From 6754bc1b77065026d499a76d203d12257d33a113 Mon Sep 17 00:00:00 2001
From: "stark, steven" <steven.stark@att.com>
Date: Thu, 19 Sep 2019 15:43:00 -0700
Subject: [INT] Adding deployments scripts for ONAP on AKS

Patch 2 - updating readme and removing dash character from BUILD parameter
Patch 3 - updating image url to amd instead of arm, fixing NFS os disk parameter

Issue-ID: INT-1270
Signed-off-by: stark, steven <steven.stark@att.com>
Change-Id: I1d8824b3c098855c9094e27fad8c820e4df42677
---
 deployment/aks/create_devstack.sh | 367 ++++++++++++++++++++++++++++++++++++++
 1 file changed, 367 insertions(+)
 create mode 100755 deployment/aks/create_devstack.sh

(limited to 'deployment/aks/create_devstack.sh')

diff --git a/deployment/aks/create_devstack.sh b/deployment/aks/create_devstack.sh
new file mode 100755
index 000000000..fc136f00a
--- /dev/null
+++ b/deployment/aks/create_devstack.sh
@@ -0,0 +1,367 @@
+#!/bin/bash
+# Copyright 2019 AT&T Intellectual Property. All rights reserved.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#         http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+DIR="$( cd "$( dirname "${BASH_SOURCE[0]}" )" >/dev/null 2>&1 && pwd )"
+NO_PROMPT=0
+RANDOM_PREFIX="ONAP"
+RANDOM_STRING="$RANDOM_PREFIX"-`cat /dev/urandom | env LC_CTYPE=C tr -cd 'a-zA-Z0-9' | head -c 4`
+
+DEVSTACK_RG=
+DEVSTACK_LOCATION=
+PUBLIC_KEY=
+DEVSTACK_NAME=
+DEVSTACK_VM_SIZE=
+SUBNET_CIDR=
+ADMIN_USER=
+BUILD_DIR=
+DEVSTACK_VNET_NAME=
+USER_PUBLIC_IP_PREFIX=
+DEVSTACK_PRIVATE_IP=
+DEVSTACK_SUBNET_NAME=
+DEVSTACK_DISK_SIZE=
+OPENSTACK_USER=
+OPENSTACK_PASS=
+OS_PROJECT_NAME=
+IMAGE_LIST=
+
+function check_required_parameter() {
+  # arg1 = parameter
+  # arg2 = parameter name
+  if [ -z "$1" ]; then
+    echo "$2 was not was provided. This parameter is required."
+    exit 1
+  fi
+}
+
+function check_optional_paramater() {
+  # arg1 = parameter
+  # arg2 = parameter name
+  if [ -z "$1" ]; then
+    echo "$2"
+  else
+    echo "$1"
+  fi
+}
+
+
+while test $# -gt 0; do
+  case "$1" in
+    -h|--help)
+      echo "./create_devstack.sh [options]"
+      echo " "
+      echo " "
+      echo "required:"
+      echo "--public-key                public key to add for admin user [required]"
+      echo "--user-public-ip            public ip that will be granted access to VM [required]"
+      echo "-l, --location              location to deploy VM [required]"
+      echo "-u, --admin-user            admin user to create on VM [required]"
+      echo " "
+      echo "additional options:"
+      echo "-f, --no-prompt             executes with no prompt for confirmation"
+      echo "-h, --help                  provide brief overview of script"
+      echo "-n, --name                  VM name [optional]"
+      echo "-g, --resource-group        provide brief overview of script [optional]"
+      echo "-s, --size                  Azure flavor size for VM [optional]"
+      echo "-c, --cidr                  cidr for VNET to create for VM [optional]. If provided, must also provide --devstack-private-ip from same range."
+      echo "-d, --directory             directory to store cloud config data [optional]"
+      echo "--vnet-name                 name of Vnet to create for VM [optional]"
+      echo "--image-list                space delimited list of image urls that will be added to devstack [optional]"
+      echo "--devstack-private-ip       private ip assigned to VM [optional]. If provided, this value must come from the CIDR range of VNET."
+      echo "--devstack-subnet-name      subnet name created on VNET [optional]"
+      echo "--devstack-disk-size        size of OS disk to be allocated [optional]"
+      echo "--openstack-username        default user name for openstack [optional]"
+      echo "--openstack-password        default password for openstack [optional]"
+      echo "--openstack-tenant          default tenant name for openstack [optional]"
+      echo ""
+      exit 0
+      ;;
+    -f|--no-prompt)
+      shift
+      NO_PROMPT=1
+      ;;
+    -n|--name)
+      shift
+      DEVSTACK_NAME=$1
+      shift
+      ;;
+    -g|--resource-group)
+      shift
+      DEVSTACK_RG=$1
+      shift
+      ;;
+    -s|--size)
+      shift
+      DEVSTACK_VM_SIZE=$1
+      shift
+      ;;
+    -l|--location)
+      shift
+      DEVSTACK_LOCATION=$1
+      shift
+      ;;
+    -c|--cidr)
+      shift
+      SUBNET_CIDR=$1
+      shift
+      ;;
+    -u|--admin-user)
+      shift
+      ADMIN_USER=$1
+      shift
+      ;;
+    -d|--directory)
+      shift
+      BUILD_DIR=$1
+      shift
+      ;;
+    --vnet-name)
+      shift
+      DEVSTACK_VNET_NAME=$1
+      shift
+      ;;
+    --image-list)
+      shift
+      IMAGE_LIST=$1
+      shift
+      ;;
+    --public-key)
+      shift
+      PUBLIC_KEY=$1
+      shift
+      ;;
+    --user-public-ip)
+      shift
+      USER_PUBLIC_IP_PREFIX=$1
+      shift
+      ;;
+    --devstack-private-ip)
+      shift
+      DEVSTACK_PRIVATE_IP=$1
+      shift
+      ;;
+    --devstack-subnet-name)
+      shift
+      DEVSTACK_SUBNET_NAME=$1
+      shift
+      ;;
+    --devstack-disk-size)
+      shift
+      DEVSTACK_DISK_SIZE=$1
+      shift
+      ;;
+    --openstack-username)
+      shift
+      OPENSTACK_USER=$1
+      shift
+      ;;
+    --openstack-password)
+      shift
+      OPENSTACK_PASS=$1
+      shift
+      ;;
+    --openstack-tenant)
+      shift
+      OS_PROJECT_NAME=$1
+      shift
+      ;;
+    *)
+      echo "Unknown Argument $1. Try running with --help."
+      exit 0
+      ;;
+  esac
+done
+
+check_required_parameter "$ADMIN_USER" "--admin-user"
+check_required_parameter "$PUBLIC_KEY" "--public-key"
+check_required_parameter "$DEVSTACK_LOCATION" "--location"
+check_required_parameter "$USER_PUBLIC_IP_PREFIX" "--user-public-ip"
+
+DEVSTACK_RG=$(check_optional_paramater "$DEVSTACK_RG" $RANDOM_STRING"-DEVSTACKRG")
+DEVSTACK_NAME=$(check_optional_paramater "$DEVSTACK_NAME" $RANDOM_STRING"-DEVSTACK")
+DEVSTACK_VM_SIZE=$(check_optional_paramater "$DEVSTACK_VM_SIZE" "Standard_DS4_v2")
+SUBNET_CIDR=$(check_optional_paramater "$SUBNET_CIDR" "173.0.0.0/24")
+BUILD_DIR=$(check_optional_paramater "$BUILD_DIR" /tmp/devstack-$RANDOM_STRING)
+DEVSTACK_VNET_NAME=$(check_optional_paramater "$DEVSTACK_VNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET")
+DEVSTACK_PRIVATE_IP=$(check_optional_paramater "$DEVSTACK_PRIVATE_IP" "173.0.0.4")
+DEVSTACK_SUBNET_NAME=$(check_optional_paramater "$DEVSTACK_SUBNET_NAME" $RANDOM_STRING"-DEVSTACK-VNET-SUBNET")
+DEVSTACK_DISK_SIZE=$(check_optional_paramater "$DEVSTACK_DISK_SIZE" "64")
+OPENSTACK_USER=$(check_optional_paramater "$OPENSTACK_USER" "admin")
+OPENSTACK_PASS=$(check_optional_paramater "$OPENSTACK_PASS" "secret")
+OS_PROJECT_NAME=$(check_optional_paramater "$OS_PROJECT_NAME" "admin")
+IMAGE_LIST=$(check_optional_paramater "$IMAGE_LIST" "")
+
+
+if [ $NO_PROMPT = 0 ]; then
+  read -p "Would you like to proceed? [y/n]" -n 1 -r
+  echo " "
+  if [[ ! $REPLY =~ ^[Yy]$ ]]
+  then
+      exit 0
+  fi
+fi
+
+set -x 
+set -e
+
+# TODO
+# This needs to be hardened
+DEVSTACK_PRIVATE_GATEWAY=`echo $DEVSTACK_PRIVATE_IP | sed  's/.$/1/'`
+DEVSTACK_ALLOCATION_START=`echo $DEVSTACK_PRIVATE_IP | sed  's/.$/10/'`
+DEVSTACK_ALLOCATION_END=`echo $DEVSTACK_PRIVATE_IP | sed  's/.$/240/'`
+
+DATA_FILE=$BUILD_DIR/cloud-cfg-os.yaml
+
+if [ ! -d $BUILD_DIR ]; then
+  echo "running script standalone..."
+  mkdir -p "$BUILD_DIR"
+fi
+
+$DIR/create_resource_group.sh "$DEVSTACK_RG" "$DEVSTACK_LOCATION"
+
+az network public-ip create --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --allocation-method Static
+DEVSTACK_PUBLIC_IP=`az network public-ip show --resource-group "$DEVSTACK_RG" --name "DEVSTACK_PUBLIC_IP" --query 'ipAddress' --output tsv`
+
+cat > $DATA_FILE <<EOF
+#cloud-config
+package_upgrade: true
+packages:
+  - resolvconf
+users:
+  - default
+  - name: stack
+    lock_passwd: False
+    sudo: ["ALL=(ALL) NOPASSWD:ALL\nDefaults:stack !requiretty"]
+    shell: /bin/bash
+write_files:
+  - path: /home/stack/start.sh
+    permissions: 0755
+    content: |
+      #!/bin/sh
+      DEBIAN_FRONTEND=noninteractive sudo apt-get -qqy update || sudo yum update -qy
+      DEBIAN_FRONTEND=noninteractive sudo apt-get install -qqy git || sudo yum install -qy git
+      sudo chown stack:stack /home/stack
+      cd /home/stack
+      git clone https://git.openstack.org/openstack-dev/devstack
+      cd devstack
+      cat > local.conf <<EOF
+      [[local|localrc]]
+      HOST_IP=$DEVSTACK_PRIVATE_IP
+      SERVICE_HOST=$DEVSTACK_PRIVATE_IP
+      MYSQL_HOST=$DEVSTACK_PRIVATE_IP
+      RABBIT_HOST=$DEVSTACK_PRIVATE_IP
+      GLANCE_HOSTPORT=$DEVSTACK_PRIVATE_IP:9292
+
+      ADMIN_PASSWORD="secret"
+      DATABASE_PASSWORD="secret"
+      RABBIT_PASSWORD="secret"
+      SERVICE_PASSWORD="secret"
+
+      enable_service h-eng h-api h-api-cfn h-api-cw
+      disable_service tempest
+
+      enable_plugin heat https://git.openstack.org/openstack/heat
+      enable_plugin heat-dashboard https://opendev.org/openstack/heat-dashboard
+
+      ## Neutron options
+      Q_USE_SECGROUP=True
+      FLOATING_RANGE="$SUBNET_CIDR"
+      IPV4_ADDRS_SAFE_TO_USE="192.168.100.0/24"
+      Q_FLOATING_ALLOCATION_POOL=start=$DEVSTACK_ALLOCATION_START,end=$DEVSTACK_ALLOCATION_END
+      PUBLIC_NETWORK_GATEWAY="$DEVSTACK_PRIVATE_GATEWAY"
+      PUBLIC_INTERFACE=eth0
+
+      # Disable security groups
+      # Q_USE_SECGROUP=False
+      # LIBVIRT_FIREWALL_DRIVER=nova.virt.firewall.NoopFirewallDriver
+
+      # Open vSwitch provider networking configuration
+      Q_USE_PROVIDERNET_FOR_PUBLIC=True
+      OVS_PHYSICAL_BRIDGE=br-ex
+      PUBLIC_BRIDGE=br-ex
+      OVS_BRIDGE_MAPPINGS=public:br-ex
+
+      [[post-config|\$NOVA_CONF]]
+
+      [libvirt]
+      cpu_mode = host-passthrough
+
+      EOF
+      ./stack.sh
+
+      source accrc/admin/admin
+      openstack project create --domain default --description "New Project" "$OS_PROJECT_NAME"
+      openstack user create --domain default --project "$OS_PROJECT_NAME" --password "$OPENSTACK_PASS" "$OPENSTACK_USER"
+      openstack role add --project "$OS_PROJECT_NAME" --user "$OPENSTACK_USER" admin
+
+      openstack network set --disable-port-security public
+      openstack subnet set --dhcp public-subnet
+      openstack subnet set --dns-nameserver 8.8.4.4 public-subnet
+      openstack network set --share public
+      openstack network set --share private
+
+      for image in `echo "$IMAGE_LIST"`; do
+        file_name=\`echo "\$image" | rev | cut -d "/" -f 1 | rev\`
+        image_name=\`echo "\$file_name" | rev | cut -d "." -f 2- | rev\`
+        wget -O /tmp/"\$file_name" "\$image"
+        openstack image create --disk-format qcow2 --public --file /tmp/"\$file_name" --property img_config_drive=mandatory "\$image_name"
+      done
+
+runcmd:
+  - echo "nameserver 8.8.4.4" >> /etc/resolvconf/resolv.conf.d/head
+  - echo "nameserver 8.8.8.8" >> /etc/resolvconf/resolv.conf.d/head
+  - service resolvconf restart
+  - su -l stack ./start.sh
+  - iptables -t nat -F POSTROUTING
+  - iptables -t nat -A POSTROUTING -o br-ex -j MASQUERADE
+  - iptables -t nat -A PREROUTING -d "$DEVSTACK_PUBLIC_IP" -j DNAT --to-destination $DEVSTACK_PRIVATE_IP
+EOF
+
+DEVSTACK_IMAGE="UbuntuLTS"
+DEVSTACK_SECURITY_GROUP=$DEVSTACK_NAME"-SG"
+
+az network nsg create --resource-group "$DEVSTACK_RG" \
+                      --name "$DEVSTACK_SECURITY_GROUP"
+
+$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "22" "$USER_PUBLIC_IP_PREFIX" '*' '*' "SSH" "100"
+$DIR/create_sg_rule.sh "$DEVSTACK_RG" "$DEVSTACK_SECURITY_GROUP" '*' "80" "$USER_PUBLIC_IP_PREFIX" '*' '*' "HORIZON" "110"
+
+az vm create --name "$DEVSTACK_NAME" \
+             --resource-group "$DEVSTACK_RG" \
+             --size "$DEVSTACK_VM_SIZE" \
+             --admin-username "$ADMIN_USER" \
+             --ssh-key-value @"$PUBLIC_KEY" \
+             --os-disk-size-gb "$DEVSTACK_DISK_SIZE" \
+             --image "$DEVSTACK_IMAGE" \
+             --location "$DEVSTACK_LOCATION" \
+             --subnet-address-prefix "$SUBNET_CIDR" \
+             --subnet "$DEVSTACK_SUBNET_NAME" \
+             --vnet-address-prefix "$SUBNET_CIDR" \
+             --vnet-name "$DEVSTACK_VNET_NAME" \
+             --custom-data "$DATA_FILE" \
+             --nsg "$DEVSTACK_SECURITY_GROUP" \
+             --private-ip-address "$DEVSTACK_PRIVATE_IP" \
+             --public-ip-address "DEVSTACK_PUBLIC_IP"
+echo ""
+
+az network vnet subnet update --resource-group="$DEVSTACK_RG" \
+                              --name "$DEVSTACK_SUBNET_NAME" \
+                              --vnet-name "$DEVSTACK_VNET_NAME" \
+                              --network-security-group "$DEVSTACK_SECURITY_GROUP"
+
+DEVSTACK_NIC_ID=`az vm nic list --resource-group ${DEVSTACK_RG} --vm-name ${DEVSTACK_NAME} --query "[0] | id" --output tsv`
+
+### Enabling IP Forwarding on DEVSTACK vnic ###
+az network nic update --ids "$DEVSTACK_NIC_ID" --ip-forwarding
+
-- 
cgit 1.2.3-korg