 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace - -source $(dirname $0)/defaults -#AUTH_TOKEN -#MYSQL_KEYSTONEPASS -#ADMIN_PASSWORD -#HOST_IP - -KEYSTONE_FILE="/etc/keystone/keystone.conf" - -SQL_CONNECTION="mysql://keystone:${MYSQL_KEYSTONEPASS}@localhost:3306/keystone" - -sed -e "s,^connection\s*=\s*.\+$,connection = $SQL_CONNECTION," -i ${KEYSTONE_FILE} -sed -e 's|^[#]*[ \t]*admin_token[ \t]*=.*|admin_token = '${AUTH_TOKEN}'|' -i ${KEYSTONE_FILE} - -service keystone restart -keystone-manage db_sync diff --git a/elements/nova-vm/first-boot.d/31-keystone-data b/elements/nova-vm/first-boot.d/31-keystone-data deleted file mode 100755 index 07ae48a68..000000000 --- a/elements/nova-vm/first-boot.d/31-keystone-data +++ /dev/null @@ -1,72 +0,0 @@ -#!/bin/bash -# -# Keystone Datas -# -# Description: Fill Keystone with datas. - -# Mainly inspired by http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin -# Written by Martin Gerhard Loschwitz / Hastexo -# Modified by Emilien Macchi / StackOps -# -# Support: openstack@lists.launchpad.net -# License: Apache Software License (ASL) 2.0 -# -source $(dirname $0)/defaults - -export OS_TENANT_NAME=admin -export OS_USERNAME=admin -export OS_PASSWORD=${ADMIN_PASSWORD} -export OS_AUTH_URL="http://localhost:5000/v2.0/" -export SERVICE_ENDPOINT="http://localhost:35357/v2.0" -SERVICE_TENANT_NAME=${SERVICE_TENANT_NAME:-service} -export SERVICE_TOKEN=${SERVICE_TOKEN} - -get_id () { - echo `$@ | awk '/ id / { print $4 }'` -} - -# Tenants -ADMIN_TENANT=$(get_id keystone tenant-create --name=admin) -SERVICE_TENANT=$(get_id keystone tenant-create --name=$SERVICE_TENANT_NAME) -DEMO_TENANT=$(get_id keystone tenant-create --name=demo) -INVIS_TENANT=$(get_id keystone tenant-create --name=invisible_to_admin) - -# Users -ADMIN_USER=$(get_id keystone user-create --name=admin --pass="$ADMIN_PASSWORD" --email=admin@domain.com) -#DEMO_USER=$(get_id keystone user-create --name=demo --pass="$ADMIN_PASSWORD" --email=demo@domain.com) - -# Roles -ADMIN_ROLE=$(get_id keystone role-create --name=admin) -KEYSTONEADMIN_ROLE=$(get_id keystone role-create --name=KeystoneAdmin) -KEYSTONESERVICE_ROLE=$(get_id keystone role-create --name=KeystoneServiceAdmin) - -# Add Roles to Users in Tenants -keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $ADMIN_TENANT -#keystone user-role-add --user-id $ADMIN_USER --role-id $ADMIN_ROLE --tenant-id $DEMO_TENANT -keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONEADMIN_ROLE --tenant-id $ADMIN_TENANT -keystone user-role-add --user-id $ADMIN_USER --role-id $KEYSTONESERVICE_ROLE --tenant-id $ADMIN_TENANT - -# The Member role is used by Horizon and Swift -MEMBER_ROLE=$(get_id keystone role-create --name=Member) -#keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $INVIS_TENANT -#keystone user-role-add --user-id $DEMO_USER --role-id $MEMBER_ROLE --tenant-id $DEMO_TENANT -keystone user-role-add --user-id $ADMIN_USER --role-id $MEMBER_ROLE --tenant-id $ADMIN_TENANT - -# Configure service users/roles -NOVA_USER=$(get_id keystone user-create --name=nova --pass="$NOVA_PASS" --tenant-id $SERVICE_TENANT --email=nova@domain.com) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $ADMIN_ROLE - -GLANCE_USER=$(get_id keystone user-create --name=glance --pass="$GLANCE_PASSWORD" --tenant-id $SERVICE_TENANT --email=glance@domain.com) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $GLANCE_USER --role-id $ADMIN_ROLE - -SWIFT_USER=$(get_id keystone user-create --name=swift --pass="$SWIFT_PASSWORD" --tenant-id $SERVICE_TENANT --email=swift@domain.com) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $SWIFT_USER --role-id $ADMIN_ROLE - -RESELLER_ROLE=$(get_id keystone role-create --name=ResellerAdmin) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $NOVA_USER --role-id $RESELLER_ROLE - -QUANTUM_USER=$(get_id keystone user-create --name=quantum --pass="$QUANTUM_PASSWORD" --tenant-id $SERVICE_TENANT --email=quantum@domain.com) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $QUANTUM_USER --role-id $ADMIN_ROLE - -CINDER_USER=$(get_id keystone user-create --name=cinder --pass="$CINDER_PASSWORD" --tenant-id $SERVICE_TENANT --email=cinder@domain.com) -keystone user-role-add --tenant-id $SERVICE_TENANT --user-id $CINDER_USER --role-id $ADMIN_ROLE diff --git a/elements/nova-vm/first-boot.d/32-keystone-endpoints b/elements/nova-vm/first-boot.d/32-keystone-endpoints deleted file mode 100755 index 18f80b77b..000000000 --- a/elements/nova-vm/first-boot.d/32-keystone-endpoints +++ /dev/null @@ -1,67 +0,0 @@ -#!/bin/bash -# -# Keystone Endpoints -# -# Description: Create Services Endpoints - -# Mainly inspired by http://www.hastexo.com/resources/docs/installing-openstack-essex-20121-ubuntu-1204-precise-pangolin -# Written by Martin Gerhard Loschwitz / Hastexo -# Modified by Emilien Macchi / StackOps -# -# Support: openstack@lists.launchpad.net -# License: Apache Software License (ASL) 2.0 -# -source $(dirname $0)/defaults - -# MySQL definitions -MYSQL_USER=keystone -MYSQL_DATABASE=keystone -MYSQL_HOST=localhost - -# Keystone definitions -KEYSTONE_REGION=RegionOne -export SERVICE_TOKEN=password -export SERVICE_ENDPOINT="http://localhost:35357/v2.0" - -keystone service-create --name nova --type compute --description 'OpenStack Compute Service' -keystone service-create --name cinder --type volume --description 'OpenStack Volume Service' -keystone service-create --name glance --type image --description 'OpenStack Image Service' -keystone service-create --name swift --type object-store --description 'OpenStack Storage Service' -keystone service-create --name keystone --type identity --description 'OpenStack Identity' -keystone service-create --name ec2 --type ec2 --description 'OpenStack EC2 service' -keystone service-create --name quantum --type network --description 'OpenStack Networking service' - -create_endpoint () { - case $1 in - compute) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"${HOST_IP}"':8774/v2/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8774/v2/$(tenant_id)s' - ;; - volume) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' --internalurl 'http://'"$HOST_IP"':8776/v1/$(tenant_id)s' - ;; - image) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':9292/v2' --adminurl 'http://'"$HOST_IP"':9292/v2' --internalurl 'http://'"$HOST_IP"':9292/v2' - ;; - object-store) - if [ $SWIFT_HOST_IP ]; then - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$SWIFT_HOST_IP"':8080/v1/AUTH_$(tenant_id)s' --adminurl 'http://'"$SWIFT_HOST_IP"':8080/v1' --internalurl 'http://'"$SWIFT_HOST_IP"':8080/v1/AUTH_$(tenant_id)s' - else - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':8080/v1/AUTH_$(tenant_id)s' --adminurl 'http://'"$HOST_IP"':8080/v1' --internalurl 'http://'"$HOST_IP"':8080/v1/AUTH_$(tenant_id)s' - fi - ;; - identity) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':5000/v2.0' --adminurl 'http://'"$HOST_IP"':35357/v2.0' --internalurl 'http://'"$HOST_IP"':5000/v2.0' - ;; - ec2) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':8773/services/Cloud' --adminurl 'http://'"$HOST_IP"':8773/services/Admin' --internalurl 'http://'"$HOST_IP"':8773/services/Cloud' - ;; - network) - keystone endpoint-create --region $KEYSTONE_REGION --service-id $2 --publicurl 'http://'"$HOST_IP"':9696/' --adminurl 'http://'"$HOST_IP"':9696/' --internalurl 'http://'"$HOST_IP"':9696/' - ;; - esac -} - -for i in compute volume image object-store identity ec2 network; do - id=`mysql -h "$MYSQL_HOST" -u "$MYSQL_USER" -p"$MYSQL_KEYSTONEPASS" "$MYSQL_DATABASE" -ss -e "SELECT id FROM service WHERE type='"$i"';"` || exit 1 - create_endpoint $i $id -done diff --git a/elements/nova-vm/first-boot.d/40-glance b/elements/nova-vm/first-boot.d/40-glance deleted file mode 100755 index 2f0b46e7c..000000000 --- a/elements/nova-vm/first-boot.d/40-glance +++ /dev/null @@ -1,35 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace - -source $(dirname $0)/defaults -#MYSQL_GLANCEPASS -#GLANCE_PASS -#RABBIT_PASS - -GLANCE_DIR="/etc/glance/" - -SQL_CONNECTION="mysql://glance:${MYSQL_GLANCEPASS}@localhost:3306/glance" - -sed -e "s,^sql_connection\s*=\s*.\+$,sql_connection = $SQL_CONNECTION," -i ${GLANCE_DIR}/glance-api.conf -sed -e "s,^sql_connection\s*=\s*.\+$,sql_connection = $SQL_CONNECTION," -i ${GLANCE_DIR}/glance-registry.conf - -sed -e "s,^admin_tenant_name\s*=\s*.\+$,admin_tenant_name = service," -i ${GLANCE_DIR}/glance-api.conf -sed -e "s,^admin_tenant_name\s*=\s*.\+$,admin_tenant_name = service," -i ${GLANCE_DIR}/glance-registry.conf - -sed -e "s,^admin_user\s*=\s*.\+$,admin_user = glance," -i ${GLANCE_DIR}/glance-api.conf -sed -e "s,^admin_user\s*=\s*.\+$,admin_user = glance," -i ${GLANCE_DIR}/glance-registry.conf - -sed -e "s,^admin_password\s*=\s*.\+$,admin_password = ${GLANCE_PASS}," -i ${GLANCE_DIR}/glance-api.conf -sed -e "s,^admin_password\s*=\s*.\+$,admin_password = ${GLANCE_PASS}," -i ${GLANCE_DIR}/glance-registry.conf - -sed -e "s,^notifier_strategy\s*=\s*.\+$,notifier_strategy = rabbit," -i ${GLANCE_DIR}/glance-api.conf -sed -e "s,^rabbit_password\s*=\s*.\+$,rabbit_password = ${RABBIT_PASS}," -i ${GLANCE_DIR}/glance-api.conf - -service glance-api restart -service glance-registry restart -glance-manage db_sync - -#wget http://uec-images.ubuntu.com/releases/precise/release/ubuntu-12.04-server-cloudimg-amd64.tar.gz -#tar xzvf ubuntu-12.04-server-cloudimg-amd64.tar.gz -#glance image-create --name="Ubuntu 12.04 UEC" --public --container-format=ovf --disk-format=qcow2 < precise-server-cloudimg-amd64.img diff --git a/elements/nova-vm/first-boot.d/50-nova b/elements/nova-vm/first-boot.d/50-nova deleted file mode 100755 index ebf08062a..000000000 --- a/elements/nova-vm/first-boot.d/50-nova +++ /dev/null @@ -1,84 +0,0 @@ -#!/bin/bash -set -e -set -o xtrace - -source $(dirname $0)/defaults -#HOST_IP - -NOVA_DIR="/etc/nova/" - -SQL_CONNECTION="mysql://nova:${MYSQL_NOVAPASS}@localhost:3306/nova" - -sed -e "s,^admin_tenant_name\s*=\s*.\+$,admin_tenant_name = service," -i ${NOVA_DIR}/api-paste.ini -sed -e "s,^admin_user\s*=\s*.\+$,admin_user = nova," -i ${NOVA_DIR}/api-paste.ini -sed -e "s,^admin_password\s*=\s*.\+$,admin_password = ${NOVA_PASS}," -i ${NOVA_DIR}/api-paste.ini - -sed -i '/volume/d' /etc/nova/api-paste.ini - -cat << EOF > ${NOVA_DIR}/nova.conf -[DEFAULT] -# MySQL Connection # -sql_connection=mysql://nova:password@${HOST_IP}/nova - -# nova-scheduler # -rabbit_password=${RABBIT_PASS} -scheduler_driver=nova.scheduler.simple.SimpleScheduler - -# nova-api # -cc_host=${HOST_IP} -auth_strategy=keystone -s3_host=${HOST_IP} -ec2_host=${HOST_IP} -nova_url=http://${HOST_IP}:8774/v1.1/ -ec2_url=http://${HOST_IP}:8773/services/Cloud -keystone_ec2_url=http://${HOST_IP}:5000/v2.0/ec2tokens -api_paste_config=/etc/nova/api-paste.ini -allow_admin_api=true -use_deprecated_auth=false -ec2_private_dns_show_ip=True -dmz_cidr=169.254.169.254/32 -ec2_dmz_host=${HOST_IP} -metadata_host=${HOST_IP} -metadata_listen=0.0.0.0 -enabled_apis=ec2,osapi_compute,metadata - -# Networking # -#network_api_class=nova.network.quantumv2.api.API -#quantum_url=http://${HOST_IP}:9696 -#quantum_auth_strategy=keystone -#quantum_admin_tenant_name=service -#quantum_admin_username=quantum -#quantum_admin_password=password -#quantum_admin_auth_url=http://${HOST_IP}:35357/v2.0 -#libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver -#linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver -#firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver - -# Cinder # -volume_api_class=nova.volume.cinder.API - -# Glance # -glance_api_servers=${HOST_IP}:9292 -image_service=nova.image.glance.GlanceImageService - -# novnc # -novnc_enable=true -novncproxy_base_url=http://${HOST_IP}:6080/vnc_auto.html -vncserver_proxyclient_address=127.0.0.1 -vncserver_listen=0.0.0.0 - -# Misc # -logdir=/var/log/nova -state_path=/var/lib/nova -lock_path=/var/lock/nova -root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf -verbose=true -EOF - -nova-manage db sync -service nova-api restart -service nova-cert restart -service nova-consoleauth restart -service nova-scheduler restart -service novnc restart -service nova-network restart diff --git a/elements/nova-vm/first-boot.d/defaults b/elements/nova-vm/first-boot.d/defaults deleted file mode 100644 index 9c71666a8..000000000 --- a/elements/nova-vm/first-boot.d/defaults +++ /dev/null @@ -1,27 +0,0 @@ -set -e - -DEFAULT_PASSWORD=${DEFAULT_PASSWORD:-password} - -# HOST_IP -# Find the interface used for the default route -HOST_IP_IFACE=${HOST_IP_IFACE:-$(ip route | sed -n '/^default/{ s/.*dev \(\w\+\)\s\+.*/\1/; p; }')} -# Search for an IP unless an explicit is set by ``HOST_IP`` environment variable -HOST_IP=`LC_ALL=C ip -f inet addr show ${HOST_IP_IFACE} | awk '/inet/ {split($2,parts,"/"); print parts[1]}'` - -# Mysql Passwords -MYSQL_ADMPASS=${MYSQL_ADMPASS:-${DEFAULT_PASSWORD}} -MYSQL_NOVAPASS=${MYSQL_NOVAPASS:-${MYSQL_ADMPASS}} -MYSQL_GLANCEPASS=${MYSQL_GLANCEPASS:-${MYSQL_ADMPASS}} -MYSQL_KEYSTONEPASS=${MYSQL_KEYSTONEPASS:-${MYSQL_ADMPASS}} -MYSQL_CINDERPASS=${MYSQL_CINDERPASS:-${MYSQL_ADMPASS}} - -#Rabbitmq Passwords -RABBIT_PASS=${RABBIT_PASS:-${DEFAULT_PASSWORD}} - -#Keystone -AUTH_TOKEN=${AUTH_TOKEN:-${DEFAULT_PASSWORD}} -SERVICE_TOKEN=${AUTH_TOKEN} -ADMIN_PASSWORD=${ADMIN_PASSWORD:-${DEFAULT_PASSWORD}} - -#Glance -GLANCE_PASS=${GLANCE_PASS:-${DEFAULT_PASSWORD}} diff --git a/elements/nova-vm/install.d/05-controller-code-deps b/elements/nova-vm/install.d/05-controller-code-deps deleted file mode 100755 index f0a45595e..000000000 --- a/elements/nova-vm/install.d/05-controller-code-deps +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/sh - -# Install controller base requiered packages - -set -e -set -o xtrace - -install-packages haproxy rabbitmq-server mysql-server ntp dkms diff --git a/elements/nova-vm/install.d/10-controller-openstack-deps b/elements/nova-vm/install.d/10-controller-openstack-deps deleted file mode 100755 index bb94d9898..000000000 --- a/elements/nova-vm/install.d/10-controller-openstack-deps +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -# Install controller openstack packages - -set -e -set -o xtrace - -install-packages keystone glance nova-api nova-cert nova-common nova-scheduler python-nova python-novaclient nova-consoleauth novnc nova-novncproxy cinder-api cinder-scheduler cinder-volume iscsitarget open-iscsi iscsitarget-dkms python-cinderclient nova-network - diff --git a/elements/nova-vm/install.d/20-dkms-iscsi b/elements/nova-vm/install.d/20-dkms-iscsi deleted file mode 100755 index 6cd4906a9..000000000 --- a/elements/nova-vm/install.d/20-dkms-iscsi +++ /dev/null @@ -1,27 +0,0 @@ -#!/bin/sh - -# Build iscsi modules with installed kernel - -set -e -set -o xtrace - -package=iscsitarget-dkms -name=iscsitarget - -kernel_version=`ls /boot/vmlinuz-* -r -1| head -n1 | xargs basename |sed 's/vmlinuz-//'` - -version=`dpkg-query -W -f='${Version}' "$package" \ - |rev|cut -d- -f2-|rev|cut -d':' -f2|tr -d "\n"` - -isadded=`dkms status -m "$cd name" -v "$version"` - - - -if [ "x${isadded}" = "x" ] ; then - dkms add -m "$name" -v "$version" -k "$kernel_version" || true -fi - -dkms build -m "$name" -v "$version" -k "$kernel_version" && dkms install -m "$name" -v "$version" -k "$kernel_version" || true - - - diff --git a/elements/nova-vm/install.d/99-clean-apt b/elements/nova-vm/install.d/99-clean-apt deleted file mode 100755 index 14aff99ed..000000000 --- a/elements/nova-vm/install.d/99-clean-apt +++ /dev/null @@ -1,10 +0,0 @@ -#!/bin/sh - -# Build iscsi modules with installed kernel - -set -e -set -o xtrace - -apt-get clean - - diff --git a/elements/nova/README.md b/elements/nova/README.md deleted file mode 100644 index fb25a4f5b..000000000 --- a/elements/nova/README.md +++ /dev/null @@ -1,2 +0,0 @@ -Installs nova-baremetal service from git. - diff --git a/elements/nova/element-deps b/elements/nova/element-deps deleted file mode 100644 index dca168907..000000000 --- a/elements/nova/element-deps +++ /dev/null @@ -1,3 +0,0 @@ -os-svc-install -os-config-applier -os-refresh-config diff --git a/elements/nova/install.d/74-nova b/elements/nova/install.d/74-nova deleted file mode 100755 index 88d2943a7..000000000 --- a/elements/nova/install.d/74-nova +++ /dev/null @@ -1,55 +0,0 @@ -#!/bin/bash -set -eux - -function install_dnsmasq_upstart { - cat > /etc/init/nova-bm-dnsmasq.conf << eof -start on runlevel [2345] -stop on runlevel [016] -pre-start script - mkdir -p /tftpboot - chown -R nova:nova /tftpboot - killall -9 dnsmasq || echo 'no dnsmasq running' -end script -task - -script - exec dnsmasq --conf-file= \\ - --port=0 \\ - --enable-tftp \\ - --tftp-root=/tftpboot \\ - --dhcp-boot=pxelinux.0 \\ - --bind-interfaces \\ - --pid-file=/var/run/dnsmasq.pid \\ - --interface=eth0 \\ - --dhcp-range=10.8.53.201,10.8.53.206,29 -end script -eof -} - -install-packages dnsmasq novnc dnsmasq-utils ebtables - -os-svc-install -n nova -u nova -r https://github.com/openstack/nova.git - -# for libvirt clouds only -install-packages libvirt-bin python-libvirt kvm pm-utils syslinux -usermod -a -G libvirtd nova - -mkdir -p /var/run/nova/keys && chown -R nova:nova /var/run/nova/keys -os-svc-daemon nova-api nova nova-api "--config-dir /etc/nova" -os-svc-daemon nova-rpc-zmq-receiver nova nova-rpc-zmq-receiver "--config-dir /etc/nova" -os-svc-daemon nova-cert nova nova-cert "--config-dir /etc/nova" -os-svc-daemon nova-scheduler nova nova-scheduler "--config-dir /etc/nova --debug" -os-svc-daemon nova-consoleauth nova nova-consoleauth "--config-dir /etc/nova" -os-svc-daemon nova-conductor nova nova-conductor "--config-dir /etc/nova" -os-svc-daemon nova-compute nova nova-compute "--config-dir /etc/nova" -os-svc-daemon nova-baremetal-deploy-helper \ - nova nova-baremetal-deploy-helper "--config-dir /etc/nova" -install_dnsmasq_upstart - -mkdir -p /tftpboot/pxelinux.cfg/ -cp /usr/lib/syslinux/pxelinux.0 /tftpboot/ -chown -R nova:nova /var/lib/misc/ - -echo "nova ALL=(ALL) NOPASSWD:ALL" > /etc/sudoers.d/nova -chmod 0440 /etc/sudoers.d/nova -visudo -c diff --git a/elements/nova/os-config-applier/etc/nova/api-paste.ini b/elements/nova/os-config-applier/etc/nova/api-paste.ini deleted file mode 100644 index 6c407ec37..000000000 --- a/elements/nova/os-config-applier/etc/nova/api-paste.ini +++ /dev/null @@ -1,113 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -############ -# Metadata # -############ -[composite:metadata] -use = egg:Paste#urlmap -/: meta - -[pipeline:meta] -pipeline = ec2faultwrap logrequest metaapp - -[app:metaapp] -paste.app_factory = nova.api.metadata.handler:MetadataRequestHandler.factory - -####### -# EC2 # -####### - -[composite:ec2] -use = egg:Paste#urlmap -/services/Cloud: ec2cloud - -[composite:ec2cloud] -use = call:nova.api.auth:pipeline_factory -noauth = ec2faultwrap logrequest ec2noauth cloudrequest validator ec2executor -keystone = ec2faultwrap logrequest ec2keystoneauth cloudrequest validator ec2executor - -[filter:ec2faultwrap] -paste.filter_factory = nova.api.ec2:FaultWrapper.factory - -[filter:logrequest] -paste.filter_factory = nova.api.ec2:RequestLogging.factory - -[filter:ec2lockout] -paste.filter_factory = nova.api.ec2:Lockout.factory - -[filter:ec2keystoneauth] -paste.filter_factory = nova.api.ec2:EC2KeystoneAuth.factory - -[filter:ec2noauth] -paste.filter_factory = nova.api.ec2:NoAuth.factory - -[filter:cloudrequest] -controller = nova.api.ec2.cloud.CloudController -paste.filter_factory = nova.api.ec2:Requestify.factory - -[filter:authorizer] -paste.filter_factory = nova.api.ec2:Authorizer.factory - -[filter:validator] -paste.filter_factory = nova.api.ec2:Validator.factory - -[app:ec2executor] -paste.app_factory = nova.api.ec2:Executor.factory - -############# -# Openstack # -############# - -[composite:osapi_compute] -use = call:nova.api.openstack.urlmap:urlmap_factory -/: oscomputeversions -/v1.1: openstack_compute_api_v2 -/v2: openstack_compute_api_v2 - -[composite:openstack_compute_api_v2] -use = call:nova.api.auth:pipeline_factory -noauth = faultwrap sizelimit noauth ratelimit osapi_compute_app_v2 -keystone = faultwrap sizelimit authtoken keystonecontext ratelimit osapi_compute_app_v2 -keystone_nolimit = faultwrap sizelimit authtoken keystonecontext osapi_compute_app_v2 - -[filter:faultwrap] -paste.filter_factory = nova.api.openstack:FaultWrapper.factory - -[filter:noauth] -paste.filter_factory = nova.api.openstack.auth:NoAuthMiddleware.factory - -[filter:ratelimit] -paste.filter_factory = nova.api.openstack.compute.limits:RateLimitingMiddleware.factory - -[filter:sizelimit] -paste.filter_factory = nova.api.sizelimit:RequestBodySizeLimiter.factory - -[app:osapi_compute_app_v2] -paste.app_factory = nova.api.openstack.compute:APIRouter.factory - -[pipeline:oscomputeversions] -pipeline = faultwrap oscomputeversionapp - -[app:oscomputeversionapp] -paste.app_factory = nova.api.openstack.compute.versions:Versions.factory - -########## -# Shared # -########## - -[filter:keystonecontext] -paste.filter_factory = nova.api.auth:NovaKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -auth_host = {{keystone.host}} -auth_port = 35357 -admin_password = {{service-password}} -auth_protocol = http -admin_tenant_name = service -admin_user = nova -signing_dir = /tmp/keystone-signing-nova diff --git a/elements/nova/os-config-applier/etc/nova/logging.conf b/elements/nova/os-config-applier/etc/nova/logging.conf deleted file mode 100644 index a4595c966..000000000 --- a/elements/nova/os-config-applier/etc/nova/logging.conf +++ /dev/null @@ -1,82 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[loggers] -keys = root, nova - -[handlers] -keys = stderr, stdout, watchedfile, syslog, null - -[formatters] -keys = legacynova, default - -[logger_root] -level = WARNING -handlers = null - -[logger_nova] -level = INFO -handlers = stderr -qualname = nova - -[logger_amqplib] -level = WARNING -handlers = stderr -qualname = amqplib - -[logger_sqlalchemy] -level = WARNING -handlers = stderr -qualname = sqlalchemy -# "level = INFO" logs SQL queries. -# "level = DEBUG" logs SQL queries and results. -# "level = WARNING" logs neither. (Recommended for production systems.) - -[logger_boto] -level = WARNING -handlers = stderr -qualname = boto - -[logger_suds] -level = INFO -handlers = stderr -qualname = suds - -[logger_eventletwsgi] -level = WARNING -handlers = stderr -qualname = eventlet.wsgi.server - -[handler_stderr] -class = StreamHandler -args = (sys.stderr,) -formatter = legacynova - -[handler_stdout] -class = StreamHandler -args = (sys.stdout,) -formatter = legacynova - -[handler_watchedfile] -class = handlers.WatchedFileHandler -args = ('/var/log/nova/nova.log',) -formatter = legacynova - -[handler_syslog] -class = handlers.SysLogHandler -args = ('/dev/log', handlers.SysLogHandler.LOG_USER) -formatter = legacynova - -[handler_null] -class = nova.openstack.common.log.NullHandler -formatter = default -args = () - -[formatter_legacynova] -class = nova.openstack.common.log.LegacyFormatter - -[formatter_default] -format = %(message)s diff --git a/elements/nova/os-config-applier/etc/nova/nova.conf b/elements/nova/os-config-applier/etc/nova/nova.conf deleted file mode 100644 index 5f8a0b511..000000000 --- a/elements/nova/os-config-applier/etc/nova/nova.conf +++ /dev/null @@ -1,94 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -debug = True - -s3_host={{keystone.host}} -ec2_host={{keystone.host}} -ec2_dmz_host={{keystone.host}} -ec2_url=http://{{nova.host}}:8773/services/Cloud -rabbit_host={{rabbit.host}} -cc_host={{keystone.host}} -nova_url=http://{{nova.host}}:8774/v1.1/ - -log_config=/etc/nova/logging.conf - -sql_connection={{nova.db}} - -logdir=/var/log/nova -state_path=/var/lib/nova -lock_path=/var/lib/nova -api_paste_config=/etc/nova/api-paste.ini -verbose=True - -# Auth -use_deprecated_auth=false -auth_strategy=keystone -keystone_ec2_url=http://{{keystone.host}}:5000/v2.0/ec2tokens -# Imaging service -glance_api_servers={{glance.host}}:9292 -image_service=nova.image.glance.GlanceImageService - -# Vnc configuration -novnc_enabled=true -novncproxy_base_url=http://{{nova.host}}:6080/vnc_auto.html -novncproxy_port=6080 -vncserver_proxyclient_address=127.0.0.1 -vncserver_listen=0.0.0.0 - -# Networking # -network_api_class=nova.network.quantumv2.api.API -quantum_url=http://{{quantum.host}}:9696 -quantum_auth_strategy=keystone -quantum_admin_tenant_name=service -quantum_admin_username=quantum -quantum_admin_password={{service-password}} -quantum_admin_auth_url=http://{{keystone.host}}:35357/v2.0 -libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver -linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver -firewall_driver = nova.virt.firewall.NoopFirewallDriver -fixed_range = 192.0.2.32/29 - -dhcpbridge_flagfile=/etc/nova/nova.conf -dhcpbridge=/usr/bin/nova-dhcpbridge - -rootwrap_config=/etc/nova/rootwrap.conf - -# Cinder # -volume_api_class=nova.volume.cinder.API -osapi_volume_listen_port=5900 - -rabbit_host={{rabbit.host}} -rabbit_password={{rabbit.password}} - - -state_path=/var/lib/nova -lock_path=/var/lib/nova -keys_path=/var/lib/nova/keys - -enabled_apis = ec2,osapi_compute,metadata,openstack_compute_api_v2 - -dhcpbridge_flagfile = /etc/nova/nova.conf -dhcpbridge=/usr/local/bin/nova-dhcpbridge - -scheduler_default_filters = AllHostsFilter - -# TODO: driver must be configurable. -scheduler_host_manager = nova.scheduler.baremetal_host_manager.BaremetalHostManager -compute_driver = baremetal.driver.BareMetalDriver - -[baremetal] -sql_connection = {{nova.bm_db}} -net_config_template = /opt/stack/nova/nova/virt/baremetal/net-static.ubuntu.template -tftp_root = /tftpboot -instance_type_extra_specs = cpu_arch:i386 - -power_manager = nova.virt.baremetal.virtual_power_driver.VirtualPowerManager -driver = nova.virt.baremetal.pxe.PXE -virtual_power_host_user={{nova.virtual_power_user}} -virtual_power_host_pass={{nova.virtual_power_pass}} -virtual_power_ssh_host={{nova.virtual_power_ssh_host}} diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.conf b/elements/nova/os-config-applier/etc/nova/rootwrap.conf deleted file mode 100644 index 6a24bb7d4..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.conf +++ /dev/null @@ -1,6 +0,0 @@ -[DEFAULT] -filters_path=/etc/nova/rootwrap.d,/usr/share/nova/rootwrap -exec_dirs=/sbin,/usr/sbin,/bin,/usr/bin -use_syslog=False -syslog_log_facility=syslog -syslog_log_level=ERROR diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.d/api-metadata.filters b/elements/nova/os-config-applier/etc/nova/rootwrap.d/api-metadata.filters deleted file mode 100644 index 1aa6f83e6..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.d/api-metadata.filters +++ /dev/null @@ -1,13 +0,0 @@ -# nova-rootwrap command filters for api-metadata nodes -# This is needed on nova-api hosts running with "metadata" in enabled_apis -# or when running nova-api-metadata -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ... -iptables-save: CommandFilter, iptables-save, root -ip6tables-save: CommandFilter, ip6tables-save, root - -# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,) -iptables-restore: CommandFilter, iptables-restore, root -ip6tables-restore: CommandFilter, ip6tables-restore, root diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-compute-ipmi.filters b/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-compute-ipmi.filters deleted file mode 100644 index a2858cd11..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-compute-ipmi.filters +++ /dev/null @@ -1,9 +0,0 @@ -# nova-rootwrap command filters for compute nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# nova/virt/baremetal/ipmi.py: 'ipmitool', .. -ipmitool: CommandFilter, /usr/bin/ipmitool, root - -# nova/virt/baremetal/ipmi.py: 'kill', '-TERM', str(console_pid) -kill_shellinaboxd: KillFilter, root, /usr/local/bin/shellinaboxd, -15, -TERM diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-deploy-helper.filters b/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-deploy-helper.filters deleted file mode 100644 index 65416bbf8..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.d/baremetal-deploy-helper.filters +++ /dev/null @@ -1,10 +0,0 @@ -# nova-rootwrap command filters for nova-baremetal-deploy-helper -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# nova-baremetal-deploy-helper -iscsiadm: CommandFilter, /sbin/iscsiadm, root -fdisk: CommandFilter, /sbin/fdisk, root -dd: CommandFilter, /bin/dd, root -mkswap: CommandFilter, /sbin/mkswap, root -blkid: CommandFilter, /sbin/blkid, root diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.d/compute.filters b/elements/nova/os-config-applier/etc/nova/rootwrap.d/compute.filters deleted file mode 100644 index 6396315b9..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.d/compute.filters +++ /dev/null @@ -1,187 +0,0 @@ -# nova-rootwrap command filters for compute nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# nova/virt/disk/mount/api.py: 'kpartx', '-a', device -# nova/virt/disk/mount/api.py: 'kpartx', '-d', device -kpartx: CommandFilter, /sbin/kpartx, root - -# nova/virt/xenapi/vm_utils.py: tune2fs, -O ^has_journal, part_path -# nova/virt/xenapi/vm_utils.py: tune2fs, -j, partition_path -tune2fs: CommandFilter, /sbin/tune2fs, root - -# nova/virt/disk/mount/api.py: 'mount', mapped_device -# nova/virt/disk/api.py: 'mount', '-o', 'bind', src, target -# nova/virt/xenapi/vm_utils.py: 'mount', '-t', 'ext2,ext3,ext4,reiserfs'.. -# nova/virt/configdrive.py: 'mount', device, mountdir -mount: CommandFilter, /bin/mount, root - -# nova/virt/disk/mount/api.py: 'umount', mapped_device -# nova/virt/disk/api.py: 'umount' target -# nova/virt/xenapi/vm_utils.py: 'umount', dev_path -# nova/virt/configdrive.py: 'umount', mountdir -umount: CommandFilter, /bin/umount, root - -# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-c', device, image -# nova/virt/disk/mount/nbd.py: 'qemu-nbd', '-d', device -qemu-nbd: CommandFilter, /usr/bin/qemu-nbd, root - -# nova/virt/disk/mount/loop.py: 'losetup', '--find', '--show', image -# nova/virt/disk/mount/loop.py: 'losetup', '--detach', device -losetup: CommandFilter, /sbin/losetup, root - -# nova/virt/disk/vfs/localfs.py: 'tee', canonpath -tee: CommandFilter, /usr/bin/tee, root - -# nova/virt/disk/vfs/localfs.py: 'mkdir', canonpath -mkdir: CommandFilter, /bin/mkdir, root - -# nova/virt/disk/vfs/localfs.py: 'chown' -# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log -# nova/virt/libvirt/connection.py: 'chown', os.getuid( console_log -# nova/virt/libvirt/connection.py: 'chown', 'root', basepath('disk') -# nova/utils.py: 'chown', owner_uid, path -chown: CommandFilter, /bin/chown, root - -# nova/virt/disk/vfs/localfs.py: 'chmod' -chmod: CommandFilter, /bin/chmod, root - -# nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap' -# nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up' -# nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev -# nova/network/linux_net.py: 'ip', 'addr', 'add', str(floating_ip)+'/32'i.. -# nova/network/linux_net.py: 'ip', 'addr', 'del', str(floating_ip)+'/32'.. -# nova/network/linux_net.py: 'ip', 'addr', 'add', '169.254.169.254/32',.. -# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', dev, 'scope',.. -# nova/network/linux_net.py: 'ip', 'addr', 'del/add', ip_params, dev) -# nova/network/linux_net.py: 'ip', 'addr', 'del', params, fields[-1] -# nova/network/linux_net.py: 'ip', 'addr', 'add', params, bridge -# nova/network/linux_net.py: 'ip', '-f', 'inet6', 'addr', 'change', .. -# nova/network/linux_net.py: 'ip', 'link', 'set', 'dev', dev, 'promisc',.. -# nova/network/linux_net.py: 'ip', 'link', 'add', 'link', bridge_if ... -# nova/network/linux_net.py: 'ip', 'link', 'set', interface, address,.. -# nova/network/linux_net.py: 'ip', 'link', 'set', interface, 'up' -# nova/network/linux_net.py: 'ip', 'link', 'set', bridge, 'up' -# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, .. -# nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, .. -# nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up' -# nova/network/linux_net.py: 'ip', 'route', 'add', .. -# nova/network/linux_net.py: 'ip', 'route', 'del', . -# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev -ip: CommandFilter, /sbin/ip, root - -# nova/virt/libvirt/vif.py: 'tunctl', '-b', '-t', dev -# nova/network/linux_net.py: 'tunctl', '-b', '-t', dev -tunctl: CommandFilter, tunctl, root - -# nova/virt/libvirt/vif.py: 'ovs-vsctl', ... -# nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ... -# nova/network/linux_net.py: 'ovs-vsctl', .... -ovs-vsctl: CommandFilter, /usr/bin/ovs-vsctl, root - -# nova/network/linux_net.py: 'ovs-ofctl', .... -ovs-ofctl: CommandFilter, /usr/bin/ovs-ofctl, root - -# nova/virt/libvirt/connection.py: 'dd', if=%s % virsh_output, ... -dd: CommandFilter, /bin/dd, root - -# nova/virt/xenapi/volume_utils.py: 'iscsiadm', '-m', ... -iscsiadm: CommandFilter, iscsiadm, root - -# nova/virt/libvirt/volume.py: 'aoe-revalidate', aoedev -# nova/virt/libvirt/volume.py: 'aoe-discover' -aoe-revalidate: CommandFilter, /usr/sbin/aoe-revalidate, root -aoe-discover: CommandFilter, /usr/sbin/aoe-discover, root - -# nova/virt/xenapi/vm_utils.py: parted, --script, ... -# nova/virt/xenapi/vm_utils.py: 'parted', '--script', dev_path, ..*. -parted: CommandFilter, parted, root - -# nova/virt/xenapi/vm_utils.py: 'pygrub', '-qn', dev_path -pygrub: CommandFilter, /usr/bin/pygrub, root - -# nova/virt/xenapi/vm_utils.py: fdisk %(dev_path)s -fdisk: CommandFilter, /sbin/fdisk, root - -# nova/virt/xenapi/vm_utils.py: e2fsck, -f, -p, partition_path -# nova/virt/disk/api.py: e2fsck, -f, -p, image -e2fsck: CommandFilter, /sbin/e2fsck, root - -# nova/virt/xenapi/vm_utils.py: resize2fs, partition_path -# nova/virt/disk/api.py: resize2fs, image -resize2fs: CommandFilter, /sbin/resize2fs, root - -# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ... -iptables-save: CommandFilter, iptables-save, root -ip6tables-save: CommandFilter, ip6tables-save, root - -# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,) -iptables-restore: CommandFilter, iptables-restore, root -ip6tables-restore: CommandFilter, ip6tables-restore, root - -# nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ... -# nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],.. -arping: CommandFilter, arping, root - -# nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address -dhcp_release: CommandFilter, /usr/bin/dhcp_release, root - -# nova/network/linux_net.py: 'kill', '-9', pid -# nova/network/linux_net.py: 'kill', '-HUP', pid -kill_dnsmasq: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP - -# nova/network/linux_net.py: 'kill', pid -kill_radvd: KillFilter, root, /usr/sbin/radvd - -# nova/network/linux_net.py: dnsmasq call -dnsmasq: DnsmasqFilter, /usr/sbin/dnsmasq, root -dnsmasq_deprecated: DeprecatedDnsmasqFilter, /usr/sbin/dnsmasq, root - -# nova/network/linux_net.py: 'radvd', '-C', '%s' % _ra_file(dev, 'conf'.. -radvd: CommandFilter, /usr/sbin/radvd, root - -# nova/network/linux_net.py: 'brctl', 'addbr', bridge -# nova/network/linux_net.py: 'brctl', 'setfd', bridge, 0 -# nova/network/linux_net.py: 'brctl', 'stp', bridge, 'off' -# nova/network/linux_net.py: 'brctl', 'addif', bridge, interface -brctl: CommandFilter, brctl, root - -# nova/virt/libvirt/utils.py: 'mkswap' -# nova/virt/xenapi/vm_utils.py: 'mkswap' -mkswap: CommandFilter, /sbin/mkswap, root - -# nova/virt/xenapi/vm_utils.py: 'mkfs' -mkfs: CommandFilter, /sbin/mkfs, root - -# nova/virt/libvirt/utils.py: 'qemu-img' -qemu-img: CommandFilter, /usr/bin/qemu-img, root - -# nova/virt/disk/vfs/localfs.py: 'readlink', '-e' -readlink: CommandFilter, readlink, root - -# nova/virt/disk/api.py: 'touch', target -touch: CommandFilter, /usr/bin/touch, root - -# nova/virt/libvirt/connection.py: -read_initiator: ReadFileFilter, /etc/iscsi/initiatorname.iscsi - -# nova/virt/libvirt/connection.py: -lvremove: CommandFilter, /sbin/lvremove, root - -# nova/virt/libvirt/utils.py: -lvcreate: CommandFilter, /sbin/lvcreate, root - -# nova/virt/libvirt/utils.py: -lvs: CommandFilter, /sbin/lvs, root - -# nova/virt/libvirt/utils.py: -vgs: CommandFilter, /sbin/vgs, root - -# nova/virt/baremetal/volume_driver.py: 'tgtadm', '--lld', 'iscsi', ... -tgtadm: CommandFilter, /usr/sbin/tgtadm, root - -# nova/utils.py:read_file_as_root: 'cat', file_path -# (called from nova/virt/disk/vfs/localfs.py:VFSLocalFS.read_file) -read_passwd: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/passwd -read_shadow: RegExpFilter, cat, root, cat, (/var|/usr)?/tmp/openstack-vfs-localfs[^/]+/etc/shadow - diff --git a/elements/nova/os-config-applier/etc/nova/rootwrap.d/network.filters b/elements/nova/os-config-applier/etc/nova/rootwrap.d/network.filters deleted file mode 100644 index c58bc77e7..000000000 --- a/elements/nova/os-config-applier/etc/nova/rootwrap.d/network.filters +++ /dev/null @@ -1,78 +0,0 @@ -# nova-rootwrap command filters for network nodes -# This file should be owned by (and only-writeable by) the root user - -[Filters] -# nova/virt/libvirt/vif.py: 'ip', 'tuntap', 'add', dev, 'mode', 'tap' -# nova/virt/libvirt/vif.py: 'ip', 'link', 'set', dev, 'up' -# nova/virt/libvirt/vif.py: 'ip', 'link', 'delete', dev -# nova/network/linux_net.py: 'ip', 'addr', 'add', str(floating_ip)+'/32'i.. -# nova/network/linux_net.py: 'ip', 'addr', 'del', str(floating_ip)+'/32'.. -# nova/network/linux_net.py: 'ip', 'addr', 'add', '169.254.169.254/32',.. -# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', dev, 'scope',.. -# nova/network/linux_net.py: 'ip', 'addr', 'del/add', ip_params, dev) -# nova/network/linux_net.py: 'ip', 'addr', 'del', params, fields[-1] -# nova/network/linux_net.py: 'ip', 'addr', 'add', params, bridge -# nova/network/linux_net.py: 'ip', '-f', 'inet6', 'addr', 'change', .. -# nova/network/linux_net.py: 'ip', 'link', 'set', 'dev', dev, 'promisc',.. -# nova/network/linux_net.py: 'ip', 'link', 'add', 'link', bridge_if ... -# nova/network/linux_net.py: 'ip', 'link', 'set', interface, address,.. -# nova/network/linux_net.py: 'ip', 'link', 'set', interface, 'up' -# nova/network/linux_net.py: 'ip', 'link', 'set', bridge, 'up' -# nova/network/linux_net.py: 'ip', 'addr', 'show', 'dev', interface, .. -# nova/network/linux_net.py: 'ip', 'link', 'set', dev, address, .. -# nova/network/linux_net.py: 'ip', 'link', 'set', dev, 'up' -# nova/network/linux_net.py: 'ip', 'route', 'add', .. -# nova/network/linux_net.py: 'ip', 'route', 'del', . -# nova/network/linux_net.py: 'ip', 'route', 'show', 'dev', dev -ip: CommandFilter, /sbin/ip, root - -# nova/virt/libvirt/vif.py: 'ovs-vsctl', ... -# nova/virt/libvirt/vif.py: 'ovs-vsctl', 'del-port', ... -# nova/network/linux_net.py: 'ovs-vsctl', .... -ovs-vsctl: CommandFilter, /usr/bin/ovs-vsctl, root - -# nova/network/linux_net.py: 'ovs-ofctl', .... -ovs-ofctl: CommandFilter, /usr/bin/ovs-ofctl, root - -# nova/network/linux_net.py: 'ebtables', '-D' ... -# nova/network/linux_net.py: 'ebtables', '-I' ... -ebtables: CommandFilter, /sbin/ebtables, root -ebtables_usr: CommandFilter, /usr/sbin/ebtables, root - -# nova/network/linux_net.py: 'ip[6]tables-save' % (cmd, '-t', ... -iptables-save: CommandFilter, iptables-save, root -ip6tables-save: CommandFilter, ip6tables-save, root - -# nova/network/linux_net.py: 'ip[6]tables-restore' % (cmd,) -iptables-restore: CommandFilter, iptables-restore, root -ip6tables-restore: CommandFilter, ip6tables-restore, root - -# nova/network/linux_net.py: 'arping', '-U', floating_ip, '-A', '-I', ... -# nova/network/linux_net.py: 'arping', '-U', network_ref['dhcp_server'],.. -arping: CommandFilter, arping, root - -# nova/network/linux_net.py: 'dhcp_release', dev, address, mac_address -dhcp_release: CommandFilter, /usr/bin/dhcp_release, root - -# nova/network/linux_net.py: 'kill', '-9', pid -# nova/network/linux_net.py: 'kill', '-HUP', pid -kill_dnsmasq: KillFilter, root, /usr/sbin/dnsmasq, -9, -HUP - -# nova/network/linux_net.py: 'kill', pid -kill_radvd: KillFilter, root, /usr/sbin/radvd - -# nova/network/linux_net.py: dnsmasq call -dnsmasq: DnsmasqFilter, /usr/sbin/dnsmasq, root -dnsmasq_deprecated: DeprecatedDnsmasqFilter, /usr/sbin/dnsmasq, root - -# nova/network/linux_net.py: 'radvd', '-C', '%s' % _ra_file(dev, 'conf'.. -radvd: CommandFilter, /usr/sbin/radvd, root - -# nova/network/linux_net.py: 'brctl', 'addbr', bridge -# nova/network/linux_net.py: 'brctl', 'setfd', bridge, 0 -# nova/network/linux_net.py: 'brctl', 'stp', bridge, 'off' -# nova/network/linux_net.py: 'brctl', 'addif', bridge, interface -brctl: CommandFilter, brctl, root - -# nova/network/linux_net.py: 'sysctl', .... -sysctl: CommandFilter, /sbin/sysctl, root diff --git a/elements/nova/os-refresh-config/post-configure.d/74-nova b/elements/nova/os-refresh-config/post-configure.d/74-nova deleted file mode 100755 index 4d71162b3..000000000 --- a/elements/nova/os-refresh-config/post-configure.d/74-nova +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -set -eux - -modprobe nbd || true - -chown -R nova:nova /var/log/nova - -# TODO: for compute nodes only -mkdir -p /var/run/nova/instances -chown -R nova:nova /var/run/nova -mkdir -p /tftpboot -chown -R nova:nova /tftpboot -service nova-conductor restart -service nova-api restart -service nova-cert restart -service nova-rpc-zmq-receiver restart -service nova-compute restart -service nova-scheduler restart -service nova-consoleauth restart -service nova-baremetal-deploy-helper restart -service nova-bm-dnsmasq restart diff --git a/elements/openstack-all/README.md b/elements/openstack-all/README.md deleted file mode 100644 index d14533f2a..000000000 --- a/elements/openstack-all/README.md +++ /dev/null @@ -1,2 +0,0 @@ -Installs all openstack components in a single image. - diff --git a/elements/openstack-all/element-deps b/elements/openstack-all/element-deps deleted file mode 100644 index 1eb880cc8..000000000 --- a/elements/openstack-all/element-deps +++ /dev/null @@ -1,6 +0,0 @@ -glance-api -keystone -mysql -nova-api -nova-vm -quantum-api diff --git a/elements/openstack-db/README.md b/elements/openstack-db/README.md deleted file mode 100644 index 9f6763f40..000000000 --- a/elements/openstack-db/README.md +++ /dev/null @@ -1,2 +0,0 @@ -Installs all openstack sql databases on a single server, -for the purpose of building a bootstrap image. diff --git a/elements/openstack-db/element-deps b/elements/openstack-db/element-deps deleted file mode 100644 index 922e0545d..000000000 --- a/elements/openstack-db/element-deps +++ /dev/null @@ -1,2 +0,0 @@ -os-svc-install -keystone-config diff --git a/elements/openstack-db/first-boot.d/50-openstack-db b/elements/openstack-db/first-boot.d/50-openstack-db deleted file mode 100755 index ed8585870..000000000 --- a/elements/openstack-db/first-boot.d/50-openstack-db +++ /dev/null @@ -1,26 +0,0 @@ -#!/bin/bash -set -eu - -# TODO: make this easily configurable -db_pass=stackdb - -service mysql restart - -create-os-db keystone keystone $db_pass -keystone-manage db_sync - -create-os-db cinder cinder $db_pass -cinder-manage db sync - -create-os-db nova nova $db_pass -nova-manage db sync - -create-os-db nova_bm nova $db_pass -nova-baremetal-manage db sync - -create-os-db glance glance $db_pass -glance-manage db_sync - -create-os-db ovs_quantum quantum $db_pass - - diff --git a/elements/openstack-db/install.d/50-openstack-db b/elements/openstack-db/install.d/50-openstack-db deleted file mode 100755 index caba91eb3..000000000 --- a/elements/openstack-db/install.d/50-openstack-db +++ /dev/null @@ -1,11 +0,0 @@ -#!/bin/bash -set -eu - -install-packages mysql-server python-mysqldb -sed -i 's/127.0.0.1/0.0.0.0/g' /etc/mysql/my.cnf - -os-svc-install -u keystone -r https://github.com/openstack/keystone.git -os-svc-install -u cinder -r https://github.com/openstack/cinder.git -os-svc-install -u nova -r https://github.com/openstack/nova.git -os-svc-install -u glance -r https://github.com/openstack/glance.git -os-svc-install -u quantum -r https://github.com/openstack/quantum.git diff --git a/elements/os-config-applier/README.md b/elements/os-config-applier/README.md deleted file mode 100644 index ff4df36a2..000000000 --- a/elements/os-config-applier/README.md +++ /dev/null @@ -1,3 +0,0 @@ -Install os-config-applier. Also copy any templates placed in any element -root under the sub-directory 'os-config-applier' into the appropriate -template directory. diff --git a/elements/os-config-applier/element-deps b/elements/os-config-applier/element-deps deleted file mode 100644 index 33d7e82b2..000000000 --- a/elements/os-config-applier/element-deps +++ /dev/null @@ -1 +0,0 @@ -os-refresh-config diff --git a/elements/os-config-applier/install.d/10-os-config-applier b/elements/os-config-applier/install.d/10-os-config-applier deleted file mode 100755 index 586ef4912..000000000 --- a/elements/os-config-applier/install.d/10-os-config-applier +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -set -eux - -install-packages git-core python-pip -pip install -U git+https://github.com/stackforge/os-config-applier.git - -TEMPLATE_ROOT=$(os-config-applier --print-templates) -mkdir -p $TEMPLATE_ROOT diff --git a/elements/os-config-applier/install.d/99-install-config-templates b/elements/os-config-applier/install.d/99-install-config-templates deleted file mode 100755 index eca064d06..000000000 --- a/elements/os-config-applier/install.d/99-install-config-templates +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Note that this relies on the detail that all elements share one dir -# inside the chroot. This will copy all the files that elements have -# added to element/os-config-applier into the appropriate location. -set -eux -TEMPLATE_ROOT=$(os-config-applier --print-templates) -TEMPLATE_SOURCE=$(dirname $0)/../os-config-applier -rsync -r $TEMPLATE_SOURCE/ $TEMPLATE_ROOT/ diff --git a/elements/os-config-applier/os-config-applier/.os-config-applier b/elements/os-config-applier/os-config-applier/.os-config-applier deleted file mode 100644 index e69de29bb..000000000 diff --git a/elements/os-config-applier/os-refresh-config/configure.d/50-os-config-applier b/elements/os-config-applier/os-refresh-config/configure.d/50-os-config-applier deleted file mode 100755 index 9549501e2..000000000 --- a/elements/os-config-applier/os-refresh-config/configure.d/50-os-config-applier +++ /dev/null @@ -1,2 +0,0 @@ -#!/bin/bash -exec os-config-applier -s OpenStack::Config diff --git a/elements/os-refresh-config/README.md b/elements/os-refresh-config/README.md deleted file mode 100644 index be72c3dbc..000000000 --- a/elements/os-refresh-config/README.md +++ /dev/null @@ -1,32 +0,0 @@ -Install os-refresh-config. - -os-refresh-config uses run-parts to run scripts in a pre-defined set -of directories. Its intended purpose is to quiesce (pre-configure.d), -configure (configure.d), migrate (migration.d), and then activate -(post-configure.d) a configuration on first boot or in response to Heat -Metadata changes. - -To cause a script to be run on every os-refresh-config run, install -it into one of the following directories: -```` -/opt/stack/os-refresh-config/pre-configure.d -/opt/stack/os-refresh-config/configure.d -/opt/stack/os-refresh-config/migration.d -/opt/stack/os-refresh-config/post-configure.d -``` - -If you want to have os-refresh-config run on any updates to a particular -Resource in the heat stack, you will need at the minimum the following snippet -of json in this instance's Metadata: - -{ - "OpenStack::Config": { - "heat": - "access_key_id": {"Ref": "ApiKeyResource"}, - "secret_key": {"Fn::GetAtt": [ "ApiKeyResource", "SecretAccessKey" ]}, - "refresh": [ {"resource": "SomeResource"} ], - "stack": {Ref: 'AWS::Stack'}, - "region": {Ref: 'AWS::Region'} - } - } -} diff --git a/elements/os-refresh-config/install.d/01-os-refresh-config b/elements/os-refresh-config/install.d/01-os-refresh-config deleted file mode 100755 index 41abbe4e1..000000000 --- a/elements/os-refresh-config/install.d/01-os-refresh-config +++ /dev/null @@ -1,37 +0,0 @@ -#!/bin/bash -# We need to install this early in install.d because other elements will -# need to use os-refresh-config --print-base to know where to put files - -set -eux - -install-packages git-core python-pip - -pip install git+https://github.com/tripleo/os-refresh-config.git - -for d in pre-configure.d configure.d migration.d post-configure.d; do - install -m 0755 -o root -g root -d /opt/stack/os-config-refresh/$d -done - -# Upstart -if [ -d /etc/init ] ; then - cat > /etc/init/os-refresh-config.conf < /etc/systemd/system/os-refresh-config.service < /etc/init/$name.conf < /etc/sudoers.d/quantum -chmod 0440 /etc/sudoers.d/quantum -visudo -c diff --git a/elements/quantum/os-config-applier/etc/quantum/api-paste.ini b/elements/quantum/os-config-applier/etc/quantum/api-paste.ini deleted file mode 100644 index 69ae06567..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/api-paste.ini +++ /dev/null @@ -1,35 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[composite:quantum] -use = egg:Paste#urlmap -/: quantumversions -/v2.0: quantumapi_v2_0 - -[composite:quantumapi_v2_0] -use = call:quantum.auth:pipeline_factory -noauth = extensions quantumapiapp_v2_0 -keystone = authtoken keystonecontext extensions quantumapiapp_v2_0 - -[filter:keystonecontext] -paste.filter_factory = quantum.auth:QuantumKeystoneContext.factory - -[filter:authtoken] -paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory -auth_host = {{keystone.host}} -auth_port = 35357 -admin_tenant_name = service -admin_user = quantum -admin_password = {{service-password}} - -[filter:extensions] -paste.filter_factory = quantum.api.extensions:plugin_aware_extension_middleware_factory - -[app:quantumversions] -paste.app_factory = quantum.api.versions:Versions.factory - -[app:quantumapiapp_v2_0] -paste.app_factory = quantum.api.v2.router:APIRouter.factory diff --git a/elements/quantum/os-config-applier/etc/quantum/dhcp_agent.ini b/elements/quantum/os-config-applier/etc/quantum/dhcp_agent.ini deleted file mode 100644 index 8cf536212..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/dhcp_agent.ini +++ /dev/null @@ -1,13 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder -[DEFAULT] -debug = True - -state_path = /var/run/quantum -interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver -dhcp_driver = quantum.agent.linux.dhcp.Dnsmasq -root_helper = sudo /usr/bin/quantum-rootwrap /etc/quantum/rootwrap.conf -use_namespaces = True diff --git a/elements/quantum/os-config-applier/etc/quantum/l3_agent.ini b/elements/quantum/os-config-applier/etc/quantum/l3_agent.ini deleted file mode 100644 index aba27de1f..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/l3_agent.ini +++ /dev/null @@ -1,19 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -debug = True - -interface_driver = quantum.agent.linux.interface.OVSInterfaceDriver - -state_path = /var/run/quantum - -auth_url = http://{{keystone.host}}:35357/v2.0 -admin_tenant_name = service -admin_user = quantum -admin_password = {{service-password}} -metadata_ip = 192.168.0.1 -use_namespaces = True diff --git a/elements/quantum/os-config-applier/etc/quantum/metadata_agent.ini b/elements/quantum/os-config-applier/etc/quantum/metadata_agent.ini deleted file mode 100644 index 8e191a9a1..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/metadata_agent.ini +++ /dev/null @@ -1,6 +0,0 @@ -[DEFAULT] -auth_url = http://{{keystone.host}}:35357/v2.0 -auth_region = RegionOne -admin_tenant_name = service -admin_user = quantum -admin_password = {{admin-password}} diff --git a/elements/quantum/os-config-applier/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini b/elements/quantum/os-config-applier/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini deleted file mode 100644 index f13475c20..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/plugins/openvswitch/ovs_quantum_plugin.ini +++ /dev/null @@ -1,21 +0,0 @@ -[DATABASE] -sql_connection = {{quantum.ovs_db}} - -reconnect_interval = 2 - -[OVS] -bridge_mappings = ctlplane:br-ctlplane -network_vlan_ranges = ctlplane - -tenant_network_type = gre -tunnel_id_ranges = 1:1000 -enable_tunneling = False -integration_bridge = br-int -tunnel_bridge = br-tun -local_ip = 10.10.10.1 - - -[AGENT] -root_helper = sudo -polling_interval = 2 - diff --git a/elements/quantum/os-config-applier/etc/quantum/policy.json b/elements/quantum/os-config-applier/etc/quantum/policy.json deleted file mode 100644 index fa7efe812..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/policy.json +++ /dev/null @@ -1,53 +0,0 @@ -{ - "admin_or_owner": "role:admin or tenant_id:%(tenant_id)s", - "admin_or_network_owner": "role:admin or tenant_id:%(network_tenant_id)s", - "admin_only": "role:admin", - "regular_user": "", - "shared": "field:networks:shared=True", - "external": "field:networks:router:external=True", - "default": "rule:admin_or_owner", - - "extension:provider_network:view": "rule:admin_only", - "extension:provider_network:set": "rule:admin_only", - - "extension:router:view": "rule:regular_user", - "extension:router:set": "rule:admin_only", - "extension:router:add_router_interface": "rule:admin_or_owner", - "extension:router:remove_router_interface": "rule:admin_or_owner", - - "extension:port_binding:view": "rule:admin_only", - "extension:port_binding:set": "rule:admin_only", - - "subnets:private:read": "rule:admin_or_owner", - "subnets:private:write": "rule:admin_or_owner", - "subnets:shared:read": "rule:regular_user", - "subnets:shared:write": "rule:admin_only", - - "create_subnet": "rule:admin_or_network_owner", - "get_subnet": "rule:admin_or_owner or rule:shared", - "update_subnet": "rule:admin_or_network_owner", - "delete_subnet": "rule:admin_or_network_owner", - - "create_network": "", - "get_network": "rule:admin_or_owner or rule:shared or rule:external", - "create_network:shared": "rule:admin_only", - "create_network:router:external": "rule:admin_only", - "update_network": "rule:admin_or_owner", - "delete_network": "rule:admin_or_owner", - - "create_port": "", - "create_port:mac_address": "rule:admin_or_network_owner", - "create_port:fixed_ips": "rule:admin_or_network_owner", - "create_port:port_security_enabled": "rule:admin_or_network_owner", - "get_port": "rule:admin_or_owner", - "update_port": "rule:admin_or_owner", - "update_port:fixed_ips": "rule:admin_or_network_owner", - "update_port:port_security_enabled": "rule:admin_or_network_owner", - "delete_port": "rule:admin_or_owner", - - "extension:service_type:view_extended": "rule:admin_only", - "create_service_type": "rule:admin_only", - "update_service_type": "rule:admin_only", - "delete_service_type": "rule:admin_only", - "get_service_type": "rule:regular_user" -} diff --git a/elements/quantum/os-config-applier/etc/quantum/quantum.conf b/elements/quantum/os-config-applier/etc/quantum/quantum.conf deleted file mode 100644 index 748114c30..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/quantum.conf +++ /dev/null @@ -1,50 +0,0 @@ -## NB: Unpolished config file -## This config file was taken directly from the upstream repo, and tweaked just enough to work. -## It has not been audited to ensure that everything present is either Heat controlled or a mandatory as-is setting. -## Please submit patches for any setting that should be deleted or Heat-configurable. -## https://github.com/stackforge/diskimage-builder - -[DEFAULT] -debug = True - -network_vlan_ranges = {{interfaces.control}} - -auth_strategy = keystone -allow_overlapping_ips = False -debug = True -verbose = True -core_plugin = quantum.plugins.openvswitch.ovs_quantum_plugin.OVSQuantumPluginV2 -rabbit_host = {{rabbit.host}} -rabbit_password = {{rabbit.password}} -rpc_backend = quantum.openstack.common.rpc.impl_kombu - -bind_host = 0.0.0.0 - -bind_port = 9696 - -api_paste_config = api-paste.ini - -control_exchange = quantum - -notification_driver = quantum.openstack.common.notifier.rpc_notifier - - -notification_topics = notifications - -[QUOTAS] - -[DEFAULT_SERVICETYPE] - -[SECURITYGROUP] - -[AGENT] - -[keystone_authtoken] -auth_host = {{keystone.host}} -auth_port = 35357 -auth_protocol = http -auth_protocol = http -admin_tenant_name = service -admin_user = quantum -admin_password = {{service-password}} -signing_dir = /var/lib/quantum/keystone-signing diff --git a/elements/quantum/os-config-applier/etc/quantum/rootwrap.conf b/elements/quantum/os-config-applier/etc/quantum/rootwrap.conf deleted file mode 100644 index 5f88a6ad6..000000000 --- a/elements/quantum/os-config-applier/etc/quantum/rootwrap.conf +++ /dev/null @@ -1,4 +0,0 @@ -[DEFAULT] -# List of directories to load filter definitions from (separated by ','). -# These directories MUST all be only writeable by root ! -filters_path=/etc/quantum/rootwrap.d,/usr/share/quantum/rootwrap diff --git a/elements/quantum/os-refresh-config/post-configure.d/76-quantum b/elements/quantum/os-refresh-config/post-configure.d/76-quantum deleted file mode 100755 index 1e2cc2956..000000000 --- a/elements/quantum/os-refresh-config/post-configure.d/76-quantum +++ /dev/null @@ -1,4 +0,0 @@ -#!/bin/bash -set -eux -service quantum-server restart -service quantum-openvswitch-agent restart diff --git a/elements/salt-master/README.md b/elements/salt-master/README.md deleted file mode 100644 index 326b91f65..000000000 --- a/elements/salt-master/README.md +++ /dev/null @@ -1 +0,0 @@ -Adds salt-master, a config-management tool, to the image. diff --git a/elements/salt-master/install.d/10-salt-master b/elements/salt-master/install.d/10-salt-master deleted file mode 100755 index b16d93449..000000000 --- a/elements/salt-master/install.d/10-salt-master +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e -set -o xtrace - -install-packages salt-master - diff --git a/elements/salt-master/pre-install.d/10-salt-master b/elements/salt-master/pre-install.d/10-salt-master deleted file mode 100755 index dd1389a73..000000000 --- a/elements/salt-master/pre-install.d/10-salt-master +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Add the salt PPA - -set -e -set -o xtrace - -add-apt-repository -y ppa:saltstack/salt - diff --git a/elements/salt-minion/README.md b/elements/salt-minion/README.md deleted file mode 100644 index 14508ec2f..000000000 --- a/elements/salt-minion/README.md +++ /dev/null @@ -1 +0,0 @@ -Adds salt-minion, a config-management tool, to the image. diff --git a/elements/salt-minion/install.d/10-salt-minion b/elements/salt-minion/install.d/10-salt-minion deleted file mode 100755 index 15d5ee4df..000000000 --- a/elements/salt-minion/install.d/10-salt-minion +++ /dev/null @@ -1,7 +0,0 @@ -#!/bin/bash - -set -e -set -o xtrace - -install-packages salt-minion - diff --git a/elements/salt-minion/pre-install.d/10-salt-minion b/elements/salt-minion/pre-install.d/10-salt-minion deleted file mode 100755 index dd1389a73..000000000 --- a/elements/salt-minion/pre-install.d/10-salt-minion +++ /dev/null @@ -1,8 +0,0 @@ -#!/bin/bash -# Add the salt PPA - -set -e -set -o xtrace - -add-apt-repository -y ppa:saltstack/salt - diff --git a/elements/stackuser/README.md b/elements/stackuser/README.md deleted file mode 100644 index 7f053bd63..000000000 --- a/elements/stackuser/README.md +++ /dev/null @@ -1,4 +0,0 @@ -Creates a user 'stack' with password 'stack'. - -This user can be customised with an SSH key and proxy details if the -local-config element is also used. diff --git a/elements/stackuser/install.d/50-user b/elements/stackuser/install.d/50-user deleted file mode 100755 index 6f2e706ab..000000000 --- a/elements/stackuser/install.d/50-user +++ /dev/null @@ -1,28 +0,0 @@ -#!/bin/bash -# Add the stack user we recommend folk use. - -set -e -set -o xtrace - -useradd -m stack -s /bin/bash - -passwd stack < /etc/sudoers.d/stack <> /home/stack/.ssh/authorized_keys - chown -R stack:stack /home/stack/.ssh -fi diff --git a/elements/swift/README.md b/elements/swift/README.md deleted file mode 100644 index 8527ab3bb..000000000 --- a/elements/swift/README.md +++ /dev/null @@ -1 +0,0 @@ -Sets up a swift install in the image. diff --git a/elements/swift/install.d/10-swift-deps b/elements/swift/install.d/10-swift-deps deleted file mode 100755 index 57e521387..000000000 --- a/elements/swift/install.d/10-swift-deps +++ /dev/null @@ -1,9 +0,0 @@ -#!/bin/sh - -# Install controller openstack packages - -set -e -set -o xtrace - -install-packages swift rsync memcached python-netifaces python-xattr python-memcache - diff --git a/elements/tripleo-staging/README.md b/elements/tripleo-staging/README.md deleted file mode 100644 index a2c68f2f7..000000000 --- a/elements/tripleo-staging/README.md +++ /dev/null @@ -1,4 +0,0 @@ -Adds the tripleo demo staging repository. - -This is used when testing builds of new plumbing (such as qemu-kvm). Most folk -should not need it. diff --git a/elements/tripleo-staging/pre-install.d/01-bleeding-edge b/elements/tripleo-staging/pre-install.d/01-bleeding-edge deleted file mode 100755 index 449446f30..000000000 --- a/elements/tripleo-staging/pre-install.d/01-bleeding-edge +++ /dev/null @@ -1,6 +0,0 @@ -#!/bin/bash -# Install bleeding edge tools instead of stable ones. - -set -e - -add-apt-repository -y ppa:tripleo/demo-staging