blob: c4ce244e8e16aa54307bab18ba5fc90ba41d2792 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
|
#!/bin/bash
#
# Author: Dimitri Mazmanov (dimitri.mazmanov@ericsson.com)
#
# All rights reserved. This program and the accompanying materials
# are made available under the terms of the Apache License, Version 2.0
# which accompanies this distribution, and is available at
# http://www.apache.org/licenses/LICENSE-2.0
#
set -o xtrace
set -o errexit
set -o nounset
set -o pipefail
PASSWORD_FILE_ENC="/root/servicepass.ini"
PASSWORD_FILE="/root/passwords.ini"
function ini_has_option {
local file=$1
local section=$2
local option=$3
local line
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
[ -n "$line" ]
}
# Get an option from an INI file
# iniget config-file section option
function iniget {
local xtrace
xtrace=$(set +o | grep xtrace)
set +o xtrace
local file=$1
local section=$2
local option=$3
local line
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file")
echo ${line#*=}
$xtrace
}
# Set an option in an INI file
# iniset [-sudo] config-file section option value
# - if the file does not exist, it is created
function iniset {
local file=$1
local section=$2
local option=$3
local value=$4
[[ -z $section || -z $option ]] && return
if ! grep -q "^\[$section\]" "$file" 2>/dev/null; then
echo -e "\n[$section]" >>"$file"
fi
if ! ini_has_option "$file" "$section" "$option"; then
sed -i -e "/^\[$section\]/ a\\
$option = $value
" "$file"
else
local sep=$(echo -ne "\x01")
# Replace it
sed -i -e '/^\['${section}'\]/,/^\[.*\]/ s'${sep}'^\('${option}'[ \t]*=[ \t]*\).*$'${sep}'\1'"${value}"${sep} "$file"
fi
}
function decode_passwords() {
openssl enc -aes-256-cbc -d -in ${PASSWORD_FILE_ENC} -out ${PASSWORD_FILE} -k multisite
}
function write_controller() {
# For each slave region the following files must be updated on each controller.
iniset "/etc/glance/glance-registry.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT glance_password)
iniset "/etc/glance/glance-api.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT glance_password)
iniset "/etc/glance/glance-glare.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT glare_password)
iniset "/etc/heat/heat.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT heat_password)
iniset "/etc/nova/nova.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT nova_password)
iniset "/etc/nova/nova.conf" neutron password $(iniget ${PASSWORD_FILE} DEFAULT neutron_password)
iniset "/etc/cinder/cinder.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT cinder_password)
iniset "/etc/neutron/neutron.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT neutron_password)
iniset "/etc/ceilometer/ceilometer.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT ceilometer_password)
iniset "/etc/aodh/aodh.conf" keystone_authtoken password $(iniget ${PASSWORD_FILE} DEFAULT aodh_password)
}
function restart_controller() {
service nova-api restart
service nova-cert restart
service nova-conductor restart
service nova-novncproxy restart
service nova-consoleauth restart
service neutron-server restart
service heat-api restart
service heat-engine restart
service glance-api restart
service glance-registry restart
service glance-glare restart
service cinder-api restart
service cinder-volume restart
service cinder-scheduler restart
service cinder-backup restart
# corosync resources
crm resource restart p_ceilometer-agent-central
crm resource restart p_aodh-evaluator
}
function write_compute() {
iniset "/etc/nova/nova.conf" neutron password $(iniget ${PASSWORD_FILE} DEFAULT neutron_password)
}
function restart_compute() {
service nova-compute restart
}
#begin
decode_passwords
# are we on the controller?
if pgrep -f nova-api > /dev/null
then
write_controller
restart_controller
else
write_compute
restart_compute
fi
|
