Configure an OpenStack installation with a Sample Network and Security Group and Key

gistfile1.sh

#!/bin/bash

set -x

if [ ! -e "openrc" ]; then
 echo "Unable to find an 'openrc' with the openstack environment."
 exit 1
fi
source openrc

[ -e "trusty-server-cloudimg-amd64-disk1.img" ] || curl -o trusty-server-cloudimg-amd64-disk1.img -L http://uec-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
glance --insecure image-create --name 'ubuntu-14.04' --disk-format qcow2 --container-format bare --progress --file trusty-server-cloudimg-amd64-disk1.img

[ -e "cirros-0.3.3-x86_64-disk.img" ] || curl -o cirros-0.3.3-x86_64-disk.img -L http://download.cirros-cloud.net/0.3.3/cirros-0.3.3-x86_64-disk.img
glance --insecure image-create --name 'cirros-0.3.3' --disk-format qcow2 --container-format bare --progress --file cirros-0.3.3-x86_64-disk.img

tenant=$(keystone --insecure tenant-list | awk '/admin/ {print $2}')
neutron --insecure net-create --tenant-id $tenant public01 \
  --provider:network_type flat \
  --provider:physical_network physnet \
  --router:external --shared
neutron --insecure subnet-create --tenant-id $tenant \
  --name public01-subnet \
  --gateway 192.168.61.1 \
  --dns-nameserver 8.8.8.8 --dns-nameserver 71.243.0.12 --dns-nameserver 192.168.1.1 \
  --allocation-pool start=192.168.61.2,end=192.168.61.254 \
  public01 192.168.61.0/24

neutron --insecure net-create --tenant-id $tenant private01 \
  --provider:network_type vxlan \
  --provider:segmentation_id 1
neutron --insecure subnet-create --tenant-id $tenant \
  --name private01-subnet \
  --dns-nameserver 8.8.8.8 --dns-nameserver 71.243.0.12 --dns-nameserver 192.168.1.1 \
  private01 172.16.0.0/22

neutron --insecure router-create public01-router --tenant-id $tenant
neutron --insecure router-gateway-set public01-router public01
neutron --insecure router-interface-add public01-router private01-subnet

secgroupid=$(neutron --insecure security-group-create --tenant-id $tenant \
    --description "all ports open" "all-ports" | awk '$2=="id" { print $4 }')

neutron --insecure security-group-rule-create --tenant-id $tenant \
    --direction ingress \
    --protocol icmp \
    $secgroupid
neutron --insecure security-group-rule-create --tenant-id $tenant \
    --direction ingress \
    --protocol tcp \
    --port-range-min 1 \
    --port-range-max 65335 \
    $secgroupid
neutron --insecure security-group-rule-create --tenant-id $tenant \
    --direction ingress \
    --protocol udp \
    --port-range-min 1 \
    --port-range-max 65335 \
    $secgroupid

[ -e "$HOME/.ssh/id_rsa" ] || (ssh-keygen -N "" -f $HOME/.ssh/id_rsa; chmod 0400 $HOME/.ssh/id_rsa)
[ -e "$HOME/.ssh/id_rsa.pub" ] || ssh-keygen -y -f $HOME/.ssh/id_rsa > $HOME/.ssh/id_rsa.pub
nova --insecure keypair-add --pub-key ~/.ssh/id_rsa.pub $(whoami)

The above script downloads and uploads the Cirros 0.3.3 and Ubuntu 14.04 QCOW2 images to glance. It creates a public Neutron network named public01 with CIDR 192.168.61.0/24 and private network named private01 with CIDR 172.16.0.0/22 connected via a virtual router.

To run the script copy and paste the following to a shell:

curl -ks -L https://gist.github.com/mevansam/2b8ee9e248d1b5082552/raw/40a541de3ac946c2f5be070c0ae7e8600ed0002f/gistfile1.sh | bash

To test the setup run the following openstack cli commands from a shell:

source openrc

cinder --insecure create --display-name test 2 2> /dev/null

nova --insecure boot --flavor m1.tiny --image "cirros-0.3.3" --key-name "$(whoami)" --security-groups "all-ports" \
  --nic net-id=$(neutron --insecure net-list 2> /dev/null | awk '/private01/ { print $2 }') test 2> /dev/null

nova --insecure floating-ip-associate test \
  $(nova --insecure floating-ip-create public01 2> /dev/null | awk '/public01/ { print $2 }') 2> /dev/null

nova --insecure volume-attach test \
  $(cinder --insecure list 2> /dev/null | awk '/test/ { print $2 }') /dev/vdc 2> /dev/null