more dns-ification work

commit: 709f11be153cc0500c79680013cb159bf778cab5 [log] [tgz]
author: Zack Williams <zdw@artisancomputer.com> Thu Mar 17 14:29:51 2016 -0700
committer: Zack Williams <zdw@artisancomputer.com> Thu Mar 17 14:29:51 2016 -0700
tree: f4b047333e3ba7f2b4e998d57637be3c8de0595f
parent: 439ddb957e2942dd3266cae5029e7ccbc584e98f [diff]
diff --git a/roles/juju-setup/templates/admin-openrc.sh.j2 b/roles/juju-setup/templates/admin-openrc.sh.j2
new file mode 100644
index 0000000..bd195a4
--- /dev/null
+++ b/roles/juju-setup/templates/admin-openrc.sh.j2

@@ -0,0 +1,5 @@
+export OS_USERNAME=admin
+export OS_PASSWORD={{ keystone_admin_password }}
+export OS_TENANT_NAME=admin
+export OS_AUTH_URL=https://keystone.{{ site_suffix }}:5000/v2.0
+export OS_REGION_NAME=RegionOne

diff --git a/roles/juju-setup/templates/daemon.j2 b/roles/juju-setup/templates/daemon.j2
deleted file mode 100644
index 32e9b55..0000000
--- a/roles/juju-setup/templates/daemon.j2
+++ /dev/null

@@ -1,40 +0,0 @@
-#!/bin/sh
-
-SHELL="/bin/bash"
-
-NIC=$( route|grep default|awk '{print $NF}' )
-
-NAME="${1}"
-OP="${2}"
-SUBOP="${3}"
-ARGS="${4}"
-
-add_port_fwd_rule() {
-    DPORT=$1
-    VM=$2
-    TOPORT=$3
-
-    VMIP=$( getent ahosts $VM|head -1|awk '{print $1}' )
-    iptables -t nat -C PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT
-    if [ "$?" -ne 0 ]
-    then
-        iptables -t nat -A PREROUTING -p tcp -i $NIC --dport $DPORT -j DNAT --to-destination $VMIP:$TOPORT
-    fi
-}
-
-if [ "$OP" = "start" ] || [ "$OP" = "reload" ]
-then
-    iptables -t nat -F
-
-{% for vm in head_vm_list -%}
-{% if vm.forwarded_ports is defined -%}
-{% for port in vm.forwarded_ports -%}
-    add_port_fwd_rule {{ port.ext }} {{ vm.name }} {{ port.int }}
-{% endfor -%}
-{% endif -%}
-{% endfor -%}
-
-    # Also flush the filter table before rules re-added
-    iptables -F
-fi
-

diff --git a/roles/juju-setup/templates/eth0.cfg.j2 b/roles/juju-setup/templates/eth0.cfg.j2
new file mode 100644
index 0000000..0baa7a8
--- /dev/null
+++ b/roles/juju-setup/templates/eth0.cfg.j2

@@ -0,0 +1,7 @@
+# The primary network interface
+auto eth0
+iface eth0 inet dhcp
+    dns-nameservers{% for ns in dns_servers %} {{ ns }}{% endfor %} 
+{% if dns_search is defined %}
+    dns-search{% for searchdom in dns_search %} {{ searchdom }}{% endfor %}
+{% endif %}

diff --git a/roles/juju-setup/templates/openstack.cfg.j2 b/roles/juju-setup/templates/openstack.cfg.j2
index b5b635d..5a1f224 100644
--- a/roles/juju-setup/templates/openstack.cfg.j2
+++ b/roles/juju-setup/templates/openstack.cfg.j2

@@ -3,10 +3,9 @@
 glance:
    openstack-origin: "cloud:trusty-kilo"
 keystone:
-   admin-password: ""
+   use-https: "yes"
    https-service-endpoints: "True"
    openstack-origin: "cloud:trusty-kilo"
-   use-https: "yes"
 mysql:
 mongodb:
 nagios:
@@ -30,6 +29,7 @@
    network-manager: "Neutron"
    openstack-origin: "cloud:trusty-kilo"
 nova-compute:
+   virt-type:kvm
    config-flags: "firewall_driver=nova.virt.firewall.NoopFirewallDriver"
 #   config-flags: "firewall_driver=nova.virt.firewall.NoopFirewallDriver,xos_api_url=http://portal.opencloud.us"
    disable-neutron-security-groups: "True"

diff --git a/roles/juju-setup/templates/qemu.j2 b/roles/juju-setup/templates/qemu.j2
deleted file mode 100644
index 1c947f9..0000000
--- a/roles/juju-setup/templates/qemu.j2
+++ /dev/null

@@ -1,44 +0,0 @@
-#!/bin/sh
-
-SHELL="/bin/bash"
-
-NIC=$( route|grep default|awk '{print $NF}' )
-PORTAL=$( dig +short portal.opencloud.us | tail -1 )
-
-NAME="${1}"
-OP="${2}"
-SUBOP="${3}"
-ARGS="${4}"
-
-add_rule() {
-    CHAIN=$1
-    ARGS=$2
-    iptables -C $CHAIN $ARGS
-    if [ "$?" -ne 0 ]
-    then
-        iptables -I $CHAIN 1 $ARGS
-    fi
-}
-
-add_local_access_rules() {
-    SUBNET=$( ip addr show $NIC|grep "inet "|awk '{print $2}' )
-    PRIVATENET=$( ip addr show virbr0|grep "inet "|awk '{print $2}' )
-    add_rule "FORWARD" "-s $SUBNET -j ACCEPT"
-    # Don't NAT traffic from service VMs destined to the local subnet
-    add_rule "POSTROUTING" "-t nat -s $PRIVATENET -d $SUBNET -j RETURN"
-}
-
-add_portal_access_rules() {
-    add_rule "FORWARD" "-s $PORTAL -j ACCEPT"
-}
-
-add_web_access_rules() {
-    add_rule "FORWARD" "-p tcp --dport 80 -j ACCEPT"
-}
-
-if [ "$OP" = "start" ]
-then
-	add_local_access_rules
-	add_portal_access_rules
-	add_web_access_rules
-fi
commit	709f11be153cc0500c79680013cb159bf778cab5	[log] [tgz]
author	Zack Williams <zdw@artisancomputer.com>	Thu Mar 17 14:29:51 2016 -0700
committer	Zack Williams <zdw@artisancomputer.com>	Thu Mar 17 14:29:51 2016 -0700
tree	f4b047333e3ba7f2b4e998d57637be3c8de0595f
parent	439ddb957e2942dd3266cae5029e7ccbc584e98f [diff]