Home > Menu > Openstack > Acteon
Acteon

openstack --os-cloud admin project create acteon --description "Acteon"

openstack --os-cloud admin role add member --project acteon --user remi

openstack --os-cloud acteon security group create --description '[PUBLIC] HAProxy from all' public-haproxy
openstack --os-cloud acteon security group rule delete $(openstack --os-cloud acteon security group rule list public-haproxy --egress --column ID --format value | xargs)
openstack --os-cloud acteon security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 80 --description "HTTP input from all" --ingress
openstack --os-cloud acteon security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 443 --description "HTTPS input from all" --ingress
openstack --os-cloud acteon security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 8081 --description "Stats input from all" --ingress

openstack --os-cloud acteon security group create --description '[PUBLIC] SSH from all' public-ssh
openstack --os-cloud acteon security group rule delete $(openstack --os-cloud acteon security group rule list public-ssh --egress --column ID --format value | xargs)
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 163.172.110.29/32 --protocol tcp --dst-port 22 --description "SSH input from on002.pkgdata.net" --ingress

openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.6/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.7/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.8/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.9/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.10/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.11/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.176.0/24 --protocol tcp --dst-port 22 --description "SSH input from Publicis_VPN" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.200.189.20/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis_Gambetta" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 196.192.7.33/32 --protocol tcp --dst-port 22 --description "SSH input from Prodigious_Maurice" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 167.246.40.40/32 --protocol tcp --dst-port 22 --description "SSH input from Publicis_US_VPN" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 217.19.57.12/32 --protocol tcp --dst-port 22 --description "SSH input from Epsilon_ETO" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 217.19.57.14/32 --protocol tcp --dst-port 22 --description "SSH input from Epsilon_ETO" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 81.80.42.125/32 --protocol tcp --dst-port 22 --description "SSH input from Epsilon_Wifi" --ingress
openstack --os-cloud acteon security group rule create public-ssh --remote-ip 102.114.32.43/32 --protocol tcp --dst-port 22 --description "SSH input from Maurice" --ingress

openstack --os-cloud acteon security group create --description '[PUBLIC] SQL' public-sql
openstack --os-cloud acteon security group rule delete $(openstack --os-cloud acteon security group rule list public-sql --egress --column ID --format value | xargs)
openstack --os-cloud acteon security group rule create public-sql --remote-ip 167.235.86.104/32 --protocol tcp --dst-port 3306 --description "SSH input from os402" --ingress

openstack --os-cloud admin flavor create cpu4-ram8-disk20 --ram 8192 --vcpus 4 --disk 200

openstack --os-cloud acteon network create private-network-acteon --mtu 1350
openstack --os-cloud acteon subnet create private-subnet-acteon --network private-network-acteon --subnet-range 192.168.1.0/24 --gateway 192.168.1.1 --dns-nameserver 1.1.1.1 --dns-nameserver 8.8.8.8
openstack --os-cloud admin router add subnet router1 private-subnet-acteon

openstack --os-cloud admin flavor create cpu2-ram4-disk20 --ram 4096 --vcpus 2 --disk 20
openstack --os-cloud admin flavor create cpu4-ram8-disk20 --ram 8192 --vcpus 4 --disk 20

openstack --os-cloud acteon server create os401 --availability-zone Germany --flavor cpu4-ram8-disk20 --image debian-11-genericcloud-amd64_2022-11-21 --network private-network-acteon --security-group default --security-group public-ssh --security-group public-haproxy --security-group public-sql --key-name remi --user-data os1/user_data.txt
openstack --os-cloud acteon server create os402 --availability-zone Germany --flavor cpu2-ram8-disk20 --image debian-11-genericcloud-amd64_2022-11-21 --network private-network-acteon --security-group default --security-group public-ssh --security-group public-haproxy --key-name remi --user-data os1/user_data.txt

openstack --os-cloud admin floating ip create --project acteon public-network1 --port $(openstack --os-cloud acteon port list --server os401 --column ID --format value) --description "IP publique 1 ACTEON PROD"
openstack --os-cloud admin floating ip create --project acteon public-network1 --port $(openstack --os-cloud acteon port list --server os402 --column ID --format value) --description "IP publique 1 ACTEON DEV/RECETTE"

openstack --os-cloud acteon volume create --size 200 --type lvm --description "/home for os401" --availability-zone hn004 os401-home
openstack --os-cloud acteon volume create --size 350 --type lvm --description "/home for os402" --availability-zone hn006 os402-home
openstack --os-cloud acteon server add volume os401 os401-home
openstack --os-cloud acteon server add volume os402 os402-home

ssh os401 & os402
mv /home /home.bak
mkfs.ext4 /dev/sdb
tune2fs -O project -Q prjquota /dev/sdb

cat >> /etc/fstab <<EOF
UUID=b9c6e9c7-c841-44ee-a5db-dab1023425be /home ext4 rw,discard,errors=remount-ro,x-systemd.growfs,prjquota 0 2
EOF

mkdir /home && mount /home
mv /home.bak/* /home/ && rmdir /home.bak