bd24a8d0f8
Allow providing certificates through environment variables to be used for keystone, and provide the basis for doing this for other services. It cannot be used in conjunction with tls-proxy as the service provides it's own encrypted endpoint. Impletmenting: blueprint devstack-https Change-Id: I8cf4c9c8c8a6911ae56ebcd14600a9d24cca99a0
205 lines
6.6 KiB
Plaintext
205 lines
6.6 KiB
Plaintext
# lib/heat
|
|
# Install and start **Heat** service
|
|
|
|
# To enable, add the following to localrc
|
|
#
|
|
# ENABLED_SERVICES+=,heat,h-api,h-api-cfn,h-api-cw,h-eng
|
|
|
|
# Dependencies:
|
|
#
|
|
# - functions
|
|
|
|
# stack.sh
|
|
# ---------
|
|
# - install_heatclient
|
|
# - install_heat
|
|
# - configure_heatclient
|
|
# - configure_heat
|
|
# - init_heat
|
|
# - start_heat
|
|
# - stop_heat
|
|
# - cleanup_heat
|
|
|
|
# Save trace setting
|
|
XTRACE=$(set +o | grep xtrace)
|
|
set +o xtrace
|
|
|
|
|
|
# Defaults
|
|
# --------
|
|
|
|
# set up default directories
|
|
HEAT_DIR=$DEST/heat
|
|
HEATCLIENT_DIR=$DEST/python-heatclient
|
|
HEAT_AUTH_CACHE_DIR=${HEAT_AUTH_CACHE_DIR:-/var/cache/heat}
|
|
HEAT_STANDALONE=`trueorfalse False $HEAT_STANDALONE`
|
|
HEAT_CONF_DIR=/etc/heat
|
|
HEAT_CONF=$HEAT_CONF_DIR/heat.conf
|
|
HEAT_ENV_DIR=$HEAT_CONF_DIR/environment.d
|
|
HEAT_TEMPLATES_DIR=$HEAT_CONF_DIR/templates
|
|
|
|
# Functions
|
|
# ---------
|
|
|
|
# cleanup_heat() - Remove residual data files, anything left over from previous
|
|
# runs that a clean run would need to clean up
|
|
function cleanup_heat() {
|
|
sudo rm -rf $HEAT_AUTH_CACHE_DIR
|
|
sudo rm -rf $HEAT_ENV_DIR
|
|
sudo rm -rf $HEAT_TEMPLATES_DIR
|
|
}
|
|
|
|
# configure_heat() - Set config files, create data dirs, etc
|
|
function configure_heat() {
|
|
setup_develop $HEAT_DIR
|
|
|
|
if [[ ! -d $HEAT_CONF_DIR ]]; then
|
|
sudo mkdir -p $HEAT_CONF_DIR
|
|
fi
|
|
sudo chown $STACK_USER $HEAT_CONF_DIR
|
|
# remove old config files
|
|
rm -f $HEAT_CONF_DIR/heat-*.conf
|
|
|
|
HEAT_API_CFN_HOST=${HEAT_API_CFN_HOST:-$SERVICE_HOST}
|
|
HEAT_API_CFN_PORT=${HEAT_API_CFN_PORT:-8000}
|
|
HEAT_ENGINE_HOST=${HEAT_ENGINE_HOST:-$SERVICE_HOST}
|
|
HEAT_ENGINE_PORT=${HEAT_ENGINE_PORT:-8001}
|
|
HEAT_API_CW_HOST=${HEAT_API_CW_HOST:-$SERVICE_HOST}
|
|
HEAT_API_CW_PORT=${HEAT_API_CW_PORT:-8003}
|
|
HEAT_API_HOST=${HEAT_API_HOST:-$SERVICE_HOST}
|
|
HEAT_API_PORT=${HEAT_API_PORT:-8004}
|
|
HEAT_API_PASTE_FILE=$HEAT_CONF_DIR/api-paste.ini
|
|
HEAT_POLICY_FILE=$HEAT_CONF_DIR/policy.json
|
|
|
|
cp $HEAT_DIR/etc/heat/api-paste.ini $HEAT_API_PASTE_FILE
|
|
cp $HEAT_DIR/etc/heat/policy.json $HEAT_POLICY_FILE
|
|
cp $HEAT_DIR/etc/heat/heat.conf.sample $HEAT_CONF
|
|
|
|
# common options
|
|
iniset_rpc_backend heat $HEAT_CONF DEFAULT
|
|
iniset $HEAT_CONF DEFAULT heat_metadata_server_url http://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT
|
|
iniset $HEAT_CONF DEFAULT heat_waitcondition_server_url http://$HEAT_API_CFN_HOST:$HEAT_API_CFN_PORT/v1/waitcondition
|
|
iniset $HEAT_CONF DEFAULT heat_watch_server_url http://$HEAT_API_CW_HOST:$HEAT_API_CW_PORT
|
|
iniset $HEAT_CONF database connection `database_connection_url heat`
|
|
iniset $HEAT_CONF DEFAULT auth_encryption_key `hexdump -n 16 -v -e '/1 "%02x"' /dev/random`
|
|
|
|
# logging
|
|
iniset $HEAT_CONF DEFAULT debug $ENABLE_DEBUG_LOG_LEVEL
|
|
iniset $HEAT_CONF DEFAULT use_syslog $SYSLOG
|
|
if [ "$LOG_COLOR" == "True" ] && [ "$SYSLOG" == "False" ]; then
|
|
# Add color to logging output
|
|
setup_colorized_logging $HEAT_CONF DEFAULT tenant user
|
|
fi
|
|
|
|
# keystone authtoken
|
|
iniset $HEAT_CONF keystone_authtoken auth_host $KEYSTONE_AUTH_HOST
|
|
iniset $HEAT_CONF keystone_authtoken auth_port $KEYSTONE_AUTH_PORT
|
|
iniset $HEAT_CONF keystone_authtoken auth_protocol $KEYSTONE_AUTH_PROTOCOL
|
|
iniset $HEAT_CONF keystone_authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
|
|
iniset $HEAT_CONF keystone_authtoken cafile $KEYSTONE_SSL_CA
|
|
iniset $HEAT_CONF keystone_authtoken admin_tenant_name $SERVICE_TENANT_NAME
|
|
iniset $HEAT_CONF keystone_authtoken admin_user heat
|
|
iniset $HEAT_CONF keystone_authtoken admin_password $SERVICE_PASSWORD
|
|
iniset $HEAT_CONF keystone_authtoken signing_dir $HEAT_AUTH_CACHE_DIR
|
|
|
|
# ec2authtoken
|
|
iniset $HEAT_CONF ec2authtoken auth_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0
|
|
iniset $HEAT_CONF ec2authtoken keystone_ec2_uri $KEYSTONE_SERVICE_PROTOCOL://$KEYSTONE_SERVICE_HOST:$KEYSTONE_SERVICE_PORT/v2.0/ec2tokens
|
|
|
|
# paste_deploy
|
|
[[ "$HEAT_STANDALONE" = "True" ]] && iniset $HEAT_CONF paste_deploy flavor standalone
|
|
|
|
# OpenStack API
|
|
iniset $HEAT_CONF heat_api bind_host $HEAT_API_HOST
|
|
iniset $HEAT_CONF heat_api bind_port $HEAT_API_PORT
|
|
|
|
# Cloudformation API
|
|
iniset $HEAT_CONF heat_api_cfn bind_host $HEAT_API_CFN_HOST
|
|
iniset $HEAT_CONF heat_api_cfn bind_port $HEAT_API_CFN_PORT
|
|
|
|
# Cloudwatch API
|
|
iniset $HEAT_CONF heat_api_cloudwatch bind_host $HEAT_API_CW_HOST
|
|
iniset $HEAT_CONF heat_api_cloudwatch bind_port $HEAT_API_CW_PORT
|
|
|
|
# heat environment
|
|
sudo mkdir -p $HEAT_ENV_DIR
|
|
sudo chown $STACK_USER $HEAT_ENV_DIR
|
|
# copy the default environment
|
|
cp $HEAT_DIR/etc/heat/environment.d/* $HEAT_ENV_DIR/
|
|
|
|
# heat template resources.
|
|
sudo mkdir -p $HEAT_TEMPLATES_DIR
|
|
sudo chown $STACK_USER $HEAT_TEMPLATES_DIR
|
|
# copy the default templates
|
|
cp $HEAT_DIR/etc/heat/templates/* $HEAT_TEMPLATES_DIR/
|
|
|
|
}
|
|
|
|
# init_heat() - Initialize database
|
|
function init_heat() {
|
|
|
|
# (re)create heat database
|
|
recreate_database heat utf8
|
|
|
|
$HEAT_DIR/bin/heat-manage db_sync
|
|
create_heat_cache_dir
|
|
}
|
|
|
|
# create_heat_cache_dir() - Part of the init_heat() process
|
|
function create_heat_cache_dir() {
|
|
# Create cache dirs
|
|
sudo mkdir -p $HEAT_AUTH_CACHE_DIR
|
|
sudo chown $STACK_USER $HEAT_AUTH_CACHE_DIR
|
|
}
|
|
|
|
# install_heatclient() - Collect source and prepare
|
|
function install_heatclient() {
|
|
git_clone $HEATCLIENT_REPO $HEATCLIENT_DIR $HEATCLIENT_BRANCH
|
|
setup_develop $HEATCLIENT_DIR
|
|
}
|
|
|
|
# install_heat() - Collect source and prepare
|
|
function install_heat() {
|
|
git_clone $HEAT_REPO $HEAT_DIR $HEAT_BRANCH
|
|
}
|
|
|
|
# start_heat() - Start running processes, including screen
|
|
function start_heat() {
|
|
screen_it h-eng "cd $HEAT_DIR; bin/heat-engine --config-file=$HEAT_CONF"
|
|
screen_it h-api "cd $HEAT_DIR; bin/heat-api --config-file=$HEAT_CONF"
|
|
screen_it h-api-cfn "cd $HEAT_DIR; bin/heat-api-cfn --config-file=$HEAT_CONF"
|
|
screen_it h-api-cw "cd $HEAT_DIR; bin/heat-api-cloudwatch --config-file=$HEAT_CONF"
|
|
}
|
|
|
|
# stop_heat() - Stop running processes
|
|
function stop_heat() {
|
|
# Kill the screen windows
|
|
for serv in h-eng h-api h-api-cfn h-api-cw; do
|
|
screen -S $SCREEN_NAME -p $serv -X kill
|
|
done
|
|
}
|
|
|
|
function disk_image_create {
|
|
local elements_path=$1
|
|
local elements=$2
|
|
local arch=$3
|
|
local output=$TOP_DIR/files/$4
|
|
if [[ -f "$output.qcow2" ]];
|
|
then
|
|
echo "Image file already exists: $output_file"
|
|
else
|
|
ELEMENTS_PATH=$elements_path disk-image-create \
|
|
$elements -a $arch -o $output
|
|
fi
|
|
# upload with fake URL so that image in $TOP_DIR/files is used
|
|
upload_image "http://localhost/$output.qcow2" $TOKEN
|
|
}
|
|
|
|
# Restore xtrace
|
|
$XTRACE
|
|
|
|
# Tell emacs to use shell-script-mode
|
|
## Local variables:
|
|
## mode: shell-script
|
|
## End:
|