ggiamarchi · April 24, 2017 14:12
diff --git a/devstack.sh b/devstack.sh
 #!/bin/bash

 set -ex

 #
 # The network interface that will be used by OpenStack services.
 # The IP address of this interface will be used in the service
 # catalog for admin and internal endpoints.
 #
 net_interface=eth0

 #
 # The IP address to use in the service catalog for public endpoints.
 # If not provided, publicURL will be the same as internalURL.
 #
 ip_pub=


 #############################################
 # Get Devstack
 #############################################

 sudo apt-get update
 sudo apt-get install -y git vim

 sudo mkdir -p /opt/stack/devstack
 sudo chown -R stack:stack /opt/stack

 git clone https://git.openstack.org/openstack-dev/devstack.git /opt/stack/devstack


 #############################################
 # Get Barbican
 #############################################

 sudo apt-get install libffi-dev libssl-dev -y
 mkdir /opt/stack/barbican
 git clone https://github.com/openstack/barbican.git /opt/stack/barbican
 cp -r /opt/stack/barbican/contrib/devstack/lib/barbican /opt/stack/devstack/lib/
 cp /opt/stack/barbican/contrib/devstack/extras.d/70-barbican.sh /opt/stack/devstack/extras.d/


 #############################################
 # Write devstack configuration
 #############################################

 cat > /opt/stack/devstack/local.conf <<EOF
 [[local|localrc]]

 enable_plugin neutron-lbaas https://review.openstack.org/openstack/neutron-lbaas

 ADMIN_PASSWORD=password
 MYSQL_PASSWORD=password
 RABBIT_PASSWORD=password
 SERVICE_PASSWORD=password
 SERVICE_TOKEN=password

 LOGFILE=/opt/stack/logs/stack.sh.log
 VERBOSE=True
 LOG_COLOR=True
 SCREEN_LOGDIR=/opt/stack/logs
 HOST_IP=0.0.0.0
 RECLONE=False
 IMAGE_URLS=http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-uec.tar.gz,http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
 GIT_BASE=https://git.openstack.org
 IP_VERSION=4

 disable_service n-net
 disable_service heat h-api h-api-cfn h-api-cw h-eng
 disable_service tempest

 enable_service q-svc q-agt q-dhcp q-l3 q-meta q-fwaas q-lbaasv2 barbican
 EOF

 ip=$(ifconfig ${net_interface} | grep 'inet addr:' | sed -e "s/ *inet addr:\([^ ]*\).*/\1/")
 sed -i "s/HOST_IP=.*/HOST_IP=${ip}/" /opt/stack/devstack/local.conf


 #############################################
 # Source admin creds in user .profile
 #############################################

 echo '
 . /opt/stack/devstack/openrc admin admin' >> ~/.profile


 #############################################
 # Run Devstack
 #############################################

 ( cd /opt/stack/devstack && ./stack.sh )


 #############################################
 # Service catalog configuration
 #############################################

 ip_pub=${ip_pub:-$ip}

 echo "
 export OS_ENDPOINT_TYPE=internalURL" >> /opt/stack/devstack/openrc

 . /opt/stack/devstack/openrc admin admin

 function endpoint_create() {
    #
    # endpoint_create SERVICE_NAME PUB_PORT ADMIN_PORT INTERNAL_PORT RESOURCE
    #
    openstack endpoint create                                                    \
                       --region        RegionOne                                 \
                       --publicurl     http://${ip_pub}:${2}${5}                 \
                       --adminurl      http://${ip}:${3}${5}                     \
                       --internalurl   http://${ip}:${4}${5}                     \
                       $(openstack service show ${1} -f value -c id 2>/dev/null) \
                       2>/dev/null
 }

 for e in $(openstack endpoint list | grep -v identity | grep -e '^| [a-f0-9]' | awk '{print $2}') ; do
    openstack endpoint delete ${e}
 done

 openstack endpoint delete $(openstack endpoint list -c ID -f csv --quote none | tail -1)

 keystone --os-token    $(openstack token issue -f value -c id 2>/dev/null) \
         --os-endpoint http://127.0.0.1:35357/v2.0                         \
         endpoint-create                                                   \
             --service     keystone                                        \
             --adminurl    http://${ip}:35357/v2.0                         \
             --internalurl http://${ip}:5000/v2.0                          \
             --publicurl   http://${ip_pub}:5000/v2.0                      \
             --region      RegionOne

 endpoint_create ec2       8773  8773 8733
 endpoint_create barbican  9311  9311 9311
 endpoint_create glance    9292  9292 9292
 endpoint_create cinderv2  8776  8776 8776 '/v2/$(tenant_id)s'
 endpoint_create neutron   9696  9696 9696
 endpoint_create nova      8774  8774 8774 '/v2/$(tenant_id)s'
 endpoint_create novav21   8774  8774 8774 '/v2.1/$(tenant_id)s'
 endpoint_create cinder    8776  8776 8776 '/v1/$(tenant_id)s'


 #############################################
 # Customization
 #############################################

 #
 # NAT for floating IP network
 #
 sudo iptables -t nat -A POSTROUTING -s 172.24.4.0/24 -o eth0 -j MASQUERADE

 . /opt/stack/devstack/openrc demo demo

 #
 # Allow all in default security group
 #
 for r in $(neutron security-group-rule-list | grep -e '^| [a-f0-9]' | awk '{print $2}') ; do
    neutron security-group-rule-delete ${r}
 done

 for p in tcp udp icmp ; do
    for d in egress ingress ; do
        neutron security-group-rule-create --protocol ${p} --direction ${d} default
    done
 done

 #
 # Create keypair for demo user
 #
 nova keypair-add devstack > ~/key-demo
 chmod 400 ~/key-demo

 export OS_USERNAME=admin

 . /opt/stack/devstack/openrc admin admin

 #
 # Create keypair for demo admin
 #
 nova keypair-add devstack > ~/key-admin
 chmod 400 ~/key-admin

 #
 # Make m1.small smaller
 #
 small_flavor_id=$(nova flavor-delete m1.small | grep -e '^| [a-f0-9]' | awk '{print $2}')
 nova flavor-create --is-public True m1.small ${small_flavor_id} 1024 10 1

 set +x

 echo ""
 echo "### Success ###"
 echo ""
	#!/bin/bash

	set -ex

	#
	# The network interface that will be used by OpenStack services.
	# The IP address of this interface will be used in the service
	# catalog for admin and internal endpoints.
	#
	net_interface=eth0

	#
	# The IP address to use in the service catalog for public endpoints.
	# If not provided, publicURL will be the same as internalURL.
	#
	ip_pub=


	#############################################
	# Get Devstack
	#############################################

	sudo apt-get update
	sudo apt-get install -y git vim

	sudo mkdir -p /opt/stack/devstack
	sudo chown -R stack:stack /opt/stack

	git clone https://git.openstack.org/openstack-dev/devstack.git /opt/stack/devstack


	#############################################
	# Get Barbican
	#############################################

	sudo apt-get install libffi-dev libssl-dev -y
	mkdir /opt/stack/barbican
	git clone https://github.com/openstack/barbican.git /opt/stack/barbican
	cp -r /opt/stack/barbican/contrib/devstack/lib/barbican /opt/stack/devstack/lib/
	cp /opt/stack/barbican/contrib/devstack/extras.d/70-barbican.sh /opt/stack/devstack/extras.d/


	#############################################
	# Write devstack configuration
	#############################################

	cat > /opt/stack/devstack/local.conf <<EOF
	[[local\|localrc]]

	enable_plugin neutron-lbaas https://review.openstack.org/openstack/neutron-lbaas

	ADMIN_PASSWORD=password
	MYSQL_PASSWORD=password
	RABBIT_PASSWORD=password
	SERVICE_PASSWORD=password
	SERVICE_TOKEN=password

	LOGFILE=/opt/stack/logs/stack.sh.log
	VERBOSE=True
	LOG_COLOR=True
	SCREEN_LOGDIR=/opt/stack/logs
	HOST_IP=0.0.0.0
	RECLONE=False
	IMAGE_URLS=http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-uec.tar.gz,http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
	GIT_BASE=https://git.openstack.org
	IP_VERSION=4

	disable_service n-net
	disable_service heat h-api h-api-cfn h-api-cw h-eng
	disable_service tempest

	enable_service q-svc q-agt q-dhcp q-l3 q-meta q-fwaas q-lbaasv2 barbican
	EOF

	ip=$(ifconfig ${net_interface} \| grep 'inet addr:' \| sed -e "s/ inet addr:\([^ ]\).*/\1/")
	sed -i "s/HOST_IP=.*/HOST_IP=${ip}/" /opt/stack/devstack/local.conf


	#############################################
	# Source admin creds in user .profile
	#############################################

	echo '
	. /opt/stack/devstack/openrc admin admin' >> ~/.profile


	#############################################
	# Run Devstack
	#############################################

	( cd /opt/stack/devstack && ./stack.sh )


	#############################################
	# Service catalog configuration
	#############################################

	ip_pub=${ip_pub:-$ip}

	echo "
	export OS_ENDPOINT_TYPE=internalURL" >> /opt/stack/devstack/openrc

	. /opt/stack/devstack/openrc admin admin

	function endpoint_create() {
	#
	# endpoint_create SERVICE_NAME PUB_PORT ADMIN_PORT INTERNAL_PORT RESOURCE
	#
	openstack endpoint create \
	--region RegionOne \
	--publicurl http://${ip_pub}:${2}${5} \
	--adminurl http://${ip}:${3}${5} \
	--internalurl http://${ip}:${4}${5} \
	$(openstack service show ${1} -f value -c id 2>/dev/null) \
	2>/dev/null
	}

	for e in $(openstack endpoint list \| grep -v identity \| grep -e '^\| [a-f0-9]' \| awk '{print $2}') ; do
	openstack endpoint delete ${e}
	done

	openstack endpoint delete $(openstack endpoint list -c ID -f csv --quote none \| tail -1)

	keystone --os-token $(openstack token issue -f value -c id 2>/dev/null) \
	--os-endpoint http://127.0.0.1:35357/v2.0 \
	endpoint-create \
	--service keystone \
	--adminurl http://${ip}:35357/v2.0 \
	--internalurl http://${ip}:5000/v2.0 \
	--publicurl http://${ip_pub}:5000/v2.0 \
	--region RegionOne

	endpoint_create ec2 8773 8773 8733
	endpoint_create barbican 9311 9311 9311
	endpoint_create glance 9292 9292 9292
	endpoint_create cinderv2 8776 8776 8776 '/v2/$(tenant_id)s'
	endpoint_create neutron 9696 9696 9696
	endpoint_create nova 8774 8774 8774 '/v2/$(tenant_id)s'
	endpoint_create novav21 8774 8774 8774 '/v2.1/$(tenant_id)s'
	endpoint_create cinder 8776 8776 8776 '/v1/$(tenant_id)s'


	#############################################
	# Customization
	#############################################

	#
	# NAT for floating IP network
	#
	sudo iptables -t nat -A POSTROUTING -s 172.24.4.0/24 -o eth0 -j MASQUERADE

	. /opt/stack/devstack/openrc demo demo

	#
	# Allow all in default security group
	#
	for r in $(neutron security-group-rule-list \| grep -e '^\| [a-f0-9]' \| awk '{print $2}') ; do
	neutron security-group-rule-delete ${r}
	done

	for p in tcp udp icmp ; do
	for d in egress ingress ; do
	neutron security-group-rule-create --protocol ${p} --direction ${d} default
	done
	done

	#
	# Create keypair for demo user
	#
	nova keypair-add devstack > ~/key-demo
	chmod 400 ~/key-demo

	export OS_USERNAME=admin

	. /opt/stack/devstack/openrc admin admin

	#
	# Create keypair for demo admin
	#
	nova keypair-add devstack > ~/key-admin
	chmod 400 ~/key-admin

	#
	# Make m1.small smaller
	#
	small_flavor_id=$(nova flavor-delete m1.small \| grep -e '^\| [a-f0-9]' \| awk '{print $2}')
	nova flavor-create --is-public True m1.small ${small_flavor_id} 1024 10 1

	set +x

	echo ""
	echo "### Success ###"
	echo ""