Setup scripts for Charmed OSM Hackfest 15

PROJECT: The project ID in which to launch the new VM

SUBNET: the first three octets of the subnet to use.  IP addresses will be allocated from this subnet, starting with .101 - .199

### Creating Openstack Tenants

This script will create users and projects in Openstack for hackfest-1, -2, -3, etc.  These projects are for deploying workloads to, OSM itself will be installed under the admin tenant.  It also creates SGi, S1, Private and Management networks, and launches OSM, VyOS and Microk8s VMs in the tenant.

```

./run-create-openstack-user-and-project.sh

```

### Initial Configuration

This script updates apt, upgrades the system to the latest 20.04 and installs remote desktop software

```

./run-vm-setup.sh

./run-vm-initial-setup.sh

```

### Install Microk8s

export OS_AUTH_TYPE=password

export OS_AUTH_URL=https://keystone.pc1.canonical.com:5000/v3

export OS_CACERT=/home/ubuntu/pc-cacert.pem

export OS_DOMAIN_NAME=admin_domain

export OS_IDENTITY_API_VERSION=3

export OS_INTERFACE=public

export OS_PASSWORD=`cat admin.password`

export OS_PROJECT_DOMAIN_NAME=admin_domain

export OS_PROJECT_NAME=admin

export OS_REGION_NAME=PartnerCloud1

export OS_TENANT_NAME=admin

export OS_USER_DOMAIN_NAME=admin_domain

export OS_USERNAME=admin

    set -x

fi

START=1

MAX=1

START=5

MAX=10

if [ ! -z $2 ] ; then

    START=$1

    MAX=$1

fi

# ETSI VIM ADMIN_DOMAIN=default, Partner Cloud=admin_domain

ADMIN_DOMAIN=admin_domain

APT_PROXY=http://172.21.18.3:3142

FLAVOR=hackfest

# ETSI VIM ADMIN_DOMAIN=default

APT_PROXY=http://172.21.1.1.3142

FLAVOR=osm.sanity

KEY_NAME=hackfest

NETWORK=osm-ext

SUBNET=172.21.19

ZONE=hackfest

MANAGEMENT_SUBNET=10.0.0

SGi_SUBNET=192.168.2

S1_SUBNET=192.168.0

MANAGEMENT_SUBNET=10.1.0

PRIVATE_SUBNET=192.168.239

FOCAL="auto-sync/ubuntu-focal-20.04-amd64-server-20221010-disk1.img"

JAMMY=""

VyOS="vyos-1.1.7-cloudinit"

#!/bin/bash

echo $0 started at $(date)

. ./common-vars

. ./admin-credentials.rc

PARTICIPANT=${1}

OPENSTACK_USER=hackfest-${PARTICIPANT}

PROJECT=hackfest-${PARTICIPANT}

PASSWORD=hackfest

echo "Creating OpenStack project: ${PROJECT}"

openstack project create --domain ${ADMIN_DOMAIN} ${PROJECT}

PROJECT_ID=`openstack project list | grep "${PROJECT} " | awk '{print $2}'`

openstack quota set --cores 64 --ram 131072 --instances 12 ${PROJECT_ID} &

echo "Creating OpenStack User"

openstack user create --project ${PROJECT} --domain ${ADMIN_DOMAIN} --password $PASSWORD $OPENSTACK_USER

openstack role add --user $OPENSTACK_USER --project ${PROJECT} member

echo "Creating OpenStack Network RBAC policy access_as_external, for network $NETWORK and project ${PROJECT}"

openstack network rbac create \

    --target-project ${PROJECT} \

    --type network \

    --action access_as_external \

    $NETWORK &

echo "Creating OpenStack Network RBAC policy access_as_shared, for network $NETWORK and project ${PROJECT}"

openstack network rbac create \

    --target-project ${PROJECT} \

    --type network \

    --action access_as_shared \

    $NETWORK &

wait

echo "Creating public port"

IP=`expr ${PARTICIPANT} + 0`

VYOSIP=`expr ${PARTICIPANT} + 100`

# This port gets created as the admin

openstack port create --disable-port-security --fixed-ip ip-address=${SUBNET}.${IP} --project=${PROJECT} --enable --network osm-ext hackfest-osm-${PARTICIPANT}

openstack port create --disable-port-security --fixed-ip ip-address=${SUBNET}.${VYOSIP} --project=${PROJECT} --enable --network osm-ext VyOS-management-${PARTICIPANT} &

wait

# This is done as the tenant, and some form of bug makes it necessary to unset this variable

unset OS_PROJECT_NAME

export OS_USERNAME=${OPENSTACK_USER}

export OS_PASSWORD=${PASSWORD}

export OS_PROJECT_NAME=${PROJECT}

NOT_READY=1

while [ $NOT_READY -eq 1 ] ; do

    openstack server list

    NOT_READY=$?

done

echo "Adding security groups"

for i in $(openstack security group list | awk '/default/{ print $2 }'); do

    openstack security group rule create $i --protocol icmp --remote-ip 0.0.0.0/0 &

    openstack security group rule create $i --protocol udp --remote-ip 0.0.0.0/0 &

    openstack security group rule create $i --protocol tcp --remote-ip 0.0.0.0/0 &

done

wait

echo "Creating networks"

NETWORK=management

echo "Creating ${NETWORK} network"

openstack network create ${NETWORK} --enable --no-share

openstack subnet create ${NETWORK}-subnet --network=${NETWORK} --subnet-range=${MANAGEMENT_SUBNET}.0/24 --gateway none --dns-nameserver 172.21.18.2 --dhcp --allocation-pool start=10.0.0.101,end=10.0.0.199 --host-route destination=0.0.0.0/0,gateway=10.0.0.10

NETWORK=SGi

echo "Creating ${NETWORK} network"

openstack network create ${NETWORK} --enable --no-share

openstack subnet create ${NETWORK}-subnet --network=${NETWORK} --subnet-range=${SGi_SUBNET}.0/24 --gateway none --host-route destination=0.0.0.0/0,gateway=10.0.0.10

NETWORK=S1

echo "Creating ${NETWORK} network"

openstack network create ${NETWORK} --enable --no-share

openstack subnet create ${NETWORK}-subnet --network=${NETWORK} --subnet-range=${S1_SUBNET}.0/24

echo "Creating Private network"

openstack network create private --enable --no-share

openstack subnet create private-subnet --network=private --subnet-range=${PRIVATE_SUBNET}.0/24  --gateway none --host-route destination=0.0.0.0/0,gateway=192.168.239.250

# Create as the project user

echo "Creating Ports"

openstack port create --disable-port-security --fixed-ip ip-address=192.168.239.250 --enable --disable-port-security --network private VyOS-private &

openstack port create --disable-port-security --fixed-ip ip-address=10.0.0.10 --enable --network management OSM-management &

openstack port create --disable-port-security --fixed-ip ip-address=10.0.0.11 --enable --network management MK8s-management &

echo "Creating Keypair"

openstack keypair create --public-key ./hackfest_rsa.pub ${KEY_NAME} &

wait

echo "Launching OSM VM"

openstack server create --availability-zone ${ZONE} --key-name ${KEY_NAME} --flavor ${FLAVOR} --image ${FOCAL} --nic port-id=hackfest-osm-${PARTICIPANT} --nic port-id=OSM-management --user-data ./osm-cloud-init.yaml osm-${PARTICIPANT} &

echo "Launching Microk8s VM"

openstack server create --availability-zone ${ZONE} --key-name ${KEY_NAME} --flavor ${FLAVOR} --image ${FOCAL} --nic port-id=MK8s-management -- microk8s &

echo "Launching VyOS Router"

openstack server create --availability-zone ${ZONE} --flavor m1.small --image ${VyOS} --nic port-id=VyOS-management-${PARTICIPANT} --nic port-id=VyOS-private --config-drive True --user-data "`pwd`/vyos-userdata.vsh" vyos-pnf-router

wait

echo "Waiting for OSM VM to be ready"

while [ 1 ] ; do

    sleep 5

    ALIVE=$(ssh -T -o ConnectTimeout=1 -o StrictHostKeyChecking=no -i hackfest_rsa ubuntu@${SUBNET}.${IP} 'cloud-init status --wait | tail -1' 2> /dev/null)

    if [ "${ALIVE}" == "status: done" ] ; then break ; fi

done

echo $0 $@ complete at $(date)

 No newline at end of file

#!/bin/bash

echo $0 started at $(date)

. ./common-vars

. ./admin-credentials.rc

PARTICIPANT=${1}

OPENSTACK_USER=hackfest-$1

PROJECT=$OPENSTACK_USER

PASSWORD=hackfest

echo Cleaning up ${OPENSTACK_USER}

PROJECT_ID=`openstack project list | grep "${PROJECT} " | awk '{print $2}'`

if [ "${PROJECT_ID}" != "" ]; then

    unset OS_PROJECT_NAME

    echo "Removing Router Ports"

    for ROUTER in $(openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router list -f value -c ID); do

        openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router unset --external-gateway ${ROUTER}

        PORT=$(openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router show ${ROUTER} -f json -c interfaces_info | jq .interfaces_info[0].port_id -r)

        while [ "${PORT}" != "null" -a "${PORT}" != "" ] ; do

            openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router remove port ${ROUTER} ${PORT}

            PORT=$(openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router show ${ROUTER} -f json -c interfaces_info | jq .interfaces_info[0].port_id -r)

        done

    done

    echo "Removing VMs"

    openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID server list -f value -c ID | xargs openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID server delete

    echo "Removing Routers"

    openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router list -f value -c ID | xargs openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID router delete

    echo "Removing Ports"

    openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID port list -f value -c ID   | xargs openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID port delete

    echo "Removing Networks"

    openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID network list -f value -c ID| xargs openstack --os-username=$OPENSTACK_USER --os-password=$PASSWORD --os-project-id=$PROJECT_ID network delete

    #for RBAC in `openstack network rbac list -f value -c ID`; do

    #    openstack network rbac show $RBAC -f value | grep $PROJECT_ID 2> /dev/null

    #    if [ $? -eq 0 ] ; then

    #        echo "Deleting RBAC policy $RBAC"

    #        openstack network rbac delete $RBAC &

    #    fi

    #done

    echo "Deleting OpenStack project: $PROJECT"

    . ./admin-credentials.rc

    openstack project purge --project ${PROJECT_ID}

fi

echo "Deleting OpenStack User: $OPENSTACK_USER"

openstack user delete --domain ${ADMIN_DOMAIN} ${OPENSTACK_USER}

echo $0 $@ complete at $(date)

 No newline at end of file