OpenStack-Train版本Controller+Network-Shell脚本部署
【OpenStack-Train版本Controller+Network-Shell脚本部署】Train版本Controller+Network安装部署
说明:因同事使用后说虚拟机无法创建,经定位发现在CentOS系统下有些配置项没有导致写入对应配置文件失败,故此优化了一次,但未测试。
#!/bin/bash
#Author:-- Created: 2021.4
#Modified-- Modified: 2021echo -e "\033[45;
37m Openstack Train controller node start to install \033[0m"#===Variable===
CTRL_HOST_NAME=`cat /etc/hostname | awk '{print $1}'`
ALL_PASS="123456"
CURDATE=`date`#Get IP address
ipNum=`ip a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print$2}'|awk -F '/' '{print$1}'|tr -d " "|wc -l`
#echo "This host IP address:"
#ip a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print$2}'|awk -F '/' '{print$1}'|tr -d " "
echo "This host IP address: `ip a|grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print$2}'|awk -F '/' '{print$1}'|tr -d " "`"if [ "$ipNum" -eq 0 ];
then
echo "This host does not have IP address, Please set it."
exit 1
fiif [ "$ipNum" -gt 1 ];
then
echo "This host has multiple IP addresses !"
echo "Which one you choose, please enter the number of rows."
while :
do
read -p "The number of row is : " rowNum
if [[ "$ipNum" =~ ^[0-9]+$ ]];
then
if [[ "$rowNum" -gt $ipNum ]];
then
echo "Invaild rows!"
elif [[ "$rowNum" -le 0 ]];
then
echo "Invaild rows!"
else
CONTROLLER_IP=`ip a |grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print$2}'|awk -F '/' '{print$1}'|awk 'NR==$rowNum'`
break
fi
else
echo "Invaild rows!"
fi
done
fiif [ "$ipNum" -eq 1 ];
then
CONTROLLER_IP=`ip a |grep inet|grep -v 127.0.0.1|grep -v inet6|awk '{print$2}'|tr -d ' '|awk -F '/' '{print$1}'`
fiset -e
echo ""
echo "Controller'ip is: $CONTROLLER_IP"
echo "Controller'name is: $CTRL_HOST_NAME"
echo "Openstack all passwords are : $ALL_PASS"
echo "Starting time: $CURDATE"
echo ""
#echo "Your can cancel in 10s by 'Ctrl + D'"
echo -e "\033[45;
37m Your can cancel within 10s by 'Ctrl + C' \033[0m"
echo -n "Wait for 10 seconds"
for i in $(seq 10);
do echo -n ".";
sleep 1;
done
echo#sleep 10echo "end"set -x#===Environment===
yum install vim -y
yum install net-tools -y
yum install ftp -y
yum install expect -y
yum install tcpdump -y
yum install lldpad -y
yum install htop -y
yum install bwm-ng -y
yum install python-pip -yecho "$CONTROLLER_IP$CTRL_HOST_NAME" >>/etc/hostssystemctl stop firewalld
systemctl disable firewalldcp /etc/selinux/config /etc/selinux/config.bak
sed -i "/SELINUX=enforcing/cSELINUX=disabled" /etc/selinux/config
setenforce 0cp /etc/chrony.conf /etc/chrony.conf.bak
sed -i "/server 0.centos.pool.ntp.org iburst/cserver 10.165.7.181 iburst" /etc/chrony.conf
sed -i "/centos.pool.ntp.org/d" /etc/chrony.conf
systemctl enable chronyd
systemctl restart chronydchronyc sources
timedatectl set-timezone Asia/Shanghaiecho "The time now is : $CURDATE"yum install python-openstackclient -y
yum install openstack-selinux -y#database
yum install mariadb mariadb-server python2-PyMySQL -ytouch /etc/my.cnf.d/openstack.cnf
echo "[mysqld]" >>/etc/my.cnf.d/openstack.cnf
echo "bind-address = $CONTROLLER_IP" >>/etc/my.cnf.d/openstack.cnf
echo "" >>/etc/my.cnf.d/openstack.cnf
echo "default-storage-engine = innodb" >>/etc/my.cnf.d/openstack.cnf
echo "innodb_file_per_table = on" >>/etc/my.cnf.d/openstack.cnf
echo "max_connections = 4096" >>/etc/my.cnf.d/openstack.cnf
echo "collation-server = utf8_general_ci" >>/etc/my.cnf.d/openstack.cnf
echo "character-set-server = utf8" >>/etc/my.cnf.d/openstack.cnfsystemctl enable mariadb.service
systemctl start mariadb.service
systemctl status mariadb.servicemysql_secure_installation <> /keystone/keystone.conf
else
echo "We have this!"
fi
#[database]
sed -i "/\[database]$/aconnection = mysql+pymysql://keystone:$ALL_PASS@$CONTROLLER_IP/keystone" /etc/keystone/keystone.conf
#[token]
if [ `cat /etc/keystone/keystone.conf|grep '^\[token\]'` != "[token]" ];
then
echo "[token]" >> /keystone/keystone.conf
else
echo "We have this!"
fi
sed -i '/\[token]$/aprovider = fernet' /etc/keystone/keystone.conf#Populate the Identity service database
su -s /bin/sh -c "keystone-manage db_sync" keystonekeystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone#
keystone-manage bootstrap --bootstrap-password $ALL_PASS \
--bootstrap-admin-url http://$CONTROLLER_IP:5000/v3/ \
--bootstrap-internal-url http://$CONTROLLER_IP:5000/v3/ \
--bootstrap-public-url http://$CONTROLLER_IP:5000/v3/ \
--bootstrap-region-id RegionOne#ServerName
sed -i "/#ServerName/aServerName $CONTROLLER_IP" /etc/httpd/conf/httpd.conf#Creating a soft link
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/systemctl enable httpd.service
systemctl start httpd.service
#systemctl status httpd.service#Configure the administrative account
export OS_USERNAME=admin
export OS_PASSWORD=$ALL_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://$CONTROLLER_IP:5000/v3
export OS_IDENTITY_API_VERSION=3#Create a domain, projects, users, and roles
openstack domain create --description "An Example Domain" example
openstack project create --domain default --description "Service Project" service
openstack project create --domain default --description "Demo Project" myproject/usr/bin/expect << EOF
set timeout 15
spawn openstack user create --domain default --password-prompt myuser
expect "User*"
send "$ALL_PASS\r"
expect "Repeat *"
send "$ALL_PASS\r"
expect eof
EOFopenstack role create myrole
openstack role add --project myproject --user myuser myroleunset OS_AUTH_URL OS_PASSWORD
/usr/bin/expect << EOF
set timeout 15
spawn openstack --os-auth-url http://$CONTROLLER_IP:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name admin --os-username admin token issue
expect "*Password*"
send "$ALL_PASS\r"
expect eof
EOF/usr/bin/expect << EOF
set timeout 15
spawn openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name myproject --os-username myuser token issue
expect "*Password*"
send "$ALL_PASS\r"
expect eof
EOF#Creating admin-openrc
touch /root/admin-openrc
echo "export OS_PROJECT_DOMAIN_NAME=Default" >/root/admin-openrc
echo "export OS_USER_DOMAIN_NAME=Default" >>/root/admin-openrc
echo "export OS_PROJECT_NAME=admin" >>/root/admin-openrc
echo "export OS_USERNAME=admin" >>/root/admin-openrc
echo "export OS_PASSWORD=$ALL_PASS" >>/root/admin-openrc
echo "export OS_AUTH_URL=http://$CONTROLLER_IP:5000/v3" >>/root/admin-openrc
echo "export OS_IDENTITY_API_VERSION=3" >>/root/admin-openrc
echo "export OS_IMAGE_API_VERSION=2" >>/root/admin-openrc#Creating demo-openrc
touch /root/demo-openrc
echo "export OS_PROJECT_DOMAIN_NAME=Default" >/root/demo-openrc
echo "export OS_USER_DOMAIN_NAME=Default" >>/root/demo-openrc
echo "export OS_PROJECT_NAME=myproject" >>/root/demo-openrc
echo "export OS_USERNAME=myuser" >>/root/demo-openrc
echo "export OS_PASSWORD=$ALL_PASS" >>/root/demo-openrc
echo "export OS_AUTH_URL=http://$CONTROLLER_IP:5000/v3" >>/root/demo-openrc
echo "export OS_IDENTITY_API_VERSION=3" >>/root/demo-openrc
echo "export OS_IMAGE_API_VERSION=2" >>/root/demo-openrcsource/root/admin-openrc
openstack token issue
sleep 2#===3.Image service===
#Database operations: glance
mysql -N -uroot -p$ALL_PASS<> /etc/glance/glance-api.conf
else
echo "We have this!"
fi
#[database]
sed -i "/\[database]$/aconnection = mysql+pymysql://glance:$ALL_PASS@$CONTROLLER_IP/glance" /etc/glance/glance-api.conf
if [ `cat /etc/glance/glance-api.conf|grep '^\[keystone_authtoken\]'` != "[keystone_authtoken]" ];
then
echo "[keystone_authtoken]" >> /etc/glance/glance-api.conf
else
echo "We have this!"
fi
#[keystone_authtoken]
sed -i "/\[keystone_authtoken]$/apassword = $ALL_PASS" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/ausername = glance" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/amemcached_servers = $CONTROLLER_IP:11211" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/glance/glance-api.conf
sed -i "/\[keystone_authtoken]$/awww_authenticate_uri = http://$CONTROLLER_IP:5000" /etc/glance/glance-api.conf
#[paste_deploy]
if [ `cat /etc/glance/glance-api.conf|grep '^\[paste_deploy\]'` != "[paste_deploy]" ];
then
echo "[paste_deploy]" >> /etc/glance/glance-api.conf
else
echo "We have this!"
fi
sed -i "/\[paste_deploy]$/aflavor = keystone" /etc/glance/glance-api.conf
#[glance_store]
if [ `cat /etc/glance/glance-api.conf|grep '^\[glance_store\]'` != "[glance_store]" ];
then
echo "[glance_store]" >> /etc/glance/glance-api.conf
else
echo "We have this!"
fi
sed -i "/\[glance_store]$/afilesystem_store_datadir = /var/lib/glance/images/" /etc/glance/glance-api.conf
sed -i "/\[glance_store]$/adefault_store = file" /etc/glance/glance-api.conf
sed -i "/\[glance_store]$/astores = file,http" /etc/glance/glance-api.conf
#copy glance-registry.conf
cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
#[database]
if [ `cat etc/glance/glance-registry.conf|grep '^\[database\]'` != "[database]" ];
then
echo "[database]" >> /etc/glance//etc/glance/glance-registry.conf
fi
sed -i "/\[database]$/aconnection = mysql+pymysql://glance:$ALL_PASS@$CONTROLLER_IP/glance" /etc/glance/glance-registry.conf
if [ `cat etc/glance/glance-registry.conf|grep '^\[keystone_authtoken\]'` != "[keystone_authtoken]" ];
then
echo "[keystone_authtoken]" >> /etc/glance//etc/glance/glance-registry.conf
fi
sed -i "/\[keystone_authtoken]$/apassword = $ALL_PASS" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/ausername = glance" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/amemcached_servers = $CONTROLLER_IP:11211" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/glance/glance-registry.conf
sed -i "/\[keystone_authtoken]$/awww_authenticate_uri = http://$CONTROLLER_IP:5000" /etc/glance/glance-registry.conf
if [ `cat /etc/glance/glance-registry.conf|grep '^\[paste_deploy\]'` != "[paste_deploy]" ];
then
echo "[paste_deploy]" >> /etc/glance//etc/glance/glance-registry.conf
fi
sed -i "/\[paste_deploy]$/aflavor = keystone" /etc/glance/glance-registry.confsu -s /bin/sh -c "glance-manage db_sync" glance
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
#systemctl status openstack-glance-api.service openstack-glance-registry.service#===Placement service====
mysql -N -uroot -p$ALL_PASS<> /etc/placement/placement.conf
fi
sed -i "/\[placement_database]$/aconnection = mysql+pymysql://placement:$ALL_PASS@$CONTROLLER_IP/placement" /etc/placement/placement.conf
if [ `cat /etc/placement/placement.conf|grep '^\[api\]'` != "[api]" ];
then
echo "[api]" >> /etc/placement/placement.conf
fi
sed -i "/\[api]$/aauth_strategy = keystone" /etc/placement/placement.conf
if [ `cat /etc/placement/placement.conf|grep '^\[keystone_authtoken\]'` != "[keystone_authtoken]" ];
then
echo "[keystone_authtoken]" >> /etc/placement/placement.conf
fi
sed -i "/\[keystone_authtoken]$/apassword = $ALL_PASS" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/ausername = placement" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/amemcached_servers = $CONTROLLER_IP:11211" /etc/placement/placement.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$CONTROLLER_IP:5000/v3" /etc/placement/placement.confsu -s /bin/sh -c "placement-manage db sync" placementsystemctl restart httpd#verify installation
source /root/admin-openrc
placement-status upgrade check
#install osc-placement
mkdir /root/.pip
touch /root/.pip/pip.conf
echo "[global]" >/root/.pip/pip.conf
echo "index-url=http://10.153.3.130/pypi/web/simple" >>/root/.pip/pip.conf
echo "" >>/root/.pip/pip.conf
echo "[install]" >>/root/.pip/pip.conf
echo "trusted-host=10.153.3.130" >>/root/.pip/pip.conf
pip install osc-placementsed -i "/<\/VirtualHost>/i\ \ " /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ = 2.4>" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ \ \ \ \ Require all granted" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ <\/IfVersion>" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ " /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ \ \ \ \ Order allow,deny" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ \ \ \ \ Allow from all" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ \ \ <\/IfVersion>" /etc/httpd/conf.d/00-placement-api.conf
sed -i "/<\/VirtualHost>/i\ \ <\/Directory>" /etc/httpd/conf.d/00-placement-api.confsystemctl restart httpd
systemctl status httpdopenstack --os-placement-api-version 1.2 resource class list --sort-column name
openstack --os-placement-api-version 1.6 trait list --sort-column name#===Compute service===
mysql -N -uroot -p$ALL_PASS<> /etc/nova/nova.conf
fi
sed -i "/\[DEFAULT]$/afirewall_driver = nova.virt.firewall.NoopFirewallDriver" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/ause_neutron = True" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/amy_ip = $CONTROLLER_IP" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/atransport_url = rabbit://openstack:$ALL_PASS@$CONTROLLER_IP:5672" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/aenabled_apis = osapi_compute,metadata" /etc/nova/nova.conf
#[api_database]
if [ `cat /etc/nova/nova.conf|grep '^\[api_database\]'` != "[api_database]" ];
then
echo "[api_database]" >> /etc/nova/nova.conf
fi
sed -i "/\[api_database]$/aconnection = mysql+pymysql://nova:$ALL_PASS@$CONTROLLER_IP/nova_api" /etc/nova/nova.conf
#[database]
if [ `cat /etc/nova/nova.conf|grep '^\[database\]'` != "[database]" ];
then
echo "[database]" >> /etc/nova/nova.conf
fi
sed -i "/\[database]$/aconnection = mysql+pymysql://nova:$ALL_PASS@$CONTROLLER_IP/nova" /etc/nova/nova.conf
#[api]
if [ `cat /etc/nova/nova.conf|grep '^\[api\]'` != "[api]" ];
then
echo "[api]" >> /etc/nova/nova.conf
fi
sed -i "/\[api]$/aauth_strategy = keystone" /etc/nova/nova.conf
#[keystone_authtoken]
if [ `cat /etc/nova/nova.conf|grep '^\[keystone_authtoken\]'` != "[keystone_authtoken]" ];
then
echo "[keystone_authtoken]" >> /etc/nova/nova.conf
fi
sed -i "/\[keystone_authtoken]$/apassword = $ALL_PASS" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/ausername = nova" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/amemcached_servers = $CONTROLLER_IP:11211" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/nova/nova.conf
sed -i "/\[keystone_authtoken]$/awww_authenticate_uri = http://$CONTROLLER_IP:5000/" /etc/nova/nova.conf
#[vnc]
if [ `cat /etc/nova/nova.conf|grep '^\[vnc\]'` != "[vnc]" ];
then
echo "[vnc]" >> /etc/nova/nova.conf
fi
sed -i "/\[vnc]$/aserver_proxyclient_address = \$my_ip" /etc/nova/nova.conf
sed -i "/\[vnc]$/aserver_listen = \$my_ip" /etc/nova/nova.conf
sed -i "/\[vnc]$/aenabled = true" /etc/nova/nova.conf
#[glance]
if [ `cat /etc/nova/nova.conf|grep '^\[glance\]'` != "[glance]" ];
then
echo "[glance]" >> /etc/nova/nova.conf
fi
sed -i "/\[glance]$/aapi_servers = http://$CONTROLLER_IP:9292" /etc/nova/nova.conf
#[oslo_concurrency]
if [ `cat /etc/nova/nova.conf|grep '^\[oslo_concurrency\]'` != "[oslo_concurrency]" ];
then
echo "[oslo_concurrency]" >> /etc/nova/nova.conf
fi
sed -i "/\[oslo_concurrency]$/alock_path = \/var\/lib\/nova\/tmp" /etc/nova/nova.conf
#[placement]
if [ `cat /etc/nova/nova.conf|grep '^\[placement\]'` != "[placement]" ];
then
echo "[placement]" >> /etc/nova/nova.conf
fi
sed -i "/\[placement]$/apassword = $ALL_PASS" /etc/nova/nova.conf
sed -i "/\[placement]$/ausername = placement" /etc/nova/nova.conf
sed -i "/\[placement]$/aauth_url = http://$CONTROLLER_IP:5000/v3" /etc/nova/nova.conf
sed -i "/\[placement]$/auser_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[placement]$/aauth_type = password" /etc/nova/nova.conf
sed -i "/\[placement]$/aproject_name = service" /etc/nova/nova.conf
sed -i "/\[placement]$/aproject_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[placement]$/aos_region_name = RegionOne" /etc/nova/nova.confsu -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 list_cells" novasystemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service#Verify operation
source /root/admin-openrc
openstack compute service list
sleep 2
openstack catalog list
sleep 2
openstack image list
sleep 2
nova-status upgrade check
sleep 2#===Networking Service===
mysql -N -uroot -p$ALL_PASS<> /etc/neutron/neutron.conf
fi
sed -i "/\[database]$/aconnection = mysql+pymysql://neutron:$ALL_PASS@$CONTROLLER_IP/neutron" /etc/neutron/neutron.conf
#[DEFAULT]
if [ `cat /etc/neutron/neutron.conf|grep '^\[DEFAULT\]'` != "[DEFAULT]" ];
then
echo "[DEFAULT]" >> /etc/neutron/neutron.conf
fi
sed -i "/\[DEFAULT]$/anotify_nova_on_port_data_changes = true" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/anotify_nova_on_port_status_changes = true" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/aauth_strategy = keystone" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/atransport_url = rabbit://openstack:$ALL_PASS@$CONTROLLER_IP" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/aallow_overlapping_ips = true" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/aservice_plugins = router" /etc/neutron/neutron.conf
sed -i "/\[DEFAULT]$/acore_plugin = ml2" /etc/neutron/neutron.conf
#[keystone_authtoken]
if [ `cat /etc/neutron/neutron.conf|grep '^\[keystone_authtoken\]'` != "[keystone_authtoken]" ];
then
echo "[keystone_authtoken]" >> /etc/neutron/neutron.conf
fi
sed -i "/\[keystone_authtoken]$/apassword = $ALL_PASS" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/ausername = neutron" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/amemcached_servers = $CONTROLLER_IP:11211" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/neutron/neutron.conf
sed -i "/\[keystone_authtoken]$/awww_authenticate_uri = http://$CONTROLLER_IP:5000" /etc/neutron/neutron.conf
#[nova]
if [ `cat /etc/neutron/neutron.conf|grep '^\[nova\]'` != "[nova]" ];
then
echo "[nova]" >> /etc/neutron/neutron.conf
fi
sed -i "/\[nova]$/apassword = $ALL_PASS" /etc/neutron/neutron.conf
sed -i "/\[nova]$/ausername = nova" /etc/neutron/neutron.conf
sed -i "/\[nova]$/aproject_name = service" /etc/neutron/neutron.conf
sed -i "/\[nova]$/aregion_name = RegionOne" /etc/neutron/neutron.conf
sed -i "/\[nova]$/auser_domain_name = Default" /etc/neutron/neutron.conf
sed -i "/\[nova]$/aproject_domain_name = Default" /etc/neutron/neutron.conf
sed -i "/\[nova]$/aauth_type = password" /etc/neutron/neutron.conf
sed -i "/\[nova]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/neutron/neutron.conf
#[oslo_concurrency]
if [ `cat /etc/neutron/neutron.conf|grep '^\[oslo_concurrency\]'` != "[oslo_concurrency]" ];
then
echo "[oslo_concurrency]" >> /etc/neutron/neutron.conf
fi
sed -i "/\[oslo_concurrency]$/alock_path = \/var\/lib/neutron\/tmp" /etc/neutron/neutron.confcp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
#[ml2]
if [ `cat /etc/neutron/plugins/ml2/ml2_conf.ini|grep '^\[ml2\]'` != "[ml2]" ];
then
echo "[ml2]" >> /etc/neutron/plugins/ml2/ml2_conf.ini
fi
sed -i "/\[ml2]$/aextension_drivers = port_security" /etc/neutron/plugins/ml2/ml2_conf.ini
sed -i "/\[ml2]$/amechanism_drivers = openvswitch,l2population" /etc/neutron/plugins/ml2/ml2_conf.ini
sed -i "/\[ml2]$/atenant_network_types = vxlan,vlan" /etc/neutron/plugins/ml2/ml2_conf.ini
sed -i "/\[ml2]$/atype_drivers = flat,vlan,vxlan" /etc/neutron/plugins/ml2/ml2_conf.ini
#[ml2_type_flat]
if [ `cat /etc/neutron/plugins/ml2/ml2_conf.ini|grep '^\[ml2_type_flat\]'` != "[ml2_type_flat]" ];
then
echo "[ml2_type_flat]" >> /etc/neutron/plugins/ml2/ml2_conf.ini
fi
sed -i "/\[ml2_type_flat]$/aflat_networks = provider" /etc/neutron/plugins/ml2/ml2_conf.ini
#[ml2_type_vlan]
if [ `cat /etc/neutron/plugins/ml2/ml2_conf.ini|grep '^\[ml2_type_vlan\]'` != "[ml2_type_vlan]" ];
then
echo "[ml2_type_vlan]" >> /etc/neutron/plugins/ml2/ml2_conf.ini
fi
sed -i "/\[ml2_type_vlan]$/anetwork_vlan_ranges = physicnet:1000:2000" /etc/neutron/plugins/ml2/ml2_conf.ini
#[ml2_type_vxlan]
if [ `cat /etc/neutron/plugins/ml2/ml2_conf.ini|grep '^\[ml2_type_vxlan\]'` != "[ml2_type_vxlan]" ];
then
echo "[ml2_type_vxlan]" >> /etc/neutron/plugins/ml2/ml2_conf.ini
fi
sed -i "/\[ml2_type_vxlan]$/avni_ranges = 30000:31000" /etc/neutron/plugins/ml2/ml2_conf.ini
#[securitygroup]
if [ `cat /etc/neutron/plugins/ml2/ml2_conf.ini|grep '^\[securitygroup\]'` != "[securitygroup]" ];
then
echo "[securitygroup]" >> /etc/neutron/plugins/ml2/ml2_conf.ini
fi
sed -i "/\[securitygroup]$/aenable_ipset = true" /etc/neutron/plugins/ml2/ml2_conf.ini#/etc/neutron/plugins/ml2/openvswitch_agent.ini
cp /etc/neutron/plugins/ml2/openvswitch_agent.ini /etc/neutron/plugins/ml2/openvswitch_agent.ini.bak
#[agent]
#sed -i "/tunnel_types = /atunnel_types = vxlan" /etc/neutron/plugins/ml2/openvswitch_agent.ini
#[ovs]
#sed -i "/\[ovs]$/alocal_ip = 10.214.1.2" /etc/neutron/plugins/ml2/openvswitch_agent.ini
#sed -i "/\[ovs]$/atun_peer_patch_port = patch-int" /etc/neutron/plugins/ml2/openvswitch_agent.ini
#sed -i "/\[ovs]$/aint_peer_patch_port = patch-tun" /etc/neutron/plugins/ml2/openvswitch_agent.ini
#sed -i "/\[ovs]$/atunnel_bridge = br-tun" /etc/neutron/plugins/ml2/openvswitch_agent.ini
#[securitygroup]
if [ `cat /etc/neutron/plugins/ml2/openvswitch_agent.ini|grep '^\[securitygroup\]'` != "[securitygroup]" ];
then
echo "[securitygroup]" >> /etc/neutron/plugins/ml2/openvswitch_agent.ini
fi
sed -i "/\[securitygroup]$/aenable_security_group = true" /etc/neutron/plugins/ml2/openvswitch_agent.ini
sed -i "/\[securitygroup]$/afirewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver" /etc/neutron/plugins/ml2/openvswitch_agent.inicp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
if [ `cat /etc/neutron/l3_agent.ini|grep '^\[DEFAULT\]'` != "[DEFAULT]" ];
then
echo "[DEFAULT]" >> /etc/neutron/l3_agent.ini
fi
sed -i "/\[DEFAULT]$/ainterface_driver = neutron.agent.linux.interface.OVSInterfaceDriver" /etc/neutron/l3_agent.inicp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
if [ `cat /etc/neutron/dhcp_agent.ini|grep '^\[DEFAULT\]'` != "[DEFAULT]" ];
then
echo "[DEFAULT]" >> /etc/neutron/dhcp_agent.ini
fi
sed -i "/\[DEFAULT]$/aenable_isolated_metadata = https://www.it610.com/article/true" /etc/neutron/l3_agent.ini
sed -i "/\[DEFAULT]$/adhcp_driver = neutron.agent.linux.dhcp.Dnsmasq" /etc/neutron/dhcp_agent.ini
sed -i "/\[DEFAULT]$/ainterface_driver = neutron.agent.linux.interface.OVSInterfaceDriver" /etc/neutron/dhcp_agent.ini
sed -i "/force_metadata = /aforce_metadata = https://www.it610.com/article/true" /etc/neutron/dhcp_agent.ini#metadata.conf
if [ `cat /etc/neutron/metadata_agent.ini|grep '^\[DEFAULT\]'` != "[DEFAULT]" ];
then
echo "[DEFAULT]" >> /etc/neutron/metadata_agent.ini
fi
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
sed -i "/\[DEFAULT]$/ametadata_proxy_shared_secret = $ALL_PASS" /etc/neutron/metadata_agent.ini
sed -i "/\[DEFAULT]$/anova_metadata_host = $CONTROLLER_IP" /etc/neutron/metadata_agent.ini#nova.conf
if [ `cat /etc/nova/nova.conf|grep '^\[neutron\]'` != "[neutron]" ];
then
echo "[neutron]" >> /etc/nova/nova.conf
fi
sed -i "/\[neutron]$/ametadata_proxy_shared_secret = $ALL_PASS" /etc/nova/nova.conf
sed -i "/\[neutron]$/aservice_metadata_proxy = true" /etc/nova/nova.conf
sed -i "/\[neutron]$/apassword = $ALL_PASS" /etc/nova/nova.conf
sed -i "/\[neutron]$/ausername = neutron" /etc/nova/nova.conf
sed -i "/\[neutron]$/aproject_name = service" /etc/nova/nova.conf
sed -i "/\[neutron]$/aregion_name = RegionOne" /etc/nova/nova.conf
sed -i "/\[neutron]$/auser_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[neutron]$/aproject_domain_name = Default" /etc/nova/nova.conf
sed -i "/\[neutron]$/aauth_type = password" /etc/nova/nova.conf
sed -i "/\[neutron]$/aauth_url = http://$CONTROLLER_IP:5000" /etc/nova/nova.conf
sed -i "/\[neutron]$/aurl = http://$CONTROLLER_IP:9696" /etc/nova/nova.confln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutronsystemctl restart openstack-nova-api.servicesystemctl enable neutron-server.service \
neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service \
neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service#===Dashboard===
yum install openstack-dashboard -y#/etc/openstack-dashboard/local_settings
cp /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.baksed -i "/OPENSTACK_HOST = /cOPENSTACK_HOST = \"$CONTROLLER_IP\"" /etc/openstack-dashboard/local_settings
sed -i "/ALLOWED_HOSTS = /cALLOWED_HOSTS = ['*']" /etc/openstack-dashboard/local_settings
sed -i "/SESSION_ENGINE = /aSESSION_ENGINE = 'django.contrib.sessions.backends.cache'" /etc/openstack-dashboard/local_settings
sed -i "/OPENSTACK_KEYSTONE_URL =/aOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" /etc/openstack-dashboard/local_settings
sed -i "/OPENSTACK_KEYSTONE_URL =/aOPENSTACK_KEYSTONE_DEFAULT_DOMAIN = \"Default\"" /etc/openstack-dashboard/local_settings
sed -i "/OPENSTACK_KEYSTONE_URL =/aOPENSTACK_KEYSTONE_DEFAULT_ROLE = \"user\"" /etc/openstack-dashboard/local_settings
sed -i "/TIME_ZONE/c#TIME_ZONE = UTC" /etc/openstack-dashboard/local_settingsecho "CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '$CONTROLLER_IP:11211',
}
}" >> local_settingsecho "OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}" >> local_settingssed -i "/WSGIScriptAlias/iWSGIApplicationGroup %{GLOBAL}" /etc/httpd/conf.d/openstack-dashboard.conf#Because of the bugs of Train in CentOS7.8, we need to do something to solve it.
echo "*softnofile1024000
*hardnofile1024000" >> /etc/security/limits.conf
yum install -y lsof
lsof | wc -l
cd /usr/share/openstack-dashboard/
python manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
sed -i "s/WEBROOT = '\/'/WEBROOT = '\/dashboard'/g" /usr/share/openstack-dashboard/openstack_dashboard/defaults.py
sed -i "s/WEBROOT = '\/'/WEBROOT = '\/dashboard'/g" /usr/share/openstack-dashboard/openstack_dashboard/test/settings.py
cd /usr/share/openstack-dashboard/static/dashboard/js/
for i in `ls|awk {print}`
do
sed -i "s/WEBROOT = '\/'/WEBROOT = '\/dashboard'/g" $i
sed -i "s/WEBROOT='\/'/WEBROOT='\/dashboard'/g" $i
sed -i "s/WEBROOT = \"\/\"/WEBROOT = \"\/dashboard\"/g" $i
sed -i "s/WEBROOT=\"\/\"/WEBROOT=\"\/dashboard\"/g" $i
donesed -i "/WSGIScriptAlias/c\ \ \ \ WSGIScriptAlias /dashboard /usr/share/openstack-dashboard/openstack_dashboard/wsgi.py" /etc/httpd/conf.d/openstack-dashboard.conf
sed -i "/Alias/c\ \ \ \ Alias /dashboard/static /usr/share/openstack-dashboard/static" /etc/httpd/conf.d/openstack-dashboard.confsystemctl restart httpd.service memcached.service
systemctl status httpd memcached#=== ===
sed -i "/\[Service]$/aLimitNOFILE=65535" /usr/lib/systemd/system/mariadb.service
sed -i "/\[Service]$/aLimitNPROC=65535" /usr/lib/systemd/system/mariadb.service
systemctl daemon-reload
systemctl restartmariadb.service#===Fwaas Lbaasv2 Vpnaas===
yum install openstack-neutron-fwaas -y
neutron-db-manage --subproject neutron-fwaas upgrade head
#lbaasv2
yum install openstack-neutron-lbaas -y
neutron-db-manage --subproject neutron-lbaas upgrade head
#aas
yum install openstack-neutron-aas -y
neutron-db-manage --subproject neutron-aas upgrade head#
##8.Block Storage service
#
#Discover compute
#source /root/admin-openrc
#openstack compute service list --service nova-compute
#su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
#
#add image
#openstack image create "cirros" --file cirros-0.4.0-x86_64-disk.img --disk-format qcow2 --container-format bare --publicecho -e "\033[45;
37mOpenstack Train computer node install end !!!\033[0m"
推荐阅读
- 【Hadoop踩雷】Mac下安装Hadoop3以及Java版本问题
- C语言的版本比较
- [源码解析]|[源码解析] NVIDIA HugeCTR,GPU版本参数服务器---(3)
- K8S|K8S 生态周报| Istio 即将发布重大安全更新,多个版本受影响
- Caffe在Windows10下CPU版本的安装(cpu+anaconda3+vs2013+pycaffe)
- 中单直通王者(三)(英雄池要跟上版本,选将放机灵点,听到没!)
- Centos6源码编译安装2.4版本http服务步骤
- C语言静态动态两版本通讯录实战源码
- 命令行上传小程序版本至微信后台
- 一篇博文搞定goctl(V1.3.0新版本解决goctl|一篇博文搞定goctl:V1.3.0新版本解决goctl rpc protoc的问题)