-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathhorizon.scenario
89 lines (75 loc) · 3.01 KB
/
horizon.scenario
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
# This file can be used directly by 'phd', see 'build-all.sh' in this
# directory for how it can be invoked. The only requirement is a list
# of nodes you'd like it to modify.
#
# The scope of each command-block is controlled by the preceeding
# 'target' line.
#
# - target=all
# The commands are executed on evey node provided
#
# - target=local
# The commands are executed from the node hosting phd. When not
# using phd, they should be run from some other independant host
# (such as the puppet master)
#
# - target=$PHD_ENV_nodes{N}
# The commands are executed on the Nth node provided.
# For example, to run on only the first node would be target=$PHD_ENV_nodes1
#
# Tasks to be performed at this step include:
#################################
# Scenario Requirements Section #
#################################
= VARIABLES =
PHD_VAR_secrets_horizon_secret
PHD_VAR_network_hosts_memcache
#################################
# Scenario Requirements Section #
#################################
= REQUIREMENTS =
nodes: 1
######################
# Deployment Scripts #
######################
= SCRIPTS =
target=all
....
yum install -y mod_wsgi httpd mod_ssl openstack-dashboard
# NOTE this is a rather scary sed and replace operation to configure horizon
# in one shot, scriptable way.
# Keypoints:
# set ALLOWED_HOSTS to access the web service.
# BE AWARE that this command will allow access from everywhere!
# connection CACHES to memcacehed
# connect with keystone for authentication
# fix a LOCAL_PATH to point to the correct location.
horizonememcachenodes=$(echo ${PHD_VAR_network_hosts_memcache} | sed -e "s#,#', '#g" -e "s#^#[ '#g" -e "s#\$#', ]#g")
sed -i \
-e "s#ALLOWED_HOSTS.*#ALLOWED_HOSTS = ['*',]#g" \
-e "s#^CACHES#SESSION_ENGINE = 'django.contrib.sessions.backends.cache'\nCACHES#g#" \
-e "s#locmem.LocMemCache'#memcached.MemcachedCache',\n\t'LOCATION' : $horizonememcachenodes#g" \
-e 's#OPENSTACK_HOST =.*#OPENSTACK_HOST = "vip-keystone"#g' \
-e "s#^LOCAL_PATH.*#LOCAL_PATH = '/var/lib/openstack-dashboard'#g" \
-e "s#SECRET_KEY.*#SECRET_KEY = '${PHD_VAR_secrets_horizon_secret}'#g#" \
/etc/openstack-dashboard/local_settings
# workaround buggy packages
echo "COMPRESS_OFFLINE = True" >> /etc/openstack-dashboard/local_settings
python /usr/share/openstack-dashboard/manage.py compress
# NOTE: fix apache config to listen only on a given interface (internal)
sed -i -e 's/^Listen.*/Listen '$(ip addr show dev eth1 scope global | grep dynamic| sed -e 's#.*inet ##g' -e 's#/.*##g')':80/g' /etc/httpd/conf/httpd.conf
# NOTE: enable server-status. this is required by pacemaker to verify apache is
# responding. Only allow from localhost.
cat > /etc/httpd/conf.d/server-status.conf << EOF
<Location /server-status>
SetHandler server-status
Order deny,allow
Deny from all
Allow from localhost
</Location>
EOF
....
target=$PHD_ENV_nodes1
....
pcs resource create horizon apache --clone interleave=true
....