JamesOBenson/create_openstack_user.sh

## create_openstack_user.sh
#!/bin/bash

#  This script creates all necessary components to start booting VM's in openstack. This includes
#    - Project
#    - User
#    - Networking, subnets, router,
#  Security group allows
#    - 22 (SSH)
#    - IMPI (Ping test)
#    - 8443 & 8883 (Greengrass rules)
#
# Execution:
#    create_openstack_user.sh John Doe jdoe@utsa.edu password(if blank will autogenerate)

FIRST_NAME=$1
LAST_NAME=$2
USER_EMAIL_ADDRESS=$3
PASSWORD=$4
if [ -z "${PASSWORD}" ]; then PASSWORD="$(openssl rand -base64 12)"; fi
firstletter=${FIRST_NAME:0:1}
USER_NAME=$firstletter$LAST_NAME
NAME="$FIRST_NAME $LAST_NAME"

PROJECT_NAME=$USER_NAME
NETWORK_NAME="$PROJECT_NAME"_Network
SUBNET_NAME="$PROJECT_NAME"_Subnet
ROUTER_NAME="$PROJECT_NAME"_Router

DNS_SERVER="129.115.103.72"
START_IP="50"
END_IP="249"

##############################
if (( $# < 3 ))
  then
    echo ""
    echo "Error: Not enough arguments supplied"
    echo ""
    echo "Usage:"
    echo "    ./create_openstack_user.sh John Doe jdoe@utsa.edu password(if blank will autogenerate)"
    echo ""
    echo "Username is JDoe"
    echo ""
    exit
fi

##############################
file="openrc.sh"
if [ -f "$file" ]
then
    echo "$file found..."
    source $file
else
    echo "$file not found."
    file="admin-openrc.sh"
    if [ -f "$file" ]
        then
            echo "$file found..."
            source $file
        else
            echo "$file not found."
            exit 1
    fi
fi
##############################

if ! python3 -c "import openstackclient";
then
    echo "FAIL: Please install openstackclient."
    echo "   pip install python-openstackclient"
    exit 1
fi

echo "##################################"
echo "# GRABBING EXTERNAL NETWORK INFO #"
echo "##################################"
EXTERNAL_NETWORK_NAME=$(openstack network list --long | grep External | awk '{print $4}')
EXTERNAL_NETWORK_ID=$(openstack network show -f shell "$EXTERNAL_NETWORK_NAME" -c id | cut -d "\"" -f 2)

if [[ -z "$EXTERNAL_NETWORK_NAME" ]]; then
    echo "EXTERNAL_NETWORK_NAME is not defined, quitting."
    exit 1
fi
if [[ -z "$EXTERNAL_NETWORK_ID" ]]; then
    echo "EXTERNAL_NETWORK_ID is not defined, quitting."
    exit 1
fi


##########################
# Create Project and User
##########################
echo "##################"
echo "# CREATING GROUP #"
echo "##################"
openstack project create --description "Project for $NAME" "$PROJECT_NAME"
echo "INFO: Creating user..."
openstack user create --project "$PROJECT_NAME" --description "$NAME" --password "$PASSWORD" --email "$USER_EMAIL_ADDRESS" --enable "$USER_NAME"
echo "INFO: Getting project ID..."
PROJECT_ID=$(openstack project show -f shell -c id "$PROJECT_NAME" |cut -d"=" -f2 | tr -d '"')
echo "INFO: Adding user to project and set project as default project"
openstack role add --user "$USER_NAME"  --project "$PROJECT_ID" member
openstack user set --project "$PROJECT_NAME" "$USER_NAME"

################################################
# Create Network, Subnet and Router for Project
################################################
echo "#######################"
echo "# CREATING NETWORKING #"
echo "#######################"
openstack network create --project "$PROJECT_ID" "$NETWORK_NAME"
NETWORK_ID=$(openstack network show -f shell -c id "$NETWORK_NAME" |cut -d"=" -f2 | tr -d '"')

echo "INFO: Creating Subnetworking..."
openstack subnet create --project "$PROJECT_ID" --dns-nameserver "$DNS_SERVER" --subnet-range "192.170.0.0/24" --allocation-pool start=192.170.0."$START_IP",end=192.170.0."$END_IP" --network "$NETWORK_ID" "$SUBNET_NAME"

echo "INFO: Creating router..."
openstack router create --project "$PROJECT_ID" "$ROUTER_NAME"

echo "INFO: Acquiring router id..."
ROUTER_ID=$(openstack router show -f shell "$ROUTER_NAME" -c id |cut -d"\"" -f 2)

echo "INFO: Setting external gateway on router..."
openstack router set --external-gateway "$EXTERNAL_NETWORK_ID" "$ROUTER_ID"

echo "INFO: Adding subnet to router..."
openstack router add subnet "$ROUTER_ID" "$SUBNET_NAME"

#######################################################
# Add security rules to allow ping, ssh access, and 80
#######################################################
echo "#################################"
echo "# UPDATING SECURITY GROUP RULES #"
echo "#################################"

SECURITY_GROUP_ID=$(openstack security group list | grep "$PROJECT_ID" | awk '{print $2}')
openstack security group rule create --proto icmp --project "$PROJECT_NAME" "$SECURITY_GROUP_ID"
openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 22 "$SECURITY_GROUP_ID"
openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8443 "$SECURITY_GROUP_ID" --description "Greengrass to AWS"
openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8883 "$SECURITY_GROUP_ID" --description "Device to greengrass communication"

echo "######################"
echo "Username: $USER_NAME"
echo "Password: $PASSWORD"
echo "######################"
	#!/bin/bash

	# This script creates all necessary components to start booting VM's in openstack. This includes
	# - Project
	# - User
	# - Networking, subnets, router,
	# Security group allows
	# - 22 (SSH)
	# - IMPI (Ping test)
	# - 8443 & 8883 (Greengrass rules)
	#
	# Execution:
	# create_openstack_user.sh John Doe jdoe@utsa.edu password(if blank will autogenerate)

	FIRST_NAME=$1
	LAST_NAME=$2
	USER_EMAIL_ADDRESS=$3
	PASSWORD=$4
	if [ -z "${PASSWORD}" ]; then PASSWORD="$(openssl rand -base64 12)"; fi
	firstletter=${FIRST_NAME:0:1}
	USER_NAME=$firstletter$LAST_NAME
	NAME="$FIRST_NAME $LAST_NAME"

	PROJECT_NAME=$USER_NAME
	NETWORK_NAME="$PROJECT_NAME"_Network
	SUBNET_NAME="$PROJECT_NAME"_Subnet
	ROUTER_NAME="$PROJECT_NAME"_Router

	DNS_SERVER="129.115.103.72"
	START_IP="50"
	END_IP="249"

	##############################
	if (( $# < 3 ))
	then
	echo ""
	echo "Error: Not enough arguments supplied"
	echo ""
	echo "Usage:"
	echo " ./create_openstack_user.sh John Doe jdoe@utsa.edu password(if blank will autogenerate)"
	echo ""
	echo "Username is JDoe"
	echo ""
	exit
	fi

	##############################
	file="openrc.sh"
	if [ -f "$file" ]
	then
	echo "$file found..."
	source $file
	else
	echo "$file not found."
	file="admin-openrc.sh"
	if [ -f "$file" ]
	then
	echo "$file found..."
	source $file
	else
	echo "$file not found."
	exit 1
	fi
	fi
	##############################

	if ! python3 -c "import openstackclient";
	then
	echo "FAIL: Please install openstackclient."
	echo " pip install python-openstackclient"
	exit 1
	fi

	echo "##################################"
	echo "# GRABBING EXTERNAL NETWORK INFO #"
	echo "##################################"
	EXTERNAL_NETWORK_NAME=$(openstack network list --long \| grep External \| awk '{print $4}')
	EXTERNAL_NETWORK_ID=$(openstack network show -f shell "$EXTERNAL_NETWORK_NAME" -c id \| cut -d "\"" -f 2)

	if [[ -z "$EXTERNAL_NETWORK_NAME" ]]; then
	echo "EXTERNAL_NETWORK_NAME is not defined, quitting."
	exit 1
	fi
	if [[ -z "$EXTERNAL_NETWORK_ID" ]]; then
	echo "EXTERNAL_NETWORK_ID is not defined, quitting."
	exit 1
	fi


	##########################
	# Create Project and User
	##########################
	echo "##################"
	echo "# CREATING GROUP #"
	echo "##################"
	openstack project create --description "Project for $NAME" "$PROJECT_NAME"
	echo "INFO: Creating user..."
	openstack user create --project "$PROJECT_NAME" --description "$NAME" --password "$PASSWORD" --email "$USER_EMAIL_ADDRESS" --enable "$USER_NAME"
	echo "INFO: Getting project ID..."
	PROJECT_ID=$(openstack project show -f shell -c id "$PROJECT_NAME" \|cut -d"=" -f2 \| tr -d '"')
	echo "INFO: Adding user to project and set project as default project"
	openstack role add --user "$USER_NAME" --project "$PROJECT_ID" member
	openstack user set --project "$PROJECT_NAME" "$USER_NAME"

	################################################
	# Create Network, Subnet and Router for Project
	################################################
	echo "#######################"
	echo "# CREATING NETWORKING #"
	echo "#######################"
	openstack network create --project "$PROJECT_ID" "$NETWORK_NAME"
	NETWORK_ID=$(openstack network show -f shell -c id "$NETWORK_NAME" \|cut -d"=" -f2 \| tr -d '"')

	echo "INFO: Creating Subnetworking..."
	openstack subnet create --project "$PROJECT_ID" --dns-nameserver "$DNS_SERVER" --subnet-range "192.170.0.0/24" --allocation-pool start=192.170.0."$START_IP",end=192.170.0."$END_IP" --network "$NETWORK_ID" "$SUBNET_NAME"

	echo "INFO: Creating router..."
	openstack router create --project "$PROJECT_ID" "$ROUTER_NAME"

	echo "INFO: Acquiring router id..."
	ROUTER_ID=$(openstack router show -f shell "$ROUTER_NAME" -c id \|cut -d"\"" -f 2)

	echo "INFO: Setting external gateway on router..."
	openstack router set --external-gateway "$EXTERNAL_NETWORK_ID" "$ROUTER_ID"

	echo "INFO: Adding subnet to router..."
	openstack router add subnet "$ROUTER_ID" "$SUBNET_NAME"

	#######################################################
	# Add security rules to allow ping, ssh access, and 80
	#######################################################
	echo "#################################"
	echo "# UPDATING SECURITY GROUP RULES #"
	echo "#################################"

	SECURITY_GROUP_ID=$(openstack security group list \| grep "$PROJECT_ID" \| awk '{print $2}')
	openstack security group rule create --proto icmp --project "$PROJECT_NAME" "$SECURITY_GROUP_ID"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 22 "$SECURITY_GROUP_ID"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8443 "$SECURITY_GROUP_ID" --description "Greengrass to AWS"
	openstack security group rule create --proto tcp --project "$PROJECT_NAME" --dst-port 8883 "$SECURITY_GROUP_ID" --description "Device to greengrass communication"

	echo "######################"
	echo "Username: $USER_NAME"
	echo "Password: $PASSWORD"
	echo "######################"