diff --git a/README.en.md b/README.en.md index ea0586d19e5fe7a6157aed28f6988283755f6b9e..efd9b8a281e168d0e1452110c684fd3976cbc95e 100644 --- a/README.en.md +++ b/README.en.md @@ -1,3 +1,36 @@ # openstack-nova -OpenStack services are exclusively released in the openEuler LTS version. Please refer to other Multi-Version branches for the Spec source code. \ No newline at end of file +#### Description +OpenStack Compute (Nova) + +#### Software Architecture +Software architecture description + +#### Installation + +1. xxxx +2. xxxx +3. xxxx + +#### Instructions + +1. xxxx +2. xxxx +3. xxxx + +#### Contribution + +1. Fork the repository +2. Create Feat_xxx branch +3. Commit your code +4. Create Pull Request + + +#### Gitee Feature + +1. You can use Readme\_XXX.md to support different languages, such as Readme\_en.md, Readme\_zh.md +2. Gitee blog [blog.gitee.com](https://blog.gitee.com) +3. Explore open source project [https://gitee.com/explore](https://gitee.com/explore) +4. The most valuable open source project [GVP](https://gitee.com/gvp) +5. The manual of Gitee [https://gitee.com/help](https://gitee.com/help) +6. The most popular members [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/README.md b/README.md index 7c4e9082fef44e5269236b41754bbd6980d1e52f..2321fcff78ac4708cd032feae7f84103dac67f94 100644 --- a/README.md +++ b/README.md @@ -1,3 +1,37 @@ # openstack-nova -openstack服务只在openEuler LTS版本发布,Spec源码请参考其他Multi-Version分支。 \ No newline at end of file +#### 介绍 +OpenStack Compute (Nova) + +#### 软件架构 +软件架构说明 + + +#### 安装教程 + +1. xxxx +2. xxxx +3. xxxx + +#### 使用说明 + +1. xxxx +2. xxxx +3. xxxx + +#### 参与贡献 + +1. Fork 本仓库 +2. 新建 Feat_xxx 分支 +3. 提交代码 +4. 新建 Pull Request + + +#### 码云特技 + +1. 使用 Readme\_XXX.md 来支持不同的语言,例如 Readme\_en.md, Readme\_zh.md +2. 码云官方博客 [blog.gitee.com](https://blog.gitee.com) +3. 你可以 [https://gitee.com/explore](https://gitee.com/explore) 这个地址来了解码云上的优秀开源项目 +4. [GVP](https://gitee.com/gvp) 全称是码云最有价值开源项目,是码云综合评定出的优秀开源项目 +5. 码云官方提供的使用手册 [https://gitee.com/help](https://gitee.com/help) +6. 码云封面人物是一档用来展示码云会员风采的栏目 [https://gitee.com/gitee-stars/](https://gitee.com/gitee-stars/) diff --git a/nova-27.3.0.tar.gz b/nova-27.3.0.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..b582e793b4561dae0a0a1777db4cbfb6627307ba Binary files /dev/null and b/nova-27.3.0.tar.gz differ diff --git a/nova-dist.conf b/nova-dist.conf new file mode 100644 index 0000000000000000000000000000000000000000..a749bbeb9d4be940effaf1d46a8208888b09bf96 --- /dev/null +++ b/nova-dist.conf @@ -0,0 +1,19 @@ +[DEFAULT] +log_dir = /var/log/nova +state_path = /var/lib/nova +lock_path = /var/lib/nova/tmp +injected_network_template = /usr/share/nova/interfaces.template +libvirt_nonblocking = True +libvirt_inject_partition = -1 +compute_driver = libvirt.LibvirtDriver +rootwrap_config = /etc/nova/rootwrap.conf +use_stderr = False + +[database] +connection = mysql://nova:nova@localhost/nova +max_retries = -1 + +[keystone_authtoken] +auth_host = 127.0.0.1 +auth_port = 35357 +auth_protocol = http diff --git a/nova-ifc-template b/nova-ifc-template new file mode 100644 index 0000000000000000000000000000000000000000..7d1d28b1021a23ce4bf8ae460340f6555fb1fce5 --- /dev/null +++ b/nova-ifc-template @@ -0,0 +1,15 @@ +DEVICE="{{ name }}" +NM_CONTROLLED="no" +ONBOOT=yes +TYPE=Ethernet +BOOTPROTO=static +IPADDR={{ address }} +NETMASK={{ netmask }} +BROADCAST={{ broadcast }} +GATEWAY={{ gateway }} +DNS1={{ dns }} + +#if $use_ipv6 +IPV6INIT=yes +IPV6ADDR={{ address_v6 }} +#end if diff --git a/nova-migration-wrapper b/nova-migration-wrapper new file mode 100644 index 0000000000000000000000000000000000000000..fab54a7f6767201f5835faba3bc36c15fa9bf3df --- /dev/null +++ b/nova-migration-wrapper @@ -0,0 +1,65 @@ +#!/usr/bin/python2 +import os +import sys +import syslog + +command = os.environ.get('SSH_ORIGINAL_COMMAND') +ssh_connection = os.environ.get('SSH_CONNECTION') +if command is None: + sys.stderr.write('This command must be run via SSH ForceCommand (see man 5 sshd_config).\n') + sys.exit(1) + +syslog.openlog('nova_migration_wrapper') + +def allow_command(user, args): + syslog.syslog(syslog.LOG_INFO, "Allowing connection='{}' command={} ".format( + ssh_connection, + repr(args) + )) + os.execlp('sudo', 'sudo', '-u', user, *args) + +def deny_command(args): + syslog.syslog(syslog.LOG_ERR, "Denying connection='{}' command={}".format( + ssh_connection, + repr(args) + )) + sys.stderr.write('Forbidden\n') + sys.exit(1) + +# Handle libvirt ssh tunnel script snippet +# https://github.com/libvirt/libvirt/blob/f0803dae93d62a4b8a2f67f4873c290a76d978b3/src/rpc/virnetsocket.c#L890 +libvirt_sock = '/var/run/libvirt/libvirt-sock' +live_migration_tunnel_cmd = "sh -c 'if 'nc' -q 2>&1 | grep \"requires an argument\" >/dev/null 2>&1; then " \ + "ARG=-q0;" \ + "else " \ + "ARG=;" \ + "fi;" \ + "'nc' $ARG -U {}'".format(libvirt_sock) + +cold_migration_root = '/var/lib/nova/instances/' +cold_migration_cmds = [ + ['mkdir', '-p'], + ['rm', '-rf'], + ['touch'], + ['rm'], + ['scp', '-r', '-t'], + ['scp', '-r', '-f'], + ['scp', '-t'], + ['scp', '-f'], +] +rootwrap_args = ['/usr/bin/nova-rootwrap', '/etc/nova/migration/rootwrap.conf'] + +def validate_cold_migration_cmd(args): + target_path = os.path.normpath(args[-1]) + cmd = args[:-1] + return cmd in cold_migration_cmds and target_path.startswith(cold_migration_root) + +# Rules +args = command.split(' ') +if command == live_migration_tunnel_cmd: + args = ['nc', '-U', libvirt_sock] + allow_command('nova', args) +if validate_cold_migration_cmd(args): + args = rootwrap_args + args + allow_command('root', args) +deny_command(args) diff --git a/nova-ssh-config b/nova-ssh-config new file mode 100644 index 0000000000000000000000000000000000000000..a5618f71474a915afb2ded06806e7bb0283000c0 --- /dev/null +++ b/nova-ssh-config @@ -0,0 +1,4 @@ +Host * + User nova_migration + UserKnownHostsFile /dev/null + IdentityFile /etc/nova/migration/identity \ No newline at end of file diff --git a/nova-sudoers b/nova-sudoers new file mode 100644 index 0000000000000000000000000000000000000000..db6180364414eb460cf9d90091a6288e68cd3291 --- /dev/null +++ b/nova-sudoers @@ -0,0 +1,4 @@ +Defaults:nova !requiretty + +nova ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/rootwrap.conf * +nova ALL = (root) NOPASSWD: /usr/bin/privsep-helper * diff --git a/nova.logrotate b/nova.logrotate new file mode 100644 index 0000000000000000000000000000000000000000..6017ca60fe6a0d0f60be10a232ccc71181122e46 --- /dev/null +++ b/nova.logrotate @@ -0,0 +1,7 @@ +/var/log/nova/*.log { + rotate 14 + size 10M + missingok + compress + copytruncate +} diff --git a/nova_migration-rootwrap.conf b/nova_migration-rootwrap.conf new file mode 100644 index 0000000000000000000000000000000000000000..dd3dc7264770d538605ad4aad969479d98652e0d --- /dev/null +++ b/nova_migration-rootwrap.conf @@ -0,0 +1,6 @@ +[DEFAULT] +use_syslog=True +syslog_log_facility=syslog +syslog_log_level=ERROR +filters_path=/etc/nova/migration/rootwrap.d + diff --git a/nova_migration-rootwrap_cold_migration b/nova_migration-rootwrap_cold_migration new file mode 100644 index 0000000000000000000000000000000000000000..ad56460a6e14abdd6d8e38dce38b615e0ef90120 --- /dev/null +++ b/nova_migration-rootwrap_cold_migration @@ -0,0 +1,9 @@ +[Filters] +create_file: PathFilter, /usr/bin/touch, nova, /var/lib/nova/instances/ +remove_file: PathFilter, /usr/bin/rm, nova, /var/lib/nova/instances/ +create_dir: PathFilter, /usr/bin/mkdir, nova, -p, /var/lib/nova/instances/ +remove_dir: PathFilter, /usr/bin/rm, nova, -rf, /var/lib/nova/instances/ +copy_file_local_to_remote_recursive: PathFilter, /usr/bin/scp, nova, -r, -t, /var/lib/nova/instances/ +copy_file_remote_to_local_recursive: PathFilter, /usr/bin/scp, nova, -r, -f, /var/lib/nova/instances/ +copy_file_local_to_remote: PathFilter, /usr/bin/scp, nova, -t, /var/lib/nova/instances/ +copy_file_remote_to_local: PathFilter, /usr/bin/scp, nova, -f, /var/lib/nova/instances/ diff --git a/nova_migration-sudoers b/nova_migration-sudoers new file mode 100644 index 0000000000000000000000000000000000000000..eefdc0ba16264c7a966b11abd2922cfb0eb36e1a --- /dev/null +++ b/nova_migration-sudoers @@ -0,0 +1,4 @@ +Defaults:nova_migration !requiretty + +nova_migration ALL = (nova) NOPASSWD: /usr/bin/nc -U /var/run/libvirt/libvirt-sock +nova_migration ALL = (root) NOPASSWD: /usr/bin/nova-rootwrap /etc/nova/migration/rootwrap.conf * diff --git a/nova_migration_authorized_keys b/nova_migration_authorized_keys new file mode 100644 index 0000000000000000000000000000000000000000..bd4c88d911f9d96bc85d397f338dafc6ee99f844 --- /dev/null +++ b/nova_migration_authorized_keys @@ -0,0 +1,4 @@ +# SSH authorized_keys file for Openstack Nova migration +# +# This controls with hosts are allowed to migration VMs to this host. +# Append the SSH public keys of authorized hosts to this file. \ No newline at end of file diff --git a/nova_migration_identity b/nova_migration_identity new file mode 100644 index 0000000000000000000000000000000000000000..c81ef164ec43fb7a9455b8541bb83ea81b421071 --- /dev/null +++ b/nova_migration_identity @@ -0,0 +1,6 @@ +# SSH identity file (private key) for Openstack Nova migration +# +# Generate an ssh key pair for this host. +# Add the private key (e.g id_rsa) to this file. +# Add the public key (e.g id_rsa.pub) to /etc/nova/migration/authorized_keys +# on the migration target hosts. \ No newline at end of file diff --git a/openstack-nova-api.service b/openstack-nova-api.service new file mode 100644 index 0000000000000000000000000000000000000000..94bf1f1aa288124ce27769413a8403220227f20a --- /dev/null +++ b/openstack-nova-api.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Nova API Server +After=syslog.target network.target + +[Service] +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-api + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-compute.service b/openstack-nova-compute.service new file mode 100644 index 0000000000000000000000000000000000000000..9104fca6654c9e46490b5be99f59b37d9f4862bc --- /dev/null +++ b/openstack-nova-compute.service @@ -0,0 +1,16 @@ +[Unit] +Description=OpenStack Nova Compute Server +After=syslog.target network.target libvirtd.service + +[Service] +Environment=LIBGUESTFS_ATTACH_METHOD=appliance +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-compute + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-conductor.service b/openstack-nova-conductor.service new file mode 100644 index 0000000000000000000000000000000000000000..b815b536038c814c2663dab69d9b2ac3e1acf6a9 --- /dev/null +++ b/openstack-nova-conductor.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Nova Conductor Server +After=syslog.target network.target + +[Service] +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-conductor + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-metadata-api.service b/openstack-nova-metadata-api.service new file mode 100644 index 0000000000000000000000000000000000000000..b78b5a165359d941204f580def20ded6d83d2e27 --- /dev/null +++ b/openstack-nova-metadata-api.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Nova Metadata API Server +After=syslog.target network.target + +[Service] +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-api-metadata + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-novncproxy.service b/openstack-nova-novncproxy.service new file mode 100644 index 0000000000000000000000000000000000000000..b1d30f73fc2a42f326e46c62eb98f34d52bf4a47 --- /dev/null +++ b/openstack-nova-novncproxy.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Nova NoVNC Proxy Server +After=syslog.target network.target + +[Service] +Type=simple +User=nova +EnvironmentFile=-/etc/sysconfig/openstack-nova-novncproxy +ExecStart=/usr/bin/nova-novncproxy --web /usr/share/novnc/ $OPTIONS +Restart=on-failure + +[Install] +WantedBy=multi-user.target diff --git a/openstack-nova-novncproxy.sysconfig b/openstack-nova-novncproxy.sysconfig new file mode 100644 index 0000000000000000000000000000000000000000..8c905ed4aa5acfce194a30e587d25a7240534180 --- /dev/null +++ b/openstack-nova-novncproxy.sysconfig @@ -0,0 +1,2 @@ +# You may specify other parameters to the nova-novncproxy here +#OPTIONS= diff --git a/openstack-nova-os-compute-api.service b/openstack-nova-os-compute-api.service new file mode 100644 index 0000000000000000000000000000000000000000..7fc1889c9d6662abb506a2f54bbd972af3d166a2 --- /dev/null +++ b/openstack-nova-os-compute-api.service @@ -0,0 +1,14 @@ +[Unit] +Description=OpenStack Nova Compute API Server +After=syslog.target network.target + +[Service] +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-api-os-compute + +[Install] +WantedBy=multi-user.target diff --git a/openstack-nova-scheduler.service b/openstack-nova-scheduler.service new file mode 100644 index 0000000000000000000000000000000000000000..c6baa4d131ea3e54515bc1ccf3bedd6f430c99a0 --- /dev/null +++ b/openstack-nova-scheduler.service @@ -0,0 +1,15 @@ +[Unit] +Description=OpenStack Nova Scheduler Server +After=syslog.target network.target + +[Service] +Type=notify +NotifyAccess=all +TimeoutStartSec=0 +Restart=always +User=nova +ExecStart=/usr/bin/nova-scheduler + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-serialproxy.service b/openstack-nova-serialproxy.service new file mode 100644 index 0000000000000000000000000000000000000000..0888b3a2ab91811dcc3c519d89ef8d23787f5f2e --- /dev/null +++ b/openstack-nova-serialproxy.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Nova Serial Proxy Server +After=syslog.target network.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-serialproxy +Restart=on-failure + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova-spicehtml5proxy.service b/openstack-nova-spicehtml5proxy.service new file mode 100644 index 0000000000000000000000000000000000000000..c5dc91aec0f5b5a964d17cd5888f750935730445 --- /dev/null +++ b/openstack-nova-spicehtml5proxy.service @@ -0,0 +1,13 @@ +[Unit] +Description=OpenStack Nova Spice HTML5 Proxy Server +After=syslog.target network.target + +[Service] +Type=simple +User=nova +ExecStart=/usr/bin/nova-spicehtml5proxy +Restart=on-failure + +[Install] +WantedBy=multi-user.target + diff --git a/openstack-nova.spec b/openstack-nova.spec new file mode 100644 index 0000000000000000000000000000000000000000..129c8554b6cf96d18f5d6559181b772cdfb0b717 --- /dev/null +++ b/openstack-nova.spec @@ -0,0 +1,763 @@ +%{!?upstream_version: %global upstream_version %{version}%{?milestone}} +%global with_doc 0 +%global qemu_version 4.2.0 +%global libvirt_version 7.0.0 + +%global common_desc \ +OpenStack Compute (codename Nova) is open source software designed to \ +provision and manage large networks of virtual machines, creating a \ +redundant and scalable cloud computing platform. It gives you the \ +software, control panels, and APIs required to orchestrate a cloud, \ +including running instances, managing networks, and controlling access \ +through users and projects. OpenStack Compute strives to be both \ +hardware and hypervisor agnostic, currently supporting a variety of \ +standard hardware configurations and seven major hypervisors. + +Name: openstack-nova +# Liberty semver reset +# https://review.openstack.org/#/q/I6a35fa0dda798fad93b804d00a46af80f08d475c,n,z +Version: 27.3.0 +Release: 1 +Summary: OpenStack Compute (nova) + +License: ASL 2.0 +URL: http://openstack.org/projects/compute/ +Source0: https://tarballs.openstack.org/nova/nova-%{upstream_version}.tar.gz + +Source1: nova-dist.conf +Source6: nova.logrotate + +Source10: openstack-nova-api.service +Source12: openstack-nova-compute.service +Source15: openstack-nova-scheduler.service +Source25: openstack-nova-metadata-api.service +Source26: openstack-nova-conductor.service +Source28: openstack-nova-spicehtml5proxy.service +Source29: openstack-nova-novncproxy.service +Source31: openstack-nova-serialproxy.service +Source32: openstack-nova-os-compute-api.service + +Source22: nova-ifc-template +Source24: nova-sudoers +Source30: openstack-nova-novncproxy.sysconfig +Source34: policy.json + +Source35: nova_migration-sudoers +Source36: nova-ssh-config +Source37: nova-migration-wrapper +Source38: nova_migration_identity +Source39: nova_migration_authorized_keys +Source40: nova_migration-rootwrap.conf +Source41: nova_migration-rootwrap_cold_migration + +BuildArch: noarch + +BuildRequires: openstack-macros +BuildRequires: intltool +BuildRequires: python3-devel +BuildRequires: git-core +BuildRequires: python3-oslo-cache +BuildRequires: python3-os-traits +BuildRequires: python3-setuptools +BuildRequires: python3-netaddr +BuildRequires: python3-pbr +BuildRequires: python3-six +BuildRequires: python3-oslo-i18n +BuildRequires: python3-cryptography >= 2.1 +BuildRequires: python3-oslo-policy +# Required for unit tests +BuildRequires: python3-barbicanclient +BuildRequires: python3-ddt +BuildRequires: python3-ironicclient +# BuildRequires: python3-mox3 +BuildRequires: python3-os-testr +BuildRequires: python3-os-vif +BuildRequires: python3-oslo-rootwrap +BuildRequires: python3-oslotest +BuildRequires: python3-osprofiler +BuildRequires: python3-subunit +BuildRequires: python3-testrepository +BuildRequires: python3-testresources +BuildRequires: python3-testscenarios +BuildRequires: python3-tooz +BuildRequires: python3-oslo-vmware +BuildRequires: python3-cursive +BuildRequires: python3-os-service-types +BuildRequires: python3-os-resource-classes + +BuildRequires: python3-requests-mock +BuildRequires: /usr/bin/pathfix.py + +Requires: openstack-nova-compute = %{version}-%{release} +Requires: openstack-nova-scheduler = %{version}-%{release} +Requires: openstack-nova-api = %{version}-%{release} +Requires: openstack-nova-conductor = %{version}-%{release} +Requires: openstack-nova-novncproxy = %{version}-%{release} +Requires: openstack-nova-migration = %{version}-%{release} + + +%description +%{common_desc} + +%package common +Summary: Components common to all OpenStack Nova services +Obsoletes: openstack-nova-cert <= 16.0.0-1 +# nova-cells has been retired in train +Obsoletes: openstack-nova-cells < 20.0.0 + +Requires: python3-nova = %{version}-%{release} +%{?systemd_ordering} +Requires(pre): shadow-utils +BuildRequires: systemd +# Required to build nova.conf.sample +BuildRequires: python3-castellan >= 0.16.0 +BuildRequires: python3-glanceclient +BuildRequires: python3-keystonemiddleware +BuildRequires: python3-microversion-parse >= 0.2.1 +BuildRequires: python3-os-brick +BuildRequires: python3-oslo-db +BuildRequires: python3-oslo-reports +BuildRequires: python3-oslo-service +BuildRequires: python3-oslo-versionedobjects +BuildRequires: python3-paramiko +# Required to compile translation files +BuildRequires: python3-babel + +BuildRequires: python3-lxml +BuildRequires: python3-websockify >= 0.9.0 + + +# remove old service subpackage +Obsoletes: %{name}-objectstore + + +%description common +%{common_desc} + +This package contains scripts, config and dependencies shared +between all the OpenStack nova services. + + +%package compute +Summary: OpenStack Nova Virtual Machine control service + +Requires: openstack-nova-common = %{version}-%{release} +Requires: curl +Requires: iscsi-initiator-utils +Requires: iptables +Requires: iptables-services +Requires: ipmitool +Requires: /usr/bin/virsh +Requires: openssh-clients +Requires: rsync +Requires: lvm2 +Requires: python3-cinderclient >= 3.3.0 +Requires: genisoimage + +Requires(pre): qemu >= %{qemu_version} +Requires(pre): qemu-block-rbd >= %{qemu_version} +Requires(pre): qemu-block-ssh >= %{qemu_version} +Requires(pre): python3-libvirt >= %{libvirt_version} +Requires(pre): libvirt-daemon-driver-nodedev >= %{libvirt_version} +Requires(pre): libvirt-daemon-driver-nwfilter >= %{libvirt_version} +Requires(pre): libvirt-daemon-driver-secret >= %{libvirt_version} +Requires(pre): libvirt-daemon-driver-qemu >= %{libvirt_version} +Requires(pre): libvirt-daemon-driver-storage-core >= %{libvirt_version} + +Requires: sg3_utils +Requires: sysfsutils +Requires: libosinfo + +Requires: python3-libguestfs +Requires: python3-libvirt + + +%description compute +%{common_desc} + +This package contains the Nova service for controlling Virtual Machines. + + +%package scheduler +Summary: OpenStack Nova VM distribution service + +Requires: openstack-nova-common = %{version}-%{release} + +%description scheduler +%{common_desc} + +This package contains the service for scheduling where +to run Virtual Machines in the cloud. + + +%package api +Summary: OpenStack Nova API services + +Requires: openstack-nova-common = %{version}-%{release} +Requires: python3-cinderclient >= 3.3.0 + +%description api +%{common_desc} + +This package contains the Nova services providing programmatic access. + +%package conductor +Summary: OpenStack Nova Conductor services + +Requires: openstack-nova-common = %{version}-%{release} + +%description conductor +%{common_desc} + +This package contains the Nova services providing database access for +the compute service + +%package novncproxy +Summary: OpenStack Nova noVNC proxy service + +Requires: openstack-nova-common = %{version}-%{release} +Requires: novnc +Requires: python3-websockify >= 0.9.0 + + +%description novncproxy +%{common_desc} + +This package contains the Nova noVNC Proxy service that can proxy +VNC traffic over browser websockets connections. + +%package spicehtml5proxy +Summary: OpenStack Nova Spice HTML5 console access service + +Requires: openstack-nova-common = %{version}-%{release} +Requires: python3-websockify >= 0.9.0 + +%description spicehtml5proxy +%{common_desc} + +This package contains the Nova services providing the +spice HTML5 console access service to Virtual Machines. + +%package serialproxy +Summary: OpenStack Nova serial console access service + +Requires: openstack-nova-common = %{version}-%{release} +Requires: python3-websockify >= 0.9.0 + +%description serialproxy +%{common_desc} + +This package contains the Nova services providing the \ +serial console access service to Virtual Machines. + +%package migration +Summary: OpenStack Nova Migration + +Requires: openstack-nova-compute = %{version}-%{release} + +%description migration +%{common_desc} + +This package contains scripts and config to support VM migration in Nova. + +%package -n python3-nova +Summary: Nova Python libraries +%{?python_provide:%python_provide python3-nova} + +Requires: openssl +# Require openssh for ssh-keygen +Requires: openssh +Requires: sudo + +Requires: python3-paramiko >= 2.7.1 +Requires: python3-eventlet >= 0.26.1 +Requires: python3-iso8601 >= 0.1.11 +Requires: python3-netaddr >= 0.7.18 +Requires: python3-boto +Requires: python3-stevedore >= 1.20.0 +Requires: python3-sqlalchemy >= 1.2.19 +Requires: python3-alembic >= 0.8.0 +Requires: python3-routes >= 2.3.1 +Requires: python3-webob >= 1.8.2 +Requires: python3-castellan >= 0.16.0 +Requires: python3-cryptography >= 2.7 +Requires: python3-cursive >= 0.2.1 +Requires: python3-dataclasses >= 0.7 +Requires: python3-glanceclient +Requires: python3-greenlet >= 0.4.13 +Requires: python3-keystonemiddleware >= 4.20.0 +Requires: python3-keystoneauth1 >= 3.16.0 +Requires: python3-jinja2 >= 2.10 +Requires: python3-jsonschema >= 3.2.0 +Requires: python3-microversion-parse >= 0.2.1 +Requires: python3-neutronclient >= 6.7.0 +Requires: python3-novaclient >= 2.30.1 +Requires: python3-openstacksdk >= 0.35.0 +Requires: python3-os-brick >= 4.2.0 +Requires: python3-os-resource-classes >= 0.4.0 +Requires: python3-os-traits >= 2.5.0 +Requires: python3-oslo-cache >= 1.26.0 +Requires: python3-oslo-concurrency >= 4.3.0 +Requires: python3-oslo-config >= 6.8.0 +Requires: python3-oslo-context >= 3.1.1 +Requires: python3-oslo-db >= 4.44.0 +Requires: python3-oslo-i18n >= 5.0.1 +Requires: python3-oslo-limit >= 1.5.0 +Requires: python3-oslo-log >= 4.4.0 +Requires: python3-oslo-messaging >= 10.3.0 +Requires: python3-oslo-middleware >= 3.31.0 +Requires: python3-oslo-policy >= 3.6.0 +Requires: python3-oslo-privsep >= 2.4.0 +Requires: python3-oslo-reports >= 1.18.0 +Requires: python3-oslo-rootwrap >= 5.8.0 +Requires: python3-oslo-serialization >= 4.0.1 +Requires: python3-oslo-service >= 2.4.0 +Requires: python3-oslo-upgradecheck >= 1.3.0 +Requires: python3-oslo-utils >= 4.7.0 +Requires: python3-oslo-versionedobjects >= 1.35.0 +Requires: python3-os-vif >= 1.14.0 +Requires: python3-oslo-vmware >= 1.16.0 +Requires: python3-pbr >= 5.5.0 +Requires: python3-prettytable >= 0.7.1 +Requires: python3-psutil >= 3.2.2 +Requires: python3-requests >= 2.23.0 +Requires: python3-rfc3986 >= 1.2.0 +Requires: python3-taskflow >= 3.8.0 +Requires: python3-tooz >= 1.58.0 +Requires: python3-os-service-types >= 1.7.0 +Requires: python3-dateutil >= 2.6.0 +Requires: python3-futurist >= 1.8.0 + +Requires: python3-decorator >= 4.1.0 +Requires: python3-lxml >= 4.2.3 +Requires: python3-ldap +Requires: python3-memcached +Requires: python3-sqlalchemy-migrate +Requires: python3-paste >= 2.0.2 +Requires: python3-paste-deploy >= 1.5.0 +Requires: python3-netifaces >= 0.10.4 +Requires: python3-retrying >= 1.3.3 +Requires: python3-yaml >= 5.1 + +%description -n python3-nova +%{common_desc} + +This package contains the nova Python library. + +%package -n python3-nova-tests +Summary: Nova tests +%{?python_provide:%python_provide python3-nova-tests} +Requires: openstack-nova = %{version}-%{release} + +%description -n python3-nova-tests +%{common_desc} + +This package contains the nova Python library. + +%if 0%{?with_doc} +%package doc +Summary: Documentation for OpenStack Compute + +BuildRequires: graphviz +# Required by build_sphinx for man and doc building +BuildRequires: python3-openstackdocstheme +BuildRequires: python3-sphinxcontrib-actdiag +BuildRequires: python3-sphinxcontrib-seqdiag +# Required to build module documents +BuildRequires: python3-boto +BuildRequires: python3-eventlet +BuildRequires: python3-barbicanclient +BuildRequires: python3-cinderclient +BuildRequires: python3-keystoneclient +BuildRequires: python3-neutronclient +BuildRequires: python3-os-win +BuildRequires: python3-oslo-config +BuildRequires: python3-oslo-log +BuildRequires: python3-oslo-messaging +BuildRequires: python3-oslo-utils +BuildRequires: python3-rfc3986 >= 1.1.0 +BuildRequires: python3-routes +BuildRequires: python3-sphinx +BuildRequires: python3-sphinxcontrib-actdiag +BuildRequires: python3-sphinxcontrib-seqdiag +BuildRequires: python3-sqlalchemy +BuildRequires: python3-webob +BuildRequires: python3-iso8601 + +BuildRequires: python3-redis +BuildRequires: python3-zmq +BuildRequires: python3-sqlalchemy-migrate + +%description doc +%{common_desc} + +This package contains documentation files for nova. +%endif + +%prep +%autosetup -n nova-%{upstream_version} -p1 + +find . \( -name .gitignore -o -name .placeholder \) -delete + +find nova -name \*.py -exec sed -i '/\/usr\/bin\/env python/{d;q}' {} + + +# Remove the requirements file so that pbr hooks don't add it +# to distutils requiers_dist config +%py_req_cleanup + +%build +PYTHONPATH=. oslo-config-generator --config-file=etc/nova/nova-config-generator.conf +# Generate a sample policy.yaml file for documentation purposes only +PYTHONPATH=. oslopolicy-sample-generator --config-file=etc/nova/nova-policy-generator.conf + +%{py3_build} + +# Generate i18n files +# (amoralej) we can remove '-D nova' once https://review.openstack.org/#/c/439500/ is merged +%{__python3} setup.py compile_catalog -d build/lib/nova/locale -D nova + +# Avoid http://bugzilla.redhat.com/1059815. Remove when that is closed +sed -i 's|group/name|group;name|; s|\[DEFAULT\]/|DEFAULT;|' etc/nova/nova.conf.sample + +# Programmatically update defaults in sample config +# which is installed at /etc/nova/nova.conf + +# First we ensure all values are commented in appropriate format. +# Since icehouse, there was an uncommented keystone_authtoken section +# at the end of the file which mimics but also conflicted with our +# distro editing that had been done for many releases. +sed -i '/^[^#[]/{s/^/#/; s/ //g}; /^#[^ ]/s/ = /=/' etc/nova/nova.conf.sample + +# TODO: Make this more robust +# Note it only edits the first occurrence, so assumes a section ordering in sample +# and also doesn't support multi-valued variables like dhcpbridge_flagfile. +while read name eq value; do + test "$name" && test "$value" || continue + sed -i "0,/^# *$name=/{s!^# *$name=.*!#$name=$value!}" etc/nova/nova.conf.sample +done < %{SOURCE1} + +%install +%{py3_install} + +export PYTHONPATH=. +%if 0%{?with_doc} +sphinx-build -b html doc/source doc/build/html +rm -rf doc/build/html/.{doctrees,buildinfo} +%endif + +%if 0%{?with_doc} +sphinx-build -b man doc/source doc/build/man +mkdir -p %{buildroot}%{_mandir}/man1 +install -p -D -m 644 doc/build/man/*.1 %{buildroot}%{_mandir}/man1/ +%endif + +# Setup directories +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova/buckets +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova/instances +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova/keys +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova/networks +install -d -m 755 %{buildroot}%{_sharedstatedir}/nova/tmp +install -d -m 750 %{buildroot}%{_localstatedir}/log/nova +install -d -m 700 %{buildroot}%{_sharedstatedir}/nova/.ssh + +# Install config files +install -d -m 755 %{buildroot}%{_sysconfdir}/nova +install -p -D -m 640 %{SOURCE1} %{buildroot}%{_datarootdir}/nova/nova-dist.conf +install -p -D -m 640 etc/nova/nova.conf.sample %{buildroot}%{_sysconfdir}/nova/nova.conf +install -p -D -m 640 etc/nova/rootwrap.conf %{buildroot}%{_sysconfdir}/nova/rootwrap.conf +install -p -D -m 640 etc/nova/api-paste.ini %{buildroot}%{_sysconfdir}/nova/api-paste.ini +install -d -m 755 %{buildroot}%{_sysconfdir}/nova/migration +install -p -D -m 600 %{SOURCE38} %{buildroot}%{_sysconfdir}/nova/migration/identity +install -p -D -m 644 %{SOURCE39} %{buildroot}%{_sysconfdir}/nova/migration/authorized_keys +install -p -D -m 640 %{SOURCE40} %{buildroot}%{_sysconfdir}/nova/migration/rootwrap.conf +install -d -m 755 %{buildroot}%{_sysconfdir}/nova/migration/rootwrap.d +install -p -D -m 640 %{SOURCE41} %{buildroot}%{_sysconfdir}/nova/migration/rootwrap.d/cold_migration.filters + +# Install empty policy.json file to cover rpm updates with untouched policy files. +install -p -D -m 640 %{SOURCE34} %{buildroot}%{_sysconfdir}/nova/policy.json + +# Install version info file +cat > %{buildroot}%{_sysconfdir}/nova/release < os_xenapi/client.py </dev/null || groupadd -r nova --gid 162 +if ! getent passwd nova >/dev/null; then + useradd -u 162 -r -g nova -G nova,nobody -d %{_sharedstatedir}/nova -s /sbin/nologin -c "OpenStack Nova Daemons" nova +fi +exit 0 + +%pre compute +usermod -a -G qemu nova +usermod -a -G libvirt nova +%pre migration +getent group nova_migration >/dev/null || groupadd -r nova_migration +getent passwd nova_migration >/dev/null || \ + useradd -r -g nova_migration -d / -s /bin/bash -c "OpenStack Nova Migration" nova_migration +exit 0 + +%post compute +%systemd_post %{name}-compute.service +%post scheduler +%systemd_post %{name}-scheduler.service +%post api +%systemd_post %{name}-api.service %{name}-metadata-api.service %{name}-os-compute-api.service +%post conductor +%systemd_post %{name}-conductor.service +%post novncproxy +%systemd_post %{name}-novncproxy.service +%post spicehtml5proxy +%systemd_post %{name}-spicehtml5proxy.service +%post serialproxy +%systemd_post %{name}-serialproxy.service + +%preun compute +%systemd_preun %{name}-compute.service +%preun scheduler +%systemd_preun %{name}-scheduler.service +%preun api +%systemd_preun %{name}-api.service %{name}-metadata-api.service %{name}-os-compute-api.service +%preun conductor +%systemd_preun %{name}-conductor.service +%preun novncproxy +%systemd_preun %{name}-novncproxy.service +%preun spicehtml5proxy +%systemd_preun %{name}-spicehtml5proxy.service +%preun serialproxy +%systemd_preun %{name}-serialproxy.service + +%postun compute +%systemd_postun_with_restart %{name}-compute.service +%postun scheduler +%systemd_postun_with_restart %{name}-scheduler.service +%postun api +%systemd_postun_with_restart %{name}-api.service %{name}-metadata-api.service %{name}-os-compute-api.service +%postun conductor +%systemd_postun_with_restart %{name}-conductor.service +%postun novncproxy +%systemd_postun_with_restart %{name}-novncproxy.service +%postun spicehtml5proxy +%systemd_postun_with_restart %{name}-spicehtml5proxy.service +%postun serialproxy +%systemd_postun_with_restart %{name}-serialproxy.service + +%files + +%files common -f nova.lang +%license LICENSE +%doc etc/nova/policy.yaml.sample +%dir %{_datarootdir}/nova +%attr(-, root, nova) %{_datarootdir}/nova/nova-dist.conf +%{_datarootdir}/nova/interfaces.template +%dir %{_sysconfdir}/nova +%{_sysconfdir}/nova/release +%config(noreplace) %attr(-, root, nova) %{_sysconfdir}/nova/nova.conf +%config(noreplace) %attr(-, root, nova) %{_sysconfdir}/nova/api-paste.ini +%config(noreplace) %attr(-, root, nova) %{_sysconfdir}/nova/rootwrap.conf +%config(noreplace) %attr(-, root, nova) %{_sysconfdir}/nova/policy.json +%config(noreplace) %{_sysconfdir}/logrotate.d/openstack-nova +%config(noreplace) %{_sysconfdir}/sudoers.d/nova + +%dir %attr(0750, nova, root) %{_localstatedir}/log/nova +%dir %attr(0755, nova, root) %{_localstatedir}/run/nova + +%{_bindir}/nova-manage +%{_bindir}/nova-policy +%{_bindir}/nova-rootwrap +%{_bindir}/nova-rootwrap-daemon +%{_bindir}/nova-status + +%if 0%{?with_doc} +%{_mandir}/man1/nova*.1.gz +%endif + +%defattr(-, nova, nova, -) +%dir %{_sharedstatedir}/nova +%dir %{_sharedstatedir}/nova/buckets +%dir %{_sharedstatedir}/nova/instances +%dir %{_sharedstatedir}/nova/keys +%dir %{_sharedstatedir}/nova/networks +%dir %{_sharedstatedir}/nova/tmp + +%files compute +%{_bindir}/nova-compute +%{_unitdir}/openstack-nova-compute.service +%{_datarootdir}/nova/rootwrap/compute.filters + +%files scheduler +%{_bindir}/nova-scheduler +%{_unitdir}/openstack-nova-scheduler.service + +%files api +%{_bindir}/nova-api* +%{_bindir}/nova-metadata-wsgi +%{_unitdir}/openstack-nova-*api.service + +%files conductor +%{_bindir}/nova-conductor +%{_unitdir}/openstack-nova-conductor.service + +%files novncproxy +%{_bindir}/nova-novncproxy +%{_unitdir}/openstack-nova-novncproxy.service +%config(noreplace) %{_sysconfdir}/sysconfig/openstack-nova-novncproxy + +%files spicehtml5proxy +%{_bindir}/nova-spicehtml5proxy +%{_unitdir}/openstack-nova-spicehtml5proxy.service + +%files serialproxy +%{_bindir}/nova-serialproxy +%{_unitdir}/openstack-nova-serialproxy.service + +%files migration +%{_bindir}/nova-migration-wrapper +%config(noreplace) %{_sysconfdir}/sudoers.d/nova_migration +%dir %attr(0700, nova, nova) %{_sharedstatedir}/nova/.ssh +%attr(0600, nova, nova) %{_sharedstatedir}/nova/.ssh/config +%dir %{_sysconfdir}/nova/migration +%config(noreplace) %attr(0640, root, nova_migration) %{_sysconfdir}/nova/migration/authorized_keys +%config(noreplace) %attr(0600, nova, nova) %{_sysconfdir}/nova/migration/identity +%config(noreplace) %attr(0640, root, root) %{_sysconfdir}/nova/migration/rootwrap.conf +%dir %{_sysconfdir}/nova/migration/rootwrap.d +%config(noreplace) %attr(0640, root, root) %{_sysconfdir}/nova/migration/rootwrap.d/cold_migration.filters + +%files -n python3-nova +%license LICENSE +%{python3_sitelib}/nova +%{python3_sitelib}/nova-*.egg-info +%exclude %{python3_sitelib}/nova/tests + +%files -n python3-nova-tests +%license LICENSE +%{python3_sitelib}/nova/tests + +%if 0%{?with_doc} +%files doc +%license LICENSE +%doc doc/build/html +%endif + +%changelog +* Tue May 21 2024 OpenStack_SIG - 27.3.0-1 +- Upgrade package to version 27.3.0 +- Update the value of qemu_version and libvirt_version macros to 2023.1 min limit + +* Thu Apr 11 2024 wangjing - 27.2.0-1 +- update package of version 27.2.0 + +* Mon Jul 18 2022 renliang16 - 25.0.0-2 +- Fixed bug with no module named oslo_limit + +* Mon Jul 18 2022 OpenStack_SIG - 25.0.0-1 +- Upgrade package to version 25.0.0 + +* Thu Sep 09 2021 ffrog - 23.0.1-5 +- Fix the bugs about downgrading the version requirement of qemu from 4.2.0 to 4.1.0 + +* Tue Sep 07 2021 ffrog - 23.0.1-4 +- Downgrade the version requirement of qemu from 4.2.0 to 4.1.0 + +* Tue Aug 24 2021 huangtianhua - 23.0.1-3 +- Fix requires errors + +* Tue Aug 24 2021 wangxiyuan - 23.0.1-2 +- Drop lxc related requires. + +* Fri Jul 23 2021 liksh 23.0.1-1 +- Update to 23.0.1 + +* Sat Feb 20 2021 wangxiyuan +- Fix require issue + +* Fri Jan 15 2021 joec88 +- openEuler build version + diff --git a/policy.json b/policy.json new file mode 100644 index 0000000000000000000000000000000000000000..2c63c0851048d8f7bff41ecf0f8cee05f52fd120 --- /dev/null +++ b/policy.json @@ -0,0 +1,2 @@ +{ +}