Compare commits
20 Commits
feature/ba
...
master
Author | SHA1 | Date | |
---|---|---|---|
|
0dbcabb4a2 | ||
|
1920804c3c | ||
|
4481b09bbc | ||
|
52db295b69 | ||
|
07def88ceb | ||
|
77c512977f | ||
|
455e10c7ab | ||
|
d51c52d35c | ||
|
510b68d156 | ||
|
7f49c6d706 | ||
|
75434ae097 | ||
|
90b394e456 | ||
|
53bfd40ea6 | ||
|
00bb496ec5 | ||
|
7e7ab04df0 | ||
|
f4f9b95d09 | ||
|
6a048fc437 | ||
|
d54af88505 | ||
|
d8073d485b | ||
|
830e940fa2 |
194
.drone.yml
Normal file
194
.drone.yml
Normal file
@ -0,0 +1,194 @@
|
|||||||
|
---
|
||||||
|
# When the issue below is resolved, we can build the
|
||||||
|
# image that was actually changed.
|
||||||
|
# https://github.com/drone/drone/issues/1021
|
||||||
|
|
||||||
|
pipeline:
|
||||||
|
cinder_controller:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: cinder_controller/Dockerfile
|
||||||
|
context: cinder_controller
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-controller
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
cinder_storage:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: cinder_storage/Dockerfile
|
||||||
|
context: cinder_storage
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-storage
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
glance:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: glance/Dockerfile
|
||||||
|
context: glance
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-glance
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
heat:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: heat/Dockerfile
|
||||||
|
context: heat
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-heat
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
horizon:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: horizon/Dockerfile
|
||||||
|
context: horizon
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-horizon
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
keystone:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: keystone/Dockerfile
|
||||||
|
context: keystone
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-keystone
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
neutron_controller:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: neutron_controller/Dockerfile
|
||||||
|
context: neutron_controller
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-neutron-controller
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
nova_service:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: nova_service/Dockerfile
|
||||||
|
context: nova_service
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-nova-service
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
nova_compute:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: nova_compute/Dockerfile
|
||||||
|
context: nova_compute
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: master
|
||||||
|
keystone_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: keystone/Dockerfile
|
||||||
|
context: keystone
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-keystone-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
horizon_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: horizon/Dockerfile
|
||||||
|
context: horizon
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-horizon-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
neutron_controller_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: neutron_controller/Dockerfile
|
||||||
|
context: neutron_controller
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-neutron-controller-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
cinder_controller_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: cinder_controller/Dockerfile
|
||||||
|
context: cinder_controller
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-controller-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: mwelin
|
||||||
|
cinder_storage_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: cinder_storage/Dockerfile
|
||||||
|
context: cinder_storage
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-storage-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
nova_compute_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: nova_compute/Dockerfile
|
||||||
|
context: nova_compute
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
glance_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: glance/Dockerfile
|
||||||
|
context: glance
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-glance-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
heat_merlin:
|
||||||
|
image: plugins/docker
|
||||||
|
dockerfile: heat/Dockerfile
|
||||||
|
context: heat
|
||||||
|
secrets: [docker_username, docker_password]
|
||||||
|
registry: registry.webhosting.rug.nl
|
||||||
|
repo: registry.webhosting.rug.nl/hpc/openstack-heat-merlin
|
||||||
|
tag: latest
|
||||||
|
when:
|
||||||
|
branch: merlin
|
||||||
|
notify:
|
||||||
|
image: drillster/drone-email
|
||||||
|
host: smtp.rug.nl
|
||||||
|
port: 25
|
||||||
|
skip_verify: true
|
||||||
|
from: drone@webhosting.rug.nl
|
||||||
|
# recipients: [e.m.a.rijpkema@rug.nl, w.k.nap@rug.nl]
|
||||||
|
recipients: [e.m.a.rijpkema@rug.nl]
|
||||||
|
recipients_only: true
|
||||||
|
when:
|
||||||
|
status: [success, changed, failure]
|
||||||
|
# slack:
|
||||||
|
# image: plugins/slack
|
||||||
|
# webhook:
|
||||||
|
# channel: docker
|
||||||
|
# when:
|
||||||
|
# branch: [master, merlin]
|
||||||
|
# status: [success, failure]
|
@ -7,6 +7,7 @@ cinder-scheduler -d &
|
|||||||
sleep 5
|
sleep 5
|
||||||
apachectl -DFOREGROUND &
|
apachectl -DFOREGROUND &
|
||||||
|
|
||||||
|
tail -f /var/log/apache2/* &
|
||||||
# If any process fails, kill the rest.
|
# If any process fails, kill the rest.
|
||||||
# This ensures the container stops and systemd will restart it.
|
# This ensures the container stops and systemd will restart it.
|
||||||
|
|
||||||
|
8
cinder_storage/.gitignore
vendored
8
cinder_storage/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
@ -15,8 +15,7 @@ RUN set -x \
|
|||||||
python-openstackclient \
|
python-openstackclient \
|
||||||
python-oslo.cache \
|
python-oslo.cache \
|
||||||
lvm2 \
|
lvm2 \
|
||||||
python-ceph \
|
tgt \
|
||||||
python-rbd \
|
|
||||||
|
|
||||||
&& apt-get -y clean
|
&& apt-get -y clean
|
||||||
|
|
||||||
@ -29,6 +28,8 @@ COPY bootstrap.sh /etc/bootstrap.sh
|
|||||||
|
|
||||||
COPY run.sh /etc/run.sh
|
COPY run.sh /etc/run.sh
|
||||||
|
|
||||||
|
COPY lvm.conf /etc/lvm/lvm.conf
|
||||||
|
|
||||||
RUN chown root.root /etc/bootstrap.sh && chmod a+x /etc/bootstrap.sh
|
RUN chown root.root /etc/bootstrap.sh && chmod a+x /etc/bootstrap.sh
|
||||||
RUN chown root.root /etc/run.sh && chmod a+x /etc/run.sh
|
RUN chown root.root /etc/run.sh && chmod a+x /etc/run.sh
|
||||||
|
|
||||||
|
@ -22,6 +22,6 @@ source /root/admin-openrc.sh
|
|||||||
|
|
||||||
# create a LVM physical volume and volume group.
|
# create a LVM physical volume and volume group.
|
||||||
# This device should be available tpo the container
|
# This device should be available tpo the container
|
||||||
#pvcreate /dev/cinder_storage_volume
|
pvcreate $CINDER_STORAGE_VOLUME
|
||||||
#vgcreate cinder-volumes /dev/cinder_storage_volume
|
vgcreate cinder-volumes $CINDER_STORAGE_VOLUME
|
||||||
|
|
||||||
|
@ -3,9 +3,7 @@
|
|||||||
# Write the config files
|
# Write the config files
|
||||||
/etc/write_conf.sh
|
/etc/write_conf.sh
|
||||||
# start cinder processes.
|
# start cinder processes.
|
||||||
cinder-volume -d &
|
tgtd
|
||||||
|
|
||||||
sleep 5
|
|
||||||
|
|
||||||
cinder-volume -d &
|
cinder-volume -d &
|
||||||
|
|
||||||
|
@ -9,10 +9,11 @@ cat << EOF > /etc/cinder/cinder.conf
|
|||||||
connection = mysql+pymysql://$CINDER_USER:$CINDER_PASSWORD@$MYSQL_HOST/cinder
|
connection = mysql+pymysql://$CINDER_USER:$CINDER_PASSWORD@$MYSQL_HOST/cinder
|
||||||
|
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
|
storage_availability_zone="$AVAILABILITY_ZONE"
|
||||||
auth_strategy = keystone
|
auth_strategy = keystone
|
||||||
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP
|
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST
|
||||||
my_ip = $MY_IP
|
my_ip = $MY_IP
|
||||||
enabled_backends = RBD-backend
|
enabled_backends = lvm
|
||||||
glance_api_servers = http://$GLANCE_HOST:9292
|
glance_api_servers = http://$GLANCE_HOST:9292
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
@ -29,12 +30,11 @@ password = $CINDER_PASSWORD
|
|||||||
[oslo_concurrency]
|
[oslo_concurrency]
|
||||||
lock_path = /var/lib/cinder/tmp
|
lock_path = /var/lib/cinder/tmp
|
||||||
|
|
||||||
[RBD-backend]
|
[lvm]
|
||||||
volume_backend_name=RBD-backend
|
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
|
||||||
rbd_pool=volumes
|
volume_group = cinder-volumes
|
||||||
rbd_user=volumes
|
iscsi_protocol = iscsi
|
||||||
rbd_secret_uuid=d0db6ba7-a0c9-4da6-b0bc-aa7846325333
|
iscsi_helper = tgtadm
|
||||||
volume_driver=cinder.volume.drivers.rbd.RBDDriver
|
volumes_dir = /var/lib/cinder/volumes
|
||||||
rbd_ceph_conf=/etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
1
glance/.gitignore
vendored
1
glance/.gitignore
vendored
@ -1 +0,0 @@
|
|||||||
build.sh
|
|
@ -14,8 +14,6 @@ RUN set -x \
|
|||||||
python-mysqldb \
|
python-mysqldb \
|
||||||
python-openstackclient \
|
python-openstackclient \
|
||||||
python-oslo.cache \
|
python-oslo.cache \
|
||||||
python-rbd \
|
|
||||||
python-ceph \
|
|
||||||
&& apt-get -y clean \
|
&& apt-get -y clean \
|
||||||
&& rm -f /var/lib/glance/glance.sqlite
|
&& rm -f /var/lib/glance/glance.sqlite
|
||||||
|
|
||||||
|
@ -32,14 +32,13 @@ flavor = keystone
|
|||||||
|
|
||||||
|
|
||||||
[glance_store]
|
[glance_store]
|
||||||
stores = glance.store.rbd.Store
|
stores = file,http
|
||||||
default_store = rbd
|
default_store = file
|
||||||
rbd_store_pool = images
|
filesystem_store_datadir = /var/lib/glance/images/
|
||||||
rbd_store_user = images
|
|
||||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
|
||||||
cat << EOF > /etc/glance/glance-registry.conf
|
cat << EOF > /etc/glance/glance-registry.conf
|
||||||
|
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
@ -50,11 +49,9 @@ rpc_backend = rabbit
|
|||||||
connection = mysql+pymysql://$GLANCE_USER:$GLANCE_PASSWORD@$MYSQL_HOST/glance
|
connection = mysql+pymysql://$GLANCE_USER:$GLANCE_PASSWORD@$MYSQL_HOST/glance
|
||||||
|
|
||||||
[glance_store]
|
[glance_store]
|
||||||
stores = glance.store.rbd.Store
|
stores = file,http
|
||||||
default_store = rbd
|
default_store = file
|
||||||
rbd_store_pool = images
|
filesystem_store_datadir = /var/lib/glance/images/
|
||||||
rbd_store_user = images
|
|
||||||
rbd_store_ceph_conf = /etc/ceph/ceph.conf
|
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
auth_uri = http://$KEYSTONE_HOST:5000
|
auth_uri = http://$KEYSTONE_HOST:5000
|
||||||
|
8
heat/.gitignore
vendored
8
heat/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
8
horizon/.gitignore
vendored
8
horizon/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
@ -16,29 +16,20 @@ RUN set -x \
|
|||||||
python-openstackclient \
|
python-openstackclient \
|
||||||
&& apt-get -y clean
|
&& apt-get -y clean
|
||||||
|
|
||||||
|
EXPOSE 80
|
||||||
EXPOSE 80 443
|
|
||||||
|
|
||||||
COPY openstack-dashboard.conf /etc/apache2/conf-available/openstack-dashboard.conf
|
|
||||||
|
|
||||||
COPY local_settings.py /etc/openstack-dashboard/local_settings.py
|
COPY local_settings.py /etc/openstack-dashboard/local_settings.py
|
||||||
|
|
||||||
# Add a redirect to /keystone instead of the "It works! page"
|
# Add a redirect to /keystone instead of the "It works! page"
|
||||||
COPY 000-default.conf /etc/apache2/sites-available
|
COPY 000-default.conf /etc/apache2/sites-available
|
||||||
|
|
||||||
COPY run.sh /etc/run.sh
|
|
||||||
|
|
||||||
RUN chown -R www-data: /var/lib/openstack-dashboard/
|
RUN chown -R www-data: /var/lib/openstack-dashboard/
|
||||||
|
|
||||||
RUN touch /var/log/horizon.log
|
RUN touch /var/log/horizon.log
|
||||||
|
|
||||||
RUN chown www-data: /var/log/horizon.log
|
RUN chown www-data: /var/log/horizon.log
|
||||||
|
|
||||||
RUN a2enmod ssl
|
RUN chown horizon: /var/lib/openstack-dashboard/secret_key
|
||||||
RUN a2enmod headers
|
|
||||||
RUN a2enmod rewrite
|
|
||||||
|
|
||||||
RUN chown /var/lib/openstack-dashboard/secret_key horizon
|
CMD apachectl -DFOREGROUND
|
||||||
|
|
||||||
CMD /etc/run.sh
|
|
||||||
|
|
||||||
|
@ -37,7 +37,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
|
|||||||
#EMAIL_HOST_PASSWORD = 'top-secret!'
|
#EMAIL_HOST_PASSWORD = 'top-secret!'
|
||||||
|
|
||||||
OPENSTACK_HOST = os.environ['KEYSTONE_HOST']
|
OPENSTACK_HOST = os.environ['KEYSTONE_HOST']
|
||||||
OPENSTACK_KEYSTONE_URL = "https://%s:5000/v3" % OPENSTACK_HOST
|
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
|
||||||
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
|
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
|
||||||
|
|
||||||
|
|
||||||
@ -100,7 +100,7 @@ OPENSTACK_CINDER_FEATURES = {
|
|||||||
# services provided by neutron. Options currently available are load
|
# services provided by neutron. Options currently available are load
|
||||||
# balancer service, security groups, quotas, VPN service.
|
# balancer service, security groups, quotas, VPN service.
|
||||||
OPENSTACK_NEUTRON_NETWORK = {
|
OPENSTACK_NEUTRON_NETWORK = {
|
||||||
'enable_router': False,
|
'enable_router': True,
|
||||||
'enable_quotas': False,
|
'enable_quotas': False,
|
||||||
'enable_ipv6': False,
|
'enable_ipv6': False,
|
||||||
'enable_distributed_router': False,
|
'enable_distributed_router': False,
|
||||||
@ -266,6 +266,7 @@ TIME_ZONE = "UTC"
|
|||||||
# ('default', 'Default', 'themes/default'),
|
# ('default', 'Default', 'themes/default'),
|
||||||
# ('material', 'Material', 'themes/material'),
|
# ('material', 'Material', 'themes/material'),
|
||||||
#]
|
#]
|
||||||
|
|
||||||
LOGGING = {
|
LOGGING = {
|
||||||
'version': 1,
|
'version': 1,
|
||||||
# When set to True this will disable all logging except
|
# When set to True this will disable all logging except
|
||||||
@ -287,12 +288,11 @@ LOGGING = {
|
|||||||
},
|
},
|
||||||
'console': {
|
'console': {
|
||||||
# Set the level to "DEBUG" for verbose output logging.
|
# Set the level to "DEBUG" for verbose output logging.
|
||||||
'level': 'DEBUG',
|
'level': 'INFO',
|
||||||
'class': 'logging.FileHandler',
|
'class': 'logging.StreamHandler',
|
||||||
'filename': '/var/log/horizon.log',
|
|
||||||
},
|
},
|
||||||
'operation': {
|
'operation': {
|
||||||
'level': 'DEBUG',
|
'level': 'INFO',
|
||||||
'class': 'logging.StreamHandler',
|
'class': 'logging.StreamHandler',
|
||||||
'formatter': 'operation',
|
'formatter': 'operation',
|
||||||
},
|
},
|
||||||
@ -516,12 +516,3 @@ ALLOWED_HOSTS = '*'
|
|||||||
COMPRESS_OFFLINE = True
|
COMPRESS_OFFLINE = True
|
||||||
|
|
||||||
ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
|
||||||
|
|
||||||
WEBSSO_ENABLED = True
|
|
||||||
|
|
||||||
WEBSSO_CHOICES = (
|
|
||||||
("credentials", _("Keystone Credentials")),
|
|
||||||
("mapped", _("Security Assertion Markup Language"))
|
|
||||||
)
|
|
||||||
|
|
||||||
WEBSSO_INITIAL_CHOICE = "mapped"
|
|
||||||
|
@ -1,35 +0,0 @@
|
|||||||
<VirtualHost *:80>
|
|
||||||
RedirectMatch "^/$" "/horizon"
|
|
||||||
ServerName oscloudtest01.hpc.rug.nl
|
|
||||||
RewriteEngine On
|
|
||||||
RewriteCond %{HTTPS} off
|
|
||||||
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
|
|
||||||
</VirtualHost>
|
|
||||||
<VirtualHost *:443>
|
|
||||||
RedirectMatch "^/$" "/horizon"
|
|
||||||
ServerName oscloudtest01.hpc.rug.nl
|
|
||||||
|
|
||||||
SSLEngine On
|
|
||||||
SSLCertificateFile "/certs/oscloudtest01.hpc.rug.nl.crt"
|
|
||||||
SSLCertificateKeyFile "/certs/oscloudtest01.hpc.rug.nl.key"
|
|
||||||
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
|
|
||||||
|
|
||||||
# HTTP Strict Transport Security (HSTS) enforces that all communications
|
|
||||||
# with a server go over SSL. This mitigates the threat from attacks such
|
|
||||||
# as SSL-Strip which replaces links on the wire, stripping away https prefixes
|
|
||||||
# and potentially allowing an attacker to view confidential information on the
|
|
||||||
# wire
|
|
||||||
Header add Strict-Transport-Security "max-age=15768000"
|
|
||||||
|
|
||||||
Alias /horizon/static /var/lib/openstack-dashboard/static/
|
|
||||||
Alias /static /var/lib/openstack-dashboard/static/
|
|
||||||
|
|
||||||
<Directory /var/lib/openstack-dashboard/static>
|
|
||||||
Require all granted
|
|
||||||
</Directory>
|
|
||||||
|
|
||||||
WSGIScriptAlias /horizon /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi process-group=horizon
|
|
||||||
WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10 display-name=%{GROUP}
|
|
||||||
WSGIProcessGroup horizon
|
|
||||||
</VirtualHost>
|
|
||||||
|
|
@ -1,6 +0,0 @@
|
|||||||
#!/bin/bash
|
|
||||||
|
|
||||||
#Making the console log console again...
|
|
||||||
tail -f /var/log/horizon.log &
|
|
||||||
|
|
||||||
apachectl -DFOREGROUND
|
|
8
keystone/.gitignore
vendored
8
keystone/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
8
neutron_controller/.gitignore
vendored
8
neutron_controller/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
@ -29,16 +29,8 @@ neutron-metadata-agent \
|
|||||||
--config-dir /etc/neutron/ \
|
--config-dir /etc/neutron/ \
|
||||||
-v -d &
|
-v -d &
|
||||||
|
|
||||||
sleep 3
|
|
||||||
neutron-l3-agent \
|
|
||||||
--config-file /etc/neutron/l3_agent.ini \
|
|
||||||
--config-file /etc/neutron/neutron.conf \
|
|
||||||
--config-file /etc/neutron/metadata_agent.ini \
|
|
||||||
--config-dir /etc/neutron/ \
|
|
||||||
-v -d &
|
|
||||||
|
|
||||||
# If any process fails, kill the rest.
|
# If any process fails, kill the rest.
|
||||||
# This ensures the container stops and systemd will restart it.
|
# This insures the container stops and systemd will restart it.
|
||||||
|
|
||||||
wait -n
|
wait -n
|
||||||
pkill -P $$
|
pkill -P $$
|
||||||
|
@ -4,16 +4,15 @@
|
|||||||
# These are to be passed to the docker container using -e
|
# These are to be passed to the docker container using -e
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/neutron.conf
|
cat << EOF > /etc/neutron/neutron.conf
|
||||||
|
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
core_plugin = ml2
|
core_plugin = ml2
|
||||||
service_plugins = router
|
service_plugins =
|
||||||
allow_overlapping_ips = True
|
|
||||||
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP
|
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP
|
||||||
auth_strategy = keystone
|
auth_strategy = keystone
|
||||||
notify_nova_on_port_status_changes = true
|
notify_nova_on_port_status_changes = true
|
||||||
notify_nova_on_port_data_changes = true
|
notify_nova_on_port_data_changes = true
|
||||||
dhcp_agents_per_network = 2
|
dhcp_agents_per_network = 2
|
||||||
|
global_physnet_mtu = $GLOBAL_PHYSNET_MTU
|
||||||
|
|
||||||
[agent]
|
[agent]
|
||||||
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
|
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
|
||||||
@ -47,10 +46,11 @@ EOF
|
|||||||
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
|
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
|
||||||
|
|
||||||
[ml2]
|
[ml2]
|
||||||
type_drivers = flat,vlan,vxlan
|
type_drivers = flat,vlan
|
||||||
tenant_network_types = vxlan
|
tenant_network_types =
|
||||||
mechanism_drivers = linuxbridge,l2population
|
mechanism_drivers = linuxbridge
|
||||||
extension_drivers = port_security
|
extension_drivers = port_security
|
||||||
|
path_mtu = $GLOBAL_PHYSNET_MTU
|
||||||
|
|
||||||
[ml2_type_vlan]
|
[ml2_type_vlan]
|
||||||
network_vlan_ranges = provider
|
network_vlan_ranges = provider
|
||||||
@ -58,14 +58,25 @@ network_vlan_ranges = provider
|
|||||||
[ml2_type_flat]
|
[ml2_type_flat]
|
||||||
flat_networks = provider
|
flat_networks = provider
|
||||||
|
|
||||||
[ml2_type_vxlan]
|
|
||||||
vni_ranges = 1:1000
|
|
||||||
|
|
||||||
[securitygroup]
|
[securitygroup]
|
||||||
enable_ipset = true
|
enable_ipset = true
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
|
||||||
|
|
||||||
|
[linux_bridge]
|
||||||
|
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
|
||||||
|
|
||||||
|
[vxlan]
|
||||||
|
enable_vxlan = false
|
||||||
|
|
||||||
|
[securitygroup]
|
||||||
|
enable_security_group = true
|
||||||
|
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
|
||||||
|
|
||||||
|
EOF
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/metadata_agent.ini
|
cat << EOF > /etc/neutron/metadata_agent.ini
|
||||||
|
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
@ -73,35 +84,3 @@ nova_metadata_ip = $MY_IP
|
|||||||
metadata_proxy_shared_secret = $METADATA_SECRET
|
metadata_proxy_shared_secret = $METADATA_SECRET
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/l3_agent.ini
|
|
||||||
|
|
||||||
[DEFAULT]
|
|
||||||
interface_driver = linuxbridge
|
|
||||||
external_network_bridge =
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
|
|
||||||
|
|
||||||
[linux_bridge]
|
|
||||||
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
|
|
||||||
|
|
||||||
[vxlan]
|
|
||||||
enable_vxlan = True
|
|
||||||
l2_population = True
|
|
||||||
local_ip = $OVERLAY_IP
|
|
||||||
|
|
||||||
[securitygroup]
|
|
||||||
enable_security_group = true
|
|
||||||
firewall_driver = iptables
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/l3_agent.ini
|
|
||||||
|
|
||||||
[DEFAULT]
|
|
||||||
interface_driver = linuxbridge
|
|
||||||
external_network_bridge =
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
@ -1,26 +0,0 @@
|
|||||||
---
|
|
||||||
pipeline:
|
|
||||||
docker:
|
|
||||||
image: plugins/docker
|
|
||||||
secrets: [docker_username, docker_password]
|
|
||||||
registry: registry.webhosting.rug.nl
|
|
||||||
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute
|
|
||||||
tag: latest
|
|
||||||
notify:
|
|
||||||
image: drillster/drone-email
|
|
||||||
host: smtp.rug.nl
|
|
||||||
port: 25
|
|
||||||
skip_verify: true
|
|
||||||
from: drone@webhosting.rug.nl
|
|
||||||
recipients: [e.m.a.rijpkema@rug.nl]
|
|
||||||
recipients: [e.m.a.rijpkema@rug.nl, w.k.nap@rug.nl]
|
|
||||||
recipients_only: true
|
|
||||||
when:
|
|
||||||
status: [success, changed, failure]
|
|
||||||
# slack:
|
|
||||||
# image: plugins/slack
|
|
||||||
# webhook:
|
|
||||||
# channel: docker
|
|
||||||
# when:
|
|
||||||
# branch: [master, merlin]
|
|
||||||
# status: [success, failure]
|
|
@ -12,15 +12,12 @@ RUN set -x \
|
|||||||
python-openstackclient \
|
python-openstackclient \
|
||||||
nova-compute \
|
nova-compute \
|
||||||
neutron-linuxbridge-agent \
|
neutron-linuxbridge-agent \
|
||||||
neutron-l3-agent \
|
|
||||||
neutron-dhcp-agent \
|
neutron-dhcp-agent \
|
||||||
neutron-metadata-agent \
|
neutron-metadata-agent \
|
||||||
python-ceph \
|
|
||||||
python-rbd \
|
|
||||||
&& apt-get -y clean
|
&& apt-get -y clean
|
||||||
|
|
||||||
COPY write_conf.sh /etc/write_conf.sh
|
COPY write_conf.sh /etc/write_conf.sh
|
||||||
|
|
||||||
COPY run.sh /etc/run.sh
|
COPY run.sh /etc/run.sh
|
||||||
|
RUN echo hoi
|
||||||
CMD ["/etc/run.sh"]
|
CMD ["/etc/run.sh"]
|
||||||
|
@ -27,14 +27,6 @@ neutron-metadata-agent \
|
|||||||
--config-dir /etc/neutron/ \
|
--config-dir /etc/neutron/ \
|
||||||
-v -d &
|
-v -d &
|
||||||
|
|
||||||
sleep 3
|
|
||||||
neutron-l3-agent \
|
|
||||||
--config-file /etc/neutron/l3_agent.ini \
|
|
||||||
--config-file /etc/neutron/neutron.conf \
|
|
||||||
--config-file /etc/neutron/metadata_agent.ini \
|
|
||||||
--config-dir /etc/neutron/ \
|
|
||||||
-v -d &
|
|
||||||
|
|
||||||
# If any process fails, kill the rest.
|
# If any process fails, kill the rest.
|
||||||
# This ensures the container stops and systemd will restart it.
|
# This ensures the container stops and systemd will restart it.
|
||||||
|
|
||||||
|
@ -122,11 +122,6 @@ allow_resize_to_same_host = True
|
|||||||
|
|
||||||
[libvirt]
|
[libvirt]
|
||||||
virt_type=kvm
|
virt_type=kvm
|
||||||
images_type = rbd
|
|
||||||
images_rbd_pool = vms
|
|
||||||
images_rbd_ceph_conf = /etc/ceph/ceph.conf
|
|
||||||
rbd_user = nova
|
|
||||||
rbd_secret_uuid = b5044271-1918-4070-822c-f19ed14d7494
|
|
||||||
|
|
||||||
[vnc]
|
[vnc]
|
||||||
enabled = True
|
enabled = True
|
||||||
@ -194,11 +189,10 @@ EOF
|
|||||||
|
|
||||||
cat << EOF > /etc/neutron/neutron.conf
|
cat << EOF > /etc/neutron/neutron.conf
|
||||||
[DEFAULT]
|
[DEFAULT]
|
||||||
service_plugins = router
|
|
||||||
allow_overlapping_ips = True
|
|
||||||
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST
|
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST
|
||||||
auth_strategy = keystone
|
auth_strategy = keystone
|
||||||
core_plugin = ml2
|
core_plugin = ml2
|
||||||
|
global_physnet_mtu = $GLOBAL_PHYSNET_MTU
|
||||||
|
|
||||||
[keystone_authtoken]
|
[keystone_authtoken]
|
||||||
auth_uri = http://$KEYSTONE_HOST:5000
|
auth_uri = http://$KEYSTONE_HOST:5000
|
||||||
@ -223,12 +217,17 @@ password = $NOVA_PASSWORD
|
|||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
|
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/l3_agent.ini
|
[linux_bridge]
|
||||||
|
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
|
||||||
|
|
||||||
[DEFAULT]
|
[vxlan]
|
||||||
interface_driver = linuxbridge
|
enable_vxlan = false
|
||||||
external_network_bridge =
|
|
||||||
|
[securitygroup]
|
||||||
|
enable_security_group = true
|
||||||
|
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
@ -252,10 +251,11 @@ EOF
|
|||||||
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
|
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
|
||||||
|
|
||||||
[ml2]
|
[ml2]
|
||||||
type_drivers = flat,vlan,vxlan
|
type_drivers = flat,vlan
|
||||||
tenant_network_types = vxlan
|
tenant_network_types =
|
||||||
mechanism_drivers = linuxbridge,l2population
|
mechanism_drivers = linuxbridge
|
||||||
extension_drivers = port_security
|
extension_drivers = port_security
|
||||||
|
path_mtu = $GLOBAL_PHYSNET_MTU
|
||||||
|
|
||||||
[ml2_type_vlan]
|
[ml2_type_vlan]
|
||||||
network_vlan_ranges = provider
|
network_vlan_ranges = provider
|
||||||
@ -263,19 +263,7 @@ network_vlan_ranges = provider
|
|||||||
[ml2_type_flat]
|
[ml2_type_flat]
|
||||||
flat_networks = provider
|
flat_networks = provider
|
||||||
|
|
||||||
[ml2_type_vxlan]
|
|
||||||
vni_ranges = 1:100
|
|
||||||
|
|
||||||
[securitygroup]
|
[securitygroup]
|
||||||
enable_ipset = true
|
enable_ipset = true
|
||||||
|
|
||||||
EOF
|
EOF
|
||||||
|
|
||||||
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
|
|
||||||
|
|
||||||
[vxlan]
|
|
||||||
enable_vxlan = True
|
|
||||||
l2_population = True
|
|
||||||
local_ip = $OVERLAY_IP
|
|
||||||
|
|
||||||
EOF
|
|
||||||
|
8
nova_service/.gitignore
vendored
8
nova_service/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
@ -20,6 +20,7 @@ allow_migrate_to_same_host = True
|
|||||||
allow_resize_to_same_host = True
|
allow_resize_to_same_host = True
|
||||||
firewall_driver = nova.virt.firewall.NoopFirewallDriver
|
firewall_driver = nova.virt.firewall.NoopFirewallDriver
|
||||||
enabled_apis=osapi_compute,metadata
|
enabled_apis=osapi_compute,metadata
|
||||||
|
cpu_allocation_ratio = 4
|
||||||
|
|
||||||
[neutron]
|
[neutron]
|
||||||
url = http://$NEUTRON_CONTROLLER_HOST:9696
|
url = http://$NEUTRON_CONTROLLER_HOST:9696
|
||||||
|
8
openstack_client/.gitignore
vendored
8
openstack_client/.gitignore
vendored
@ -1,8 +0,0 @@
|
|||||||
# ---> Vim
|
|
||||||
[._]*.s[a-w][a-z]
|
|
||||||
[._]s[a-w][a-z]
|
|
||||||
*.un~
|
|
||||||
Session.vim
|
|
||||||
.netrwhist
|
|
||||||
*~
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user