Home > Menu > Openstack > Publicis France
Publicis France

openstack --os-cloud admin project create publicisfrance --description "Publicis France Mutu"

openstack --os-cloud admin role add member --project publicisfrance --user remi

openstack --os-cloud publicisfrance security group create --description '[PUBLIC] HAProxy from all' public-haproxy
openstack --os-cloud publicisfrance security group rule delete $(openstack --os-cloud publicisfrance security group rule list public-haproxy --egress --column ID --format value | xargs)
openstack --os-cloud publicisfrance security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 80 --description "HTTP input from all" --ingress
openstack --os-cloud publicisfrance security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 443 --description "HTTPS input from all" --ingress
openstack --os-cloud publicisfrance security group rule create public-haproxy --remote-ip 0.0.0.0/0 --protocol tcp --dst-port 8081 --description "Stats input from all" --ingress

openstack --os-cloud publicisfrance security group create --description '[PUBLIC] SSH from all' public-ssh
openstack --os-cloud publicisfrance security group rule delete $(openstack --os-cloud publicisfrance security group rule list public-ssh --egress --column ID --format value | xargs)
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 163.172.110.29/32 --protocol tcp --dst-port 22 --description "SSH input from on002.pkgdata.net" --ingress

openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.6/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.7/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.8/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.9/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.10/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.11/32 --protocol tcp --dst-port 22 --description SSH input from Publicis --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.176.0/24 --protocol tcp --dst-port 22 --description SSH input from Publicis_VPN --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.200.189.20/32 --protocol tcp --dst-port 22 --description SSH input from Publicis_Gambetta --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 196.192.7.33/32 --protocol tcp --dst-port 22 --description SSH input from Prodigious_Maurice --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 167.246.40.40/32 --protocol tcp --dst-port 22 --description SSH input from Publicis_US_VPN --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 217.19.57.12/32 --protocol tcp --dst-port 22 --description SSH input from Epsilon_ETO --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 217.19.57.14/32 --protocol tcp --dst-port 22 --description SSH input from Epsilon_ETO --ingress
openstack --os-cloud publicisfrance security group rule create public-ssh --remote-ip 81.80.42.125/32 --protocol tcp --dst-port 22 --description SSH input from Epsilon_Wifi --ingress

openstack --os-cloud admin flavor create cpu4-ram8-disk20 --ram 8192 --vcpus 4 --disk 200

openstack --os-cloud publicisfrance network create private-network2 --mtu 1350
openstack --os-cloud publicisfrance subnet create private-subnet2 --network private-network2 --subnet-range 192.168.200.0/24 --gateway 192.168.200.1 --dns-nameserver 1.1.1.1 --dns-nameserver 8.8.8.8
openstack --os-cloud admin router add subnet router1 private-subnet2

openstack --os-cloud admin flavor create cpu2-ram4-disk20 --ram 4096 --vcpus 2 --disk 20
openstack --os-cloud admin flavor create cpu4-ram8-disk20 --ram 8192 --vcpus 4 --disk 20

openstack --os-cloud publicisfrance server create os301 --availability-zone Germany --flavor cpu2-ram4-disk20 --image debian-11-genericcloud-amd64_2022-11-21 --network private-network2 --security-group default --security-group public-ssh --security-group public-haproxy --key-name remi --user-data os1/user_data.txt
openstack --os-cloud publicisfrance server create os302 --availability-zone Germany --flavor cpu4-ram8-disk20 --image debian-11-genericcloud-amd64_2022-11-21 --network private-network2 --security-group default --security-group public-ssh --security-group public-haproxy --key-name remi --user-data os1/user_data.txt

openstack --os-cloud admin floating ip create --project publicisfrance public-network1 --floating-ip-address 168.119.18.172 --port $(openstack --os-cloud publicisfrance port list --server os302 --column ID --format value) --description "IP publique 1 Publicis France Mutu PROD"
openstack --os-cloud admin floating ip create --project publicisfrance public-network1 --floating-ip-address 168.119.18.173 --port $(openstack --os-cloud publicisfrance port list --server os301 --column ID --format value) --description "IP publique 1 Publicis France Mutu DEV/RECETTE"

openstack --os-cloud publicisfrance volume create --size 100 --type lvm --description "/home for os301" --availability-zone hn004 os301-home
openstack --os-cloud publicisfrance volume create --size 200 --type lvm --description "/home for os302" --availability-zone hn004 os302-home
openstack --os-cloud publicisfrance server add volume os301 os301-home
openstack --os-cloud publicisfrance server add volume os302 os302-home

ssh os301 & os302
mv /home /home.bak
mkfs.ext4 /dev/sdb
tune2fs -O project -Q prjquota /dev/sdb

cat >> /etc/fstab <<EOF
UUID=11aeb1c7-e4ee-4abe-8716-f94bf670ad99 /home ext4 rw,discard,errors=remount-ro,x-systemd.growfs,prjquota 0 2
EOF

mkdir /home && mount /home
mv /home.bak/* /home/