Merge lp:~thomnico/sademos/juju-on-openstack-resumed into lp:sademos/16.04
- juju-on-openstack-resumed
- Merge into 16.04
Status: | Needs review |
---|---|
Proposed branch: | lp:~thomnico/sademos/juju-on-openstack-resumed |
Merge into: | lp:sademos/16.04 |
Diff against target: |
474 lines (+240/-107) 5 files modified
00-bootstrap.sh (+1/-1) openstack/01-deploy.sh (+4/-8) openstack/configure-juju-on-openstack (+106/-51) openstack/get-cloud-images (+5/-4) openstack/orange-box-configure-openstack (+124/-43) |
To merge this branch: | bzr merge lp:~thomnico/sademos/juju-on-openstack-resumed |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
CPE SA | Pending | ||
Review via email: mp+297745@code.launchpad.net |
Commit message
Description of the change
Nicolas Thomas (thomnico) wrote : | # |
Good catch,
It is a remains of the offline work that I plan to provide separately
to avoid a huge review.
Will remove from now
On Fri, Jun 17, 2016 at 3:15 PM, M.Morana <email address hidden> wrote:
> Noticed one thing on a quick overview:
>
> openstack/
>
> +juju set-model-config cloudimg-base-url=http://
> 31
>
> ^static IP, I'm guessing you have OB60?
>
> Note: for grabbing the cloud images from /srv/, definitely the way to go but would be nice to have a checksum check to ensure they were all downloaded properly the first time although testing one's setup would reveal this problem also.
> --
> https:/
> You are the owner of lp:~thomnico/sademos/juju-on-openstack-resumed.
--
Best Regards,
Nicolas Thomas
http://
EMEA Solution Architect Canonical
GPG FPR: D592 4185 F099 9031 6590 6292 492F C740 F03A 7EB9
- 95. By Nicolas Thomas
-
Remove the off-line related part.
clean up the codemodified:
openstack/01-deploy. sh - 96. By Nicolas Thomas
-
Add Xenial to the mix ..
modified:
openstack/get-cloud- images
Scott Croft (secroft) wrote : | # |
Also, with juju 2.0, it's add-model now
On Jun 17, 2016 08:30, "Nicolas Thomas" <email address hidden>
wrote:
> Good catch,
>
> It is a remains of the offline work that I plan to provide separately
> to avoid a huge review.
>
> Will remove from now
>
> On Fri, Jun 17, 2016 at 3:15 PM, M.Morana <email address hidden> wrote:
> > Noticed one thing on a quick overview:
> >
> > openstack/
> >
> > +juju set-model-config cloudimg-base-url=
> http://
> > 31
> >
> > ^static IP, I'm guessing you have OB60?
> >
> > Note: for grabbing the cloud images from /srv/, definitely the way to go
> but would be nice to have a checksum check to ensure they were all
> downloaded properly the first time although testing one's setup would
> reveal this problem also.
> > --
> >
> https:/
> > You are the owner of lp:~thomnico/sademos/juju-on-openstack-resumed.
>
>
>
> --
> Best Regards,
> Nicolas Thomas
> http://
> EMEA Solution Architect Canonical
> GPG FPR: D592 4185 F099 9031 6590 6292 492F C740 F03A 7EB9
>
>
> https:/
> Your team CPE SA is requested to review the proposed merge of
> lp:~thomnico/sademos/juju-on-openstack-resumed into lp:sademos/16.04.
>
- 97. By Nicolas Thomas
-
fix create to add model
Nicolas Thomas (thomnico) wrote : | # |
Fixed
Lost in translating to a limited scope ...
On Fri, Jun 17, 2016 at 3:48 PM, Scott Croft <email address hidden> wrote:
> Also, with juju 2.0, it's add-model now
> On Jun 17, 2016 08:30, "Nicolas Thomas" <email address hidden>
> wrote:
>
>> Good catch,
>>
>> It is a remains of the offline work that I plan to provide separately
>> to avoid a huge review.
>>
>> Will remove from now
>>
>> On Fri, Jun 17, 2016 at 3:15 PM, M.Morana <email address hidden> wrote:
>> > Noticed one thing on a quick overview:
>> >
>> > openstack/
>> >
>> > +juju set-model-config cloudimg-base-url=
>> http://
>> > 31
>> >
>> > ^static IP, I'm guessing you have OB60?
>> >
>> > Note: for grabbing the cloud images from /srv/, definitely the way to go
>> but would be nice to have a checksum check to ensure they were all
>> downloaded properly the first time although testing one's setup would
>> reveal this problem also.
>> > --
>> >
>> https:/
>> > You are the owner of lp:~thomnico/sademos/juju-on-openstack-resumed.
>>
>>
>>
>> --
>> Best Regards,
>> Nicolas Thomas
>> http://
>> EMEA Solution Architect Canonical
>> GPG FPR: D592 4185 F099 9031 6590 6292 492F C740 F03A 7EB9
>>
>>
>> https:/
>> Your team CPE SA is requested to review the proposed merge of
>> lp:~thomnico/sademos/juju-on-openstack-resumed into lp:sademos/16.04.
>>
>
> --
> https:/
> You are the owner of lp:~thomnico/sademos/juju-on-openstack-resumed.
--
Best Regards,
Nicolas Thomas
http://
EMEA Solution Architect Canonical
GPG FPR: D592 4185 F099 9031 6590 6292 492F C740 F03A 7EB9
Unmerged revisions
- 97. By Nicolas Thomas
-
fix create to add model
- 96. By Nicolas Thomas
-
Add Xenial to the mix ..
modified:
openstack/get-cloud- images - 95. By Nicolas Thomas
-
Remove the off-line related part.
clean up the codemodified:
openstack/01-deploy. sh - 94. By Nicolas Thomas
-
Rework the configure openstack to collect info from juju (no more passwd issues)
Set to use 172.72.(obnum+1) (need the range to be free TBC).
If setting VIP or os-public use it for nova (usefull for 2 network scenario).
Update Windows..Rename to configure-
juju-on- opnestack as it has nothing OB specific .. YES !!
Move to use swift for metadata and generate metadata for images created (juju doc is misleading).renamed:
openstack/orange- box-launch- openstack- juju => openstack/ configure- juju-on- openstack
modified:
00-bootstrap.sh
openstack/01-deploy. sh
openstack/orange- box-configure- openstack
openstack/configure- juju-on- openstack
Preview Diff
1 | === modified file '00-bootstrap.sh' |
2 | --- 00-bootstrap.sh 2016-04-21 20:21:52 +0000 |
3 | +++ 00-bootstrap.sh 2016-06-17 14:41:49 +0000 |
4 | @@ -11,7 +11,7 @@ |
5 | |
6 | obnum=`hostname | cut -c 10- -` |
7 | |
8 | -time juju bootstrap --to node00vm0ob${obnum}.maas --show-log --upload-tools maas-controller maas/172.27.${obnum}.1 |
9 | +time juju bootstrap --to node00vm0ob${obnum}.maas --show-log maas-controller maas/172.27.${obnum}.1 |
10 | time juju switch admin |
11 | |
12 | URL=`juju gui --no-browser` |
13 | |
14 | === modified file 'openstack/01-deploy.sh' |
15 | --- openstack/01-deploy.sh 2016-04-21 19:55:54 +0000 |
16 | +++ openstack/01-deploy.sh 2016-06-17 14:41:49 +0000 |
17 | @@ -4,14 +4,10 @@ |
18 | |
19 | model=`juju list-models |awk '{print $1}'|grep openstack` |
20 | |
21 | -if [ ${model} = "openstack" ]; then |
22 | - juju switch openstack |
23 | - juju deploy openstack-liberty.yaml |
24 | -else |
25 | - juju create-model openstack |
26 | - juju switch openstack |
27 | - juju deploy openstack-liberty.yaml |
28 | -fi |
29 | +[ "${model}" == "openstack" ] || juju add-model openstack |
30 | +juju switch openstack |
31 | + |
32 | +juju deploy openstack-liberty.yaml |
33 | |
34 | juju show-controllers --show-passwords|egrep "user|password" |
35 | |
36 | |
37 | === renamed file 'openstack/orange-box-launch-openstack-juju' => 'openstack/configure-juju-on-openstack' |
38 | --- openstack/orange-box-launch-openstack-juju 2015-10-09 18:44:36 +0000 |
39 | +++ openstack/configure-juju-on-openstack 2016-06-17 14:41:49 +0000 |
40 | @@ -3,7 +3,7 @@ |
41 | # orange-box-launch-openstack-juju |
42 | # Copyright (C) 2014 Canonical Ltd. |
43 | # |
44 | -# Authors: Darryl Weaver <darryl.weaver@canonical.com> |
45 | +# Authors: Nicolas Thomss <nicolas.thomas@canonical.com> |
46 | # |
47 | # This program is free software: you can redistribute it and/or modify |
48 | # it under the terms of the GNU General Public License as published by |
49 | @@ -17,70 +17,123 @@ |
50 | # You should have received a copy of the GNU General Public License |
51 | |
52 | set -ex |
53 | +## TODO use sudo apt-get install python-openstackclient instead |
54 | +## examples: |
55 | +## openstack ip floating list --format=csv |
56 | +## openstack ip floating create --format=shell ext_net |
57 | +## to avoid table parsing.. |
58 | +## openstack server show -c status --format value my-instance-name |
59 | + |
60 | |
61 | echo "This command is run to launch the first instance on a new Orange box Openstack deployment" |
62 | |
63 | source ~/nova.rc |
64 | |
65 | + |
66 | #Create a floating IP for the instance |
67 | -FLOAT_IP="$(nova floating-ip-create | grep ext_net | awk '{ print $2}')" |
68 | - |
69 | +if ( nova list | grep jumpserver2 >/dev/null ) |
70 | +then |
71 | + FLOAT_IP="$(nova list | grep jumpserver2 | awk '{ print $13 }')" |
72 | +else |
73 | + FLOAT_IP="$(nova floating-ip-create | grep ext_net | awk 'BEGIN { FS = "|" } ; { print $2}'|tr -d '[[:space:]]')" |
74 | +fi |
75 | + |
76 | #Launch an instance |
77 | NET_UUID="$(nova net-list | grep private | awk '{ print $2 }')" |
78 | -IMAGE_UUID="$(nova image-list | grep Trusty | awk '{ print $2 }')" |
79 | -nova boot --flavor 2 --key_name default --image $IMAGE_UUID --nic net-id=$NET_UUID --security_group default jumpserver |
80 | -sleep 40 |
81 | - |
82 | +IMAGE_UUID="$(nova image-list | grep Xenial | awk '{ print $2 }')" |
83 | +nova list | grep jumpserver2 ||nova boot --flavor m1.small --key_name default --image $IMAGE_UUID --nic net-id=$NET_UUID --security_group default jumpserver2 |
84 | +# checking jumpserver2 state until active .. |
85 | +INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'` |
86 | +while [ $INST_STATE != "ACTIVE" ]; |
87 | +do |
88 | + INST_STATE=` nova show jumpserver2 | grep status | awk '{print $4}'` |
89 | + echo "Jumpserver2 instance state is: "$INST_STATE" waiting to be active" |
90 | + sleep 1 |
91 | +done |
92 | +sleep 6 |
93 | #Associate the floating IP with the new instance |
94 | -nova floating-ip-associate jumpserver $FLOAT_IP |
95 | +nova floating-ip-associate jumpserver2 $FLOAT_IP || true |
96 | sleep 10 |
97 | + |
98 | +### make it more Readable |
99 | +export SSH="ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP" |
100 | + |
101 | + |
102 | +#Add juju stable repo |
103 | +$SSH sudo add-apt-repository -y ppa:juju/stable |
104 | + |
105 | #SSH into the instance and install Juju |
106 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP sudo apt-get -y install juju-core juju-quickstart juju-deployer |
107 | - |
108 | -#Set up the Juju default environment |
109 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP juju init |
110 | +$SSH sudo apt-get -y update |
111 | + |
112 | +$SSH sudo apt-get -y install juju python-novaclient python-swiftclient |
113 | + |
114 | |
115 | #copy over SSH keys |
116 | -scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa* ubuntu@$FLOAT_IP: |
117 | - |
118 | -#Output a juju env file that works on this cloud |
119 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "echo 'default: openstack |
120 | -environments: |
121 | - openstack: |
122 | - type: openstack |
123 | - use-floating-ip: true |
124 | - network: private |
125 | - auth-url: $OS_AUTH_URL |
126 | - tenant-name: $OS_TENANT_NAME |
127 | - region: $OS_REGION_NAME |
128 | - auth-mode: userpass |
129 | - username: $OS_USERNAME |
130 | - password: $OS_PASSWORD |
131 | - admin-secret: $OS_PASSWORD |
132 | - default-series: trusty |
133 | - http-proxy: http://10.14.4.1:8000 |
134 | - https-proxy: http://10.14.4.1:8000 |
135 | - ftp-proxy: http://10.14.4.1:8000 |
136 | - no-proxy: localhost,10.14.4.1 |
137 | - apt-http-proxy: http://10.14.4.1:8000 |
138 | - apt-https-proxy: http://10.14.4.1:8000 |
139 | - apt-ftp-proxy: http://10.14.4.1:8000 |
140 | -' > ~/.juju/environments.yaml" |
141 | - |
142 | +scp -o StrictHostKeyChecking=no ~/.ssh/id_rsa* ubuntu@$FLOAT_IP:~/.ssh/ |
143 | + |
144 | + |
145 | +#Output a juju cloud file that works on this cloud |
146 | +$SSH \ |
147 | +"echo 'clouds: |
148 | + openstack: |
149 | + type: openstack |
150 | + auth-types: [access-key, userpass] |
151 | + regions: |
152 | + $OS_REGION_NAME: |
153 | + endpoint: $OS_AUTH_URL |
154 | +' > os-cloud.yaml" |
155 | +$SSH juju add-cloud openstack os-cloud.yaml |
156 | + |
157 | +#Output a juju cred file that works on this cloud |
158 | +$SSH \ |
159 | +"echo 'credentials: |
160 | + openstack: |
161 | + openstack: |
162 | + auth-type: userpass |
163 | + password: $OS_PASSWORD |
164 | + tenant-name: $OS_TENANT_NAME |
165 | + username: $OS_USERNAME |
166 | +' > os-creds.yaml" |
167 | + |
168 | +$SSH "juju add-credential openstack -f os-creds.yaml" |
169 | + |
170 | +## Creating images metadata |
171 | +$SSH mkdir -p ~/juju-meta |
172 | +for s in precise trusty xenial win2012r2 |
173 | +do |
174 | #Create juju metadata |
175 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "juju-metadata generate-image -a amd64 -u $OS_AUTH_URL -i $IMAGE_UUID -r $OS_REGION_NAME -s trusty" |
176 | - |
177 | -IMAGE_UUID="$(nova image-list | grep Precise | awk '{ print $2 }')" |
178 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "juju-metadata generate-image -a amd64 -u $OS_AUTH_URL -i $IMAGE_UUID -r $OS_REGION_NAME -s precise" |
179 | - |
180 | + IMAGE_UUID="$(nova image-list | grep -i $s | awk '{ print $2 }')" |
181 | + [ -n "$IMAGE_UUID" ] && $SSH "juju metadata generate-image -a amd64 -u $OS_AUTH_URL -i $IMAGE_UUID -r $OS_REGION_NAME -d juju-meta/ -s $s" |
182 | +done |
183 | + |
184 | +## Generate tools (needed if windows is in). |
185 | +$SSH "juju metadata generate-tools -d juju-meta/ " |
186 | + |
187 | +## upload images and tools streams to swift and make public |
188 | +$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \ |
189 | + --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \ |
190 | +upload juju-meta images" |
191 | +$SSH "cd ~/juju-meta/ && swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME \ |
192 | + --os-password $OS_PASSWORD --os-tenant-name $OS_TENANT_NAME \ |
193 | +upload juju-meta tools" |
194 | + |
195 | +$SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \ |
196 | + --os-tenant-name $OS_TENANT_NAME post -r '.r:*' juju-meta |
197 | + |
198 | +## collect the URL for getting the images |
199 | +$($SSH swift --os-auth-url $OS_AUTH_URL --os-username $OS_USERNAME --os-password $OS_PASSWORD \ |
200 | + --os-tenant-name $OS_TENANT_NAME auth) |
201 | + |
202 | +### |
203 | +###juju bootstrap openstack openstack --config image-metadata-url=http://192.168.16.5/juju/images/ --config network=private --upload-tools --debug -v |
204 | +### |
205 | + |
206 | +my_ip=`ip route | grep src| grep -v virb|grep -v lxcb| head -1| cut -d " " -f 12 ` |
207 | #Bootstrap Juju |
208 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "juju bootstrap --metadata-source=/home/ubuntu --upload-tools=true --series=precise,trusty" |
209 | - |
210 | -#Deploy juju-gui |
211 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "juju deploy --to 0 juju-gui && juju expose juju-gui" |
212 | - |
213 | -#Install the Orange-box-examples package |
214 | -ssh -o StrictHostKeyChecking=no ubuntu@$FLOAT_IP "sudo apt-add-repository ppa:orange-box-examples/ppa && sudo apt-get update && sudo apt-get install -y orange-box-examples" |
215 | +##$SSH "juju bootstrap openstack openstack --metadata-source=/var/www/html/juju-meta/ --upload-tools" |
216 | +$SSH "juju bootstrap openstack openstack --config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ --config tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ --config network=private" |
217 | + |
218 | + |
219 | |
220 | ## useless if juju floating ip option on. |
221 | ######################################### |
222 | @@ -93,7 +146,9 @@ |
223 | echo "Now connect to the Juju-GUI at: http://$FLOAT_IP2/ to continue deployments on Openstack." |
224 | echo "Pass: $OS_PASSWORD" |
225 | |
226 | -echo "OR Log in to openstack Jumpserver to deploy from command line" |
227 | +echo "OR Log in to openstack Jumpserver2 to deploy from command line" |
228 | echo "ssh ubuntu@$FLOAT_IP" |
229 | +echo " You must set the following if creating a new model:" |
230 | +echo " juju set-model-config image-metadata-url=$OS_STORAGE_URL/juju-meta/images/ tools-metadata-url=$OS_STORAGE_URL/juju-meta/tools/ network=private" |
231 | exit |
232 | |
233 | |
234 | === modified file 'openstack/get-cloud-images' |
235 | --- openstack/get-cloud-images 2016-01-31 11:07:43 +0000 |
236 | +++ openstack/get-cloud-images 2016-06-17 14:41:49 +0000 |
237 | @@ -2,11 +2,12 @@ |
238 | |
239 | |
240 | |
241 | -folder=/srv/data |
242 | +folder=/srv/data/ |
243 | URLS="http://cloud-images.ubuntu.com/precise/current/precise-server-cloudimg-amd64-disk1.img \ |
244 | http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img \ |
245 | -http://cloud-images.ubuntu.com/wily/current/wily-server-cloudimg-amd64-disk1.img \ |
246 | +http://cloud-images.ubuntu.com/xenial/current/xenial-server-cloudimg-amd64-disk1.img \ |
247 | http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img \ |
248 | +http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud.qcow2 \ |
249 | http://download.cirros-cloud.net/0.3.2/cirros-0.3.2-x86_64-disk.img " |
250 | |
251 | for URL in $URLS |
252 | @@ -16,9 +17,9 @@ |
253 | then |
254 | echo "$FILENAME already downloaded." |
255 | else |
256 | - wget -q -O $folder/$FILENAME $URL |
257 | + wget -O $folder/$FILENAME $URL |
258 | fi |
259 | done |
260 | |
261 | |
262 | -echo "To download Windows image get there : http://www.cloudbase.it/cloud-init-for-windows-instances/" |
263 | +echo "To download Windows image get there : https://cloudbase.it/windows-cloud-images/" |
264 | |
265 | === modified file 'openstack/orange-box-configure-openstack' |
266 | --- openstack/orange-box-configure-openstack 2015-10-09 18:44:36 +0000 |
267 | +++ openstack/orange-box-configure-openstack 2016-06-17 14:41:49 +0000 |
268 | @@ -3,7 +3,7 @@ |
269 | # orange-box-configure-openstack |
270 | # Copyright (C) 2014 Canonical Ltd. |
271 | # |
272 | -# Authors: Darryl Weaver <darryl.weaver@canonical.com> |
273 | +# Authors: Nicolas Thomss <nicolas.thomas@canonical.com> |
274 | # |
275 | # This program is free software: you can redistribute it and/or modify |
276 | # it under the terms of the GNU General Public License as published by |
277 | @@ -21,74 +21,155 @@ |
278 | |
279 | echo "This command is run to configure an Orange-Box Openstack deployment" |
280 | |
281 | -PKGS=" python-keystone python-neutronclient python-novaclient python-glanceclient" |
282 | -dpkg -l $PKGS > /dev/null || sudo apt-get install -y $PKGS |
283 | - |
284 | -NEUTRON_EXT_NET_GW="10.14.4.1" |
285 | -NEUTRON_EXT_NET_CIDR="10.14.0.0/16" |
286 | -NEUTRON_EXT_NET_NAME="ext_net" |
287 | -NEUTRON_DNS="10.14.4.1" |
288 | -NEUTRON_FLOAT_RANGE_START="10.14.200.1" |
289 | -NEUTRON_FLOAT_RANGE_END="10.14.249.254" |
290 | - |
291 | -NEUTRON_FIXED_NET_CIDR="192.168.14.0/24" |
292 | -NEUTRON_FIXED_NET_NAME="admin_net" |
293 | - |
294 | -keystone=$(juju status keystone | grep public-address | head -1 | awk '{print $2}') |
295 | +## This is the only OB specific section: |
296 | +obnum=$(hostname | cut -c 10- -) |
297 | +external_net=$((obnum+1)) |
298 | + |
299 | +NEUTRON_EXT_NET_GW="172.27.${external_net}.254" |
300 | +NEUTRON_EXT_NET_CIDR="172.27.${external_net}.0/23" |
301 | + |
302 | +NEUTRON_EXT_NET_NAME="ext_net" # Unused |
303 | +NEUTRON_DNS="172.27.$((obnum)).1" |
304 | +NEUTRON_FLOAT_RANGE_START="172.27.${external_net}.151" |
305 | +NEUTRON_FLOAT_RANGE_END="172.27.${external_net}.252" |
306 | + |
307 | +NEUTRON_FIXED_NET_CIDR="192.168.16.0/22" |
308 | +#NEUTRON_FIXED_NET_NAME="admin_net" # Unused |
309 | + |
310 | +#Check if VIP is set on keystone |
311 | +keystone_VIP=`juju get-config keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"vip\"][\"value\"]"||true` |
312 | + |
313 | +if [ -n "$keystone_VIP" ] |
314 | +then |
315 | + keystone=$keystone_VIP |
316 | +else |
317 | + #if os-public-hostname is set and not VIP assume we need to use those at OpenStack endpoints. |
318 | + keystone_PUBENDPOINT=`juju get-config keystone| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"os-public-hostname\"][\"value\"]"||true` |
319 | + if [ -n "$keystone_PUBENDPOINT" ] |
320 | + then |
321 | + ## will need to add the PUBENPOINT to the different services interfaces to enable access on ob-num+2 network. |
322 | + ## Assume a fresh install where the unit ID is 0 keystone/0 for example (TO BE FIXED) |
323 | + unset DEVICE |
324 | + for service in keystone cinder glance neutron-api nova-cloud-controller ceph-radosgw |
325 | + do |
326 | + DEVICE=`juju ssh ${service}/0 "ip route" | grep 172.27.$((obnum+2)). |head -1 | awk '{ print $3}'` |
327 | + # assuming the os-public-name are IPs not names will fail if not set |
328 | + OSPUBLICIP=`juju get-config ${service}| python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"os-public-hostname\"][\"value\"]"||true` |
329 | + [ -n "$OSPUBLICIP" ] && juju ssh ${service}/0 "sudo ifconfig $DEVICE:1 $OSPUBLICIP" |
330 | + done |
331 | + keystone=$keystone_PUBENDPOINT |
332 | + else |
333 | + keystone=$(juju status keystone --format=yaml | grep public-address | head -1 | awk '{print $2}') |
334 | + fi |
335 | +fi |
336 | + |
337 | |
338 | echo "export SERVICE_ENDPOINT=http://$keystone:35357/v2.0/ |
339 | -export SERVICE_TOKEN=admin |
340 | +unset SERVICE_TOKEN |
341 | +unset SERVICE_ENDPOINT |
342 | export OS_AUTH_URL=http://$keystone:35357/v2.0/ |
343 | -export OS_USERNAME=admin |
344 | -export OS_PASSWORD=admin |
345 | +export OS_USERNAME=$(juju get-config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-user\"][\"value\"]") |
346 | +export OS_PASSWORD=$(juju get-config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"admin-password\"][\"value\"]") |
347 | export OS_TENANT_NAME=admin |
348 | -export OS_REGION_NAME=RegionOne |
349 | +export OS_REGION_NAME=$(juju get-config keystone | python -c "import yaml; import sys; print yaml.load(sys.stdin)[\"settings\"][\"region\"][\"value\"]") |
350 | " > ~/nova.rc |
351 | |
352 | -. ~/nova.rc |
353 | +source ~/nova.rc |
354 | |
355 | # Determine the tenant id for the configured tenant name. |
356 | export TENANT_ID="$(keystone tenant-list | grep $OS_TENANT_NAME | awk '{ print $2 }')" |
357 | |
358 | +if [ "$TENANT_ID" = "" ]; then |
359 | + echo "Unable to find tenant ID, keystone auth problem" |
360 | + exit |
361 | +fi |
362 | + |
363 | +echo "Configuring Openstack Neutron Networking" |
364 | + |
365 | #create ext network with neutron for floating IPs |
366 | -EXTERNAL_NETWORK_ID=$(neutron net-create ext_net --tenant-id $TENANT_ID -- --router:external=True | grep " id" | awk '{print $4}') |
367 | -neutron subnet-create ext_net $NEUTRON_EXT_NET_CIDR --name ext_net_subnet --tenant-id $TENANT_ID \ |
368 | +neutron net-show ext_net > /dev/null 2>&1 || neutron net-create ext_net --tenant-id $TENANT_ID -- --router:external=True |
369 | +EXTERNAL_NETWORK_ID=$(neutron net-show ext_net | grep " id" | awk '{print $4}') |
370 | +neutron subnet-show ext_net_subnet > /dev/null 2>&1 || neutron subnet-create ext_net $NEUTRON_EXT_NET_CIDR --name ext_net_subnet --tenant-id $TENANT_ID \ |
371 | --allocation-pool start=$NEUTRON_FLOAT_RANGE_START,end=$NEUTRON_FLOAT_RANGE_END \ |
372 | --gateway $NEUTRON_EXT_NET_GW --disable-dhcp --dns_nameservers $NEUTRON_DNS list=true |
373 | |
374 | #Create private network for neutron for tenant VMs |
375 | -neutron net-create private |
376 | -SUBNET_ID=$(neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true $NEUTRON_DNS | grep " id" | awk '{print $4}') |
377 | +neutron net-show private > /dev/null 2>&1 || neutron net-create private |
378 | +neutron subnet-show private_subnet > /dev/null 2>&1 || neutron subnet-create private $NEUTRON_FIXED_NET_CIDR -- --name private_subnet --dns_nameservers list=true $NEUTRON_DNS |
379 | +SUBNET_ID=$(neutron subnet-show private_subnet | grep " id" | awk '{print $4}') |
380 | |
381 | #Create router for external network and private network |
382 | -ROUTER_ID=$(neutron router-create --tenant-id $TENANT_ID provider-router | grep " id" | awk '{print $4}') |
383 | -neutron router-interface-add $ROUTER_ID $SUBNET_ID |
384 | +neutron router-show provider-router > /dev/null 2>&1 || neutron router-create --tenant-id $TENANT_ID provider-router |
385 | +ROUTER_ID=$(neutron router-show provider-router | grep " id" | awk '{print $4}') |
386 | + |
387 | +neutron router-gateway-clear provider-router || true |
388 | neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID |
389 | +## make it always ok to have it indempodent. |
390 | +neutron router-interface-add $ROUTER_ID $SUBNET_ID || true |
391 | + |
392 | + |
393 | +echo "Configuring security groups for access to ICMP, SSH and RDP by default" |
394 | |
395 | #Configure the default security group to allow ICMP and SSH |
396 | -nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 |
397 | -nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 |
398 | +nova secgroup-list-rules default | grep icmp > /dev/null 2>&1 || nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 > /dev/null 2>&1 |
399 | +nova secgroup-list-rules default | grep 22 > /dev/null 2>&1 || nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 > /dev/null 2>&1 |
400 | #for rdp |
401 | -nova secgroup-add-rule default tcp 3389 3389 0.0.0.0/0 |
402 | +nova secgroup-list-rules default | grep 3389 > /dev/null 2>&1 || nova secgroup-add-rule default tcp 3389 3389 0.0.0.0/0 > /dev/null 2>&1 |
403 | + |
404 | + |
405 | + |
406 | +echo "Uploading default SSH key" |
407 | |
408 | #Upload a default SSH key |
409 | -nova keypair-add --pub-key ~/.ssh/id_rsa.pub default |
410 | - |
411 | -#Remove the m1.tiny as it is too small for Ubuntu. |
412 | -nova flavor-delete m1.tiny |
413 | -nova flavor-delete m1.xlarge |
414 | +nova keypair-list | grep default > /dev/null 2>&1 || nova keypair-add --pub-key ~/.ssh/id_rsa.pub default > /dev/null 2>&1 |
415 | + |
416 | +echo "Modifying the flavors to be better sized for the Orange Box" |
417 | + |
418 | +#Modify the flavours to fit better on the OB |
419 | +#nova flavor-create FLAVOR_NAME FLAVOR_ID RAM_IN_MB ROOT_DISK_IN_GB NUMBER_OF_VCPUS |
420 | +nova flavor-delete m1.tiny > /dev/null 2>&1 |
421 | +nova flavor-delete m1.small > /dev/null 2>&1 |
422 | +nova flavor-delete m1.medium > /dev/null 2>&1 |
423 | +nova flavor-delete m1.large > /dev/null 2>&1 |
424 | +nova flavor-delete m1.xlarge > /dev/null 2>&1 |
425 | +nova flavor-create --is-public true m1.tiny auto 512 5 1 > /dev/null 2>&1 |
426 | +nova flavor-create --is-public true m1.small auto 1024 10 1 > /dev/null 2>&1 |
427 | +nova flavor-create --is-public true m1.medium auto 2048 10 2 > /dev/null 2>&1 |
428 | +nova flavor-create --is-public true m1.large auto 3072 10 2 > /dev/null 2>&1 |
429 | +## need extra for windows image (15g) |
430 | +nova flavor-create --is-public true m1.xlarge auto 8096 30 4 > /dev/null 2>&1 |
431 | + |
432 | +echo "modifying default quotas for admin user" |
433 | |
434 | #Modify quotas for the tenant to allow large deployments |
435 | -nova quota-update --instances 100 $TENANT_ID |
436 | -nova quota-update --cores 200 $TENANT_ID |
437 | -nova quota-update --ram 204800 $TENANT_ID |
438 | -nova quota-update --security-groups 200 $TENANT_ID |
439 | +nova quota-update --instances 400 $TENANT_ID |
440 | +nova quota-update --cores 800 $TENANT_ID |
441 | +nova quota-update --ram 404800 $TENANT_ID |
442 | +nova quota-update --security-groups 4000 $TENANT_ID |
443 | +nova quota-update --floating_ips -1 $TENANT_ID |
444 | +nova quota-update --security-group-rules -1 $TENANT_ID |
445 | + |
446 | +### need to find how to change quota for the project not the tenant |
447 | + |
448 | +### modify default quota the same way.. |
449 | +nova quota-class-update --instances 400 $TENANT_ID |
450 | +nova quota-class-update --cores 800 $TENANT_ID |
451 | +nova quota-class-update --ram 404800 $TENANT_ID |
452 | +nova quota-class-update --security-groups 4000 $TENANT_ID |
453 | +nova quota-class-update --floating_ips -1 $TENANT_ID |
454 | +nova quota-class-update --security-group-rules -1 $TENANT_ID |
455 | + |
456 | +echo "Uploading images to glance" |
457 | |
458 | #Upload images to glance |
459 | -glance add name="Precise x86_64" is_public=true container_format=ovf disk_format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img |
460 | -glance add name="Trusty x86_64" is_public=true container_format=ovf disk_format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img |
461 | -#glance add name="CentOS 6.4" is_public=true container_format=bare disk_format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img |
462 | -#glance add name="Cirros 0.3" is_public=true container_format=bare disk_format=qcow2 < /srv/data/cirros-0.3.2-x86_64-disk.img |
463 | -##glance add name="Windows Server 2012" is_public=true container_format=bare disk_format=qcow2 < /srv/data/windows_server_2012_r2_standard_eval_kvm_20140607.qcow2 & |
464 | +glance image-show "Precise x86_64" > /dev/null 2>&1 || glance image-create --name="Precise x86_64" --is-public=true --container-format=ovf --disk-format=qcow2 < /srv/data/precise-server-cloudimg-amd64-disk1.img |
465 | +glance image-show "Trusty x86_64" > /dev/null 2>&1 || glance image-create --name="Trusty x86_64" --is-public=true --container-format=ovf --disk-format=qcow2 < /srv/data/trusty-server-cloudimg-amd64-disk1.img |
466 | +glance image-show "Xenial x86_64" > /dev/null 2>&1 || glance image-create --name="Xenial x86_64" --is-public=true --container-format=ovf --disk-format=qcow2 < /srv/data/xenial-server-cloudimg-amd64-disk1.img |
467 | + |
468 | +glance image-show "CentOS 6.4" > /dev/null 2>&1 || glance image-create --name="CentOS 6.4" --is-public=true --container-format=bare --disk-format=qcow2 < /srv/data/centos6.4-x86_64-gold-master.img |
469 | +glance image-show "Cirros 0.3" > /dev/null 2>&1 || glance image-create --name="Cirros 0.3" --is-public=true --container-format=bare --disk-format=qcow2 < /srv/data/cirros-0.3.2-x86_64-disk.img |
470 | +## image name is used by script to generate metadata .. don't screw the series |
471 | +glance image-show "win2012r2" > /dev/null 2>&1 || gzip -cd /srv/data/windows_server_2012_r2_standard_eval_kvm_20151021.qcow2.gz |glance image-create --name="Windows Server 2012" --is-public=true --container-format=bare --disk-format=qcow2 |
472 | + |
473 | |
474 | exit |
Noticed one thing on a quick overview:
openstack/ 01-deploy. sh:
+juju set-model-config cloudimg-base-url=http:// 172.27. 60.1/mirrors/ cloud-images. ubuntu. com/query
31
^static IP, I'm guessing you have OB60?
Note: for grabbing the cloud images from /srv/, definitely the way to go but would be nice to have a checksum check to ensure they were all downloaded properly the first time although testing one's setup would reveal this problem also.