#!/bin/bash # # Copyright (C) 2014 Canonical Ltd. # # Authors: Nicolas Thomss # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. # You may obtain a copy of the License at # # http://www.apache.org/licenses/LICENSE-2.0 # # Unless required by applicable law or agreed to in writing, software # distributed under the License is distributed on an "AS IS" BASIS, # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. # See the License for the specific language governing permissions and # limitations under the License. set -ex echo "This command is run to configure an Orange-Box Openstack deployment" NEUTRON_FIXED_NET_CIDR="192.168.16.0/22" source ~/joid_config/admin-openrc # Determine the tenant id for the configured tenant name. export TENANT_ID="$(openstack project list | grep $OS_TENANT_NAME | awk '{ print $2 }')" if [ "$TENANT_ID" = "" ]; then echo "Unable to find tenant ID, keystone auth problem" exit fi echo "Configuring Openstack Neutron Networking" #create ext network with neutron for floating IPs EXTERNAL_NETWORK_ID=$(neutron net-show ext-net | grep " id" | awk '{print $4}') #Create private network for neutron for tenant VMs neutron net-show private > /dev/null 2>&1 || neutron net-create private neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8 SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}') #Create router for external network and private network openstack router list provider-router > /dev/null 2>&1 || openstack router create --project-domain=$OS_PROJECT_DOMAIN_NAME --project $OS_PROJECT_NAME provider-router ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}') neutron router-gateway-clear provider-router || true neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID ## make it always ok to have it indempodent. neutron router-interface-add $ROUTER_ID $SUBNET_ID || true echo "Configuring security groups for access to ICMP, SSH and RDP by default" PROJECT_ID=`openstack project list -c ID -f value --domain admin_domain` #Configure the default security group to allow ICMP and SSH sicmpecuritygroup=`openstack security group list --project "$PROJECT_ID" -c ID -f value` openstack security group rule list $securitygroup | grep "icmp" > /dev/null 2>&1 || openstack security group rule create --remote-group $securitygroup --ingress --protocol icmp --prefix "0.0.0.0/0"$securitygroup openstack security group rule list $securitygroup | grep "22/tcp" > /dev/null 2>&1 || openstack security group rule create --remote-group $securitygroup --ingress --protocol tcp --dst-port 22:22 --prefix "0.0.0.0/0" $securitygroup echo "Uploading default SSH key" #Upload a default SSH key openstack keypair list | grep default > /dev/null 2>&1 || openstack keypair create --public-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1 echo "Modifying the flavors to be better sized for the Orange Box" #Modify the flavours to fit better on the OB #nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS openstack flavor show m1.tiny > /dev/null 2>&1 || openstack flavor create --ram 512 --disk 5 --vcpus 1 --public m1.tiny > /dev/null 2>&1 openstack flavor show m1.small > /dev/null 2>&1 || openstack flavor create --ram 1024 --disk 10 --vcpus 1 --public m1.small > /dev/null 2>&1 openstack flavor show m1.medium > /dev/null 2>&1 || openstack flavor create --ram 2048 --disk 10 --vcpus 2 --public m1.medium > /dev/null 2>&1 openstack flavor show m1.large > /dev/null 2>&1 || openstack flavor create --ram 3072 --disk 10 --vcpus 2 --public m1.large > /dev/null 2>&1 # need extra for windows image (15g) openstack flavor show m1.xlarge > /dev/null 2>&1 || openstack flavor create --ram 8096 --disk 30 --vcpus 4 --public m1.xlarge > /dev/null 2>&1 echo "modifying default quotas for admin user" #Modify quotas for the tenant to allow large deployments PROJECT_ID=`openstack quota show -f value -c project` openstack quota set --instances 400 --cores 800 --ram 404800 --secgroups 4000 --floating-ips -1 --secgroup-rules -1 $PROJECT_ID ### need to find how to change quota for the project not the tenant ### modify default quota the same way.. #openstack quota set --class --instances 400 --cores 800 --ram 404800 --secgroups 4000 --floating-ips -1 --secgroup-rules -1 $TENANT_ID echo "Uploading images to glance" #Upload images to glance ## image name is used by script to generate metadata .. don't screw the series if grep -q 'virt-type: lxd' bundles.yaml; then glance image-list | grep "Xenial LXC x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial LXC x86_64" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/xenial-server-cloudimg-amd64-root.tar.gz glance image-list | grep "Cirros LXC 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros LXC 0.3" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/cirros-0.3.4-x86_64-lxc.tar.gz else #glance image-list | grep "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img glance image-list | grep "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img glance image-list | grep "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img glance image-list | grep "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img glance image-list | grep "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img #glance image-list | grep "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 --progress fi