Backport Rhel changes to R2.20

Partial-Bug: 1537349 Support for centos71/Kilo Partial-Bug: 1510724 (cherry picked from commit 160eae0) Retrieve keystone version for rhel based platforms Partial-Bug: 1510724 (cherry picked from commit 088e478) nova_password, neutron_password and service_tenant_name not available in nova-server-setup.sh Partial-Bug: 1513776 (cherry picked from commit 0fd4152) Centos71/Kilo: Cant login Openstack dashboard Also fixes missing configurations 1. neutron section in nova.conf from computer-server-setup 2. metadata_proxy setting in nova.conf Closes-Bug: 1516847 (cherry picked from commit 71d4c7d) cinder version is not substitued Closes-Bug: 1516847 (cherry picked from commit d22dc28) neutron section in nova.conf of compute is missing Closes-Bug: 1522245 (cherry picked from commit c73243a) Change-Id: I24ca6047db0d857848aad22844bbb9f0b05223c1
Juniper · Jan 23, 2016 · 07e7264 · 07e7264
1 parent e774837
commit 07e7264
Show file tree

Hide file tree

Showing 6 changed files with 152 additions and 17 deletions.
diff --git a/contrail_provisioning/compute/scripts/compute-server-setup.sh b/contrail_provisioning/compute/scripts/compute-server-setup.sh
@@ -110,12 +110,37 @@ if [ $CONTROLLER != $COMPUTE ] ; then
             openstack-config --set /etc/nova/nova.conf DEFAULT instaces_path /var/lib/nova/instances
         fi
 
-        # For Juno, set network_api_class as nova_contrail_vif.contrailvif.ContrailNetworkAPI
-        is_juno=$(python -c "from distutils.version import LooseVersion; \
-                  print LooseVersion('$nova_compute_ver') == LooseVersion('2014.2.2')")
-        if [ "$is_juno" == "True" ]; then
-            openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova_contrail_vif.contrailvif.ContrailNetworkAPI
+        if [ $is_redhat -eq 1 ]; then
+            # For Kilo openstack release, set network_api_class as nova.network.neutronv2.api.API
+            is_kilo_or_above=$(python -c "from distutils.version import LooseVersion; \
+                      print LooseVersion('$nova_compute_ver') >= LooseVersion('2015.1.1')")
+
+            # For Juno, set network_api_class as nova_contrail_vif.contrailvif.ContrailNetworkAPI even
+            # if controller node is compute node so the VIF_TYPE=vrouter is available
+            is_juno_or_above=$(python -c "from distutils.version import LooseVersion; \
+                      print LooseVersion('$nova_compute_ver') >= LooseVersion('2014.2.2')")
+            if [ "$is_kilo_or_above" == "True" ]; then
+                # Neutron section in nova.conf
+                openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
+                openstack-config --set /etc/nova/nova.conf neutron url ${QUANTUM_PROTOCOL}://$QUANTUM:9696/
+                openstack-config --set /etc/nova/nova.conf neutron admin_tenant_name $SERVICE_TENANT_NAME
+                openstack-config --set /etc/nova/nova.conf neutron auth_strategy keystone
+                openstack-config --set /etc/nova/nova.conf neutron admin_auth_url ${AUTH_PROTOCOL}://$CONTROLLER:35357/v2.0/
+                openstack-config --set /etc/nova/nova.conf neutron admin_username neutron
+                openstack-config --set /etc/nova/nova.conf neutron admin_password $NEUTRON_PASSWORD
+                openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
+                openstack-config --set /etc/nova/nova.conf compute compute_driver libvirt.LibvirtDriver
+                openstack-config --set /etc/nova/nova.conf glance host $CONTROLLER
+
+                # New configs in keystone section
+                openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
+                openstack-config --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASSWORD
+
+            elif [ "$is_juno_or_above" == "True" ]; then
+                openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova_contrail_vif.contrailvif.ContrailNetworkAPI
+            fi
         fi
+
     fi
     openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
     openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
@@ -125,13 +150,33 @@ if [ $CONTROLLER != $COMPUTE ] ; then
     openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
     openstack-config --set /etc/nova/nova.conf keystone_authtoken signing_dir /tmp/keystone-signing-nova
 else
-    # For Juno, set network_api_class as nova_contrail_vif.contrailvif.ContrailNetworkAPI even
-    # if controller node is compute node so the VIF_TYPE=vrouter is available
     if [ $is_redhat -eq 1 ]; then
-        # For Juno or above openstack releases, set network_api_class as nova_contrail_vif.contrailvif.ContrailNetworkAPI
+        # For Kilo openstack release, set network_api_class as nova.network.neutronv2.api.API
+        is_kilo_or_above=$(python -c "from distutils.version import LooseVersion; \
+                  print LooseVersion('$nova_compute_ver') >= LooseVersion('2015.1.1')")
+
+        # For Juno, set network_api_class as nova_contrail_vif.contrailvif.ContrailNetworkAPI even
+        # if controller node is compute node so the VIF_TYPE=vrouter is available
         is_juno_or_above=$(python -c "from distutils.version import LooseVersion; \
                   print LooseVersion('$nova_compute_ver') >= LooseVersion('2014.2.2')")
-        if [ "$is_juno_or_above" == "True" ]; then
+        if [ "$is_kilo_or_above" == "True" ]; then
+            # Neutron section in nova.conf
+            openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
+            openstack-config --set /etc/nova/nova.conf neutron url ${QUANTUM_PROTOCOL}://$QUANTUM:9696/
+            openstack-config --set /etc/nova/nova.conf neutron admin_tenant_name $SERVICE_TENANT_NAME
+            openstack-config --set /etc/nova/nova.conf neutron auth_strategy keystone
+            openstack-config --set /etc/nova/nova.conf neutron admin_auth_url ${AUTH_PROTOCOL}://$CONTROLLER:35357/v2.0/
+            openstack-config --set /etc/nova/nova.conf neutron admin_username neutron
+            openstack-config --set /etc/nova/nova.conf neutron admin_password $NEUTRON_PASSWORD
+            openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
+            openstack-config --set /etc/nova/nova.conf compute compute_driver libvirt.LibvirtDriver
+            openstack-config --set /etc/nova/nova.conf glance host $CONTROLLER
+
+            # New configs in keystone section
+            openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
+            openstack-config --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASSWORD
+
+        elif [ "$is_juno_or_above" == "True" ]; then
             openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova_contrail_vif.contrailvif.ContrailNetworkAPI
         fi
     fi

diff --git a/contrail_provisioning/openstack/scripts/cinder-server-setup.sh b/contrail_provisioning/openstack/scripts/cinder-server-setup.sh
@@ -23,14 +23,17 @@ if [ -f /etc/redhat-release ]; then
    is_ubuntu=0
    web_svc=httpd
    mysql_svc=mysqld
+   os_cinder=$(rpm -q --queryformat="%{VERSION}" openstack-cinder)
 fi
 
 if [ -f /etc/lsb-release ] && egrep -q 'DISTRIB_ID.*Ubuntu' /etc/lsb-release; then
    is_ubuntu=1
    is_redhat=0
    web_svc=apache2
    mysql_svc=mysql
+   os_cinder=$(dpkg-query -W -f='${Version}' openstack-cinder)
 fi
+echo "$0: Openstack Cinder Version: ( $os_cinder )"
 
 function error_exit
 {
@@ -102,8 +105,24 @@ done
 export ADMIN_TOKEN
 export SERVICE_TOKEN
 
+
+
 # Update all config files with service username and password
 for svc in cinder; do
+
+    # If cinder is Kilo based in centos7/rhel7, needed more
+    # more settings
+    if [ $is_redhat -eq 1 ]; then
+        is_kilo_or_above=$(python -c "from distutils.version import LooseVersion; \
+                  print LooseVersion('$os_cinder') >= LooseVersion('2015.1.1')")
+        if [ "$is_kilo_or_above" == "True" ]; then
+            openstack-config --set /etc/$svc/$svc.conf keystone_authtoken \
+                                   auth_uri http://${controller_ip}:5000/v2.0
+            openstack-config --set /etc/$svc/$svc.conf keystone_authtoken \
+                                   identity_uri http://${controller_ip}:35357
+        fi
+    fi
+
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken admin_tenant_name service
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken admin_user $svc
     openstack-config --set /etc/$svc/$svc.conf keystone_authtoken admin_password $ADMIN_TOKEN

diff --git a/contrail_provisioning/openstack/scripts/contrail-keystone-setup.sh b/contrail_provisioning/openstack/scripts/contrail-keystone-setup.sh
@@ -31,6 +31,8 @@
 # demo                 demo      Member,sysadmin,netadmin
 # invisible_to_admin   demo      Member
 
+set -x
+
 ENABLE_ENDPOINTS=yes
 #ENABLE_QUANTUM=yes
 if [ -f /etc/redhat-release ]; then
@@ -241,8 +243,31 @@ if [[ -n "$ENABLE_ENDPOINTS" ]]; then
     fi
 fi
 
-CINDER_SERVICE=$(get_service "cinder" volume "Cinder Service")
-CINDER_USER=$(get_service_user cinder)
+
+CINDER_SERVICE=""
+CINDER_USER=""
+CINDER_SERVICE_TYPE=v1
+# If cinder is Kilo based in centos7/rhel7, volumev2 services are required
+if [ -f /etc/redhat-release ]; then
+    os_cinder=$(rpm -q --queryformat="%{VERSION}" openstack-cinder)
+    is_kilo_or_above=$(python -c "from distutils.version import LooseVersion; \
+                  print LooseVersion('$os_cinder') >= LooseVersion('2015.1.1')")
+    if [ "$is_kilo_or_above" == "True" ]; then
+        CINDER_SERVICE=$(get_service "cinderv2" volumev2 "Cinder V2 Service")
+        CINDER_USER=$(get_service_user cinderv2)
+        CINDER_SERVICE_TYPE=v2
+    fi
+fi
+
+# Create cinder service if not created in above steps
+if [[ -z "CINDER_SERVICE" ]]; then
+    CINDER_SERVICE=$(get_service "cinder" volume "Cinder Service")
+fi
+
+# Create CINDER USER if not created in above steps
+if [[ -z "$CINDER_USER" ]]; then
+    CINDER_USER=$(get_service_user cinder)
+fi
 
 if [ -z $(user_role_lookup $CINDER_USER $SERVICE_TENANT admin) ]; then
 keystone user-role-add --tenant-id $SERVICE_TENANT \
@@ -253,9 +278,9 @@ fi
 if [[ -n "$ENABLE_ENDPOINTS" ]]; then
     if [ -z $(endpoint_lookup $CINDER_SERVICE) ]; then
     keystone endpoint-create --region RegionOne --service-id $CINDER_SERVICE \
-        --publicurl 'http://'$CONTROLLER':8776/v1/$(tenant_id)s' \
-        --adminurl 'http://'$CONTROLLER':8776/v1/$(tenant_id)s' \
-        --internalurl 'http://'$CONTROLLER':8776/v1/$(tenant_id)s'
+        --publicurl 'http://'$CONTROLLER':8776/'$CINDER_SERVICE_TYPE'/$(tenant_id)s' \
+        --adminurl 'http://'$CONTROLLER':8776/'$CINDER_SERVICE_TYPE'/$(tenant_id)s' \
+        --internalurl 'http://'$CONTROLLER':8776/'$CINDER_SERVICE_TYPE'/$(tenant_id)s'
     fi
 fi
 

diff --git a/contrail_provisioning/openstack/scripts/keystone-server-setup.sh b/contrail_provisioning/openstack/scripts/keystone-server-setup.sh
@@ -30,6 +30,8 @@ function error_exit
 
 if [ $is_ubuntu -eq 1 ] ; then
     keystone_version=`dpkg -l | grep 'ii' | grep keystone | grep -v python | awk '{print $3}'`
+else
+   keystone_version=$(rpm -q --queryformat="%{VERSION}" openstack-keystone)
 fi
 
 # Exclude port 35357 from the available ephemeral port range
@@ -206,7 +208,15 @@ for svc in keystone; do
             openstack-config --set /etc/$svc/$svc.conf token driver keystone.token.backends.memcache.Token
         fi
     else
-        openstack-config --set /etc/$svc/$svc.conf token driver keystone.token.backends.memcache.Token
+
+        # For Kilo openstack release, set keystone.token.persistence.backends.memcache.Token
+        is_kilo_or_above=$(python -c "from distutils.version import LooseVersion; \
+                  print LooseVersion('$keystone_version') >= LooseVersion('2015.1.1')")
+        if [ "$is_kilo_or_above" == "True" ]; then
+            openstack-config --set /etc/$svc/$svc.conf token driver keystone.token.persistence.backends.memcache.Token
+        else
+            openstack-config --set /etc/$svc/$svc.conf token driver keystone.token.backends.memcache.Token
+        fi
     fi
 
     openstack-config --set /etc/$svc/$svc.conf ec2 driver keystone.contrib.ec2.backends.sql.Ec2

diff --git a/contrail_provisioning/openstack/scripts/nova-server-setup.sh b/contrail_provisioning/openstack/scripts/nova-server-setup.sh
@@ -257,9 +257,30 @@ else
         openstack-config --set /etc/nova/nova.conf conductor rabbit_host $AMQP_SERVER
         chown -R nova:nova /var/lib/nova
     fi
+
+    is_kilo_or_latest=$(python -c "from distutils.version import LooseVersion; \
+              print LooseVersion('$nova_api_ver') >= LooseVersion('2015.1.1')")
     is_juno_or_latest=$(python -c "from distutils.version import LooseVersion; \
-                        print LooseVersion('$nova_api_ver') >= LooseVersion('2014.2.1-1')")
-    if [ "$is_juno_or_latest" == "True" ]; then
+                        print LooseVersion('$nova_api_ver') >= LooseVersion('2014.2.1')")
+
+    # For Kilo openstack release, set network_api_class as nova.network.neutronv2.api.API
+    if [ "$is_kilo_or_latest" == "True" ]; then
+        openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
+
+        # Neutron section in nova.conf
+        openstack-config --set /etc/nova/nova.conf neutron url ${QUANTUM_PROTOCOL}://$QUANTUM:9696/
+        openstack-config --set /etc/nova/nova.conf neutron admin_tenant_name $SERVICE_TENANT_NAME
+        openstack-config --set /etc/nova/nova.conf neutron auth_strategy keystone
+        openstack-config --set /etc/nova/nova.conf neutron admin_auth_url ${AUTH_PROTOCOL}://$CONTROLLER:35357/v2.0/
+        openstack-config --set /etc/nova/nova.conf neutron admin_username neutron
+        openstack-config --set /etc/nova/nova.conf neutron admin_password $NEUTRON_PASSWORD
+        openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
+        openstack-config --set /etc/nova/nova.conf compute compute_driver libvirt.LibvirtDriver
+
+        # New configs in keystone section
+        openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
+        openstack-config --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASSWORD
+    elif [ "$is_juno_or_latest" == "True" ]; then
         openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class contrail_nova_networkapi.api.API
     fi
 fi

diff --git a/contrail_provisioning/openstack/setup.py b/contrail_provisioning/openstack/setup.py
@@ -27,6 +27,9 @@ def __init__(self, args_str = None):
             'keystone_ip': '127.0.0.1',
             'keystone_auth_protocol':'http',
             'keystone_admin_passwd': 'contrail123',
+            'nova_password': None,
+            'neutron_password': None,
+            'keystone_service_tenant_name': 'service',
             'amqp_server_ip':'127.0.0.1',
             'quantum_service_protocol': 'http',
             'quantum_port': 9696,
@@ -65,6 +68,10 @@ def parse_args(self, args_str):
         parser.add_argument("--haproxy", help = "Enable haproxy", action="store_true")
         parser.add_argument("--keystone_ip", help = "IP Address of keystone node")
         parser.add_argument("--keystone_admin_passwd", help = "Passwd of the admin tenant")
+        parser.add_argument("--neutron_password", help="Password of neutron user")
+        parser.add_argument("--nova_password", help="Password of nova user")
+        parser.add_argument("--keystone_service_tenant_name",
+            help="Tenant name of services like nova, neutron...etc")
         parser.add_argument("--keystone_auth_protocol", help = "Protocol to use while talking to Keystone")
         parser.add_argument("--internal_vip", help = "Control network VIP Address of openstack nodes")
         parser.add_argument("--external_vip", help = "Management network VIP Address of openstack nodes")
@@ -79,6 +86,11 @@ def parse_args(self, args_str):
                             help = "Number of worker threads for conductor")
 
         self._args = parser.parse_args(self.remaining_argv)
+        # Using keystone admin password for nova/neutron if not supplied by user
+        if not self._args.neutron_password:
+            self._args.neutron_password = self._args.keystone_admin_passwd
+        if not self._args.nova_password:
+            self._args.nova_password = self._args.keystone_admin_passwd
 
     def build_ctrl_details(self):
         ctrl_infos = []
@@ -88,6 +100,9 @@ def build_ctrl_details(self):
         ctrl_infos.append('QUANTUM_PROTOCOL=%s' % self._args.quantum_service_protocol)
         ctrl_infos.append('ADMIN_TOKEN=%s' % self._args.keystone_admin_passwd)
         ctrl_infos.append('CONTROLLER=%s' % self._args.keystone_ip)
+        ctrl_infos.append('NEUTRON_PASSWORD=%s' % self._args.neutron_password)
+        ctrl_infos.append('NOVA_PASSWORD=%s' % self._args.nova_password)
+        ctrl_infos.append('SERVICE_TENANT_NAME=%s' % self._args.keystone_service_tenant_name)
         ctrl_infos.append('API_SERVER=%s' % self._args.cfgm_ip)
         ctrl_infos.append('OSAPI_COMPUTE_WORKERS=%s' % self._args.osapi_compute_workers)
         ctrl_infos.append('CONDUCTOR_WORKERS=%s' % self._args.conductor_workers)