#!/usr/bin/env bash
# Copyright 2017, Rackspace US, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
source openrc
# Create a basic flat network
openstack network create GATEWAY_NET \
--share \
--external \
--provider-physical-network flat \
--provider-network-type flat
openstack subnet create GATEWAY_SUBNET \
--subnet-range 172.16.24.0/22 \
--network GATEWAY_NET \
--gateway 172.16.24.2 \
--allocation-pool start=172.16.25.201,end=172.16.25.255 \
--dns-nameserver 172.16.24.2
# Create a basic VXLAN network
openstack network create PRIVATE_NET \
--share \
--provider-network-type vxlan \
--provider-segment 101
openstack subnet create PRIVATE_SUBNET \
--subnet-range 192.168.0.0/24 \
--network PRIVATE_NET
# Create a neutron router and wire it up to the GATEWAY_NET and PRIVATE_NET_SUBNET
ROUTER_ID="$(openstack router create GATEWAY_NET_ROUTER -c id | grep -w id | awk '{print $4}')"
openstack router set "${ROUTER_ID}" \
--external-gateway "$(openstack network list | awk '/GATEWAY_NET/ {print $2}')"
openstack router add subnet \
"${ROUTER_ID}" \
"$(openstack subnet list | awk '/PRIVATE_SUBNET/ {print $2}')"
# Neutron security group setup
SECGRP_ID="$(openstack security group create MNAIO_SECGRP -c id | grep -w id | awk '{print $4}')"
# Allow ICMP
openstack security group rule create --protocol icmp \
--ingress \
"$SECGRP_ID"
# Allow all TCP
openstack security group rule create --protocol tcp \
--ingress \
"$SECGRP_ID"
# Allow all UDP
openstack security group rule create --protocol udp \
--ingress \
"$SECGRP_ID"