stark, steven | 6754bc1 | 2019-09-19 15:43:00 -0700 | [diff] [blame] | 1 | #!/bin/bash |
| 2 | # Copyright 2019 AT&T Intellectual Property. All rights reserved. |
| 3 | # |
| 4 | # Licensed under the Apache License, Version 2.0 (the "License"); |
| 5 | # you may not use this file except in compliance with the License. |
| 6 | # You may obtain a copy of the License at |
| 7 | # |
| 8 | # http://www.apache.org/licenses/LICENSE-2.0 |
| 9 | # |
| 10 | # Unless required by applicable law or agreed to in writing, software |
| 11 | # distributed under the License is distributed on an "AS IS" BASIS, |
| 12 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 13 | # See the License for the specific language governing permissions and |
| 14 | # limitations under the License. |
| 15 | |
| 16 | DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )" |
| 17 | NO_PROMPT=0 |
| 18 | RANDOM_PREFIX="ONAP" |
| 19 | RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4` |
| 20 | |
| 21 | DEVSTACK_RG= |
| 22 | DEVSTACK_LOCATION= |
| 23 | PUBLIC_KEY= |
| 24 | DEVSTACK_NAME= |
| 25 | DEVSTACK_VM_SIZE= |
| 26 | SUBNET_CIDR= |
| 27 | ADMIN_USER= |
| 28 | BUILD_DIR= |
| 29 | DEVSTACK_VNET_NAME= |
| 30 | USER_PUBLIC_IP_PREFIX= |
| 31 | DEVSTACK_PRIVATE_IP= |
| 32 | DEVSTACK_SUBNET_NAME= |
| 33 | DEVSTACK_DISK_SIZE= |
| 34 | OPENSTACK_USER= |
| 35 | OPENSTACK_PASS= |
| 36 | OS_PROJECT_NAME= |
| 37 | IMAGE_LIST= |
| 38 | |
| 39 | function check_required_parameter() { |
| 40 | # arg1 = parameter |
| 41 | # arg2 = parameter name |
| 42 | if [ -z "$1" ]; then |
| 43 | echo "$2 was not was provided. This parameter is required." |
| 44 | exit 1 |
| 45 | fi |
| 46 | } |
| 47 | |
| 48 | function check_optional_paramater() { |
| 49 | # arg1 = parameter |
| 50 | # arg2 = parameter name |
| 51 | if [ -z "$1" ]; then |
| 52 | echo "$2" |
| 53 | else |
| 54 | echo "$1" |
| 55 | fi |
| 56 | } |
| 57 | |
| 58 | |
| 59 | while test $# -gt 0; do |
| 60 | case "$1" in |
| 61 | -h|--help) |
| 62 | echo "./create_devstack.sh [options]" |
| 63 | echo " " |
| 64 | echo " " |
| 65 | echo "required:" |
| 66 | echo "--public-key public key to add for admin user [required]" |
| 67 | echo "--user-public-ip public ip that will be granted access to VM [required]" |
| 68 | echo "-l, --location location to deploy VM [required]" |
| 69 | echo "-u, --admin-user admin user to create on VM [required]" |
| 70 | echo " " |
| 71 | echo "additional options:" |
| 72 | echo "-f, --no-prompt executes with no prompt for confirmation" |
| 73 | echo "-h, --help provide brief overview of script" |
| 74 | echo "-n, --name VM name [optional]" |
| 75 | echo "-g, --resource-group provide brief overview of script [optional]" |
| 76 | echo "-s, --size Azure flavor size for VM [optional]" |
| 77 | echo "-c, --cidr cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range." |
| 78 | echo "-d, --directory directory to store cloud config data [optional]" |
| 79 | echo "--vnet-name name of Vnet to create for VM [optional]" |
| 80 | echo "--image-list space delimited list of image urls that will be added to devstack [optional]" |
| 81 | echo "--devstack-private-ip private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET." |
| 82 | echo "--devstack-subnet-name subnet name created on VNET [optional]" |
| 83 | echo "--devstack-disk-size size of OS disk to be allocated [optional]" |
| 84 | echo "--openstack-username default user name for openstack [optional]" |
| 85 | echo "--openstack-password default password for openstack [optional]" |
| 86 | echo "--openstack-tenant default tenant name for openstack [optional]" |
| 87 | echo "" |
| 88 | exit 0 |
| 89 | ;; |
| 90 | -f|--no-prompt) |
| 91 | shift |
| 92 | NO_PROMPT=1 |
| 93 | ;; |
| 94 | -n|--name) |
| 95 | shift |
| 96 | DEVSTACK_NAME=$1 |
| 97 | shift |
| 98 | ;; |
| 99 | -g|--resource-group) |
| 100 | shift |
| 101 | DEVSTACK_RG=$1 |
| 102 | shift |
| 103 | ;; |
| 104 | -s|--size) |
| 105 | shift |
| 106 | DEVSTACK_VM_SIZE=$1 |
| 107 | shift |
| 108 | ;; |
| 109 | -l|--location) |
| 110 | shift |
| 111 | DEVSTACK_LOCATION=$1 |
| 112 | shift |
| 113 | ;; |
| 114 | -c|--cidr) |
| 115 | shift |
| 116 | SUBNET_CIDR=$1 |
| 117 | shift |
| 118 | ;; |
| 119 | -u|--admin-user) |
| 120 | shift |
| 121 | ADMIN_USER=$1 |
| 122 | shift |
| 123 | ;; |
| 124 | -d|--directory) |
| 125 | shift |
| 126 | BUILD_DIR=$1 |
| 127 | shift |
| 128 | ;; |
| 129 | --vnet-name) |
| 130 | shift |
| 131 | DEVSTACK_VNET_NAME=$1 |
| 132 | shift |
| 133 | ;; |
| 134 | --image-list) |
| 135 | shift |
| 136 | IMAGE_LIST=$1 |
| 137 | shift |
| 138 | ;; |
| 139 | --public-key) |
| 140 | shift |
| 141 | PUBLIC_KEY=$1 |
| 142 | shift |
| 143 | ;; |
| 144 | --user-public-ip) |
| 145 | shift |
| 146 | USER_PUBLIC_IP_PREFIX=$1 |
| 147 | shift |
| 148 | ;; |
| 149 | --devstack-private-ip) |
| 150 | shift |
| 151 | DEVSTACK_PRIVATE_IP=$1 |
| 152 | shift |
| 153 | ;; |
| 154 | --devstack-subnet-name) |
| 155 | shift |
| 156 | DEVSTACK_SUBNET_NAME=$1 |
| 157 | shift |
| 158 | ;; |
| 159 | --devstack-disk-size) |
| 160 | shift |
| 161 | DEVSTACK_DISK_SIZE=$1 |
| 162 | shift |
| 163 | ;; |
| 164 | --openstack-username) |
| 165 | shift |
| 166 | OPENSTACK_USER=$1 |
| 167 | shift |
| 168 | ;; |
| 169 | --openstack-password) |
| 170 | shift |
| 171 | OPENSTACK_PASS=$1 |
| 172 | shift |
| 173 | ;; |
| 174 | --openstack-tenant) |
| 175 | shift |
| 176 | OS_PROJECT_NAME=$1 |
| 177 | shift |
| 178 | ;; |
| 179 | *) |
| 180 | echo "Unknown Argument $1. Try running with --help." |
| 181 | exit 0 |
| 182 | ;; |
| 183 | esac |
| 184 | done |
| 185 | |
| 186 | check_required_parameter "$ADMIN_USER" "--admin-user" |
| 187 | check_required_parameter "$PUBLIC_KEY" "--public-key" |
| 188 | check_required_parameter "$DEVSTACK_LOCATION" "--location" |
| 189 | check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip" |
| 190 | |
| 191 | DEVSTACK_RG=$(check_optional_paramater "$DEVSTACK_RG" $RANDOM_STRING"-DEVSTACKRG") |
| 192 | DEVSTACK_NAME=$(check_optional_paramater "$DEVSTACK_NAME" $RANDOM_STRING"-DEVSTACK") |
| 193 | DEVSTACK_VM_SIZE=$(check_optional_paramater "$DEVSTACK_VM_SIZE" "Standard_DS4_v2") |
| 194 | SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "173.0.0.0/24") |
| 195 | BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/devstack-$RANDOM_STRING) |
| 196 | DEVSTACK_VNET_NAME=$(check_optional_paramater "$DEVSTACK_VNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET") |
| 197 | DEVSTACK_PRIVATE_IP=$(check_optional_paramater "$DEVSTACK_PRIVATE_IP" "173.0.0.4") |
| 198 | DEVSTACK_SUBNET_NAME=$(check_optional_paramater "$DEVSTACK_SUBNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET-SUBNET") |
| 199 | DEVSTACK_DISK_SIZE=$(check_optional_paramater "$DEVSTACK_DISK_SIZE" "64") |
| 200 | OPENSTACK_USER=$(check_optional_paramater "$OPENSTACK_USER" "admin") |
| 201 | OPENSTACK_PASS=$(check_optional_paramater "$OPENSTACK_PASS" "secret") |
| 202 | OS_PROJECT_NAME=$(check_optional_paramater "$OS_PROJECT_NAME" "admin") |
| 203 | IMAGE_LIST=$(check_optional_paramater "$IMAGE_LIST" "") |
| 204 | |
| 205 | |
| 206 | if [ $NO_PROMPT = 0 ]; then |
| 207 | read -p "Would you like to proceed? [y/n]" -n 1 -r |
| 208 | echo " " |
| 209 | if [[ ! $REPLY =~ ^[Yy]$ ]] |
| 210 | then |
| 211 | exit 0 |
| 212 | fi |
| 213 | fi |
| 214 | |
| 215 | set -x |
| 216 | set -e |
| 217 | |
| 218 | # TODO |
| 219 | # This needs to be hardened |
| 220 | DEVSTACK_PRIVATE_GATEWAY=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/1/'` |
| 221 | DEVSTACK_ALLOCATION_START=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/10/'` |
| 222 | DEVSTACK_ALLOCATION_END=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/240/'` |
| 223 | |
| 224 | DATA_FILE=$BUILD_DIR/cloud-cfg-os.yaml |
| 225 | |
| 226 | if [ ! -d $BUILD_DIR ]; then |
| 227 | echo "running script standalone..." |
| 228 | mkdir -p "$BUILD_DIR" |
| 229 | fi |
| 230 | |
| 231 | $DIR/create_resource_group.sh "$DEVSTACK_RG" "$DEVSTACK_LOCATION" |
| 232 | |
| 233 | az network public-ip create --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --allocation-method Static |
| 234 | DEVSTACK_PUBLIC_IP=`az network public-ip show --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --query 'ipAddress' --output tsv` |
| 235 | |
| 236 | cat > $DATA_FILE <<EOF |
| 237 | #cloud-config |
| 238 | package_upgrade: true |
| 239 | packages: |
| 240 | - resolvconf |
stark, steven | 6f2913b | 2020-01-23 14:34:26 -0800 | [diff] [blame] | 241 | - python3-dev |
stark, steven | 6754bc1 | 2019-09-19 15:43:00 -0700 | [diff] [blame] | 242 | users: |
| 243 | - default |
| 244 | - name: stack |
| 245 | lock_passwd: False |
| 246 | sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"] |
| 247 | shell: /bin/bash |
| 248 | write_files: |
| 249 | - path: /home/stack/start.sh |
| 250 | permissions: 0755 |
| 251 | content: | |
| 252 | #!/bin/sh |
| 253 | DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy |
| 254 | DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git |
| 255 | sudo chown stack:stack /home/stack |
| 256 | cd /home/stack |
| 257 | git clone https://git.openstack.org/openstack-dev/devstack |
| 258 | cd devstack |
| 259 | cat > local.conf <<EOF |
| 260 | [[local|localrc]] |
| 261 | HOST_IP=$DEVSTACK_PRIVATE_IP |
| 262 | SERVICE_HOST=$DEVSTACK_PRIVATE_IP |
| 263 | MYSQL_HOST=$DEVSTACK_PRIVATE_IP |
| 264 | RABBIT_HOST=$DEVSTACK_PRIVATE_IP |
| 265 | GLANCE_HOSTPORT=$DEVSTACK_PRIVATE_IP:9292 |
| 266 | |
| 267 | ADMIN_PASSWORD="secret" |
| 268 | DATABASE_PASSWORD="secret" |
| 269 | RABBIT_PASSWORD="secret" |
| 270 | SERVICE_PASSWORD="secret" |
| 271 | |
| 272 | enable_service h-eng h-api h-api-cfn h-api-cw |
| 273 | disable_service tempest |
| 274 | |
| 275 | enable_plugin heat https://git.openstack.org/openstack/heat |
| 276 | enable_plugin heat-dashboard https://opendev.org/openstack/heat-dashboard |
| 277 | |
| 278 | ## Neutron options |
| 279 | Q_USE_SECGROUP=True |
| 280 | FLOATING_RANGE="$SUBNET_CIDR" |
| 281 | IPV4_ADDRS_SAFE_TO_USE="192.168.100.0/24" |
| 282 | Q_FLOATING_ALLOCATION_POOL=start=$DEVSTACK_ALLOCATION_START,end=$DEVSTACK_ALLOCATION_END |
| 283 | PUBLIC_NETWORK_GATEWAY="$DEVSTACK_PRIVATE_GATEWAY" |
| 284 | PUBLIC_INTERFACE=eth0 |
| 285 | |
| 286 | # Disable security groups |
| 287 | # Q_USE_SECGROUP=False |
| 288 | # LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver |
| 289 | |
| 290 | # Open vSwitch provider networking configuration |
| 291 | Q_USE_PROVIDERNET_FOR_PUBLIC=True |
| 292 | OVS_PHYSICAL_BRIDGE=br-ex |
| 293 | PUBLIC_BRIDGE=br-ex |
| 294 | OVS_BRIDGE_MAPPINGS=public:br-ex |
| 295 | |
stark, steven | 6f2913b | 2020-01-23 14:34:26 -0800 | [diff] [blame] | 296 | USE_PYTHON3=True |
| 297 | |
| 298 | [[post-config|/etc/nova/nova.conf]] |
stark, steven | 6754bc1 | 2019-09-19 15:43:00 -0700 | [diff] [blame] | 299 | |
| 300 | [libvirt] |
| 301 | cpu_mode = host-passthrough |
| 302 | |
| 303 | EOF |
| 304 | ./stack.sh |
| 305 | |
| 306 | source accrc/admin/admin |
| 307 | openstack project create --domain default --description "New Project" "$OS_PROJECT_NAME" |
| 308 | openstack user create --domain default --project "$OS_PROJECT_NAME" --password "$OPENSTACK_PASS" "$OPENSTACK_USER" |
| 309 | openstack role add --project "$OS_PROJECT_NAME" --user "$OPENSTACK_USER" admin |
| 310 | |
| 311 | openstack network set --disable-port-security public |
| 312 | openstack subnet set --dhcp public-subnet |
| 313 | openstack subnet set --dns-nameserver 8.8.4.4 public-subnet |
| 314 | openstack network set --share public |
| 315 | openstack network set --share private |
| 316 | |
| 317 | for image in `echo "$IMAGE_LIST"`; do |
| 318 | file_name=\`echo "\$image" | rev | cut -d "/" -f 1 | rev\` |
| 319 | image_name=\`echo "\$file_name" | rev | cut -d "." -f 2- | rev\` |
| 320 | wget -O /tmp/"\$file_name" "\$image" |
| 321 | openstack image create --disk-format qcow2 --public --file /tmp/"\$file_name" --property img_config_drive=mandatory "\$image_name" |
| 322 | done |
| 323 | |
| 324 | runcmd: |
| 325 | - echo "nameserver 8.8.4.4" >> /etc/resolvconf/resolv.conf.d/head |
| 326 | - echo "nameserver 8.8.8.8" >> /etc/resolvconf/resolv.conf.d/head |
| 327 | - service resolvconf restart |
| 328 | - su -l stack ./start.sh |
| 329 | - iptables -t nat -F POSTROUTING |
| 330 | - iptables -t nat -A POSTROUTING -o br-ex -j MASQUERADE |
| 331 | - iptables -t nat -A PREROUTING -d "$DEVSTACK_PUBLIC_IP" -j DNAT --to-destination $DEVSTACK_PRIVATE_IP |
| 332 | EOF |
| 333 | |
| 334 | DEVSTACK_IMAGE="UbuntuLTS" |
| 335 | DEVSTACK_SECURITY_GROUP=$DEVSTACK_NAME"-SG" |
| 336 | |
| 337 | az network nsg create --resource-group "$DEVSTACK_RG" \ |
| 338 | --name "$DEVSTACK_SECURITY_GROUP" |
| 339 | |
| 340 | $DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100" |
| 341 | $DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "80" "$USER_PUBLIC_IP_PREFIX" '*' '*' "HORIZON" "110" |
| 342 | |
| 343 | az vm create --name "$DEVSTACK_NAME" \ |
| 344 | --resource-group "$DEVSTACK_RG" \ |
| 345 | --size "$DEVSTACK_VM_SIZE" \ |
| 346 | --admin-username "$ADMIN_USER" \ |
| 347 | --ssh-key-value @"$PUBLIC_KEY" \ |
| 348 | --os-disk-size-gb "$DEVSTACK_DISK_SIZE" \ |
| 349 | --image "$DEVSTACK_IMAGE" \ |
| 350 | --location "$DEVSTACK_LOCATION" \ |
| 351 | --subnet-address-prefix "$SUBNET_CIDR" \ |
| 352 | --subnet "$DEVSTACK_SUBNET_NAME" \ |
| 353 | --vnet-address-prefix "$SUBNET_CIDR" \ |
| 354 | --vnet-name "$DEVSTACK_VNET_NAME" \ |
| 355 | --custom-data "$DATA_FILE" \ |
| 356 | --nsg "$DEVSTACK_SECURITY_GROUP" \ |
| 357 | --private-ip-address "$DEVSTACK_PRIVATE_IP" \ |
| 358 | --public-ip-address "DEVSTACK_PUBLIC_IP" |
| 359 | echo "" |
| 360 | |
| 361 | az network vnet subnet update --resource-group="$DEVSTACK_RG" \ |
| 362 | --name "$DEVSTACK_SUBNET_NAME" \ |
| 363 | --vnet-name "$DEVSTACK_VNET_NAME" \ |
| 364 | --network-security-group "$DEVSTACK_SECURITY_GROUP" |
| 365 | |
| 366 | DEVSTACK_NIC_ID=`az vm nic list --resource-group ${DEVSTACK_RG} --vm-name ${DEVSTACK_NAME} --query "[0] | id" --output tsv` |
| 367 | |
| 368 | ### Enabling IP Forwarding on DEVSTACK vnic ### |
| 369 | az network nic update --ids "$DEVSTACK_NIC_ID" --ip-forwarding |
| 370 | |