diff options
author | kwadronaut <kwadronaut@leap.se> | 2013-06-11 11:27:39 +0200 |
---|---|---|
committer | kwadronaut <kwadronaut@leap.se> | 2013-06-11 11:27:39 +0200 |
commit | 5cbf9966db3e3d1390fa3cbea50dd73dbd8028c4 (patch) | |
tree | 4b5239bcc8a2c18c6389c445a6573a0197e23788 |
initial help with and for PC-administartion
-rw-r--r-- | DC-openrc.sh | 60 | ||||
-rw-r--r-- | HK-LEAP-platform-kwadronaut-openrc.sh | 24 | ||||
-rw-r--r-- | HK-openrc.sh | 24 | ||||
-rw-r--r-- | PP-admin-openrc.sh | 60 | ||||
-rw-r--r-- | README | 3 | ||||
-rw-r--r-- | boot-image | 3 | ||||
-rw-r--r-- | secgroup-adaptation | 23 |
7 files changed, 197 insertions, 0 deletions
diff --git a/DC-openrc.sh b/DC-openrc.sh new file mode 100644 index 0000000..96487be --- /dev/null +++ b/DC-openrc.sh @@ -0,0 +1,60 @@ +#!/bin/bash + + +# Nova original used project_id as the *account* that owned resources (servers, +# ip address, ...) With the addition of Keystone we have standardized on the +# term **tenant** as the entity that owns the resources. **novaclient** still +# uses the old deprecated terms project_id. Note that this field should now be +# set to tenant_name, not tenant_id. +export NOVA_PROJECT_ID=admin + + +# In addition to the owning entity (tenant), nova stores the entity performing +# the action as the **user**. +export NOVA_USERNAME=admin + +# With Keystone you pass the keystone password instead of an api key. +# The most recent versions of novaclient use NOVA_PASSWORD instead of NOVA_API_KEY +echo "Please enter your Nova Password: " +read -s NOVA_PASSWORD +export NOVA_PASSWORD +export NOVA_API_KEY=$NOVA_PASSWORD + +# With the addition of Keystone, to use an openstack cloud you should +# authenticate against keystone, which returns a **Token** and **Service +# Catalog**. The catalog contains the endpoint for all services the user/tenant +# has access to - including nova, glance, keystone, swift, ... We currently +# recommend using the 2.0 *auth api*. +# +# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We +# will use the 1.1 *compute api* +export NOVA_URL=http://192.168.3.3:5000/v2.0 + +# Currently novaclient needs you to specify the *compute api* version. This +# needs to match the config of your catalog returned by Keystone. +export NOVA_VERSION=1.1 + + +# Set the ec2 url so euca2ools works +export EC2_URL=http://192.168.3.5:8773/services/Cloud + + +# Access key is set in the initial keystone data to be the same as username +export EC2_ACCESS_KEY=admin +# Secret key is set in the initial keystone data to the admin password +export EC2_SECRET_KEY=$NOVA_PASSWORD + +# set log level to DEBUG (helps debug issues) +# export NOVACLIENT_DEBUG=1 + +# Max time till the vm is bootable +export BOOT_TIMEOUT=15 + +# Max time to wait while vm goes from build to active state +export ACTIVE_TIMEOUT=10 + +# Max time from run instance command until it is running +export RUNNING_TIMEOUT=${RUNNING_TIMEOUT:-$(($BOOT_TIMEOUT + $ACTIVE_TIMEOUT))} + +# Max time to wait for proper IP association and dis-association. +export ASSOCIATE_TIMEOUT=10 diff --git a/HK-LEAP-platform-kwadronaut-openrc.sh b/HK-LEAP-platform-kwadronaut-openrc.sh new file mode 100644 index 0000000..dd824c2 --- /dev/null +++ b/HK-LEAP-platform-kwadronaut-openrc.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# With the addition of Keystone, to use an openstack cloud you should +# authenticate against keystone, which returns a **Token** and **Service +# Catalog**. The catalog contains the endpoint for all services the +# user/tenant has access to - including nova, glance, keystone, swift. +# +# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We +# will use the 1.1 *compute api* +export OS_AUTH_URL=http://192.168.9.3:5000/v2.0 + +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=f9d34c2a4eb24d74bdf9fd203ff4b684 +export OS_TENANT_NAME="LEAP - platform" + +# In addition to the owning entity (tenant), openstack stores the entity +# performing the action as the **user**. +export OS_USERNAME=kwadronaut + +# With Keystone you pass the keystone password. +echo "Please enter your OpenStack Password: " +read -s OS_PASSWORD_INPUT +export OS_PASSWORD=$OS_PASSWORD_INPUT diff --git a/HK-openrc.sh b/HK-openrc.sh new file mode 100644 index 0000000..e6d034f --- /dev/null +++ b/HK-openrc.sh @@ -0,0 +1,24 @@ +#!/bin/bash + +# With the addition of Keystone, to use an openstack cloud you should +# authenticate against keystone, which returns a **Token** and **Service +# Catalog**. The catalog contains the endpoint for all services the +# user/tenant has access to - including nova, glance, keystone, swift. +# +# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We +# will use the 1.1 *compute api* +export OS_AUTH_URL=http://192.168.9.3:5000/v2.0 + +# With the addition of Keystone we have standardized on the term **tenant** +# as the entity that owns the resources. +export OS_TENANT_ID=a32a66b2441a4fa18d05bf7cc12f2ac6 +export OS_TENANT_NAME="admin" + +# In addition to the owning entity (tenant), openstack stores the entity +# performing the action as the **user**. +export OS_USERNAME=admin + +# With Keystone you pass the keystone password. +echo "Please enter your OpenStack Password: " +read -s OS_PASSWORD_INPUT +export OS_PASSWORD=$OS_PASSWORD_INPUT diff --git a/PP-admin-openrc.sh b/PP-admin-openrc.sh new file mode 100644 index 0000000..a35c173 --- /dev/null +++ b/PP-admin-openrc.sh @@ -0,0 +1,60 @@ +#!/bin/bash + + +# Nova original used project_id as the *account* that owned resources (servers, +# ip address, ...) With the addition of Keystone we have standardized on the +# term **tenant** as the entity that owns the resources. **novaclient** still +# uses the old deprecated terms project_id. Note that this field should now be +# set to tenant_name, not tenant_id. +export NOVA_PROJECT_ID=admin + + +# In addition to the owning entity (tenant), nova stores the entity performing +# the action as the **user**. +export NOVA_USERNAME=admin + +# With Keystone you pass the keystone password instead of an api key. +# The most recent versions of novaclient use NOVA_PASSWORD instead of NOVA_API_KEY +echo "Please enter your Nova Password: " +read -s NOVA_PASSWORD +export NOVA_PASSWORD +export NOVA_API_KEY=$NOVA_PASSWORD + +# With the addition of Keystone, to use an openstack cloud you should +# authenticate against keystone, which returns a **Token** and **Service +# Catalog**. The catalog contains the endpoint for all services the user/tenant +# has access to - including nova, glance, keystone, swift, ... We currently +# recommend using the 2.0 *auth api*. +# +# *NOTE*: Using the 2.0 *auth api* does not mean that compute api is 2.0. We +# will use the 1.1 *compute api* +export NOVA_URL=http://192.168.14.3:5000/v2.0 + +# Currently novaclient needs you to specify the *compute api* version. This +# needs to match the config of your catalog returned by Keystone. +export NOVA_VERSION=1.1 + + +# Set the ec2 url so euca2ools works +export EC2_URL=http://192.168.14.5:8773/services/Cloud + + +# Access key is set in the initial keystone data to be the same as username +export EC2_ACCESS_KEY=admin +# Secret key is set in the initial keystone data to the admin password +export EC2_SECRET_KEY=$NOVA_PASSWORD + +# set log level to DEBUG (helps debug issues) +# export NOVACLIENT_DEBUG=1 + +# Max time till the vm is bootable +export BOOT_TIMEOUT=15 + +# Max time to wait while vm goes from build to active state +export ACTIVE_TIMEOUT=10 + +# Max time from run instance command until it is running +export RUNNING_TIMEOUT=${RUNNING_TIMEOUT:-$(($BOOT_TIMEOUT + $ACTIVE_TIMEOUT))} + +# Max time to wait for proper IP association and dis-association. +export ASSOCIATE_TIMEOUT=10 @@ -0,0 +1,3 @@ +This is work in progress on interacting and automating with Openstack/Piston Cloud +Sometimes values are hardcoded or there is only an example in a script. Be careful. +For Piston Cloud 2 onwards: create a new useraccount, donwload your 'rc-file' for each project and source that evyertime you interact with that project in that cloud. diff --git a/boot-image b/boot-image new file mode 100644 index 0000000..baaa072 --- /dev/null +++ b/boot-image @@ -0,0 +1,3 @@ + +nova boot --image LeapWheezyBase201303 --flavor m1.medium --security-groups Beta-Bitmask --key_name Elijah Bitmask-Dev- +# which image to boot from size, memory, cpus firewall rules insert 1 key name diff --git a/secgroup-adaptation b/secgroup-adaptation new file mode 100644 index 0000000..921c9d8 --- /dev/null +++ b/secgroup-adaptation @@ -0,0 +1,23 @@ +#!/bin/sh + +# we're adding a bunch of relatively default groups. you can use the same syntax to open ports for munin or other things + +SECGROUP=$1 + +# where do we start? SSH? +nova secgroup-add-rule $SECGROUP tcp 22 22 0/0 + +# web is so common +nova secgroup-add-rule $SECGROUP tcp 80 80 0/0 +nova secgroup-add-rule $SECGROUP tcp 443 443 0/0 + +# ping. People like Ping, the story about Ping +nova secgroup-add-rule $SECGROUP ICMP -1 -1 0/0 + +# Ping doesn't like Onions, but we do! +nova secgroup-add-rule $SECGROUP tcp 9001 9001 0/0 + +# There's also this story about Alice, who gets into a rabbit hole +nova secgroup-add-rule $SECGROUP UDP 1194 1194 0/0 + +# That's it for now |