Gitiles
Code Review Sign In
gerrit.nordix.org / onap / integration / bd1c776bf4dffa24f739534573440c0a54e2776b / . / deployment / aks / create_devstack.sh
blob: 87c76a1a86c6a50860e182ea2f4375189c6e9226 [file] [log] [blame]
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]1#!/bin/bash
2# Copyright 2019 AT&T Intellectual Property. All rights reserved.
3#
4# Licensed under the Apache License, Version 2.0 (the "License");
5# you may not use this file except in compliance with the License.
6# You may obtain a copy of the License at
7#
8# http://www.apache.org/licenses/LICENSE-2.0
9#
10# Unless required by applicable law or agreed to in writing, software
11# distributed under the License is distributed on an "AS IS" BASIS,
12# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13# See the License for the specific language governing permissions and
14# limitations under the License.
15
16DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
17NO_PROMPT=0
18RANDOM_PREFIX="ONAP"
19RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4`
20
21DEVSTACK_RG=
22DEVSTACK_LOCATION=
23PUBLIC_KEY=
24DEVSTACK_NAME=
25DEVSTACK_VM_SIZE=
26SUBNET_CIDR=
27ADMIN_USER=
28BUILD_DIR=
29DEVSTACK_VNET_NAME=
30USER_PUBLIC_IP_PREFIX=
31DEVSTACK_PRIVATE_IP=
32DEVSTACK_SUBNET_NAME=
33DEVSTACK_DISK_SIZE=
34OPENSTACK_USER=
35OPENSTACK_PASS=
36OS_PROJECT_NAME=
37IMAGE_LIST=
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]38DEVSTACK_BRANCH=
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]39
40function check_required_parameter() {
41 # arg1 = parameter
42 # arg2 = parameter name
43 if [ -z "$1" ]; then
44 echo "$2 was not was provided. This parameter is required."
45 exit 1
46 fi
47}
48
49function check_optional_paramater() {
50 # arg1 = parameter
51 # arg2 = parameter name
52 if [ -z "$1" ]; then
53 echo "$2"
54 else
55 echo "$1"
56 fi
57}
58
59
60while test $# -gt 0; do
61 case "$1" in
62 -h|--help)
63 echo "./create_devstack.sh [options]"
64 echo " "
65 echo " "
66 echo "required:"
67 echo "--public-key public key to add for admin user [required]"
68 echo "--user-public-ip public ip that will be granted access to VM [required]"
69 echo "-l, --location location to deploy VM [required]"
70 echo "-u, --admin-user admin user to create on VM [required]"
71 echo " "
72 echo "additional options:"
73 echo "-f, --no-prompt executes with no prompt for confirmation"
74 echo "-h, --help provide brief overview of script"
75 echo "-n, --name VM name [optional]"
76 echo "-g, --resource-group provide brief overview of script [optional]"
77 echo "-s, --size Azure flavor size for VM [optional]"
78 echo "-c, --cidr cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range."
79 echo "-d, --directory directory to store cloud config data [optional]"
80 echo "--vnet-name name of Vnet to create for VM [optional]"
81 echo "--image-list space delimited list of image urls that will be added to devstack [optional]"
82 echo "--devstack-private-ip private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET."
83 echo "--devstack-subnet-name subnet name created on VNET [optional]"
84 echo "--devstack-disk-size size of OS disk to be allocated [optional]"
85 echo "--openstack-username default user name for openstack [optional]"
86 echo "--openstack-password default password for openstack [optional]"
87 echo "--openstack-tenant default tenant name for openstack [optional]"
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]88 echo "--devstack-branch branch to use for devstack install [optional]"
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]89 echo ""
90 exit 0
91 ;;
92 -f|--no-prompt)
93 shift
94 NO_PROMPT=1
95 ;;
96 -n|--name)
97 shift
98 DEVSTACK_NAME=$1
99 shift
100 ;;
101 -g|--resource-group)
102 shift
103 DEVSTACK_RG=$1
104 shift
105 ;;
106 -s|--size)
107 shift
108 DEVSTACK_VM_SIZE=$1
109 shift
110 ;;
111 -l|--location)
112 shift
113 DEVSTACK_LOCATION=$1
114 shift
115 ;;
116 -c|--cidr)
117 shift
118 SUBNET_CIDR=$1
119 shift
120 ;;
121 -u|--admin-user)
122 shift
123 ADMIN_USER=$1
124 shift
125 ;;
126 -d|--directory)
127 shift
128 BUILD_DIR=$1
129 shift
130 ;;
131 --vnet-name)
132 shift
133 DEVSTACK_VNET_NAME=$1
134 shift
135 ;;
136 --image-list)
137 shift
138 IMAGE_LIST=$1
139 shift
140 ;;
141 --public-key)
142 shift
143 PUBLIC_KEY=$1
144 shift
145 ;;
146 --user-public-ip)
147 shift
148 USER_PUBLIC_IP_PREFIX=$1
149 shift
150 ;;
151 --devstack-private-ip)
152 shift
153 DEVSTACK_PRIVATE_IP=$1
154 shift
155 ;;
156 --devstack-subnet-name)
157 shift
158 DEVSTACK_SUBNET_NAME=$1
159 shift
160 ;;
161 --devstack-disk-size)
162 shift
163 DEVSTACK_DISK_SIZE=$1
164 shift
165 ;;
166 --openstack-username)
167 shift
168 OPENSTACK_USER=$1
169 shift
170 ;;
171 --openstack-password)
172 shift
173 OPENSTACK_PASS=$1
174 shift
175 ;;
176 --openstack-tenant)
177 shift
178 OS_PROJECT_NAME=$1
179 shift
180 ;;
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]181 --devstack-branch)
182 shift
183 DEVSTACK_BRANCH=$1
184 shift
185 ;;
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]186 *)
187 echo "Unknown Argument $1. Try running with --help."
188 exit 0
189 ;;
190 esac
191done
192
193check_required_parameter "$ADMIN_USER" "--admin-user"
194check_required_parameter "$PUBLIC_KEY" "--public-key"
195check_required_parameter "$DEVSTACK_LOCATION" "--location"
196check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip"
197
198DEVSTACK_RG=$(check_optional_paramater "$DEVSTACK_RG" $RANDOM_STRING"-DEVSTACKRG")
199DEVSTACK_NAME=$(check_optional_paramater "$DEVSTACK_NAME" $RANDOM_STRING"-DEVSTACK")
200DEVSTACK_VM_SIZE=$(check_optional_paramater "$DEVSTACK_VM_SIZE" "Standard_DS4_v2")
201SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "173.0.0.0/24")
202BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/devstack-$RANDOM_STRING)
203DEVSTACK_VNET_NAME=$(check_optional_paramater "$DEVSTACK_VNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET")
204DEVSTACK_PRIVATE_IP=$(check_optional_paramater "$DEVSTACK_PRIVATE_IP" "173.0.0.4")
205DEVSTACK_SUBNET_NAME=$(check_optional_paramater "$DEVSTACK_SUBNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET-SUBNET")
206DEVSTACK_DISK_SIZE=$(check_optional_paramater "$DEVSTACK_DISK_SIZE" "64")
207OPENSTACK_USER=$(check_optional_paramater "$OPENSTACK_USER" "admin")
208OPENSTACK_PASS=$(check_optional_paramater "$OPENSTACK_PASS" "secret")
209OS_PROJECT_NAME=$(check_optional_paramater "$OS_PROJECT_NAME" "admin")
210IMAGE_LIST=$(check_optional_paramater "$IMAGE_LIST" "")
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]211DEVSTACK_BRANCH=$(check_optional_paramater "$DEVSTACK_BRANCH" "master")
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]212
213if [ $NO_PROMPT = 0 ]; then
214 read -p "Would you like to proceed? [y/n]" -n 1 -r
215 echo " "
216 if [[ ! $REPLY =~ ^[Yy]$ ]]
217 then
218 exit 0
219 fi
220fi
221
222set -x
223set -e
224
225# TODO
226# This needs to be hardened
227DEVSTACK_PRIVATE_GATEWAY=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/1/'`
228DEVSTACK_ALLOCATION_START=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/10/'`
229DEVSTACK_ALLOCATION_END=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/240/'`
230
231DATA_FILE=$BUILD_DIR/cloud-cfg-os.yaml
232
233if [ ! -d $BUILD_DIR ]; then
234 echo "running script standalone..."
235 mkdir -p "$BUILD_DIR"
236fi
237
238$DIR/create_resource_group.sh "$DEVSTACK_RG" "$DEVSTACK_LOCATION"
239
240az network public-ip create --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --allocation-method Static
241DEVSTACK_PUBLIC_IP=`az network public-ip show --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --query 'ipAddress' --output tsv`
242
243cat > $DATA_FILE <<EOF
244#cloud-config
245package_upgrade: true
246packages:
247 - resolvconf
stark, steven6f2913b2020-01-23 14:34:26 -0800[diff] [blame]248 - python3-dev
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]249users:
250 - default
251 - name: stack
252 lock_passwd: False
253 sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"]
254 shell: /bin/bash
255write_files:
256 - path: /home/stack/start.sh
257 permissions: 0755
258 content: |
259 #!/bin/sh
260 DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy
261 DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git
262 sudo chown stack:stack /home/stack
263 cd /home/stack
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]264 git clone -b $DEVSTACK_BRANCH https://git.openstack.org/openstack-dev/devstack
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]265 cd devstack
266 cat > local.conf <<EOF
267 [[local|localrc]]
268 HOST_IP=$DEVSTACK_PRIVATE_IP
269 SERVICE_HOST=$DEVSTACK_PRIVATE_IP
270 MYSQL_HOST=$DEVSTACK_PRIVATE_IP
271 RABBIT_HOST=$DEVSTACK_PRIVATE_IP
272 GLANCE_HOSTPORT=$DEVSTACK_PRIVATE_IP:9292
273
274 ADMIN_PASSWORD="secret"
275 DATABASE_PASSWORD="secret"
276 RABBIT_PASSWORD="secret"
277 SERVICE_PASSWORD="secret"
278
279 enable_service h-eng h-api h-api-cfn h-api-cw
280 disable_service tempest
281
stark, steven0e111712020-01-29 17:01:48 -0800[diff] [blame]282 enable_plugin heat https://git.openstack.org/openstack/heat $DEVSTACK_BRANCH
283 enable_plugin heat-dashboard https://opendev.org/openstack/heat-dashboard $DEVSTACK_BRANCH
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]284
285 ## Neutron options
286 Q_USE_SECGROUP=True
287 FLOATING_RANGE="$SUBNET_CIDR"
288 IPV4_ADDRS_SAFE_TO_USE="192.168.100.0/24"
289 Q_FLOATING_ALLOCATION_POOL=start=$DEVSTACK_ALLOCATION_START,end=$DEVSTACK_ALLOCATION_END
290 PUBLIC_NETWORK_GATEWAY="$DEVSTACK_PRIVATE_GATEWAY"
291 PUBLIC_INTERFACE=eth0
292
293 # Disable security groups
294 # Q_USE_SECGROUP=False
295 # LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver
296
297 # Open vSwitch provider networking configuration
298 Q_USE_PROVIDERNET_FOR_PUBLIC=True
299 OVS_PHYSICAL_BRIDGE=br-ex
300 PUBLIC_BRIDGE=br-ex
301 OVS_BRIDGE_MAPPINGS=public:br-ex
302
stark, steven6f2913b2020-01-23 14:34:26 -0800[diff] [blame]303 USE_PYTHON3=True
304
305 [[post-config|/etc/nova/nova.conf]]
stark, steven6754bc12019-09-19 15:43:00 -0700[diff] [blame]306
307 [libvirt]
308 cpu_mode = host-passthrough
309
310 EOF
311 ./stack.sh
312
313 source accrc/admin/admin
314 openstack project create --domain default --description "New Project" "$OS_PROJECT_NAME"
315 openstack user create --domain default --project "$OS_PROJECT_NAME" --password "$OPENSTACK_PASS" "$OPENSTACK_USER"
316 openstack role add --project "$OS_PROJECT_NAME" --user "$OPENSTACK_USER" admin
317
318 openstack network set --disable-port-security public
319 openstack subnet set --dhcp public-subnet
320 openstack subnet set --dns-nameserver 8.8.4.4 public-subnet
321 openstack network set --share public
322 openstack network set --share private
323
324 for image in `echo "$IMAGE_LIST"`; do
325 file_name=\`echo "\$image" | rev | cut -d "/" -f 1 | rev\`
326 image_name=\`echo "\$file_name" | rev | cut -d "." -f 2- | rev\`
327 wget -O /tmp/"\$file_name" "\$image"
328 openstack image create --disk-format qcow2 --public --file /tmp/"\$file_name" --property img_config_drive=mandatory "\$image_name"
329 done
330
331runcmd:
332 - echo "nameserver 8.8.4.4" >> /etc/resolvconf/resolv.conf.d/head
333 - echo "nameserver 8.8.8.8" >> /etc/resolvconf/resolv.conf.d/head
334 - service resolvconf restart
335 - su -l stack ./start.sh
336 - iptables -t nat -F POSTROUTING
337 - iptables -t nat -A POSTROUTING -o br-ex -j MASQUERADE
338 - iptables -t nat -A PREROUTING -d "$DEVSTACK_PUBLIC_IP" -j DNAT --to-destination $DEVSTACK_PRIVATE_IP
339EOF
340
341DEVSTACK_IMAGE="UbuntuLTS"
342DEVSTACK_SECURITY_GROUP=$DEVSTACK_NAME"-SG"
343
344az network nsg create --resource-group "$DEVSTACK_RG" \
345 --name "$DEVSTACK_SECURITY_GROUP"
346
347$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100"
348$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "80" "$USER_PUBLIC_IP_PREFIX" '*' '*' "HORIZON" "110"
349
350az vm create --name "$DEVSTACK_NAME" \
351 --resource-group "$DEVSTACK_RG" \
352 --size "$DEVSTACK_VM_SIZE" \
353 --admin-username "$ADMIN_USER" \
354 --ssh-key-value @"$PUBLIC_KEY" \
355 --os-disk-size-gb "$DEVSTACK_DISK_SIZE" \
356 --image "$DEVSTACK_IMAGE" \
357 --location "$DEVSTACK_LOCATION" \
358 --subnet-address-prefix "$SUBNET_CIDR" \
359 --subnet "$DEVSTACK_SUBNET_NAME" \
360 --vnet-address-prefix "$SUBNET_CIDR" \
361 --vnet-name "$DEVSTACK_VNET_NAME" \
362 --custom-data "$DATA_FILE" \
363 --nsg "$DEVSTACK_SECURITY_GROUP" \
364 --private-ip-address "$DEVSTACK_PRIVATE_IP" \
365 --public-ip-address "DEVSTACK_PUBLIC_IP"
366echo ""
367
368az network vnet subnet update --resource-group="$DEVSTACK_RG" \
369 --name "$DEVSTACK_SUBNET_NAME" \
370 --vnet-name "$DEVSTACK_VNET_NAME" \
371 --network-security-group "$DEVSTACK_SECURITY_GROUP"
372
373DEVSTACK_NIC_ID=`az vm nic list --resource-group ${DEVSTACK_RG} --vm-name ${DEVSTACK_NAME} --query "[0] | id" --output tsv`
374
375### Enabling IP Forwarding on DEVSTACK vnic ###
376az network nic update --ids "$DEVSTACK_NIC_ID" --ip-forwarding