JamesOBenson · March 25, 2021 12:26
diff --git a/create_openstack_user.sh b/create_openstack_user.sh
 #!/bin/bash

 #  This script creates all necessary components to start booting VM's in openstack. This includes
 #    - Project
 #    - User
 #    - Networking, subnets, router,
 #  Security group allows
 #    - 22 (SSH)
 #    - IMPI (Ping test)
 #    - 8443 & 8883 (Greengrass rules)
 #
 # Execution:
 #    create_openstack_user.sh John Doe [email protected] password(if blank will autogenerate)

 FIRST_NAME=$1
 LAST_NAME=$2
 USER_EMAIL_ADDRESS=$3
 PASSWORD=$4
 if [ -z "${PASSWORD}" ]; then PASSWORD="$(openssl rand -base64 12)"; fi
 firstletter=${FIRST_NAME:0:1}
 USER_NAME=$firstletter$LAST_NAME
 NAME="$FIRST_NAME $LAST_NAME"

 PROJECT_NAME=$USER_NAME
 NETWORK_NAME="$PROJECT_NAME"_Network
 SUBNET_NAME="$PROJECT_NAME"_Subnet
 ROUTER_NAME="$PROJECT_NAME"_Router

 DNS_SERVER="129.115.103.72"
 START_IP="50"
 END_IP="249"

 ##############################
 if (( $# < 3 ))
  then
    echo ""
    echo "Error: Not enough arguments supplied"
    echo ""
    echo "Usage:"
    echo "    ./create_openstack_user.sh John Doe [email protected] password(if blank will autogenerate)"
    echo ""
    echo "Username is JDoe"
    echo ""
    exit
 fi

 ##############################
 file="openrc.sh"
 if [ -f "$file" ]
 then
    echo "$file found..."
    source $file
 else
    echo "$file not found."
    file="admin-openrc.sh"
    if [ -f "$file" ]
        then
            echo "$file found..."
            source $file
        else
            echo "$file not found."
            exit 1
    fi
 fi
 ##############################

 if ! python3 -c "import openstackclient";
 then
    echo "FAIL: Please install openstackclient."
    echo "   pip install python-openstackclient"
    exit 1
 fi

 echo "##################################"
 echo "# GRABBING EXTERNAL NETWORK INFO #"
 echo "##################################"
 EXTERNAL_NETWORK_NAME=$(openstack network list --long | grep External | awk '{print $4}')
 EXTERNAL_NETWORK_ID=$(openstack network show -f shell "$EXTERNAL_NETWORK_NAME" -c id | cut -d "\"" -f 2)

 if [[ -z "$EXTERNAL_NETWORK_NAME" ]]; then
    echo "EXTERNAL_NETWORK_NAME is not defined, quitting."
    exit 1
 fi
 if [[ -z "$EXTERNAL_NETWORK_ID" ]]; then
    echo "EXTERNAL_NETWORK_ID is not defined, quitting."
    exit 1
 fi


 ##########################
 # Create Project and User
 ##########################
 echo "##################"
 echo "# CREATING GROUP #"
 echo "##################"
 openstack project create --description "Project for $NAME" "$PROJECT_NAME"
 echo "INFO: Creating user..."
 openstack user create --project "$PROJECT_NAME" --description "$NAME" --password "$PASSWORD" --email "$USER_EMAIL_ADDRESS" --enable "$USER_NAME"
 echo "INFO: Getting project ID..."
 PROJECT_ID=$(openstack project show -f shell -c id "$PROJECT_NAME" |cut -d"=" -f2 | tr -d '"')
 echo "INFO: Adding user to project and set project as default project"
 openstack role add --user "$USER_NAME"  --project "$PROJECT_ID" member
 openstack user set --project "$PROJECT_NAME" "$USER_NAME"

 ################################################
 # Create Network, Subnet and Router for Project
 ################################################
 echo "#######################"
 echo "# CREATING NETWORKING #"
 echo "#######################"
 openstack network create --project "$PROJECT_ID" "$NETWORK_NAME"
 NETWORK_ID=$(openstack network show -f shell -c id "$NETWORK_NAME" |cut -d"=" -f2 | tr -d '"')

 echo "INFO: Creating Subnetworking..."
 openstack subnet create --project "$PROJECT_ID" --dns-nameserver "$DNS_SERVER" --subnet-range "192.170.0.0/24" --allocation-pool start=192.170.0."$START_IP",end=192.170.0."$END_IP" --network "$NETWORK_ID" "$SUBNET_NAME"

 echo "INFO: Creating router..."
 openstack router create --project "$PROJECT_ID" "$ROUTER_NAME"

 echo "INFO: Acquiring router id..."
 ROUTER_ID=$(openstack router show -f shell "$ROUTER_NAME" -c id |cut -d"\"" -f 2)

 echo "INFO: Setting external gateway on router..."
 openstack router set --external-gateway "$EXTERNAL_NETWORK_ID" "$ROUTER_ID"

 echo "INFO: Adding subnet to router..."
 openstack router add subnet "$ROUTER_ID" "$SUBNET_NAME"

 #######################################################
 # Add security rules to allow ping, ssh access, and 80
 #######################################################
 echo "#################################"
 echo "# UPDATING SECURITY GROUP RULES #"
 echo "#################################"

 SECURITY_GROUP_ID=$(openstack security group list | grep "$PROJECT_ID" | awk '{print $2}')
 openstack security group rule create --proto icmp --project "$PROJECT_NAME" "$SECURITY_GROUP_ID"
 openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 22 "$SECURITY_GROUP_ID"
 openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8443 "$SECURITY_GROUP_ID" --description "Greengrass to AWS"
 openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8883 "$SECURITY_GROUP_ID" --description "Device to greengrass communication"

 echo "######################"
 echo "Username: $USER_NAME"
 echo "Password: $PASSWORD"
 echo "######################"
	#!/bin/bash

	# This script creates all necessary components to start booting VM's in openstack. This includes
	# - Project
	# - User
	# - Networking, subnets, router,
	# Security group allows
	# - 22 (SSH)
	# - IMPI (Ping test)
	# - 8443 & 8883 (Greengrass rules)
	#
	# Execution:
	# create_openstack_user.sh John Doe [email protected] password(if blank will autogenerate)

	FIRST_NAME=$1
	LAST_NAME=$2
	USER_EMAIL_ADDRESS=$3
	PASSWORD=$4
	if [ -z "${PASSWORD}" ]; then PASSWORD="$(openssl rand -base64 12)"; fi
	firstletter=${FIRST_NAME:0:1}
	USER_NAME=$firstletter$LAST_NAME
	NAME="$FIRST_NAME $LAST_NAME"

	PROJECT_NAME=$USER_NAME
	NETWORK_NAME="$PROJECT_NAME"_Network
	SUBNET_NAME="$PROJECT_NAME"_Subnet
	ROUTER_NAME="$PROJECT_NAME"_Router

	DNS_SERVER="129.115.103.72"
	START_IP="50"
	END_IP="249"

	##############################
	if (( $# < 3 ))
	then
	echo ""
	echo "Error: Not enough arguments supplied"
	echo ""
	echo "Usage:"
	echo " ./create_openstack_user.sh John Doe [email protected] password(if blank will autogenerate)"
	echo ""
	echo "Username is JDoe"
	echo ""
	exit
	fi

	##############################
	file="openrc.sh"
	if [ -f "$file" ]
	then
	echo "$file found..."
	source $file
	else
	echo "$file not found."
	file="admin-openrc.sh"
	if [ -f "$file" ]
	then
	echo "$file found..."
	source $file
	else
	echo "$file not found."
	exit 1
	fi
	fi
	##############################

	if ! python3 -c "import openstackclient";
	then
	echo "FAIL: Please install openstackclient."
	echo " pip install python-openstackclient"
	exit 1
	fi

	echo "##################################"
	echo "# GRABBING EXTERNAL NETWORK INFO #"
	echo "##################################"
	EXTERNAL_NETWORK_NAME=$(openstack network list --long \| grep External \| awk '{print $4}')
	EXTERNAL_NETWORK_ID=$(openstack network show -f shell "$EXTERNAL_NETWORK_NAME" -c id \| cut -d "\"" -f 2)

	if [[ -z "$EXTERNAL_NETWORK_NAME" ]]; then
	echo "EXTERNAL_NETWORK_NAME is not defined, quitting."
	exit 1
	fi
	if [[ -z "$EXTERNAL_NETWORK_ID" ]]; then
	echo "EXTERNAL_NETWORK_ID is not defined, quitting."
	exit 1
	fi


	##########################
	# Create Project and User
	##########################
	echo "##################"
	echo "# CREATING GROUP #"
	echo "##################"
	openstack project create --description "Project for $NAME" "$PROJECT_NAME"
	echo "INFO: Creating user..."
	openstack user create --project "$PROJECT_NAME" --description "$NAME" --password "$PASSWORD" --email "$USER_EMAIL_ADDRESS" --enable "$USER_NAME"
	echo "INFO: Getting project ID..."
	PROJECT_ID=$(openstack project show -f shell -c id "$PROJECT_NAME" \|cut -d"=" -f2 \| tr -d '"')
	echo "INFO: Adding user to project and set project as default project"
	openstack role add --user "$USER_NAME" --project "$PROJECT_ID" member
	openstack user set --project "$PROJECT_NAME" "$USER_NAME"

	################################################
	# Create Network, Subnet and Router for Project
	################################################
	echo "#######################"
	echo "# CREATING NETWORKING #"
	echo "#######################"
	openstack network create --project "$PROJECT_ID" "$NETWORK_NAME"
	NETWORK_ID=$(openstack network show -f shell -c id "$NETWORK_NAME" \|cut -d"=" -f2 \| tr -d '"')

	echo "INFO: Creating Subnetworking..."
	openstack subnet create --project "$PROJECT_ID" --dns-nameserver "$DNS_SERVER" --subnet-range "192.170.0.0/24" --allocation-pool start=192.170.0."$START_IP",end=192.170.0."$END_IP" --network "$NETWORK_ID" "$SUBNET_NAME"

	echo "INFO: Creating router..."
	openstack router create --project "$PROJECT_ID" "$ROUTER_NAME"

	echo "INFO: Acquiring router id..."
	ROUTER_ID=$(openstack router show -f shell "$ROUTER_NAME" -c id \|cut -d"\"" -f 2)

	echo "INFO: Setting external gateway on router..."
	openstack router set --external-gateway "$EXTERNAL_NETWORK_ID" "$ROUTER_ID"

	echo "INFO: Adding subnet to router..."
	openstack router add subnet "$ROUTER_ID" "$SUBNET_NAME"

	#######################################################
	# Add security rules to allow ping, ssh access, and 80
	#######################################################
	echo "#################################"
	echo "# UPDATING SECURITY GROUP RULES #"
	echo "#################################"

	SECURITY_GROUP_ID=$(openstack security group list \| grep "$PROJECT_ID" \| awk '{print $2}')
	openstack security group rule create --proto icmp --project "$PROJECT_NAME" "$SECURITY_GROUP_ID"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 22 "$SECURITY_GROUP_ID"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8443 "$SECURITY_GROUP_ID" --description "Greengrass to AWS"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8883 "$SECURITY_GROUP_ID" --description "Device to greengrass communication"

	echo "######################"
	echo "Username: $USER_NAME"
	echo "Password: $PASSWORD"
	echo "######################"