setup-compute-network.sh 2.83 KB
Newer Older
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29
#!/bin/sh

##
## Setup a OpenStack compute node for Nova.
##

set -x

# Gotta know the rules!
if [ $EUID -ne 0 ] ; then
    echo "This script must be run as root" 1>&2
    exit 1
fi

# Grab our libs
. "`dirname $0`/setup-lib.sh"

if [ "$HOSTNAME" = "$CONTROLLER" -o "$HOSTNAME" = "$NETWORKMANAGER" ]; then
    exit 0;
fi

if [ -f $OURDIR/setup-compute-network-done ]; then
    exit 0
fi

if [ -f $SETTINGS ]; then
    . $SETTINGS
fi

30 31
# Grab the neutron configuration we computed in setup-lib.sh
. $OURDIR/info.neutron
32 33 34 35

cat <<EOF >> /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
36 37
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
38 39 40 41
EOF

sysctl -p

David Johnson's avatar
David Johnson committed
42
$APTGETINSTALL neutron-plugin-ml2 neutron-plugin-openvswitch-agent
43 44 45 46 47 48 49 50 51 52 53

sed -i -e "s/^\\(.*connection.*=.*\\)$/#\1/" /etc/neutron/neutron.conf
sed -i -e "s/^\\(.*auth_host.*=.*\\)$/#\1/" /etc/neutron/neutron.conf
sed -i -e "s/^\\(.*auth_port.*=.*\\)$/#\1/" /etc/neutron/neutron.conf
sed -i -e "s/^\\(.*auth_protocol.*=.*\\)$/#\1/" /etc/neutron/neutron.conf

# Just slap these in.
cat <<EOF >> /etc/neutron/neutron.conf
[DEFAULT]
rpc_backend = rabbit
rabbit_host = $CONTROLLER
David Johnson's avatar
David Johnson committed
54
rabbit_userid = ${RABBIT_USER}
55 56 57
rabbit_password = ${RABBIT_PASS}
auth_strategy = keystone
core_plugin = ml2
58
service_plugins = router,metering
59 60 61 62 63 64 65 66 67 68 69
allow_overlapping_ips = True
verbose = True

[keystone_authtoken]
auth_uri = http://$CONTROLLER:5000/v2.0
identity_uri = http://$CONTROLLER:35357
admin_tenant_name = service
admin_user = neutron
admin_password = ${NEUTRON_PASS}
EOF

70 71 72 73
fwdriver="neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
if [ ${DISABLE_SECURITY_GROUPS} -eq 1 ]; then
    fwdriver="neutron.agent.firewall.NoopFirewallDriver"
fi
74 75 76 77

# Just slap these in.
cat <<EOF >> /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
78 79
type_drivers = ${network_types}
tenant_network_types = ${network_types}
80 81 82
mechanism_drivers = openvswitch

[ml2_type_flat]
83
flat_networks = ${flat_networks}
84 85 86 87

[ml2_type_gre]
tunnel_id_ranges = 1:1000

88 89 90
[ml2_type_vlan]
${network_vlan_ranges}

91 92 93
[ml2_type_vxlan]
vni_ranges = 1001:2000

94 95 96
[securitygroup]
enable_security_group = True
enable_ipset = True
97
firewall_driver = $fwdriver
98 99

[ovs]
100 101 102
${gre_local_ip}
${enable_tunneling}
${bridge_mappings}
103 104

[agent]
105
${tunnel_types}
106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130
EOF

cat <<EOF >> /etc/nova/nova.conf
[DEFAULT]
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[neutron]
url = http://$CONTROLLER:9696
auth_strategy = keystone
admin_auth_url = http://$CONTROLLER:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = ${NEUTRON_PASS}
EOF

service openvswitch-switch restart
service nova-compute restart
service neutron-plugin-openvswitch-agent restart

touch $OURDIR/setup-compute-network-done

exit 0