Commit 6d23a989 authored by David Johnson's avatar David Johnson

Add Mitaka; unified controller/networkmanager; Manila; linuxbridge.

The feature notes:

  * Mitaka is now the default OpenStack release configured by this
    profile.  Kilo and Juno are deprecated, and we are no longer testing
    the profile's functionality under those versions (although we have
    no concrete plans to remove the code at this point).  They may
    continue to work, or they may not.  You should update to Mitaka if
    possible, of course.

  * The default topology is now down to two nodes: a controller (`ctl`)
    node and a compute (`cp-1`) node; the networkmanager node's
    functionality has been moved to the controller, as is the default in
    the OpenStack Ubuntu/Apt documentation.  You can return to the old
    three-node configuration by changing the name of the
    "networkmanager" node in the Advanced Parameters from `ctl` to `nm`.

  * One of the bigger Mitaka features is shared filesystem support
    (Manila).  We download a shared filesystem image and configure
    Manila so that you can immediately create a share and connect it to
    guests.

  * We have added support for the Neutron ML2 "Linuxbridge" driver,
    although we continue to install the "OpenVSwitch" ML2 driver by
    default.  The Linuxbridge driver is not as well-tested as the
    OpenVSwitch driver, in all possible configurations of this profile.
    Although OpenStack has switched to the linuxbridge driver as its
    default, we have no plans to do that yet.

  * You can now choose an Apt mirror and set a custom mirror path if you
    require fast localized access to a mirror.

  * The MTU that dnsmasq pushes to your OpenStack VMs has been reduced
    from 1454 bytes to 1450 bytes.  1454 is an adequate setting for GRE
    tunnels, of course, but not for VXLAN networks, which require 1450
    on a normal physical network with 1500-byte MTU.  Somehow this
    mistake escaped prior testing.

A few details:

  * I refactored the Neutron ML2 plugin setup code, since all nodes
    have to be configured essentially the same way.  Moreover, it
    supports either openvswitch or linuxbridge.

  * I haven't setup Manila for aarch64 because there is no available
    Manila service image for aarch64.  Have to build one of my own.
parent 4ace7c90
#!/usr/bin/env python
import sys
def mask2bits(mask):
ma = mask.split('.')
if len(ma) != 4:
print "ERROR: malformed subnet mask %s" % (mask,)
sys.exit(1)
last = 255
for octet in ma:
if not octet in ['255','254','252','248','240','224','192','128','0'] \
or int(octet) > last:
print "ERROR: malformed subnet mask %s" % (mask,)
sys.exit(1)
pass
last = int(octet)
pass
bits = 0
for octet in ma:
octet = int(octet)
if octet == 0:
break
for i in range(0,8):
bits += (1 & octet)
octet >>= 1
pass
pass
print str(bits)
return 0
if __name__ == '__main__':
if sys.argv < 3:
print "ERROR: must supply at least three arguments!"
sys.exit(1)
pass
if sys.argv[1] == 'mask2bits':
ret = mask2bits(sys.argv[2])
else:
print "ERROR: unsupported subcommand!"
sys.exit(1)
pass
sys.exit(ret)
pass
......@@ -26,8 +26,8 @@ pc = portal.Context()
# Define *many* parameters; see the help docs in geni-lib to learn how to modify.
#
pc.defineParameter("release","OpenStack Release",
portal.ParameterType.STRING,"liberty",[("liberty","Liberty"),("kilo","Kilo"),("juno","Juno")],
longDescription="We provide either OpenStack Liberty (Ubuntu 15.10); Kilo (Ubuntu 15.04); or Juno (Ubuntu 14.10). OpenStack is installed from packages available on these distributions.")
portal.ParameterType.STRING,"mitaka",[("mitaka","Mitaka"),("liberty","Liberty"),("kilo","Kilo (deprecated)"),("juno","Juno (deprecated)")],
longDescription="We provide OpenStack Mitaka (Ubuntu 16.04); Liberty (Ubuntu 15.10); Kilo (Ubuntu 15.04); or Juno (Ubuntu 14.10). OpenStack is installed from packages available on these distributions.")
pc.defineParameter("computeNodeCount", "Number of compute nodes (at Site 1)",
portal.ParameterType.INTEGER, 1)
pc.defineParameter("publicIPCount", "Number of public IP addresses",
......@@ -41,6 +41,19 @@ pc.defineParameter("osLinkSpeed", "Experiment Link Speed of all nodes",
[(0,"Any"),(1000000,"1Gb/s"),(10000000,"10Gb/s")],
longDescription="A specific link speed to use for each node. All experiment network interfaces will request this speed.")
pc.defineParameter("ml2plugin","ML2 Plugin",
portal.ParameterType.STRING,"openvswitch",
[("openvswitch","OpenVSwitch"),
("linuxbridge","Linux Bridge")],
longDescription="Starting in Liberty and onwards, we support both the OpenVSwitch and LinuxBridge ML2 plugins to create virtual networks in Neutron. OpenVSwitch remains our default and best-supported option. Note: you cannot use GRE tunnels with the LinuxBridge driver; you'll need to use VXLAN tunnels instead. And by default, the profile allocates 1 GRE tunnel -- so you must change that immediately, or you will see an error.")
pc.defineParameter("ubuntuMirrorHost","Ubuntu Package Mirror Hostname",
portal.ParameterType.STRING,"",advanced=True,
longDescription="A specific Ubuntu package mirror host to use instead of us.archive.ubuntu.com (mirror must have Ubuntu in top-level dir, or you must also edit the mirror path parameter below)")
pc.defineParameter("ubuntuMirrorPath","Ubuntu Package Mirror Path",
portal.ParameterType.STRING,"",
longDescription="A specific Ubuntu package mirror path to use instead of /ubuntu/ (you must also set a value for the package mirror parameter)")
pc.defineParameter("doAptUpgrade","Upgrade OpenStack packages and dependencies to the latest versions",
portal.ParameterType.BOOLEAN, False,advanced=True,
longDescription="The default images this profile uses have OpenStack and dependent packages preloaded. To guarantee that these scripts always work, we no longer upgrade to the latest packages by default, to avoid changes. If you want to ensure you have the latest packages, you should enable this option -- but if there are setup failures, we can't guarantee support. NOTE: selecting this option requires that you also select the option to update the Apt package cache!")
......@@ -228,6 +241,16 @@ if params.controllerHost == params.networkManagerHost \
perr = portal.ParameterWarning("We do not support use of the same physical node as both controller and networkmanager for older Juno and Kilo releases of this profile. You can try it, but it may not work. To revert to the old behavior, open the Advanced Parameters and change the networkManagerHost parameter to nm .",['release','controllerHost','networkManagerHost'])
pc.reportWarning(perr)
pass
if params.ml2plugin == 'linuxbridge' \
and params.release in [ 'juno','kilo' ]:
perr = portal.ParameterError("Kilo and Juno do not support the linuxbridge Neutron ML2 driver!",['release','ml2plugin'])
pc.reportError(perr)
pass
if params.ml2plugin == 'linuxbridge' and params.greDataLanCount > 0:
perr = portal.ParameterError("The Neutron ML2 linuxbridge driver does not support GRE tunnel networks. You should add VXLAN tunnels instead.",['greDataLanCount','ml2plugin','vxlanDataLanCount'])
pc.reportError(perr)
pass
if params.computeNodeCount > 8:
perr = portal.ParameterWarning("Are you creating a real cloud? Otherwise, do you really need more than 8 compute nodes? Think of your fellow users scrambling to get nodes :).",['computeNodeCount'])
pc.reportWarning(perr)
......@@ -318,7 +341,7 @@ for param in pc._parameterOrder:
pass
tourDescription = \
"This profile provides a highly-configurable OpenStack instance with a controller, network manager, and one or more compute nodes (potentially at multiple Cloudlab sites). This profile runs x86 or ARM64 nodes. It sets up OpenStack Liberty, Kilo, or Juno (on Ubuntu 15.10, 15.04, or 14.10) according to your choice, and configures all OpenStack services, pulls in some VM disk images, and creates basic networks accessible via floating IPs. You'll be able to create instances and access them over the Internet in just a few minutes. When you click the Instantiate button, you'll be presented with a list of parameters that you can change to control what your OpenStack instance will look like; **carefully** read the parameter documentation on that page (or in the Instructions) to understand the various features available to you."
"This profile provides a highly-configurable OpenStack instance with a controller, network manager, and one or more compute nodes (potentially at multiple Cloudlab sites). This profile runs x86 or ARM64 nodes. It sets up OpenStack Mitaka, Liberty, Kilo, or Juno (on Ubuntu 15.10, 15.04, or 14.10) according to your choice, and configures all OpenStack services, pulls in some VM disk images, and creates basic networks accessible via floating IPs. You'll be able to create instances and access them over the Internet in just a few minutes. When you click the Instantiate button, you'll be presented with a list of parameters that you can change to control what your OpenStack instance will look like; **carefully** read the parameter documentation on that page (or in the Instructions) to understand the various features available to you."
###if not params.adminPass or len(params.adminPass) == 0:
passwdHelp = "Your OpenStack admin and instance VM password is randomly-generated by Cloudlab, and it is: `{password-adminPass}` ."
......@@ -477,13 +500,18 @@ else:
#
# Construct the disk image URNs we're going to set the various nodes to load.
#
image_project = 'emulab-ops'
image_urn = 'utah.cloudlab.us'
if params.release == "juno":
image_os = 'UBUNTU14-10-64'
elif params.release == "kilo":
image_os = 'UBUNTU15-04-64'
else:
elif params.release == 'liberty':
image_os = 'UBUNTU15-10-64'
else:
image_os = 'UBUNTU16-64'
pass
if params.fromScratch:
image_tag_cn = 'STD'
image_tag_nm = 'STD'
......@@ -494,6 +522,12 @@ else:
image_tag_cp = 'OSCP'
pass
if params.release == 'mitaka':
image_urn = 'emulab.net'
# image_project = 'tbres'
# image_tag_cn = image_tag_nm = image_tag_cp = 'BETA-3'
pass
nodes = dict({})
#
......@@ -505,7 +539,7 @@ if params.osNodeType:
controller.hardware_type = params.osNodeType
pass
controller.Site("1")
controller.disk_image = "urn:publicid:IDN+utah.cloudlab.us+image+emulab-ops//%s-%s" % (image_os,image_tag_cn)
controller.disk_image = "urn:publicid:IDN+%s+image+%s//%s-%s" % (image_urn,image_project,image_os,image_tag_cn)
i = 0
for datalan in alllans:
iface = controller.addInterface("if%d" % (i,))
......@@ -537,7 +571,7 @@ if params.controllerHost != params.networkManagerHost:
networkManager.hardware_type = params.osNodeType
pass
networkManager.Site("1")
networkManager.disk_image = "urn:publicid:IDN+utah.cloudlab.us+image+emulab-ops//%s-%s" % (image_os,image_tag_nm)
networkManager.disk_image = "urn:publicid:IDN+%s+image+%s//%s-%s" % (image_urn,image_project,image_os,image_tag_nm)
i = 0
for datalan in alllans:
iface = networkManager.addInterface("if%d" % (i,))
......@@ -591,7 +625,7 @@ for (siteNumber,cpnameList) in computeNodeNamesBySite.iteritems():
cpnode.hardware_type = params.osNodeType
pass
cpnode.Site(str(siteNumber))
cpnode.disk_image = "urn:publicid:IDN+utah.cloudlab.us+image+emulab-ops//%s-%s" % (image_os,image_tag_cp)
cpnode.disk_image = "urn:publicid:IDN+%s+image+%s//%s-%s" % (image_urn,image_project,image_os,image_tag_cp)
i = 0
for datalan in alllans:
iface = cpnode.addInterface("if%d" % (i,))
......@@ -784,6 +818,17 @@ class Parameters(RSpec.Resource):
param = ET.SubElement(el,paramXML)
param.text = "QUOTASOFF=%d" % (int(bool(params.quotasOff)))
if params.ubuntuMirrorHost != "":
param = ET.SubElement(el,paramXML)
param.text = "UBUNTUMIRRORHOST=\"%s\"" % (params.ubuntuMirrorHost,)
if params.ubuntuMirrorPath != "":
param = ET.SubElement(el,paramXML)
param.text = "UBUNTUMIRRORPATH=\"%s\"" % (params.ubuntuMirrorPath,)
pass
param = ET.SubElement(el,paramXML)
param.text = "ML2PLUGIN=%s" % (str(params.ml2plugin))
return el
pass
......
......@@ -187,4 +187,35 @@ glance image-create --name ${imgnameshort}-multi-nic ${GLANCEOPTS} --disk-format
qemu-nbd -d /dev/nbd0
#
# Setup the Manila service image so that Manila works out of the box.
#
imgname=manila-service-image-master.qcow2
urls="http://boss.${OURDOMAIN}/downloads/openstack/$imgname http://boss.apt.emulab.net/downloads/openstack/$imgname http://tarballs.openstack.org/manila-image-elements/images/$imgname"
for url in $urls ; do
if [ ! -f $imgname ]; then
retries=3
while [ $retries -gt 0 ]; do
wget -O $imgname $url
if [ $? -eq 0 ]; then
break
else
sleep 5
retries=`expr $retries - 1`
fi
done
fi
if [ -f $imgname ]; then
break
fi
done
if [ -f $imgname ]; then
glance image-create --name manila-service-image --file $imgname \
--disk-format qcow2 --container-format bare --progress \
--visibility public
else
echo "ERROR: could not download $imgname from Cloudlab nor Ubuntu; Manila will not work without a service image!"
fi
exit 0
......@@ -48,12 +48,20 @@ if [ ${DATATUNNELS} -gt 0 ]; then
echo "*** Creating GRE data network $LAN and subnet $CIDR ..."
neutron net-create ${LAN}-net --provider:network_type gre
neutron net-create ${LAN}-net --shared --provider:network_type gre
neutron subnet-create ${LAN}-net --name ${LAN}-subnet "$CIDR"
neutron router-create ${LAN}-router
neutron router-interface-add ${LAN}-router ${LAN}-subnet
neutron router-gateway-set ${LAN}-router ext-net
# Create a share network for this network...
if [ $OSVERSION -ge $OSMITAKA ]; then
NETID=`neutron net-show ${LAN}-net | awk '/ id / { print $4 }'`
SUBNETID=`neutron subnet-show ${LAN}-subnet | awk '/ id / { print $4 }'`
manila share-network-create --name share-${LAN}-net \
--neutron-net-id $NETID --neutron-subnet-id $SUBNETID
fi
i=`expr $i + 1`
done
fi
......@@ -95,6 +103,14 @@ for lan in ${DATAFLATLANS} ; do
neutron port-update $port --fixed-ip subnet_id=$subnetid,ip_address=$newipaddr
fi
done
# Create a share network for this network...
if [ $OSVERSION -ge $OSMITAKA ]; then
NETID=`neutron net-show ${lan}-net | awk '/ id / { print $4 }'`
SUBNETID=`neutron subnet-show ${lan}-subnet | awk '/ id / { print $4 }'`
manila share-network-create --name share-${lan}-net \
--neutron-net-id $NETID --neutron-subnet-id $SUBNETID
fi
done
for lan in ${DATAVLANS} ; do
......@@ -113,6 +129,14 @@ for lan in ${DATAVLANS} ; do
#if [ $PUBLICCOUNT -ge 3 ] ; then
neutron router-gateway-set ${lan}-router ext-net
#fi
# Create a share network for this network...
if [ $OSVERSION -ge $OSMITAKA ]; then
NETID=`neutron net-show ${lan}-net | awk '/ id / { print $4 }'`
SUBNETID=`neutron subnet-show ${lan}-subnet | awk '/ id / { print $4 }'`
manila share-network-create --name share-${lan}-net \
--neutron-net-id $NETID --neutron-subnet-id $SUBNETID
fi
done
#
......@@ -127,12 +151,20 @@ if [ ${DATAVXLANS} -gt 0 ]; then
echo "*** Creating VXLAN data network $LAN and subnet $CIDR ..."
neutron net-create ${LAN}-net --provider:network_type vxlan
neutron net-create ${LAN}-net --shared --provider:network_type vxlan
neutron subnet-create ${LAN}-net --name ${LAN}-subnet "$CIDR"
neutron router-create ${LAN}-router
neutron router-interface-add ${LAN}-router ${LAN}-subnet
neutron router-gateway-set ${LAN}-router ext-net
# Create a share network for this network...
if [ $OSVERSION -ge $OSMITAKA ]; then
NETID=`neutron net-show ${LAN}-net | awk '/ id / { print $4 }'`
SUBNETID=`neutron subnet-show ${LAN}-subnet | awk '/ id / { print $4 }'`
manila share-network-create --name share-${LAN}-net \
--neutron-net-id $NETID --neutron-subnet-id $SUBNETID
fi
i=`expr $i + 1`
done
fi
......
......@@ -27,121 +27,19 @@ if [ -f $SETTINGS ]; then
. $SETTINGS
fi
# Grab the neutron configuration we computed in setup-lib.sh
. $OURDIR/neutron.vars
cat <<EOF >> /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
EOF
sysctl -p
maybe_install_packages neutron-plugin-ml2 neutron-plugin-openvswitch-agent \
conntrack
crudini --del /etc/neutron/neutron.conf database connection
crudini --del /etc/neutron/neutron.conf keystone_authtoken auth_host
crudini --del /etc/neutron/neutron.conf keystone_authtoken auth_port
crudini --del /etc/neutron/neutron.conf keystone_authtoken auth_protocol
crudini --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --set /etc/neutron/neutron.conf DEFAULT verbose ${VERBOSE_LOGGING}
crudini --set /etc/neutron/neutron.conf DEFAULT debug ${DEBUG_LOGGING}
crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins 'router,metering'
crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
if [ $OSVERSION -lt $OSKILO ]; then
crudini --set /etc/neutron/neutron.conf DEFAULT rabbit_host $CONTROLLER
crudini --set /etc/neutron/neutron.conf DEFAULT rabbit_userid ${RABBIT_USER}
crudini --set /etc/neutron/neutron.conf DEFAULT rabbit_password "${RABBIT_PASS}"
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
auth_uri http://${CONTROLLER}:5000/v2.0
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
identity_uri http://${CONTROLLER}:35357
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
admin_tenant_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
admin_user neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
admin_password "${NEUTRON_PASS}"
else
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit \
rabbit_host $CONTROLLER
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit \
rabbit_userid ${RABBIT_USER}
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit \
rabbit_password "${RABBIT_PASS}"
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
auth_uri http://${CONTROLLER}:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
auth_url http://${CONTROLLER}:35357
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
auth_plugin password
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
project_domain_id default
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
user_domain_id default
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken \
password "${NEUTRON_PASS}"
fi
fwdriver="neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver"
if [ ${DISABLE_SECURITY_GROUPS} -eq 1 ]; then
fwdriver="neutron.agent.firewall.NoopFirewallDriver"
fi
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
type_drivers ${network_types}
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
tenant_network_types ${network_types}
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
mechanism_drivers openvswitch
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat \
flat_networks ${flat_networks}
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \
tunnel_id_ranges 1:1000
cat <<EOF >>/etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_type_vlan]
${network_vlan_ranges}
EOF
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan \
vni_ranges 3000:4000
#crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan \
# vxlan_group 224.0.0.1
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
enable_security_group True
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
enable_ipset True
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
firewall_driver $fwdriver
cat <<EOF >> /etc/neutron/plugins/ml2/ml2_conf.ini
[ovs]
${gre_local_ip}
${enable_tunneling}
${bridge_mappings}
[agent]
${tunnel_types}
EOF
$DIRNAME/setup-network-plugin.sh
crudini --set /etc/nova/nova.conf DEFAULT \
network_api_class nova.network.neutronv2.api.API
crudini --set /etc/nova/nova.conf DEFAULT \
security_group_api neutron
crudini --set /etc/nova/nova.conf DEFAULT \
linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
if [ "${ML2PLUGIN}" = "openvswitch" ]; then
crudini --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver \
nova.network.linux_net.LinuxOVSInterfaceDriver
else
crudini --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver \
nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
fi
crudini --set /etc/nova/nova.conf DEFAULT \
firewall_driver nova.virt.firewall.NoopFirewallDriver
......@@ -161,57 +59,20 @@ if [ $OSVERSION -le $OSKILO ]; then
else
crudini --set /etc/nova/nova.conf neutron \
auth_url http://$CONTROLLER:35357
crudini --set /etc/nova/nova.conf neutron auth_plugin password
crudini --set /etc/nova/nova.conf neutron project_domain_id default
crudini --set /etc/nova/nova.conf neutron user_domain_id default
crudini --set /etc/nova/nova.conf neutron ${AUTH_TYPE_PARAM} password
crudini --set /etc/nova/nova.conf neutron ${PROJECT_DOMAIN_PARAM} default
crudini --set /etc/nova/nova.conf neutron ${USER_DOMAIN_PARAM} default
crudini --set /etc/nova/nova.conf neutron region_name $REGION
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password ${NEUTRON_PASS}
fi
#
# Ok, also put our FQDN into the hosts file so that local applications can
# resolve that pair even if the network happens to be down. This happens,
# for instance, because of our anti-ARP spoofing "patch" to the openvswitch
# agent (the agent remove_all_flow()s on a switch periodically and inserts a
# default normal forwarding rule, plus anything it needs --- our patch adds some
# anti-ARP spoofing rules after remove_all but BEFORE the default normal rule
# gets added back (this is just the nature of the existing code in Juno and Kilo
# (the situation is easier to patch more nicely on the master branch, but we
# don't have Liberty yet)) --- and because it adds the rules via command line
# using sudo, and sudo tries to lookup the hostname --- this can cause a hang.)
# Argh, what a pain. For the rest of this hack, see setup-ovs-node.sh, and
# setup-networkmanager.sh and setup-compute-network.sh where we patch the
# neutron openvswitch agent.
#
echo "$MYIP $NFQDN $PFQDN" >> /etc/hosts
#
# Patch the neutron openvswitch agent to try to stop inadvertent spoofing on
# the public emulab/cloudlab control net, sigh.
#
patch -d / -p0 < $DIRNAME/etc/neutron-${OSCODENAME}-openvswitch-remove-all-flows-except-system-flows.patch
#
# https://git.openstack.org/cgit/openstack/neutron/commit/?id=51f6b2e1c9c2f5f5106b9ae8316e57750f09d7c9
#
if [ $OSVERSION -ge $OSLIBERTY ]; then
patch -d / -p0 < $DIRNAME/etc/neutron-liberty-ovs-agent-segmentation-id-None.patch
if [ $OSVERSION -ge $OSMITAKA ]; then
crudini --set /etc/nova/nova.conf neutron \
memcached_servers ${CONTROLLER}:11211
fi
fi
#
# Neutron depends on bridge module, but it doesn't autoload it.
#
modprobe bridge
echo bridge >> /etc/modules
service_restart openvswitch-switch
service_enable openvswitch-switch
service_restart nova-compute
service_restart neutron-plugin-openvswitch-agent
service_enable neutron-plugin-openvswitch-agent
touch $OURDIR/setup-compute-network-done
exit 0
......@@ -27,6 +27,19 @@ if [ -f $SETTINGS ]; then
. $SETTINGS
fi
if [ $OSVERSION -ge $OSMITAKA ]; then
PROJECT_DOMAIN_PARAM="project_domain_name"
USER_DOMAIN_PARAM="user_domain_name"
else
PROJECT_DOMAIN_PARAM="project_domain_id"
USER_DOMAIN_PARAM="user_domain_id"
fi
if [ $OSVERSION -ge $OSMITAKA ]; then
AUTH_TYPE_PARAM="auth_type"
else
AUTH_TYPE_PARAM="auth_plugin"
fi
maybe_install_packages ceilometer-agent-compute
crudini --set /etc/ceilometer/ceilometer.conf DEFAULT rpc_backend rabbit
......@@ -64,33 +77,62 @@ else
auth_uri http://${CONTROLLER}:5000
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
auth_url http://${CONTROLLER}:35357
if [ $OSVERSION -ge $OSMITAKA ]; then
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
memcached_servers ${CONTROLLER}:11211
fi
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
auth_plugin password
${AUTH_TYPE_PARAM} password
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
project_domain_id default
${PROJECT_DOMAIN_PARAM} default
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
user_domain_id default
${USER_DOMAIN_PARAM} default
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
project_name service
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
username ceilometer
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
password "$CEILOMETER_PASS}"
password "$CEILOMETER_PASS"
crudini --set /etc/ceilometer/ceilometer.conf keystone_authtoken \
region_name "$REGION"
fi
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_auth_url http://${CONTROLLER}:5000/v2.0
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_username ceilometer
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_tenant_name service
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_password ${CEILOMETER_PASS}
if [ $OSVERSION -ge $OSKILO ]; then
if [ $OSVERSION -lt $OSMITAKA ]; then
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_auth_url http://${CONTROLLER}:5000/${KAPISTR}
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_username ceilometer
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_tenant_name service
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_password ${CEILOMETER_PASS}
if [ $OSVERSION -ge $OSKILO ]; then
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_endpoint_type internalURL
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_region_name $REGION
fi
else
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
${AUTH_TYPE_PARAM} password
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
auth_url http://${CONTROLLER}:5000/${KAPISTR}
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
username ceilometer
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
project_name service
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
password ${CEILOMETER_PASS}
if [ $OSVERSION -ge $OSKILO ]; then
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
interface internalURL
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
region_name $REGION
fi
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_endpoint_type internalURL
${PROJECT_DOMAIN_PARAM} default
crudini --set /etc/ceilometer/ceilometer.conf service_credentials \
os_region_name $REGION
${USER_DOMAIN_PARAM} default
fi
crudini --set /etc/ceilometer/ceilometer.conf notification \
......
......@@ -96,11 +96,11 @@ else
crudini --set /etc/nova/nova.conf keystone_authtoken \
auth_url http://${CONTROLLER}:35357
crudini --set /etc/nova/nova.conf keystone_authtoken \
auth_plugin password
${AUTH_TYPE_PARAM} password
crudini --set /etc/nova/nova.conf keystone_authtoken \
project_domain_id default
${PROJECT_DOMAIN_PARAM} default
crudini --set /etc/nova/nova.conf keystone_authtoken \
user_domain_id default
${USER_DOMAIN_PARAM} default
crudini --set /etc/nova/nova.conf keystone_authtoken \
project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken \
......@@ -119,6 +119,7 @@ if [ $OSVERSION -ge $OSLIBERTY ]; then
crudini --set /etc/nova/nova.conf DEFAULT \
network_api_class nova.network.neutronv2.api.API
crudini --set /etc/nova/nova.conf DEFAULT use_neutron True
crudini --set /etc/nova/nova.conf DEFAULT \
security_group_api neutron
crudini --set /etc/nova/nova.conf DEFAULT \
......
This diff is collapsed.
......@@ -48,6 +48,9 @@ if [ "$HOSTNAME" = "$NETWORKMANAGER" ]; then
for node in $NODES
do
[ "$node" = "$NETWORKMANAGER" ] && continue
if unified ; then
continue
fi
fqdn=`getfqdn $node`
$SSH $fqdn mkdir -p $OURDIR
......@@ -79,9 +82,15 @@ if [ "$HOSTNAME" = "$NETWORKMANAGER" ]; then
echo "*** Using $MGMTLAN as the Management Network"
fi
echo "*** Moving Interfaces into OpenVSwitch Bridges"
if [ "${ML2PLUGIN}" = "openvswitch" ]; then
echo "*** Moving Interfaces into OpenVSwitch Bridges"
$DIRNAME/setup-ovs.sh 1> $OURDIR/setup-ovs.log 2>&1
$DIRNAME/setup-ovs.sh 1> $OURDIR/setup-ovs.log 2>&1
else
echo "*** Setting up Linux Bridge static network configuration"
$DIRNAME/setup-linuxbridge.sh 1> $OURDIR/setup-linuxbridge.log 2>&1
fi
echo "*** Telling controller to set up OpenStack!"
......
......@@ -30,6 +30,7 @@ SCP="scp -p -o StrictHostKeyChecking=no"
CONTROLLER="ctl"
NETWORKMANAGER="nm"
STORAGEHOST="ctl"
SHAREHOST="ctl"
OBJECTHOST="ctl"
COMPUTENODES=""
BAREMETALNODES=""
......@@ -48,6 +49,8 @@ USE_EXISTING_IPS=1
DO_APT_INSTALL=1
DO_APT_UPGRADE=0
DO_APT_UPDATE=1
UBUNTUMIRRORHOST=""
UBUNTUMIRRORPATH=""
ENABLE_NEW_SERIAL_SUPPORT=0
DO_UBUNTU_CLOUDARCHIVE=1
BUILD_AARCH64_FROM_CORE=0
......@@ -68,6 +71,9 @@ KEYSTONEUSEWSGI=""
# On by default; users will have to take full disk images of the
# compute nodes if they have this enabled.
COMPUTE_EXTRA_NOVA_DISK_SPACE="1"
# Support linuxbridge plugin too, but still default to openvswitch.
ML2PLUGIN="openvswitch"
MANILADRIVER="generic"
#
# We have an 'adminapi' user that gets a random password. Then, we have
......@@ -245,6 +251,7 @@ HAVE_SYSTEMD=`expr $? = 0`
OSJUNO=10
OSKILO=11
OSLIBERTY=12
OSMITAKA=13
. /etc/lsb-release
if [ ${DISTRIB_CODENAME} = "wily" ]; then
......@@ -255,6 +262,10 @@ elif [ ${DISTRIB_CODENAME} = "vivid" ]; then
OSCODENAME="kilo"
OSVERSION=$OSKILO
REGION="RegionOne"
elif [ ${DISTRIB_CODENAME} = "xenial" ]; then
OSCODENAME="mitaka"
OSVERSION=$OSMITAKA
REGION="RegionOne"
else
OSCODENAME="juno"
OSVERSION=$OSJUNO
......@@ -292,6 +303,22 @@ else
KEYSTONEUSEWSGI=0
fi
#
# The keystone auth_token parameter names are project_domain_name and
# user_domain_name as of Mitaka. The auth_token parameter name has
# also changed.
#
if [ $OSVERSION -ge $OSMITAKA ]; then
PROJECT_DOMAIN_PARAM="project_domain_name"
USER_DOMAIN_PARAM="user_domain_name"
AUTH_TYPE_PARAM="auth_type"
else
PROJECT_DOMAIN_PARAM="project_domain_id"
USER_DOMAIN_PARAM="user_domain_id"
AUTH_TYPE_PARAM="auth_plugin"
fi
if [ $GENIUSER -eq 1 ]; then
SWAPPER_EMAIL=`geni-get slice_email`
else
......@@ -478,6 +505,27 @@ unified() {
fi
}
##
## Setup our Ubuntu package mirror, if necessary.
##
grep MIRRORSETUP $SETTINGS
if [ ! $? -eq 0 ]; then
if [ ! "x${UBUNTUMIRRORHOST}" = "x" ]; then
oldstr='us.archive.ubuntu.com'
newstr="${UBUNTUMIRRORHOST}"
if [ ! "x${UBUNTUMIRRORPATH}" = "x" ]; then
oldstr='us.archive.ubuntu.com/ubuntu'
newstr="${UBUNTUMIRRORHOST}/${UBUNTUMIRRORPATH}"
fi
echo "*** Changing Ubuntu mirror from $oldstr to $newstr ..."
sed -E -i.us.archive.ubuntu.com -e "s|(${oldstr})|$newstr|" /etc/apt/sources.list
fi
echo "MIRRORSETUP=1" >> $SETTINGS
fi
# Setup apt-get to not prompt us
echo "force-confdef" > /etc/dpkg/dpkg.cfg.d/cloudlab
echo "force-confold" >> /etc/dpkg/dpkg.cfg.d/cloudlab
......@@ -652,7 +700,7 @@ if [ ! -f $OURDIR/mgmt-hosts -o $UPDATING -ne 0 ] ; then
prefix="10.$NEXTSPARESUBNET"
echo "$prefix" > $OURDIR/data-prefix.$lan
echo "255.255.0.0" > $OURDIR/data-netmask.$lan
echo "$prefix.0.0/255.255.0.0" > $OURDIR/data-cidr.$lan
echo "$prefix.0.0/16" > $OURDIR/data-cidr.$lan
echo "$prefix.0.0" > $OURDIR/data-network.$lan
echo "$prefix.0.1 $NETWORKMANAGER" > $OURDIR/data-hosts.$lan
if ! unified ; then
......@@ -742,7 +790,8 @@ $netmask
EOF
unset IFS
network=`printf "%d.%d.%d.%d\n" "$((i1 & m1))" "$((i2 & m2))" "$((i3 & m3))" "$((i4 & m4))"`
echo "$network/$netmask" > $OURDIR/data-cidr.$lan
cidr=`python $DIRNAME/ipcalc.py mask2bits $netmask`
echo "$network/$cidr" > $OURDIR/data-cidr.$lan
echo "$network" > $OURDIR/data-network.$lan
if [ $UPDATING -eq 0 ]; then
......@@ -834,7 +883,7 @@ if [ ${DATATUNNELS} -gt 0 ]; then