scripts/configure-compute-node-develop.sh

   1 #!/bin/bash
   2
   3 ##
   4 # Copyright 2015 Telefónica Investigación y Desarrollo, S.A.U.
   5 # This file is part of openvim
   6 # All Rights Reserved.
   7 #
   8 # Licensed under the Apache License, Version 2.0 (the "License"); you may
   9 # not use this file except in compliance with the License. You may obtain
  10 # a copy of the License at
  11 #
  12 #         http://www.apache.org/licenses/LICENSE-2.0
  13 #
  14 # Unless required by applicable law or agreed to in writing, software
  15 # distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
  16 # WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
  17 # License for the specific language governing permissions and limitations
  18 # under the License.
  19 #
  20 # For those usages not covered by the Apache License, Version 2.0 please
  21 # contact with: nfvlabs@tid.es
  22 ##
  23
  24 # v1.0: 2015 June
  25 # Authors: Antonio Lopez, Pablo Montes, Alfonso Tierno
  26
  27 # Personalize RHEL7/CENTOS compute nodes for using openvim in 'development' mode:
  28 #   not using huge pages neither isolcpus
  29
  30 # To download:
  31 # wget https://raw.githubusercontent.com/nfvlabs/openmano/master/scripts/configure-compute-node-develop.sh
  32 # To execute:
  33 # chmod +x ./configure-compute-node-develop.sh
  34 # sudo ./configure-compute-node-develop.sh <user> <iface>
  35
  36 function usage(){
  37     echo -e "Usage: sudo $0 [-y] <user-name>  [ <iface-name>  [<ip-address>|dhcp] ]"
  38     echo -e "  Configure compute host for VIM usage in mode 'development'. Params:"
  39     echo -e "     -y  do not prompt for confirmation. If a new user is created, the user name is set as password"
  40     echo -e "     <user-name> Create if not exist and configure this user for openvim to connect"
  41     echo -e "     <iface-name> if supplied creates bridge interfaces on this interface, needed for openvim"
  42     echo -e "     ip or dhcp if supplied, configure the interface with this ip address (/24) or 'dhcp' "
  43 }
  44
  45 #1 CHECK input parameters
  46 #1.1 root privileges
  47 [ "$USER" != "root" ] && echo "Needed root privileges" && usage && exit -1
  48
  49 #1.2 input parameters
  50 FORCE=""
  51 while getopts "y" o; do
  52     case "${o}" in
  53         y)
  54             FORCE="yes"
  55             ;;
  56         *)
  57             usage
  58             exit -1
  59             ;;
  60     esac
  61 done
  62 shift $((OPTIND-1))
  63
  64
  65 if [ $# -lt 1 ]
  66 then
  67   usage
  68   exit
  69 fi
  70
  71 user_name=$1
  72 interface=$2
  73 ip_iface=$3
  74
  75 if [ -n "$interface" ] && ! ifconfig $interface &> /dev/null
  76 then
  77   echo "Error: interface '$interface' is not present in the system"
  78   usage
  79   exit 1
  80 fi
  81
  82 echo '
  83 #################################################################
  84 #####       INSTALL NEEDED PACKETS                          #####
  85 #################################################################'
  86
  87 # Required packages
  88 yum repolist
  89 yum check-update
  90 yum update -y
  91 yum install -y screen virt-manager ethtool gcc gcc-c++ xorg-x11-xauth xorg-x11-xinit xorg-x11-deprecated-libs libXtst guestfish hwloc libhugetlbfs-utils libguestfs-tools
  92 # Selinux management
  93 yum install -y policycoreutils-python
  94
  95 echo '
  96 #################################################################
  97 #####       INSTALL USER                                    #####
  98 #################################################################'
  99
 100 # Add required groups
 101 groupadd -f admin
 102 groupadd -f libvirt   #for other operating systems may be libvirtd
 103
 104 # Adds user, default password same as name
 105 if grep -q "^${user_name}:" /etc/passwd
 106 then
 107   #user exist, add to group
 108   echo "adding user ${user_name} to groups libvirt,admin"
 109   usermod -a -G libvirt,admin -g admin $user_name
 110 else
 111   #create user if it does not exist
 112   [ -z "$FORCE" ] && read -p "user '${user_name}' does not exist, create (Y/n)" kk
 113   if ! [ -z "$kk" -o "$kk"="y" -o "$kk"="Y" ]
 114   then
 115     exit
 116   fi
 117   echo "creating and configuring user ${user_name}"
 118   useradd -m -G libvirt,admin -g admin $user_name
 119   #Password
 120   if [ -z "$FORCE" ]
 121   then
 122      echo "Provide a password for $user_name"
 123      passwd $user_name
 124   else
 125      echo -e "$user_name\n$user_name" | passwd --stdin $user_name
 126   fi
 127 fi
 128
 129 # Allow admin users to access without password
 130 if ! grep -q "#openmano" /etc/sudoers
 131 then
 132     cat >> /home/${user_name}/script_visudo.sh << EOL
 133 #!/bin/bash
 134 cat \$1 | awk '(\$0~"requiretty"){print "#"\$0}(\$0!~"requiretty"){print \$0}' > tmp
 135 cat tmp > \$1
 136 rm tmp
 137 echo "" >> \$1
 138 echo "#openmano allow to group admin to grant root privileges without password" >> \$1
 139 echo "%admin ALL=(ALL) NOPASSWD: ALL" >> \$1
 140 EOL
 141     chmod +x /home/${user_name}/script_visudo.sh
 142     echo "allowing admin user to get root privileges withut password"
 143     export EDITOR=/home/${user_name}/script_visudo.sh && sudo -E visudo
 144     rm -f /home/${user_name}/script_visudo.sh
 145 fi
 146
 147 echo '
 148 #################################################################
 149 #####       OTHER CONFIGURATION                             #####
 150 #################################################################'
 151 # Creates a folder to store images in the user home
 152 #Creates a link to the /home folder because in RHEL this folder is larger
 153 echo "creating compute node folder for local images /opt/VNF/images"
 154 if [ "$user_name" != "" ]
 155 then
 156   mkdir -p /home/VNF_images
 157   chown -R ${user_name}:admin /home/VNF_images
 158   chmod go+x /home/VNF_images
 159
 160   # The orchestator needs to link the images folder
 161   rm -f /opt/VNF/images
 162   mkdir -p /opt/VNF/
 163   ln -s /home/VNF_images /opt/VNF/images
 164   chown -R ${user_name}:admin /opt/VNF
 165
 166 else
 167   mkdir -p /opt/VNF/images
 168   chmod o+rx /opt/VNF/images
 169 fi
 170
 171 echo "creating local information /opt/VNF/images/hostinfo.yaml"
 172 echo "#By default openvim assumes control plane interface naming as em1,em2,em3,em4 " > /opt/VNF/images/hostinfo.yaml
 173 echo "#and bridge ifaces as virbrMan1, virbrMan2, ..." >> /opt/VNF/images/hostinfo.yaml
 174 echo "#if compute node contain a different name it must be indicated in this file" >> /opt/VNF/images/hostinfo.yaml
 175 echo "#with the format extandard-name: compute-name" >> /opt/VNF/images/hostinfo.yaml
 176 if [ "$interface" != "" -a "$interface" != "em1" ]
 177 then
 178   echo "iface_names:"        >> /opt/VNF/images/hostinfo.yaml
 179   echo "  em1: ${interface}" >> /opt/VNF/images/hostinfo.yaml
 180 fi
 181 chmod o+r /opt/VNF/images/hostinfo.yaml
 182
 183 # deactivate memory overcommit
 184 echo "deactivate memory overcommit"
 185 service ksmtuned stop
 186 service ksm stop
 187 chkconfig ksmtuned off
 188 chkconfig ksm off
 189
 190 # Libvirt options (uncomment the following)
 191 echo "configure Libvirt options"
 192 sed -i 's/#unix_sock_group = "libvirt"/unix_sock_group = "libvirt"/' /etc/libvirt/libvirtd.conf
 193 sed -i 's/#unix_sock_rw_perms = "0770"/unix_sock_rw_perms = "0770"/' /etc/libvirt/libvirtd.conf
 194 sed -i 's/#unix_sock_dir = "\/var\/run\/libvirt"/unix_sock_dir = "\/var\/run\/libvirt"/' /etc/libvirt/libvirtd.conf
 195 sed -i 's/#auth_unix_rw = "none"/auth_unix_rw = "none"/' /etc/libvirt/libvirtd.conf
 196
 197 echo '
 198 #################################################################
 199 #####       NETWORK CONFIGURATION                           #####
 200 #################################################################'
 201 # Network config (if the second parameter is net)
 202 if [ -n "$interface" ]
 203 then
 204
 205   # Deactivate network manager
 206   #systemctl stop NetworkManager
 207   #systemctl disable NetworkManager
 208
 209   pushd /etc/sysconfig/network-scripts/
 210
 211   #Create infrastructure bridge
 212   echo "DEVICE=virbrInf
 213 TYPE=Bridge
 214 ONBOOT=yes
 215 DELAY=0
 216 NM_CONTROLLED=no
 217 IPADDR=10.10.0.1
 218 NETMASK=255.255.255.0
 219 USERCTL=no" > ifcfg-virbrInf
 220
 221   #Create bridge interfaces
 222   echo "Creating bridge ifaces: "
 223   for ((i=1;i<=20;i++))
 224   do
 225     i2digits=$i
 226     [ $i -lt 10 ] && i2digits="0$i"
 227     echo "    virbrMan$i"
 228     echo "DEVICE=virbrMan$i
 229 TYPE=Bridge
 230 ONBOOT=yes
 231 DELAY=0
 232 NM_CONTROLLED=no
 233 USERCTL=no" > ifcfg-virbrMan$i
 234
 235   done
 236
 237   popd
 238 fi
 239
 240 echo
 241 echo "Do not forget to create a folder where original virtual machine images are allocated (ex. $HOME/static_storage)"
 242 echo
 243 echo "Do not forget to allow openvim machine accessing directly to the host with ssh. Can be done by:"
 244 echo "   Copy the public ssh key of the openvim user from $HOME/.ssh/id_dsa.pub (in openvim) into /home/${user_name}/.ssh/authorized_keys (in the host) for automatic login from openvim controller"
 245 echo "   Or running on openvim machine 'ssh-keygen' (generate ssh keys) and 'ssh-copy-id <user>@<compute host>'"
 246 echo
 247 echo "Do not forget to perform an initial ssh login from openmano VM into the host so the openmano ssh host key is added to /home/${user_name}/.ssh/known_hosts"
 248 echo
 249
 250 echo "Reboot the system to make the changes effective"
 251
 252