diff options
Diffstat (limited to 'juju')
-rwxr-xr-x | juju/configure-juju-on-openstack | 153 | ||||
-rwxr-xr-x | juju/get-cloud-images | 22 | ||||
-rwxr-xr-x | juju/joid-configure-openstack | 146 |
3 files changed, 321 insertions, 0 deletions
diff --git a/juju/configure-juju-on-openstack b/juju/configure-juju-on-openstack new file mode 100755 index 00000000..f320146e --- /dev/null +++ b/juju/configure-juju-on-openstack @@ -0,0 +1,153 @@ +#!/bin/bash +# +# Copyright (C) 2014 Canonical Ltd. +# +# Authors: Nicolas Thomss <nicolas.thomas@canonical.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 3 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License + +set -ex +## TODO use sudo apt-get install python-openstackclient instead +## examples: +## openstack ip floating list --format=csv +## openstack ip floating create --format=shell ext_net +## to avoid table parsing.. +## openstack server show -c status --format value my-instance-name + + +echo "This command is run to launch the first instance on a new Orange box Openstack deployment" + +source ~/nova.rc + +#Create a floating IP for the instance +if ( nova list | grep jumpserver2 >/dev/null ) +then + FLOAT_IP="$(nova list | grep jumpserver2 | awk '{ print $13 }')" +else + FLOAT_IP="$(openstack ip floating create ext-net -c ip -f value)" +fi + +#Launch an instance +NET_UUID="$(nova net-list | grep private | awk '{ print $2 }')" +IMAGE_UUID="$(nova image-list | grep Xenial | awk '{ print $2 }')" +nova list | grep jumpserver2 ||nova boot --flavor m1.small --key-name default --image $IMAGE_UUID --nic net-id=$NET_UUID --security-group default jumpserver2 +# checking jumpserver2 state until active .. +INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'` +while [ $INST_STATE != "ACTIVE" ]; +do + INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'` + echo "Jumpserver2 instance state is: "$INST_STATE" waiting to be active" + sleep 1 +done +sleep 6 +#Associate the floating IP with the new instance +nova floating-ip-associate jumpserver2 $FLOAT_IP || true + +sleep 30 + +### make it more Readable +export SSH="ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP" + + +#Add juju stable repo +$SSH sudo add-apt-repository -y ppa:juju/stable + +#SSH into the instance and install Juju +$SSH sudo apt-get -y update + +$SSH sudo apt-get -y install juju python-novaclient python-swiftclient + + +#copy over SSH keys +scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa* ubuntu@$FLOAT_IP:~/.ssh/ + + +#Output a juju cloud file that works on this cloud +$SSH \ +"echo 'clouds: + openstack: + type: openstack + auth-types: [access-key, userpass] + regions: + $OS_REGION_NAME: + endpoint: $OS_AUTH_URL +' > os-cloud.yaml" +$SSH juju add-cloud openstack os-cloud.yaml + +#Output a juju cred file that works on this cloud +$SSH \ +"echo 'credentials: + openstack: + openstack: + auth-type: userpass + password: $OS_PASSWORD + tenant-name: $OS_TENANT_NAME + username: $OS_USERNAME +' > os-creds.yaml" + +$SSH "juju add-credential openstack -f os-creds.yaml" + +## Creating images metadata +$SSH mkdir -p juju-meta +for s in precise trusty xenial win2012r2 +do +#Create juju metadata + IMAGE_UUID="$(nova image-list | grep -i $s | awk '{ print $2 }')" + [ -n "$IMAGE_UUID" ] && $SSH "juju metadata generate-image -a amd64 -u $OS_AUTH_URL -i $IMAGE_UUID -r $OS_REGION_NAME -d juju-meta/ -s $s" +done + +## Generate tools (needed if windows is in). +$SSH "juju metadata generate-tools -d juju-meta/ " + +## upload images and tools streams to swift and make public +$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \ + --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \ +upload juju-meta images" +$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \ + --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \ +upload juju-meta tools" + +$SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \ + --os-tenant-name $OS_TENANT_NAME post -r '.r:*' juju-meta + +## collect the URL for getting the images +$($SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \ + --os-tenant-name $OS_TENANT_NAME auth) + +### +###juju bootstrap openstack openstack --config image-metadata-url=http://192.168.16.5/juju/images/ --config network=private --upload-tools --debug -v +### + +my_ip=`ip route | grep src| grep -v virb|grep -v lxcb| head -1| cut -d " " -f 12 ` +#Bootstrap Juju +##$SSH "juju bootstrap openstack openstack --metadata-source=/var/www/html/juju-meta/ --upload-tools" +$SSH "juju bootstrap openstack openstack --config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ --config tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ --config network=private" + + + +## useless if juju floating ip option on. +######################################### +#Create a new floating IP and associate with juju bootstrap instance +#INSTANCE_ID="$(nova list | grep juju-openstack-machine-0 | awk '{ print $2}')" +#FLOAT_IP2="$(nova floating-ip-create | grep ext_net | awk '{ print $2}')" +#nova floating-ip-associate $INSTANCE_ID $FLOAT_IP2 + +#Print the address of Juju-gui for deployments on Openstack +echo "Now connect to the Juju-GUI at: http://$FLOAT_IP2/ to continue deployments on Openstack." +echo "Pass: $OS_PASSWORD" + +echo "OR Log in to openstack Jumpserver2 to deploy from command line" +echo "ssh ubuntu@$FLOAT_IP" +echo " You must set the following if creating a new model:" +echo " juju set-model-config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ network=private" +exit + diff --git a/juju/get-cloud-images b/juju/get-cloud-images new file mode 100755 index 00000000..f31d067c --- /dev/null +++ b/juju/get-cloud-images @@ -0,0 +1,22 @@ +#!/bin/bash -e + +folder=/srv/data/ +URLS="http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img \ +http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \ +http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img \ +http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img \ +http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 \ +http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img " + +for URL in $URLS +do +FILENAME=${URL##*/} +if [ -f $folder/$FILENAME ]; +then + echo "$FILENAME already downloaded." +else + wget -O $folder/$FILENAME $URL +fi +done + +echo "To download Windows image get there : https://cloudbase.it/windows-cloud-images/" diff --git a/juju/joid-configure-openstack b/juju/joid-configure-openstack new file mode 100755 index 00000000..a24fa005 --- /dev/null +++ b/juju/joid-configure-openstack @@ -0,0 +1,146 @@ +#!/bin/bash +# +# Copyright (C) 2014 Canonical Ltd. +# +# Authors: Nicolas Thomss <nicolas.thomas@canonical.com> +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, version 3 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +set -ex + +echo "This command is run to configure an Orange-Box Openstack deployment" + +NEUTRON_FIXED_NET_CIDR="192.168.16.0/22" + +#Check if VIP is set on keystone +#keystone_VIP=`juju get-config keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true` +keystone_VIP=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true` + +keystoneIp() { + KEYSTONE=$(juju status keystone |grep public-address|sed -- 's/.*\: //') + if [ $(echo $KEYSTONE|wc -w) == 1 ];then + echo $KEYSTONE + else + juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['vip']['value']" + fi +} + +if [ -n "$keystone_VIP" ] +then + keystone=$keystone_VIP +else + #if os-public-hostname is set and not VIP assume we need to use those at OpenStack endpoints. + keystone=$(keystoneIp) + keystone_PUBENDPOINT=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"os-public-hostname\"][\"value\"]"||true` +fi + + +echo "export SERVICE_ENDPOINT=http://$keystone:35357/v2.0/ +unset SERVICE_TOKEN +unset SERVICE_ENDPOINT +export OS_AUTH_URL=http://$keystone:35357/v2.0/ +export OS_USERNAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-user\"][\"value\"]") +export OS_PASSWORD=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-password\"][\"value\"]") +export OS_TENANT_NAME=admin +export OS_REGION_NAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"region\"][\"value\"]") +" > ~/nova.rc + +source ~/nova.rc + +# Determine the tenant id for the configured tenant name. +export TENANT_ID="$(keystone tenant-list | grep $OS_TENANT_NAME | awk '{ print $2 }')" + +if [ "$TENANT_ID" = "" ]; then + echo "Unable to find tenant ID, keystone auth problem" + exit +fi + +echo "Configuring Openstack Neutron Networking" + +#create ext network with neutron for floating IPs +EXTERNAL_NETWORK_ID=$(neutron net-show ext-net | grep " id" | awk '{print $4}') + +#Create private network for neutron for tenant VMs +neutron net-show private > /dev/null 2>&1 || neutron net-create private +neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8 +SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}') + +#Create router for external network and private network +neutron router-show provider-router > /dev/null 2>&1 || neutron router-create --tenant-id $TENANT_ID provider-router +ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}') + +neutron router-gateway-clear provider-router || true +neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID +## make it always ok to have it indempodent. +neutron router-interface-add $ROUTER_ID $SUBNET_ID || true + + +echo "Configuring security groups for access to ICMP, SSH and RDP by default" + +#Configure the default security group to allow ICMP and SSH +neutron security-group-rule-list default | grep icmp > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp --remote-ip-prefix 0.0.0.0/0 default +neutron security-group-rule-list default | grep 22 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default +neutron security-group-rule-list default | grep 3389 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 3389 --port-range-max 3389 --remote-ip-prefix 0.0.0.0/0 default + +echo "Uploading default SSH key" + +#Upload a default SSH key +nova keypair-list | grep default > /dev/null 2>&1 || nova keypair-add --pub-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1 + +echo "Modifying the flavors to be better sized for the Orange Box" + +#Modify the flavours to fit better on the OB +#nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS +nova flavor-delete m1.tiny > /dev/null 2>&1 +nova flavor-delete m1.small > /dev/null 2>&1 +nova flavor-delete m1.medium > /dev/null 2>&1 +nova flavor-delete m1.large > /dev/null 2>&1 +nova flavor-delete m1.xlarge > /dev/null 2>&1 +nova flavor-create --is-public true m1.tiny auto 512 5 1 > /dev/null 2>&1 +nova flavor-create --is-public true m1.small auto 1024 10 1 > /dev/null 2>&1 +nova flavor-create --is-public true m1.medium auto 2048 10 2 > /dev/null 2>&1 +nova flavor-create --is-public true m1.large auto 3072 10 2 > /dev/null 2>&1 +## need extra for windows image (15g) +nova flavor-create --is-public true m1.xlarge auto 8096 30 4 > /dev/null 2>&1 + +echo "modifying default quotas for admin user" + +#Modify quotas for the tenant to allow large deployments +nova quota-update --instances 400 $TENANT_ID +nova quota-update --cores 800 $TENANT_ID +nova quota-update --ram 404800 $TENANT_ID +nova quota-update --security-groups 4000 $TENANT_ID +nova quota-update --floating-ips -1 $TENANT_ID +nova quota-update --security-group-rules -1 $TENANT_ID + +### need to find how to change quota for the project not the tenant + +### modify default quota the same way.. +nova quota-class-update --instances 400 $TENANT_ID +nova quota-class-update --cores 800 $TENANT_ID +nova quota-class-update --ram 404800 $TENANT_ID +nova quota-class-update --security-groups 4000 $TENANT_ID +nova quota-class-update --floating_ips -1 $TENANT_ID +nova quota-class-update --security-group-rules -1 $TENANT_ID + +echo "Uploading images to glance" + +#Upload images to glance +glance image-show "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img --progress +glance image-show "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img --progress +glance image-show "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img --progress +glance image-show "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img --progress +glance image-show "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img --progress +## image name is used by script to generate metadata .. don't screw the series +#glance image-show "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 --progress + |