rpm/SOURCES/neutron-server-setup

   1 #!/bin/bash
   2 #
   3 # Copyright (C) 2012, Red Hat, Inc.
   4 #
   5 # Licensed under the Apache License, Version 2.0 (the "License"); you may
   6 # not use this file except in compliance with the License. You may obtain
   7 # a copy of the License at
   8 #
   9 #      http://www.apache.org/licenses/LICENSE-2.0
  10 #
  11 # Unless required by applicable law or agreed to in writing, software
  12 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  13 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  14 # License for the specific language governing permissions and limitations
  15 # under the License.
  16 #
  17
  18 # The script supports the plugins below
  19 declare -a SUPPORTED_PLUGINS=(linuxbridge openvswitch)
  20
  21 #
  22 # Print --help output and exit.
  23 #
  24 usage() {
  25
  26 cat << EOF
  27 The helper script will install the necessary database support for the selected plugin.
  28 Please note that some plugins do not require database support. These are addressed in the script.
  29 The setup of MySQL with a multi-server OpenStack installation is outside of the scope of
  30 this simple helper script.
  31
  32 Usage: neutron-server-setup [options]
  33 Options:
  34         --help        | -h
  35                 Print usage information.
  36         --qpw <pw>    | -q <pw>
  37                 Specify the password for the 'neutron' MySQL user that neutron will
  38                 use to connect to the 'neutron' MySQL database.  By default,
  39                 the password 'neutron' will be used.
  40
  41         --rootpw <pw> | -r <pw>
  42                 Specify the root MySQL password.  If the script installs
  43                 the MySQL server, it will set the root password to this value
  44                 instead of prompting for a password.  If the MySQL server is
  45                 already installed, this password will be used to connect to the
  46                 database instead of having to prompt for it.
  47         --yes         | -y
  48                 In cases where the script would normally ask for confirmation
  49                 before doing something, such as installing mysql-server,
  50                 just assume yes.  This is useful if you want to run the script
  51                 non-interactively.
  52         --user        | -u
  53                 The neutron user.
  54         --plugin      | -p
  55                 The neutron plugin. Supported plugins:-
  56                     ${SUPPORTED_PLUGINS[*]}
  57 EOF
  58
  59         exit 0
  60 }
  61
  62 install_mysql_server() {
  63         if [ -z "${ASSUME_YES}" ] ; then
  64                 yum install mysql-server
  65         else
  66                 yum install -y mysql-server
  67         fi
  68 }
  69
  70 start_mysql_server() {
  71         service mysqld start
  72 }
  73
  74 is_valid_plugin() {
  75         local i=
  76         for i in "${SUPPORTED_PLUGINS[@]}"; do
  77                 if [ "$i" == "$1" ]; then
  78                         return 0
  79                 fi
  80         done
  81         return 1
  82 }
  83
  84 ASSUME_YES=""
  85 NEUTRON_USER=neutron
  86 MYSQL_Q_PW=neutron
  87 Q_CONF=/etc/neutron/neutron.conf
  88 LB_CONF=/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
  89 OVS_CONF=/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
  90 Q_HOST='localhost'
  91 Q_PORT=9696
  92
  93 # Keystone specific
  94 OS_USERNAME=${OS_USERNAME:-neutron}
  95 OS_PASSWORD=${OS_PASSWORD:-servicepass}
  96 OS_AUTH_URL=${OS_AUTH_URL:-http://127.0.0.1:35357/v2.0/}
  97 OS_TENANT_NAME=${OS_TENANT_NAME:-service}
  98
  99 # Nova specific
 100 NOVA_CONF=/etc/nova/nova.conf
 101 SCHEDULER_DRIVER=""
 102
 103 while [ $# -gt 0 ]
 104 do
 105         case "$1" in
 106                 -h|--help)
 107                         usage
 108                         ;;
 109                 -q|--qpw)
 110                         shift
 111                         MYSQL_Q_PW==${1}
 112                         ;;
 113                 -r|--rootpw)
 114                         shift
 115                         MYSQL_ROOT_PW=${1}
 116                         ;;
 117                 -y|--yes)
 118                         ASSUME_YES="yes"
 119                         ;;
 120                 -u|--user)
 121                         shift
 122                         NEUTRON_USER=${1}
 123                         ;;
 124                 -p|--plugin)
 125                         shift
 126                         NEUTRON_PLUGIN=${1}
 127                         ;;
 128                 *)
 129                         # ignore
 130                         shift
 131                         ;;
 132         esac
 133         shift
 134 done
 135
 136 # if the plugin is not defined
 137 if [ -z ${NEUTRON_PLUGIN} ] ; then
 138         echo "Please select a plugin from: ${SUPPORTED_PLUGINS[*]}"
 139         echo "Choice:"
 140         read NEUTRON_PLUGIN
 141 fi
 142
 143 # check that the plugin is valid
 144 is_valid_plugin ${NEUTRON_PLUGIN}
 145 if [ $? -ne 0 ]; then
 146         echo "Plugin '${NEUTRON_PLUGIN}' not supported. Supported plugins:-"
 147         echo "    ${SUPPORTED_PLUGINS[*]}"
 148         exit 0
 149 fi
 150
 151 echo "Neutron plugin: ${NEUTRON_PLUGIN}"
 152
 153 if ! [ -e "${Q_CONF}" ]; then
 154         echo "Please install the neutron package"
 155         exit 0
 156 fi
 157
 158 if ! [ -e "/etc/neutron/plugins/${NEUTRON_PLUGIN}" ]; then
 159         echo "Please install the ${NEUTRON_PLUGIN} neutron plugin"
 160         exit 0
 161 fi
 162
 163 case "${NEUTRON_PLUGIN}" in
 164 "linuxbridge")
 165         DB_NAME="neutron_linux_bridge"
 166         Q_PLUGIN_CLASS="neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2"
 167 ;;
 168
 169 "openvswitch")
 170         if ! rpm -q --whatprovides openvswitch > /dev/null
 171         then
 172                 echo "Please install openvswitch"
 173                 exit 0
 174         fi
 175         DB_NAME="ovs_neutron"
 176         Q_PLUGIN_CLASS="neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2"
 177 ;;
 178 esac
 179
 180 # Update neutron.conf
 181 # Plugin
 182 openstack-config --set ${Q_CONF} DEFAULT core_plugin $Q_PLUGIN_CLASS
 183 # QPID
 184 openstack-config --set ${Q_CONF} DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
 185 openstack-config --set ${Q_CONF} DEFAULT qpid_hostname localhost
 186 # Authentication
 187 openstack-config --set ${Q_CONF} DEFAULT auth_strategy keystone
 188
 189 openstack-config --del ${Q_CONF} keystone_authtoken admin_tenant_name
 190 openstack-config --del ${Q_CONF} keystone_authtoken admin_user
 191 openstack-config --del ${Q_CONF} keystone_authtoken admin_password
 192
 193 openstack-config --set ${Q_CONF} keystone_authtoken admin_tenant_name ${OS_TENANT_NAME}
 194 openstack-config --set ${Q_CONF} keystone_authtoken admin_user ${OS_USERNAME}
 195 openstack-config --set ${Q_CONF} keystone_authtoken admin_password ${OS_PASSWORD}
 196
 197 echo "Plugin: ${NEUTRON_PLUGIN} => Database: ${DB_NAME}"
 198
 199 # Make sure MySQL is installed.
 200
 201 NEW_MYSQL_INSTALL=0
 202 if ! rpm -q --whatprovides mysql-server > /dev/null
 203 then
 204         if [ -z "${ASSUME_YES}" ] ; then
 205                 printf "mysql-server is not installed.  Would you like to install it now? (y/n): "
 206                 read response
 207                 case "$response" in
 208                         y|Y)
 209                                 ;;
 210                         n|N)
 211                                 echo "mysql-server must be installed.  Please install it before proceeding."
 212                                 exit 0
 213                                 ;;
 214                         *)
 215                                 echo "Invalid response."
 216                                 exit 1
 217                 esac
 218         fi
 219
 220         NEW_MYSQL_INSTALL=1
 221         install_mysql_server
 222 fi
 223
 224
 225 # Make sure mysqld is running.
 226
 227 if ! service mysqld status > /dev/null
 228 then
 229         if [ -z "${ASSUME_YES}" ] ; then
 230                 printf "mysqld is not running.  Would you like to start it now? (y/n): "
 231                 read response
 232                 case "$response" in
 233                         y|Y)
 234                                 ;;
 235                         n|N)
 236                                 echo "mysqld must be running.  Please start it before proceeding."
 237                                 exit 0
 238                                 ;;
 239                         *)
 240                                 echo "Invalid response."
 241                                 exit 1
 242                 esac
 243         fi
 244
 245         start_mysql_server
 246
 247         # If we both installed and started, ensure it starts at boot
 248         [ $NEW_MYSQL_INSTALL -eq 1 ] && chkconfig mysqld on
 249 fi
 250
 251 # Get MySQL root access.
 252 if [ $NEW_MYSQL_INSTALL -eq 1 ]
 253 then
 254         if [ ! "${MYSQL_ROOT_PW+defined}" ] ; then
 255                 echo "Since this is a fresh installation of MySQL, please set a password for the 'root' mysql user."
 256
 257                 PW_MATCH=0
 258                 while [ $PW_MATCH -eq 0 ]
 259                 do
 260                         printf "Enter new password for 'root' mysql user: "
 261                         read -s MYSQL_ROOT_PW
 262                         echo
 263                         printf "Enter new password again: "
 264                         read -s PW2
 265                         echo
 266                         if [ "${MYSQL_ROOT_PW}" = "${PW2}" ] ; then
 267                                 PW_MATCH=1
 268                         else
 269                                 echo "Passwords did not match."
 270                         fi
 271                 done
 272         fi
 273
 274         echo "UPDATE mysql.user SET password = password('${MYSQL_ROOT_PW}') WHERE user = 'root'; DELETE FROM mysql.user WHERE user = ''; flush privileges;" | mysql -u root
 275         if ! [ $? -eq 0 ] ; then
 276                 echo "Failed to set password for 'root' MySQL user."
 277                 exit 1
 278         fi
 279 elif [ ! "${MYSQL_ROOT_PW+defined}" ] ; then
 280         printf "Please enter the password for the 'root' MySQL user: "
 281         read -s MYSQL_ROOT_PW
 282         echo
 283 fi
 284
 285 # Sanity check MySQL credentials.
 286
 287 MYSQL_ROOT_PW_ARG=""
 288 if [ "${MYSQL_ROOT_PW+defined}" ]
 289 then
 290         MYSQL_ROOT_PW_ARG="--password=${MYSQL_ROOT_PW}"
 291 fi
 292 echo "SELECT 1;" | mysql -u root ${MYSQL_ROOT_PW_ARG} > /dev/null
 293 if ! [ $? -eq 0 ]
 294 then
 295         echo "Failed to connect to the MySQL server.  Please check your root user credentials."
 296         exit 1
 297 fi
 298 echo "Verified connectivity to MySQL."
 299
 300 # Create a database user - check if it does not exist prior
 301 USER_EXISTS=$(mysql -u root ${MYSQL_ROOT_PW_ARG} -e "SELECT user FROM mysql.user WHERE user='${NEUTRON_USER}'"|grep ${NEUTRON_USER} | wc -l)
 302 if [ ${USER_EXISTS} -ne 0 ]; then
 303         echo "User ${NEUTRON_USER} already exists"
 304 else
 305         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create user '${NEUTRON_USER}'@'%' identified by '${MYSQL_Q_PW}'"
 306         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create user '${NEUTRON_USER}'@'localhost' identified by '${MYSQL_Q_PW}'"
 307 fi
 308
 309 #create database
 310 DB_EXISTS=$(mysql -u root ${MYSQL_ROOT_PW_ARG} -e "show databases"|grep ${DB_NAME}| wc -l)
 311 if [ ${DB_EXISTS} -ne 0 ]; then
 312         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "drop database ${DB_NAME}"
 313 fi
 314 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create database ${DB_NAME}"
 315
 316 # Configure database specifics
 317 case "${NEUTRON_PLUGIN}" in
 318 "linuxbridge")
 319         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on neutron_linux_bridge.* to '${NEUTRON_USER}'@'%'"
 320         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on neutron_linux_bridge.* to '${NEUTRON_USER}'@'localhost'"
 321         openstack-config --set ${LB_CONF} DATABASE sql_connection mysql://${NEUTRON_USER}:${MYSQL_Q_PW}@`hostname`/neutron_linux_bridge
 322
 323         echo "Please enter network device for VLAN trunking:"
 324         read NETWORK_DEVICE
 325         openstack-config --set ${LB_CONF} LINUX_BRIDGE physical_interface ${NETWORK_DEVICE}
 326
 327         ln -s ${LB_CONF} /etc/neutron/plugin.ini
 328 ;;
 329
 330 "openvswitch")
 331         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on ovs_neutron.* to '${NEUTRON_USER}'@'%'"
 332         mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on ovs_neutron.* to '${NEUTRON_USER}'@'localhost'"
 333         openstack-config --set ${OVS_CONF} DATABASE sql_connection mysql://${NEUTRON_USER}:${MYSQL_Q_PW}@`hostname`/ovs_neutron
 334         openstack-config --set ${OVS_CONF} SECURITYGROUP firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
 335         ln -s ${OVS_CONF} /etc/neutron/plugin.ini
 336 ;;
 337 esac
 338
 339 if [ -z "${ASSUME_YES}" ] ; then
 340     echo "Would you like to update the nova configuration files? (y/n): "
 341     read response
 342     case "$response" in
 343     y|Y)
 344         ;;
 345     *)
 346         echo "Complete!"
 347         exit 0
 348     esac
 349 fi
 350
 351 # If OpenStack is installed then configure nova.conf
 352 if ! [ -e "${NOVA_CONF}" ]; then
 353         echo "Please install OpenStack compute and then set the values"
 354         echo "in /etc/nova/nova.conf DEFAULT section"
 355         echo "    network_api_classi=nova.network.neutronv2.api.API"
 356         echo "    neutron_admin_username=${OS_USERNAME}"
 357         echo "    neutron_admin_password=${OS_PASSWORD}"
 358         echo "    neutron_admin_auth_url=${OS_AUTH_URL}"
 359         echo "    neutron_auth_strategy=keystone"
 360         echo "    neutron_admin_tenant_name=${OS_TENANT_NAME}"
 361         echo "    neutron_url=http://${Q_HOST}:${Q_PORT}/"
 362         echo "    firewall_driver=nova.virt.firewall.NoopFirewallDriver"
 363         echo "    security_group_api=neutron"
 364 else
 365         openstack-config --set ${NOVA_CONF} DEFAULT network_api_class nova.network.neutronv2.api.API
 366         openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_username ${OS_USERNAME}
 367         openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_password ${OS_PASSWORD}
 368         openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_auth_url ${OS_AUTH_URL}
 369         openstack-config --set ${NOVA_CONF} DEFAULT neutron_auth_strategy keystone
 370         openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_tenant_name ${OS_TENANT_NAME}
 371         openstack-config --set ${NOVA_CONF} DEFAULT neutron_url http://${Q_HOST}:${Q_PORT}/
 372         openstack-config --set ${NOVA_CONF} DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
 373         openstack-config --set ${NOVA_CONF} DEFAULT security_group_api neutron
 374 fi
 375
 376 echo "Configuration updates complete!"