File openstack-quickstart-demosetup of Package openstack-quickstart
#!/bin/bash -x pw=openstack mpw=m$pw IP=127.0.0.1 testnet=10.10.134.16/29 /etc/init.d/mysql start echo "Setting up OpenStack demo controller..." # use lxc or qemu, if kvm is unavailable if rpm -q openstack-nova-compute >/dev/null && ! grep -q -e vmx -e svm /proc/cpuinfo ; then sed -i -e 's/\(--libvirt_type\).*/\1=lxc/' /etc/nova/nova.conf zypper -n install lxc modprobe nbd sed -i -e 's/\(MODULES_LOADED_ON_BOOT="\)/\1nbd\ /' /etc/sysconfig/kernel echo mount -t cgroup none /cgroup >> /etc/init.d/boot.local mkdir /cgroup mount -t cgroup none /cgroup fi # activate ip-forwarding sed -i -e 's;IP_FORWARD="no";IP_FORWARD="yes";' /etc/sysconfig/sysctl sed -i -e 's;net.ipv4.ip_forward.*;net.ipv4.ip_forward = 1;' /etc/sysctl.conf echo 1 > /proc/sys/net/ipv4/ip_forward # configure bridge if [ ! -e /etc/sysconfig/network/ifcfg-br0 ] ; then echo "net.ipv4.conf.all.proxy_arp = 1" >> /etc/sysctl.conf /etc/init.d/network stop ifdown eth0 # because systemd ignores the above sed -i -e "s/\(BOOTPROTO\).*/\1='static'/" \ -e "s|^\(IPADDR\).*|\1='0.0.0.0\\/32'|" /etc/sysconfig/network/ifcfg-eth0 cat >/etc/sysconfig/network/ifcfg-br0 <<EOF BOOTPROTO='dhcp4' BRIDGE='yes' BRIDGE_FORWARDDELAY='0' BRIDGE_PORTS='eth0' BRIDGE_STP='off' BROADCAST='' ETHTOOL_OPTIONS='' IPADDR='' MTU='' NETMASK='' NETWORK='' REMOTE_IPADDR='' STARTMODE='onboot' USERCONTROL='no' EOF /etc/init.d/network start fi # configure dashboard/apache cat >/etc/apache2/conf.d/openstack-dashboard.conf <<EOF WSGIScriptAlias / /var/lib/openstack-dashboard/dashboard/wsgi/django.wsgi Alias /static/dashboard /var/lib/openstack-dashboard/dashboard/static/dashboard <Directory /var/lib/openstack-dashboard/dashboard/wsgi/> Order allow,deny Allow from all </Directory> <Directory /var/lib/openstack-dashboard/dashboard/static/dashboard> Order allow,deny Allow from all </Directory> EOF a2enmod wsgi cd /var/lib/openstack-dashboard && python -m 'dashboard.manage' syncdb chown -R wwwrun. /var/lib/openstack-dashboard/local/ # configure nova sed -i -e "s;127.0.0.1;$IP;" /etc/nova/api-paste.ini /etc/glance/glance-api.conf /etc/glance/glance-registry.conf perl -i.bak -pe "s/root:<mysql-password>/nova:$mpw/; s/<IP>/$IP/g; s/(--network_manager).*/\$1=nova.network.manager.FlatDHCPManager/;" /etc/nova/nova.conf echo "--vncproxy_url=http://$IP:6080" >> /etc/nova/nova.conf echo '--flat_network_bridge=br0' >> /etc/nova/nova.conf echo '--allow_admin_api' >> /etc/nova/nova.conf echo '--flat_injected=False' >> /etc/nova/nova.conf echo '--image_service=nova.image.glance.GlanceImageService' >> /etc/nova/nova.conf echo "--glance_api_servers=$IP:9292" >> /etc/nova/nova.conf echo "--osapi_extensions_path=`ls -d /usr/lib*/python*/site-packages/extensions | head -n 1`" >> /etc/nova/nova.conf echo | mysql -u root || pwquery=-p echo " set global character_set_server=latin1; set session character_set_server=latin1; CREATE DATABASE IF NOT EXISTS nova; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@localhost IDENTIFIED BY '$mpw'; GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$mpw'; " | mysql -u root $pwquery nova-manage db sync # optional - makes life better with little RAM echo " use nova; update instance_types set memory_mb=3072 where name='m1.medium'; update instance_types set memory_mb=4096 where name='m1.large'; update instance_types set memory_mb=5120 where name='m1.xlarge'; " | mysql -u root $pwquery #nova-manage network create 10.10.134.32/27 1 32 nova-manage network create --fixed_range_v4=$testnet --label=testnet # keystone demo setup, based on devstack.sh # Tenants keystone-manage tenant add admin keystone-manage tenant add demo # Users keystone-manage user add admin $pw keystone-manage user add demo $pw # Roles keystone-manage role add Admin keystone-manage role add Member keystone-manage role add KeystoneAdmin keystone-manage role add KeystoneServiceAdmin keystone-manage role grant Admin admin admin keystone-manage role grant Member demo demo keystone-manage role grant Admin admin demo keystone-manage role grant Admin admin keystone-manage role grant KeystoneAdmin admin keystone-manage role grant KeystoneServiceAdmin admin # Services keystone-manage service add nova compute "Nova Compute Service" keystone-manage service add glance image "Glance Image Service" keystone-manage service add keystone identity "Keystone Identity Service" #endpointTemplates keystone-manage endpointTemplates add RegionOne nova http://$IP:8774/v1.1/%tenant_id% http://$IP:8774/v1.1/%tenant_id% http://$IP:8774/v1.1/%tenant_id% 1 1 keystone-manage endpointTemplates add RegionOne glance http://$IP:9292/v1.1/%tenant_id% http://$IP:9292/v1.1/%tenant_id% http://$IP:9292/v1.1/%tenant_id% 1 1 keystone-manage endpointTemplates add RegionOne keystone http://$IP:5000/v2.0 http://$IP:35357/v2.0 http://$IP:5000/v2.0 1 1 # Tokens keystone-manage token add 999888777666 admin admin 2023-02-23T00:42 # EC2 related creds - note we are setting the secret key to ADMIN_PASSWORD # but keystone doesn't parse them - it is just a blob from keystone's # point of view keystone-manage credentials add admin EC2 'admin' $pw admin || echo "no support for adding credentials" keystone-manage credentials add demo EC2 'demo' $pw demo || echo "no support for adding credentials" rm -f /usr/lib/python*/site-packages/nova-iptables.lock.lock # workaround bug rm -f /var/lock/SuSEfirewall2.booting # workaround openSUSE bug SuSEfirewall2 stop # interferes with openstack's network/firewall insserv -r SuSEfirewall2_setup insserv -r SuSEfirewall2_init /etc/init.d/boot.apparmor stop # interferes with openstack-nova-network insserv -r boot.apparmor # configure NTP, because we need synchronized time between nodes grep -q ntp.org /etc/ntp.conf || echo server pool.ntp.org >> /etc/ntp.conf # start services for s in ntp libvirtd mysql rabbitmq-server iscsitarget open-iscsi tgtd memcached apache2 openstack-nova-api openstack-nova-scheduler openstack-nova-network openstack-nova-compute openstack-nova-vncproxy openstack-glance openstack-keystone do i=/etc/init.d/$s if [ -x $i ] ; then insserv $s $i restart fi done /usr/sbin/openstack-loopback-lvm if [ "$?" -ne "0" ]; then # setup failed, so do not use insserv -r openstack-nova-volume else grep -q openstack-loopback-lvm /etc/init.d/boot.local || echo /usr/sbin/openstack-loopback-lvm >> /etc/init.d/boot.local /etc/init.d/openstack-nova-volume restart fi grep -q bash.openstackrc /etc/bash.bashrc.local ||\ echo "export HOST_IP=$IP . /etc/bash.openstackrc setcreds admin $pw" >> /etc/bash.bashrc.local . /etc/bash.bashrc.local for user in demo admin ; do setcreds $user $pw nova secgroup-add-rule default icmp -1 -1 0.0.0.0/0 # to allow ping #nova secgroup-add-rule default tcp 22 22 0.0.0.0/0 # to allow only SSH or do nova secgroup-add-rule default tcp 1 65535 0.0.0.0/0 # to allow all TCP nova secgroup-add-rule default udp 1 65535 0.0.0.0/0 # and all UDP nova secgroup-list-rules default # lists the rules done
