Skip to content
GitLab
Explore
Sign in
Primary navigation
Search or go to…
Project
T
templates
Manage
Activity
Members
Labels
Plan
Issues
Issue boards
Milestones
Wiki
Code
Merge requests
Repository
Branches
Commits
Tags
Repository graph
Compare revisions
Snippets
Build
Pipelines
Jobs
Pipeline schedules
Artifacts
Deploy
Releases
Container Registry
Model registry
Operate
Environments
Monitor
Incidents
Analyze
Value stream analytics
Contributor analytics
CI/CD analytics
Repository analytics
Model experiments
Help
Help
Support
GitLab documentation
Compare GitLab plans
Community forum
Contribute to GitLab
Provide feedback
Keyboard shortcuts
?
Snippets
Groups
Projects
Show more breadcrumbs
cloud
federation
templates
Commits
681607c6
Commit
681607c6
authored
5 years ago
by
Matteo
Browse files
Options
Downloads
Patches
Plain Diff
20191126 Matteo: Add openstack initial setup script
parents
No related branches found
Branches containing commit
No related tags found
No related merge requests found
Changes
1
Hide whitespace changes
Inline
Side-by-side
Showing
1 changed file
openstack-initial-setup.sh
+165
-0
165 additions, 0 deletions
openstack-initial-setup.sh
with
165 additions
and
0 deletions
openstack-initial-setup.sh
0 → 100755
+
165
−
0
View file @
681607c6
#!/bin/bash
# Config
#
RCFILE
=
$1
set
-x
-e
if
[
!
-e
$RCFILE
]
then
echo
"RC file not found!
$RCFILE
"
exit
1
fi
source
$RCFILE
export
ADMIN_USER_DOMAIN_NAME
=
$OS_USER_DOMAIN_NAME
export
ADMIN_PROJECT_ID
=
$OS_PROJECT_ID
export
ADMIN_PROJECT_NAME
=
$OS_PROJECT_NAME
#export ADMIN_DOMAIN_NAME=$OS_DOMAIN_NAME
export
ADMIN_IDENTITY_API_VERSION
=
3
export
ADMIN_AUTH_VERSION
=
$OS_AUTH_VERSION
export
ADMIN_USERNAME
=
$OS_USERNAME
export
ADMIN_AUTH_URL
=
$OS_AUTH_URL
export
ADMIN_PASSWORD
=
$OS_PASSWORD
export
ADMIN_REGION_NAME
=
$OS_REGION_NAME
export
ADMIN_PROJECT_DOMAIN_ID
=
$OS_PROJECT_DOMAIN_ID
unset
OS_PROJECT_ID
unset
OS_REGION_NAME
unset
OS_USER_DOMAIN_NAME
unset
OS_PROJECT_NAME
unset
OS_AUTH_VERSION
unset
OS_IDENTITY_API_VERSION
unset
OS_PASSWORD
unset
OS_AUTH_URL
unset
OS_USERNAME
unset
OS_PROJECT_DOMAIN_NAME
unset
OS_PROJECT_DOMAIN_ID
#External network
#Eg.: EXT_SUBNET=90.147.152.32/27
EXT_SUBNET
=
"EXT_SUBNET_CIDR"
EXT_SUBNET_START
=
"EXT_SUBNET_POOL_START"
EXT_SUBNET_END
=
"EXT_SUBNET_POOL_END"
EXT_SUBNET_GW
=
"EXT_SUBNET_GW"
#Get this parameter with juju config neutron-api neutron-external-network
EXT_PHYSNET
=
"ext_net"
#Path of the public ssh key to import in openstack
KEY_PATH
=
"path/to/ssh_public_key"
#*****************************************************************
#Domain where users and projects will be created
USER_DOMAIN
=
"put user domain here"
#Name of the virtual router that will connect public and private network network
ROUTER_NAME
=
admin-router
#Name of the public network and subnets
EXT_NET
=
floating-ip
EXT_SUBNET_NAME
=
floating-ip-subnet
#Name and parameters of the private network that will be shared among projects
PRIV_NET
=
default
PRIV_SUBNET_NAME
=
default-subnet
PRIV_SUBNET
=
192.168.0.0/16
PRIV_SUBNET_DNS
=
193.206.158.1
PRIV_SUBNET_GW
=
192.168.0.1
PRIV_SUBNET_START
=
192.168.0.2
PRIV_SUBNET_END
=
192.168.255.254
#Credentials of a generical project administrator
PROJECT_NAME
=
"test"
USER_NAME
=
testadmin
USER_PASS
=
"put a strong password here"
ROLE_NAME
=
Admin
#Image
IMAGE_URL
=
http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
IMAGE_NAME
=
Cirros
#Flavor and ssh key
FLAVOR_NAME
=
m1.tiny
KEY_NAME
=
"put the name of ssh key here"
#Volume name
VOLUME_NAME
=
vol-test
#apt-get update
#apt-get install -y python3-openstackclient python-novaclient python-keystoneclient python-glanceclient python-neutronclient
#AUTH="--os-username=$OS_USERNAME --os-password=$OS_PASSWORD --os-tenant-name=$OS_TENANT_NAME --os-region-name=$OS_REGION_NAME --os-auth-url=$OS_AUTH_URL"
export
AUTH_v3
=
"--os-identity-api-version=3 --os-project-id=
$ADMIN_PROJECT_ID
--os-username=
$ADMIN_USERNAME
--os-user-domain-name=
$ADMIN_USER_DOMAIN_NAME
--os-password=
$ADMIN_PASSWORD
--os-region-name=
$ADMIN_REGION_NAME
--os-project-name=
$ADMIN_PROJECT_NAME
--os-project-domain-id=
$ADMIN_PROJECT_DOMAIN_ID
--os-auth-url=
$ADMIN_AUTH_URL
"
export
AUTH_v2
=
"--os-project-id=
$ADMIN_PROJECT_ID
--os-username=
$ADMIN_USERNAME
--os-user-domain-name=
$ADMIN_USER_DOMAIN_NAME
--os-password=
$ADMIN_PASSWORD
--os-region-name=
$ADMIN_REGION_NAME
--os-project-name=
$ADMIN_PROJECT_NAME
--os-auth-url=
$ADMIN_AUTH_URL
--os-project-domain-id=
$ADMIN_PROJECT_DOMAIN_ID
"
export
AUTH
=
$AUTH_v3
openstack
$AUTH_v3
endpoint list
#Create project and user
openstack
$AUTH_v3
domain create
$USER_DOMAIN
openstack
$AUTH_v3
project create
--domain
$USER_DOMAIN
--description
"Test Project"
$PROJECT_NAME
openstack
$AUTH_v3
user create
--domain
$USER_DOMAIN
--password
$USER_PASS
$USER_NAME
openstack
$AUTH_v3
role add
--user-domain
$USER_DOMAIN
--project
$PROJECT_NAME
--user
$USER_NAME
$ROLE_NAME
#Create external network
openstack
$AUTH_v3
network create
--share
--external
--default
--provider-network-type
flat
--provider-physical-network
$EXT_PHYSNET
$EXT_NET
openstack
$AUTH_v3
subnet create
--network
$EXT_NET
--no-dhcp
--gateway
$EXT_SUBNET_GW
--subnet-range
$EXT_SUBNET
--allocation-pool
start
=
$EXT_SUBNET_START
,end
=
$EXT_SUBNET_END
$EXT_SUBNET_NAME
#Create default network
openstack
$AUTH_v3
network create
--share
--internal
$PRIV_NET
openstack
$AUTH_v3
subnet create
--network
$PRIV_NET
--dhcp
--gateway
$PRIV_SUBNET_GW
--subnet-range
$PRIV_SUBNET
--dns-nameserver
$PRIV_SUBNET_DNS
--allocation-pool
start
=
$PRIV_SUBNET_START
,end
=
$PRIV_SUBNET_END
$PRIV_SUBNET_NAME
openstack
$AUTH_v3
router create
$ROUTER_NAME
openstack
$AUTH_v3
router
set
--external-gateway
$EXT_NET
$ROUTER_NAME
openstack
$AUTH_v3
router add subnet
$ROUTER_NAME
$PRIV_SUBNET_NAME
openstack
$AUTH_v3
router show
$ROUTER_NAME
#Create test flavor
openstack
$AUTH_v3
flavor create
--vcpus
1
--ram
1024
--disk
10
--public
$FLAVOR_NAME
#Import ssh key
openstack
$AUTH_v3
keypair create
--public-key
$KEY_PATH
$KEY_NAME
unset
OS_PROJECT_ID
#From this point on we use the 'testadmin' credentials to upload an image and create the first virtual machine
export
USER_AUTH
=
"--os-username=
$USER_NAME
--os-user-domain-name=
$USER_DOMAIN
--os-password=
$USER_PASS
--os-project-name=
$PROJECT_NAME
--os-project-domain-name=
$USER_DOMAIN
--os-region-name=
$ADMIN_REGION_NAME
--os-auth-url=
$ADMIN_AUTH_URL
"
#Create image
mkdir
-p
~/images
wget
-O
~/images/
$IMAGE_NAME
.img
$IMAGE_URL
openstack
$USER_AUTH
image create
--public
--file
~/images/
$IMAGE_NAME
.img
--container-format
=
bare
--disk-format
=
qcow2
--public
$IMAGE_NAME
DEFGROUP
=
`
openstack
$USER_AUTH
security group list
--project
$PROJECT_NAME
-c
ID
-f
value
`
#Create server
openstack
$USER_AUTH
server create
--flavor
$FLAVOR_NAME
--image
$IMAGE_NAME
--network
$PRIV_NET
--security-group
$DEFGROUP
--key-name
$KEY_NAME
test-instance1
#Crete volume
openstack
$USER_AUTH
volume create
$VOLUME_NAME
--size
8
#Create security group rule to allow ping in the default security group attached to the machine
openstack
$USER_AUTH
security group rule create
--protocol
icmp
$DEFGROUP
#Create floating ip
openstack
$USER_AUTH
ip floating create
$EXT_NET
#TO DO: attach floating ip to the server and try to ping
\ No newline at end of file
This diff is collapsed.
Click to expand it.
Preview
0%
Loading
Try again
or
attach a new file
.
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Save comment
Cancel
Please
register
or
sign in
to comment
