"Fossies" - the Fresh Open Source Software Archive

Member "manila-8.1.3/devstack/plugin.sh" (20 Jul 2020, 57036 Bytes) of package /linux/misc/openstack/manila-8.1.3.tar.gz:


As a special service "Fossies" has tried to format the requested source page into HTML format using (guessed) Bash source code syntax highlighting (style: standard) with prefixed line numbers. Alternatively you can here view or download the uninterpreted source code file. See also the latest Fossies "Diffs" side-by-side code changes report for "plugin.sh": 8.1.2_vs_8.1.3.

    1 #!/bin/bash
    2 
    3 # Plugin file for enabling manila services
    4 # ----------------------------------------
    5 
    6 # Save trace setting
    7 XTRACE=$(set +o | grep xtrace)
    8 set -o xtrace
    9 
   10 # Entry Points
   11 # ------------
   12 
   13 function _clean_share_group {
   14     local vg=$1
   15     local vg_prefix=$2
   16     # Clean out existing shares
   17     for lv in `sudo lvs --noheadings -o lv_name $vg`; do
   18         # vg_prefix prefixes the LVs we want
   19         if [[ "${lv#$vg_prefix}" != "$lv" ]]; then
   20             sudo umount -f $MANILA_MNT_DIR/$lv
   21             sudo lvremove -f $vg/$lv
   22             sudo rm -rf $MANILA_MNT_DIR/$lv
   23         fi
   24     done
   25 }
   26 
   27 function _clean_manila_lvm_backing_file {
   28     local vg=$1
   29 
   30     # if there is no logical volume left, it's safe to attempt a cleanup
   31     # of the backing file
   32     if [ -z "`sudo lvs --noheadings -o lv_name $vg`" ]; then
   33         # if the backing physical device is a loop device, it was probably setup by devstack
   34         VG_DEV=$(sudo losetup -j $DATA_DIR/${vg}-backing-file | awk -F':' '/backing-file/ { print $1
   35 }')
   36         if [[ -n "$VG_DEV" ]]; then
   37             sudo losetup -d $VG_DEV
   38             rm -f $DATA_DIR/${vg}-backing-file
   39         fi
   40     fi
   41 }
   42 
   43 function _clean_zfsonlinux_data {
   44     for filename in "$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/*; do
   45         if [[ $(sudo zpool list | grep $filename) ]]; then
   46             echo "Destroying zpool named $filename"
   47             sudo zpool destroy -f $filename
   48             file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR$filename"
   49             echo "Destroying file named $file"
   50             rm -f $file
   51         fi
   52     done
   53 }
   54 
   55 # cleanup_manila - Remove residual data files, anything left over from previous
   56 # runs that a clean run would need to clean up
   57 function cleanup_manila {
   58     # All stuff, that are created by share drivers will be cleaned up by other services.
   59     _clean_share_group $SHARE_GROUP $SHARE_NAME_PREFIX
   60     _clean_manila_lvm_backing_file $SHARE_GROUP
   61     _clean_zfsonlinux_data
   62 
   63     if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
   64         remove_uwsgi_config "$MANILA_UWSGI_CONF" "$MANILA_WSGI"
   65     fi
   66 }
   67 
   68 # _config_manila_apache_wsgi() - Configure manila-api wsgi application.
   69 function _config_manila_apache_wsgi {
   70     local manila_api_apache_conf
   71     local venv_path=""
   72     manila_api_apache_conf=$(apache_site_config_for manila-api)
   73 
   74     sudo cp $MANILA_DIR/devstack/apache-manila.template $manila_api_apache_conf
   75     sudo sed -e "
   76         s|%APACHE_NAME%|$APACHE_NAME|g;
   77         s|%MANILA_BIN_DIR%|$MANILA_BIN_DIR|g;
   78         s|%PORT%|$REAL_MANILA_SERVICE_PORT|g;
   79         s|%APIWORKERS%|$API_WORKERS|g;
   80         s|%USER%|$STACK_USER|g;
   81     " -i $manila_api_apache_conf
   82 }
   83 
   84 # configure_default_backends - configures default Manila backends with generic driver.
   85 function configure_default_backends {
   86     # Configure two default backends with generic drivers onboard
   87     for group_name in $MANILA_BACKEND1_CONFIG_GROUP_NAME $MANILA_BACKEND2_CONFIG_GROUP_NAME; do
   88         iniset $MANILA_CONF $group_name share_driver $SHARE_DRIVER
   89         if [ "$MANILA_BACKEND1_CONFIG_GROUP_NAME" == "$group_name" ]; then
   90             iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND1_NAME
   91         else
   92             iniset $MANILA_CONF $group_name share_backend_name $MANILA_SHARE_BACKEND2_NAME
   93         fi
   94         iniset $MANILA_CONF $group_name path_to_public_key $MANILA_PATH_TO_PUBLIC_KEY
   95         iniset $MANILA_CONF $group_name path_to_private_key $MANILA_PATH_TO_PRIVATE_KEY
   96         iniset $MANILA_CONF $group_name service_image_name $MANILA_SERVICE_IMAGE_NAME
   97         iniset $MANILA_CONF $group_name service_instance_user $MANILA_SERVICE_INSTANCE_USER
   98         iniset $MANILA_CONF $group_name driver_handles_share_servers True
   99 
  100         if [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  101             iniset $MANILA_CONF $group_name network_api_class $MANILA_NETWORK_API_CLASS
  102             iniset $MANILA_CONF $group_name neutron_host_id $(hostname)
  103             iniset $MANILA_CONF $group_name neutron_vnic_type $MANILA_NEUTRON_VNIC_TYPE
  104         fi
  105 
  106         if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  107             iniset $MANILA_CONF $group_name service_instance_password $MANILA_SERVICE_INSTANCE_PASSWORD
  108         fi
  109 
  110         if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
  111             iniset $MANILA_CONF $group_name ssh_conn_timeout $MANILA_SSH_TIMEOUT
  112         fi
  113     done
  114 }
  115 
  116 # set_config_opts - this allows to set any config opt to any config group,
  117 # parsing env vars by prefix special 'MANILA_OPTGROUP_'.
  118 function set_config_opts {
  119     # expects only one param - name of config group(s) as list separated by commas
  120     GROUP_NAMES=$1
  121     if [[ -n "$GROUP_NAMES" ]]; then
  122         for be in ${GROUP_NAMES//,/ }; do
  123             # get backend_specific opt values
  124             prefix=MANILA_OPTGROUP_$be\_
  125             ( set -o posix ; set ) | grep ^$prefix | while read -r line ; do
  126                 # parse it to opt names and values
  127                 opt=${line#$prefix}
  128                 opt_name=${opt%%=*}
  129                 opt_value=${opt##*=}
  130                 iniset $MANILA_CONF $be $opt_name $opt_value
  131             done
  132         done
  133     fi
  134 }
  135 
  136 # set_cinder_quotas - Sets Cinder quotas, that is useful for generic driver,
  137 # which uses Cinder volumes and snapshots.
  138 function set_cinder_quotas {
  139     # Update Cinder configuration to make sure default quotas are enough
  140     # for Manila using Generic driver with parallel testing.
  141     if is_service_enabled cinder; then
  142         if [[ ! "$CINDER_CONF" ]]; then
  143             CINDER_CONF=/etc/cinder/cinder.conf
  144         fi
  145         iniset $CINDER_CONF DEFAULT quota_volumes 50
  146         iniset $CINDER_CONF DEFAULT quota_snapshots 50
  147         iniset $CINDER_CONF DEFAULT quota_gigabytes 1000
  148     fi
  149 }
  150 
  151 function set_backend_availability_zones {
  152     ENABLED_BACKENDS=$1
  153     echo_summary "Setting up backend_availability_zone option \
  154         for any enabled backends that do not use the Generic driver. \
  155         Availability zones for the Generic driver must coincide with those \
  156         created for Nova and Cinder."
  157     local zonenum
  158     generic_driver='manila.share.drivers.generic.GenericShareDriver'
  159     for BE in ${ENABLED_BACKENDS//,/ }; do
  160         share_driver=$(iniget $MANILA_CONF $BE share_driver)
  161         if [[ $share_driver != $generic_driver ]]; then
  162             zone="manila-zone-$((zonenum++))"
  163             iniset $MANILA_CONF $BE backend_availability_zone $zone
  164         fi
  165     done
  166 }
  167 
  168 # configure_manila - Set config files, create data dirs, etc
  169 function configure_manila {
  170     if [[ ! -d $MANILA_CONF_DIR ]]; then
  171         sudo mkdir -p $MANILA_CONF_DIR
  172     fi
  173     sudo chown $STACK_USER $MANILA_CONF_DIR
  174 
  175     if [[ -f $MANILA_DIR/etc/manila/policy.json ]]; then
  176         cp -p $MANILA_DIR/etc/manila/policy.json $MANILA_CONF_DIR
  177     fi
  178 
  179     # Set the paths of certain binaries
  180     MANILA_ROOTWRAP=$(get_rootwrap_location manila)
  181 
  182     # If Manila ships the new rootwrap filters files, deploy them
  183     # (owned by root) and add a parameter to $MANILA_ROOTWRAP
  184     ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP"
  185     if [[ -d $MANILA_DIR/etc/manila/rootwrap.d ]]; then
  186         # Wipe any existing rootwrap.d files first
  187         if [[ -d $MANILA_CONF_DIR/rootwrap.d ]]; then
  188             sudo rm -rf $MANILA_CONF_DIR/rootwrap.d
  189         fi
  190         # Deploy filters to /etc/manila/rootwrap.d
  191         sudo mkdir -m 755 $MANILA_CONF_DIR/rootwrap.d
  192         sudo cp $MANILA_DIR/etc/manila/rootwrap.d/*.filters $MANILA_CONF_DIR/rootwrap.d
  193         sudo chown -R root:root $MANILA_CONF_DIR/rootwrap.d
  194         sudo chmod 644 $MANILA_CONF_DIR/rootwrap.d/*
  195         # Set up rootwrap.conf, pointing to /etc/manila/rootwrap.d
  196         sudo cp $MANILA_DIR/etc/manila/rootwrap.conf $MANILA_CONF_DIR/
  197         sudo sed -e "s:^filters_path=.*$:filters_path=$MANILA_CONF_DIR/rootwrap.d:" -i $MANILA_CONF_DIR/rootwrap.conf
  198         sudo chown root:root $MANILA_CONF_DIR/rootwrap.conf
  199         sudo chmod 0644 $MANILA_CONF_DIR/rootwrap.conf
  200         # Specify rootwrap.conf as first parameter to manila-rootwrap
  201         MANILA_ROOTWRAP="$MANILA_ROOTWRAP $MANILA_CONF_DIR/rootwrap.conf"
  202         ROOTWRAP_MANILA_SUDOER_CMD="$MANILA_ROOTWRAP *"
  203     fi
  204 
  205     TEMPFILE=`mktemp`
  206     echo "$USER ALL=(root) NOPASSWD: $ROOTWRAP_MANILA_SUDOER_CMD" >$TEMPFILE
  207     chmod 0440 $TEMPFILE
  208     sudo chown root:root $TEMPFILE
  209     sudo mv $TEMPFILE /etc/sudoers.d/manila-rootwrap
  210 
  211     cp $MANILA_DIR/etc/manila/api-paste.ini $MANILA_API_PASTE_INI
  212 
  213     # Remove old conf file if exists
  214     rm -f $MANILA_CONF
  215 
  216     configure_auth_token_middleware $MANILA_CONF manila  $MANILA_AUTH_CACHE_DIR
  217 
  218     iniset $MANILA_CONF DEFAULT auth_strategy keystone
  219     iniset $MANILA_CONF DEFAULT debug True
  220     iniset $MANILA_CONF DEFAULT scheduler_driver $MANILA_SCHEDULER_DRIVER
  221     iniset $MANILA_CONF DEFAULT share_name_template ${SHARE_NAME_PREFIX}%s
  222     iniset $MANILA_CONF DATABASE connection `database_connection_url manila`
  223     iniset $MANILA_CONF DATABASE max_pool_size 40
  224     iniset $MANILA_CONF DEFAULT api_paste_config $MANILA_API_PASTE_INI
  225     iniset $MANILA_CONF DEFAULT rootwrap_config $MANILA_CONF_DIR/rootwrap.conf
  226     iniset $MANILA_CONF DEFAULT osapi_share_extension manila.api.contrib.standard_extensions
  227     iniset $MANILA_CONF DEFAULT state_path $MANILA_STATE_PATH
  228 
  229     # Note: Sample share types will still be created if the below is False
  230 
  231     if [ $(trueorfalse False MANILA_CONFIGURE_DEFAULT_TYPES) == True ]; then
  232         iniset $MANILA_CONF DEFAULT default_share_type $MANILA_DEFAULT_SHARE_TYPE
  233         iniset $MANILA_CONF DEFAULT default_share_group_type $MANILA_DEFAULT_SHARE_GROUP_TYPE
  234     fi
  235 
  236     if ! [[ -z $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL ]]; then
  237         iniset $MANILA_CONF DEFAULT migration_driver_continue_update_interval $MANILA_SHARE_MIGRATION_PERIOD_TASK_INTERVAL
  238     fi
  239 
  240     if ! [[ -z $MANILA_DATA_COPY_CHECK_HASH ]]; then
  241         iniset $MANILA_CONF DEFAULT check_hash $MANILA_DATA_COPY_CHECK_HASH
  242     fi
  243 
  244     iniset $MANILA_CONF DEFAULT enabled_share_protocols $MANILA_ENABLED_SHARE_PROTOCOLS
  245 
  246     iniset $MANILA_CONF oslo_concurrency lock_path $MANILA_LOCK_PATH
  247 
  248     iniset $MANILA_CONF DEFAULT wsgi_keep_alive False
  249 
  250     iniset $MANILA_CONF DEFAULT lvm_share_volume_group $SHARE_GROUP
  251 
  252     # Set the replica_state_update_interval
  253     iniset $MANILA_CONF DEFAULT replica_state_update_interval $MANILA_REPLICA_STATE_UPDATE_INTERVAL
  254 
  255     if is_service_enabled neutron; then
  256         configure_auth_token_middleware $MANILA_CONF neutron $MANILA_AUTH_CACHE_DIR neutron
  257     fi
  258     if is_service_enabled nova; then
  259         configure_auth_token_middleware $MANILA_CONF nova $MANILA_AUTH_CACHE_DIR nova
  260     fi
  261     if is_service_enabled cinder; then
  262         configure_auth_token_middleware $MANILA_CONF cinder $MANILA_AUTH_CACHE_DIR cinder
  263     fi
  264 
  265     # Note: set up config group does not mean that this backend will be enabled.
  266     # To enable it, specify its name explicitly using "enabled_share_backends" opt.
  267     configure_default_backends
  268     default_backends=$MANILA_BACKEND1_CONFIG_GROUP_NAME
  269     if [ "$MANILA_MULTI_BACKEND" = "True" ]; then
  270         default_backends+=,$MANILA_BACKEND2_CONFIG_GROUP_NAME
  271     fi
  272     if [ ! $MANILA_ENABLED_BACKENDS ]; then
  273         # If $MANILA_ENABLED_BACKENDS is not set, use configured backends by default
  274         export MANILA_ENABLED_BACKENDS=$default_backends
  275     fi
  276     iniset $MANILA_CONF DEFAULT enabled_share_backends $MANILA_ENABLED_BACKENDS
  277 
  278     if [ ! -f $MANILA_PATH_TO_PRIVATE_KEY ]; then
  279         ssh-keygen -N "" -t rsa -f $MANILA_PATH_TO_PRIVATE_KEY;
  280     fi
  281 
  282     iniset $MANILA_CONF DEFAULT manila_service_keypair_name $MANILA_SERVICE_KEYPAIR_NAME
  283 
  284     REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT
  285     if is_service_enabled tls-proxy; then
  286         # Set the protocol to 'https', update the endpoint base and set the default port
  287         MANILA_SERVICE_PROTOCOL="https"
  288         MANILA_ENDPOINT_BASE="${MANILA_ENDPOINT_BASE/http:/https:}"
  289         REAL_MANILA_SERVICE_PORT=$MANILA_SERVICE_PORT_INT
  290         # Set the service port for a proxy to take the original
  291         iniset $MANILA_CONF DEFAULT osapi_share_listen_port $REAL_MANILA_SERVICE_PORT
  292         iniset $MANILA_CONF oslo_middleware enable_proxy_headers_parsing True
  293     fi
  294 
  295     iniset_rpc_backend manila $MANILA_CONF DEFAULT
  296 
  297     setup_logging $MANILA_CONF
  298 
  299     MANILA_CONFIGURE_GROUPS=${MANILA_CONFIGURE_GROUPS:-"$MANILA_ENABLED_BACKENDS"}
  300     set_config_opts $MANILA_CONFIGURE_GROUPS
  301     set_config_opts DEFAULT
  302     set_backend_availability_zones $MANILA_ENABLED_BACKENDS
  303 
  304     if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  305         write_uwsgi_config "$MANILA_UWSGI_CONF" "$MANILA_WSGI" "/share"
  306     fi
  307 
  308     if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  309         _config_manila_apache_wsgi
  310     fi
  311 }
  312 
  313 
  314 function create_manila_service_keypair {
  315     if is_service_enabled nova; then
  316         local keypair_exists=$( openstack keypair list | grep " $MANILA_SERVICE_KEYPAIR_NAME " )
  317         if [[ -z $keypair_exists ]]; then
  318             openstack keypair create $MANILA_SERVICE_KEYPAIR_NAME --public-key $MANILA_PATH_TO_PUBLIC_KEY
  319         fi
  320     fi
  321 }
  322 
  323 
  324 function is_driver_enabled {
  325     driver_name=$1
  326     for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  327         share_driver=$(iniget $MANILA_CONF $BE share_driver)
  328         if [ "$share_driver" == "$driver_name" ]; then
  329             return 0
  330         fi
  331     done
  332     return 1
  333 }
  334 
  335 
  336 # create_service_share_servers - creates service Nova VMs, one per generic
  337 # driver, and only if it is configured to mode without handling of share servers.
  338 function create_service_share_servers {
  339     created_admin_network=false
  340     for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  341         driver_handles_share_servers=$(iniget $MANILA_CONF $BE driver_handles_share_servers)
  342         share_driver=$(iniget $MANILA_CONF $BE share_driver)
  343         generic_driver='manila.share.drivers.generic.GenericShareDriver'
  344         if [[ $share_driver == $generic_driver ]]; then
  345             if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  346                 vm_name='manila_service_share_server_'$BE
  347                 local vm_exists=$( openstack server list --all-projects | grep " $vm_name " )
  348                 if [[ -z $vm_exists ]]; then
  349                     private_net_id=$(openstack network show $PRIVATE_NETWORK_NAME -f value -c id)
  350                     vm_id=$(openstack server create $vm_name \
  351                         --flavor $MANILA_SERVICE_VM_FLAVOR_NAME \
  352                         --image $MANILA_SERVICE_IMAGE_NAME \
  353                         --nic net-id=$private_net_id \
  354                         --security-group $MANILA_SERVICE_SECGROUP \
  355                         --key-name $MANILA_SERVICE_KEYPAIR_NAME \
  356                         | grep ' id ' | get_field 2)
  357                 else
  358                     vm_id=$(openstack server show $vm_name -f value -c id)
  359                 fi
  360 
  361                 floating_ip=$(openstack floating ip create $PUBLIC_NETWORK_NAME --subnet $PUBLIC_SUBNET_NAME | grep 'floating_ip_address' | get_field 2)
  362                 # TODO(rishabh-d-dave): For time being circumvent the bug -
  363                 # https://bugs.launchpad.net/python-openstackclient/+bug/1747721
  364                 # Once fixed, replace the following 3 lines by -
  365                 # openstack server add floating ip $vm_id $floating_ip
  366                 vm_port_id=$(openstack port list --server $vm_id -c ID -f \
  367                     value)
  368                 openstack floating ip set --port $vm_port_id $floating_ip
  369 
  370                 iniset $MANILA_CONF $BE service_instance_name_or_id $vm_id
  371                 iniset $MANILA_CONF $BE service_net_name_or_ip $floating_ip
  372                 iniset $MANILA_CONF $BE tenant_net_name_or_ip $PRIVATE_NETWORK_NAME
  373             else
  374                 if is_service_enabled neutron; then
  375                     if ! [[ -z $MANILA_ADMIN_NET_RANGE ]]; then
  376                         if [ $created_admin_network == false ]; then
  377                             project_id=$(openstack project show $SERVICE_PROJECT_NAME -c id -f value)
  378                             local admin_net_id=$( openstack network show admin_net -f value -c id )
  379                             if [[ -z $admin_net_id ]]; then
  380                                 openstack network create admin_net --project $project_id
  381                                 admin_net_id=$(openstack network show admin_net -f value -c id)
  382                             fi
  383 
  384                             local admin_subnet_id=$( openstack subnet show admin_subnet -f value -c id )
  385                             if [[ -z $admin_subnet_id ]]; then
  386                                 openstack subnet create admin_subnet --project $project_id --ip-version 4 --network $admin_net_id --gateway None --subnet-range $MANILA_ADMIN_NET_RANGE
  387                                 admin_subnet_id=$(openstack subnet show admin_subnet -f value -c id)
  388                             fi
  389                             created_admin_network=true
  390                         fi
  391                         iniset $MANILA_CONF $BE admin_network_id $admin_net_id
  392                         iniset $MANILA_CONF $BE admin_subnet_id $admin_subnet_id
  393                     fi
  394                 fi
  395             fi
  396         fi
  397     done
  398     configure_data_service_generic_driver
  399 }
  400 
  401 function configure_data_service_generic_driver {
  402     enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  403     share_driver=$(iniget $MANILA_CONF ${enabled_backends[0]} share_driver)
  404     generic_driver='manila.share.drivers.generic.GenericShareDriver'
  405     if [[ $share_driver == $generic_driver ]]; then
  406         driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  407         if [[ $(trueorfalse False driver_handles_share_servers) == False ]]; then
  408             iniset $MANILA_CONF DEFAULT data_node_access_ip $PUBLIC_NETWORK_GATEWAY
  409         else
  410             if ! [[ -z $MANILA_DATA_NODE_IP ]]; then
  411                 iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_DATA_NODE_IP
  412             fi
  413         fi
  414     fi
  415 }
  416 # create_manila_service_flavor - creates flavor, that will be used by backends
  417 # with configured generic driver to boot Nova VMs with.
  418 function create_manila_service_flavor {
  419     if is_service_enabled nova; then
  420         local flavor_exists=$( openstack flavor list | grep " $MANILA_SERVICE_VM_FLAVOR_NAME " )
  421         if [[ -z $flavor_exists ]]; then
  422             # Create flavor for Manila's service VM
  423             openstack flavor create \
  424                 $MANILA_SERVICE_VM_FLAVOR_NAME \
  425                 --id $MANILA_SERVICE_VM_FLAVOR_REF \
  426                 --ram $MANILA_SERVICE_VM_FLAVOR_RAM \
  427                 --disk $MANILA_SERVICE_VM_FLAVOR_DISK \
  428                 --vcpus $MANILA_SERVICE_VM_FLAVOR_VCPUS
  429         fi
  430     fi
  431 }
  432 
  433 # create_manila_service_image - creates image, that will be used by backends
  434 # with configured generic driver to boot Nova VMs from.
  435 function create_manila_service_image {
  436     if is_service_enabled nova; then
  437         TOKEN=$(openstack token issue -c id -f value)
  438         local image_exists=$( openstack image list | grep " $MANILA_SERVICE_IMAGE_NAME " )
  439         if [[ -z $image_exists ]]; then
  440             # Download Manila's image
  441             if is_service_enabled g-reg; then
  442                 upload_image $MANILA_SERVICE_IMAGE_URL $TOKEN
  443             fi
  444         fi
  445     fi
  446 }
  447 
  448 # create_manila_service_secgroup - creates security group that is used by
  449 # Nova VMs when generic driver is configured.
  450 function create_manila_service_secgroup {
  451     # Create a secgroup
  452     if ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; then
  453         openstack security group create $MANILA_SERVICE_SECGROUP --description "$MANILA_SERVICE_SECGROUP description"
  454         if ! timeout 30 sh -c "while ! openstack security group list | grep -q $MANILA_SERVICE_SECGROUP; do sleep 1; done"; then
  455             echo "Security group not created"
  456             exit 1
  457         fi
  458     fi
  459 
  460     # Configure Security Group Rules
  461     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q icmp; then
  462         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol icmp
  463     fi
  464     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 22 "; then
  465         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 22
  466     fi
  467     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 2049 "; then
  468         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 2049
  469     fi
  470     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 2049 "; then
  471         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 2049
  472     fi
  473     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 445 "; then
  474         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 445
  475     fi
  476     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 445 "; then
  477         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 445
  478     fi
  479     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " tcp .* 139 "; then
  480         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol tcp --dst-port 137:139
  481     fi
  482     if ! openstack security group rule list $MANILA_SERVICE_SECGROUP | grep -q " udp .* 139 "; then
  483         openstack security group rule create $MANILA_SERVICE_SECGROUP --protocol udp --dst-port 137:139
  484     fi
  485 
  486     # List secgroup rules
  487     openstack security group rule list $MANILA_SERVICE_SECGROUP
  488 }
  489 
  490 # create_manila_accounts - Set up common required manila accounts
  491 function create_manila_accounts {
  492 
  493     create_service_user "manila"
  494 
  495     get_or_create_service "manila" "share" "Manila Shared Filesystem Service"
  496     get_or_create_endpoint "share" "$REGION_NAME" \
  497         "$MANILA_ENDPOINT_BASE/v1/\$(project_id)s"
  498 
  499     # Set up Manila v2 service and endpoint
  500     get_or_create_service "manilav2" "sharev2" "Manila Shared Filesystem Service V2"
  501     get_or_create_endpoint "sharev2" "$REGION_NAME" \
  502         "$MANILA_ENDPOINT_BASE/v2/\$(project_id)s"
  503 }
  504 
  505 # create_default_share_group_type - create share group type that will be set as default.
  506 function create_default_share_group_type {
  507     local type_exists=$( manila share-group-type-list | grep " $MANILA_DEFAULT_SHARE_GROUP_TYPE " )
  508     if [[ -z $type_exists ]]; then
  509         manila share-group-type-create $MANILA_DEFAULT_SHARE_GROUP_TYPE $MANILA_DEFAULT_SHARE_TYPE
  510     fi
  511     if [[ $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS ]]; then
  512         manila share-group-type-key $MANILA_DEFAULT_SHARE_GROUP_TYPE set $MANILA_DEFAULT_SHARE_GROUP_TYPE_SPECS
  513     fi
  514 }
  515 
  516 # create_default_share_type - create share type that will be set as default
  517 # if $MANILA_CONFIGURE_DEFAULT_TYPES is set to True, if set to False, the share
  518 # type identified by $MANILA_DEFAULT_SHARE_TYPE is still created, but not
  519 # configured as default.
  520 function create_default_share_type {
  521     enabled_backends=(${MANILA_ENABLED_BACKENDS//,/ })
  522     driver_handles_share_servers=$(iniget $MANILA_CONF ${enabled_backends[0]} driver_handles_share_servers)
  523 
  524     local type_exists=$( manila type-list | grep " $MANILA_DEFAULT_SHARE_TYPE " )
  525     if [[ -z $type_exists ]]; then
  526         local command_args="$MANILA_DEFAULT_SHARE_TYPE $driver_handles_share_servers"
  527         #if is_driver_enabled $MANILA_CONTAINER_DRIVER; then
  528         #    # TODO(aovchinnikov): Remove this condition when Container driver supports
  529         #    # snapshots
  530         #    command_args="$command_args --snapshot_support false"
  531         #fi
  532         manila type-create $command_args
  533     fi
  534     if [[ $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS ]]; then
  535         manila type-key $MANILA_DEFAULT_SHARE_TYPE set $MANILA_DEFAULT_SHARE_TYPE_EXTRA_SPECS
  536     fi
  537 }
  538 
  539 # create_custom_share_types - create share types suitable for both possible
  540 # driver modes with names "dhss_true" and "dhss_false".
  541 function create_custom_share_types {
  542     manila type-create dhss_true True
  543     if [[ $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS ]]; then
  544         manila type-key dhss_true set $MANILA_DHSS_TRUE_SHARE_TYPE_EXTRA_SPECS
  545     fi
  546 
  547     manila type-create dhss_false False
  548     if [[ $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS ]]; then
  549         manila type-key dhss_false set $MANILA_DHSS_FALSE_SHARE_TYPE_EXTRA_SPECS
  550     fi
  551 }
  552 
  553 # configure_backing_file - Set up backing file for LVM
  554 function configure_backing_file {
  555     sudo vgscan
  556     if ! sudo vgs $SHARE_GROUP; then
  557         if [ "$CONFIGURE_BACKING_FILE" = "True" ]; then
  558             SHARE_BACKING_FILE=${SHARE_BACKING_FILE:-$DATA_DIR/${SHARE_GROUP}-backing-file}
  559             # Only create if the file doesn't already exists
  560             [[ -f $SHARE_BACKING_FILE ]] || truncate -s $SHARE_BACKING_FILE_SIZE $SHARE_BACKING_FILE
  561             DEV=`sudo losetup -f --show $SHARE_BACKING_FILE`
  562         else
  563             DEV=$SHARE_BACKING_FILE
  564         fi
  565         # Only create if the loopback device doesn't contain $SHARE_GROUP
  566         if ! sudo vgs $SHARE_GROUP; then sudo vgcreate $SHARE_GROUP $DEV; fi
  567     fi
  568 
  569     mkdir -p $MANILA_STATE_PATH/shares
  570     mkdir -p /tmp/shares
  571 }
  572 
  573 # init_manila - Initializes database and creates manila dir if absent
  574 function init_manila {
  575 
  576     if is_service_enabled $DATABASE_BACKENDS; then
  577         # (re)create manila database
  578         recreate_database manila
  579 
  580         $MANILA_BIN_DIR/manila-manage db sync
  581 
  582         if [[ $(trueorfalse False MANILA_USE_DOWNGRADE_MIGRATIONS) == True ]]; then
  583             # Use both - upgrade and downgrade migrations to verify that
  584             # downgrade migrations do not break structure of Manila database.
  585             $MANILA_BIN_DIR/manila-manage db downgrade
  586             $MANILA_BIN_DIR/manila-manage db sync
  587         fi
  588 
  589         # Display version as debug-action (see bug/1473400)
  590         $MANILA_BIN_DIR/manila-manage db version
  591     fi
  592 
  593     if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  594         if is_service_enabled m-shr; then
  595             # Configure a default volume group called '`lvm-shares`' for the share
  596             # service if it does not yet exist.  If you don't wish to use a file backed
  597             # volume group, create your own volume group called ``stack-volumes`` before
  598             # invoking ``stack.sh``.
  599             #
  600             # By default, the backing file is 8G in size, and is stored in ``/opt/stack/data``.
  601 
  602             configure_backing_file
  603         fi
  604     elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  605         if is_service_enabled m-shr; then
  606             SHARE_GROUP=$MANILA_CONTAINER_VOLUME_GROUP_NAME
  607             configure_backing_file
  608         fi
  609 
  610     elif [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  611         if is_service_enabled m-shr; then
  612             mkdir -p $MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR
  613             file_counter=0
  614             MANILA_ZFSONLINUX_SERVICE_IP=${MANILA_ZFSONLINUX_SERVICE_IP:-"127.0.0.1"}
  615             for BE in ${MANILA_ENABLED_BACKENDS//,/ }; do
  616                 if [[ $file_counter == 0 ]]; then
  617                     # NOTE(vponomaryov): create two pools for first ZFS backend
  618                     # to cover different use cases that are supported by driver:
  619                     # - Support of more than one zpool for share backend.
  620                     # - Support of nested datasets.
  621                     local first_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/alpha
  622                     local second_file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/betta
  623                     truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $first_file
  624                     truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $second_file
  625                     sudo zpool create alpha $first_file
  626                     sudo zpool create betta $second_file
  627                     # Create subdir (nested dataset) for second pool
  628                     sudo zfs create betta/subdir
  629                     iniset $MANILA_CONF $BE zfs_zpool_list alpha,betta/subdir
  630                 elif [[ $file_counter == 1 ]]; then
  631                     local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/gamma
  632                     truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  633                     sudo zpool create gamma $file
  634                     iniset $MANILA_CONF $BE zfs_zpool_list gamma
  635                 else
  636                     local filename=file"$file_counter"
  637                     local file="$MANILA_ZFSONLINUX_BACKEND_FILES_CONTAINER_DIR"/"$filename"
  638                     truncate -s $MANILA_ZFSONLINUX_ZPOOL_SIZE $file
  639                     sudo zpool create $filename $file
  640                     iniset $MANILA_CONF $BE zfs_zpool_list $filename
  641                 fi
  642                 iniset $MANILA_CONF $BE zfs_share_export_ip $MANILA_ZFSONLINUX_SHARE_EXPORT_IP
  643                 iniset $MANILA_CONF $BE zfs_service_ip $MANILA_ZFSONLINUX_SERVICE_IP
  644                 iniset $MANILA_CONF $BE zfs_dataset_creation_options $MANILA_ZFSONLINUX_DATASET_CREATION_OPTIONS
  645                 iniset $MANILA_CONF $BE zfs_use_ssh $MANILA_ZFSONLINUX_USE_SSH
  646                 iniset $MANILA_CONF $BE zfs_ssh_username $MANILA_ZFSONLINUX_SSH_USERNAME
  647                 iniset $MANILA_CONF $BE replication_domain $MANILA_ZFSONLINUX_REPLICATION_DOMAIN
  648                 iniset $MANILA_CONF $BE driver_handles_share_servers False
  649                 let "file_counter=file_counter+1"
  650             done
  651             # Install the server's SSH key in our known_hosts file
  652             eval STACK_HOME=~$STACK_USER
  653             ssh-keyscan ${MANILA_ZFSONLINUX_SERVICE_IP} >> $STACK_HOME/.ssh/known_hosts
  654             # If the server is this machine, setup trust for ourselves (otherwise you're on your own)
  655             if [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "127.0.0.1" ] || [ "$MANILA_ZFSONLINUX_SERVICE_IP" = "localhost" ] ; then
  656                 # Trust our own SSH keys
  657                 eval SSH_USER_HOME=~$MANILA_ZFSONLINUX_SSH_USERNAME
  658                 cat $STACK_HOME/.ssh/*.pub >> $SSH_USER_HOME/.ssh/authorized_keys
  659                 # Give ssh user sudo access
  660                 echo "$MANILA_ZFSONLINUX_SSH_USERNAME ALL=(ALL) NOPASSWD: ALL" | sudo tee -a /etc/sudoers > /dev/null
  661                 iniset $MANILA_CONF DEFAULT data_node_access_ip $MANILA_ZFSONLINUX_SERVICE_IP
  662             fi
  663         fi
  664     fi
  665 
  666     # Create cache dir
  667     sudo mkdir -p $MANILA_AUTH_CACHE_DIR
  668     sudo chown $STACK_USER $MANILA_AUTH_CACHE_DIR
  669     rm -f $MANILA_AUTH_CACHE_DIR/*
  670 }
  671 
  672 # check_nfs_kernel_service_state_ubuntu- Make sure nfsd is running
  673 function check_nfs_kernel_service_state_ubuntu {
  674     # (aovchinnikov): Workaround for nfs-utils bug 1052264
  675     if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  676         echo "Apparently nfsd is not running. Trying to fix that."
  677         sudo mkdir -p "/media/nfsdonubuntuhelper"
  678         # (aovchinnikov): shell wrapping is needed for cases when a file to be written
  679         # is owned by root.
  680         sudo sh -c "echo '/media/nfsdonubuntuhelper 127.0.0.1(ro)' >> /etc/exports"
  681         sudo service nfs-kernel-server start
  682     fi
  683     if [[ $(sudo service nfs-kernel-server status &> /dev/null || echo 'fail') == 'fail' ]]; then
  684         echo "Failed to start nfsd. Exiting."
  685         exit 1
  686     fi
  687 }
  688 
  689 function _install_nfs_and_samba {
  690     if is_ubuntu; then
  691         install_package nfs-kernel-server nfs-common samba
  692         check_nfs_kernel_service_state_ubuntu
  693     elif is_fedora; then
  694         install_package nfs-utils samba
  695         sudo systemctl enable smb.service
  696         sudo systemctl start smb.service
  697         sudo systemctl enable nfs-server.service
  698         sudo systemctl start nfs-server.service
  699     elif is_suse; then
  700         install_package nfs-kernel-server nfs-utils samba
  701     else
  702         echo "This distro is not supported. Skipping step of NFS and Samba installation."
  703     fi
  704 }
  705 
  706 # install_manilaclient - Collect source and prepare
  707 #   In order to install from git, add LIBS_FROM_GIT="python-manilaclient"
  708 #   to local.conf
  709 function install_manilaclient {
  710     if use_library_from_git "python-manilaclient"; then
  711         git_clone $MANILACLIENT_REPO $MANILACLIENT_DIR $MANILACLIENT_BRANCH
  712         setup_develop $MANILACLIENT_DIR
  713     else
  714         pip_install python-manilaclient
  715     fi
  716 }
  717 
  718 # install_manila - Collect source and prepare
  719 function install_manila {
  720     setup_develop $MANILA_DIR
  721 
  722     if is_service_enabled m-shr; then
  723 
  724         if [[ ! $(systemctl is-active nfs-ganesha.service) == 'active' ]]; then
  725             _install_nfs_and_samba
  726         fi
  727 
  728         if [ "$SHARE_DRIVER" == "manila.share.drivers.zfsonlinux.driver.ZFSonLinuxShareDriver" ]; then
  729             if [[ $(sudo zfs list &> /dev/null && sudo zpool list &> /dev/null || echo 'absent') == 'absent' ]]; then
  730                 # ZFS not found, try to install it
  731                 if is_ubuntu; then
  732                     if [[ $(lsb_release -s -d) == *"14.04"* ]]; then
  733                         # Trusty
  734                         sudo apt-get install -y software-properties-common
  735                         sudo apt-add-repository --yes ppa:zfs-native/stable
  736 
  737                         # Workaround for bug #1609696
  738                         sudo apt-mark hold grub*
  739 
  740                         sudo apt-get -y -q update && sudo apt-get -y -q upgrade
  741 
  742                         # Workaround for bug #1609696
  743                         sudo apt-mark unhold grub*
  744 
  745                         sudo apt-get install -y linux-headers-generic
  746                         sudo apt-get install -y build-essential
  747                         sudo apt-get install -y ubuntu-zfs
  748 
  749                     elif [[ $(echo $(lsb_release -rs) '>=' 16.04 | bc -l) == 1 ]]; then
  750                         # Xenial and beyond
  751                         sudo apt-get install -y zfsutils-linux
  752                     else
  753                         echo "Only 'Trusty', 'Xenial' and newer releases of Ubuntu are supported."
  754                         exit 1
  755                     fi
  756                 else
  757                     echo "Manila Devstack plugin supports installation "\
  758                         "of ZFS packages only for 'Ubuntu' distros. "\
  759                         "Please, install it first by other means or add its support "\
  760                         "for your distro."
  761                     exit 1
  762                 fi
  763                 sudo modprobe zfs
  764                 sudo modprobe zpool
  765             fi
  766             check_nfs_kernel_service_state_ubuntu
  767         elif [ "$SHARE_DRIVER" == $MANILA_CONTAINER_DRIVER ]; then
  768             if is_ubuntu; then
  769                 echo "Installing docker...."
  770                 install_docker_ubuntu
  771                 echo "Importing docker image"
  772                 import_docker_service_image_ubuntu
  773             elif is_fedora; then
  774                 echo "Installing docker...."
  775                 install_docker_fedora
  776                 echo "Importing docker image"
  777                 # TODO(tbarron): See if using a fedora container image
  778                 # is faster/smaller because of fewer extra dependencies.
  779                 import_docker_service_image_ubuntu
  780             else
  781                 echo "Manila Devstack plugin does not support Container Driver on"\
  782                      " distros other than Ubuntu or Fedora."
  783                 exit 1
  784             fi
  785         fi
  786     fi
  787 
  788 }
  789 
  790 #configure_samba - Configure node as Samba server
  791 function configure_samba {
  792     if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
  793         # TODO(vponomaryov): add here condition for ZFSonLinux driver too
  794         # when it starts to support SAMBA
  795         samba_daemon_name=smbd
  796         if is_service_enabled m-shr; then
  797             if is_fedora; then
  798                 samba_daemon_name=smb
  799             fi
  800             sudo service $samba_daemon_name restart || echo "Couldn't restart '$samba_daemon_name' service"
  801         fi
  802 
  803         if [[ -e /usr/share/samba/smb.conf ]]; then
  804             sudo cp /usr/share/samba/smb.conf $SMB_CONF
  805         fi
  806         sudo chown $STACK_USER -R /etc/samba
  807         iniset $SMB_CONF global include registry
  808         iniset $SMB_CONF global security user
  809         if [ ! -d "$SMB_PRIVATE_DIR" ]; then
  810             sudo mkdir $SMB_PRIVATE_DIR
  811             sudo touch $SMB_PRIVATE_DIR/secrets.tdb
  812         fi
  813 
  814         for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
  815             iniset $MANILA_CONF $backend_name driver_handles_share_servers False
  816             iniset $MANILA_CONF $backend_name lvm_share_export_ips $MANILA_LVM_SHARE_EXPORT_IPS
  817         done
  818         iniset $MANILA_CONF DEFAULT data_node_access_ip $HOST_IP
  819     fi
  820 }
  821 
  822 # start_manila_api - starts manila API services and checks its availability
  823 function start_manila_api {
  824 
  825     # NOTE(vkmc) If both options are set to true we are using uwsgi
  826     # as the preferred way to deploy manila. See
  827     # https://governance.openstack.org/tc/goals/pike/deploy-api-in-wsgi.html#uwsgi-vs-mod-wsgi
  828     # for more details
  829     if [ $(trueorfalse False MANILA_USE_UWSGI) == True ] && [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  830         MSG="Both MANILA_USE_UWSGI and MANILA_USE_MOD_WSGI are set to True.
  831             Using UWSGI as the preferred option
  832             Set MANILA_USE_UWSGI to False to deploy manila api with MOD_WSGI"
  833         warn $LINENO $MSG
  834     fi
  835 
  836     if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  837         echo "Deploying with UWSGI"
  838         run_process m-api "$(which uwsgi) --ini $MANILA_UWSGI_CONF --procname-prefix manila-api"
  839     elif [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  840         echo "Deploying with MOD_WSGI"
  841         install_apache_wsgi
  842         enable_apache_site manila-api
  843         restart_apache_server
  844         tail_log m-api /var/log/$APACHE_NAME/manila_api.log
  845     else
  846         echo "Deploying with built-in server"
  847         run_process m-api "$MANILA_BIN_DIR/manila-api --config-file $MANILA_CONF"
  848     fi
  849 
  850     echo "Waiting for Manila API to start..."
  851     # This is a health check against the manila-api service we just started.
  852     # We use the port ($REAL_MANILA_SERVICE_PORT) here because we want to hit
  853     # the bare service endpoint, even if the tls tunnel should be enabled.
  854     # We're making sure that the internal port is checked using unencryted
  855     # traffic at this point.
  856 
  857     local MANILA_HEALTH_CHECK_URL=$MANILA_SERVICE_PROTOCOL://$MANILA_SERVICE_HOST:$REAL_MANILA_SERVICE_PORT
  858 
  859     if [ $(trueorfalse False MANILA_USE_UWSGI) == True ]; then
  860         MANILA_HEALTH_CHECK_URL=$MANILA_ENDPOINT_BASE
  861     fi
  862 
  863     if ! wait_for_service $SERVICE_TIMEOUT $MANILA_HEALTH_CHECK_URL; then
  864         die $LINENO "Manila API did not start"
  865     fi
  866 
  867     # Start proxies if enabled
  868     #
  869     # If tls-proxy is enabled and MANILA_USE_UWSGI is set to True, a generic
  870     # http-services-tls-proxy will be set up to handle tls-termination to
  871     # manila as well as all the other https services, we don't need to
  872     # create our own.
  873     if [ $(trueorfalse False MANILA_USE_UWSGI) == False ] && is_service_enabled tls-proxy; then
  874         start_tls_proxy manila '*' $MANILA_SERVICE_PORT $MANILA_SERVICE_HOST $MANILA_SERVICE_PORT_INT
  875     fi
  876 }
  877 
  878 # start_rest_of_manila - starts non-api manila services
  879 function start_rest_of_manila {
  880     run_process m-shr "$MANILA_BIN_DIR/manila-share --config-file $MANILA_CONF"
  881     run_process m-sch "$MANILA_BIN_DIR/manila-scheduler --config-file $MANILA_CONF"
  882     run_process m-dat "$MANILA_BIN_DIR/manila-data --config-file $MANILA_CONF"
  883 }
  884 
  885 # start_manila - start all manila services. This function is kept for compatibility
  886 # reasons with old approach.
  887 function start_manila {
  888     start_manila_api
  889     start_rest_of_manila
  890 }
  891 
  892 # stop_manila - Stop running processes
  893 function stop_manila {
  894     # Disable manila api service
  895     if [ $(trueorfalse False MANILA_USE_MOD_WSGI) == True ]; then
  896         disable_apache_site manila-api
  897         restart_apache_server
  898     else
  899         stop_process m-api
  900     fi
  901 
  902     # Kill all other manila processes
  903     for serv in m-sch m-shr m-dat; do
  904         stop_process $serv
  905     done
  906 }
  907 
  908 function install_manila_tempest_plugin {
  909     MANILA_TEMPEST_PLUGIN_REPO=${MANILA_TEMPEST_PLUGIN_REPO:-${GIT_BASE}/openstack/manila-tempest-plugin.git}
  910     MANILA_TEMPEST_PLUGIN_BRANCH=${MANILA_TEMPEST_PLUGIN_BRANCH:-master}
  911     MANILA_TEMPEST_PLUGIN_DIR=$DEST/manila-tempest-plugin
  912 
  913     git_clone $MANILA_TEMPEST_PLUGIN_REPO $MANILA_TEMPEST_PLUGIN_DIR $MANILA_TEMPEST_PLUGIN_BRANCH
  914     setup_develop $MANILA_TEMPEST_PLUGIN_DIR
  915 }
  916 
  917 # update_tempest - Function used for updating Tempest config if Tempest service enabled
  918 function update_tempest {
  919     if is_service_enabled tempest; then
  920 
  921         if [[ "$(trueorfalse False MANILA_SETUP_IPV6)" == "True" ]]; then
  922             # The public network was created by us, so set it explicitly in
  923             # tempest.conf
  924             public_net_id=$(openstack network list --name $PUBLIC_NETWORK_NAME -f value -c ID )
  925             iniset $TEMPEST_CONFIG network public_network_id $public_net_id
  926         fi
  927 
  928         TEMPEST_CONFIG=${TEMPEST_CONFIG:-$TEMPEST_DIR/etc/tempest.conf}
  929         ADMIN_TENANT_NAME=${ADMIN_TENANT_NAME:-"admin"}
  930         ADMIN_DOMAIN_NAME=${ADMIN_DOMAIN_NAME:-"Default"}
  931         ADMIN_PASSWORD=${ADMIN_PASSWORD:-"secretadmin"}
  932 
  933         if [ $(trueorfalse False MANILA_USE_SERVICE_INSTANCE_PASSWORD) == True ]; then
  934             iniset $TEMPEST_CONFIG share image_password $MANILA_SERVICE_INSTANCE_PASSWORD
  935         fi
  936         iniset $TEMPEST_CONFIG share image_with_share_tools $MANILA_SERVICE_IMAGE_NAME
  937         iniset $TEMPEST_CONFIG auth admin_username ${ADMIN_USERNAME:-"admin"}
  938         iniset $TEMPEST_CONFIG auth admin_password ${ADMIN_PASSWORD:-"secretadmin"}
  939         iniset $TEMPEST_CONFIG auth admin_tenant_name $ADMIN_TENANT_NAME
  940         iniset $TEMPEST_CONFIG auth admin_domain_name $ADMIN_DOMAIN_NAME
  941         iniset $TEMPEST_CONFIG identity username ${TEMPEST_USERNAME:-"demo"}
  942         iniset $TEMPEST_CONFIG identity password $ADMIN_PASSWORD
  943         iniset $TEMPEST_CONFIG identity tenant_name ${TEMPEST_TENANT_NAME:-"demo"}
  944         iniset $TEMPEST_CONFIG identity domain_name $ADMIN_DOMAIN_NAME
  945         iniset $TEMPEST_CONFIG identity alt_username ${ALT_USERNAME:-"alt_demo"}
  946         iniset $TEMPEST_CONFIG identity alt_password $ADMIN_PASSWORD
  947         iniset $TEMPEST_CONFIG identity alt_tenant_name ${ALT_TENANT_NAME:-"alt_demo"}
  948         iniset $TEMPEST_CONFIG identity alt_domain_name $ADMIN_DOMAIN_NAME
  949     fi
  950 }
  951 
  952 function install_docker_ubuntu {
  953     sudo apt-get update
  954     install_package apparmor
  955     install_package docker.io
  956 }
  957 
  958 function install_docker_fedora {
  959     sudo yum install -y docker
  960     sudo systemctl enable docker
  961     sudo systemctl start docker
  962 }
  963 
  964 function download_image {
  965     local image_url=$1
  966 
  967     local image image_fname
  968 
  969     image_fname=`basename "$image_url"`
  970     if [[ $image_url != file* ]]; then
  971         # Downloads the image (uec ami+akistyle), then extracts it.
  972         if [[ ! -f $FILES/$image_fname || "$(stat -c "%s" $FILES/$image_fname)" = "0" ]]; then
  973             wget --progress=dot:giga -c $image_url -O $FILES/$image_fname
  974             if [[ $? -ne 0 ]]; then
  975                 echo "Not found: $image_url"
  976                 return
  977             fi
  978         fi
  979         image="$FILES/${image_fname}"
  980     else
  981         # File based URL (RFC 1738): ``file://host/path``
  982         # Remote files are not considered here.
  983         # unix: ``file:///home/user/path/file``
  984         # windows: ``file:///C:/Documents%20and%20Settings/user/path/file``
  985         image=$(echo $image_url | sed "s/^file:\/\///g")
  986         if [[ ! -f $image || "$(stat -c "%s" $image)" == "0" ]]; then
  987             echo "Not found: $image_url"
  988             return
  989         fi
  990     fi
  991 }
  992 
  993 function import_docker_service_image_ubuntu {
  994     GZIPPED_IMG_NAME=`basename "$MANILA_DOCKER_IMAGE_URL"`
  995     IMG_NAME_LOAD=${GZIPPED_IMG_NAME%.*}
  996     LOCAL_IMG_NAME=${IMG_NAME_LOAD%.*}
  997     if [[ "$(sudo docker images -q $LOCAL_IMG_NAME)" == "" ]]; then
  998         download_image $MANILA_DOCKER_IMAGE_URL
  999         # Import image in Docker
 1000         gzip -d $FILES/$GZIPPED_IMG_NAME
 1001         sudo docker load --input $FILES/$IMG_NAME_LOAD
 1002     fi
 1003 }
 1004 
 1005 function remove_docker_service_image {
 1006     sudo docker rmi $MANILA_DOCKER_IMAGE_ALIAS
 1007 }
 1008 
 1009 
 1010 function install_libraries {
 1011     if [ $(trueorfalse False MANILA_MULTI_BACKEND) == True ]; then
 1012         if [ $(trueorfalse True RUN_MANILA_HOST_ASSISTED_MIGRATION_TESTS) == True ]; then
 1013             if is_ubuntu; then
 1014                 install_package nfs-common
 1015             else
 1016                 install_package nfs-utils
 1017             fi
 1018         fi
 1019     fi
 1020 }
 1021 
 1022 function allow_host_ports_for_share_mounting {
 1023 
 1024     if [[ $MANILA_ENABLED_SHARE_PROTOCOLS =~ NFS ]]; then
 1025         # 111 and 2049 are for rpcbind and NFS
 1026         # Other ports are for NFSv3 statd, mountd and lockd daemons
 1027         MANILA_TCP_PORTS=(2049 111 32803 892 875 662)
 1028         MANILA_UDP_PORTS=(111 32769 892 875 662)
 1029     fi
 1030     if [[ $MANILA_ENABLED_SHARE_PROTOCOLS =~ CEPHFS ]]; then
 1031         # clients need access to the ceph daemons
 1032         MANILA_TCP_PORTS=(${MANILA_TCP_PORTS[*]} 6789 6800:7300)
 1033     fi
 1034 
 1035     if [[ -v MANILA_TCP_PORTS || -v MANILA_UDP_PORTS ]]; then
 1036         for ipcmd in iptables ip6tables; do
 1037             sudo $ipcmd -N manila-storage
 1038             sudo $ipcmd -I INPUT 1 -j manila-storage
 1039             for port in ${MANILA_TCP_PORTS[*]}; do
 1040                 sudo $ipcmd -A manila-storage -m tcp -p tcp --dport $port -j ACCEPT
 1041             done
 1042             for port in ${MANILA_UDP_PORTS[*]}; do
 1043                 sudo $ipcmd -A manila-storage -m udp -p udp --dport $port -j ACCEPT
 1044             done
 1045         done
 1046     fi
 1047 }
 1048 
 1049 function setup_ipv6 {
 1050 
 1051     # This will fail with multiple default routes and is not needed in CI
 1052     # but may be useful when developing with devstack locally
 1053     if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
 1054         # save IPv6 default route to add back later after enabling forwarding
 1055         local default_route=$(ip -6 route | grep default | cut -d ' ' -f1,2,3,4,5)
 1056     fi
 1057 
 1058     # make sure those system values are set
 1059     sudo sysctl -w net.ipv6.conf.lo.disable_ipv6=0
 1060     sudo sysctl -w net.ipv6.conf.all.accept_ra=2
 1061     sudo sysctl -w net.ipv6.conf.all.forwarding=1
 1062 
 1063     # Disable in-band as our communication is only internal
 1064     sudo ovs-vsctl set Bridge $PUBLIC_BRIDGE other_config:disable-in-band=true
 1065 
 1066     # Create address scopes and subnet pools
 1067     openstack address scope create --share --ip-version 4 scope-v4
 1068     openstack address scope create --share --ip-version 6 scope-v6
 1069     openstack subnet pool create $SUBNETPOOL_NAME_V4 --default-prefix-length $SUBNETPOOL_SIZE_V4 --pool-prefix $SUBNETPOOL_PREFIX_V4 --address-scope scope-v4 --default --share
 1070     openstack subnet pool create $SUBNETPOOL_NAME_V6 --default-prefix-length $SUBNETPOOL_SIZE_V6 --pool-prefix $SUBNETPOOL_PREFIX_V6 --address-scope scope-v6 --default --share
 1071 
 1072     # Create example private network and router
 1073     openstack router create $Q_ROUTER_NAME
 1074     openstack network create $PRIVATE_NETWORK_NAME
 1075     openstack subnet create --ip-version 6 --use-default-subnet-pool --ipv6-address-mode $IPV6_ADDRESS_MODE --ipv6-ra-mode $IPV6_RA_MODE --network $PRIVATE_NETWORK_NAME $IPV6_PRIVATE_SUBNET_NAME
 1076     openstack subnet create --ip-version 4 --use-default-subnet-pool --network $PRIVATE_NETWORK_NAME $PRIVATE_SUBNET_NAME
 1077     openstack router add subnet $Q_ROUTER_NAME $IPV6_PRIVATE_SUBNET_NAME
 1078     openstack router add subnet $Q_ROUTER_NAME $PRIVATE_SUBNET_NAME
 1079 
 1080     # Create public network
 1081     openstack network create $PUBLIC_NETWORK_NAME --external --default --provider-network-type flat --provider-physical-network $PUBLIC_PHYSICAL_NETWORK
 1082     local public_gateway_ipv6=$(openstack subnet create $IPV6_PUBLIC_SUBNET_NAME --ip-version 6 --network $PUBLIC_NETWORK_NAME --subnet-pool $SUBNETPOOL_NAME_V6 --no-dhcp -c gateway_ip -f value)
 1083     local public_gateway_ipv4=$(openstack subnet create $PUBLIC_SUBNET_NAME --ip-version 4 --network $PUBLIC_NETWORK_NAME --subnet-range $FLOATING_RANGE --no-dhcp -c gateway_ip -f value)
 1084 
 1085     # Set router to use public network
 1086     openstack router set --external-gateway $PUBLIC_NETWORK_NAME $Q_ROUTER_NAME
 1087 
 1088     # Configure interfaces due to NEUTRON_CREATE_INITIAL_NETWORKS=False
 1089     local ipv4_cidr_len=${FLOATING_RANGE#*/}
 1090     sudo ip -6 addr add "$public_gateway_ipv6"/$SUBNETPOOL_SIZE_V6 dev $PUBLIC_BRIDGE
 1091     sudo ip addr add $PUBLIC_NETWORK_GATEWAY/"$ipv4_cidr_len" dev $PUBLIC_BRIDGE
 1092 
 1093     # Enabling interface is needed due to NEUTRON_CREATE_INITIAL_NETWORKS=False
 1094     sudo ip link set $PUBLIC_BRIDGE up
 1095 
 1096     if [ "$SHARE_DRIVER" == "manila.share.drivers.lvm.LVMShareDriver" ]; then
 1097         for backend_name in ${MANILA_ENABLED_BACKENDS//,/ }; do
 1098             iniset $MANILA_CONF $backend_name lvm_share_export_ips $public_gateway_ipv4,$public_gateway_ipv6
 1099         done
 1100         iniset $MANILA_CONF DEFAULT data_node_access_ip $public_gateway_ipv4
 1101     fi
 1102 
 1103     # install Quagga for setting up the host routes dynamically
 1104     install_package quagga
 1105 
 1106     # set Quagga daemons
 1107     (
 1108     echo "zebra=yes"
 1109     echo "bgpd=yes"
 1110     echo "ospfd=no"
 1111     echo "ospf6d=no"
 1112     echo "ripd=no"
 1113     echo "ripngd=no"
 1114     echo "isisd=no"
 1115     echo "babeld=no"
 1116     ) | sudo tee /etc/quagga/daemons > /dev/null
 1117 
 1118     # set Quagga zebra.conf
 1119     (
 1120     echo "hostname dsvm"
 1121     echo "password openstack"
 1122     echo "log file /var/log/quagga/zebra.log"
 1123     ) | sudo tee /etc/quagga/zebra.conf > /dev/null
 1124 
 1125     # set Quagga vtysh.conf
 1126     (
 1127     echo "service integrated-vtysh-config"
 1128     echo "username quagga nopassword"
 1129     ) | sudo tee /etc/quagga/vtysh.conf > /dev/null
 1130 
 1131     # set Quagga bgpd.conf
 1132     (
 1133     echo "log file /var/log/quagga/bgpd.log"
 1134     echo "bgp multiple-instance"
 1135     echo "router bgp 200"
 1136     echo " bgp router-id 1.2.3.4"
 1137     echo " neighbor $public_gateway_ipv6 remote-as 100"
 1138     echo " neighbor $public_gateway_ipv6 passive"
 1139     echo " address-family ipv6"
 1140     echo "  neighbor $public_gateway_ipv6 activate"
 1141     echo "line vty"
 1142     echo "debug bgp events"
 1143     echo "debug bgp filters"
 1144     echo "debug bgp fsm"
 1145     echo "debug bgp keepalives"
 1146     echo "debug bgp updates"
 1147     ) | sudo tee /etc/quagga/bgpd.conf > /dev/null
 1148 
 1149     # Quagga logging
 1150     sudo mkdir -p /var/log/quagga
 1151     sudo touch /var/log/quagga/zebra.log
 1152     sudo touch /var/log/quagga/bgpd.log
 1153     sudo chown -R quagga:quagga /var/log/quagga
 1154 
 1155 
 1156     GetOSVersion
 1157     QUAGGA_SERVICES="zebra bgpd"
 1158     if [[ is_ubuntu && "$os_CODENAME" == "xenial" ]]; then
 1159         # In Ubuntu Xenial, the services bgpd and zebra are under
 1160         # one systemd unit: quagga
 1161         QUAGGA_SERVICES="quagga"
 1162     elif is_fedora; then
 1163         # Disable SELinux rule that conflicts with Zebra
 1164         sudo setsebool -P zebra_write_config 1
 1165     fi
 1166     sudo systemctl enable $QUAGGA_SERVICES
 1167     sudo systemctl restart $QUAGGA_SERVICES
 1168 
 1169     # log the systemd status
 1170     sudo systemctl status $QUAGGA_SERVICES
 1171 
 1172     # This will fail with mutltiple default routes and is not needed in CI
 1173     # but may be useful when developing with devstack locally
 1174     if [ $(trueorfalse False MANILA_RESTORE_IPV6_DEFAULT_ROUTE) == True ]; then
 1175         # add default IPv6 route back
 1176         if ! [[ -z $default_route ]]; then
 1177             # "replace" should ignore "RTNETLINK answers: File exists"
 1178             # error if the route wasn't flushed by the bgp setup we did earlier.
 1179             sudo ip -6 route replace $default_route
 1180         fi
 1181     fi
 1182 
 1183 }
 1184 
 1185 function setup_bgp_for_ipv6 {
 1186     public_gateway_ipv6=$(openstack subnet show ipv6-public-subnet -c gateway_ip -f value)
 1187     neutron bgp-speaker-create --ip-version 6 --local-as 100 bgpspeaker
 1188     neutron bgp-speaker-network-add bgpspeaker $PUBLIC_NETWORK_NAME
 1189     neutron bgp-peer-create --peer-ip $public_gateway_ipv6 --remote-as 200 bgppeer
 1190     neutron bgp-speaker-peer-add bgpspeaker bgppeer
 1191 }
 1192 
 1193 # Main dispatcher
 1194 if [[ "$1" == "stack" && "$2" == "install" ]]; then
 1195     echo_summary "Installing Manila Client"
 1196     install_manilaclient
 1197     echo_summary "Installing Manila"
 1198     install_manila
 1199     set_cinder_quotas
 1200 elif [[ "$1" == "stack" && "$2" == "post-config" ]]; then
 1201     echo_summary "Configuring Manila"
 1202     configure_manila
 1203     echo_summary "Initializing Manila"
 1204     init_manila
 1205     echo_summary "Installing extra libraries"
 1206     install_libraries
 1207     echo_summary "Creating Manila entities for auth service"
 1208     create_manila_accounts
 1209 
 1210     # Cinder config update
 1211     if is_service_enabled cinder && [[ -n "$CINDER_OVERSUBSCRIPTION_RATIO" ]]; then
 1212         CINDER_CONF=${CINDER_CONF:-/etc/cinder/cinder.conf}
 1213         CINDER_ENABLED_BACKENDS=$(iniget $CINDER_CONF DEFAULT enabled_backends)
 1214         for BN in ${CINDER_ENABLED_BACKENDS//,/ }; do
 1215             iniset $CINDER_CONF $BN lvm_max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
 1216         done
 1217         iniset $CINDER_CONF DEFAULT max_over_subscription_ratio $CINDER_OVERSUBSCRIPTION_RATIO
 1218     fi
 1219 elif [[ "$1" == "stack" && "$2" == "extra" ]]; then
 1220     if is_service_enabled nova; then
 1221         echo_summary "Creating Manila service flavor"
 1222         create_manila_service_flavor
 1223 
 1224         echo_summary "Creating Manila service security group"
 1225         create_manila_service_secgroup
 1226     fi
 1227 
 1228     # Skip image downloads when disabled.
 1229     # This way vendor Manila driver CI tests can skip
 1230     # this potentially long and unnecessary download.
 1231     if [ "$MANILA_SERVICE_IMAGE_ENABLED" = "True" ]; then
 1232         echo_summary "Creating Manila service image"
 1233         create_manila_service_image
 1234     else
 1235         echo_summary "Skipping download of Manila service image"
 1236     fi
 1237 
 1238     if is_service_enabled nova; then
 1239         echo_summary "Creating Manila service keypair"
 1240         create_manila_service_keypair
 1241     fi
 1242 
 1243     echo_summary "Configure Samba server"
 1244     configure_samba
 1245 
 1246     echo_summary "Configuring IPv6"
 1247     if [ $(trueorfalse False MANILA_SETUP_IPV6) == True ]; then
 1248         setup_ipv6
 1249     fi
 1250 
 1251     echo_summary "Starting Manila API"
 1252     start_manila_api
 1253 
 1254     # Workaround for bug #1660304
 1255     if [ "$SHARE_DRIVER" != "manila.share.drivers.generic.GenericShareDriver" ]; then
 1256         echo_summary "Starting rest of Manila services - scheduler, share and data"
 1257         start_rest_of_manila
 1258     fi
 1259 
 1260     echo_summary "Creating Manila default share type"
 1261     create_default_share_type
 1262 
 1263     echo_summary "Creating Manila default share group type"
 1264     create_default_share_group_type
 1265 
 1266     echo_summary "Creating Manila custom share types"
 1267     create_custom_share_types
 1268 
 1269     echo_summary "Manila UI is no longer enabled by default. \
 1270         Add enable_plugin manila-ui https://git.openstack.org/openstack/manila-ui \
 1271         to your local.conf file to enable Manila UI"
 1272 
 1273 elif [[ "$1" == "stack" && "$2" == "test-config" ]]; then
 1274     ###########################################################################
 1275     # NOTE(vponomaryov): Workaround for bug #1660304
 1276     # We are able to create Nova VMs now only when last Nova step is performed
 1277     # which is registration of cell0. It is registered as last action in
 1278     # "post-extra" section.
 1279     if is_service_enabled nova; then
 1280         echo_summary "Creating Manila service VMs for generic driver \
 1281             backends for which handlng of share servers is disabled."
 1282         create_service_share_servers
 1283     fi
 1284 
 1285     if [ "$SHARE_DRIVER" == "manila.share.drivers.generic.GenericShareDriver" ]; then
 1286         echo_summary "Starting rest of Manila services - scheduler, share and data"
 1287         start_rest_of_manila
 1288     fi
 1289     ###########################################################################
 1290 
 1291 
 1292     if [ $(trueorfalse False MANILA_INSTALL_TEMPEST_PLUGIN_SYSTEMWIDE) == True ]; then
 1293         echo_summary "Fetching and installing manila-tempest-plugin system-wide"
 1294         install_manila_tempest_plugin
 1295         export DEPRECATED_TEXT="$DEPRECATED_TEXT\nInstalling
 1296         manila-tempest-plugin can be done with the help of its own DevStack
 1297         plugin by adding: \n\n\t'enable_plugin manila-tempest-plugin
 1298         https://opendev.org/openstack/manila-tempest-plugin'.\n\nManila's
 1299         DevStack plugin will stop installing it automatically."
 1300     fi
 1301 
 1302     echo_summary "Update Tempest config"
 1303     update_tempest
 1304 
 1305 
 1306     if [[ "$(trueorfalse False MANILA_ALLOW_NAS_SERVER_PORTS_ON_HOST)" == "True" ]]; then
 1307         echo_summary "Allowing IPv4 and IPv6 access to NAS ports on the host"
 1308         allow_host_ports_for_share_mounting
 1309     fi
 1310 
 1311     if [[ "$(trueorfalse False MANILA_SETUP_IPV6)" == "True" ]]; then
 1312         # Now that all plugins are loaded, setup BGP
 1313         echo_summary "Setting up BGP speaker to advertise routes to project networks"
 1314         setup_bgp_for_ipv6
 1315     fi
 1316 
 1317 fi
 1318 
 1319 if [[ "$1" == "unstack" ]]; then
 1320     cleanup_manila
 1321 fi
 1322 
 1323 if [[ "$1" == "clean" ]]; then
 1324     cleanup_manila
 1325     sudo rm -rf /etc/manila
 1326 fi
 1327 
 1328 # Restore xtrace
 1329 $XTRACE