Last active
December 15, 2021 16:40
-
-
Save blipp/46e5b84e4d0c5c62347f to your computer and use it in GitHub Desktop.
Scripts to setup an virtual external network with OpenStack after a setup with packstack --allinone
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # see http://information-technology.web.cern.ch/book/cern-cloud-infrastructure-user-guide/advanced-topics/installing-openstack#icehouse | |
| set -x | |
| echo "set term=xterm" >> .vimrc | |
| yum install -y etckeeper | |
| etckeeper init | |
| etckeeper commit | |
| yum install -y http://rdo.fedorapeople.org/rdo-release.rpm | |
| sed -i -e 's/priority.*/priority=1/g' /etc/yum.repos.d/rdo-release.repo | |
| sed --in-place '/^exclude=libmongodb/d;s/^priority=/exclude=libmongodb,pymongo\*,mongodb\*,python-bson,python-webob,python-mako,python-webtest\npriority=/g' /etc/yum.repos.d/slc6-os.repo /etc/yum.repos.d/slc6-updates.repo /etc/yum.repos.d/slc6-extras.repo | |
| ssh-keygen -q -f /root/.ssh/id_rsa -t rsa -P "" | |
| sh -c 'cat /root/.ssh/id_rsa.pub >> /root/.ssh/authorized_keys' | |
| chmod 700 .ssh | |
| chmod 600 .ssh/* | |
| yum install -y openstack-packstack | |
| sed -i'' '3 s/^/#/' /usr/share/openstack-puppet/modules/packstack/templates/innodb.cnf.erb | |
| # I know this is bad, but OpenStack documentation keeps telling to do this | |
| sed -i -e 's/^SELINUX=enforcing/SELINUX=permissive/g' /etc/selinux/config | |
| packstack --allinone --os-neutron-install=y --provision-demo=n --provision-all-in-one-ovs-bridge=n --nagios-install=n |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| set -x | |
| #trap read debug | |
| # has to be an relative path inside /root | |
| OUTPUT_DIR=output | |
| PASSWORD_FILE=/root/passwords | |
| cd /root | |
| function get_field { | |
| grep "$2" $OUTPUT_DIR/$1 | awk "{print \$$3}" | |
| } | |
| function log_output { | |
| tee $OUTPUT_DIR/$1 | |
| } | |
| function setup_environment { | |
| mkdir /root/backup | |
| mkdir /root/scripts | |
| mkdir -p $OUTPUT_DIR | |
| yum install -y pwgen | |
| } | |
| function modify_neutron_config { | |
| set -x | |
| # trap read debug | |
| # Step 1: Verify and Modify Neutron Configuration | |
| #sleep 5m | |
| for i in server dhcp-agent l3-agent metadata-agent openvswitch-agent; do /etc/init.d/neutron-$i restart; done | |
| openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT ovs_use_veth True | |
| openstack-config --set /etc/neutron/l3_agent.ini DEFAULT ovs_use_veth True | |
| openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True | |
| # Step 2: Configure Router and External Network | |
| ifconfig | log_output ifconfig_vanilla | |
| ovs-vsctl show | log_output ovs-vsctl-show_vanilla | |
| brctl show | log_output brctl-show_vanilla | |
| mv /etc/sysconfig/network-scripts/ifcfg-br-tun /root/backup/ | |
| for i in server dhcp-agent l3-agent metadata-agent openvswitch-agent; do /etc/init.d/neutron-$i restart; done | |
| } | |
| function setup_nat { | |
| set -x | |
| # trap read debug | |
| # Setting up NAT and "virtual" external network | |
| echo "#!/bin/bash | |
| ip link set down br-ex | |
| ip addr add 10.0.21.1/24 dev br-ex | |
| ip link set up br-ex | |
| iptables -I FORWARD -i br-ex -j ACCEPT | |
| iptables -I FORWARD -o br-ex -j ACCEPT | |
| iptables -t nat -I POSTROUTING -s 10.0.21.0/24 ! -d 10.0.21.0/24 -j MASQUERADE" > /root/scripts/setup-external-network.sh | |
| chmod u+x /root/scripts/setup-external-network.sh | |
| /root/scripts/setup-external-network.sh | |
| } | |
| function create_external_network_and_tenant { | |
| set -x | |
| # trap read debug | |
| # Creating the External Network | |
| . keystonerc_admin | |
| neutron net-create extnet --router:external=True | log_output extnet | |
| NETWORK_ID=$(get_field extnet " id " 4) | |
| # Create Subnet | |
| neutron subnet-create extnet --allocation-pool start=10.0.21.10,end=10.0.21.125 --gateway 10.0.21.1 --enable_dhcp=False 10.0.21.0/24 | log_output extnet_subnet | |
| # Create Router | |
| neutron router-create rdorouter | log_output rdorouter | |
| ROUTER_ID=$(get_field rdorouter " id " 4) | |
| # Set the Router's Gateway | |
| neutron router-gateway-set $ROUTER_ID $NETWORK_ID | log_output gateway-set | |
| neutron router-list | log_output router-list | |
| ovs-vsctl show | log_output ovs-vsctl-show_after_router_create | |
| # Create a Tenant and a User | |
| keystone tenant-create --name rdotest | log_output tenant-create | |
| TENANT_ID=$(get_field tenant-create " id " 4) | |
| TENANT_PASS=$(pwgen 15 1) | |
| echo "rdotest" >> $PASSWORD_FILE | |
| echo $TENANT_PASS >> $PASSWORD_FILE | |
| keystone user-create --name rdotest --tenant-id $TENANT_ID --pass $TENANT_PASS --enabled true | log_output user-create | |
| USER_ID=$(get_field user-create " id " 4) | |
| # Create RC file for rdotest | |
| cat /root/keystonerc_admin | sed -e 's/admin/rdotest/g' -e "s/^export OS_PASSWORD.*/export OS_PASSWORD=$TENANT_PASS/" | tee keystonerc_rdotest | |
| } | |
| function create_private_network { | |
| set -x | |
| # trap read debug | |
| # Step 4: Create Private Network | |
| . keystonerc_rdotest | |
| neutron net-create rdonet | log_output net-create-rdonet | |
| neutron subnet-create --dns-nameserver 137.138.17.5 --dns-nameserver 137.138.16.5 rdonet 10.0.90.0/24 | log_output subnet-create-rdonet | |
| SUBNET_ID=$(get_field subnet-create-rdonet " id " 4) | |
| . keystonerc_admin | |
| ROUTER_ID=$(get_field rdorouter " id " 4) | |
| neutron router-interface-add $ROUTER_ID $SUBNET_ID | log_output router-interface-add | |
| ovs-vsctl show | log_output ovs-vsctl-show_after_subnet | |
| } | |
| function create_image_and_prepare_environment { | |
| set -x | |
| # trap read debug | |
| # Step 5: Create image | |
| . keystonerc_admin | |
| glance image-create --container-format=bare --disk-format=qcow2 --name=cirros --is-public=True < cirros.qcow2 | log_output image-create | |
| # Step 6: Create and Import SSH Key | |
| . keystonerc_rdotest | |
| nova keypair-add --pub-key .ssh/id_rsa.pub rdokey | log_output keypair-idd | |
| # Step 7: Create Security Group Rules | |
| neutron security-group-rule-create --protocol icmp --direction ingress default | log_output security-group-rule-icmp | |
| neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --direction ingress default | log_output security-group-rule-ssh | |
| } | |
| # expects 1 argument: number to attach to "cirros" to get the name of the instance | |
| function boot_vm { | |
| set -x | |
| # trap read debug | |
| # Step 8: Boot the VM | |
| . keystonerc_rdotest | |
| IMAGE_ID=$(get_field image-create " id " 4) | |
| nova boot --flavor 1 --image $IMAGE_ID --key-name rdokey "cirros$1" | log_output "boot-cirros$1" | |
| } | |
| # expects 1 argument: number to attach to "cirros" to get the name of the instance | |
| function assign_floating_ip { | |
| set -x | |
| # trap read debug | |
| . keystonerc_rdotest | |
| VM_ID=$(get_field "boot-cirros$1" " id " 4) | |
| neutron port-list --device_id $VM_ID | log_output "port-list-cirros$1" | |
| PORT_ID=$(get_field "port-list-cirros$1" "subnet_id" 2) | |
| neutron floatingip-create extnet | log_output "floatingip-create-cirros$1" | |
| FLOATINGIP_ID=$(get_field "floatingip-create-cirros$1" " id " 4) | |
| neutron floatingip-associate $FLOATINGIP_ID $PORT_ID | |
| } | |
| setup_environment | |
| modify_neutron_config | |
| setup_nat | |
| create_external_network_and_tenant | |
| create_private_network | |
| create_image_and_prepare_environment | |
| boot_vm 1 | |
| sleep 5m | |
| assign_floating_ip 1 | |
| boot_vm 2 | |
| sleep 5m | |
| assign_floating_ip 2 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment