#
# Authors: Nicolas Thomss <nicolas.thomas@canonical.com>
#
-# This program is free software: you can redistribute it and/or modify
-# it under the terms of the GNU General Public License as published by
-# the Free Software Foundation, version 3 of the License.
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
#
-# This program is distributed in the hope that it will be useful,
-# but WITHOUT ANY WARRANTY; without even the implied warranty of
-# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
-# GNU General Public License for more details.
+# http://www.apache.org/licenses/LICENSE-2.0
#
-# You should have received a copy of the GNU General Public License
-# along with this program. If not, see <http://www.gnu.org/licenses/>.
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
set -ex
NEUTRON_FIXED_NET_CIDR="192.168.16.0/22"
-#Check if VIP is set on keystone
-#keystone_VIP=`juju get-config keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true`
-keystone_VIP=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true`
-
-keystoneIp() {
- KEYSTONE=$(juju status keystone |grep public-address|sed -- 's/.*\: //')
- if [ $(echo $KEYSTONE|wc -w) == 1 ];then
- echo $KEYSTONE
- else
- juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)['settings']['vip']['value']"
- fi
-}
-
-if [ -n "$keystone_VIP" ]
-then
- keystone=$keystone_VIP
-else
- #if os-public-hostname is set and not VIP assume we need to use those at OpenStack endpoints.
- keystone=$(keystoneIp)
- keystone_PUBENDPOINT=`juju get keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"os-public-hostname\"][\"value\"]"||true`
-fi
-
-
-echo "export SERVICE_ENDPOINT=http://$keystone:35357/v2.0/
-unset SERVICE_TOKEN
-unset SERVICE_ENDPOINT
-export OS_AUTH_URL=http://$keystone:35357/v2.0/
-export OS_USERNAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-user\"][\"value\"]")
-export OS_PASSWORD=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-password\"][\"value\"]")
-export OS_TENANT_NAME=admin
-export OS_REGION_NAME=$(juju get keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"region\"][\"value\"]")
-" > ~/nova.rc
-
-source ~/nova.rc
+source ~/joid_config/admin-openrc
# Determine the tenant id for the configured tenant name.
-export TENANT_ID="$(keystone tenant-list | grep $OS_TENANT_NAME | awk '{ print $2 }')"
+export TENANT_ID="$(openstack project list | grep $OS_TENANT_NAME | awk '{ print $2 }')"
if [ "$TENANT_ID" = "" ]; then
- echo "Unable to find tenant ID, keystone auth problem"
- exit
+ echo "Unable to find tenant ID, keystone auth problem"
+ exit
fi
echo "Configuring Openstack Neutron Networking"
#create ext network with neutron for floating IPs
-EXTERNAL_NETWORK_ID=$(neutron net-show ext-net | grep " id" | awk '{print $4}')
+EXTERNAL_NETWORK_ID=$(openstack network show ext-net | grep " id" | awk '{print $4}')
#Create private network for neutron for tenant VMs
-neutron net-show private > /dev/null 2>&1 || neutron net-create private
-neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8
-SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}')
+openstack network show private > /dev/null 2>&1 || openstack network create private
+openstack subnet show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true 8.8.8.8
+SUBNET_ID=$(openstack subnet show private_subnet | grep " id" | awk '{print $4}')
#Create router for external network and private network
-neutron router-show provider-router > /dev/null 2>&1 || neutron router-create --tenant-id $TENANT_ID provider-router
-ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}')
+openstack router show provider-router > /dev/null 2>&1 || openstack router create --project-domain=$OS_PROJECT_DOMAIN_NAME --project $OS_PROJECT_NAME provider-router
+ROUTER_ID=$(openstack router show provider-router | grep " id" | awk '{print $4}')
neutron router-gateway-clear provider-router || true
neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID
echo "Configuring security groups for access to ICMP, SSH and RDP by default"
+PROJECT_ID=`openstack project list -c ID -f value --domain admin_domain`
+
#Configure the default security group to allow ICMP and SSH
-neutron security-group-rule-list | grep icmp > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol icmp --remote-ip-prefix 0.0.0.0/0 default
-neutron security-group-rule-list | grep 22 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 22 --port-range-max 22 --remote-ip-prefix 0.0.0.0/0 default
-neutron security-group-rule-list | grep 3389 > /dev/null 2>&1 || neutron security-group-rule-create --direction ingress --ethertype IPv4 --protocol tcp --port-range-min 3389 --port-range-max 3389 --remote-ip-prefix 0.0.0.0/0 default
+#SEC_GRP=`openstack security group list --project "$PROJECT_ID" -c ID -f value`
+#openstack security group rule list $SEC_GRP | grep "icmp" > /dev/null 2>&1 || openstack security group rule create --remote-group $SEC_GRP --ingress --protocol icmp --prefix "0.0.0.0/0" $SEC_GRP
+#openstack security group rule list $SEC_GRP | grep "22/tcp" > /dev/null 2>&1 || openstack security group rule create --remote-group $SEC_GRP --ingress --protocol tcp --dst-port 22:22 --prefix "0.0.0.0/0" $SEC_GRP
echo "Uploading default SSH key"
#Upload a default SSH key
-nova keypair-list | grep default > /dev/null 2>&1 || nova keypair-add --pub-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1
+openstack keypair list | grep default > /dev/null 2>&1 || openstack keypair create --public-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1
echo "Modifying the flavors to be better sized for the Orange Box"
#Modify the flavours to fit better on the OB
#nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS
-nova flavor-delete m1.tiny > /dev/null 2>&1
-nova flavor-delete m1.small > /dev/null 2>&1
-nova flavor-delete m1.medium > /dev/null 2>&1
-nova flavor-delete m1.large > /dev/null 2>&1
-nova flavor-delete m1.xlarge > /dev/null 2>&1
-nova flavor-create --is-public true m1.tiny auto 512 5 1 > /dev/null 2>&1
-nova flavor-create --is-public true m1.small auto 1024 10 1 > /dev/null 2>&1
-nova flavor-create --is-public true m1.medium auto 2048 10 2 > /dev/null 2>&1
-nova flavor-create --is-public true m1.large auto 3072 10 2 > /dev/null 2>&1
-## need extra for windows image (15g)
-nova flavor-create --is-public true m1.xlarge auto 8096 30 4 > /dev/null 2>&1
+openstack flavor show m1.tiny > /dev/null 2>&1 || openstack flavor create --ram 512 --disk 5 --vcpus 1 --public m1.tiny > /dev/null 2>&1
+openstack flavor show m1.small > /dev/null 2>&1 || openstack flavor create --ram 1024 --disk 10 --vcpus 1 --public m1.small > /dev/null 2>&1
+openstack flavor show m1.medium > /dev/null 2>&1 || openstack flavor create --ram 2048 --disk 10 --vcpus 2 --public m1.medium > /dev/null 2>&1
+openstack flavor show m1.large > /dev/null 2>&1 || openstack flavor create --ram 3072 --disk 10 --vcpus 2 --public m1.large > /dev/null 2>&1
+# need extra for windows image (15g)
+openstack flavor show m1.xlarge > /dev/null 2>&1 || openstack flavor create --ram 8096 --disk 30 --vcpus 4 --public m1.xlarge > /dev/null 2>&1
echo "modifying default quotas for admin user"
#Modify quotas for the tenant to allow large deployments
-nova quota-update --instances 400 $TENANT_ID
-nova quota-update --cores 800 $TENANT_ID
-nova quota-update --ram 404800 $TENANT_ID
-nova quota-update --security-groups 4000 $TENANT_ID
-nova quota-update --floating-ips -1 $TENANT_ID
-nova quota-update --security-group-rules -1 $TENANT_ID
+PROJECT_ID=`openstack quota show -f value -c project`
+openstack quota set --instances 400 --cores 800 --ram 404800 --secgroups 4000 --floating-ips -1 --secgroup-rules -1 $PROJECT_ID
### need to find how to change quota for the project not the tenant
### modify default quota the same way..
-nova quota-class-update --instances 400 $TENANT_ID
-nova quota-class-update --cores 800 $TENANT_ID
-nova quota-class-update --ram 404800 $TENANT_ID
-nova quota-class-update --security-groups 4000 $TENANT_ID
-nova quota-class-update --floating_ips -1 $TENANT_ID
-nova quota-class-update --security-group-rules -1 $TENANT_ID
+#openstack quota set --class --instances 400 --cores 800 --ram 404800 --secgroups 4000 --floating-ips -1 --secgroup-rules -1 $TENANT_ID
echo "Uploading images to glance"
#Upload images to glance
-glance image-show "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img --progress
-glance image-show "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img --progress
-glance image-show "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --visibility=public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img --progress
-glance image-show "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img --progress
-glance image-show "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --visibility=public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img --progress
## image name is used by script to generate metadata .. don't screw the series
-#glance image-show "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 --progress
+if grep -q 'virt-type: lxd' bundles.yaml; then
+ openstack image list | grep "Xenial LXC x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial LXC x86_64" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/xenial-server-cloudimg-amd64-root.tar.gz
+ openstack image list | grep "Cirros LXC 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros LXC 0.3" --visibility=public --container-format=bare --disk-format=root-tar --property architecture="x86_64" < /srv/data/cirros-0.3.4-x86_64-lxc.tar.gz
+else
+ openstack image list | grep "Trusty x86_64" > /dev/null 2>&1 || openstack image create "Trusty x86_64" --public --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img
+ openstack image list | grep "Xenial x86_64" > /dev/null 2>&1 || openstack image create "Xenial x86_64" --public --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img
+ openstack image list | grep "CentOS 6.4" > /dev/null 2>&1 || openstack image create "CentOS 6.4" --public --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img
+ openstack image list | grep "Cirros 0.3" > /dev/null 2>&1 || openstack image create "Cirros 0.3" --public --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.4-x86_64-disk.img
+fi