## Super Simple Setup (Chapter 2)
## CONTROLLER ONLY!!

## Configure the repos
rpm -ivh http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-8.noarch.rpm
rpm -ivh http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm

# Install crudini
yum -y install crudini openstack-utils

# Set the hostname
sed -i "/HOSTNAME/c\HOSTNAME=controller.learningneutron.com" /etc/sysconfig/network

# Add DNS entries
echo 10.254.254.100 controller.learningneutron.com controller >> /etc/hosts
echo 10.254.254.101 compute01.learningneutron.com compute01 >> /etc/hosts

# Disable SELinux
sed -i "/SELINUX=enforcing/c\SELINUX=disabled" /etc/selinux/config

# Remove iptables
iptables -D INPUT -j REJECT --reject-with icmp-host-prohibited
iptables -D FORWARD -j REJECT --reject-with icmp-host-prohibited
service iptables save

# Install NTP
yum -y install ntp
service ntpd start
chkconfig ntpd on

# Upgrade and reboot
yum -y upgrade
reboot

# Install MySQL Server
yum -y install mysql mysql-server MySQL-python
crudini --set /etc/my.cnf mysqld bind-address 10.254.254.100
service mysqld start
chkconfig mysqld on

# Configure MySQL Server
/usr/bin/mysql_secure_installation

# Install Qpid
yum -y install qpid-cpp-server memcached
sed -i "/^auth/s/auth=yes/auth=no/" /etc/qpidd.conf
service qpidd start
chkconfig qpidd on

# Install Keystone
yum -y install openstack-keystone python-keystoneclient
crudini --set /etc/keystone/keystone.conf sql connection mysql://keystone:keystone@controller/keystone
openstack-db --init --service keystone --password keystone

ADMIN_TOKEN=$(openssl rand -hex 10)
crudini --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone:keystone /etc/keystone/* /var/log/keystone/keystone.log
crudini --set /etc/keystone/keystone.conf token provider keystone.token.providers.pki.Provider
service openstack-keystone start
chkconfig openstack-keystone on

# Configure Keystone
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=http://controller:35357/v2.0
keystone tenant-create --name=admin --description="Admin Tenant"
keystone tenant-create --name=service --description="Service Tenant"
keystone user-create --name=admin --pass=secrete --email=admin@learningneutron.com
keystone role-create --name=admin
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone service-create --name=keystone --type=identity --description="Keystone Identity Service"

keystone endpoint-create \
  --service-id=`keystone service-get keystone | awk '/ id / { print $4 }'` \
  --publicurl=http://controller:5000/v2.0 \
  --internalurl=http://controller:5000/v2.0 \
  --adminurl=http://controller:35357/v2.0

unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
keystone --os-username=admin --os-password=secrete --os-auth-url=http://controller:35357/v2.0 token-get
keystone --os-username=admin --os-password=secrete --os-tenant-name=admin --os-auth-url=http://controller:35357/v2.0 token-get

# Configure environment vars
mkdir ~/credentials
cat >> ~/credentials/admin <<EOF
export OS_USERNAME=admin 
export OS_PASSWORD=secrete
export OS_TENANT_NAME=admin 
export OS_AUTH_URL=http://controller:35357/v2.0
EOF
source ~/credentials/admin
keystone token-get
keystone user-list

# Install Glance
yum -y install openstack-glance
openstack-db --init --service glance --password glance

crudini --set /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:glance@controller/glance
crudini --set /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:glance@controller/glance
keystone user-create --name=glance --pass=glance --email=glance@learningneutron.com
keystone user-role-add --user=glance --tenant=service --role=admin
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_host controller
crudini --set /etc/glance/glance-api.conf  keystone_authtoken admin_user glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
crudini --set /etc/glance/glance-api.conf keystone_authtoken admin_password glance
crudini --set /etc/glance/glance-registry.conf keystone_authtoken auth_host controller
crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
crudini --set /etc/glance/glance-registry.conf keystone_authtoken admin_password glance
cp /usr/share/glance/glance-api-dist-paste.ini /etc/glance/glance-api-paste.ini
cp /usr/share/glance/glance-registry-dist-paste.ini /etc/glance/glance-registry-paste.ini
crudini --set /etc/glance/glance-api-paste.ini filter:authtoken auth_host controller
crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_user glance
crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_tenant_name service
crudini --set /etc/glance/glance-api-paste.ini filter:authtoken admin_password glance
crudini --set /etc/glance/glance-api-paste.ini filter:authtoken flavor keystone
crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken auth_host controller
crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_user glance
crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_tenant_name service
crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken admin_password glance
crudini --set /etc/glance/glance-registry-paste.ini filter:authtoken flavor keystone

service openstack-glance-api start
service openstack-glance-registry start
chkconfig openstack-glance-api on
chkconfig openstack-glance-registry on

keystone service-create --name=glance --type=image --description="Glance Image Service"

keystone endpoint-create \
  --service-id=`keystone service-get glance | awk '/ id / { print $4 }'` \
  --publicurl=http://controller:9292 \
  --internalurl=http://controller:9292 \
  --adminurl=http://controller:9292
  
# Verify glance
mkdir /var/tmp/images ; cd /var/tmp/images/
wget http://cdn.download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img
glance image-create --name=CirrOS-0.3.1 --disk-format=qcow2 --container-format=bare --is-public=true --file /var/tmp/images/cirros-0.3.1-x86_64-disk.img
glance image-create --name=Ubuntu-14.04 --disk-format=qcow2 --container-format=bare --is-public=true --location http://cloud-images.ubuntu.com/trusty/current/trusty-server-cloudimg-amd64-disk1.img
glance image-create --name=CentOS-6.5 --disk-format=qcow2 --container-format=bare --is-public=true --location http://repos.fedorapeople.org/repos/openstack/guest-images/centos-6.5-20140117.0.x86_64.qcow2

# INSTALL NOVA CONTROLLER SERVICES
yum -y install openstack-nova python-novaclient
openstack-db --init --service nova --password nova

crudini --set /etc/nova/nova.conf database connection mysql://nova:nova@controller/nova
crudini --set /etc/nova/nova.conf DEFAULT rpc_backend nova.openstack.common.rpc.impl_qpid
crudini --set /etc/nova/nova.conf DEFAULT qpid_hostname controller
crudini --set /etc/nova/nova.conf DEFAULT my_ip 10.254.254.100
crudini --set /etc/nova/nova.conf DEFAULT vncserver_listen 10.254.254.100
crudini --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address 10.254.254.100
keystone user-create --name=nova --pass=nova --email=nova@learningneutron.com
keystone user-role-add --user=nova --tenant=service --role=admin
crudini --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
crudini --set /etc/nova/nova.conf keystone_authtoken auth_host controller
crudini --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
crudini --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
crudini --set /etc/nova/nova.conf keystone_authtoken admin_user nova
crudini --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
crudini --set /etc/nova/nova.conf keystone_authtoken admin_password nova
crudini --set /etc/nova/api-paste.ini filter:authtoken auth_host controller
crudini --set /etc/nova/api-paste.ini filter:authtoken auth_port 35357
crudini --set /etc/nova/api-paste.ini filter:authtoken auth_protocol http
crudini --set /etc/nova/api-paste.ini filter:authtoken auth_uri http://controller:5000/v2.0
crudini --set /etc/nova/api-paste.ini filter:authtoken admin_tenant_name service
crudini --set /etc/nova/api-paste.ini filter:authtoken admin_user nova
crudini --set /etc/nova/api-paste.ini filter:authtoken admin_password nova
crudini --set /etc/nova/nova.conf DEFAULT api_paste_config /etc/nova/api-paste.ini

keystone service-create --name=nova --type=compute --description="Nova Compute service"

keystone endpoint-create \
  --service-id=`keystone service-get nova | awk '/ id / { print $4 }'` \
  --publicurl=http://controller:8774/v2/%\(tenant_id\)s \
  --internalurl=http://controller:8774/v2/%\(tenant_id\)s \
  --adminurl=http://controller:8774/v2/%\(tenant_id\)s
  
service openstack-nova-api start
service openstack-nova-cert start
service openstack-nova-consoleauth start
service openstack-nova-scheduler start
service openstack-nova-conductor start
service openstack-nova-novncproxy start
service openstack-nova-console start
chkconfig openstack-nova-api on
chkconfig openstack-nova-cert on
chkconfig openstack-nova-consoleauth on
chkconfig openstack-nova-scheduler on
chkconfig openstack-nova-conductor on
chkconfig openstack-nova-novncproxy on
chkconfig openstack-nova-console on

# Install Horizon
yum -y install mod_wsgi openstack-dashboard
sed -i 's/ALLOWED_HOSTS/#ALLOWED_HOSTS/' /etc/openstack-dashboard/local_settings 
sed -i "/OPENSTACK_HOST/c\OPENSTACK_HOST = \"controller\"" /etc/openstack-dashboard/local_settings
sed -i -e "\$aOPENSTACK_KEYSTONE_URL = \"http://controller:5000/v2.0\"" /etc/openstack-dashboard/local_settings
sed -i 's/Listen 80/Listen 10.254.254.100:80/' /etc/httpd/conf/httpd.conf 

service httpd start
chkconfig httpd on



