3 # Copyright (C) 2014 Canonical Ltd.
5 # Authors: Nicolas Thomss <nicolas.thomas@canonical.com>
7 # Licensed under the Apache License, Version 2.0 (the "License");
8 # you may not use this file except in compliance with the License.
9 # You may obtain a copy of the License at
11 # http://www.apache.org/licenses/LICENSE-2.0
13 # Unless required by applicable law or agreed to in writing, software
14 # distributed under the License is distributed on an "AS IS" BASIS,
15 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
16 # See the License for the specific language governing permissions and
17 # limitations under the License.
21 echo "This command is run to configure an Orange-Box Openstack deployment"
23 NEUTRON_FIXED_NET_CIDR="192.168.16.0/22"
25 source ~/joid_config/admin-openrc
27 # Determine the tenant id for the configured tenant name.
28 export TENANT_ID="$(openstack project list | grep $OS_TENANT_NAME | awk '{ print $2 }')"
30 if [ "$TENANT_ID" = "" ]; then
31 echo "Unable to find tenant ID, keystone auth problem"
35 echo "Configuring Openstack Neutron Networking"
37 #create ext network with neutron for floating IPs
38 EXTERNAL_NETWORK_ID=$(neutron net-show ext-net | grep " id" | awk '{print $4}')
40 #Create private network for neutron for tenant VMs
41 neutron net-show private > /dev/null 2>&1 || neutron net-create private
42 neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8
43 SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}')
45 #Create router for external network and private network
46 neutron router-show provider-router > /dev/null 2>&1 || neutron router-create --tenant-id $TENANT_ID provider-router
47 ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}')
49 neutron router-gateway-clear provider-router || true
50 neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID
51 ## make it always ok to have it indempodent.
52 neutron router-interface-add $ROUTER_ID $SUBNET_ID || true
55 echo "Configuring security groups for access to ICMP, SSH and RDP by default"
57 #Configure the default security group to allow ICMP and SSH
58 neutron security-group-rule-list | grep "icmp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp --remote-ip-prefix 0.0.0.0/0 default
59 neutron security-group-rule-list | grep "22/tcp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default
60 neutron security-group-rule-list | grep "3389/tcp" > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 3389 --port-range-max 3389 --remote-ip-prefix 0.0.0.0/0 default
62 echo "Uploading default SSH key"
64 #Upload a default SSH key
65 nova keypair-list | grep default > /dev/null 2>&1 || nova keypair-add --pub-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1
67 echo "Modifying the flavors to be better sized for the Orange Box"
69 #Modify the flavours to fit better on the OB
70 #nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS
71 nova flavor-delete m1.tiny > /dev/null 2>&1
72 nova flavor-delete m1.small > /dev/null 2>&1
73 nova flavor-delete m1.medium > /dev/null 2>&1
74 nova flavor-delete m1.large > /dev/null 2>&1
75 nova flavor-delete m1.xlarge > /dev/null 2>&1
76 nova flavor-create --is-public true m1.tiny auto 512 5 1 > /dev/null 2>&1
77 nova flavor-create --is-public true m1.small auto 1024 10 1 > /dev/null 2>&1
78 nova flavor-create --is-public true m1.medium auto 2048 10 2 > /dev/null 2>&1
79 nova flavor-create --is-public true m1.large auto 3072 10 2 > /dev/null 2>&1
80 ## need extra for windows image (15g)
81 nova flavor-create --is-public true m1.xlarge auto 8096 30 4 > /dev/null 2>&1
83 echo "modifying default quotas for admin user"
85 #Modify quotas for the tenant to allow large deployments
86 nova quota-update --instances 400 $TENANT_ID
87 nova quota-update --cores 800 $TENANT_ID
88 nova quota-update --ram 404800 $TENANT_ID
89 nova quota-update --security-groups 4000 $TENANT_ID
90 nova quota-update --floating-ips -1 $TENANT_ID
91 nova quota-update --security-group-rules -1 $TENANT_ID
93 ### need to find how to change quota for the project not the tenant
95 ### modify default quota the same way..
96 nova quota-class-update --instances 400 $TENANT_ID
97 nova quota-class-update --cores 800 $TENANT_ID
98 nova quota-class-update --ram 404800 $TENANT_ID
99 nova quota-class-update --security-groups 4000 $TENANT_ID
100 nova quota-class-update --floating-ips -1 $TENANT_ID
101 nova quota-class-update --security-group-rules -1 $TENANT_ID
103 echo "Uploading images to glance"
105 #Upload images to glance
106 ## image name is used by script to generate metadata .. don't screw the series
108 if grep -q 'virt-type: lxd' bundles.yaml; then
109 glance image-list | grep "Xenial LXC x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial LXC x86_64" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/xenial-server-cloudimg-amd64-root.tar.gz
110 glance image-list | grep "Cirros LXC 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros LXC 0.3" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/cirros-0.3.4-x86_64-lxc.tar.gz
112 #glance image-list | grep "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img
113 glance image-list | grep "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img
114 glance image-list | grep "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img
115 glance image-list | grep "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img
116 glance image-list | grep "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img
117 #glance image-list | grep "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 --progress