3 # Deploy script to install provisioning server for OPNFV Apex
4 # author: Dan Radez (dradez@redhat.com)
5 # author: Tim Rozet (trozet@redhat.com)
7 # Based on RDO Manager http://www.rdoproject.org
12 if [ "$TERM" != "unknown" ]; then
27 ntp_server="pool.ntp.org"
28 net_isolation_enabled="TRUE"
32 declare -A deploy_options_array
34 SSH_OPTIONS=(-o StrictHostKeyChecking=no -o GlobalKnownHostsFile=/dev/null -o UserKnownHostsFile=/dev/null -o LogLevel=error)
36 RESOURCES=/var/opt/opnfv/stack
38 INSTACKENV=$CONFIG/instackenv.json
39 NETENV=$CONFIG/network-environment.yaml
42 ##translates yaml into variables
43 ##params: filename, prefix (ex. "config_")
44 ##usage: parse_yaml opnfv_ksgen_settings.yml "config_"
47 local s='[[:space:]]*' w='[a-zA-Z0-9_]*' fs=$(echo @|tr @ '\034')
48 sed -ne "s|^\($s\)\($w\)$s:$s\"\(.*\)\"$s\$|\1$fs\2$fs\3|p" \
49 -e "s|^\($s\)\($w\)$s:$s\(.*\)$s\$|\1$fs\2$fs\3|p" $1 |
51 indent = length($1)/2;
53 for (i in vname) {if (i > indent) {delete vname[i]}}
55 vn=""; for (i=0; i<indent; i++) {vn=(vn)(vname[i])("_")}
56 printf("%s%s%s=\"%s\"\n", "'$prefix'",vn, $2, $3);
61 ##checks if prefix exists in string
62 ##params: string, prefix
63 ##usage: contains_prefix "deploy_setting_launcher=1" "deploy_setting"
67 if echo $mystr | grep -E "^$prefix.*$" > /dev/null; then
73 ##parses variable from a string with '='
74 ##and removes global prefix
75 ##params: string, prefix
76 ##usage: parse_setting_var 'deploy_myvar=2' 'deploy_'
80 if echo $mystr | grep -E "^.+\=" > /dev/null; then
81 echo $(echo $mystr | grep -Eo "^.+\=" | tr -d '=' | sed 's/^'"$prefix"'//')
86 ##parses value from a string with '='
88 ##usage: parse_setting_value
89 parse_setting_value() {
91 echo $(echo $mystr | grep -Eo "\=.*$" | tr -d '=')
93 ##parses deploy settings yaml into globals and options array
95 ##usage: parse_deploy_settings
96 parse_deploy_settings() {
97 local global_prefix="deploy_global_params_"
98 local options_prefix="deploy_deploy_options_"
100 local settings=$(parse_yaml $DEPLOY_SETTINGS_FILE "deploy_")
102 for this_setting in $settings; do
103 if contains_prefix $this_setting $global_prefix; then
104 myvar=$(parse_setting_var $this_setting $global_prefix)
105 if [ -z "$myvar" ]; then
106 echo -e "${red}ERROR: while parsing ${DEPLOY_SETTINGS_FILE} for setting: ${this_setting}${reset}"
108 myvalue=$(parse_setting_value $this_setting)
109 # Do not override variables set by cmdline
110 if [ -z "$(eval echo \$$myvar)" ]; then
111 eval "$myvar=\$myvalue"
112 echo -e "${blue}Global parameter set: ${myvar}:${myvalue}${reset}"
114 echo -e "${blue}Global parameter already set: ${myvar}${reset}"
116 elif contains_prefix $this_setting $options_prefix; then
117 myvar=$(parse_setting_var $this_setting $options_prefix)
118 if [ -z "$myvar" ]; then
119 echo -e "${red}ERROR: while parsing ${DEPLOY_SETTINGS_FILE} for setting: ${this_setting}${reset}"
121 myvalue=$(parse_setting_value $this_setting)
122 deploy_options_array[$myvar]=$myvalue
123 echo -e "${blue}Deploy option set: ${myvar}:${myvalue}${reset}"
127 ##parses baremetal yaml settings into compatible json
128 ##writes the json to $CONFIG/instackenv_tmp.json
130 ##usage: parse_inventory_file
131 parse_inventory_file() {
132 local inventory=$(parse_yaml $INVENTORY_FILE)
134 local node_prefix="node"
139 # detect number of nodes
140 for entry in $inventory; do
141 if echo $entry | grep -Eo "^nodes_node[0-9]+_" > /dev/null; then
142 this_node=$(echo $entry | grep -Eo "^nodes_node[0-9]+_")
143 if [[ $inventory_list != *"$this_node"* ]]; then
144 inventory_list+="$this_node "
149 inventory_list=$(echo $inventory_list | sed 's/ $//')
151 for node in $inventory_list; do
155 node_total=$node_count
157 if [[ "$node_total" -lt 5 && ha_enabled == "TRUE" ]]; then
158 echo -e "${red}ERROR: You must provide at least 5 nodes for HA baremetal deployment${reset}"
160 elif [[ "$node_total" -lt 2 ]]; then
161 echo -e "${red}ERROR: You must provide at least 2 nodes for non-HA baremetal deployment${reset}"
165 eval $(parse_yaml $INVENTORY_FILE)
173 for node in $inventory_list; do
177 \"pm_password\": \"$(eval echo \${${node}ipmi_pass})\",
178 \"pm_type\": \"pxe_ipmitool\",
180 \"$(eval echo \${${node}mac_address})\"
182 \"cpu\": \"$(eval echo \${${node}cpus})\",
183 \"memory\": \"$(eval echo \${${node}memory})\",
184 \"disk\": \"$(eval echo \${${node}disk})\",
185 \"arch\": \"$(eval echo \${${node}arch})\",
186 \"pm_user\": \"$(eval echo \${${node}ipmi_user})\",
187 \"pm_addr\": \"$(eval echo \${${node}ipmi_ip})\"
189 instack_env_output+=${node_output}
190 if [ $node_count -lt $node_total ]; then
191 instack_env_output+=" },"
193 instack_env_output+=" }"
197 instack_env_output+='
201 #Copy instackenv.json to undercloud for baremetal
202 echo -e "{blue}Parsed instackenv JSON:\n${instack_env_output}${reset}"
203 ssh -T ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" <<EOI
204 cat > instackenv.json << EOF
210 ##verify internet connectivity
212 function verify_internet {
213 if ping -c 2 $ping_site > /dev/null; then
214 if ping -c 2 www.google.com > /dev/null; then
215 echo "${blue}Internet connectivity detected${reset}"
218 echo "${red}Internet connectivity detected, but DNS lookup failed${reset}"
222 echo "${red}No internet connectivity detected${reset}"
227 ##download dependencies if missing and configure host
229 function configure_deps {
230 if ! verify_internet; then
231 echo "${red}Will not download dependencies${reset}"
235 # verify ip forwarding
236 if sysctl net.ipv4.ip_forward | grep 0; then
237 sudo sysctl -w net.ipv4.ip_forward=1
238 sudo sh -c "echo 'net.ipv4.ip_forward = 1' >> /etc/sysctl.conf"
241 # ensure brbm networks are configured
242 systemctl start openvswitch
243 ovs-vsctl list-br | grep brbm > /dev/null || ovs-vsctl add-br brbm
244 virsh net-list --all | grep brbm > /dev/null || virsh net-create $CONFIG/brbm-net.xml
245 virsh net-list | grep -E "brbm\s+active" > /dev/null || virsh net-start brbm
246 ovs-vsctl list-br | grep brbm1 > /dev/null || ovs-vsctl add-br brbm1
247 virsh net-list --all | grep brbm1 > /dev/null || virsh net-create $CONFIG/brbm1-net.xml
248 virsh net-list | grep -E "brbm1\s+active" > /dev/null || virsh net-start brbm1
250 # ensure storage pool exists and is started
251 virsh pool-list --all | grep default > /dev/null || virsh pool-create $CONFIG/default-pool.xml
252 virsh pool-list | grep -Eo "default\s+active" > /dev/null || virsh pool-start default
254 if virsh net-list | grep default > /dev/null; then
255 num_ints_same_subnet=$(ip addr show | grep "inet 192.168.122" | wc -l)
256 if [ "$num_ints_same_subnet" -gt 1 ]; then
257 virsh net-destroy default
258 ##go edit /etc/libvirt/qemu/networks/default.xml
259 sed -i 's/192.168.122/192.168.123/g' /etc/libvirt/qemu/networks/default.xml
260 sed -i 's/192.168.122/192.168.123/g' instackenv-virt.json
262 virsh net-start default
263 virsh net-autostart default
267 if ! egrep '^flags.*(vmx|svm)' /proc/cpuinfo > /dev/null; then
268 echo "${red}virtualization extensions not found, kvm kernel module insertion may fail.\n \
269 Are you sure you have enabled vmx in your bios or hypervisor?${reset}"
272 if ! lsmod | grep kvm > /dev/null; then modprobe kvm; fi
273 if ! lsmod | grep kvm_intel > /dev/null; then modprobe kvm_intel; fi
275 if ! lsmod | grep kvm > /dev/null; then
276 echo "${red}kvm kernel modules not loaded!${reset}"
281 if [ ! -e ~/.ssh/id_rsa.pub ]; then
282 ssh-keygen -t rsa -N "" -f ~/.ssh/id_rsa
285 echo "${blue}All dependencies installed and running${reset}"
288 ##verify vm exists, an has a dhcp lease assigned to it
290 function setup_instack_vm {
291 if ! virsh list --all | grep instack > /dev/null; then
292 #virsh vol-create default instack.qcow2.xml
293 virsh define $CONFIG/instack.xml
295 #Upload instack image
296 #virsh vol-create default --file instack.qcow2.xml
297 virsh vol-create-as default instack.qcow2 30G --format qcow2
299 ### this doesn't work for some reason I was getting hangup events so using cp instead
300 #virsh vol-upload --pool default --vol instack.qcow2 --file $CONFIG/stack/instack.qcow2
301 #2015-12-05 12:57:20.569+0000: 8755: info : libvirt version: 1.2.8, package: 16.el7_1.5 (CentOS BuildSystem <http://bugs.centos.org>, 2015-11-03-13:56:46, worker1.bsys.centos.org)
302 #2015-12-05 12:57:20.569+0000: 8755: warning : virKeepAliveTimerInternal:143 : No response from client 0x7ff1e231e630 after 6 keepalive messages in 35 seconds
303 #2015-12-05 12:57:20.569+0000: 8756: warning : virKeepAliveTimerInternal:143 : No response from client 0x7ff1e231e630 after 6 keepalive messages in 35 seconds
304 #error: cannot close volume instack.qcow2
305 #error: internal error: received hangup / error event on socket
306 #error: Reconnected to the hypervisor
308 cp -f $RESOURCES/instack.qcow2 /var/lib/libvirt/images/instack.qcow2
311 echo "Found Instack VM, using existing VM"
314 # if the VM is not running update the authkeys and start it
315 if ! virsh list | grep instack > /dev/null; then
316 echo "Injecting ssh key to instack VM"
317 virt-customize -c qemu:///system -d instack --run-command "mkdir /root/.ssh/" \
318 --upload ~/.ssh/id_rsa.pub:/root/.ssh/authorized_keys \
319 --run-command "chmod 600 /root/.ssh/authorized_keys && restorecon /root/.ssh/authorized_keys" \
320 --run-command "cp /root/.ssh/authorized_keys /home/stack/.ssh/" \
321 --run-command "chown stack:stack /home/stack/.ssh/authorized_keys && chmod 600 /home/stack/.ssh/authorized_keys"
325 sleep 3 # let DHCP happen
328 echo -n "${blue}Waiting for instack's dhcp address${reset}"
329 while ! grep instack /var/lib/libvirt/dnsmasq/default.leases > /dev/null && [ $CNT -gt 0 ]; do
335 # get the instack VM IP
336 UNDERCLOUD=$(grep instack /var/lib/libvirt/dnsmasq/default.leases | awk '{print $3}' | head -n 1)
337 if [ -z "$UNDERCLOUD" ]; then
338 #if not found then dnsmasq may be using leasefile-ro
339 instack_mac=$(virsh domiflist instack | grep default | \
340 grep -Eo "[0-9a-f\]+:[0-9a-f\]+:[0-9a-f\]+:[0-9a-f\]+:[0-9a-f\]+:[0-9a-f\]+")
341 UNDERCLOUD=$(arp -e | grep ${instack_mac} | awk {'print $1'})
343 if [ -z "$UNDERCLOUD" ]; then
344 echo "\n\nNever got IP for Instack. Can Not Continue."
348 echo -e "${blue}\rInstack VM has IP $UNDERCLOUD${reset}"
352 echo -en "${blue}\rValidating instack VM connectivity${reset}"
353 while ! ping -c 1 $UNDERCLOUD > /dev/null && [ $CNT -gt 0 ]; do
358 if [ "$CNT" -eq 0 ]; then
359 echo "Failed to contact Instack. Can Not Continue"
363 while ! ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "echo ''" 2>&1> /dev/null && [ $CNT -gt 0 ]; do
368 if [ "$CNT" -eq 0 ]; then
369 echo "Failed to connect to Instack. Can Not Continue"
373 # extra space to overwrite the previous connectivity output
374 echo -e "${blue}\r ${reset}"
376 #add the instack brbm1 interface
377 virsh attach-interface --domain instack --type network --source brbm1 --model rtl8139 --config --live
379 ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "if ! ip a s eth2 | grep 192.168.37.1 > /dev/null; then ip a a 192.168.37.1/24 dev eth2; ip link set up dev eth2; fi"
381 # ssh key fix for stack user
382 ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "restorecon -r /home/stack"
385 ##Create virtual nodes in virsh
387 function setup_virtual_baremetal {
388 for i in $(seq 0 $vm_index); do
389 if ! virsh list --all | grep baremetalbrbm_brbm1_${i} > /dev/null; then
390 if [ ! -e $CONFIG/baremetalbrbm_brbm1_${i}.xml ]; then
391 define_virtual_node baremetalbrbm_brbm1_${i}
393 virsh define $CONFIG/baremetalbrbm_brbm1_${i}.xml
395 echo "Found Baremetal ${i} VM, using existing VM"
397 virsh vol-list default | grep baremetalbrbm_brbm1_${i} 2>&1> /dev/null || virsh vol-create-as default baremetalbrbm_brbm1_${i}.qcow2 40G --format qcow2
402 ##Copy over the glance images and instack json file
404 function copy_materials_to_instack {
407 echo "Copying configuration file and disk images to instack"
408 scp ${SSH_OPTIONS[@]} $RESOURCES/overcloud-full.qcow2 "stack@$UNDERCLOUD":
409 scp ${SSH_OPTIONS[@]} $NETENV "stack@$UNDERCLOUD":
410 scp ${SSH_OPTIONS[@]} -r $CONFIG/nics/ "stack@$UNDERCLOUD":
412 if [[ ${#deploy_options_array[@]} -eq 0 || ${deploy_options_array['sdn_controller']} == 'opendaylight' ]]; then
413 DEPLOY_OPTIONS+=" -e /usr/share/openstack-tripleo-heat-templates/environments/opendaylight.yaml"
414 elif [ ${deploy_options_array['sdn_controller']} == 'opendaylight-external' ]; then
415 DEPLOY_OPTIONS+=" -e /usr/share/openstack-tripleo-heat-templates/environments/opendaylight-external.yaml"
416 elif [ ${deploy_options_array['sdn_controller']} == 'onos' ]; then
417 echo -e "${red}ERROR: ONOS is currently unsupported...exiting${reset}"
419 elif [ ${deploy_options_array['sdn_controller']} == 'opencontrail' ]; then
420 echo -e "${red}ERROR: OpenContrail is currently unsupported...exiting${reset}"
424 # ensure stack user on instack machine has an ssh key
425 ssh -T ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" "if [ ! -e ~/.ssh/id_rsa.pub ]; then ssh-keygen -t rsa -N '' -f ~/.ssh/id_rsa; fi"
427 if [ "$virtual" == "TRUE" ]; then
429 # copy the instack vm's stack user's pub key to
430 # root's auth keys so that instack can control
431 # vm power on the hypervisor
432 ssh ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" "cat /home/stack/.ssh/id_rsa.pub" >> /root/.ssh/authorized_keys
434 # fix MACs to match new setup
435 for i in $(seq 0 $vm_index); do
436 pyscript="import json
437 data = json.load(open('$CONFIG/instackenv-virt.json'))
438 print data['nodes'][$i]['mac'][0]"
440 old_mac=$(python -c "$pyscript")
441 new_mac=$(virsh dumpxml baremetalbrbm_brbm1_$i | grep "mac address" | cut -d = -f2 | grep -Eo "[0-9a-f:]+")
442 # this doesn't work with multiple vnics on the vms
443 #if [ "$old_mac" != "$new_mac" ]; then
444 # echo "${blue}Modifying MAC for node from $old_mac to ${new_mac}${reset}"
445 # sed -i 's/'"$old_mac"'/'"$new_mac"'/' $CONFIG/instackenv-virt.json
449 DEPLOY_OPTIONS+=" --libvirt-type qemu"
450 INSTACKENV=$CONFIG/instackenv-virt.json
451 NETENV=$CONFIG/network-environment.yaml
453 # upload instackenv file to Instack for virtual deployment
454 scp ${SSH_OPTIONS[@]} $INSTACKENV "stack@$UNDERCLOUD":instackenv.json
457 # allow stack to control power management on the hypervisor via sshkey
458 # only if this is a virtual deployment
459 if [ "$virtual" == "TRUE" ]; then
460 ssh -T ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" <<EOI
461 while read -r line; do
462 stack_key=\${stack_key}\\\\\\\\n\${line}
463 done < <(cat ~/.ssh/id_rsa)
464 stack_key=\$(echo \$stack_key | sed 's/\\\\\\\\n//')
465 sed -i 's~INSERT_STACK_USER_PRIV_KEY~'"\$stack_key"'~' instackenv.json
469 # copy stack's ssh key to this users authorized keys
470 ssh -T ${SSH_OPTIONS[@]} "root@$UNDERCLOUD" "cat /home/stack/.ssh/id_rsa.pub" >> ~/.ssh/authorized_keys
473 ##preping it for deployment and launch the deploy
475 function undercloud_prep_overcloud_deploy {
476 # configure undercloud on Undercloud VM
477 ssh -T ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" "openstack undercloud install > apex-undercloud-install.log"
479 # check if HA is enabled
480 if [ $ha_enabled == "TRUE" ]; then
481 DEPLOY_OPTIONS+=" --control-scale 3 --compute-scale 2"
482 DEPLOY_OPTIONS+=" -e /usr/share/openstack-tripleo-heat-templates/environments/puppet-pacemaker.yaml"
483 DEPLOY_OPTIONS+=" --ntp-server $ntp_server"
486 if [ $net_isolation_enabled == "TRUE" ]; then
487 DEPLOY_OPTIONS+=" -e /usr/share/openstack-tripleo-heat-templates/environments/network-isolation.yaml"
488 DEPLOY_OPTIONS+=" -e network-environment.yaml"
489 DEPLOY_OPTIONS+=" --ntp-server $ntp_server"
492 ssh -T ${SSH_OPTIONS[@]} "stack@$UNDERCLOUD" <<EOI
495 echo "Uploading overcloud glance images"
496 openstack overcloud image upload
497 echo "Configuring undercloud and discovering nodes"
498 openstack baremetal import --json instackenv.json
499 openstack baremetal configure boot
500 openstack baremetal introspection bulk start
501 echo "Configuring flavors"
502 openstack flavor list | grep baremetal || openstack flavor create --id auto --ram 4096 --disk 39 --vcpus 1 baremetal
503 openstack flavor set --property "cpu_arch"="x86_64" --property "capabilities:boot_option"="local" baremetal
504 echo "Configuring nameserver on ctlplane network"
505 neutron subnet-update \$(neutron subnet-list | grep -v id | grep -v \\\\-\\\\- | awk {'print \$2'}) --dns-nameserver 8.8.8.8
506 echo "Executing overcloud deployment, this should run for an extended period without output."
507 sleep 60 #wait for Hypervisor stats to check-in to nova
508 openstack overcloud deploy --templates $DEPLOY_OPTIONS
514 echo -e "Usage:\n$0 [arguments] \n"
515 echo -e " -c|--config : Directory to configuration files. Optional. Defaults to /var/opt/opnfv/ \n"
516 echo -e " -d|--deploy-settings : Full path to deploy settings yaml file. Optional. Defaults to null \n"
517 echo -e " -i|--inventory : Full path to inventory yaml file. Required only for baremetal \n"
518 echo -e " -n|--netenv : Full path to network environment file. Optional. Defaults to \$CONFIG/network-environment.yaml \n"
519 echo -e " -p|--ping-site : site to use to verify IP connectivity. Optional. Defaults to 8.8.8.8 \n"
520 echo -e " -r|--resources : Directory to deployment resources. Optional. Defaults to /var/opt/opnfv/stack \n"
521 echo -e " -v|--virtual : Virtualize overcloud nodes instead of using baremetal. \n"
522 echo -e " --no-ha : disable High Availability deployment scheme, this assumes a single controller and single compute node \n"
523 echo -e " --flat : disable Network Isolation and use a single flat network for the underlay network."
526 ##translates the command line parameters into variables
527 ##params: $@ the entire command line is passed
528 ##usage: parse_cmd_line() "$@"
530 echo -e "\n\n${blue}This script is used to deploy the Apex Installer and Provision OPNFV Target System${reset}\n\n"
531 echo "Use -h to display help"
534 while [ "${1:0:1}" = "-" ]
543 echo "Deployment Configuration Directory Overridden to: $2"
546 -d|--deploy-settings)
547 DEPLOY_SETTINGS_FILE=$2
548 echo "Deployment Configuration file: $2"
561 echo "Using $2 as the ping site"
566 echo "Deployment Resources Directory Overridden to: $2"
571 echo "Executing a Virtual Deployment"
576 echo "HA Deployment Disabled"
580 net_isolation_enabled="FALSE"
581 echo "Underlay Network Isolation Disabled: using flat configuration"
591 if [[ ! -z "$NETENV" && "$net_isolation_enabled" == "FALSE" ]]; then
592 echo -e "${red}INFO: Single flat network requested. Ignoring any netenv settings!${reset}"
593 elif [[ ! -z "$NETENV" && ! -z "$DEPLOY_SETTINGS_FILE" ]]; then
594 echo -e "${red}WARN: deploy_settings and netenv specified. Ignoring netenv settings! deploy_settings will contain \
598 if [[ -n "$virtual" && -n "$INVENTORY_FILE" ]]; then
599 echo -e "${red}ERROR: You should not specify an inventory with virtual deployments${reset}"
603 if [[ ! -z "$DEPLOY_SETTINGS_FILE" && ! -f "$DEPLOY_SETTINGS_FILE" ]]; then
604 echo -e "${red}ERROR: ${DEPLOY_SETTINGS_FILE} does not exist! Exiting...${reset}"
608 if [[ ! -z "$NETENV" && ! -f "$NETENV" ]]; then
609 echo -e "${red}ERROR: ${NETENV} does not exist! Exiting...${reset}"
613 if [[ ! -z "$INVENTORY_FILE" && ! -f "$INVENTORY_FILE" ]]; then
614 echo -e "{$red}ERROR: ${DEPLOY_SETTINGS_FILE} does not exist! Exiting...${reset}"
618 if [[ -z "$virtual" && -z "$INVENTORY_FILE" ]]; then
619 echo -e "${red}ERROR: You must specify an inventory file for baremetal deployments! Exiting...${reset}"
628 if ! configure_deps; then
629 echo "Dependency Validation Failed, Exiting."
631 if [ -n "$DEPLOY_SETTINGS_FILE" ]; then
632 parse_deploy_settings
635 if [ "$virtual" == "TRUE" ]; then
636 setup_virtual_baremetal
637 elif [ -n "$INVENTORY_FILE" ]; then
640 copy_materials_to_instack
641 undercloud_prep_overcloud_deploy