UNCLASSIFIED

Skip to content
Snippets Groups Projects
Commit e3df3410 authored by Luke ODonnell's avatar Luke ODonnell
Browse files

Update opstation.yaml, install.sh

parent 1dcbc7c2
No related merge requests found
Hide whitespace changes
Inline Side-by-side
install.sh 0 → 100644
+ 104
0
View file @ e3df3410
#!/bin/bash
add_volume=false
install_apt=false
python_deps=false
python_reqs=(Jinja2 jmespath python-heatclient python-keystoneclient python-novaclient python-openstackclient python-swiftclient python-zunclient requests)
function setup_volume {
#permissions check
if [ "$EUID" -ne 0 ]; then
echo "Please run with sudo"
exit 3
fi
#get list of disks
disks=$(lsblk | grep disk | cut -d ' ' -f 1)
#select the first one with no partitions
for disk in $disks; do
if (lsblk | grep -v disk | grep "$disk" >/dev/null); then
echo "skipping $disk"
else
echo "found $disk"
volume="$disk"
break
fi
done
#create partition table, partition, and filesystem
echo "using /dev/${volume}1"
parted "/dev/${volume}" mklabel gpt
parted "/dev/${volume}" mkpart home-volume ext4 0% 100%
mkfs.ext4 "/dev/${volume}1"
#move any users' home directories to the new disk
mount "/dev/${volume}1" /mnt
cp -rp /home/* /mnt
umount /mnt
#delete the original home and mount the new copy
rm -rf /home
mkdir /home
mount "/dev/${volume}1" /home
#grab volume UUID and make /etc/fstab entry
vol_UUID=$(ls -halF /dev/disk/by-uuid/ | grep "$volume" | cut -d' ' -f11)
echo "UUID=${vol_UUID} /home ext4 defaults 0 0" >> /etc/fstab
}
function update {
if [ "$EUID" -ne 0 ]; then
echo "Please run with sudo"
exit 4
fi
apt update
apt upgrade -y
apt install -y python3-pip qemu-system p7zip-full xauth
pip install --upgrade pip virtualenv wheel setuptools
}
function venv_setup {
if ! which virtualenv 2>/dev/null; then
echo "you must have python-virtualenv installed, please rerun with -i or --install-apt"
exit
fi
virtualenv "$HOME/venv"
. "$HOME/venv/bin/activate"
pip install --user --upgrade pip wheel setuptools
pip install --user --upgrade "${python_reqs[@]}"
echo . "$HOME/venv/bin/activate" >> "$HOME/.bashrc"
}
function syntax {
echo "usage: cope [-h] [-V] [-a] [-p]"
}
function help {
syntax
echo ""
echo "cope (CCTC Openstack Prepared Environment) was designed to allow easy setup of an opstation prepared to interact with Openstack."
echo ""
echo "-h, Output this help."
echo "-V, Find the first disk without a partition table, and permanently"
echo " mount it as /home."
echo "-i, Install the apt dependencies for using the Openstack CLI in a"
echo " python virtual environment."
echo "-p, Create a python virtual environment and pip install packages for"
echo " the Openstack CLI client."
echo ""
}
while getopts "hVip" arg; do
case "$arg" in
h) help; exit 0 ;;
V) add_volume=true ;;
i) install_apt=true ;;
p) python_deps=true ;;
*) syntax; exit 1 ;;
esac
done
if [ "$add_volume" = "true" ]; then
setup_volume
fi
if [ "$install_apt" = "true" ]; then
update
fi
if [ "$python_deps" = "true" ]; then
venv_setup
fi
opstation.yaml 0 → 100644
+ 189
0
View file @ e3df3410
heat_template_version: 2018-03-02
description: Student Op Stations - This is the Unified Student Ops Station YAML. Module configurations are made with each modules setup script and not in this YAML.
parameters:
domain:
type: string
label: Domain
description: Set as '10.50.255.254' for VTA or '172.20.255.254' for VTA-DEV
default: 10.50.255.254
hidden: false
username:
type: string
label: User Name
description: Sets the login username for the instances
default: student
hidden: false
password:
type: string
label: Password
description: Sets the Login Password for the instances
default: password
hidden: true
vncpass:
type: string
label: VNC-Password
description: Sets the regular VNC connection password
default: password
hidden: true
view_only_password:
type: string
label: View-Only-Password
description: Sets the VNC View Only Password for the instances
default: view_only_password
hidden: true
resources:
rand_string:
type: OS::Heat::RandomString
properties:
length: 4
# ----- Ops Network Configuration Start ----- #
ops_network:
type: OS::Neutron::Net
properties:
name:
str_replace:
template: ops_network_RAND
params:
RAND: { get_resource: rand_string }
admin_state_up: true
shared: false
ops_subnet:
type: OS::Neutron::Subnet
depends_on: ops_network
properties:
cidr: 192.168.65.0/27
gateway_ip: 192.168.65.30
dns_nameservers: [{ get_param: domain }]
enable_dhcp: true
host_routes: [ ]
ip_version: 4
name:
str_replace:
template: ops_subnet_RAND
params:
RAND: { get_resource: rand_string }
network_id:
get_resource: ops_network
# ----- Ops Network Configuration End ----- #
# ----- Ops Router Configuration Start ----- #
ops_neutron_router:
type: OS::Neutron::Router
properties:
name:
str_replace:
template: ops_neutron_router_RAND
params:
RAND: { get_resource: rand_string }
external_gateway_info:
network: public
ops_neutron_router_interface:
type: OS::Neutron::RouterInterface
properties:
router_id: { get_resource: ops_neutron_router }
subnet_id: { get_resource: ops_subnet }
# ----- Ops Router Configuration Start ----- #
# ----- Linux Analyst Workstation volume Creation start ----- #
linux_opstation_volume:
type: OS::Cinder::Volume
description: additional storage for linux opstation
#depends_on:
properties:
availability_zone: nova
name: opstation-Volume
size: 128
# ----- Linux Analyst Workstation volume Creation start ----- #
# ----- Linux Analyst Workstation Configuration Start ----- #
linux_opstation:
type: OS::Nova::Server
properties:
name:
str_replace:
template: linux_opstation_RAND
params:
RAND: { get_resource: rand_string }
image: ubuntu_server_22.04
flavor: mem.es2
networks:
- port: { get_resource: linux_opstation_port }
diskConfig: AUTO
config_drive: true
user_data_format: RAW
user_data:
str_replace:
template: |
#!/bin/bash
if [[ "$user" != "ubuntu" ]]
then
useradd -m -U -s /bin/bash $user
usermod -aG sudo "$user"
userdel -r ubuntu
fi
echo "$user:$pass" | chpasswd
hostnamectl set-hostname lin-ops
curl -sfL "https://git.cybbh.space/luke.h.odonnell/test/-/raw/main/install.sh" >> "/opt/setup.sh"
chmod +x /opt/setup.sh
/opt/setup.sh -Vi
sed -i 's|PasswordAuthentication no|PasswordAuthentication yes|' /etc/ssh/sshd_config
system
systemctl restart sshd
params:
$user: { get_param: username }
$pass: { get_param: password }
$vncpass: { get_param: vncpass }
$vncviewpass: { get_param: view_only_password }
$domain: { get_param: domain}
# ----- Linux Analyst Workstation Configuration End ----- #
# ----- Linux Analyst Workstation Port Configuration Start ----- #
linux_opstation_port:
type: OS::Neutron::Port
description: Linux OpStation IP
properties:
name:
str_replace:
template: linux_opstation_port_RAND
params:
RAND: { get_resource: rand_string }
network_id: { get_resource: ops_network }
fixed_ips:
#- subnet_id: {get_resource: ops_subnet }
- ip_address: 192.168.65.20
port_security_enabled: false
linux_opstation_float_ip:
type: OS::Neutron::FloatingIP
description: Linux OpStation Floating IP
depends_on: ops_neutron_router
properties: { floating_network: public }
linux_opstation_float_ip_assoc:
type: OS::Neutron::FloatingIPAssociation
depends_on: ops_neutron_router_interface
properties:
floatingip_id: { get_resource: linux_opstation_float_ip }
port_id: { get_resource: linux_opstation_port }
# ----- Linux Analyst Workstation Configuration End ----- #
# ----- Linux Analyst Workstation volume Configuration start ----- #
linux_opstation_volume_attach:
type: OS::Cinder::VolumeAttachment
depends_on: linux_opstation_volume
properties:
instance_uuid: {get_resource: linux_opstation }
volume_id: { get_resource: linux_opstation_volume }
# ----- Linux Analyst Workstation volume Configuration end ----- #
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

This GitLab instance is accredited for unclassified information without any handling caveats (releasable content only)