Gitiles
Code Review Sign In
osm.etsi.org / osm / openvim / refs/heads/v1.0 / . / scripts / configure-compute-node-UBUNTU16.0.4.sh
blob: 9d82c1915c1680058ebd2732c601731b88f04814 [file] [log] [blame]
Mirabal92c96c62016-12-07 16:10:56 +0000[diff] [blame]1#!/bin/bash
2
3##
4# Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U.
5# This file is part of openvim
6# All Rights Reserved.
7#
8# Licensed under the Apache License, Version 2.0 (the "License"); you may
9# not use this file except in compliance with the License. You may obtain
10# a copy of the License at
11#
12# http://www.apache.org/licenses/LICENSE-2.0
13#
14# Unless required by applicable law or agreed to in writing, software
15# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
16# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
17# License for the specific language governing permissions and limitations
18# under the License.
19#
20# For those usages not covered by the Apache License, Version 2.0 please
21# contact with: nfvlabs@tid.es
22##
23
24# Authors: Antonio Lopez, Pablo Montes, Alfonso Tierno
25# June 2015
26
27# Personalize RHEL7.1 on compute nodes
28# Prepared to work with the following network card drivers:
29# tg3, igb drivers for management interfaces
30# ixgbe (Intel Niantic) and i40e (Intel Fortville) drivers for data plane interfaces
31
32# To download:
33# wget https://raw.githubusercontent.com/nfvlabs/openmano/master/scripts/configure-compute-node-UBUNTU14.04.sh
34# To execute:
35# chmod +x ./configure-compute-node-UBUNTU14.04.sh
36# sudo ./configure-compute-node-RHEL7.1.sh <user> <iface>
37
38# Assumptions:
39# All virtualization options activated on BIOS (vt-d, vt-x, SR-IOV, no power savings...)
40# RHEL7.1 installed without /home partition and with the following packages selection:
41# @base, @core, @development, @network-file-system-client, @virtualization-hypervisor, @virtualization-platform, @virtualization-tools
42
43
44function usage(){
45 echo -e "Usage: sudo $0 [-y] <user-name> [ <iface-name> [<ip-address>|dhcp] ]"
46 echo -e " Configure compute host for VIM usage. (version 0.4). Params:"
47 echo -e " -y do not prompt for confirmation. If a new user is created, the user name is set as password"
48 echo -e " <user-name> Create if not exist and configure this user for openvim to connect"
49 echo -e " <iface-name> if suplied creates bridge interfaces on this interface, needed for openvim"
50 echo -e " ip or dhcp if suplied, configure the interface with this ip address (/24) or 'dhcp' "
51}
52
53
54#1 CHECK input parameters
55#1.1 root privileges
56[ "$USER" != "root" ] && echo "Needed root privileges" && usage && exit -1
57
58#1.2 input parameters
59FORCE=""
60while getopts "y" o; do
61 case "${o}" in
62 y)
63 FORCE="yes"
64 ;;
65 *)
66 usage
67 exit -1
68 ;;
69 esac
70done
71shift $((OPTIND-1))
72
73
74
75if [ $# -lt 1 ]
76then
77 usage
78 exit
79fi
80
81
82user_name=$1
83interface=$2
84ip_iface=$3
85
86if [ -n "$interface" ] && ! ifconfig $interface &> /dev/null
87then
88 echo "Error: interface '$interface' is not present in the system"
89 usage
90 exit 1
91fi
92
93echo '
94#################################################################
95##### INSTALL NEEDED PACKETS #####
96#################################################################'
97
98# Required packages
99apt-get -y update
100#apt-get -y install grub-common screen virt-manager ethtool build-essential x11-common x11-utils x11-apps libguestfs-tools hwloc libguestfs-tools numactl vlan nfs-common nfs-kernel-server
101apt-get -y install grub-common screen virt-manager ethtool build-essential x11-common x11-utils libguestfs-tools hwloc libguestfs-tools numactl vlan nfs-common nfs-kernel-server
102
103echo "Remove unneeded packages....."
104apt-get -y autoremove
105# Selinux management
106#yum install -y policycoreutils-python
107
108
109
110echo '
111#################################################################
112##### INSTALL USER #####
113#################################################################'
114
115# Add required groups
116groupadd -f admin
117groupadd -f libvirt #for other operating systems may be libvirtd
118
119# Adds user, default password same as name
120if grep -q "^${user_name}:" /etc/passwd
121then
122 #user exist, add to group
123 echo "adding user ${user_name} to groups libvirt,admin"
124 usermod -a -G libvirt,admin -g admin $user_name
125else
126 #create user if it does not exist
127 [ -z "$FORCE" ] && read -p "user '${user_name}' does not exist, create (Y/n)" kk
128 if ! [ -z "$kk" -o "$kk"="y" -o "$kk"="Y" ]
129 then
130 exit
131 fi
132 echo "creating and configuring user {user_name}"
133 useradd -m -G libvirt,admin -g admin $user_name
134 #Password
135 if [ -z "$FORCE" ]
136 then
137 echo "Provide a password for $user_name"
138 passwd $user_name
139 else
140 echo -e "$user_name\n$user_name" | passwd --stdin $user_name
141 fi
142fi
143
144## Allow admin users to access without password
145#if ! grep -q "#openmano" /etc/sudoers
146#then
147# cat >> /home/${user_name}/script_visudo.sh << EOL
148##!/bin/bash
149#cat \$1 | awk '(\$0~"requiretty"){print "#"\$0}(\$0!~"requiretty"){print \$0}' > tmp
150#cat tmp > \$1
151#rm tmp
152#echo "" >> \$1
153#echo "#openmano allow to group admin to grant root privileges without password" >> \$1
154#echo "%admin ALL=(ALL) NOPASSWD: ALL" >> \$1
155#EOL
156# chmod +x /home/${user_name}/script_visudo.sh
157# echo "allowing admin user to get root privileges withut password"
158# export EDITOR=/home/${user_name}/script_visudo.sh && sudo -E visudo
159# rm -f /home/${user_name}/script_visudo.sh
160#fi
161
162
163echo '
164#################################################################
165##### INSTALL HUGEPAGES ISOLCPUS GRUB #####
166#################################################################'
167
168# Huge pages 1G auto mount
169mkdir -p /mnt/huge
170if ! grep -q "Huge pages" /etc/fstab
171then
172 echo "" >> /etc/fstab
173 echo "# Huge pages" >> /etc/fstab
174 echo "nodev /mnt/huge hugetlbfs pagesize=1GB 0 0" >> /etc/fstab
175 echo "" >> /etc/fstab
176fi
177
178# Huge pages reservation service
179if ! [ -f /lib/systemd/system/hugetlb-gigantic-pages.service ]
180then
181 echo "configuring huge pages service"
182 echo "[Unit]
183Description=HugeTLB Gigantic Pages Reservation
184DefaultDependencies=no
185Before=dev-hugepages.mount
186ConditionPathExists=/sys/devices/system/node
187ConditionKernelCommandLine=hugepagesz=1G
188
189[Service]
190Type=oneshot
191RemainAfterExit=yes
192ExecStart=/usr/lib/systemd/hugetlb-reserve-pages
193
194[Install]
195WantedBy=sysinit.target" >> /lib/systemd/system/hugetlb-gigantic-pages.service
196
197 # cat > /usr/lib/systemd/system/hugetlb-gigantic-pages.service << EOL
198 #[Unit]
199 #Description=HugeTLB Gigantic Pages Reservation
200 #DefaultDependencies=no
201 #Before=dev-hugepages.mount
202 #ConditionPathExists=/sys/devices/system/node
203 #ConditionKernelCommandLine=hugepagesz=1G
204 #
205 #[Service]
206 #Type=oneshot
207 #RemainAfterExit=yes
208 #ExecStart=/usr/lib/systemd/hugetlb-reserve-pages
209 #
210 #[Install]
211 #WantedBy=sysinit.target
212 #EOL
213fi
214
215
216# Get isolcpus
217isolcpus=`gawk 'BEGIN{pre=-2;}
218 ($1=="processor"){pro=$3;}
219 ($1=="core" && $4!=0){
220 if (pre+1==pro){endrange="-" pro}
221 else{cpus=cpus endrange sep pro; sep=","; endrange="";};
222 pre=pro;}
223 END{printf("%s",cpus endrange);}' /proc/cpuinfo`
224
225
226echo "CPUS: $isolcpus"
227
228# Huge pages reservation file: reserving all memory apart from 4GB per NUMA node
229# Get the number of hugepages: all memory but 8GB reserved for the OS
230#totalmem=`dmidecode --type 17|grep Size |grep MB |gawk '{suma+=$2} END {print suma/1024}'`
231#hugepages=$(($totalmem-8))
232
233if ! [ -f /usr/lib/systemd/hugetlb-reserve-pages ]
234then
235 cat > /usr/lib/systemd/hugetlb-reserve-pages << EOL
236#!/bin/bash
237nodes_path=/sys/devices/system/node/
238if [ ! -d \$nodes_path ]; then
239 echo "ERROR: \$nodes_path does not exist"
240 exit 1
241fi
242
243reserve_pages()
244{
245 echo \$1 > \$nodes_path/\$2/hugepages/hugepages-1048576kB/nr_hugepages
246}
247
248# This example reserves all available memory apart from 4 GB for linux
249# using 1GB size. You can modify it to your needs or comment the lines
250# to avoid reserve memory in a numa node
251EOL
252 for f in /sys/devices/system/node/node?/meminfo
253 do
254 node=`head -n1 $f | gawk '($5=="kB"){print $2}'`
255 memory=`head -n1 $f | gawk '($5=="kB"){print $4}'`
256 memory=$((memory+1048576-1)) #memory must be ceiled
257 memory=$((memory/1048576)) #from `kB to GB
258 #if memory
259 [ $memory -gt 4 ] && echo "reserve_pages $((memory-4)) node$node" >> /usr/lib/systemd/hugetlb-reserve-pages
260 done
261
262 # Run the following commands to enable huge pages early boot reservation:
263 chmod +x /usr/lib/systemd/hugetlb-reserve-pages
264 systemctl enable hugetlb-gigantic-pages
265fi
266
267# Prepares the text to add at the end of the grub line, including blacklisting ixgbevf driver in the host
268memtotal=`grep MemTotal /proc/meminfo | awk '{ print $2 }' `
269hpages=$(( ($memtotal/(1024*1024))-8 ))
270
271memtotal=$((memtotal+1048576-1)) #memory must be ceiled
272memtotal=$((memtotal/1048576)) #from `kB to GBa
273hpages=$((memtotal-8))
274[[ $hpages -lt 0 ]] && hpages=0
275
276
277echo "------> memtotal: $memtotal"
278
279textokernel=" intel_iommu=on default_hugepagesz=1G hugepagesz=1G hugepages=$hpages isolcpus=$isolcpus modprobe.blacklist=ixgbevf modprobe.blacklist=i40evf"
280
281echo "Text to kernel: $textokernel"
282
283
284# Add text to the kernel line
285if ! grep -q " intel_iommu=on default_hugepagesz=1G hugepagesz=1G" /etc/default/grub
286then
287 echo ">>>>>>> adding cmdline ${textokernel}"
288 sed -i "/^GRUB_CMDLINE_LINUX_DEFAULT=/s/\"\$/${textokernel}\"/" /etc/default/grub
289 sed -i "/^GRUB_CMDLINE_LINUX=/s/\"\$/${textokernel}\"/" /etc/default/grub
290
291 update-grub
292 # BIOS based systems
293 grub-mkconfig -o /boot/efi/EFI/ubuntu/grub.cfg
294 # UEFI based systems
295 grub-mkconfig -o /boot/grub/grub.cfg
296fi
297
298echo '
299#################################################################
300##### OTHER CONFIGURATION #####
301#################################################################'
302
303# Links the OpenMANO required folder /opt/VNF/images to /var/lib/libvirt/images. The OS installation
304# should have only a / partition with all possible space available
305
306echo " link /opt/VNF/images to /var/lib/libvirt/images"
307if [ "$user_name" != "" ]
308then
309 #mkdir -p /home/${user_name}/VNF_images
310 #chown -R ${user_name}:admin /home/${user_name}/VNF_images
311 #chmod go+x $HOME
312
313 # The orchestator needs to link the images folder
314 rm -f /opt/VNF/images
315 mkdir -p /opt/VNF/
316 ln -s /var/lib/libvirt/images /opt/VNF/images
317 chown -R ${user_name}:admin /opt/VNF
318 chown -R root:admin /var/lib/libvirt/images
319 chmod g+rwx /var/lib/libvirt/images
320
321 # Selinux management
322 #echo "configure Selinux management"
323 #semanage fcontext -a -t virt_image_t "/home/${user_name}/VNF_images(/.*)?"
324 #cat /etc/selinux/targeted/contexts/files/file_contexts.local |grep virt_image
325 #restorecon -R -v /home/${user_name}/VNF_images
326else
327 mkdir -p /opt/VNF/images
328 chmod o+rx /opt/VNF/images
329fi
330
331echo "creating local information /opt/VNF/images/hostinfo.yaml"
332echo "#By default openvim assumes control plane interface naming as em1,em2,em3,em4 " > /opt/VNF/images/hostinfo.yaml
333echo "#and bridge ifaces as virbrMan1, virbrMan2, ..." >> /opt/VNF/images/hostinfo.yaml
334echo "#if compute node contain a different name it must be indicated in this file" >> /opt/VNF/images/hostinfo.yaml
335echo "#with the format extandard-name: compute-name" >> /opt/VNF/images/hostinfo.yaml
336if [ "$interface" != "" -a "$interface" != "em1" ]
337then
338 echo "iface_names:" >> /opt/VNF/images/hostinfo.yaml
339 echo " em1: ${interface}" >> /opt/VNF/images/hostinfo.yaml
340fi
341chmod o+r /opt/VNF/images/hostinfo.yaml
342
343# deactivate memory overcommit
344#echo "deactivate memory overcommit"
345#service ksmtuned stop
346#service ksm stop
347#chkconfig ksmtuned off
348#chkconfig ksm off
349
350
351# Libvirt options (uncomment the following)
352echo "configure Libvirt options"
353sed -i 's/#unix_sock_group = "libvirt"/unix_sock_group = "libvirt"/' /etc/libvirt/libvirtd.conf
354sed -i 's/#unix_sock_rw_perms = "0770"/unix_sock_rw_perms = "0770"/' /etc/libvirt/libvirtd.conf
355sed -i 's/#unix_sock_dir = "\/var\/run\/libvirt"/unix_sock_dir = "\/var\/run\/libvirt"/' /etc/libvirt/libvirtd.conf
356sed -i 's/#auth_unix_rw = "none"/auth_unix_rw = "none"/' /etc/libvirt/libvirtd.conf
357
358
359echo '
360#################################################################
361##### NETWORK CONFIGURATION #####
362#################################################################'
363# Network config (if the second parameter is net)
364echo "Interface ==> $interface"
365if [ -n "$interface" ]
366then
367
368
369 # For management and data interfaces
370 rm -f /etc/udev/rules.d/pci_config.rules # it will be created to define VFs
371
372
373 # Set ONBOOT=on and MTU=9000 on the interface used for the bridges
374 echo "configuring iface $interface"
375
376#MTU for interfaces and bridges
377MTU=9000
378
379cp /etc/network/interfaces interfaces.tmp
380
381
382 #Create infrastructure bridge, normally used for connecting to compute nodes, openflow controller, ...
383
384
385 #Create VLAN for infrastructure bridge
386
387 echo "
388######### CUTLINE #########
389
390auto ${interface}
391iface ${interface} inet manual
392 post-up ip link set dev ${interface} mtu ${MTU}
393
394auto ${interface}.1001
395iface ${interface}.1001 inet manual
396 vlan-raw-device ${interface}
397 post-up ip link set mtu $MTU dev ${interface}.1001
398" >> interfaces.tmp
399
400# echo "ifconfig ${interface} mtu $MTU
401# ifconfig ${interface} up
402#" > mtu.tmp
403
404
405 #Create bridge interfaces
406 echo "Creating bridge ifaces: "
407 for ((i=1;i<=20;i++))
408 do
409 i2digits=$i
410 [ $i -lt 10 ] && i2digits="0$i"
411 echo " virbrMan$i vlan 20$i2digits"
412
413 j=$i
414
415 echo "
416auto ${interface}.20$i2digits
417iface ${interface}.20$i2digits inet manual
418 post-up ip link set mtu $MTU dev ${interface}.20$i2digits
419
420auto virbrMan$j
421iface virbrMan$j inet manual
422 bridge_ports ${interface}.20$i2digits
423 post-up ip link set dev virbrMan$j && ip link set mtu 9000 dev virbrMan$j
424" >> interfaces.tmp
425
426# echo "ifconfig ${interface}.20$i2digits mtu $MTU
427#ifconfig virbrMan$j mtu $MTU
428#ifconfig virbrMan$j up
429#" >> mtu.tmp
430
431 done
432
433 echo "
434auto em2.1001
435iface em2.1001 inet manual
436 post-up ip link set dev em2.1001 mtu 9000
437
438auto virbrInf
439iface virbrInf inet manual
440 bridge_ports em2.1001
441 post-up ip link set dev virbrInf && ip link set mtu 9000 dev virbrInf
442" >> interfaces.tmp
443
444# echo "ifconfig em2.1001 mtu $MTU
445#ifconfig virbrInf mtu $MTU
446#ifconfig virbrInf up
447#" >> mtu.tmp
448
449if ! grep -q "#### CUTLINE ####" /etc/network/interfaces
450then
451 echo "====== Copying interfaces.tmp to /etc/network/interfaces"
452 cp interfaces.tmp /etc/network/interfaces
453fi
454
455
456 #popd
457fi
458
459
460# Activate 8 Virtual Functions per PF on Niantic cards (ixgbe driver)
461if [[ `lsmod | cut -d" " -f1 | grep "ixgbe" | grep -v vf` ]]
462then
463 if ! grep -q "ixgbe" /etc/modprobe.d/ixgbe.conf
464 then
465 echo "options ixgbe max_vfs=8" >> /etc/modprobe.d/ixgbe.conf
466 fi
467
468fi
469
470echo "#!/bin/bash" > /etc/activate-vfs.sh
471chmod +x /etc/activate-vfs.sh
472for iface in `ip -o link show | awk -F': ' '{print $2}' | grep -v -e "\." -e "lo" -e "virbr" -e "tap"`
473do
474# 10/40 Gbps interfaces
475# Intel X520 cards: driver ixgbe
476# Intel XL710 Fortville cards: driver i40e
477driver=`ethtool -i $iface| awk '($0~"driver"){print $2}'`
478if [ "$driver" = "i40e" -o "$driver" = "ixgbe" ]
479then
480 echo "configuring dataplane iface $iface"
481
482 # Create 8 SR-IOV per PF by udev rules only for Fortville cards (i40e driver)
483 if [ "$driver" = "i40e" ]
484 then
485 pci=`ethtool -i $iface | awk '($0~"bus-info"){print $2}'`
486 echo "echo 8 > /sys/bus/pci/devices/$pci/sriov_numvfs" >> /etc/activate-vfs.sh
487 fi
488fi
489done
490
491# Set dataplane MTU
492
493#echo "sleep 10" >> mtu.tmp
494
495#interfaces=`ifconfig -a | grep ^p | cut -d " " -f 1`
496#for ph in $interfaces
497#do
498# echo "ifconfig $ph mtu $MTU" >> mtu.tmp
499# echo "ifconfig $ph up" >> mtu.tmp
500#done
501
502
503
504#cp mtu.tmp /etc/setmtu.sh
505#chmod +x /etc/setmtu.sh
506
507# To define 8 VFs per PF we do it on rc.local, because the driver needs to be unloaded and loaded again
508#if ! grep -q "NFV" /etc/rc.local
509#then
510 echo "#!/bin/sh -e
511" > /etc/rc.local
512 echo "# NFV" >> /etc/rc.local
513 echo "modprobe -r ixgbe" >> /etc/rc.local
514 echo "modprobe ixgbe max_vfs=8" >> /etc/rc.local
515 echo "/etc/activate-vfs.sh" >> /etc/rc.local
516 #echo "/etc/setmtu.sh" >> /etc/rc.local
517 echo "
518exit 0" >> /etc/rc.local
519 echo "" >> /etc/rc.local
520
521 chmod +x /etc/rc.local
522 chmod +x /etc/activate-vfs.sh
523
524#fi
525
526chmod a+rwx /var/lib/libvirt/images
527mkdir /usr/libexec/
528pushd /usr/libexec/
529ln -s /usr/bin/qemu-system-x86_64 qemu-kvm
530popd
531
532#Deactivating apparmor while looking for a better solution
533/etc/init.d/apparmor stop
534update-rc.d -f apparmor remove
535
536echo
537echo "Do not forget to create a shared (NFS, Samba, ...) where original virtual machine images are allocated"
538echo
539echo "Do not forget to copy the public ssh key into /home/${user_name}/.ssh/authorized_keys for authomatic login from openvim controller"
540echo
541
542echo "Reboot the system to make the changes effective"
543