From d633215ecb54bbd7b15ee65b7fe88b080c112dd5 Mon Sep 17 00:00:00 2001
From: Roger Luethi <rl@patchworkscience.org>
Date: Fri, 28 Nov 2014 16:47:51 +0100
Subject: [PATCH] labs: reorder setup_neutron_controller.sh

Reorder content of setup_neutron_controller.sh to match the
install-guide. Add comments, tweak echo statements.

Change-Id: Ib2b7518244e3deaac06ace55f9ca779040ad4c3f
---
 labs/scripts/setup_neutron_controller.sh | 95 ++++++++++++------------
 1 file changed, 48 insertions(+), 47 deletions(-)

diff --git a/labs/scripts/setup_neutron_controller.sh b/labs/scripts/setup_neutron_controller.sh
index 9fc70b2f..65c5fb65 100755
--- a/labs/scripts/setup_neutron_controller.sh
+++ b/labs/scripts/setup_neutron_controller.sh
@@ -11,33 +11,14 @@ indicate_current_auto
 
 #------------------------------------------------------------------------------
 # Set up OpenStack Networking (neutron) for controller node.
+# http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-controller-node.html
 #------------------------------------------------------------------------------
 
-echo "Installing neutron for controller node."
-sudo apt-get install -y neutron-server neutron-plugin-ml2
-
 echo "Setting up database for neutron."
 setup_database neutron
 
-function get_database_url {
-    local db_user=$(service_to_db_user neutron)
-    local db_password=$(service_to_db_password neutron)
-    local database_host=controller-mgmt
-
-    echo "mysql://$db_user:$db_password@$database_host/neutron"
-}
-
-database_url=$(get_database_url)
-
-echo "Configuring neutron for controller node."
-
-echo "Setting database connection: $database_url."
-iniset_sudo /etc/neutron/neutron.conf database connection "$database_url"
-
 neutron_admin_user=$(service_to_user_name neutron)
 neutron_admin_password=$(service_to_user_password neutron)
-nova_admin_user=$(service_to_user_name nova)
-nova_admin_password=$(service_to_user_password nova)
 
 echo "Creating neutron user and giving it admin role under service tenant."
 keystone user-create \
@@ -50,20 +31,61 @@ keystone user-role-add \
     --tenant "$SERVICE_TENANT_NAME" \
     --role "$ADMIN_ROLE_NAME"
 
-echo "Configuring neutron to use keystone for authentication."
-echo "Configuring neutron.conf"
+echo "Registering neutron with keystone so that other services can locate it."
+keystone service-create \
+    --name neutron \
+    --type network \
+    --description "OpenStack Networking"
+
+neutron_service_id=$(keystone service-list | awk '/ network / {print $2}')
+keystone endpoint-create \
+    --service-id "$neutron_service_id" \
+    --publicurl "http://controller-api:9696" \
+    --adminurl "http://controller-mgmt:9696" \
+    --internalurl "http://controller-mgmt:9696"
+
+echo "Installing neutron for controller node."
+sudo apt-get install -y neutron-server neutron-plugin-ml2
+
+echo "Configuring neutron for controller node."
+
+function get_database_url {
+    local db_user=$(service_to_db_user neutron)
+    local db_password=$(service_to_db_password neutron)
+    local database_host=controller-mgmt
+
+    echo "mysql://$db_user:$db_password@$database_host/neutron"
+}
+
+database_url=$(get_database_url)
+
+echo "Setting database connection: $database_url."
 conf=/etc/neutron/neutron.conf
-service_tenant_id=$(keystone tenant-get "$SERVICE_TENANT_NAME" | awk '/ id / {print $4}')
-echo "Service tenant id: $service_tenant_id"
+iniset_sudo $conf database connection "$database_url"
 
 # Configuring [DEFAULT] section
 iniset_sudo $conf DEFAULT auth_strategy keystone
 
+# Configuring [keystone_authtoken] section
+iniset_sudo $conf keystone_authtoken auth_uri "http://controller-mgmt:5000"
+iniset_sudo $conf keystone_authtoken auth_host controller-mgmt
+iniset_sudo $conf keystone_authtoken auth_protocol http
+iniset_sudo $conf keystone_authtoken auth_port 35357
+iniset_sudo $conf keystone_authtoken admin_tenant_name "$SERVICE_TENANT_NAME"
+iniset_sudo $conf keystone_authtoken admin_user "$neutron_admin_user"
+iniset_sudo $conf keystone_authtoken admin_password "$neutron_admin_password"
+
 # Configure AMQP parameters
 iniset_sudo $conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_kombu
 iniset_sudo $conf DEFAULT rabbit_host controller-mgmt
 iniset_sudo $conf DEFAULT rabbit_password "$RABBIT_PASSWORD"
 
+nova_admin_user=$(service_to_user_name nova)
+nova_admin_password=$(service_to_user_password nova)
+
+service_tenant_id=$(keystone tenant-get "$SERVICE_TENANT_NAME" | awk '/ id / {print $4}')
+echo "Service tenant id: $service_tenant_id"
+
 # Configure nova related parameters
 iniset_sudo $conf DEFAULT notify_nova_on_port_status_changes True
 iniset_sudo $conf DEFAULT notify_nova_on_port_data_changes True
@@ -78,28 +100,6 @@ iniset_sudo $conf DEFAULT core_plugin ml2
 iniset_sudo $conf DEFAULT service_plugins router
 iniset_sudo $conf DEFAULT allow_overlapping_ips True
 
-# Configuring [keystone_authtoken] section
-iniset_sudo $conf keystone_authtoken auth_uri "http://controller-mgmt:5000"
-iniset_sudo $conf keystone_authtoken auth_host controller-mgmt
-iniset_sudo $conf keystone_authtoken auth_protocol http
-iniset_sudo $conf keystone_authtoken auth_port 35357
-iniset_sudo $conf keystone_authtoken admin_tenant_name "$SERVICE_TENANT_NAME"
-iniset_sudo $conf keystone_authtoken admin_user "$neutron_admin_user"
-iniset_sudo $conf keystone_authtoken admin_password "$neutron_admin_password"
-
-echo "Registering neutron with keystone so that other services can locate it."
-keystone service-create \
-    --name neutron \
-    --type network \
-    --description "OpenStack Networking"
-
-neutron_service_id=$(keystone service-list | awk '/ network / {print $2}')
-keystone endpoint-create \
-    --service-id "$neutron_service_id" \
-    --publicurl "http://controller-api:9696" \
-    --adminurl "http://controller-mgmt:9696" \
-    --internalurl "http://controller-mgmt:9696"
-
 echo "Configuring the OVS plug-in to use GRE tunneling."
 conf=/etc/neutron/plugins/ml2/ml2_conf.ini
 
@@ -115,7 +115,6 @@ iniset_sudo $conf ml2_type_gre tunnel_id_ranges 1:1000
 iniset_sudo $conf securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
 iniset_sudo $conf securitygroup enable_security_group True
 
-
 echo "Configure Compute to use Networking"
 conf=/etc/nova/nova.conf
 iniset_sudo $conf DEFAULT network_api_class nova.network.neutronv2.api.API
@@ -128,6 +127,8 @@ iniset_sudo $conf DEFAULT neutron_admin_auth_url http://controller-mgmt:35357/v2
 iniset_sudo $conf DEFAULT linuxnet_interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
 iniset_sudo $conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
 iniset_sudo $conf DEFAULT security_group_api neutron
+# service_neutron_metadata_proxy, neutron_metadata_proxy_shared_secret from:
+# http://docs.openstack.org/icehouse/install-guide/install/apt/content/neutron-ml2-network-node.html
 iniset_sudo $conf DEFAULT service_neutron_metadata_proxy true
 iniset_sudo $conf DEFAULT neutron_metadata_proxy_shared_secret "$METADATA_SECRET"