8c1893777c
When using init-runonce script multiple default security groups are present and raise error: More than one security_group exists with the name 'default'. Add a check to create rules to admin's default sec group. Change-Id: Iaf93467d70ae41fdbcd2b37d6c5639a32d939394
125 lines
4.1 KiB
Bash
Executable File
125 lines
4.1 KiB
Bash
Executable File
#!/bin/bash
|
|
#
|
|
# This script is meant to be run once after running start for the first
|
|
# time. This script downloads a cirros image and registers it. Then it
|
|
# configures networking and nova quotas to allow 40 m1.small instances
|
|
# to be created.
|
|
|
|
# Sanitize language settings to avoid commands bailing out
|
|
# with "unsupported locale setting" errors.
|
|
unset LANG
|
|
unset LANGUAGE
|
|
LC_ALL=C
|
|
export LC_ALL
|
|
for i in curl openstack; do
|
|
if [[ ! $(type $i 2>/dev/null) ]]; then
|
|
if [ "$i" == 'curl' ]; then
|
|
echo "Please install $i before proceeding"
|
|
else
|
|
echo "Please install python-${i}client before proceeding"
|
|
fi
|
|
exit
|
|
fi
|
|
done
|
|
# Move to top level directory
|
|
REAL_PATH=$(python -c "import os,sys;print os.path.realpath('$0')")
|
|
cd "$(dirname "$REAL_PATH")/.."
|
|
|
|
# Test for credentials set
|
|
if [[ "${OS_USERNAME}" == "" ]]; then
|
|
echo "No Keystone credentials specified. Try running source openrc"
|
|
exit
|
|
fi
|
|
|
|
# Test to ensure configure script is run only once
|
|
if openstack image list | grep -q cirros; then
|
|
echo "This tool should only be run once per deployment."
|
|
exit
|
|
fi
|
|
|
|
echo Downloading glance image.
|
|
IMAGE_URL=http://download.cirros-cloud.net/0.3.4/
|
|
IMAGE=cirros-0.3.4-x86_64-disk.img
|
|
if ! [ -f "$IMAGE" ]; then
|
|
curl -L -o ./$IMAGE $IMAGE_URL/$IMAGE
|
|
fi
|
|
echo Creating glance image.
|
|
openstack image create --disk-format qcow2 --container-format bare --public \
|
|
--file ./$IMAGE cirros
|
|
|
|
echo Configuring neutron.
|
|
openstack network create --external --provider-physical-network physnet1 \
|
|
--provider-network-type flat public1
|
|
openstack subnet create --no-dhcp \
|
|
--allocation-pool start=10.0.2.150,end=10.0.2.199 --network public1 \
|
|
--subnet-range 10.0.2.0/24 --gateway 10.0.2.1 public1-subnet
|
|
|
|
openstack network create --provider-network-type vxlan demo-net
|
|
openstack subnet create --subnet-range 10.0.0.0/24 --network demo-net \
|
|
--gateway 10.0.0.1 --dns-nameserver 8.8.8.8 demo-subnet
|
|
|
|
openstack router create demo-router
|
|
openstack router add subnet demo-router demo-subnet
|
|
openstack router set --external-gateway public1 demo-router
|
|
|
|
# Get admin user and tenant IDs
|
|
ADMIN_USER_ID=$(openstack user list | awk '/ admin / {print $2}')
|
|
ADMIN_PROJECT_ID=$(openstack project list | awk '/ admin / {print $2}')
|
|
ADMIN_SEC_GROUP=$(openstack security group list --project ${ADMIN_PROJECT_ID} | awk '/ default / {print $2}')
|
|
|
|
# Sec Group Config
|
|
openstack security group rule create --ingress --ethertype IPv4 \
|
|
--protocol icmp ${ADMIN_SEC_GROUP}
|
|
openstack security group rule create --ingress --ethertype IPv4 \
|
|
--protocol tcp --dst-port 22 ${ADMIN_SEC_GROUP}
|
|
# Open heat-cfn so it can run on a different host
|
|
openstack security group rule create --ingress --ethertype IPv4 \
|
|
--protocol tcp --dst-port 8000 ${ADMIN_SEC_GROUP}
|
|
openstack security group rule create --ingress --ethertype IPv4 \
|
|
--protocol tcp --dst-port 8080 ${ADMIN_SEC_GROUP}
|
|
|
|
if [ ! -f ~/.ssh/id_rsa.pub ]; then
|
|
echo Generating ssh key.
|
|
ssh-keygen -t rsa -f ~/.ssh/id_rsa
|
|
fi
|
|
if [ -r ~/.ssh/id_rsa.pub ]; then
|
|
echo Configuring nova public key and quotas.
|
|
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
|
|
fi
|
|
|
|
# Increase the quota to allow 40 m1.small instances to be created
|
|
|
|
# 40 instances
|
|
openstack quota set --instances 40 $ADMIN_PROJECT_ID
|
|
|
|
# 40 cores
|
|
openstack quota set --cores 40 $ADMIN_PROJECT_ID
|
|
|
|
# 96GB ram
|
|
openstack quota set --ram 96000 $ADMIN_PROJECT_ID
|
|
|
|
# add default flavors, if they don't already exist
|
|
if ! openstack flavor list | grep -q m1.tiny; then
|
|
openstack flavor create --id 1 --ram 512 --disk 1 --vcpus 1 m1.tiny
|
|
openstack flavor create --id 2 --ram 2048 --disk 20 --vcpus 1 m1.small
|
|
openstack flavor create --id 3 --ram 4096 --disk 40 --vcpus 2 m1.medium
|
|
openstack flavor create --id 4 --ram 8192 --disk 80 --vcpus 4 m1.large
|
|
openstack flavor create --id 5 --ram 16384 --disk 160 --vcpus 8 m1.xlarge
|
|
fi
|
|
|
|
DEMO_NET_ID=$(openstack network list | awk '/ demo-net / {print $2}')
|
|
|
|
cat << EOF
|
|
|
|
Done.
|
|
|
|
To deploy a demo instance, run:
|
|
|
|
openstack server create \\
|
|
--image cirros \\
|
|
--flavor m1.tiny \\
|
|
--key-name mykey \\
|
|
--nic net-id=${DEMO_NET_ID} \\
|
|
demo1
|
|
EOF
|