Bash scripts for remote host deployment

JIRA: N/A

Adds various scripts into hostscripts/ to make the deployment
easier.
The whole hostscripts directory is copied to the remote host during
deployment.
mkDisks will create needed virtual disks
vncAllow punches a hole in the firewall to allow a vnc connection
    (useful for debugging)
ipnat.sh uses iptables to NAT out an isolated virtual machine
    to access horizon, for example

Change-Id: I25c23c0c4893838e58ba1cd7baaa5347de4ef47f
Signed-off-by: Parker Berberian <pberberian@iol.unh.edu>

3 files changed, 77 insertions, 0 deletions

diff --git a/hostScripts/ipnat.sh b/hostScripts/ipnat.sh
new file mode 100755
index 0000000..b8d97f0
--- /dev/null
+++ b/hostScripts/ipnat.sh
@@ -0,0 +1,34 @@
+#!/bin/bash
+#############################################################################
+#Copyright 2017 Parker Berberian and others                                 #
+#                                                                           #
+#Licensed under the Apache License, Version 2.0 (the "License");            #
+#you may not use this file except in compliance with the License.           #
+#You may obtain a copy of the License at                                    #
+#                                                                           #
+#    http://www.apache.org/licenses/LICENSE-2.0                             #
+#                                                                           #
+#Unless required by applicable law or agreed to in writing, software        #
+#distributed under the License is distributed on an "AS IS" BASIS,          #
+#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+#See the License for the specific language governing permissions and        #
+#limitations under the License.                                             #
+#############################################################################
+
+MYIP=$1
+DESTINATION=10.20.0.2
+MYBRIDGE=10.20.0.1
+DESTNETWORK=10.20.0.0/24
+PORTS=(8000 8443)
+
+for PORT in "${PORTS[@]}"; do
+
+    iptables -I INPUT 2 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT
+    iptables -t nat -I INPUT 1 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT
+    iptables -I FORWARD -p tcp --dport "$PORT" -j ACCEPT
+
+    iptables -t nat -I PREROUTING -p tcp -d "$MYIP" --dport "$PORT" -j DNAT --to-destination "$DESTINATION:$PORT"
+    iptables -t nat -I POSTROUTING -p tcp -s "$DESTINATION" ! -d "$DESTNETWORK" -j SNAT --to-source "$MYIP"
+
+    iptables -t nat -I POSTROUTING 2 -d "$DESTINATION" -j SNAT --to-source "$MYBRIDGE"
+done
diff --git a/hostScripts/mkDisks.sh b/hostScripts/mkDisks.sh
new file mode 100755
index 0000000..0cbba89
--- /dev/null
+++ b/hostScripts/mkDisks.sh
@@ -0,0 +1,20 @@
+#!/bin/bash
+#############################################################################
+#Copyright 2017 Parker Berberian and others                                 #
+#                                                                           #
+#Licensed under the Apache License, Version 2.0 (the "License");            #
+#you may not use this file except in compliance with the License.           #
+#You may obtain a copy of the License at                                    #
+#                                                                           #
+#    http://www.apache.org/licenses/LICENSE-2.0                             #
+#                                                                           #
+#Unless required by applicable law or agreed to in writing, software        #
+#distributed under the License is distributed on an "AS IS" BASIS,          #
+#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+#See the License for the specific language governing permissions and        #
+#limitations under the License.                                             #
+#############################################################################
+
+for disk in "$@"; do
+    qemu-img create -f qcow2 "$disk" 100G
+done
diff --git a/hostScripts/vncAllow.sh b/hostScripts/vncAllow.sh
new file mode 100755
index 0000000..9801381
--- /dev/null
+++ b/hostScripts/vncAllow.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+#############################################################################
+#Copyright 2017 Parker Berberian and others                                 #
+#                                                                           #
+#Licensed under the Apache License, Version 2.0 (the "License");            #
+#you may not use this file except in compliance with the License.           #
+#You may obtain a copy of the License at                                    #
+#                                                                           #
+#    http://www.apache.org/licenses/LICENSE-2.0                             #
+#                                                                           #
+#Unless required by applicable law or agreed to in writing, software        #
+#distributed under the License is distributed on an "AS IS" BASIS,          #
+#WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.   #
+#See the License for the specific language governing permissions and        #
+#limitations under the License.                                             #
+#############################################################################
+
+MYIP=X.X.X.X
+PORT="5900:5905"
+iptables -I INPUT 2 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT
+iptables -t nat -I INPUT 1 -d "$MYIP" -p tcp --dport "$PORT" -j ACCEPT
+iptables -I FORWARD -p tcp --dport "$PORT" -j ACCEPT
+iptables -I OUTPUT -p tcp --dport "$PORT" -j ACCEPT