diff options
-rwxr-xr-x | ci/deploy.sh | 6 | ||||
-rwxr-xr-x | juju/configure-juju-on-openstack | 7 | ||||
-rwxr-xr-x | juju/joid-configure-openstack | 8 |
3 files changed, 12 insertions, 9 deletions
diff --git a/ci/deploy.sh b/ci/deploy.sh index 7578d821..207482e2 100755 --- a/ci/deploy.sh +++ b/ci/deploy.sh @@ -225,13 +225,15 @@ if ([ $admin_gw ] && [ $admin_gw != "null" ]); then # set default gateway to public api gateway for cnt in $cnt_list; do echo "changing default gw on $cnt" - juju ssh $cnt "sudo ip r d default && sudo ip r a default via $public_api_gw"; - juju ssh $cnt "gw_dev=\$(ip r l | grep 'via $public_api_gw' | cut -d \ -f5) &&\ + if ([ $public_api_gw ] && [ $public_api_gw != "null" ]); then + juju ssh $cnt "sudo ip r d default && sudo ip r a default via $public_api_gw"; + juju ssh $cnt "gw_dev=\$(ip r l | grep 'via $public_api_gw' | cut -d \ -f5) &&\ sudo cp /etc/network/interfaces /etc/network/interfaces.bak &&\ echo 'removing old default gateway' &&\ sudo perl -i -pe 's/^\ *gateway $admin_gw\n$//' /etc/network/interfaces &&\ sudo perl -i -pe \"s/iface \$gw_dev inet static/iface \$gw_dev inet static\\n gateway $public_api_gw/\" /etc/network/interfaces \ "; + fi done fi diff --git a/juju/configure-juju-on-openstack b/juju/configure-juju-on-openstack index 89a6d01f..ad357ce7 100755 --- a/juju/configure-juju-on-openstack +++ b/juju/configure-juju-on-openstack @@ -92,11 +92,10 @@ swift stat simplestreams swift post simplestreams --read-acl .r:* openstack service create --name product-stream --description "Product Simple Stream" product-streams -SWIFT_URL=`openstack endpoint show object-store -c internalurl -f value` - -openstack endpoint create --region $OS_REGION_NAME --publicurl $SWIFT_URL/simplestreams/images \ - --internalurl $SWIFT_URL/simplestreams/images product-streams +SWIFT_URL=`openstack endpoint list --service swift --interface internal -c URL -f value` +openstack endpoint create --region $OS_REGION_NAME product-streams public $SWIFT_URL/simplestreams/images +openstack endpoint create --region $OS_REGION_NAME product-streams internal $SWIFT_URL/simplestreams/images #Output a juju cloud file that works on this cloud echo "clouds: diff --git a/juju/joid-configure-openstack b/juju/joid-configure-openstack index 5df82b87..5887ac73 100755 --- a/juju/joid-configure-openstack +++ b/juju/joid-configure-openstack @@ -54,10 +54,12 @@ neutron router-interface-add $ROUTER_ID $SUBNET_ID || true echo "Configuring security groups for access to ICMP, SSH and RDP by default" +PROJECT_ID=`openstack project list -c ID -f value --domain admin_domain` + #Configure the default security group to allow ICMP and SSH -neutron security-group-rule-list | grep "icmp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp --remote-ip-prefix 0.0.0.0/0 default -neutron security-group-rule-list | grep "22/tcp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default -neutron security-group-rule-list | grep "3389/tcp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 3389 --port-range-max 3389 --remote-ip-prefix 0.0.0.0/0 default +sicmpecuritygroup=`openstack security group list --project "$PROJECT_ID" -c ID -f value` +openstack security group rule list $securitygroup | grep "icmp" > /dev/null 2>&1 || openstack security group rule create --remote-group $securitygroup --ingress --protocol icmp --prefix "0.0.0.0/0"$securitygroup +openstack security group rule list $securitygroup | grep "22/tcp" > /dev/null 2>&1 || openstack security group rule create --remote-group $securitygroup --ingress --protocol tcp --dst-port 22:22 --prefix "0.0.0.0/0" $securitygroup echo "Uploading default SSH key" |