├── LICENSE ├── README.md ├── answerfiles └── default_generated.answer ├── nested_kvm_cpu.sh ├── openstack-cheatsheet.txt ├── openstack-devices.sh ├── openstack-errors.sh ├── openstack-export_image.sh ├── openstack-external-net.sh ├── openstack-hammer-uninstall.sh ├── openstack-images.sh ├── openstack-logs.sh ├── openstack-network-troubleshooting.sh ├── openstack-network.sh ├── openstack-notes-working.sh ├── openstack-notes.sh ├── openstack-os-tools.sh ├── openstack-outside.sh ├── openstack-project-add.sh ├── openstack-project-delete.sh ├── openstack-public-delete.sh └── packstack-answerfile.sh /LICENSE: -------------------------------------------------------------------------------- 1 | any license you want 2 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | openstack 2 | ========= 3 | 4 | Scripts for openstack admin tools 5 | 6 | Network 7 | - openstack-outside.sh - setup br-ex to communicate with the outside world - deprecated 8 | - openstack-network-troubleshooting.sh - script to collect information to aid network troubleshooting 9 | - openstack-network.sh - wrapper script for the next 3 scripts 10 | - openstack-devices.sh - configures openstack network devices 11 | - openstack-public-delete.sh - deletes the public net, subnet and router 12 | - openstack-external-net.sh - sets up the external aka public network including router 13 | 14 | Project 15 | - openstack-project-add.sh - sets up the project, role, user and network for the project 16 | - openstack-project-delete.sh - deletes the project, role, user and network for the project 17 | 18 | Miscellaneous 19 | - openstack-cheatsheet.txt - a cheat sheet 20 | - openstack-os-tools.sh - os tools setup 21 | - nested_kvm_cpu.sh - identifies and enables nested kvm support if available 22 | - openstack-notes.sh - rough notes to get stuff working 23 | - openstack-images.sh - downloads images, checks md5sum, adds the image to glance 24 | - openstack-logs.sh - views component logs 25 | - openstack-hammer-uninstall.sh - lifted from RDO - you do NOT want to run this 26 | 27 | You can also connect with me on LinkedIn @ http://www.linkedin.com/in/mohammedarafa/ 28 | -------------------------------------------------------------------------------- /answerfiles/default_generated.answer: -------------------------------------------------------------------------------- 1 | [general] 2 | 3 | # Path to a Public key to install on servers. If a usable key has not 4 | # been installed on the remote servers the user will be prompted for a 5 | # password and this key will be installed so the password will not be 6 | # required again 7 | CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub 8 | 9 | # Set to 'y' if you would like Packstack to install MySQL 10 | CONFIG_MYSQL_INSTALL=y 11 | 12 | # Set to 'y' if you would like Packstack to install OpenStack Image 13 | # Service (Glance) 14 | CONFIG_GLANCE_INSTALL=y 15 | 16 | # Set to 'y' if you would like Packstack to install OpenStack Block 17 | # Storage (Cinder) 18 | CONFIG_CINDER_INSTALL=y 19 | 20 | # Set to 'y' if you would like Packstack to install OpenStack Compute 21 | # (Nova) 22 | CONFIG_NOVA_INSTALL=y 23 | 24 | # Set to 'y' if you would like Packstack to install OpenStack 25 | # Networking (Neutron) 26 | CONFIG_NEUTRON_INSTALL=y 27 | 28 | # Set to 'y' if you would like Packstack to install OpenStack 29 | # Dashboard (Horizon) 30 | CONFIG_HORIZON_INSTALL=y 31 | 32 | # Set to 'y' if you would like Packstack to install OpenStack Object 33 | # Storage (Swift) 34 | CONFIG_SWIFT_INSTALL=n 35 | 36 | # Set to 'y' if you would like Packstack to install OpenStack 37 | # Metering (Ceilometer) 38 | CONFIG_CEILOMETER_INSTALL=y 39 | 40 | # Set to 'y' if you would like Packstack to install Heat 41 | CONFIG_HEAT_INSTALL=n 42 | 43 | # Set to 'y' if you would like Packstack to install the OpenStack 44 | # Client packages. An admin "rc" file will also be installed 45 | CONFIG_CLIENT_INSTALL=y 46 | 47 | # Comma separated list of NTP servers. Leave plain if Packstack 48 | # should not install ntpd on instances. 49 | CONFIG_NTP_SERVERS= 50 | 51 | # Set to 'y' if you would like Packstack to install Nagios to monitor 52 | # openstack hosts 53 | CONFIG_NAGIOS_INSTALL=n 54 | 55 | # Comma separated list of servers to be excluded from installation in 56 | # case you are running Packstack the second time with the same answer 57 | # file and don't want Packstack to touch these servers. Leave plain if 58 | # you don't need to exclude any server. 59 | EXCLUDE_SERVERS= 60 | 61 | # The IP address of the server on which to install MySQL 62 | CONFIG_MYSQL_HOST=192.168.0.22 63 | 64 | # Username for the MySQL admin user 65 | CONFIG_MYSQL_USER=root 66 | 67 | # Password for the MySQL admin user 68 | CONFIG_MYSQL_PW=572310ba9c1148cb 69 | 70 | # The IP address of the server on which to install the QPID service 71 | CONFIG_QPID_HOST=192.168.0.22 72 | 73 | # The IP address of the server on which to install Keystone 74 | CONFIG_KEYSTONE_HOST=192.168.0.22 75 | 76 | # The password to use for the Keystone to access DB 77 | CONFIG_KEYSTONE_DB_PW=53544e72e2f942c2 78 | 79 | # The token to use for the Keystone service api 80 | CONFIG_KEYSTONE_ADMIN_TOKEN=09bf3e0049154e6f993699530483ef5c 81 | 82 | # The password to use for the Keystone admin user 83 | CONFIG_KEYSTONE_ADMIN_PW=24e5114fed25447b 84 | 85 | # The password to use for the Keystone demo user 86 | CONFIG_KEYSTONE_DEMO_PW=99059370708e4d07 87 | 88 | # Kestone token format. Use either UUID or PKI 89 | CONFIG_KEYSTONE_TOKEN_FORMAT=PKI 90 | 91 | # The IP address of the server on which to install Glance 92 | CONFIG_GLANCE_HOST=192.168.0.22 93 | 94 | # The password to use for the Glance to access DB 95 | CONFIG_GLANCE_DB_PW=3e604537d6e0462f 96 | 97 | # The password to use for the Glance to authenticate with Keystone 98 | CONFIG_GLANCE_KS_PW=6c287d95836a40ff 99 | 100 | # The IP address of the server on which to install Cinder 101 | CONFIG_CINDER_HOST=192.168.0.22 102 | 103 | # The password to use for the Cinder to access DB 104 | CONFIG_CINDER_DB_PW=43b36672beaa4c12 105 | 106 | # The password to use for the Cinder to authenticate with Keystone 107 | CONFIG_CINDER_KS_PW=00c723cc76ec4bb3 108 | 109 | # The Cinder backend to use, valid options are: lvm, gluster, nfs 110 | CONFIG_CINDER_BACKEND=lvm 111 | 112 | # Create Cinder's volumes group. This should only be done for testing 113 | # on a proof-of-concept installation of Cinder. This will create a 114 | # file-backed volume group and is not suitable for production usage. 115 | CONFIG_CINDER_VOLUMES_CREATE=y 116 | 117 | # Cinder's volumes group size. Note that actual volume size will be 118 | # extended with 3% more space for VG metadata. 119 | CONFIG_CINDER_VOLUMES_SIZE=20G 120 | 121 | # A single or comma separated list of gluster volume shares to mount, 122 | # eg: ip-address:/vol-name 123 | CONFIG_CINDER_GLUSTER_MOUNTS= 124 | 125 | # A single or comma seprated list of NFS exports to mount, eg: ip- 126 | # address:/export-name 127 | CONFIG_CINDER_NFS_MOUNTS= 128 | 129 | # The IP address of the server on which to install the Nova API 130 | # service 131 | CONFIG_NOVA_API_HOST=192.168.0.22 132 | 133 | # The IP address of the server on which to install the Nova Cert 134 | # service 135 | CONFIG_NOVA_CERT_HOST=192.168.0.22 136 | 137 | # The IP address of the server on which to install the Nova VNC proxy 138 | CONFIG_NOVA_VNCPROXY_HOST=192.168.0.22 139 | 140 | # A comma separated list of IP addresses on which to install the Nova 141 | # Compute services 142 | CONFIG_NOVA_COMPUTE_HOSTS=192.168.0.22 143 | 144 | # The IP address of the server on which to install the Nova Conductor 145 | # service 146 | CONFIG_NOVA_CONDUCTOR_HOST=192.168.0.22 147 | 148 | # The password to use for the Nova to access DB 149 | CONFIG_NOVA_DB_PW=f158af5158914c7b 150 | 151 | # The password to use for the Nova to authenticate with Keystone 152 | CONFIG_NOVA_KS_PW=be51242ba34946ed 153 | 154 | # The IP address of the server on which to install the Nova Scheduler 155 | # service 156 | CONFIG_NOVA_SCHED_HOST=192.168.0.22 157 | 158 | # The overcommitment ratio for virtual to physical CPUs. Set to 1.0 159 | # to disable CPU overcommitment 160 | CONFIG_NOVA_SCHED_CPU_ALLOC_RATIO=16.0 161 | 162 | # The overcommitment ratio for virtual to physical RAM. Set to 1.0 to 163 | # disable RAM overcommitment 164 | CONFIG_NOVA_SCHED_RAM_ALLOC_RATIO=1.5 165 | 166 | # Private interface for Flat DHCP on the Nova compute servers 167 | CONFIG_NOVA_COMPUTE_PRIVIF=eth1 168 | 169 | # The list of IP addresses of the server on which to install the Nova 170 | # Network service 171 | CONFIG_NOVA_NETWORK_HOSTS=192.168.0.22 172 | 173 | # Nova network manager 174 | CONFIG_NOVA_NETWORK_MANAGER=nova.network.manager.FlatDHCPManager 175 | 176 | # Public interface on the Nova network server 177 | CONFIG_NOVA_NETWORK_PUBIF=eth0 178 | 179 | # Private interface for network manager on the Nova network server 180 | CONFIG_NOVA_NETWORK_PRIVIF=eth1 181 | 182 | # IP Range for network manager 183 | CONFIG_NOVA_NETWORK_FIXEDRANGE=192.168.32.0/22 184 | 185 | # IP Range for Floating IP's 186 | CONFIG_NOVA_NETWORK_FLOATRANGE=10.3.4.0/22 187 | 188 | # Name of the default floating pool to which the specified floating 189 | # ranges are added to 190 | CONFIG_NOVA_NETWORK_DEFAULTFLOATINGPOOL=nova 191 | 192 | # Automatically assign a floating IP to new instances 193 | CONFIG_NOVA_NETWORK_AUTOASSIGNFLOATINGIP=n 194 | 195 | # First VLAN for private networks 196 | CONFIG_NOVA_NETWORK_VLAN_START=100 197 | 198 | # Number of networks to support 199 | CONFIG_NOVA_NETWORK_NUMBER=1 200 | 201 | # Number of addresses in each private subnet 202 | CONFIG_NOVA_NETWORK_SIZE=255 203 | 204 | # The IP addresses of the server on which to install the Neutron 205 | # server 206 | CONFIG_NEUTRON_SERVER_HOST=192.168.0.22 207 | 208 | # The password to use for Neutron to authenticate with Keystone 209 | CONFIG_NEUTRON_KS_PW=4be1fdd81b88433d 210 | 211 | # The password to use for Neutron to access DB 212 | CONFIG_NEUTRON_DB_PW=8bcc333dab894a7a 213 | 214 | # A comma separated list of IP addresses on which to install Neutron 215 | # L3 agent 216 | CONFIG_NEUTRON_L3_HOSTS=192.168.0.22 217 | 218 | # The name of the bridge that the Neutron L3 agent will use for 219 | # external traffic, or 'provider' if using provider networks 220 | CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex 221 | 222 | # A comma separated list of IP addresses on which to install Neutron 223 | # DHCP agent 224 | CONFIG_NEUTRON_DHCP_HOSTS=192.168.0.22 225 | 226 | # The name of the L2 plugin to be used with Neutron 227 | CONFIG_NEUTRON_L2_PLUGIN=openvswitch 228 | 229 | # A comma separated list of IP addresses on which to install Neutron 230 | # metadata agent 231 | CONFIG_NEUTRON_METADATA_HOSTS=192.168.0.22 232 | 233 | # A comma separated list of IP addresses on which to install Neutron 234 | # metadata agent 235 | CONFIG_NEUTRON_METADATA_PW=6e1bd03759a6475b 236 | 237 | # The type of network to allocate for tenant networks 238 | CONFIG_NEUTRON_LB_TENANT_NETWORK_TYPE=local 239 | 240 | # A comma separated list of VLAN ranges for the Neutron linuxbridge 241 | # plugin 242 | CONFIG_NEUTRON_LB_VLAN_RANGES= 243 | 244 | # A comma separated list of interface mappings for the Neutron 245 | # linuxbridge plugin 246 | CONFIG_NEUTRON_LB_INTERFACE_MAPPINGS= 247 | 248 | # Type of network to allocate for tenant networks 249 | CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local 250 | 251 | # A comma separated list of VLAN ranges for the Neutron openvswitch 252 | # plugin 253 | CONFIG_NEUTRON_OVS_VLAN_RANGES= 254 | 255 | # A comma separated list of bridge mappings for the Neutron 256 | # openvswitch plugin 257 | CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS= 258 | 259 | # A comma separated list of colon-separated OVS bridge:interface 260 | # pairs. The interface will be added to the associated bridge. 261 | CONFIG_NEUTRON_OVS_BRIDGE_IFACES= 262 | 263 | # A comma separated list of tunnel ranges for the Neutron openvswitch 264 | # plugin 265 | CONFIG_NEUTRON_OVS_TUNNEL_RANGES= 266 | 267 | # Override the IP used for GRE tunnels on this hypervisor to the IP 268 | # found on the specified interface (defaults to the HOST IP) 269 | CONFIG_NEUTRON_OVS_TUNNEL_IF= 270 | 271 | # The IP address of the server on which to install the OpenStack 272 | # client packages. An admin "rc" file will also be installed 273 | CONFIG_OSCLIENT_HOST=192.168.0.22 274 | 275 | # The IP address of the server on which to install Horizon 276 | CONFIG_HORIZON_HOST=192.168.0.22 277 | 278 | # To set up Horizon communication over https set this to "y" 279 | CONFIG_HORIZON_SSL=n 280 | 281 | # PEM encoded certificate to be used for ssl on the https server, 282 | # leave blank if one should be generated, this certificate should not 283 | # require a passphrase 284 | CONFIG_SSL_CERT= 285 | 286 | # Keyfile corresponding to the certificate if one was entered 287 | CONFIG_SSL_KEY= 288 | 289 | # The IP address on which to install the Swift proxy service 290 | # (currently only single proxy is supported) 291 | CONFIG_SWIFT_PROXY_HOSTS=192.168.0.22 292 | 293 | # The password to use for the Swift to authenticate with Keystone 294 | CONFIG_SWIFT_KS_PW=ae436ec60dfd449a 295 | 296 | # A comma separated list of IP addresses on which to install the 297 | # Swift Storage services, each entry should take the format 298 | # [/dev], for example 127.0.0.1/vdb will install /dev/vdb 299 | # on 127.0.0.1 as a swift storage device(packstack does not create the 300 | # filesystem, you must do this first), if /dev is omitted Packstack 301 | # will create a loopback device for a test setup 302 | CONFIG_SWIFT_STORAGE_HOSTS=192.168.0.22 303 | 304 | # Number of swift storage zones, this number MUST be no bigger than 305 | # the number of storage devices configured 306 | CONFIG_SWIFT_STORAGE_ZONES=1 307 | 308 | # Number of swift storage replicas, this number MUST be no bigger 309 | # than the number of storage zones configured 310 | CONFIG_SWIFT_STORAGE_REPLICAS=1 311 | 312 | # FileSystem type for storage nodes 313 | CONFIG_SWIFT_STORAGE_FSTYPE=ext4 314 | 315 | # Whether to provision for demo usage and testing 316 | CONFIG_PROVISION_DEMO=n 317 | 318 | # The CIDR network address for the floating IP subnet 319 | CONFIG_PROVISION_DEMO_FLOATRANGE=172.24.4.224/28 320 | 321 | # Whether to configure tempest for testing 322 | CONFIG_PROVISION_TEMPEST=n 323 | 324 | # The uri of the tempest git repository to use 325 | CONFIG_PROVISION_TEMPEST_REPO_URI=https://github.com/openstack/tempest.git 326 | 327 | # The revision of the tempest git repository to use 328 | CONFIG_PROVISION_TEMPEST_REPO_REVISION=master 329 | 330 | # Whether to configure the ovs external bridge in an all-in-one 331 | # deployment 332 | CONFIG_PROVISION_ALL_IN_ONE_OVS_BRIDGE=n 333 | 334 | # The IP address of the server on which to install Heat service 335 | CONFIG_HEAT_HOST=192.168.0.22 336 | 337 | # The password used by Heat user to authenticate against MySQL 338 | CONFIG_HEAT_DB_PW=2957806855054185 339 | 340 | # The password to use for the Heat to authenticate with Keystone 341 | CONFIG_HEAT_KS_PW=883932b179d74b4f 342 | 343 | # Set to 'y' if you would like Packstack to install Heat CloudWatch 344 | # API 345 | CONFIG_HEAT_CLOUDWATCH_INSTALL=n 346 | 347 | # Set to 'y' if you would like Packstack to install Heat 348 | # CloudFormation API 349 | CONFIG_HEAT_CFN_INSTALL=n 350 | 351 | # The IP address of the server on which to install Heat CloudWatch 352 | # API service 353 | CONFIG_HEAT_CLOUDWATCH_HOST=192.168.0.22 354 | 355 | # The IP address of the server on which to install Heat 356 | # CloudFormation API service 357 | CONFIG_HEAT_CFN_HOST=192.168.0.22 358 | 359 | # The IP address of the server on which to install Ceilometer 360 | CONFIG_CEILOMETER_HOST=192.168.0.22 361 | 362 | # Secret key for signing metering messages. 363 | CONFIG_CEILOMETER_SECRET=0d5095f1837446f9 364 | 365 | # The password to use for Ceilometer to authenticate with Keystone 366 | CONFIG_CEILOMETER_KS_PW=e68b8d002f9f408a 367 | 368 | # To subscribe each server to EPEL enter "y" 369 | CONFIG_USE_EPEL=y 370 | 371 | # A comma separated list of URLs to any additional yum repositories 372 | # to install 373 | CONFIG_REPO= 374 | 375 | # The IP address of the server on which to install the Nagios server 376 | CONFIG_NAGIOS_HOST=192.168.0.22 377 | 378 | # The password of the nagiosadmin user on the Nagios server 379 | CONFIG_NAGIOS_PW=9953324189ec4043 380 | -------------------------------------------------------------------------------- /nested_kvm_cpu.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #does the cpu support virtualisation? 3 | grep -E "(vmx|svm)" --color=always /proc/cpuinfo > /dev/null 4 | if ! [ $? -eq 0 ] 5 | then 6 | echo " WARN: Your cpu does not support Virtualisation" 7 | else 8 | echo " INFO: Your cpu supports Virtualisation" 9 | #is virtualisation enabled in the bios 10 | lsmod | grep kvm_intel > /dev/null 11 | if ! [ $? -eq 0 ] 12 | then 13 | echo " WARN: Enable virtualisation in your BIOS" 14 | else 15 | #is nested kvm supported? 16 | modinfo kvm_intel | grep -i nested > /dev/null 17 | if ! [ $? -eq 0 ] 18 | then 19 | echo " WARN: Your cpu does not support nested kvm" 20 | else 21 | echo " INFO: Your cpu supports nested kvm" 22 | enabled=`cat /sys/module/kvm_intel/parameters/nested ` 23 | if [ "$enabled" == "Y" ] 24 | then 25 | echo " INFO: Nothing to do. Nested KVM is enabled" 26 | exit 0 27 | else 28 | echo " INFO: Nested KVM is not enabled. Enabling" 29 | if [ $UID -eq 0 ] 30 | then 31 | if ! [ -f /etc/modprobe.d/nested_kvm.conf ] 32 | then 33 | echo "options kvm-intel nested=y" > /etc/modprobe.d/nested_kvm.conf 34 | fi 35 | echo " INFO: Please reboot to enable nested kvm" 36 | else 37 | echo " WARN: You need to be root to enable nested kvm" 38 | fi 39 | fi 40 | fi 41 | fi 42 | fi 43 | 44 | #todo 45 | #utilise cat /sys/module/kvm_intel/parameters/ept 46 | -------------------------------------------------------------------------------- /openstack-cheatsheet.txt: -------------------------------------------------------------------------------- 1 | services 2 | __________________________ 3 | nova - compute 4 | neutron - network 5 | glance - image 6 | ceilometer - metering 7 | cinder - volume 8 | keystone - identity 9 | 10 | ips 11 | _________________________ 12 | fixed ips - ips assigned to a vm to get it on to a network 13 | floating ips - additional ips assigned to a vm dynamically to allow the 14 | outside world (network) to reach the vm aka Real IP 15 | 16 | br interfaces 17 | _________________________ 18 | br-ex - aka external bridge - bridges the external network and the 19 | br-int - aka integration bridge - think of it as a patch panel 20 | 21 | networking tools 22 | _________________________ 23 | ip (netns etc) 24 | neutron 25 | ovs (ovs-vsctl etc) - used when openvswitch (aka ovs) is used 26 | -------------------------------------------------------------------------------- /openstack-devices.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | # 4 | debug(){ 5 | 6 | echo -----debug ----- 7 | echo files $files 8 | echo file $file 9 | echo num_nics $num_nics 10 | echo nic $nic 11 | echo device=$device 12 | echo DEVICE=$DEVICE 13 | echo IPADDR=$IPADDR 14 | echo HWADDR=$HWADDR 15 | echo GATEWAY=$GATEWAY 16 | echo DNS1=$DNS1 17 | echo DNS2=$DNS2 18 | echo result=$result 19 | echo -----debug ----- 20 | } 21 | 22 | if [ -f /etc/sysconfig/network-scripts/ifcfg-br-ex ] 23 | then 24 | echo /etc/sysconfig/network-scripts/ifcfg-br-ex exists. Quitting! 25 | exit 0 26 | fi 27 | 28 | #number of nics on the server 29 | num_nics=`ls /etc/sysconfig/network-scripts/ifcfg-* |grep -v lo |wc -l` 30 | if [ $num_nics -gt 1 ] 31 | then 32 | files=`ls /etc/sysconfig/network-scripts/ifcfg-* |grep -v lo` 33 | PS3="Select primary network interface: " 34 | select file in $files quit 35 | do 36 | case file in 37 | quit) 38 | echo Quitting 39 | exit 1 40 | ;; 41 | *) 42 | nic=`basename $file|cut -d- -f2` 43 | file=/etc/sysconfig/network-scripts/ifcfg-$nic 44 | ;; 45 | esac 46 | break 47 | done 48 | else 49 | file=`ls /etc/sysconfig/network-scripts/ifcfg-* |grep -v lo` 50 | fi 51 | 52 | primary(){ 53 | mkdir -p ~/backups 54 | cp -n $file ~/backups/. 55 | device=`basename $file` 56 | nic=`basename $device|cut -d- -f2` 57 | IPADDR=`grep IPADDR ~/backups/$device|cut -d= -f2` 58 | GATEWAY=`grep GATEWAY ~/backups/$device|cut -d= -f2` 59 | DNS1=`grep DNS1 ~/backups/$device|cut -d= -f2` 60 | DNS2=`grep DNS2 ~/backups/$device|cut -d= -f2` 61 | 62 | ##configuration of $device 63 | DEVICE=`echo $nic|cut -d- -f2` 64 | HWADDR=`cat ~/backups/$device|grep HWADDR|cut -d= -f2` 65 | rm -rf $file 66 | cat >> $file << EOF 67 | DEVICE=$DEVICE 68 | HWADDR=$HWADDR 69 | TYPE=Ethernet 70 | ONBOOT=yes 71 | EOF 72 | } 73 | 74 | br_ext(){ 75 | ##configuration of br-ex 76 | file=/etc/sysconfig/network-scripts/ifcfg-br-ex 77 | rm -rf $file 78 | cat >> $file < /dev/null 93 | result=$? 94 | if ! [ $result -eq 0 ] 95 | then 96 | ovs-vsctl add-port br-ex $nic 97 | service network restart 98 | fi 99 | } 100 | 101 | primary #primary nic aka eth0 102 | br_ext #bridge for external connectivity 103 | ovs #ovs configuration 104 | 105 | #debug 106 | 107 | -------------------------------------------------------------------------------- /openstack-errors.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ $# -eq 0 ] 4 | then 5 | echo " Usage: $0 {warn|error|both}" 6 | exit 1 7 | elif [ $# -eq 1 ] 8 | then 9 | export task="c" 10 | else 11 | task=$2 12 | fi 13 | 14 | case $1 in 15 | warn|Warn|WARN) 16 | param=warn 17 | ;; 18 | err|error|Error|ERROR|ERR) 19 | param=error 20 | ;; 21 | both) 22 | param="warn|error" 23 | ;; 24 | esac 25 | 26 | 27 | 28 | follow(){ 29 | multitail -E "$param" -Evi "info" --mergeall /var/log/{nova,keystone,neutron,openvswitch,horizon,ceilometer,cinder,glance}/* 30 | } 31 | 32 | collect(){ 33 | grep -Eri --colour=auto $param /var/log/{nova,keystone,neutron,openvswitch,horizon,ceilometer,cinder,glance} 34 | } 35 | 36 | case $task in 37 | f) 38 | follow 39 | ;; 40 | c) 41 | collect 42 | ;; 43 | esac 44 | 45 | -------------------------------------------------------------------------------- /openstack-export_image.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #requires 2 variables 3 | #1. user name 4 | #2. instance name 5 | echo -n "Q: Provide a user name with access to the instance: " 6 | read user 7 | 8 | if [ -f ~/keystonerc/keystonerc_$user ] 9 | then 10 | source ~/keystonerc/keystonerc_$user 11 | else 12 | echo "FAIL: ~/keystonerc_$user not found!" 13 | exit 2 14 | fi 15 | 16 | echo -n "Q: Instance name: " 17 | read instance 18 | 19 | instance_id=`nova list |grep $instance |awk '{print $2}'` 20 | if [ "$instance_id" == "" ] 21 | then 22 | echo "FAIL: $instance not found!" 23 | exit 1 24 | fi 25 | 26 | echo " INFO: Stopping instance $instance_id" 27 | nova stop $instance_id 28 | 29 | nova list #verify instance is in SHUTOFF state 30 | 31 | echo " INFO: Snapshoting instance $instance_id" 32 | nova image-create --poll $instance $instance.snapshot 33 | if [ $? -eq 0 ] 34 | then 35 | snapshot_id=`nova image-list |grep $instance.snapshot |awk '{print $2}'` 36 | echo " INFO: Exporting $instance" 37 | glance image-download --file $instance.raw $snapshot_id 38 | else 39 | echo "FAIL: something went wrong!" 40 | fi 41 | -------------------------------------------------------------------------------- /openstack-external-net.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #creates a public network and subnet for our internal vlan 3 | 4 | neutron net-list |grep public > /dev/null 5 | if [ $? -eq 0 ] 6 | then 7 | echo " ERROR: Public network found. Quitting" 8 | exit 1 9 | fi 10 | 11 | ##allocation pool 12 | start=192.168.0.101 13 | end=192.168.0.200 14 | ### 15 | GATEWAY=`grep GATEWAY /etc/sysconfig/network-scripts/ifcfg-br-ex|cut -d= -f2` 16 | network=`echo $GATEWAY | cut -d. -f1,2,3` 17 | network=`echo $network.0/24` 18 | 19 | neutron net-create --tenant-id demo public --router:external=True 20 | neutron subnet-create --tenant-id demo --allocation-pool start=$start,end=$end --gateway=$GATEWAY --disable-dhcp --name external public $network 21 | 22 | ##switch to demo user 23 | demo(){ 24 | source /root/keystonerc_demo 25 | private_subnet=`neutron subnet-list | grep -i private|awk '{print $2}'` 26 | neutron router-show router1 > /dev/null 2>&1 #assuming our router isnt there 27 | if ! [ $? -eq 0 ] 28 | then 29 | neutron router-create router1 30 | neutron router-gateway-set router1 public 31 | else 32 | echo " ERROR: Router router1 found!" 33 | exit 2 34 | fi 35 | 36 | neutron net-create private 37 | neutron subnet-create private 10.0.0.0/24 --name internal --dns_nameservers list=true 8.8.8.8 8.8.8.7 --gateway 10.0.0.1 38 | 39 | neutron router-interface-add router1 internal 40 | } 41 | 42 | if ! [ -z /root/keystonerc_demo ] 43 | then 44 | demo 45 | else 46 | echo " ERROR: demo user not found!" 47 | exit 3 48 | fi 49 | #end demo user 50 | 51 | source /root/keystonerc_admin 52 | -------------------------------------------------------------------------------- /openstack-hammer-uninstall.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | #from http://openstack.redhat.com/Uninstalling_RDO 4 | 5 | for x in $(virsh list --all | grep instance- | awk '{print $2}') ; do virsh destroy $x ; virsh undefine $x ; done ; yum remove -y nrpe "*nagios*" puppet ntp "ntp-*" ntpdate "rdo-release" "*openstack*" "*nova*" "*keystone*" "*glance*" "*cinder*" "*swift*" mysql mysql-server httpd "*memcache*" scsi-target-utils iscsi-initiator-utils perl-DBI perl-DBD-MySQL ; ps -ef | grep -i repli | grep swift | awk '{print $2}' | xargs kill ; rm -rf /etc/nagios /etc/yum.repos.d/packstack_* /root/.my.cnf /var/lib/mysql/ /var/lib/glance /var/lib/nova /etc/nova /etc/swift /srv/node/device*/* /var/lib/cinder/ /etc/rsync.d/frag* /var/cache/swift /var/log/keystone /tmp/keystone-signing-nova ; find /etc | grep rpmsave | xargs rm -vf ; umount /srv/node/device* ; killall -9 dnsmasq tgtd httpd ; setenforce 1 ; vgremove -f cinder-volumes ; losetup -a | sed -e 's/:.*//g' | xargs losetup -d ; find /etc/pki/tls -name "ssl_ps*" | xargs rm -rf ; for x in $(df | grep "/lib/" | sed -e 's/.* //g') ; do umount $x ; done 6 | -------------------------------------------------------------------------------- /openstack-images.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #downloads images, checks md5sum, adds the image to glance 3 | 4 | dir=/root/images.tmp 5 | md5file="`dirname $0`/glance-images.md5sum" 6 | 7 | usage(){ 8 | echo " Usage: `basename $0` all cirros fedora19 fedora20 fedora21 fedora21a centos64 centos65 rhel7 centos6 centos7 centos7atomic" 9 | echo 10 | echo " Submit image locations at https://github.com/marafa/openstack" 11 | exit 1 12 | } 13 | 14 | cirros(){ 15 | image=cirros-0.3.2-x86_64-disk.img 16 | location=http://download.cirros-cloud.net/0.3.2/cirros-0.3.2-x86_64-disk.img 17 | name="CirrOS 0.3.2" 18 | md5="64d7c1cd2b6f60c92c14662941cb7913" 19 | images 20 | } 21 | 22 | fedora19(){ 23 | location=http://download.fedoraproject.org/pub/fedora/linux/releases/19/Images/x86_64/Fedora-x86_64-19-20130627-sda.qcow2 24 | image=Fedora-x86_64-19-20130627-sda.qcow2 25 | name="Fedora 19 x86_64" 26 | md5="9ff360edd3b3f1fc035205f63a58ec3e" 27 | images 28 | } 29 | 30 | fedora20(){ 31 | location=http://download.fedoraproject.org/pub/fedora/linux/updates/20/Images/x86_64/Fedora-x86_64-20-20140407-sda.qcow2 32 | image=Fedora-x86_64-20-20140407-sda.qcow2 33 | name="Fedora 20 x86_64" 34 | md5="1ec332a350e0a839f03c967c1c568623" 35 | images 36 | } 37 | 38 | fedora21(){ 39 | location=http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Base-20141203-21.x86_64.qcow2 40 | image=Fedora-Cloud-Base-20141203-21.x86_64.qcow2 41 | name="Fedora 21 General Purpose" 42 | md5="d009530079fd6567a3f0579a09c03af0" 43 | images 44 | } 45 | 46 | fedora21a(){ 47 | location=http://download.fedoraproject.org/pub/fedora/linux/releases/21/Cloud/Images/x86_64/Fedora-Cloud-Atomic-20141203-21.x86_64.qcow2 48 | image=Fedora-Cloud-Atomic-20141203-21.x86_64.qcow2 49 | name="Fedora 21 Atomic" 50 | md5="7aa95d1513c957ac5028c3f7e6900e16" 51 | images 52 | } 53 | 54 | centos64(){ 55 | location=http://mirror.catn.com/pub/catn/images/qcow2/centos6.4-x86_64-gold-master.img 56 | image=centos6.4-x86_64-gold-master.img 57 | name="CentOS 6.4 x86_64" 58 | md5="6cbd6c52a836e7dec8716b8ef5a37c4a" 59 | images 60 | } 61 | 62 | centos65(){ 63 | location=http://mirror.catn.com/pub/catn/images/qcow2/centos6.5-gold-master.qcow2 64 | image=centos6.5-gold-master.qcow2 65 | name="CentOS 6.5 x86_64" 66 | md5="2041756979e68a1cd40e5ffa3114cdd4" 67 | images 68 | } 69 | 70 | centos6(){ 71 | location=http://cloud.centos.org/centos/6/images/CentOS-6-x86_64-GenericCloud-20141129_01.qcow2 72 | image=CentOS-6-x86_64-GenericCloud-20141129_01.qcow2 73 | name="CentOS 6 20141129" 74 | md5="62ac2565e3527377860361f57639f334" 75 | images 76 | } 77 | 78 | rhel7(){ 79 | location=ftp://ftp.redhat.com/redhat/rhel/rc/7/GuestImage/rhel-guest-image-7.0-20140410.0.x86_64.qcow2 80 | image=rhel-guest-image-7.0-20140410.0.x86_64.qcow2 81 | name="RHEL 7.0 x86_64" 82 | md5="" 83 | images 84 | } 85 | 86 | centos7(){ 87 | location=http://cloud.centos.org/centos/7/images/CentOS-7-x86_64-GenericCloud-20141129_01.qcow2 88 | image=CentOS-7-x86_64-GenericCloud-20141129_01.qcow2 89 | name="CentOS 7 20141129" 90 | md5="ffaf7aabd6330927cabd9ab996e070d2" 91 | images 92 | } 93 | 94 | centos7atomic(){ 95 | location=http://buildlogs.centos.org/rolling/7/isos/x86_64/CentOS-7-x86_64-AtomicHost.qcow2 96 | image=CentOS-7-x86_64-AtomicHost.qcow2 97 | name="CentOS 7 AtomicHost" 98 | md5="ad53d8a7800f2ef5c09feeb413d50d43" 99 | images 100 | } 101 | 102 | download(){ 103 | if ! [ -a $dir/$image ] 104 | then 105 | wget $location -O $dir/$image 106 | fi 107 | } 108 | 109 | debug(){ 110 | echo debug ------ 111 | echo image=$image 112 | echo location=$location 113 | echo name=$name 114 | echo md5sum=$md5file 115 | echo debug ------ 116 | } 117 | 118 | images(){ 119 | #debug 120 | download 121 | echo " INFO: Checking md5sum of $image" 122 | md5sum $image > $image.md5sum 123 | grep $md5 $image.md5sum > /dev/null 124 | if [ $? -eq 0 ] 125 | then 126 | echo " INFO: Importing $image into glance" 127 | . /root/keystonerc_admin 128 | glance image-create --name "$name" --disk-format qcow2 --container-format bare --is-public true < $dir/$image 129 | else 130 | echo " ERROR: Image md5um indicates $image is corrupt" 131 | fi 132 | rm -rf file.tmp $md5file 133 | } 134 | 135 | all(){ 136 | cirros 137 | fedora19 138 | fedora20 139 | fedora21 140 | centos64 141 | centos65 142 | centos6 143 | centos7 144 | rhel7 145 | centos7atomic 146 | } 147 | 148 | ####main 149 | 150 | if [ $# -eq 0 ] 151 | then 152 | usage 153 | fi 154 | 155 | if ! [ -d $dir ] 156 | then 157 | mkdir -p $dir 158 | fi 159 | 160 | cd $dir 161 | 162 | case $1 in 163 | cirros) 164 | cirros 165 | ;; 166 | fedora19) 167 | fedora19 168 | ;; 169 | fedora20) 170 | fedora20 171 | ;; 172 | fedora21) 173 | fedora21 174 | ;; 175 | fedora21a) 176 | fedora21a 177 | ;; 178 | all) 179 | all 180 | ;; 181 | centos64) 182 | centos64 183 | ;; 184 | centos65) 185 | centos65 186 | ;; 187 | centos6) 188 | centos6 189 | ;; 190 | centos7) 191 | centos7 192 | ;; 193 | rhel7) 194 | rhel7 195 | ;; 196 | rhel7) 197 | rhel7 198 | ;; 199 | centos7atomic) 200 | centos7atomic 201 | ;; 202 | *) 203 | usage 204 | ;; 205 | esac 206 | -------------------------------------------------------------------------------- /openstack-logs.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | version=0.3 4 | 5 | help(){ 6 | echo " Usage: `basename $0` component" 7 | echo " Where component is one of nova, keystone, neutron, openvswitch, horizon, ceilometer, cinder, glance, foreman, puppet, system, http, https, rabbitmq, novnc" 8 | } 9 | 10 | if ! [ -f /usr/bin/multitail ] 11 | then 12 | echo ERROR: multitail not found! 13 | yum install multitail 14 | else 15 | if [ $# -eq 0 ] 16 | then 17 | help 18 | exit 2 19 | fi 20 | fi 21 | 22 | case $1 in 23 | rabbitmq) 24 | multitail /var/log/rabbitmq/startup_{log,err} 25 | ;; 26 | nova) 27 | multitail /var/log/nova/*log 28 | ;; 29 | keystone) 30 | multitail /var/log/keystone/*log 31 | ;; 32 | neutron) 33 | multitail /var/log/neutron/*log 34 | ;; 35 | openvswitch) 36 | multitail /var/log/openvswitch/*log 37 | ;; 38 | horizon) 39 | multitail /var/log/horizon/*log 40 | ;; 41 | ceilometer) 42 | multitail /var/log/ceilometer/*log 43 | ;; 44 | cinder) 45 | multitail /var/log/cinder/*log 46 | ;; 47 | glance) 48 | multitail /var/log/glance/*log 49 | ;; 50 | foreman) 51 | multitail /var/log/foreman/*log 52 | ;; 53 | puppet) 54 | multitail /var/log/puppet/*log 55 | ;; 56 | system) 57 | multitail /var/log/{messages,secure} 58 | ;; 59 | http) 60 | multitail /var/log/httpd/{access,error}_log 61 | ;; 62 | https) 63 | multitail /var/log/httpd/horizon_ssl_{access,error}.log 64 | ;; 65 | novnc) 66 | multitail /var/log/nova/novncproxy.log 67 | ;; 68 | *) 69 | help 70 | ;; 71 | esac 72 | -------------------------------------------------------------------------------- /openstack-network-troubleshooting.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | #this is a script that collects information to aid in troubleshooting efforts 4 | 5 | source /root/keystonerc_admin 6 | 7 | echo ---Redhat Release--- 8 | cat /etc/redhat-release 9 | 10 | echo ---Repositories--- 11 | yum repolist 12 | 13 | if [ -f /usr/bin/quantum ] 14 | then 15 | alias neutron=quantum 16 | fi 17 | 18 | echo "---Packages Installed---" 19 | rpm -qa | grep -iE "neutron|nova-network|openstack*" | sort 20 | echo 21 | 22 | for device in `ls /etc/sysconfig/network-scripts/ifcfg-*` 23 | do 24 | echo "---Device config for $device---" 25 | cat $device 26 | echo 27 | done 28 | 29 | echo "---IpTables---" 30 | iptables -nL 31 | 32 | echo "---Ifconfig---" 33 | ifconfig 34 | echo 35 | 36 | echo "-- Devices --" 37 | ip addr 38 | echo 39 | 40 | echo "---Routes----" 41 | route -n 42 | echo 43 | 44 | echo ---Open vSwitch--- 45 | ovs-vsctl show 46 | echo 47 | 48 | echo ---Flows --- 49 | for bridge in `ovs-dpctl show | grep '\:\s.*\(internal\)' | awk '{print $3}'`; do echo "-- $bridge Flows --"; ovs-ofctl dump-flows $bridge; done 50 | echo 51 | 52 | echo -- Bridge Devices -- 53 | brctl show 54 | 55 | echo ---Network Namespaces--- 56 | ip netns 57 | echo 58 | 59 | echo ---Neutron devices--- 60 | neutron router-list 61 | for router in `neutron router-list|grep -vw "id"|awk '{print $2}'`; do echo "Router $router"; neutron router-show $router; done 62 | echo 63 | neutron net-list 64 | for net in `neutron net-list|grep -v "id"| awk '{print $2}'`; do neutron net-show $net; done 65 | echo 66 | neutron subnet-list 67 | for subnet in `neutron subnet-list|grep -v "id"|awk '{print $2}'`; do neutron subnet-show $subnet; done 68 | echo 69 | 70 | echo ---Name resolution--- 71 | cat /etc/resolv.conf 72 | cat /etc/hosts 73 | 74 | echo ---OpenStack status--- 75 | /usr/bin/openstack-status 76 | 77 | if [ /usr/sbin/virt-what ] 78 | then 79 | echo -- Virt-What -- 80 | /usr/sbin/virt-what 81 | if [ $? -eq 0 ] 82 | then 83 | echo "Physical host" 84 | fi 85 | fi 86 | -------------------------------------------------------------------------------- /openstack-network.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | ! [ -z openstack-devices.sh ] && openstack-devices.sh 4 | ! [ -z openstack-public-delete.sh ] && openstack-public-delete.sh 5 | ! [ -z openstack-external-net.sh ] && openstack-external-net.sh 6 | -------------------------------------------------------------------------------- /openstack-notes-working.sh: -------------------------------------------------------------------------------- 1 | 2 | 0. do a minimal centos install 3 | 4 | ssh-keygen -t rsa -N "" -f my.keyssh-keygen -t rsa -N "" -f my.key 5 | 6 | yum install -y http://rdo.fedorapeople.org/rdo-release.rpm; yum install -y openstack-packstack yum-presto; yum -y update; reboot 7 | 8 | kvm=`virt-what` 9 | if [ "$kvm" == "kvm" ] 10 | then 11 | yum install -y mongodb-server mongodb 12 | sed -i '/--smallfiles/!s/OPTIONS=\"/OPTIONS=\"--smallfiles /' /etc/sysconfig/mongod 13 | fi 14 | 4. packstack --allinone --nagios-install=n --mysql-pw=password --ntp-servers=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org --os-swift-install=y --provision-demo-floatrange=192.168.0.128/25 --keystone-demo-passwd=password 15 | 16 | vm 17 | allinone also installs a demo user 18 | before setting up a vm set up a network, firewall rules, ssh keys 19 | 20 | - network as DEMO user: 21 | 22 | i like to delete the networks made available with the allinone as they are not compatbile with my home network. so go to network topology tab on the left of the demo user''s project panel and delete the public and private networks as well as the router to start fresh. 23 | 24 | in the project tab on the left pane, select networks, press the create network button, enter the private network name (eg. demo_net) click on the subnet tab, enter demo_subnet for name and 10.20.30.0/24 . leave the gateway blank. create again, press the create network buton, enter the PUBLIC network name (eg. PublicNet) then public_subnet for the subnet name and YOUR network address eg. if the modem is 192.168.0.1 then put in 192.168.0.0/24. leave DHCP disabled. for the allocation pool pick a range that is sure to be free eg. 192.168.0.100, 192.168.0.200 .. dont leave out the comma. press create 25 | finally, create the router. call it router1 and set the gateway 26 | 27 | now. log out of demo user 28 | log in as admin user 29 | go to networks 30 | click on edit network next to the PublicNet. enable "external network". save 31 | now log out of admin user 32 | 33 | -router 34 | log in as demo user 35 | in the project column, click on router and select router1. edit it. 36 | click external gateway and choose PublicNet. 37 | click set gateway 38 | click on router1. 39 | click add interface. in the subnet menu, select demo_net 10.20.30.0/24 . save. 40 | 41 | check your network topology. all 3 should be connected. 42 | 43 | -access and security 44 | - click floating ips. allocate ip 45 | - click security group tab. create security group. call it demosecgrp or something. make sure you enable port 22 for ssh. save - click keypairs. call it demokey. save to your local box. you might want to transfer it to your host. this demokey.pem is reusable for the project 46 | 47 | next , modify variables then run https://raw.github.com/marafa/openstack/master/openstack-outside.sh . also remove /etc/sysconfig/network-scripts/ifcfg-br-ex before running that script. 48 | 49 | you are now ready to instantiate your instance 50 | 51 | if you need to rerun the installation follwing this syntax 52 | packstack --answer-file=packstack-answers 53 | -------------------------------------------------------------------------------- /openstack-notes.sh: -------------------------------------------------------------------------------- 1 | yum -y install https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/rdo-release-icehouse-4.noarch.rpm virt-what wget git screen vim yum-presto iotop vim-enhanced; yum -y update; 2 | 3 | yum -y install openstack-packstack; packstack --gen-answer-file=~/packstack.answer.orig ; cp ~/packstack.answer.orig ~/packstack.answer 4 | 5 | cat >> /root/.bashrc << EOF 6 | alias vi=vim 7 | alias grep='grep -E --colour=auto' 8 | alias view='vim -R' 9 | alias df='df -h' 10 | export PATH=$PATH:/root/bin/openstack/ 11 | if [ -f /root/keystonerc_admin ] 12 | then 13 | source /root/keystonerc_admin 14 | fi 15 | EOF 16 | source /root/.bashrc 17 | 18 | #### git clone 19 | git clone https://github.com/marafa/openstack.git bin 20 | cd ~/bin 21 | ./openstack-os-tools.sh 22 | cd 23 | 24 | #### alias nic 25 | cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-eth0:1 26 | sed -i 's/eth0"/eth0:1"/g' /etc/sysconfig/network-scripts/ifcfg-eth0:1 27 | 28 | #####modify ~/packstack.answer 29 | sed -i 's,CONFIG_SSH_KEY=,CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub,g' ~/packstack.answer 30 | sed -i 's/CONFIG_NTP_SERVERS=/CONFIG_NTP_SERVERS=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org/g' ~/packstack.answer 31 | sed -i 's/CONFIG_HORIZON_SSL=n/CONFIG_HORIZON_SSL=y/g' ~/packstack.answer 32 | sed -i 's/PW=.*/PW=password/g' ~/packstack.answer 33 | sed -i 's/PASSWORD=.*/PASSWORD=password/g' ~/packstack.answer 34 | sed -i 's/CONFIG_NAGIOS_INSTALL=y/CONFIG_NAGIOS_INSTALL=n/g' ~/packstack.answer 35 | sed -i 's/CONFIG_SWIFT_INSTALL=n/CONFIG_SWIFT_INSTALL=y/g' ~/packstack.answer 36 | sed -i 's/CONFIG_CINDER_VOLUMES_SIZE=20G/CONFIG_CINDER_VOLUMES_SIZE=5G/g' ~/packstack.answer 37 | sed -i 's,CONFIG_NOVA_NETWORK_FLOATRANGE=10.3.4.0/22,CONFIG_NOVA_NETWORK_FLOATRANGE=192.168.0.0/24,g' ~/packstack.answer 38 | sed -i 's/CONFIG_PROVISION_DEMO=n/CONFIG_PROVISION_DEMO=y/g' ~/packstack.answer 39 | sed -i 's,CONFIG_PROVISION_DEMO_FLOATRANGE=172.24.4.224/28,CONFIG_PROVISION_DEMO_FLOATRANGE=192.168.0.0/24,g' ~/packstack.answer 40 | 41 | ####vlan support 42 | sed -i 's/CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=local/CONFIG_NEUTRON_OVS_TENANT_NETWORK_TYPE=vlan/g' ~/packstack.answer 43 | sed -i 's/CONFIG_NEUTRON_OVS_VLAN_RANGES=/CONFIG_NEUTRON_OVS_VLAN_RANGES=physnet1:1000:2999/g' ~/packstack.answer 44 | sed -i 's/CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=/CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=physnet1:br-eth0:1/g' ~/packstack.answer 45 | 46 | ###################RUN IT ################## 47 | #$#$ time packstack --answer-file=~/packstack.answer 48 | #OR 49 | # packstack --allinone --nagios-install=n --mysql-pw=password --ntp-servers=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org --os-swift-install=y --provision-demo-floatrange=192.168.0.0/24 --keystone-demo-passwd=password 50 | 51 | echo "export PS1='[\u@\h \W(\033[1;31mkeystone_admin\033[0m)]\\$ '" >> ~/keystonerc_admin 52 | source ~/keystonerc_admin 53 | 54 | kvm=`virt-what` 55 | if [ "$kvm" == "kvm" ] 56 | then 57 | openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini AGENT polling_interval 20 58 | service neutron-openvswitch-agent restart 59 | fi 60 | 61 | chkconfig ntpdate on 62 | 63 | #ovs-vsctl add-port br-ex eth0; service network restart #this line is now in openstack-outside.sh 64 | 65 | sed -i 's/DEBUG = False/DEBUG = True/g' /etc/openstack-dashboard/local_settings 66 | for service in `ls /etc/init.d/openstack-nova*` 67 | do 68 | $service restart 69 | done 70 | sed -i 's/debug=True/debug=false/g' /etc/nova/nova.conf 71 | service httpd restart 72 | 73 | sh /root/bin/openstack/openstack-outside.sh ### looks like we dont have to create a public network if demo account is used 74 | 75 | ###create a flavour for centos 76 | nova flavor-create --ephemeral 0 --rxtx-factor 1.0 --is-public True m2.small 6 1024 10 1 77 | 78 | ### add rules to sec group demo_secgroup 79 | source /root/keystonerc_demo 80 | #ping 81 | nova --no-cache secgroup-add-rule demo_secgroup icmp -1 -1 0.0.0.0/0 82 | #ssh 83 | nova --no-cache secgroup-add-rule demo_secgroup tcp 22 22 0.0.0.0/0 84 | #list them 85 | nova secgroup-list-rules demo_secgroup 86 | 87 | #set demo password to password 88 | keystone user-password-update --pass password demo 89 | echo "export OS_PASSWORD=password" >> ~/keystonerc_demo 90 | 91 | ###in case a re run of the install is needed 92 | packstack --answer-file=packstack-answers 93 | -------------------------------------------------------------------------------- /openstack-os-tools.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | config_vnstat(){ 4 | if [ -f /usr/bin/vnstat ] 5 | then 6 | for int in `vnstat --iflist| sed 's/Available interfaces://'` 7 | do 8 | echo " INFO: Initialising vnstat db for $int" 9 | vnstat -u -i $int 10 | done 11 | 12 | chown vnstat.vnstat `cat /etc/vnstat.conf | grep DatabaseDir |sed 's/"//g' |awk '{print $2 "/*"}'` 13 | 14 | chkconfig vnstat on 15 | service vnstat restart 16 | fi 17 | } 18 | 19 | install_tools(){ 20 | if [ -f /etc/yum.repos.d/epel.repo ] 21 | then 22 | pkg="htop byobu alpine vnstat multitail bash-completion" 23 | fi 24 | pkg=$pkg 25 | yum install $pkg iotop screen vim-enhanced yum-presto wget vim virt-what virt-top 26 | } 27 | 28 | install_tools 29 | config_vnstat 30 | -------------------------------------------------------------------------------- /openstack-outside.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | echo -n " WARN: `basename $0` will modify your network settings. Continue? YES/n: " 4 | read answer 5 | if ! [ "$answer" == "YES" ] 6 | then 7 | exit 1 8 | fi 9 | 10 | source /root/keystonerc_admin 11 | 12 | interfaces(){ 13 | lines=`ifconfig | awk -F "[: ]+" '/inet addr:/ { if ($4 != "127.0.0.1") print $4 }' | cut -d. -f1,2,3| wc -l` 14 | if [ $lines -gt 1 ] 15 | then 16 | echo " WARN: More than 1 physical network interface found" 17 | echo " Pls edit the variable available to `basename $0`" 18 | exit 1 19 | else 20 | vlan=`ifconfig | awk -F "[: ]+" '/inet addr:/ { if ($4 != "127.0.0.1") print $4 }' | cut -d. -f1,2,3` 21 | fi 22 | } 23 | 24 | #interfaces #disable this if the script detects more than one interface and enable the below line 25 | vlan=192.168.0 26 | 27 | now=`date +%Y%m%d%H%M` 28 | device=eth0 29 | start=$vlan.150 30 | end=$vlan.200 31 | gw=$vlan.1 32 | dns1=4.2.2.2 33 | dns2= 34 | dns3= 35 | hwaddr=`cat /etc/udev/rules.d/70-persistent-net.rules | grep $device | cut -d, -f4 | sed 's/ ATTR{address}=="//g' | sed 's/"//g'` 36 | IP=`ifconfig $device|grep -w inet|awk '{print $2}'|cut -d: -f2` 37 | domain=marafa.vm 38 | PublicNet=PublicNet 39 | PublicSubNet=PublicSubNet 40 | 41 | ##determine one physical nic or more 42 | ##if one nic move ip from nic to br-ex in /etc/sysconfig/network-scripts 43 | device_exist(){ 44 | ifconfig $device > /dev/null 2>&1 45 | if ! [ $? -eq 0 ] 46 | then 47 | echo " ERROR: $device not found" 48 | echo " Pls edit the variable available to `basename $0`" 49 | exit 2 50 | fi 51 | if [ -f /etc/sysconfig/network-scripts/ifcfg-br-ex ] 52 | then 53 | echo " WARN: br-ex already configured. Backup & Continue?" 54 | read answer 55 | if ! [ "$answer" == "y" ] 56 | then 57 | exit 4 58 | fi 59 | mv /etc/sysconfig/network-scripts/ifcfg-br-ex /root/ifcfg-br-ex-$now 60 | echo " WARN: /etc/sysconfig/network-scripts/ifcfg-br-ex found. Saving $device to /root/ifcfg-$device.$now" 61 | mv /etc/sysconfig/network-scripts/ifcfg-$device /root/ifcfg-$device.$now 62 | fi 63 | } 64 | 65 | device_primary(){ 66 | cat >> /etc/sysconfig/network-scripts/ifcfg-$device << EOF 67 | DEVICE=$device 68 | HWADDR=$hwaddr 69 | ONBOOT=yes 70 | #TYPE=OVSPort 71 | #DEVICETYPE=ovs 72 | #OVS_BRIDGE=br-ex 73 | EOF 74 | } 75 | 76 | device_bridge(){ 77 | cat >> /etc/sysconfig/network-scripts/ifcfg-br-ex << EOF 78 | DEVICE=br-ex 79 | IPADDR=$IP 80 | PREFIX=24 81 | GATEWAY=$gw 82 | DNS1=$dns1 83 | DNS2=$dns2 84 | DNS3=$dns3 85 | SEARCH=$domain 86 | ONBOOT=yes 87 | #DEVICETYPE=ovs 88 | #TYPE=OVSBridge 89 | #BOOTPROTO=static 90 | #NETMASK=255.255.255.0 91 | EOF 92 | } 93 | 94 | ovs(){ #open vswitch 95 | ovs-vsctl add-port br-ex $device; service network restart 96 | } 97 | 98 | public_net(){ 99 | echo check if the public network exists 100 | neutron net-show public > /dev/null 2>&1 101 | if ! [ $? -eq 0 ] 102 | then 103 | echo create the public net 104 | neutron net-create --tenant-id admin $PublicNet --router:external=True 105 | fi 106 | } 107 | 108 | public_subnet(){ 109 | echo check if the public subnet exists 110 | neutron subnet-show public_subnet > /dev/null 2>&1 111 | if ! [ $? -eq 0 ] 112 | then 113 | echo create the public subnet 114 | #neutron subnet-create --name $PublicSubNet $PublicNet $vlan.0/24 115 | neutron subnet-create --tenant-id admin --allocation-pool start=$start,end=$end --gateway=$gw --disable-dhcp --name $PublicSubNet $PublicNet $vlan.0/24 116 | fi 117 | } 118 | 119 | public_router(){ 120 | echo check if the router1 exists 121 | neutron router-show router1 > /dev/null 2>&1 #assuming our router isnt there 122 | if ! [ $? -eq 0 ] 123 | then 124 | echo create the public router 125 | neutron router-create PublicRouter 126 | neutron router-gateway-set PublicRouter $PublicNet 127 | fi 128 | } 129 | 130 | public_floatingip(){ 131 | neutron floatingip-create $PublicNet 132 | } 133 | 134 | public_network(){ 135 | public_net 136 | public_subnet 137 | public_router 138 | public_floatingip 139 | } 140 | 141 | ###MAIN 142 | check 143 | device_primary 144 | device_bridge 145 | ovs 146 | public_network 147 | -------------------------------------------------------------------------------- /openstack-project-add.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | if [ $# -eq 0 ] 4 | then 5 | echo " Usage: `basename $0` Project#" 6 | exit 2 7 | fi 8 | 9 | source /root/keystonerc_admin 10 | 11 | #variables 12 | 13 | id=$1 14 | tenant=Tenant 15 | project=Project 16 | user=user 17 | ks_dir=/root/keystonerc 18 | 19 | ###begin 20 | mk_pw(){ 21 | #if ! [ -f /usr/bin/pwmake ] 22 | #then 23 | # echo " WARN: /usr/bin/pwmake not found. Pls install libpwquality" 24 | # exit 1 25 | #fi 26 | #password=`pwmake 4` 27 | #password=`date +%s | sha256sum | base64 | head -c 8 ; echo` 28 | ####making things simpler while i test this 29 | password=password 30 | } 31 | 32 | create_project(){ 33 | keystone tenant-create --name=$project$id --description $tenant$id 34 | } 35 | 36 | create_admin_user(){ 37 | #keystone user-create --name=$user$id --pass=$password --email=admin@localhost --tenant $project$id 38 | keystone user-create --name=$user$id --pass=$password --email=admin@localhost 39 | 40 | echo " INFO: admin user ($user$id) for $project$id has password $password" 41 | echo "------- check if password $password has special characters that might break things eg. ; *" 42 | } 43 | 44 | assign_role_to_user(){ 45 | #keystone user-role-add --user $user$id --role admin$id --tenant $project$id 46 | keystone user-role-add --user $user$id --role _member_ --tenant $project$id 47 | } 48 | 49 | create_networks(){ 50 | if [ -f $ks_dir/keystonerc_$user$id ] 51 | then 52 | source $ks_dir/keystonerc_$user$id 53 | else 54 | echo "FAIL: $ks_dir/keystonerc_$user$id not found!" 55 | exit 6 56 | fi 57 | 58 | neutron router-create router$id 59 | neutron net-create PrivateNet_$id 60 | source /root/keystonerc_admin 61 | CIDR=`neutron subnet-list | awk '{print $6}'| grep ^10. | cut -d/ -f1` 62 | source $ks_dir/keystonerc_$user$id 63 | if [ "$CIDR" == "" ] 64 | then 65 | echo "WARN: CIDR 10.x.x.x not found. Is this a new install?" 66 | CIDR=10.0.0.0 67 | echo " INFO: Using CIDR $CIDR" 68 | fi 69 | CIDR2=`echo $CIDR| cut -d. -f2` 70 | CIDR3=`echo $CIDR| cut -d. -f3` 71 | if [ $CIDR3 -eq 255 ] 72 | then 73 | if [ $CIDR2 -eq 255 ] 74 | then 75 | echo " FAIL: You are out of networks!" 76 | exit 3 77 | else 78 | CIDR2=`expr $CIDR2 + 1` 79 | fi 80 | else 81 | CIDR3=`expr $CIDR3 + 1` 82 | fi 83 | 84 | CIDR=10.$CIDR2.$CIDR3.0 85 | 86 | neutron subnet-create PrivateNet_$id $CIDR/24 --dns-nameserver 8.8.8.8 --dns-nameserver 8.8.8.7 --name PrivateSubnet_$id 87 | neutron router-interface-add router$id PrivateSubnet_$id 88 | 89 | source /root/keystonerc_admin 90 | neutron router-gateway-set router$id public ##why? this is already done in openstack-outside.sh 91 | } 92 | 93 | keystonerc(){ 94 | echo " INFO: Writing $ks_dir/keystonerc_$user$id" 95 | ipaddr=`ip addr show br-ex |grep inet -w|awk '{print $2}' |sed 's,/24,,g'` 96 | mkdir -p $ks_dir 97 | cat >> $ks_dir/keystonerc_$user$id << EOF 98 | export OS_USERNAME=$user$id 99 | export OS_TENANT_NAME=$project$id 100 | export OS_PASSWORD=$password 101 | export OS_AUTH_URL=http://$ipaddr:35357/v2.0/ 102 | export PS1='[\u@\h \W(\033[1;32mkeystone_$user$id\033[0m)]\$ ' 103 | EOF 104 | } 105 | 106 | write_security_rules(){ 107 | echo "todo: use neutron secgroup to add ssh and ping rules instead of nova" 108 | source $ks_dir/keystonerc_$user$id 109 | nova keypair-add key$id > $ks_dir/key$id.pem 110 | chmod 600 $ks_dir/key$id.pem 111 | nova secgroup-create SecGrp$id "Security Group $id" 112 | nova secgroup-add-rule SecGrp$id tcp 22 22 0.0.0.0/0 113 | neutron security-group-rule-create --direction ingress --protocol tcp --port_range_min 1 --port_range_max 65535 SecGrp$id 114 | neutron security-group-rule-create --direction ingress --protocol udp --port_range_min 1 --port_range_max 65535 SecGrp$id 115 | neutron security-group-rule-create --direction ingress --protocol icmp SecGrp$id 116 | } 117 | 118 | ###main 119 | mk_pw 120 | create_admin_user 121 | create_project 122 | assign_role_to_user 123 | keystonerc 124 | create_networks 125 | write_security_rules 126 | -------------------------------------------------------------------------------- /openstack-project-delete.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | #!set -x 4 | #!read trap debug 5 | 6 | if [ $# -eq 0 ] 7 | then 8 | echo " Usage: `basename $0` Project#" 9 | exit 2 10 | fi 11 | 12 | #variables 13 | 14 | id=$1 15 | tenant=Tenant 16 | project=Project 17 | user=user 18 | ks_dir=/root/keystonerc 19 | 20 | network_router(){ 21 | #neutron floatingip-delete 22 | ns=`neutron router-list| grep $id | awk '{print $2}'` 23 | ns=qrouter-$ns 24 | neutron router-gateway-clear router$id 25 | neutron router-interface-delete router$id PrivateSubnet_$id 26 | neutron router-delete router$id 27 | ip netns delete $ns 28 | } 29 | 30 | network_net(){ 31 | neutron net-delete PrivateNet_$id 32 | } 33 | 34 | network_subnet(){ 35 | neutron subnet-delete PrivateSubnet_$id 36 | } 37 | 38 | user(){ 39 | keystone user-delete $user$id 40 | } 41 | 42 | tenant(){ 43 | keystone tenant-delete $project$id 44 | } 45 | 46 | role(){ 47 | keystone role-delete admin$id 48 | } 49 | 50 | secgroup(){ 51 | nova secgroup-delete SecGrp$id 52 | } 53 | 54 | keystonerc(){ 55 | echo " INFO: Deleting $ks_dir/keystonerc_$user$id" 56 | rm -rf $ks_dir/keystonerc_$user$id 57 | } 58 | 59 | pem_file(){ 60 | echo " INFO: Deleting $ks_dir/$user$id.pem " 61 | rm -rf $ks_dir/key$id.pem 62 | } 63 | 64 | keypair(){ 65 | echo " INFO: Deleting keypair key$id" 66 | nova keypair-delete key$id 67 | } 68 | 69 | network_router 70 | network_net 71 | network_subnet 72 | secgroup 73 | keypair 74 | user 75 | role 76 | tenant 77 | keystonerc 78 | pem_file 79 | -------------------------------------------------------------------------------- /openstack-public-delete.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | #deletes the public network 3 | 4 | neutron net-list |grep public > /dev/null 5 | if ! [ $? -eq 0 ] 6 | then 7 | echo "ERROR: Public net not found. Quitting" 8 | exit 1 9 | fi 10 | 11 | public_id=`neutron net-list |grep public|awk '{print $2}'` 12 | router=`neutron router-list|grep router1 |awk '{print $2}'` 13 | subnet=`neutron router-port-list $router| grep ip_address|awk '{print $8}'| sed 's/"//g'| sed 's/,//'` 14 | 15 | neutron router-gateway-clear $router 16 | neutron router-interface-delete $router $public_id 17 | for i in $subnet 18 | do 19 | neutron router-interface-delete $router $subnet 20 | done 21 | neutron router-delete $router 22 | neutron net-delete $public_id 23 | -------------------------------------------------------------------------------- /packstack-answerfile.sh: -------------------------------------------------------------------------------- 1 | #!/bin/sh 2 | 3 | today=`date --date "today" +%Y%m%d` 4 | 5 | packstack --gen-answer-file=~/packstack.answer.$today 6 | 7 | sed -i 's,CONFIG_SSH_KEY=,CONFIG_SSH_KEY=/root/.ssh/id_rsa.pub,g' ~/packstack.answer.$today 8 | sed -i 's/CONFIG_NTP_SERVERS=/CONFIG_NTP_SERVERS=0.pool.ntp.org,1.pool.ntp.org,2.pool.ntp.org/g' ~/packstack.answer.$today 9 | sed -i 's/PW=.*/PW=password/g' ~/packstack.answer.$today 10 | sed -i 's/PASSWORD=.*/PASSWORD=password/g' ~/packstack.answer.$today 11 | 12 | --------------------------------------------------------------------------------