Skip to content

Instantly share code, notes, and snippets.

@rstarmer
Created May 5, 2017 10:46
Show Gist options
  • Save rstarmer/86771db5df6d13359db088c0b3db2b1c to your computer and use it in GitHub Desktop.
Save rstarmer/86771db5df6d13359db088c0b3db2b1c to your computer and use it in GitHub Desktop.
Basic model for building an openstack project
#!/bin/bash
#
# This script is meant to be run once after running start for the first
# time. This script downloads a cirros image and registers it. Then it
# configures networking and nova quotas to allow 40 m1.small instances
# to be created.
IMAGE_URL=https://cloud-images.ubuntu.com/trusty/current/
IMAGE=trusty-server-cloudimg-amd64-disk1.img
IMAGE_NAME=Ubuntu1404
IMAGE_TYPE=linux
EXT_NET_CIDR='172.29.174.0/26'
EXT_NET_RANGE='start=172.29.174.5,end=172.29.174.60'
EXT_NET_GATEWAY='172.29.174.1'
# Sanitize language settings to avoid commands bailing out
# with "unsupported locale setting" errors.
unset LANG
unset LANGUAGE
LC_ALL=C
export LC_ALL
for i in curl openstack; do
if [[ ! $(type ${i} 2>/dev/null) ]]; then
if [ "${i}" == 'curl' ]; then
echo "Please install ${i} before proceeding"
else
echo "Please install python-${i}client before proceeding"
fi
exit
fi
done
# Move to top level directory
REAL_PATH=$(python -c "import os,sys;print os.path.realpath('$0')")
cd "$(dirname "$REAL_PATH")/.."
# Test for credentials set
if [[ "${OS_USERNAME}" == "" ]]; then
echo "No Keystone credentials specified. Try running source openrc"
exit
fi
# Test to ensure configure script is run only once
if openstack image list | grep -q cirros; then
echo "This tool should only be run once per deployment."
exit
fi
echo Downloading glance image.
if ! [ -f "${IMAGE}" ]; then
curl -L -o ./${IMAGE} ${IMAGE_URL}/${IMAGE}
fi
echo Creating glance image.
openstack image create --disk-format qcow2 --container-format bare --public \
--property os_type=${IMAGE_TYPE} --file ./${IMAGE} ${IMAGE_NAME}
## Create networks after project/user are created to use new project id
##echo Configuring neutron.
##openstack network create --external --provider-physical-network physnet1 \
## --provider-network-type vlan --provider-network-segment 1740 public1
##openstack subnet create --no-dhcp \
## --allocation-pool ${EXT_NET_RANGE} --network public1 \
## --subnet-range ${EXT_NET_CIDR} --gateway ${EXT_NET_GATEWAY} public1-subnet
##
##openstack network create --provider-network-type vxlan caas-net
##openstack subnet create --subnet-range 10.0.0.0/24 --network caas-net \
## --gateway 10.0.0.1 --dns-nameserver 8.8.8.8 caas-subnet
##
##openstack router create caas-router
##openstack router add subnet caas-router caas-subnet
##openstack router set --external-gateway public1 caas-router
# Create CAAS01 project
PROJECT_ID=`openstack project create --domain=Default --description='CaaS Initial Project' CAAS01 | awk '/ id / {print $4}'`
#PROJECT_ID=$(openstack project list | awk '/ CAAS01 / {print $2}')
# Create caas01 user in project CAAS01 with password caas01
USER_ID=`openstack user create --password=caas01 --project=CAAS01 --domain=Default caas01 | awk '/ id / {print $4}'`
#USER_ID=$(openstack user list | awk '/ admin / {print $2}')
SEC_GROUP=$(openstack security group list --project ${PROJECT_ID} | awk '/ default / {print $2}')
# Sec Group Config
openstack security group rule create --ingress --ethertype IPv4 \
--protocol icmp ${SEC_GROUP}
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 22 ${SEC_GROUP}
# Open heat-cfn so it can run on a different host
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 80 ${SEC_GROUP}
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 443 ${SEC_GROUP}
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 8000 ${SEC_GROUP}
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 8443 ${SEC_GROUP}
openstack security group rule create --ingress --ethertype IPv4 \
--protocol tcp --dst-port 8080 ${SEC_GROUP}
#echo Configuring neutron and associate private side with project
openstack network create --external --provider-physical-network physnet1 \
--provider-network-type vlan --provider-network-segment 1740 public1
openstack subnet create --no-dhcp \
--allocation-pool ${EXT_NET_RANGE} --network public1 \
--subnet-range ${EXT_NET_CIDR} --gateway ${EXT_NET_GATEWAY} public1-subnet
openstack network create --project CAAS01 caas-net
openstack subnet create --project CAAS01 --subnet-range 10.0.0.0/24 --network caas-net \
--gateway 10.0.0.1 --dns-nameserver 8.8.8.8 caas-subnet
openstack router create caas-router --project CAAS01
openstack router add subnet caas-router caas-subnet
openstack router set --external-gateway public1 caas-router
## Let the user create their own public/private key pair
#if [ ! -f ~/.ssh/id_rsa.pub ]; then
# echo Generating ssh key.
# ssh-keygen -t rsa -f ~/.ssh/id_rsa
#fi
#if [ -r ~/.ssh/id_rsa.pub ]; then
# echo Configuring nova public key and quotas.
# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
#fi
# Increase the quota to allow 100 m1.small instances to be created
# 100 instances
openstack quota set --instances 100 ${PROJECT_ID}
# 500 cores
openstack quota set --cores 500 ${PROJECT_ID}
# 200GB ram
openstack quota set --ram 200000 ${PROJECT_ID}
# floating-ips
openstack quota set --floating-ips 50 ${PROJECT_ID}
# add default flavors, if they don't already exist
if ! openstack flavor list | grep -q m1.tiny; then
openstack flavor create --id 1 --ram 512 --disk 1 --vcpus 1 m1.tiny
openstack flavor create --id 2 --ram 2048 --disk 20 --vcpus 1 m1.small
openstack flavor create --id 3 --ram 4096 --disk 40 --vcpus 2 m1.medium
openstack flavor create --id 4 --ram 8192 --disk 80 --vcpus 4 m1.large
openstack flavor create --id 5 --ram 16384 --disk 160 --vcpus 8 m1.xlarge
fi
CAAS_NET_ID=$(openstack network list | awk '/ caas-net / {print $2}')
cat << EOF
Done.
To deploy a caas instance, run:
#openstack server create \\
# --image ${IMAGE_NAME} \\
# --flavor m1.tiny \\
# --key-name mykey \\
# --nic net-id=${CAAS_NET_ID} \\
# caas1
EOF
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment