Compare commits

..

20 Commits

Author SHA1 Message Date
Egon Rijpkema
0dbcabb4a2 Added storage_availability_zone 2018-12-18 16:59:45 +01:00
Egon Rijpkema
1920804c3c Instead of a mapped name...
we're using the actual device name now.
2018-12-14 16:15:30 +01:00
Egon Rijpkema
4481b09bbc Moved availability zone to the correct docker. 2018-12-13 14:03:06 +01:00
Egon Rijpkema
52db295b69 Added availability zone option 2018-12-11 10:04:04 +01:00
Egon Rijpkema
07def88ceb Add a merlin heat 2018-10-08 16:50:28 +02:00
Egon Rijpkema
77c512977f Build cinder controller 2018-09-24 10:14:48 +02:00
Egon Rijpkema
455e10c7ab Add apache2 log to container log. 2018-09-17 11:46:12 +02:00
Egon Rijpkema
d51c52d35c Keystone merlin version (with federation) 2018-08-10 16:16:39 +02:00
Egon Rijpkema
510b68d156 Added merlin(federated) horizon. 2018-08-09 13:19:25 +02:00
Egon Rijpkema
7f49c6d706 Enableling router 2018-07-23 15:49:08 +02:00
Egon Rijpkema
75434ae097 lower cpu_allocation ratio from 16 to 4 2018-06-18 14:57:25 +02:00
Egon Rijpkema
90b394e456 added merlin builds 2018-04-24 09:52:38 +02:00
Egon Rijpkema
53bfd40ea6 Copy paste error... 2018-04-23 16:56:06 +02:00
Egon Rijpkema
00bb496ec5 Build all the dockers. 2018-04-23 16:42:31 +02:00
Egon Rijpkema
7e7ab04df0 Debugging 2018-04-23 16:04:56 +02:00
Egon Rijpkema
f4f9b95d09 Dir needs a different name. 2018-04-23 15:57:57 +02:00
Egon Rijpkema
6a048fc437 Trying to adhere to python naming convention. 2018-04-23 15:52:21 +02:00
Egon Rijpkema
d54af88505 Only one gitignore. 2018-04-23 15:41:22 +02:00
Egon Rijpkema
d8073d485b Have a repo wide drone.yml 2018-04-23 15:39:29 +02:00
Egon Rijpkema
830e940fa2 Docker in name is no longer needed 2018-04-23 15:33:12 +02:00
28 changed files with 264 additions and 268 deletions

194
.drone.yml Normal file
View File

@ -0,0 +1,194 @@
---
# When the issue below is resolved, we can build the
# image that was actually changed.
# https://github.com/drone/drone/issues/1021
pipeline:
cinder_controller:
image: plugins/docker
dockerfile: cinder_controller/Dockerfile
context: cinder_controller
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-controller
tag: latest
when:
branch: master
cinder_storage:
image: plugins/docker
dockerfile: cinder_storage/Dockerfile
context: cinder_storage
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-storage
tag: latest
when:
branch: master
glance:
image: plugins/docker
dockerfile: glance/Dockerfile
context: glance
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-glance
tag: latest
when:
branch: master
heat:
image: plugins/docker
dockerfile: heat/Dockerfile
context: heat
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-heat
tag: latest
when:
branch: master
horizon:
image: plugins/docker
dockerfile: horizon/Dockerfile
context: horizon
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-horizon
tag: latest
when:
branch: master
keystone:
image: plugins/docker
dockerfile: keystone/Dockerfile
context: keystone
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-keystone
tag: latest
when:
branch: master
neutron_controller:
image: plugins/docker
dockerfile: neutron_controller/Dockerfile
context: neutron_controller
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-neutron-controller
tag: latest
when:
branch: master
nova_service:
image: plugins/docker
dockerfile: nova_service/Dockerfile
context: nova_service
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-nova-service
tag: latest
when:
branch: master
nova_compute:
image: plugins/docker
dockerfile: nova_compute/Dockerfile
context: nova_compute
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute
tag: latest
when:
branch: master
keystone_merlin:
image: plugins/docker
dockerfile: keystone/Dockerfile
context: keystone
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-keystone-merlin
tag: latest
when:
branch: merlin
horizon_merlin:
image: plugins/docker
dockerfile: horizon/Dockerfile
context: horizon
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-horizon-merlin
tag: latest
when:
branch: merlin
neutron_controller_merlin:
image: plugins/docker
dockerfile: neutron_controller/Dockerfile
context: neutron_controller
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-neutron-controller-merlin
tag: latest
when:
branch: merlin
cinder_controller_merlin:
image: plugins/docker
dockerfile: cinder_controller/Dockerfile
context: cinder_controller
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-controller-merlin
tag: latest
when:
branch: mwelin
cinder_storage_merlin:
image: plugins/docker
dockerfile: cinder_storage/Dockerfile
context: cinder_storage
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-cinder-storage-merlin
tag: latest
when:
branch: merlin
nova_compute_merlin:
image: plugins/docker
dockerfile: nova_compute/Dockerfile
context: nova_compute
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute-merlin
tag: latest
when:
branch: merlin
glance_merlin:
image: plugins/docker
dockerfile: glance/Dockerfile
context: glance
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-glance-merlin
tag: latest
when:
branch: merlin
heat_merlin:
image: plugins/docker
dockerfile: heat/Dockerfile
context: heat
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-heat-merlin
tag: latest
when:
branch: merlin
notify:
image: drillster/drone-email
host: smtp.rug.nl
port: 25
skip_verify: true
from: drone@webhosting.rug.nl
# recipients: [e.m.a.rijpkema@rug.nl, w.k.nap@rug.nl]
recipients: [e.m.a.rijpkema@rug.nl]
recipients_only: true
when:
status: [success, changed, failure]
# slack:
# image: plugins/slack
# webhook:
# channel: docker
# when:
# branch: [master, merlin]
# status: [success, failure]

View File

@ -7,6 +7,7 @@ cinder-scheduler -d &
sleep 5 sleep 5
apachectl -DFOREGROUND & apachectl -DFOREGROUND &
tail -f /var/log/apache2/* &
# If any process fails, kill the rest. # If any process fails, kill the rest.
# This ensures the container stops and systemd will restart it. # This ensures the container stops and systemd will restart it.

View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

View File

@ -15,8 +15,7 @@ RUN set -x \
python-openstackclient \ python-openstackclient \
python-oslo.cache \ python-oslo.cache \
lvm2 \ lvm2 \
python-ceph \ tgt \
python-rbd \
&& apt-get -y clean && apt-get -y clean
@ -29,6 +28,8 @@ COPY bootstrap.sh /etc/bootstrap.sh
COPY run.sh /etc/run.sh COPY run.sh /etc/run.sh
COPY lvm.conf /etc/lvm/lvm.conf
RUN chown root.root /etc/bootstrap.sh && chmod a+x /etc/bootstrap.sh RUN chown root.root /etc/bootstrap.sh && chmod a+x /etc/bootstrap.sh
RUN chown root.root /etc/run.sh && chmod a+x /etc/run.sh RUN chown root.root /etc/run.sh && chmod a+x /etc/run.sh

View File

@ -22,6 +22,6 @@ source /root/admin-openrc.sh
# create a LVM physical volume and volume group. # create a LVM physical volume and volume group.
# This device should be available tpo the container # This device should be available tpo the container
#pvcreate /dev/cinder_storage_volume pvcreate $CINDER_STORAGE_VOLUME
#vgcreate cinder-volumes /dev/cinder_storage_volume vgcreate cinder-volumes $CINDER_STORAGE_VOLUME

View File

@ -3,9 +3,7 @@
# Write the config files # Write the config files
/etc/write_conf.sh /etc/write_conf.sh
# start cinder processes. # start cinder processes.
cinder-volume -d & tgtd
sleep 5
cinder-volume -d & cinder-volume -d &

View File

@ -9,10 +9,11 @@ cat << EOF > /etc/cinder/cinder.conf
connection = mysql+pymysql://$CINDER_USER:$CINDER_PASSWORD@$MYSQL_HOST/cinder connection = mysql+pymysql://$CINDER_USER:$CINDER_PASSWORD@$MYSQL_HOST/cinder
[DEFAULT] [DEFAULT]
storage_availability_zone="$AVAILABILITY_ZONE"
auth_strategy = keystone auth_strategy = keystone
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST
my_ip = $MY_IP my_ip = $MY_IP
enabled_backends = RBD-backend enabled_backends = lvm
glance_api_servers = http://$GLANCE_HOST:9292 glance_api_servers = http://$GLANCE_HOST:9292
[keystone_authtoken] [keystone_authtoken]
@ -29,12 +30,11 @@ password = $CINDER_PASSWORD
[oslo_concurrency] [oslo_concurrency]
lock_path = /var/lib/cinder/tmp lock_path = /var/lib/cinder/tmp
[RBD-backend] [lvm]
volume_backend_name=RBD-backend volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
rbd_pool=volumes volume_group = cinder-volumes
rbd_user=volumes iscsi_protocol = iscsi
rbd_secret_uuid=d0db6ba7-a0c9-4da6-b0bc-aa7846325333 iscsi_helper = tgtadm
volume_driver=cinder.volume.drivers.rbd.RBDDriver volumes_dir = /var/lib/cinder/volumes
rbd_ceph_conf=/etc/ceph/ceph.conf
EOF EOF

1
glance/.gitignore vendored
View File

@ -1 +0,0 @@
build.sh

View File

@ -14,8 +14,6 @@ RUN set -x \
python-mysqldb \ python-mysqldb \
python-openstackclient \ python-openstackclient \
python-oslo.cache \ python-oslo.cache \
python-rbd \
python-ceph \
&& apt-get -y clean \ && apt-get -y clean \
&& rm -f /var/lib/glance/glance.sqlite && rm -f /var/lib/glance/glance.sqlite

View File

@ -32,14 +32,13 @@ flavor = keystone
[glance_store] [glance_store]
stores = glance.store.rbd.Store stores = file,http
default_store = rbd default_store = file
rbd_store_pool = images filesystem_store_datadir = /var/lib/glance/images/
rbd_store_user = images
rbd_store_ceph_conf = /etc/ceph/ceph.conf
EOF EOF
cat << EOF > /etc/glance/glance-registry.conf cat << EOF > /etc/glance/glance-registry.conf
[DEFAULT] [DEFAULT]
@ -50,11 +49,9 @@ rpc_backend = rabbit
connection = mysql+pymysql://$GLANCE_USER:$GLANCE_PASSWORD@$MYSQL_HOST/glance connection = mysql+pymysql://$GLANCE_USER:$GLANCE_PASSWORD@$MYSQL_HOST/glance
[glance_store] [glance_store]
stores = glance.store.rbd.Store stores = file,http
default_store = rbd default_store = file
rbd_store_pool = images filesystem_store_datadir = /var/lib/glance/images/
rbd_store_user = images
rbd_store_ceph_conf = /etc/ceph/ceph.conf
[keystone_authtoken] [keystone_authtoken]
auth_uri = http://$KEYSTONE_HOST:5000 auth_uri = http://$KEYSTONE_HOST:5000

8
heat/.gitignore vendored
View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

8
horizon/.gitignore vendored
View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

View File

@ -16,29 +16,20 @@ RUN set -x \
python-openstackclient \ python-openstackclient \
&& apt-get -y clean && apt-get -y clean
EXPOSE 80
EXPOSE 80 443
COPY openstack-dashboard.conf /etc/apache2/conf-available/openstack-dashboard.conf
COPY local_settings.py /etc/openstack-dashboard/local_settings.py COPY local_settings.py /etc/openstack-dashboard/local_settings.py
# Add a redirect to /keystone instead of the "It works! page" # Add a redirect to /keystone instead of the "It works! page"
COPY 000-default.conf /etc/apache2/sites-available COPY 000-default.conf /etc/apache2/sites-available
COPY run.sh /etc/run.sh
RUN chown -R www-data: /var/lib/openstack-dashboard/ RUN chown -R www-data: /var/lib/openstack-dashboard/
RUN touch /var/log/horizon.log RUN touch /var/log/horizon.log
RUN chown www-data: /var/log/horizon.log RUN chown www-data: /var/log/horizon.log
RUN a2enmod ssl RUN chown horizon: /var/lib/openstack-dashboard/secret_key
RUN a2enmod headers
RUN a2enmod rewrite
RUN chown /var/lib/openstack-dashboard/secret_key horizon CMD apachectl -DFOREGROUND
CMD /etc/run.sh

View File

@ -37,7 +37,7 @@ EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
#EMAIL_HOST_PASSWORD = 'top-secret!' #EMAIL_HOST_PASSWORD = 'top-secret!'
OPENSTACK_HOST = os.environ['KEYSTONE_HOST'] OPENSTACK_HOST = os.environ['KEYSTONE_HOST']
OPENSTACK_KEYSTONE_URL = "https://%s:5000/v3" % OPENSTACK_HOST OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_" OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"
@ -100,7 +100,7 @@ OPENSTACK_CINDER_FEATURES = {
# services provided by neutron. Options currently available are load # services provided by neutron. Options currently available are load
# balancer service, security groups, quotas, VPN service. # balancer service, security groups, quotas, VPN service.
OPENSTACK_NEUTRON_NETWORK = { OPENSTACK_NEUTRON_NETWORK = {
'enable_router': False, 'enable_router': True,
'enable_quotas': False, 'enable_quotas': False,
'enable_ipv6': False, 'enable_ipv6': False,
'enable_distributed_router': False, 'enable_distributed_router': False,
@ -266,6 +266,7 @@ TIME_ZONE = "UTC"
# ('default', 'Default', 'themes/default'), # ('default', 'Default', 'themes/default'),
# ('material', 'Material', 'themes/material'), # ('material', 'Material', 'themes/material'),
#] #]
LOGGING = { LOGGING = {
'version': 1, 'version': 1,
# When set to True this will disable all logging except # When set to True this will disable all logging except
@ -287,12 +288,11 @@ LOGGING = {
}, },
'console': { 'console': {
# Set the level to "DEBUG" for verbose output logging. # Set the level to "DEBUG" for verbose output logging.
'level': 'DEBUG', 'level': 'INFO',
'class': 'logging.FileHandler', 'class': 'logging.StreamHandler',
'filename': '/var/log/horizon.log',
}, },
'operation': { 'operation': {
'level': 'DEBUG', 'level': 'INFO',
'class': 'logging.StreamHandler', 'class': 'logging.StreamHandler',
'formatter': 'operation', 'formatter': 'operation',
}, },
@ -516,12 +516,3 @@ ALLOWED_HOSTS = '*'
COMPRESS_OFFLINE = True COMPRESS_OFFLINE = True
ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []} ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
WEBSSO_ENABLED = True
WEBSSO_CHOICES = (
("credentials", _("Keystone Credentials")),
("mapped", _("Security Assertion Markup Language"))
)
WEBSSO_INITIAL_CHOICE = "mapped"

View File

@ -1,35 +0,0 @@
<VirtualHost *:80>
RedirectMatch "^/$" "/horizon"
ServerName oscloudtest01.hpc.rug.nl
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
<VirtualHost *:443>
RedirectMatch "^/$" "/horizon"
ServerName oscloudtest01.hpc.rug.nl
SSLEngine On
SSLCertificateFile "/certs/oscloudtest01.hpc.rug.nl.crt"
SSLCertificateKeyFile "/certs/oscloudtest01.hpc.rug.nl.key"
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
# HTTP Strict Transport Security (HSTS) enforces that all communications
# with a server go over SSL. This mitigates the threat from attacks such
# as SSL-Strip which replaces links on the wire, stripping away https prefixes
# and potentially allowing an attacker to view confidential information on the
# wire
Header add Strict-Transport-Security "max-age=15768000"
Alias /horizon/static /var/lib/openstack-dashboard/static/
Alias /static /var/lib/openstack-dashboard/static/
<Directory /var/lib/openstack-dashboard/static>
Require all granted
</Directory>
WSGIScriptAlias /horizon /usr/share/openstack-dashboard/openstack_dashboard/wsgi/django.wsgi process-group=horizon
WSGIDaemonProcess horizon user=www-data group=www-data processes=3 threads=10 display-name=%{GROUP}
WSGIProcessGroup horizon
</VirtualHost>

View File

@ -1,6 +0,0 @@
#!/bin/bash
#Making the console log console again...
tail -f /var/log/horizon.log &
apachectl -DFOREGROUND

8
keystone/.gitignore vendored
View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

View File

@ -29,16 +29,8 @@ neutron-metadata-agent \
--config-dir /etc/neutron/ \ --config-dir /etc/neutron/ \
-v -d & -v -d &
sleep 3
neutron-l3-agent \
--config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \
--config-dir /etc/neutron/ \
-v -d &
# If any process fails, kill the rest. # If any process fails, kill the rest.
# This ensures the container stops and systemd will restart it. # This insures the container stops and systemd will restart it.
wait -n wait -n
pkill -P $$ pkill -P $$

View File

@ -4,16 +4,15 @@
# These are to be passed to the docker container using -e # These are to be passed to the docker container using -e
cat << EOF > /etc/neutron/neutron.conf cat << EOF > /etc/neutron/neutron.conf
[DEFAULT] [DEFAULT]
core_plugin = ml2 core_plugin = ml2
service_plugins = router service_plugins =
allow_overlapping_ips = True
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$MY_IP
auth_strategy = keystone auth_strategy = keystone
notify_nova_on_port_status_changes = true notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true notify_nova_on_port_data_changes = true
dhcp_agents_per_network = 2 dhcp_agents_per_network = 2
global_physnet_mtu = $GLOBAL_PHYSNET_MTU
[agent] [agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
@ -47,10 +46,11 @@ EOF
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2] [ml2]
type_drivers = flat,vlan,vxlan type_drivers = flat,vlan
tenant_network_types = vxlan tenant_network_types =
mechanism_drivers = linuxbridge,l2population mechanism_drivers = linuxbridge
extension_drivers = port_security extension_drivers = port_security
path_mtu = $GLOBAL_PHYSNET_MTU
[ml2_type_vlan] [ml2_type_vlan]
network_vlan_ranges = provider network_vlan_ranges = provider
@ -58,14 +58,25 @@ network_vlan_ranges = provider
[ml2_type_flat] [ml2_type_flat]
flat_networks = provider flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup] [securitygroup]
enable_ipset = true enable_ipset = true
EOF EOF
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF
cat << EOF > /etc/neutron/metadata_agent.ini cat << EOF > /etc/neutron/metadata_agent.ini
[DEFAULT] [DEFAULT]
@ -73,35 +84,3 @@ nova_metadata_ip = $MY_IP
metadata_proxy_shared_secret = $METADATA_SECRET metadata_proxy_shared_secret = $METADATA_SECRET
EOF EOF
cat << EOF > /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge
external_network_bridge =
EOF
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
[vxlan]
enable_vxlan = True
l2_population = True
local_ip = $OVERLAY_IP
[securitygroup]
enable_security_group = true
firewall_driver = iptables
EOF
cat << EOF > /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge
external_network_bridge =
EOF

View File

@ -1,26 +0,0 @@
---
pipeline:
docker:
image: plugins/docker
secrets: [docker_username, docker_password]
registry: registry.webhosting.rug.nl
repo: registry.webhosting.rug.nl/hpc/openstack-nova-compute
tag: latest
notify:
image: drillster/drone-email
host: smtp.rug.nl
port: 25
skip_verify: true
from: drone@webhosting.rug.nl
recipients: [e.m.a.rijpkema@rug.nl]
recipients: [e.m.a.rijpkema@rug.nl, w.k.nap@rug.nl]
recipients_only: true
when:
status: [success, changed, failure]
# slack:
# image: plugins/slack
# webhook:
# channel: docker
# when:
# branch: [master, merlin]
# status: [success, failure]

View File

@ -12,15 +12,12 @@ RUN set -x \
python-openstackclient \ python-openstackclient \
nova-compute \ nova-compute \
neutron-linuxbridge-agent \ neutron-linuxbridge-agent \
neutron-l3-agent \
neutron-dhcp-agent \ neutron-dhcp-agent \
neutron-metadata-agent \ neutron-metadata-agent \
python-ceph \
python-rbd \
&& apt-get -y clean && apt-get -y clean
COPY write_conf.sh /etc/write_conf.sh COPY write_conf.sh /etc/write_conf.sh
COPY run.sh /etc/run.sh COPY run.sh /etc/run.sh
RUN echo hoi
CMD ["/etc/run.sh"] CMD ["/etc/run.sh"]

View File

@ -27,14 +27,6 @@ neutron-metadata-agent \
--config-dir /etc/neutron/ \ --config-dir /etc/neutron/ \
-v -d & -v -d &
sleep 3
neutron-l3-agent \
--config-file /etc/neutron/l3_agent.ini \
--config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/metadata_agent.ini \
--config-dir /etc/neutron/ \
-v -d &
# If any process fails, kill the rest. # If any process fails, kill the rest.
# This ensures the container stops and systemd will restart it. # This ensures the container stops and systemd will restart it.

View File

@ -122,11 +122,6 @@ allow_resize_to_same_host = True
[libvirt] [libvirt]
virt_type=kvm virt_type=kvm
images_type = rbd
images_rbd_pool = vms
images_rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_user = nova
rbd_secret_uuid = b5044271-1918-4070-822c-f19ed14d7494
[vnc] [vnc]
enabled = True enabled = True
@ -194,11 +189,10 @@ EOF
cat << EOF > /etc/neutron/neutron.conf cat << EOF > /etc/neutron/neutron.conf
[DEFAULT] [DEFAULT]
service_plugins = router
allow_overlapping_ips = True
transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST transport_url = rabbit://$RABBIT_USER:$RABBIT_PASSWORD@$RABBIT_HOST
auth_strategy = keystone auth_strategy = keystone
core_plugin = ml2 core_plugin = ml2
global_physnet_mtu = $GLOBAL_PHYSNET_MTU
[keystone_authtoken] [keystone_authtoken]
auth_uri = http://$KEYSTONE_HOST:5000 auth_uri = http://$KEYSTONE_HOST:5000
@ -223,12 +217,17 @@ password = $NOVA_PASSWORD
EOF EOF
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
cat << EOF > /etc/neutron/l3_agent.ini [linux_bridge]
physical_interface_mappings = $PHYSICAL_INTERFACE_MAPPINGS
[DEFAULT] [vxlan]
interface_driver = linuxbridge enable_vxlan = false
external_network_bridge =
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF EOF
@ -252,10 +251,11 @@ EOF
cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini cat << EOF > /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2] [ml2]
type_drivers = flat,vlan,vxlan type_drivers = flat,vlan
tenant_network_types = vxlan tenant_network_types =
mechanism_drivers = linuxbridge,l2population mechanism_drivers = linuxbridge
extension_drivers = port_security extension_drivers = port_security
path_mtu = $GLOBAL_PHYSNET_MTU
[ml2_type_vlan] [ml2_type_vlan]
network_vlan_ranges = provider network_vlan_ranges = provider
@ -263,19 +263,7 @@ network_vlan_ranges = provider
[ml2_type_flat] [ml2_type_flat]
flat_networks = provider flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:100
[securitygroup] [securitygroup]
enable_ipset = true enable_ipset = true
EOF EOF
cat << EOF > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[vxlan]
enable_vxlan = True
l2_population = True
local_ip = $OVERLAY_IP
EOF

View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~

View File

@ -20,6 +20,7 @@ allow_migrate_to_same_host = True
allow_resize_to_same_host = True allow_resize_to_same_host = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver
enabled_apis=osapi_compute,metadata enabled_apis=osapi_compute,metadata
cpu_allocation_ratio = 4
[neutron] [neutron]
url = http://$NEUTRON_CONTROLLER_HOST:9696 url = http://$NEUTRON_CONTROLLER_HOST:9696

View File

@ -1,8 +0,0 @@
# ---> Vim
[._]*.s[a-w][a-z]
[._]s[a-w][a-z]
*.un~
Session.vim
.netrwhist
*~