summaryrefslogtreecommitdiffstats
path: root/juju
diff options
context:
space:
mode:
Diffstat (limited to 'juju')
-rwxr-xr-xjuju/configure-juju-on-openstack153
-rwxr-xr-xjuju/get-cloud-images22
-rwxr-xr-xjuju/joid-configure-openstack146
3 files changed, 321 insertions, 0 deletions
diff --git a/juju/configure-juju-on-openstack b/juju/configure-juju-on-openstack
new file mode 100755
index 00000000..f320146e
--- /dev/null
+++ b/juju/configure-juju-on-openstack
@@ -0,0 +1,153 @@
+#!/bin/bash
+#
+# Copyright (C) 2014 Canonical Ltd.
+#
+# Authors: Nicolas Thomss <nicolas.thomas@canonical.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+
+set -ex
+## TODO use sudo apt-get install python-openstackclient instead
+## examples:
+## openstack ip floating list --format=csv
+##  openstack ip floating create --format=shell ext_net
+## to avoid table parsing..
+## openstack server show -c status --format value my-instance-name
+
+
+echo "This command is run to launch the first instance on a new Orange box Openstack deployment"
+
+source ~/nova.rc
+
+#Create a floating IP for the instance
+if ( nova list | grep jumpserver2 >/dev/null )
+then
+ FLOAT_IP="$(nova list | grep jumpserver2 | awk '{ print $13 }')"
+else
+ FLOAT_IP="$(openstack ip floating create ext-net -c ip -f value)"
+fi
+
+#Launch an instance
+NET_UUID="$(nova net-list | grep private | awk '{ print $2 }')"
+IMAGE_UUID="$(nova image-list | grep Xenial | awk '{ print $2 }')"
+nova list | grep jumpserver2 ||nova boot --flavor m1.small --key-name default --image $IMAGE_UUID --nic net-id=$NET_UUID --security-group default jumpserver2
+# checking jumpserver2 state until active ..
+INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'`
+while [ $INST_STATE != "ACTIVE" ];
+do
+ INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'`
+ echo "Jumpserver2 instance state is: "$INST_STATE" waiting to be active"
+ sleep 1
+done
+sleep 6
+#Associate the floating IP with the new instance
+nova floating-ip-associate jumpserver2 $FLOAT_IP || true
+
+sleep 30
+
+### make it more Readable
+export SSH="ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP"
+
+
+#Add juju stable repo
+$SSH sudo add-apt-repository -y ppa:juju/stable
+
+#SSH into the instance and install Juju
+$SSH sudo apt-get -y update
+
+$SSH sudo apt-get -y install juju python-novaclient python-swiftclient
+
+
+#copy over SSH keys
+scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa* ubuntu@$FLOAT_IP:~/.ssh/
+
+
+#Output a juju cloud file that works on this cloud
+$SSH \
+"echo 'clouds:
+ openstack:
+ type: openstack
+ auth-types: [access-key, userpass]
+ regions:
+ $OS_REGION_NAME:
+ endpoint: $OS_AUTH_URL
+' > os-cloud.yaml"
+$SSH juju add-cloud openstack os-cloud.yaml
+
+#Output a juju cred file that works on this cloud
+$SSH \
+"echo 'credentials:
+ openstack:
+ openstack:
+ auth-type: userpass
+ password: $OS_PASSWORD
+ tenant-name: $OS_TENANT_NAME
+ username: $OS_USERNAME
+' > os-creds.yaml"
+
+$SSH "juju add-credential openstack -f os-creds.yaml"
+
+## Creating images metadata
+$SSH mkdir -p juju-meta
+for s in precise trusty xenial win2012r2
+do
+#Create juju metadata
+ IMAGE_UUID="$(nova image-list | grep -i $s | awk '{ print $2 }')"
+ [ -n "$IMAGE_UUID" ] && $SSH "juju metadata generate-image -a amd64 -u $OS_AUTH_URL -i $IMAGE_UUID -r $OS_REGION_NAME -d juju-meta/ -s $s"
+done
+
+## Generate tools (needed if windows is in).
+$SSH "juju metadata generate-tools -d juju-meta/ "
+
+## upload images and tools streams to swift and make public
+$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \
+ --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \
+upload juju-meta images"
+$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \
+ --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \
+upload juju-meta tools"
+
+$SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \
+ --os-tenant-name $OS_TENANT_NAME post -r '.r:*' juju-meta
+
+## collect the URL for getting the images
+$($SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \
+ --os-tenant-name $OS_TENANT_NAME auth)
+
+###
+###juju bootstrap openstack openstack --config image-metadata-url=http://192.168.16.5/juju/images/ --config network=private --upload-tools --debug -v
+###
+
+my_ip=`ip route | grep src| grep -v virb|grep -v lxcb| head -1| cut -d " " -f 12 `
+#Bootstrap Juju
+##$SSH "juju bootstrap openstack openstack --metadata-source=/var/www/html/juju-meta/ --upload-tools"
+$SSH "juju bootstrap openstack openstack --config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ --config tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ --config network=private"
+
+
+
+## useless if juju floating ip option on.
+#########################################
+#Create a new floating IP and associate with juju bootstrap instance
+#INSTANCE_ID="$(nova list | grep juju-openstack-machine-0 | awk '{ print $2}')"
+#FLOAT_IP2="$(nova floating-ip-create | grep ext_net | awk '{ print $2}')"
+#nova floating-ip-associate $INSTANCE_ID $FLOAT_IP2
+
+#Print the address of Juju-gui for deployments on Openstack
+echo "Now connect to the Juju-GUI at: http://$FLOAT_IP2/ to continue deployments on Openstack."
+echo "Pass: $OS_PASSWORD"
+
+echo "OR Log in to openstack Jumpserver2 to deploy from command line"
+echo "ssh ubuntu@$FLOAT_IP"
+echo " You must set the following if creating a new model:"
+echo " juju set-model-config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ network=private"
+exit
+
diff --git a/juju/get-cloud-images b/juju/get-cloud-images
new file mode 100755
index 00000000..f31d067c
--- /dev/null
+++ b/juju/get-cloud-images
@@ -0,0 +1,22 @@
+#!/bin/bash -e
+
+folder=/srv/data/
+URLS="http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img \
+http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \
+http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img \
+http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img \
+http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 \
+http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img "
+
+for URL in $URLS
+do
+FILENAME=${URL##*/}
+if [ -f $folder/$FILENAME ];
+then
+ echo "$FILENAME already downloaded."
+else
+ wget -O $folder/$FILENAME $URL
+fi
+done
+
+echo "To download Windows image get there : https://cloudbase.it/windows-cloud-images/"
diff --git a/juju/joid-configure-openstack b/juju/joid-configure-openstack
new file mode 100755
index 00000000..a24fa005
--- /dev/null
+++ b/juju/joid-configure-openstack
@@ -0,0 +1,146 @@
+#!/bin/bash
+#
+# Copyright (C) 2014 Canonical Ltd.
+#
+# Authors: Nicolas Thomss <nicolas.thomas@canonical.com>
+#
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, version 3 of the License.
+#
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with this program. If not, see <http://www.gnu.org/licenses/>.
+
+set -ex
+
+echo "This command is run to configure an Orange-Box Openstack deployment"
+
+NEUTRON_FIXED_NET_CIDR="192.168.16.0/22"
+
+#Check if VIP is set on keystone
+#keystone_VIP=`juju get-config keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true`
+keystone_VIP=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true`
+
+keystoneIp() {
+ KEYSTONE=$(juju status keystone |grep public-address|sed -- 's/.*\: //')
+ if [ $(echo $KEYSTONE|wc -w) == 1 ];then
+ echo $KEYSTONE
+ else
+ juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['vip']['value']"
+ fi
+}
+
+if [ -n "$keystone_VIP" ]
+then
+ keystone=$keystone_VIP
+else
+ #if os-public-hostname is set and not VIP assume we need to use those at OpenStack endpoints.
+ keystone=$(keystoneIp)
+ keystone_PUBENDPOINT=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"os-public-hostname\"][\"value\"]"||true`
+fi
+
+
+echo "export SERVICE_ENDPOINT=http://$keystone:35357/v2.0/
+unset SERVICE_TOKEN
+unset SERVICE_ENDPOINT
+export OS_AUTH_URL=http://$keystone:35357/v2.0/
+export OS_USERNAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-user\"][\"value\"]")
+export OS_PASSWORD=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-password\"][\"value\"]")
+export OS_TENANT_NAME=admin
+export OS_REGION_NAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"region\"][\"value\"]")
+" > ~/nova.rc
+
+source ~/nova.rc
+
+# Determine the tenant id for the configured tenant name.
+export TENANT_ID="$(keystone tenant-list | grep $OS_TENANT_NAME | awk '{ print $2 }')"
+
+if [ "$TENANT_ID" = "" ]; then
+ echo "Unable to find tenant ID, keystone auth problem"
+ exit
+fi
+
+echo "Configuring Openstack Neutron Networking"
+
+#create ext network with neutron for floating IPs
+EXTERNAL_NETWORK_ID=$(neutron net-show ext-net | grep " id" | awk '{print $4}')
+
+#Create private network for neutron for tenant VMs
+neutron net-show private > /dev/null 2>&1 || neutron net-create private
+neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8
+SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}')
+
+#Create router for external network and private network
+neutron router-show provider-router > /dev/null 2>&1 || neutron router-create --tenant-id $TENANT_ID provider-router
+ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}')
+
+neutron router-gateway-clear provider-router || true
+neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID
+## make it always ok to have it indempodent.
+neutron router-interface-add $ROUTER_ID $SUBNET_ID || true
+
+
+echo "Configuring security groups for access to ICMP, SSH and RDP by default"
+
+#Configure the default security group to allow ICMP and SSH
+neutron security-group-rule-list default | grep icmp > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp --remote-ip-prefix 0.0.0.0/0 default
+neutron security-group-rule-list default | grep 22 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default
+neutron security-group-rule-list default | grep 3389 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 3389 --port-range-max 3389 --remote-ip-prefix 0.0.0.0/0 default
+
+echo "Uploading default SSH key"
+
+#Upload a default SSH key
+nova keypair-list | grep default > /dev/null 2>&1 || nova keypair-add --pub-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1
+
+echo "Modifying the flavors to be better sized for the Orange Box"
+
+#Modify the flavours to fit better on the OB
+#nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS
+nova flavor-delete m1.tiny > /dev/null 2>&1
+nova flavor-delete m1.small > /dev/null 2>&1
+nova flavor-delete m1.medium > /dev/null 2>&1
+nova flavor-delete m1.large > /dev/null 2>&1
+nova flavor-delete m1.xlarge > /dev/null 2>&1
+nova flavor-create --is-public true m1.tiny auto 512 5 1 > /dev/null 2>&1
+nova flavor-create --is-public true m1.small auto 1024 10 1 > /dev/null 2>&1
+nova flavor-create --is-public true m1.medium auto 2048 10 2 > /dev/null 2>&1
+nova flavor-create --is-public true m1.large auto 3072 10 2 > /dev/null 2>&1
+## need extra for windows image (15g)
+nova flavor-create --is-public true m1.xlarge auto 8096 30 4 > /dev/null 2>&1
+
+echo "modifying default quotas for admin user"
+
+#Modify quotas for the tenant to allow large deployments
+nova quota-update --instances 400 $TENANT_ID
+nova quota-update --cores 800 $TENANT_ID
+nova quota-update --ram 404800 $TENANT_ID
+nova quota-update --security-groups 4000 $TENANT_ID
+nova quota-update --floating-ips -1 $TENANT_ID
+nova quota-update --security-group-rules -1 $TENANT_ID
+
+### need to find how to change quota for the project not the tenant
+
+### modify default quota the same way..
+nova quota-class-update --instances 400 $TENANT_ID
+nova quota-class-update --cores 800 $TENANT_ID
+nova quota-class-update --ram 404800 $TENANT_ID
+nova quota-class-update --security-groups 4000 $TENANT_ID
+nova quota-class-update --floating_ips -1 $TENANT_ID
+nova quota-class-update --security-group-rules -1 $TENANT_ID
+
+echo "Uploading images to glance"
+
+#Upload images to glance
+glance image-show "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img --progress
+glance image-show "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img --progress
+glance image-show "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img --progress
+glance image-show "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img --progress
+glance image-show "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img --progress
+## image name is used by script to generate metadata .. don't screw the series
+#glance image-show "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 --progress
+