diff --git a/software/openstack/instance-compute.cfg b/software/openstack/instance-compute.cfg new file mode 100644 index 0000000000000000000000000000000000000000..7b8b3fdf318c3e1ba01688cabedd0fc3c3b8b584 --- /dev/null +++ b/software/openstack/instance-compute.cfg @@ -0,0 +1,288 @@ +############################# +# +# Instanciate kvm +# +############################# +[buildout] +parts = + certificate-authority + kvm-instance + kvm-controller-instance + kvm-promise + tunnel-ipv6-ssh + tunnel-ipv6-http + tunnel-ipv6-https + tunnel-ipv6-keystone + tunnel-ipv6-keystone-admin + tunnel-ipv6-novnc + tunnel-ipv6-glance + tunnel-ipv6-s3api + tunnel-ipv6-spice + tunnel-ipv6-novadb + tunnel-ipv6-rabbit + tunnel-ipv6-ec2 + websockify-sighandler + novnc-promise + publish-kvm-connection-information + +eggs-directory = ${buildout:eggs-directory} +develop-eggs-directory = ${buildout:develop-eggs-directory} +offline = true + +[directory] +recipe = slapos.cookbook:mkdirectory +etc = $${buildout:directory}/etc +bin = $${buildout:directory}/bin +srv = $${buildout:directory}/srv +var = $${buildout:directory}/var +scripts = $${:etc}/run +services = $${:etc}/service +promises = $${:etc}/promise +novnc-conf = $${:etc}/novnc +run = $${:var}/run +ca-dir = $${:srv}/ssl + +[create-mac] +recipe = slapos.cookbook:generate.mac +storage-path = $${directory:srv}/mac + +[gen-passwd] +recipe = slapos.cookbook:generate.password +storage-path = $${directory:srv}/passwd +bytes = 8 + +[gen-kvm-run] +recipe = slapos.recipe.template +url = ${kvm-run:location}/${kvm-run:filename} +output = $${directory:bin}/kvm_run_raw +mode = 0700 + +software_type = compute +python_path = ${buildout:executable} +disk_path = $${directory:srv}/virtual.qcow2 +qemu_img_path = ${kvm:location}/bin/qemu-img +disk_size = $${slap-parameter:disk-size} +vnc_ip = $${slap-network-information:local-ipv4} +qemu_path = ${kvm:location}/bin/qemu-system-x86_64 +mac_address = $${create-mac:mac-address} +smp_count = $${slap-parameter:cpu-count} +ram_size = $${slap-parameter:ram-size} +disk_type = $${slap-parameter:disk-type} +boot_disk_path = $${directory:srv}/boot.qcow2 +socket_path = $${directory:var}/qmp_socket +pid_file_path = $${directory:run}/kvm_run.pid +nbd_ip = $${slap-parameter:nbd-ip} +nbd_port = 1024 +vnc_port = 5901 + +[gen-kvm-controller] +recipe = slapos.recipe.template +url = ${kvm-controller:location}/${kvm-controller:filename} +output = $${directory:bin}/kvm_controller_raw +mode = 0700 + +python_path = ${buildout:executable} +socket_path = $${directory:var}/qmp_socket +vnc_passwd = $${gen-passwd:passwd} + +[kvm-controller-instance] +recipe = slapos.cookbook:wrapper +command-line = $${gen-kvm-controller:output} +wrapper-path = $${directory:scripts}/kvm_controller + +[kvm-instance] +recipe = slapos.cookbook:wrapper +command-line = $${gen-kvm-run:output} +wrapper-path = $${directory:services}/kvm + +[kvm-promise] +recipe = slapos.cookbook:check_port_listening +path = $${directory:promises}/vnc_promise +hostname = $${gen-kvm-run:vnc_ip} +port = $${gen-kvm-run:vnc_port} + +[tunnel-ipv6-base] +recipe = slapos.cookbook:ipv6toipv4 +ipv6 = $${slap-network-information:global-ipv6} +ipv4 = $${slap-network-information:local-ipv4} +shell-path = ${dash:location}/bin/dash +6tunnel-path = ${6tunnel:location}/bin/6tunnel + +[tunnel-ipv4-to6] +recipe = slapos.cookbook:ipv4toipv6 +ipv6 = $${slap-parameter:master-address} +ipv4 = $${slap-network-information:local-ipv4} +shell-path = ${dash:location}/bin/dash +6tunnel-path = ${6tunnel:location}/bin/6tunnel + +[tunnel-ipv6-ssh] +<= tunnel-ipv6-base +ipv6-port = 22222 +ipv4-port = 22222 +runner-path = $${directory:services}/6tunnel-ssh + +[tunnel-ipv6-http] +<= tunnel-ipv6-base +ipv6-port = 80 +ipv4-port = 80 +runner-path = $${directory:services}/6tunnel-http + +[tunnel-ipv6-https] +<= tunnel-ipv6-base +ipv6-port = 443 +ipv4-port = 443 +runner-path = $${directory:services}/6tunnel-https + +[tunnel-ipv6-keystone] +<= tunnel-ipv4-to6 +ipv6-port = 5000 +ipv4-port = 5000 +runner-path = $${directory:services}/6tunnel-keystone + +[tunnel-ipv6-keystone-admin] +<= tunnel-ipv4-to6 +ipv6-port = 35357 +ipv4-port = 35357 +runner-path = $${directory:services}/6tunnel-keystone-admin + +[tunnel-ipv6-novnc] +<= tunnel-ipv4-to6 +ipv6-port = 6080 +ipv4-port = 6080 +runner-path = $${directory:services}/6tunnel-novnc + +[tunnel-ipv6-glance] +<= tunnel-ipv4-to6 +ipv6-port = 9292 +ipv4-port = 9292 +runner-path = $${directory:services}/6tunnel-glance + +[tunnel-ipv6-spice] +<= tunnel-ipv4-to6 +ipv6-port = 6082 +ipv4-port = 6082 +runner-path = $${directory:services}/6tunnel-spice + +#I don't know if this is really usefull!! +[tunnel-ipv6-s3api] +<= tunnel-ipv4-to6 +ipv6-port = 3333 +ipv4-port = 3333 +runner-path = $${directory:services}/6tunnel-s3api + +[tunnel-ipv6-ec2] +<= tunnel-ipv4-to6 +ipv6-port = 8773 +ipv4-port = 8773 +runner-path = $${directory:services}/6tunnel-ec2 + +[tunnel-ipv6-rabbit] +<= tunnel-ipv4-to6 +ipv6-port = 5672 +ipv4-port = 5672 +runner-path = $${directory:services}/6tunnel-rabbit + +[tunnel-ipv6-novadb] +<= tunnel-ipv4-to6 +ipv6-port = 3306 +ipv4-port = 3306 +runner-path = $${directory:services}/6tunnel-novadb + +[novnc-instance] +recipe = slapos.cookbook:novnc +path = $${ca-novnc:executable} +ip = $${slap-network-information:global-ipv6} +port = 6081 +vnc-ip = $${gen-kvm-run:vnc_ip} +vnc-port = $${gen-kvm-run:vnc_port} +novnc-location = ${noVNC:location} +websockify-path = ${buildout:directory}/bin/websockify +ssl-key-path = $${ca-novnc:key-file} +ssl-cert-path = $${ca-novnc:cert-file} + +[websockify-sighandler] +recipe = slapos.cookbook:signalwrapper +wrapper-path = $${directory:services}/websockify +wrapped-path = $${novnc-instance:path} + +[certificate-authority] +recipe = slapos.cookbook:certificate_authority +openssl-binary = ${openssl:location}/bin/openssl +ca-dir = $${directory:ca-dir} +requests-directory = $${cadirectory:requests} +wrapper = $${directory:services}/certificate_authority +ca-private = $${cadirectory:private} +ca-certs = $${cadirectory:certs} +ca-newcerts = $${cadirectory:newcerts} +ca-crl = $${cadirectory:crl} + +[cadirectory] +recipe = slapos.cookbook:mkdirectory +requests = $${directory:ca-dir}/requests/ +private = $${directory:ca-dir}/private/ +certs = $${directory:ca-dir}/certs/ +newcerts = $${directory:ca-dir}/newcerts/ +crl = $${directory:ca-dir}/crl/ + +[ca-novnc] +<= certificate-authority +recipe = slapos.cookbook:certificate_authority.request +key-file = $${directory:novnc-conf}/novnc.key +cert-file = $${directory:novnc-conf}/novnc.crt +executable = $${directory:bin}/novnc +wrapper = $${directory:bin}/websockify + +[novnc-promise] +recipe = slapos.cookbook:check_port_listening +path = $${directory:promises}/novnc_promise +hostname = $${novnc-instance:ip} +port = $${novnc-instance:port} + + +[kvm-monitor] +recipe = slapos.cookbook:generic.slapmonitor +db-path = $${directory:srv}/slapmonitor_database + + +[request-slave-frontend] +recipe = slapos.cookbook:requestoptional +software-url = $${slap-parameter:frontend-software-url} +server-url = $${slap-connection:server-url} +key-file = $${slap-connection:key-file} +cert-file = $${slap-connection:cert-file} +computer-id = $${slap-connection:computer-id} +partition-id = $${slap-connection:partition-id} +name = VNC Frontend +software-type = $${slap-parameter:frontend-software-type} +slave = true +config = host port +config-host = $${novnc-instance:ip} +config-port = $${novnc-instance:port} +return = url resource port domainname +#sla = instance_guid +#sla-instance_guid = $${slap-parameter:frontend-instance-guid} + +[publish-kvm-connection-information] +recipe = slapos.cookbook:publish +vnc-backend-url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_auto.html?host=[$${novnc-instance:ip}]&port=$${novnc-instance:port}&encrypt=1 +vnc-password = $${gen-passwd:passwd} +vnc-url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource} +ssh = ssh stack@$${tunnel-ipv6-ssh:ipv6} -p $${tunnel-ipv6-ssh:ipv6-port} +ssh-defaul-passwd = openstack +local-ipv4 = $${slap-network-information:local-ipv4} + +[slap-parameter] +# Default values if not specified +#frontend-instance-guid = SOFTINST-81 +frontend-software-type = frontend +frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg + +ram-size = 2048 +disk-size = 20 +disk-type = virtio + +cpu-count = 4 +nbd-ip = 2001:470:1f14:169:dd6b:3f84:9205:c750 +domain = +master-address = 2001:470:1f14:169:dd6b:3f84:9205:73a4 +master-passwd = openstack diff --git a/software/openstack/instance-main.cfg b/software/openstack/instance-main.cfg index 2e194969dd5a3cdd1abdf420afcfcc3245ce9cab..5037688e286a5441809cf06f8cc9b8a48ba1c56c 100644 --- a/software/openstack/instance-main.cfg +++ b/software/openstack/instance-main.cfg @@ -19,6 +19,8 @@ parts = tunnel-ipv6-s3api tunnel-ipv6-spice tunnel-ipv6-novadb + tunnel-ipv6-rabbit + tunnel-ipv6-ec2 websockify-sighandler novnc-promise publish-kvm-connection-information @@ -55,6 +57,7 @@ url = ${kvm-run:location}/${kvm-run:filename} output = $${directory:bin}/kvm_run_raw mode = 0700 +software_type = main python_path = ${buildout:executable} disk_path = $${directory:srv}/virtual.qcow2 qemu_img_path = ${kvm:location}/bin/qemu-img @@ -147,12 +150,24 @@ ipv6-port = 9292 ipv4-port = 9292 runner-path = $${directory:services}/6tunnel-glance +[tunnel-ipv6-rabbit] +<= tunnel-ipv6-base +ipv6-port = 5672 +ipv4-port = 5672 +runner-path = $${directory:services}/6tunnel-rabbit + [tunnel-ipv6-spice] <= tunnel-ipv6-base ipv6-port = 6082 ipv4-port = 6082 runner-path = $${directory:services}/6tunnel-spice +[tunnel-ipv6-ec2] +<= tunnel-ipv6-base +ipv6-port = 8773 +ipv4-port = 8773 +runner-path = $${directory:services}/6tunnel-ec2 + #I don't know if this is really usefull!! [tunnel-ipv6-s3api] <= tunnel-ipv6-base @@ -224,7 +239,7 @@ db-path = $${directory:srv}/slapmonitor_database [request-slave-frontend] recipe = slapos.cookbook:requestoptional -software-url = $${slap-parameter:frontend-software-url} +software-url = $${slap-parameter:kvm-frontend-url} server-url = $${slap-connection:server-url} key-file = $${slap-connection:key-file} cert-file = $${slap-connection:cert-file} @@ -237,8 +252,32 @@ config = host port config-host = $${novnc-instance:ip} config-port = $${novnc-instance:port} return = url resource port domainname -sla = instance_guid -sla-instance_guid = $${slap-parameter:frontend-instance-guid} +#sla = instance_guid +#sla-instance_guid = $${slap-parameter:frontend-instance-guid} + +[request-openstack-frontend] +<= slap-connection +recipe = slapos.cookbook:requestoptional +name = Frontend OpenStack +# XXX We have hardcoded SR URL here. +software-url = $${slap-parameter:frontend-software-url} +slave = true +config = url custom_domain +config-url = http://[$${slap-network-information:global-ipv6}]:80/ +return = site_url +config-custom_domain = $${slap-parameter:domain} + +[request-openstack-vnc-frontend] +<= slap-connection +recipe = slapos.cookbook:requestoptional +name = Frontend OpenStack VNC +# XXX We have hardcoded SR URL here. +software-url = $${slap-parameter:frontend-software-url} +slave = true +config = url custom_domain +config-url = http://[$${slap-network-information:global-ipv6}]:6080/ +return = site_url +config-custom_domain = $${slap-parameter:domain} [publish-kvm-connection-information] recipe = slapos.cookbook:publish @@ -246,13 +285,16 @@ vnc-backend-url = https://[$${novnc-instance:ip}]:$${novnc-instance:port}/vnc_au vnc-password = $${gen-passwd:passwd} vnc-url = $${request-slave-frontend:connection-url}/vnc_auto.html?host=$${request-slave-frontend:connection-domainname}&port=$${request-slave-frontend:connection-port}&encrypt=1&path=$${request-slave-frontend:connection-resource} ssh = ssh stack@$${tunnel-ipv6-ssh:ipv6} -p $${tunnel-ipv6-ssh:ipv6-port} +server-url = $${request-openstack-frontend:connection-site_url} +openstack-vnc = $${request-openstack-vnc-frontend:connection-site_url} +openstack-services-host = $${slap-network-information:global-ipv6} ssh-defaul-passwd = openstack [slap-parameter] # Default values if not specified -frontend-instance-guid = SOFTINST-81 frontend-software-type = frontend -frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg +kvm-frontend-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/refs/tags/slapos-0.92:/software/kvm/software.cfg +frontend-software-url = http://git.erp5.org/gitweb/slapos.git/blob_plain/HEAD:/software/apache-frontend/software.cfg ram-size = 2048 disk-size = 20 diff --git a/software/openstack/instance.cfg b/software/openstack/instance.cfg index 040449bbfa32fd7753e32c0e1e58594cd2fad82c..883580fd973cc25dea102eebb6ee56e5f2578d2a 100644 --- a/software/openstack/instance.cfg +++ b/software/openstack/instance.cfg @@ -8,7 +8,8 @@ offline = true [switch-softwaretype] recipe = slapos.cookbook:softwaretype -default = ${template-kvm:output} +default = ${template-openstack-main:output} +compute = ${template-openstack-compute:output} [slap-connection] # part to migrate to new - separated words diff --git a/software/openstack/software.cfg b/software/openstack/software.cfg index 966d29a095548684843d49f8dbb73c8ee21c2543..49eabae762c56f72bc34c9d1575af3e819acf6d4 100644 --- a/software/openstack/software.cfg +++ b/software/openstack/software.cfg @@ -24,17 +24,24 @@ eggs = slapos.cookbook slapos.toolbox -[template-kvm] +[template-openstack-main] recipe = slapos.recipe.template url = ${:_profile_base_location_}/instance-main.cfg -md5sum = 1ab7b31c6df203988c693cef80663d8d +md5sum = 2c67b51e981ad2ee404ff6001fa4b901 output = ${buildout:directory}/template-openstack-main.cfg mode = 0644 +[template-openstack-compute] +recipe = slapos.recipe.template +url = ${:_profile_base_location_}/instance-compute.cfg +md5sum = 0a27f45735999aef7c4af2bbc09557de +output = ${buildout:directory}/template-openstack-compute.cfg +mode = 0644 + [template] recipe = slapos.recipe.template url = ${:_profile_base_location_}/instance.cfg -md5sum = 5e426ac6182e30d651d53cf03abeef5d +md5sum = 078532437caafea4d515fb27267de6ee output = ${buildout:directory}/template.cfg mode = 0644 @@ -52,7 +59,7 @@ md5sum = 04a94f04344a6169af242dea03b8c52d [kvm-run] <= template-download filename = kvm-run.in -md5sum = 66d8385453de3c332a48052ecd2dbd2b +md5sum = 7c05088023d252e98aa1574880dd1afb [networkcache] # signature certificates of the following uploaders. diff --git a/software/openstack/templates/kvm-run.in b/software/openstack/templates/kvm-run.in index 14d03eed0757c63878e284bc889b3dcb0f2ea988..4a470bfaba2a6910294b5758cbcb6a0469de6574 100644 --- a/software/openstack/templates/kvm-run.in +++ b/software/openstack/templates/kvm-run.in @@ -33,7 +33,10 @@ if not os.path.exists(disk_path): disk_path, '${:disk_size}G']) # Generate NAT rules for ssh connexion -nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443, 5000, 6080, 6082, 3333, 9292, 3306, 35357]) +if "${:software_type}".strip() == "compute": + nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443]) +else: + nat_rules = ",".join("hostfwd=tcp:${:vnc_ip}:%s-:%s" % (port, port) for port in [80, 443, 5000, 6080, 6082, 3333, 9292, 3306, 35357]) kvm_argument_list = ['${:qemu_path}', '-enable-kvm', '-net', 'nic,macaddr=${:mac_address}',