aboutsummaryrefslogtreecommitdiffstats
path: root/deployment/aks/create_devstack.sh
diff options
context:
space:
mode:
Diffstat (limited to 'deployment/aks/create_devstack.sh')
-rwxr-xr-xdeployment/aks/create_devstack.sh367
1 files changed, 367 insertions, 0 deletions
diff --git a/deployment/aks/create_devstack.sh b/deployment/aks/create_devstack.sh
new file mode 100755
index 000000000..fc136f00a
--- /dev/null
+++ b/deployment/aks/create_devstack.sh
@@ -0,0 +1,367 @@
+#!/bin/bash
+# Copyright 2019 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+# http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+NO_PROMPT=0
+RANDOM_PREFIX="ONAP"
+RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4`
+
+DEVSTACK_RG=
+DEVSTACK_LOCATION=
+PUBLIC_KEY=
+DEVSTACK_NAME=
+DEVSTACK_VM_SIZE=
+SUBNET_CIDR=
+ADMIN_USER=
+BUILD_DIR=
+DEVSTACK_VNET_NAME=
+USER_PUBLIC_IP_PREFIX=
+DEVSTACK_PRIVATE_IP=
+DEVSTACK_SUBNET_NAME=
+DEVSTACK_DISK_SIZE=
+OPENSTACK_USER=
+OPENSTACK_PASS=
+OS_PROJECT_NAME=
+IMAGE_LIST=
+
+function check_required_parameter() {
+ # arg1 = parameter
+ # arg2 = parameter name
+ if [ -z "$1" ]; then
+ echo "$2 was not was provided. This parameter is required."
+ exit 1
+ fi
+}
+
+function check_optional_paramater() {
+ # arg1 = parameter
+ # arg2 = parameter name
+ if [ -z "$1" ]; then
+ echo "$2"
+ else
+ echo "$1"
+ fi
+}
+
+
+while test $# -gt 0; do
+ case "$1" in
+ -h|--help)
+ echo "./create_devstack.sh [options]"
+ echo " "
+ echo " "
+ echo "required:"
+ echo "--public-key public key to add for admin user [required]"
+ echo "--user-public-ip public ip that will be granted access to VM [required]"
+ echo "-l, --location location to deploy VM [required]"
+ echo "-u, --admin-user admin user to create on VM [required]"
+ echo " "
+ echo "additional options:"
+ echo "-f, --no-prompt executes with no prompt for confirmation"
+ echo "-h, --help provide brief overview of script"
+ echo "-n, --name VM name [optional]"
+ echo "-g, --resource-group provide brief overview of script [optional]"
+ echo "-s, --size Azure flavor size for VM [optional]"
+ echo "-c, --cidr cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range."
+ echo "-d, --directory directory to store cloud config data [optional]"
+ echo "--vnet-name name of Vnet to create for VM [optional]"
+ echo "--image-list space delimited list of image urls that will be added to devstack [optional]"
+ echo "--devstack-private-ip private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET."
+ echo "--devstack-subnet-name subnet name created on VNET [optional]"
+ echo "--devstack-disk-size size of OS disk to be allocated [optional]"
+ echo "--openstack-username default user name for openstack [optional]"
+ echo "--openstack-password default password for openstack [optional]"
+ echo "--openstack-tenant default tenant name for openstack [optional]"
+ echo ""
+ exit 0
+ ;;
+ -f|--no-prompt)
+ shift
+ NO_PROMPT=1
+ ;;
+ -n|--name)
+ shift
+ DEVSTACK_NAME=$1
+ shift
+ ;;
+ -g|--resource-group)
+ shift
+ DEVSTACK_RG=$1
+ shift
+ ;;
+ -s|--size)
+ shift
+ DEVSTACK_VM_SIZE=$1
+ shift
+ ;;
+ -l|--location)
+ shift
+ DEVSTACK_LOCATION=$1
+ shift
+ ;;
+ -c|--cidr)
+ shift
+ SUBNET_CIDR=$1
+ shift
+ ;;
+ -u|--admin-user)
+ shift
+ ADMIN_USER=$1
+ shift
+ ;;
+ -d|--directory)
+ shift
+ BUILD_DIR=$1
+ shift
+ ;;
+ --vnet-name)
+ shift
+ DEVSTACK_VNET_NAME=$1
+ shift
+ ;;
+ --image-list)
+ shift
+ IMAGE_LIST=$1
+ shift
+ ;;
+ --public-key)
+ shift
+ PUBLIC_KEY=$1
+ shift
+ ;;
+ --user-public-ip)
+ shift
+ USER_PUBLIC_IP_PREFIX=$1
+ shift
+ ;;
+ --devstack-private-ip)
+ shift
+ DEVSTACK_PRIVATE_IP=$1
+ shift
+ ;;
+ --devstack-subnet-name)
+ shift
+ DEVSTACK_SUBNET_NAME=$1
+ shift
+ ;;
+ --devstack-disk-size)
+ shift
+ DEVSTACK_DISK_SIZE=$1
+ shift
+ ;;
+ --openstack-username)
+ shift
+ OPENSTACK_USER=$1
+ shift
+ ;;
+ --openstack-password)
+ shift
+ OPENSTACK_PASS=$1
+ shift
+ ;;
+ --openstack-tenant)
+ shift
+ OS_PROJECT_NAME=$1
+ shift
+ ;;
+ *)
+ echo "Unknown Argument $1. Try running with --help."
+ exit 0
+ ;;
+ esac
+done
+
+check_required_parameter "$ADMIN_USER" "--admin-user"
+check_required_parameter "$PUBLIC_KEY" "--public-key"
+check_required_parameter "$DEVSTACK_LOCATION" "--location"
+check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip"
+
+DEVSTACK_RG=$(check_optional_paramater "$DEVSTACK_RG" $RANDOM_STRING"-DEVSTACKRG")
+DEVSTACK_NAME=$(check_optional_paramater "$DEVSTACK_NAME" $RANDOM_STRING"-DEVSTACK")
+DEVSTACK_VM_SIZE=$(check_optional_paramater "$DEVSTACK_VM_SIZE" "Standard_DS4_v2")
+SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "173.0.0.0/24")
+BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/devstack-$RANDOM_STRING)
+DEVSTACK_VNET_NAME=$(check_optional_paramater "$DEVSTACK_VNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET")
+DEVSTACK_PRIVATE_IP=$(check_optional_paramater "$DEVSTACK_PRIVATE_IP" "173.0.0.4")
+DEVSTACK_SUBNET_NAME=$(check_optional_paramater "$DEVSTACK_SUBNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET-SUBNET")
+DEVSTACK_DISK_SIZE=$(check_optional_paramater "$DEVSTACK_DISK_SIZE" "64")
+OPENSTACK_USER=$(check_optional_paramater "$OPENSTACK_USER" "admin")
+OPENSTACK_PASS=$(check_optional_paramater "$OPENSTACK_PASS" "secret")
+OS_PROJECT_NAME=$(check_optional_paramater "$OS_PROJECT_NAME" "admin")
+IMAGE_LIST=$(check_optional_paramater "$IMAGE_LIST" "")
+
+
+if [ $NO_PROMPT = 0 ]; then
+ read -p "Would you like to proceed? [y/n]" -n 1 -r
+ echo " "
+ if [[ ! $REPLY =~ ^[Yy]$ ]]
+ then
+ exit 0
+ fi
+fi
+
+set -x
+set -e
+
+# TODO
+# This needs to be hardened
+DEVSTACK_PRIVATE_GATEWAY=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/1/'`
+DEVSTACK_ALLOCATION_START=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/10/'`
+DEVSTACK_ALLOCATION_END=`echo $DEVSTACK_PRIVATE_IP | sed 's/.$/240/'`
+
+DATA_FILE=$BUILD_DIR/cloud-cfg-os.yaml
+
+if [ ! -d $BUILD_DIR ]; then
+ echo "running script standalone..."
+ mkdir -p "$BUILD_DIR"
+fi
+
+$DIR/create_resource_group.sh "$DEVSTACK_RG" "$DEVSTACK_LOCATION"
+
+az network public-ip create --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --allocation-method Static
+DEVSTACK_PUBLIC_IP=`az network public-ip show --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --query 'ipAddress' --output tsv`
+
+cat > $DATA_FILE <<EOF
+#cloud-config
+package_upgrade: true
+packages:
+ - resolvconf
+users:
+ - default
+ - name: stack
+ lock_passwd: False
+ sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"]
+ shell: /bin/bash
+write_files:
+ - path: /home/stack/start.sh
+ permissions: 0755
+ content: |
+ #!/bin/sh
+ DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy
+ DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git
+ sudo chown stack:stack /home/stack
+ cd /home/stack
+ git clone https://git.openstack.org/openstack-dev/devstack
+ cd devstack
+ cat > local.conf <<EOF
+ [[local|localrc]]
+ HOST_IP=$DEVSTACK_PRIVATE_IP
+ SERVICE_HOST=$DEVSTACK_PRIVATE_IP
+ MYSQL_HOST=$DEVSTACK_PRIVATE_IP
+ RABBIT_HOST=$DEVSTACK_PRIVATE_IP
+ GLANCE_HOSTPORT=$DEVSTACK_PRIVATE_IP:9292
+
+ ADMIN_PASSWORD="secret"
+ DATABASE_PASSWORD="secret"
+ RABBIT_PASSWORD="secret"
+ SERVICE_PASSWORD="secret"
+
+ enable_service h-eng h-api h-api-cfn h-api-cw
+ disable_service tempest
+
+ enable_plugin heat https://git.openstack.org/openstack/heat
+ enable_plugin heat-dashboard https://opendev.org/openstack/heat-dashboard
+
+ ## Neutron options
+ Q_USE_SECGROUP=True
+ FLOATING_RANGE="$SUBNET_CIDR"
+ IPV4_ADDRS_SAFE_TO_USE="192.168.100.0/24"
+ Q_FLOATING_ALLOCATION_POOL=start=$DEVSTACK_ALLOCATION_START,end=$DEVSTACK_ALLOCATION_END
+ PUBLIC_NETWORK_GATEWAY="$DEVSTACK_PRIVATE_GATEWAY"
+ PUBLIC_INTERFACE=eth0
+
+ # Disable security groups
+ # Q_USE_SECGROUP=False
+ # LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver
+
+ # Open vSwitch provider networking configuration
+ Q_USE_PROVIDERNET_FOR_PUBLIC=True
+ OVS_PHYSICAL_BRIDGE=br-ex
+ PUBLIC_BRIDGE=br-ex
+ OVS_BRIDGE_MAPPINGS=public:br-ex
+
+ [[post-config|\$NOVA_CONF]]
+
+ [libvirt]
+ cpu_mode = host-passthrough
+
+ EOF
+ ./stack.sh
+
+ source accrc/admin/admin
+ openstack project create --domain default --description "New Project" "$OS_PROJECT_NAME"
+ openstack user create --domain default --project "$OS_PROJECT_NAME" --password "$OPENSTACK_PASS" "$OPENSTACK_USER"
+ openstack role add --project "$OS_PROJECT_NAME" --user "$OPENSTACK_USER" admin
+
+ openstack network set --disable-port-security public
+ openstack subnet set --dhcp public-subnet
+ openstack subnet set --dns-nameserver 8.8.4.4 public-subnet
+ openstack network set --share public
+ openstack network set --share private
+
+ for image in `echo "$IMAGE_LIST"`; do
+ file_name=\`echo "\$image" | rev | cut -d "/" -f 1 | rev\`
+ image_name=\`echo "\$file_name" | rev | cut -d "." -f 2- | rev\`
+ wget -O /tmp/"\$file_name" "\$image"
+ openstack image create --disk-format qcow2 --public --file /tmp/"\$file_name" --property img_config_drive=mandatory "\$image_name"
+ done
+
+runcmd:
+ - echo "nameserver 8.8.4.4" >> /etc/resolvconf/resolv.conf.d/head
+ - echo "nameserver 8.8.8.8" >> /etc/resolvconf/resolv.conf.d/head
+ - service resolvconf restart
+ - su -l stack ./start.sh
+ - iptables -t nat -F POSTROUTING
+ - iptables -t nat -A POSTROUTING -o br-ex -j MASQUERADE
+ - iptables -t nat -A PREROUTING -d "$DEVSTACK_PUBLIC_IP" -j DNAT --to-destination $DEVSTACK_PRIVATE_IP
+EOF
+
+DEVSTACK_IMAGE="UbuntuLTS"
+DEVSTACK_SECURITY_GROUP=$DEVSTACK_NAME"-SG"
+
+az network nsg create --resource-group "$DEVSTACK_RG" \
+ --name "$DEVSTACK_SECURITY_GROUP"
+
+$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100"
+$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "80" "$USER_PUBLIC_IP_PREFIX" '*' '*' "HORIZON" "110"
+
+az vm create --name "$DEVSTACK_NAME" \
+ --resource-group "$DEVSTACK_RG" \
+ --size "$DEVSTACK_VM_SIZE" \
+ --admin-username "$ADMIN_USER" \
+ --ssh-key-value @"$PUBLIC_KEY" \
+ --os-disk-size-gb "$DEVSTACK_DISK_SIZE" \
+ --image "$DEVSTACK_IMAGE" \
+ --location "$DEVSTACK_LOCATION" \
+ --subnet-address-prefix "$SUBNET_CIDR" \
+ --subnet "$DEVSTACK_SUBNET_NAME" \
+ --vnet-address-prefix "$SUBNET_CIDR" \
+ --vnet-name "$DEVSTACK_VNET_NAME" \
+ --custom-data "$DATA_FILE" \
+ --nsg "$DEVSTACK_SECURITY_GROUP" \
+ --private-ip-address "$DEVSTACK_PRIVATE_IP" \
+ --public-ip-address "DEVSTACK_PUBLIC_IP"
+echo ""
+
+az network vnet subnet update --resource-group="$DEVSTACK_RG" \
+ --name "$DEVSTACK_SUBNET_NAME" \
+ --vnet-name "$DEVSTACK_VNET_NAME" \
+ --network-security-group "$DEVSTACK_SECURITY_GROUP"
+
+DEVSTACK_NIC_ID=`az vm nic list --resource-group ${DEVSTACK_RG} --vm-name ${DEVSTACK_NAME} --query "[0] | id" --output tsv`
+
+### Enabling IP Forwarding on DEVSTACK vnic ###
+az network nic update --ids "$DEVSTACK_NIC_ID" --ip-forwarding
+