3 # Copyright (C) 2012, Red Hat, Inc.
5 # Licensed under the Apache License, Version 2.0 (the "License"); you may
6 # not use this file except in compliance with the License. You may obtain
7 # a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
13 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
14 # License for the specific language governing permissions and limitations
18 # The script supports the plugins below
19 declare -a SUPPORTED_PLUGINS=(linuxbridge openvswitch)
22 # Print --help output and exit.
27 The helper script will install the necessary database support for the selected plugin.
28 Please note that some plugins do not require database support. These are addressed in the script.
29 The setup of MySQL with a multi-server OpenStack installation is outside of the scope of
30 this simple helper script.
32 Usage: neutron-server-setup [options]
35 Print usage information.
37 Specify the password for the 'neutron' MySQL user that neutron will
38 use to connect to the 'neutron' MySQL database. By default,
39 the password 'neutron' will be used.
41 --rootpw <pw> | -r <pw>
42 Specify the root MySQL password. If the script installs
43 the MySQL server, it will set the root password to this value
44 instead of prompting for a password. If the MySQL server is
45 already installed, this password will be used to connect to the
46 database instead of having to prompt for it.
48 In cases where the script would normally ask for confirmation
49 before doing something, such as installing mysql-server,
50 just assume yes. This is useful if you want to run the script
55 The neutron plugin. Supported plugins:-
56 ${SUPPORTED_PLUGINS[*]}
62 install_mysql_server() {
63 if [ -z "${ASSUME_YES}" ] ; then
64 yum install mysql-server
66 yum install -y mysql-server
70 start_mysql_server() {
76 for i in "${SUPPORTED_PLUGINS[@]}"; do
77 if [ "$i" == "$1" ]; then
87 Q_CONF=/etc/neutron/neutron.conf
88 LB_CONF=/etc/neutron/plugins/linuxbridge/linuxbridge_conf.ini
89 OVS_CONF=/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini
94 OS_USERNAME=${OS_USERNAME:-neutron}
95 OS_PASSWORD=${OS_PASSWORD:-servicepass}
96 OS_AUTH_URL=${OS_AUTH_URL:-http://127.0.0.1:35357/v2.0/}
97 OS_TENANT_NAME=${OS_TENANT_NAME:-service}
100 NOVA_CONF=/etc/nova/nova.conf
136 # if the plugin is not defined
137 if [ -z ${NEUTRON_PLUGIN} ] ; then
138 echo "Please select a plugin from: ${SUPPORTED_PLUGINS[*]}"
143 # check that the plugin is valid
144 is_valid_plugin ${NEUTRON_PLUGIN}
145 if [ $? -ne 0 ]; then
146 echo "Plugin '${NEUTRON_PLUGIN}' not supported. Supported plugins:-"
147 echo " ${SUPPORTED_PLUGINS[*]}"
151 echo "Neutron plugin: ${NEUTRON_PLUGIN}"
153 if ! [ -e "${Q_CONF}" ]; then
154 echo "Please install the neutron package"
158 if ! [ -e "/etc/neutron/plugins/${NEUTRON_PLUGIN}" ]; then
159 echo "Please install the ${NEUTRON_PLUGIN} neutron plugin"
163 case "${NEUTRON_PLUGIN}" in
165 DB_NAME="neutron_linux_bridge"
166 Q_PLUGIN_CLASS="neutron.plugins.linuxbridge.lb_neutron_plugin.LinuxBridgePluginV2"
170 if ! rpm -q openvswitch > /dev/null
172 echo "Please install openvswitch"
175 DB_NAME="ovs_neutron"
176 Q_PLUGIN_CLASS="neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2"
180 # Update neutron.conf
182 openstack-config --set ${Q_CONF} DEFAULT core_plugin $Q_PLUGIN_CLASS
184 openstack-config --set ${Q_CONF} DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
185 openstack-config --set ${Q_CONF} DEFAULT qpid_hostname localhost
187 openstack-config --set ${Q_CONF} DEFAULT auth_strategy keystone
189 openstack-config --del ${Q_CONF} keystone_authtoken admin_tenant_name
190 openstack-config --del ${Q_CONF} keystone_authtoken admin_user
191 openstack-config --del ${Q_CONF} keystone_authtoken admin_password
193 openstack-config --set ${Q_CONF} keystone_authtoken admin_tenant_name ${OS_TENANT_NAME}
194 openstack-config --set ${Q_CONF} keystone_authtoken admin_user ${OS_USERNAME}
195 openstack-config --set ${Q_CONF} keystone_authtoken admin_password ${OS_PASSWORD}
197 echo "Plugin: ${NEUTRON_PLUGIN} => Database: ${DB_NAME}"
199 # Make sure MySQL is installed.
202 if ! rpm -q mysql-server > /dev/null
204 if [ -z "${ASSUME_YES}" ] ; then
205 printf "mysql-server is not installed. Would you like to install it now? (y/n): "
211 echo "mysql-server must be installed. Please install it before proceeding."
215 echo "Invalid response."
225 # Make sure mysqld is running.
227 if ! service mysqld status > /dev/null
229 if [ -z "${ASSUME_YES}" ] ; then
230 printf "mysqld is not running. Would you like to start it now? (y/n): "
236 echo "mysqld must be running. Please start it before proceeding."
240 echo "Invalid response."
247 # If we both installed and started, ensure it starts at boot
248 [ $NEW_MYSQL_INSTALL -eq 1 ] && chkconfig mysqld on
251 # Get MySQL root access.
252 if [ $NEW_MYSQL_INSTALL -eq 1 ]
254 if [ ! "${MYSQL_ROOT_PW+defined}" ] ; then
255 echo "Since this is a fresh installation of MySQL, please set a password for the 'root' mysql user."
258 while [ $PW_MATCH -eq 0 ]
260 printf "Enter new password for 'root' mysql user: "
261 read -s MYSQL_ROOT_PW
263 printf "Enter new password again: "
266 if [ "${MYSQL_ROOT_PW}" = "${PW2}" ] ; then
269 echo "Passwords did not match."
274 echo "UPDATE mysql.user SET password = password('${MYSQL_ROOT_PW}') WHERE user = 'root'; DELETE FROM mysql.user WHERE user = ''; flush privileges;" | mysql -u root
275 if ! [ $? -eq 0 ] ; then
276 echo "Failed to set password for 'root' MySQL user."
279 elif [ ! "${MYSQL_ROOT_PW+defined}" ] ; then
280 printf "Please enter the password for the 'root' MySQL user: "
281 read -s MYSQL_ROOT_PW
285 # Sanity check MySQL credentials.
288 if [ "${MYSQL_ROOT_PW+defined}" ]
290 MYSQL_ROOT_PW_ARG="--password=${MYSQL_ROOT_PW}"
292 echo "SELECT 1;" | mysql -u root ${MYSQL_ROOT_PW_ARG} > /dev/null
295 echo "Failed to connect to the MySQL server. Please check your root user credentials."
298 echo "Verified connectivity to MySQL."
300 # Create a database user - check if it does not exist prior
301 USER_EXISTS=$(mysql -u root ${MYSQL_ROOT_PW_ARG} -e "SELECT user FROM mysql.user WHERE user='${NEUTRON_USER}'"|grep ${NEUTRON_USER} | wc -l)
302 if [ ${USER_EXISTS} -ne 0 ]; then
303 echo "User ${NEUTRON_USER} already exists"
305 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create user '${NEUTRON_USER}'@'%' identified by '${MYSQL_Q_PW}'"
306 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create user '${NEUTRON_USER}'@'localhost' identified by '${MYSQL_Q_PW}'"
310 DB_EXISTS=$(mysql -u root ${MYSQL_ROOT_PW_ARG} -e "show databases"|grep ${DB_NAME}| wc -l)
311 if [ ${DB_EXISTS} -ne 0 ]; then
312 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "drop database ${DB_NAME}"
314 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "create database ${DB_NAME}"
316 # Configure database specifics
317 case "${NEUTRON_PLUGIN}" in
319 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on neutron_linux_bridge.* to '${NEUTRON_USER}'@'%'"
320 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on neutron_linux_bridge.* to '${NEUTRON_USER}'@'localhost'"
321 openstack-config --set ${LB_CONF} DATABASE sql_connection mysql://${NEUTRON_USER}:${MYSQL_Q_PW}@`hostname`/neutron_linux_bridge
323 echo "Please enter network device for VLAN trunking:"
325 openstack-config --set ${LB_CONF} LINUX_BRIDGE physical_interface ${NETWORK_DEVICE}
327 ln -s ${LB_CONF} /etc/neutron/plugin.ini
331 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on ovs_neutron.* to '${NEUTRON_USER}'@'%'"
332 mysql -u root ${MYSQL_ROOT_PW_ARG} -e "grant all on ovs_neutron.* to '${NEUTRON_USER}'@'localhost'"
333 openstack-config --set ${OVS_CONF} DATABASE sql_connection mysql://${NEUTRON_USER}:${MYSQL_Q_PW}@`hostname`/ovs_neutron
334 openstack-config --set ${OVS_CONF} SECURITYGROUP firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
335 ln -s ${OVS_CONF} /etc/neutron/plugin.ini
339 if [ -z "${ASSUME_YES}" ] ; then
340 echo "Would you like to update the nova configuration files? (y/n): "
351 # If OpenStack is installed then configure nova.conf
352 if ! [ -e "${NOVA_CONF}" ]; then
353 echo "Please install OpenStack compute and then set the values"
354 echo "in /etc/nova/nova.conf DEFAULT section"
355 echo " network_api_classi=nova.network.neutronv2.api.API"
356 echo " neutron_admin_username=${OS_USERNAME}"
357 echo " neutron_admin_password=${OS_PASSWORD}"
358 echo " neutron_admin_auth_url=${OS_AUTH_URL}"
359 echo " neutron_auth_strategy=keystone"
360 echo " neutron_admin_tenant_name=${OS_TENANT_NAME}"
361 echo " neutron_url=http://${Q_HOST}:${Q_PORT}/"
362 echo " firewall_driver=nova.virt.firewall.NoopFirewallDriver"
363 echo " security_group_api=neutron"
365 openstack-config --set ${NOVA_CONF} DEFAULT network_api_class nova.network.neutronv2.api.API
366 openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_username ${OS_USERNAME}
367 openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_password ${OS_PASSWORD}
368 openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_auth_url ${OS_AUTH_URL}
369 openstack-config --set ${NOVA_CONF} DEFAULT neutron_auth_strategy keystone
370 openstack-config --set ${NOVA_CONF} DEFAULT neutron_admin_tenant_name ${OS_TENANT_NAME}
371 openstack-config --set ${NOVA_CONF} DEFAULT neutron_url http://${Q_HOST}:${Q_PORT}/
372 openstack-config --set ${NOVA_CONF} DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
373 openstack-config --set ${NOVA_CONF} DEFAULT security_group_api neutron
376 echo "Configuration updates complete!"