This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat coke.txt | |
| cd /opt/devstack | |
| source openrc admin admin | |
| # create ssh key for each tenant | |
| # | |
| for x in coke ; do echo "ssh key for ${x}" ; \ | |
| rm -f id_rsa_${x}* ; ssh-keygen -t rsa -b 2048 -N '' -f id_rsa_${x} ; done | |
| # create external network | |
| # | |
| neutron net-create ext-net -- --router:external=True | |
| neutron subnet-create ext-net --allocation-pool start=172.16.18.200,end=172.16.18.210 --gateway=172.16.18.2 --enable_dhcp=False 172.16.18.0/24 | |
| # Update policy to allow icmp and ssh | |
| # | |
| for uuid in $(neutron security-group-list | grep default | awk '{print $2}') ; do echo "uuid ${uuid}" ; \ | |
| for direction in ingress egress ; do echo “direction ${direction}” ; \ | |
| neutron security-group-rule-create --protocol icmp --direction ${direction} ${uuid} ; \ | |
| neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ${direction} ${uuid} ; \ | |
| done ; done | |
| # Create 2 subnets for each tenant. Notice that the segmentation_id must be unique, but the subnets do not | |
| # | |
| for x in coke ; do echo "configuring ${x} tenant" ; \ | |
| keystone tenant-create --name ${x} | |
| keystone user-create --name ${x} --tenant ${x} --pass ${x} | |
| keystone user-role-add --user ${x} --role admin --tenant ${x} | |
| [ ${x} == 'coke' ] && tunnelId1=593 || tunnelId1=768 | |
| neutron net-create ${x}gre --tenant-id $(keystone tenant-list | grep '\s'${x}'' | awk '{print $2}') --provider:network_type gre --provider:segmentation_id ${tunnelId1} | |
| neutron subnet-create ${x}gre 10.210.1.0/24 --name ${x}gre --dns-nameserver 8.8.8.8 | |
| [ ${x} == 'coke' ] && tunnelId2=594 || tunnelId2=769 | |
| neutron net-create ${x}gre2 --tenant-id $(keystone tenant-list | grep '\s'${x}'' | awk '{print $2}') --provider:network_type gre --provider:segmentation_id ${tunnelId2} | |
| neutron subnet-create ${x}gre2 10.210.2.0/24 --name ${x}gre2 --dns-nameserver 8.8.8.8 | |
| done | |
| # Add ssh key and a dedicated router instance to each tenant | |
| # | |
| for x in coke ; do echo "configuring ${x} tenant key and router" ; \ | |
| source openrc ${x} ${x} ; export OS_PASSWORD=${x} | |
| nova keypair-add --pub-key id_rsa_${x}.pub ${x}_key | |
| # nova keypair-list | |
| neutron router-create ${x}router | |
| neutron router-gateway-set ${x}router ext-net | |
| neutron router-interface-add ${x}router ${x}gre | |
| neutron router-interface-add ${x}router ${x}gre2 | |
| # neutron router-port-list ${x}router | |
| done | |
| sleep 13 | |
| # This loop will create 3 instances for each tenant. 1 out of the 3 will be in a separate subnet, which means it will | |
| # still be able to reach the other 2 tenants but only through the tenants router | |
| # | |
| source openrc coke coke ; export OS_PASSWORD=coke | |
| nova boot --poll --flavor m1.nano --image $(nova image-list | grep 'cirros-0.3.2-x86_64-uec\s' | awk '{print $2}') --nic net-id=$(neutron net-list | grep -w cokegre2 | awk '{print $2}') --key-name coke_key coke21 | |
| nova boot --poll --flavor m1.nano --image $(nova image-list | grep 'cirros-0.3.2-x86_64-uec\s' | awk '{print $2}') --nic net-id=$(neutron net-list | grep -w cokegre2 | awk '{print $2}') --key-name coke_key coke22 | |
| nova boot --poll --flavor m1.nano --image $(nova image-list | grep 'cirros-0.3.2-x86_64-uec\s' | awk '{print $2}') --nic net-id=$(neutron net-list | grep -w cokegre | awk '{print $2}') --key-name coke_key coke11 | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment