diff --git a/lib/ironic b/lib/ironic index ec9447db14..8aa06d10a4 100644 --- a/lib/ironic +++ b/lib/ironic @@ -49,7 +49,7 @@ IRONIC_SSH_KEY_FILENAME=${IRONIC_SSH_KEY_FILENAME:-ironic_key} IRONIC_KEY_FILE=$IRONIC_SSH_KEY_DIR/$IRONIC_SSH_KEY_FILENAME IRONIC_SSH_VIRT_TYPE=${IRONIC_SSH_VIRT_TYPE:-virsh} IRONIC_TFTPBOOT_DIR=${IRONIC_TFTPBOOT_DIR:-$IRONIC_DATA_DIR/tftpboot} -IRONIC_VM_SSH_PORT=${IRONIC_VM_SSH_PORT:-2222} +IRONIC_VM_SSH_PORT=${IRONIC_VM_SSH_PORT:-22} IRONIC_VM_SSH_ADDRESS=${IRONIC_VM_SSH_ADDRESS:-$HOST_IP} IRONIC_VM_COUNT=${IRONIC_VM_COUNT:-1} IRONIC_VM_SPECS_CPU=${IRONIC_VM_SPECS_CPU:-1} @@ -432,31 +432,10 @@ function ironic_ssh_check { fi } -function configure_ironic_sshd { - # Ensure sshd server accepts connections from localhost only - - SSH_CONFIG=/etc/ssh/sshd_config - HOST_PORT=$IRONIC_VM_SSH_ADDRESS:$IRONIC_VM_SSH_PORT - if ! sudo grep ListenAddress $SSH_CONFIG | grep $HOST_PORT; then - echo "ListenAddress $HOST_PORT" | sudo tee -a $SSH_CONFIG - fi - - SSH_SERVICE_NAME=sshd - if is_ubuntu; then - SSH_SERVICE_NAME=ssh - fi - - restart_service $SSH_SERVICE_NAME - # to ensure ssh service is up and running - sleep 3 - ironic_ssh_check $IRONIC_SSH_KEY_DIR/$IRONIC_SSH_KEY_FILENAME $IRONIC_VM_SSH_ADDRESS $IRONIC_VM_SSH_PORT $IRONIC_SSH_USERNAME 10 - -} - function configure_ironic_auxiliary { configure_ironic_dirs configure_ironic_ssh_keypair - configure_ironic_sshd + ironic_ssh_check $IRONIC_SSH_KEY_DIR/$IRONIC_SSH_KEY_FILENAME $IRONIC_VM_SSH_ADDRESS $IRONIC_VM_SSH_PORT $IRONIC_SSH_USERNAME 10 } # build deploy kernel+ramdisk, then upload them to glance diff --git a/lib/neutron b/lib/neutron index b7c9464f3d..726f676237 100644 --- a/lib/neutron +++ b/lib/neutron @@ -127,6 +127,10 @@ Q_L3_ROUTER_PER_TENANT=${Q_L3_ROUTER_PER_TENANT:-False} # See _configure_neutron_common() for details about setting it up declare -a Q_PLUGIN_EXTRA_CONF_FILES +# List of (optional) config files for VPN device drivers to use with +# the neutron-q-vpn agent +declare -a Q_VPN_EXTRA_CONF_FILES + Q_RR_CONF_FILE=$NEUTRON_CONF_DIR/rootwrap.conf if [[ "$Q_USE_ROOTWRAP" == "False" ]]; then @@ -495,7 +499,7 @@ function start_neutron_agents { L3_CONF_FILES="$L3_CONF_FILES --config-file $Q_FWAAS_CONF_FILE" fi if is_service_enabled q-vpn; then - screen_it q-vpn "cd $NEUTRON_DIR && $AGENT_VPN_BINARY $L3_CONF_FILES" + screen_it q-vpn "cd $NEUTRON_DIR && $AGENT_VPN_BINARY $VPN_CONF_FILES" else screen_it q-l3 "cd $NEUTRON_DIR && python $AGENT_L3_BINARY $L3_CONF_FILES" fi @@ -658,6 +662,7 @@ function _configure_neutron_dhcp_agent { } function _configure_neutron_l3_agent { + local cfg_file Q_L3_ENABLED=True # for l3-agent, only use per tenant router if we have namespaces Q_L3_ROUTER_PER_TENANT=$Q_USE_NAMESPACE @@ -669,6 +674,15 @@ function _configure_neutron_l3_agent { Q_FWAAS_CONF_FILE=$NEUTRON_CONF_DIR/fwaas_driver.ini fi + if is_service_enabled q-vpn; then + Q_VPN_CONF_FILE=$NEUTRON_CONF_DIR/vpn_agent.ini + cp $NEUTRON_DIR/etc/vpn_agent.ini $Q_VPN_CONF_FILE + VPN_CONF_FILES="--config-file $NEUTRON_CONF --config-file=$Q_L3_CONF_FILE --config-file=$Q_VPN_CONF_FILE" + for cfg_file in ${Q_VPN_EXTRA_CONF_FILES[@]}; do + VPN_CONF_FILES+=" --config-file $cfg_file" + done + fi + cp $NEUTRON_DIR/etc/l3_agent.ini $Q_L3_CONF_FILE iniset $Q_L3_CONF_FILE DEFAULT verbose True diff --git a/lib/swift b/lib/swift index 3e183ff257..6db779a58f 100644 --- a/lib/swift +++ b/lib/swift @@ -453,10 +453,13 @@ EOF rm -rf ${swift_log_dir} mkdir -p ${swift_log_dir}/hourly sudo chown -R ${STACK_USER}:adm ${swift_log_dir} - sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \ - tee /etc/rsyslog.d/10-swift.conf - # restart syslog to take the changes - sudo killall -HUP rsyslogd + + if [[ $SYSLOG != "False" ]]; then + sed "s,%SWIFT_LOGDIR%,${swift_log_dir}," $FILES/swift/rsyslog.conf | sudo \ + tee /etc/rsyslog.d/10-swift.conf + # restart syslog to take the changes + sudo killall -HUP rsyslogd + fi if is_apache_enabled_service swift; then _config_swift_apache_wsgi