some changes to nova-compute docker

2018-08-08 15:43:03 +02:00 · 2018-08-08 15:43:03 +02:00 · 149590eb35
parent 4b13a2863a
commit 149590eb35
7 changed files with 1661 additions and 2 deletions
--- a/neutron_controller_ovs/Dockerfile
+++ b/neutron_controller_ovs/Dockerfile
@ -0,0 +1,31 @@
+FROM ubuntu:16.04
+# install packages
+
+RUN apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5EDB1B62EC4926EA
+
+RUN set -x \
+    && echo "deb http://ubuntu-cloud.archive.canonical.com/ubuntu xenial-updates/ocata main" > /etc/apt/sources.list.d/ocata.list \
+    && apt-get -y update \
+    && apt-get -y install ubuntu-cloud-keyring \
+    && apt-get -y update \
+    && apt-get -y install \
+        mysql-client \
+        python-mysqldb \
+        python-openstackclient \
+        neutron-server \
+        neutron-plugin-ml2 \
+        neutron-linuxbridge-agent \
+        neutron-l3-agent \
+        neutron-metadata-agent \
+    && apt-get -y clean
+
+# add bootstrap script and make it executable
+COPY bootstrap.sh /etc/bootstrap.sh
+
+# Workaround for vlan_transparent parameter set to None.
+COPY db_base_plugin_v2.py /usr/lib/python2.7/dist-packages/neutron/db/db_base_plugin_v2.py
+
+COPY run.sh /etc/run.sh
+COPY write_conf.sh /etc/write_conf.sh
+
+CMD ["/etc/run.sh"]
--- a/neutron_controller_ovs/README.md
+++ b/neutron_controller_ovs/README.md
@ -0,0 +1,21 @@
+# ubuntu 16.04 openstack ocata neutron controler node
+
+## How to build the docker image.
+```
+docker  build . -t="hpc/neutroncontroller"
+```
+
+## How to bootstrap the service.
+Before we can take the container into service we need accounts in keystone.
+We also need an initial database. Both of these tasks are performed by the bootstrap script.
+```
+docker run --rm --it --add-host="controller:<keystone_ip>" hpc/neutroncontroler /etc/bootstrap.sh
+```
+
+## How to run
+This image needs a lot of environment variables. It should be run via the `hpc-cloud` ansible repository.
+
+
+## Notes
+This image is designed to be deployed from the [hpc-cloud repo](https://git.webhosting.rug.nl/HPC/hpc-cloud)
+The -p option is added to the run command to make the container accessible from (containers on ) other hosts than the container host.
--- a/neutron_controller_ovs/bootstrap.sh
+++ b/neutron_controller_ovs/bootstrap.sh
@ -0,0 +1,76 @@
+#!/bin/bash
+#
+# This script sets up the openstack users and regions..
+# as well as the database for the nova controller.
+# This guide was used:
+# https://docs.openstack.org/ocata/install-guide-ubuntu/nova-controller-install.
+
+# Create admin-openrc.sh from secrets that are in the environment during bootstrap.
+cat << EOF > /root/admin-openrc.sh
+#!/bin/bash
+export OS_TENANT_NAME=admin
+export OS_USERNAME=admin
+export OS_PASSWORD=${OS_PASSWORD}
+export OS_AUTH_URL=http://${KEYSTONE_HOST}:35357/v3
+export OS_IDENTITY_API_VERSION=3
+
+export OS_PROJECT_DOMAIN_NAME=default
+export OS_USER_DOMAIN_NAME=default
+export OS_PROJECT_NAME=admin
+export OS_IMAGE_API_VERSION=2
+
+EOF
+
+source /root/admin-openrc.sh
+
+# create database for neutron.
+SQL_SCRIPT=/root/neutron.sql
+mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -h "$MYSQL_HOST" << EOF
+DROP DATABASE  IF EXISTS neutron;
+CREATE DATABASE neutron;
+
+GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
+    IDENTIFIED BY "${NEUTRON_PASSWORD}";
+
+GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
+    IDENTIFIED BY "${NEUTRON_PASSWORD}";
+EOF
+
+openstack user create "$NEUTRON_USER" --domain default --password "$NEUTRON_PASSWORD"
+openstack role add --project service --user neutron admin
+openstack service create --name neutron --description "OpenStack Networking" network
+
+# neutron endpoints
+openstack endpoint create --region RegionOne \
+  network public http://$MY_IP:9696
+
+openstack endpoint create --region RegionOne \
+  network internal http://$MY_IP:9696
+
+openstack endpoint create --region RegionOne \
+  network admin http://$MY_IP:9696
+
+# population of the database requires complete server and plug-in configuration files.
+/etc/write_conf.sh
+
+# Ugly hacks to prevent the manage command from failing
+sed -i "/    op.drop_column('networks', 'shared')/ s/^#*/#/" /usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/versions/liberty/contract/4ffceebfada_rbac_network.py
+sed -i "/    op.drop_column('subnets', 'shared')/ s/^#*/#/" /usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/versions/liberty/contract/4ffceebfada_rbac_network.py
+sed -i "/    op.drop_column('qos_policies', 'shared')/ s/^#*/#/" /usr/lib/python2.7/dist-packages/neutron/db/migration/alembic_migrations/versions/mitaka/contract/c6c112992c9_rbac_qos_policy.py
+
+neutron-db-manage --config-file /etc/neutron/neutron.conf \
+                  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head
+
+# And now we drop the colums and constraints that the ORM fails to drop.
+mysql -uroot -p"$MYSQL_ROOT_PASSWORD" -h "$MYSQL_HOST" neutron << EOF
+
+ALTER TABLE networks DROP CONSTRAINT CONSTRAINT_2;
+alter table networks drop column shared;
+
+ALTER TABLE subnets DROP CONSTRAINT CONSTRAINT_2;
+ALTER TABLE subnets DROP COLUMN shared;
+
+ALTER TABLE qos_policies DROP CONSTRAINT CONSTRAINT_1;
+ALTER TABLE qos_policies drop column shared
+
+EOF
--- a/neutron_controller_ovs/db_base_plugin_v2.py
+++ b/neutron_controller_ovs/db_base_plugin_v2.py
--- a/neutron_controller_ovs/run.sh
+++ b/neutron_controller_ovs/run.sh
@ -0,0 +1,43 @@
+#!/bin/bash
+# start neutron services
+
+/etc/write_conf.sh
+
+/usr/bin/neutron-server \
+--config-file /etc/neutron/neutron.conf \
+--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini \
+--config-file /etc/neutron/metadata_agent.ini \
+--config-dir /etc/neutron/ \
+-v -d &
+
+sleep 3
+/usr/bin/neutron-linuxbridge-agent \
+--config-file /etc/neutron/neutron.conf \
+--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini \
+--config-file /etc/neutron/metadata_agent.ini \
+--config-dir /etc/neutron/ \
+-v -d &
+
+sleep 3
+neutron-metadata-agent \
+--config-file /etc/neutron/neutron.conf \
+--config-file /etc/neutron/plugins/ml2/ml2_conf.ini \
+--config-file /etc/neutron/plugins/ml2/linuxbridge_agent.ini \
+--config-file /etc/neutron/metadata_agent.ini \
+--config-dir /etc/neutron/ \
+-v -d &
+
+sleep 3
+neutron-l3-agent \
+--config-file /etc/neutron/l3_agent.ini \
+--config-file /etc/neutron/neutron.conf \
+--config-file /etc/neutron/metadata_agent.ini \
+--config-dir /etc/neutron/ \
+-v -d &
+# If any process fails, kill the rest.
+# This ensures the container stops and systemd will restart it.
+
+wait -n
+pkill -P $$
--- a/neutron_controller_ovs/write_conf.sh
+++ b/neutron_controller_ovs/write_conf.sh
@ -0,0 +1,100 @@
+#!/bin/bash
+#
+# Generate config files from environments values.
+# These are to be passed to the docker container using -e
+
+cat << EOF > /etc/neutron/neutron.conf
+
+[DEFAULT]
+core_plugin = ml2
+service_plugins = router
+allow_overlapping_ips = True
+transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP
+auth_strategy = keystone
+notify_nova_on_port_status_changes = true
+notify_nova_on_port_data_changes = true
+dhcp_agents_per_network = 2
+
+[agent]
+root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
+
+[database]
+connection = mysql+pymysql://$NEUTRON_USER:$NEUTRON_PASSWORD@mariadb/neutron
+
+[keystone_authtoken]
+auth_uri = http://$KEYSTONE_HOST:5000
+auth_url = http://$KEYSTONE_HOST:35357
+memcached_servers = $MEMCACHED_HOST:11211
+auth_type = password
+project_domain_name = Default
+user_domain_name = Default
+project_name = service
+username = $NEUTRON_USER
+password = $NEUTRON_PASSWORD
+
+[nova]
+auth_url = http://$KEYSTONE_HOST:35357
+auth_type = password
+project_domain_name = Default
+user_domain_name = Default
+region_name = RegionOne
+project_name = service
+username = $NOVA_USER
+password = $NOVA_PASSWORD
+
+EOF
+
+cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
+
+[ml2]
+type_drivers = flat,vlan,vxlan
+tenant_network_types = vxlan
+mechanism_drivers = linuxbridge,l2population
+extension_drivers = port_security
+
+[ml2_type_vlan]
+network_vlan_ranges = provider
+
+[ml2_type_flat]
+flat_networks = provider
+
+[ml2_type_vxlan]
+vni_ranges = 1:1000
+
+[securitygroup]
+enable_ipset = true
+
+EOF
+
+cat << EOF > /etc/neutron/metadata_agent.ini
+
+[DEFAULT]
+nova_metadata_ip = $MY_IP
+metadata_proxy_shared_secret = $METADATA_SECRET
+
+EOF
+
+
+cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
+
+[linux_bridge]
+physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
+
+[vxlan]
+enable_vxlan = True
+l2_population = True
+local_ip = $OVERLAY_IP
+
+[securitygroup]
+enable_security_group = true
+firewall_driver = iptables
+
+EOF
+
+cat << EOF > /etc/neutron/l3_agent.ini
+
+[DEFAULT]
+interface_driver = linuxbridge
+external_network_bridge =
+
+EOF
--- a/nova_compute/write_conf.sh
+++ b/nova_compute/write_conf.sh
@ -124,9 +124,9 @@ allow_resize_to_same_host = True
 [libvirt]
 virt_type = kvm
 images_type = rbd
-images_rbd_pool = volumes
+images_rbd_pool = compute
 images_rbd_ceph_conf = /etc/ceph/ceph.conf
-rbd_user = volumes
+rbd_user = compute
 rbd_secret_uuid = d0db6ba7-a0c9-4da6-b0bc-aa7846325333

 [vnc]