Pike裸金属部署
变量
ctrl_ip="172.36.214.11"#controller_mgt_ip
#Note: The hostname cannot contain "_"
ctrl_hostname=`cat /etc/hostname`all_pwd="123456"#inspector_ip you should set on inspector_interface
inspector_ip="10.0.0.1"
inspector_intface="ens256"
inspector_ippool_start="10.0.0.100"
inspector_ippool_end="10.0.0.200"source /root/admin-openrc
openstack network create Provision--provider-network-type vxlan--provider-segment 4001
#provision_ip you should set on inspector_interface's vlan subinterface, for example: ens256.1255
provision_vlan="4001"
provision_ip="20.0.0.1"
provision_uuid=`openstack network show Provision | grep id|grep -v pro|grep -v qos|tr -d " "|awk -F '|' '{print$3}'`
echo $provision_uuid
sleep 3set inpspector interface
sed -i "/BOOTPROTO/cBOOTPROTO=none" /etc/sysconfig/network-scripts/ifcfg-$inspector_intface
sed -i "/ONBOOT/cONBOOT=yes" /etc/sysconfig/network-scripts/ifcfg-$inspector_intface
echo "IPADDR=$inspector_ip" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface
echo "PREFIX=24" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intfaceset provision interface
echo "BOOTPROTO=none" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "DEVICE=$inspector_intface.$provision_vlan" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "ONBOOT=yes" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "IPADDR=$provision_ip" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "VLAN=yes" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlansystemctl restart network
systemctl status networkyum install qemu-img iscsi-initiator-utils python2-ironicclient psmisc gdisk -yDatabase
mysql -N -u root -p$all_pwd<ironic
openstack user create --password $all_pwd --email ironic@example.com ironic
openstack role add --project service --user ironic admin
openstack service create --name ironic --description "ironic baremetal provisioning service" baremetalopenstack endpoint create --region RegionOne baremetal admin http://$ctrl_ip:6385
openstack endpoint create --region RegionOne baremetal public http://$ctrl_ip:6385
openstack endpoint create --region RegionOne baremetal internal http://$ctrl_ip:6385【Pike裸金属部署】iroic-inspector
openstack user create --password $all_pwd --email ironic_inspector@example.com ironic_inspector
openstack role add --project service --user ironic_inspector admin
openstack service create --name ironic_inspector --description "ironic inspector baremetal provisioning service" baremetal-introspectionopenstack endpoint create --region RegionOne --enable ironic_inspector admin http://$ctrl_ip:5050
openstack endpoint create --region RegionOne --enable ironic_inspector internal http://$ctrl_ip:5050
openstack endpoint create --region RegionOne --enable ironic_inspector public http://$ctrl_ip:5050ironic ironic-soft install
yum install -y openstack-ironic-api openstack-ironic-conductor python-ironicclient
yum install -y openstack-ironic-inspector
sed -i "/\[DEFAULT]$/adebug = True" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_inspect_interfaces = inspector,no-inspect" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_power_interfaces = ipmitool" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_management_interfaces = ipmitool" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_deploy_interfaces = iscsi,direct" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_boot_interfaces = pxe" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_hardware_types = ipmi" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/adefault_network_interface = neutron" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_network_interfaces = neutron" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/amy_ip=$ctrl_ip" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aauth_strategy=keystone" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/atransport_url = rabbit://openstack:$all_pwd@$ctrl_ip/" /etc/ironic/ironic.confsed -i "/\[api]$/aport = 6385" /etc/ironic/ironic.conf
sed -i "/\[api]$/ahost_ip = 0.0.0.0" /etc/ironic/ironic.confsed -i "/\[conductor]$/aautomated_clean=false" /etc/ironic/ironic.conf
sed -i "/\[conductor]$/aapi_url=http://$ctrl_ip:6385" /etc/ironic/ironic.confsed -i "/\[database]$/aconnection=mysql+pymysql://ironic:$all_pwd@$ctrl_ip/ironic?charset=utf8" /etc/ironic/ironic.confsed -i "/\[deploy]$/adefault_boot_option = local" /etc/ironic/ironic.confsed -i "/\[dhcp]$/adhcp_provider = neutron" /etc/ironic/ironic.confsed -i "/\[glance]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[glance]$/ausername = glance" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[glance]$/auser_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aproject_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aendpoint_override = http://$ctrl_ip:9292" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aurl =http://$ctrl_ip:9292" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aglance_host = $ctrl_ip" /etc/ironic/ironic.confsed -i "/\[inspector]$/aservice_url = http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aurl =http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aendpoint_override = http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aenabled=true" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/auser_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aproject_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aproject_name=service" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/apassword=$all_pwd" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/ausername=ironic_inspector" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_type=password" /etc/ironic/ironic.confsed -i "/\[keystone_authtoken]$/auser_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aproject_name=service" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/apassword=$all_pwd" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/ausername=ironic" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_type=password" /etc/ironic/ironic.confsed -i "/\[neutron]$/aprovisioning_network=$provision_uuid" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/acleaning_network=$provision_uuid" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/ausername = neutron" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/auser_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aproject_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aauth_url = http://$ctrl_ip:5000/" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aendpoint_override = http://$ctrl_ip:9696" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aurl = http://$ctrl_ip:9696" /etc/ironic/ironic.conf#对应的是provision网段的网关地址,这个provision不能绑定在路由上,不然交换机也下发该网关地址就冲突了
sed -i "/\[pxe]$/atftp_server = $provision_ip" /etc/ironic/ironic.confsed -i "/\[service_catalog]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/ausername = ironic" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/auser_domain_id = default" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aproject_domain_id = default" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/ainsecure = true" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aendpoint_override=http://$ctrl_ip:6385" /etc/ironic/ironic.confironic-dbsync --config-file /etc/ironic/ironic.conf create_schema
systemctl enable openstack-ironic-api openstack-ironic-conductor
systemctl restart openstack-ironic-api openstack-ironic-conductorxinetd tftp-server syslinux-tftpboot
yum install tftp-server syslinux-tftpboot xinetd -yecho > /etc/xinetd.d/tftp
echo "service tftp" >> /etc/xinetd.d/tftp
echo "{" >> /etc/xinetd.d/tftp
echo "socket_type= dgram" >> /etc/xinetd.d/tftp
echo "protocol= udp" >> /etc/xinetd.d/tftp
echo "port= 69" >> /etc/xinetd.d/tftp
echo "wait= yes" >> /etc/xinetd.d/tftp
echo "user= root" >> /etc/xinetd.d/tftp
echo "server= /usr/sbin/in.tftpd" >> /etc/xinetd.d/tftp
echo "server_args= -v -v -v -v -v --map-file /tftpboot/map-file /tftpboot" >> /etc/xinetd.d/tftp
echo "disable= no" >> /etc/xinetd.d/tftp
echo "per_source= 11" >> /etc/xinetd.d/tftp
echo "cps= 100 2" >> /etc/xinetd.d/tftp
echo "flags= IPv4" >> /etc/xinetd.d/tftp
echo "}" >> /etc/xinetd.d/tftpsystemctl enable xinetd && systemctl restart xinetdmkdir /tftpboot
cp /var/lib/tftpboot/pxelinux.0 /tftpbootecho 're ^(/tftpboot/) /tftpboot/\2' > /tftpboot/map-file
echo 're ^/tftpboot/ /tftpboot/' >> /tftpboot/map-file
echo 're ^(^/) /tftpboot/\1' >> /tftpboot/map-file
echo 're ^([^/]) /tftpboot/\1' >> /tftpboot/map-file#cp /var/lib/tftpboot/chain.c32 /tftpboot/
mkdir /tftpboot/pxelinux.cfg
echo "default introspect" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "label introspect" >>/tftpboot/pxelinux.cfg/default
echo "kernel ironic-agent.kernel" >>/tftpboot/pxelinux.cfg/default
echo "append initrd=ironic-agent.initramfs ipa-inspection-callback-url=http://$inspector_ip:5050/v1/continue ipa-inspection-collectors=default ipa-collect-lldp=1 systemd.journald.forward_to_console=no selinux=0" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "ipappend 3" >>/tftpboot/pxelinux.cfg/defaultif [ -f "ironic-agent.kernel" ] && [ -f "ironic-agent.initramfs" ]
then
cp ironic-agent.kernel /tftpboot/
cp ironic-agent.initramfs /tftpboot/
chown -R ironic:ironic /tftpboot && chmod -R 777 /tftpboot
glance image-create --name ironic-agent.kernel --visibility public --disk-format aki --container-format aki < ironic-agent.kernel
glance image-create --name ironic-agent.initramfs --visibility public --disk-format ari --container-format ari < ironic-agent.initramfs
sleep 2
else
echo "Manual execution"
fiironic-inspector
#Edit /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/averbose = true" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/adebug = true" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/aauth_strategy = keystone" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/alisten_port = 5050" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/alisten_address = 0.0.0.0" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/arootwrap_config = /etc/ironic-inspector/rootwrap.conf" /etc/ironic-inspector/inspector.confsed -i "/\[capabilities]$/aboot_mode = true" /etc/ironic-inspector/inspector.confsed -i "/\[database]$/aconnection = mysql+pymysql://ironic_inspector:$all_pwd@$ctrl_ip/ironic_inspector?charset=utf8" /etc/ironic-inspector/inspector.confsed -i "/\[ironic]$/aregion_name = RegionOne" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/auser_domain_name = default" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aproject_domain_name = default" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/apassword = $all_pwd" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/ausername = ironic" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aproject_name = service" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aauth_url = http://$ctrl_ip:5000" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aauth_type = password" /etc/ironic-inspector/inspector.confsed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/apassword = $all_pwd" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/ausername = ironic_inspector" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_uri = http://$ctrl_ip:5000" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/ironic-inspector/inspector.confsed -i "/\[processing]$/aadd_ports = active" /etc/ironic-inspector/inspector.conf
sed -i "/\[processing]$/aprocessing_hooks=ramdisk_error,root_disk_selection,scheduler,validate_interfaces,capabilities,pci_devices,local_link_connection" /etc/ironic-inspector/inspector.conf
sed -i "/\[processing]$/astore_data = https://www.it610.com/article/none" /etc/ironic-inspector/inspector.conf#Edit /etc/ironic-inspector/dnsmasq.conf
#inspector的dhcp server
echo > /etc/ironic-inspector/dnsmasq.conf
echo "port = 0" >> /etc/ironic-inspector/dnsmasq.conf
echo "interface = $inspector_intface" >> /etc/ironic-inspector/dnsmasq.conf
echo "bind-interfaces" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-range = $inspector_ippool_start,$inspector_ippool_end" >> /etc/ironic-inspector/dnsmasq.conf
echo "enable-tftp" >> /etc/ironic-inspector/dnsmasq.conf
echo "tftp-root = /tftpboot" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-boot = pxelinux.0" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-sequential-ip" >> /etc/ironic-inspector/dnsmasq.confironic-inspector-dbsync --config-file /etc/ironic-inspector/inspector.conf upgrade
systemctl enable openstack-ironic-inspector.service openstack-ironic-inspector-dnsmasq.service
systemctl restart openstack-ironic-inspector.service openstack-ironic-inspector-dnsmasq.service#Edit /etc/nova/nova.conf on controller nodesed -i "/\[DEFAULT]$/areserved_host_memory_mb = 0" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/aram_allocation_ratio = 1.0" /etc/nova/nova.confsed -i "/\[filter_scheduler]$/atrack_instance_changes = false" /etc/nova/nova.conf
sed -i "/\[filter_scheduler]$/aenabled_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter" /etc/nova/nova.conf
sed -i "/\[filter_scheduler]$/ahost_subset_size = 9999999" /etc/nova/nova.confsed -i "/\[ironic]/auser_domain_name = default" /etc/nova/nova.conf
sed -i "/\[ironic]/aproject_domain_name = default" /etc/nova/nova.conf
sed -i "/\[ironic]/apassword = $all_pwd" /etc/nova/nova.conf
sed -i "/\[ironic]/ausername = ironic" /etc/nova/nova.conf
sed -i "/\[ironic]/aproject_name = service" /etc/nova/nova.conf
sed -i "/\[ironic]/aauth_url = http://$ctrl_ip:5000" /etc/nova/nova.conf
sed -i "/\[ironic]/aauth_type = password" /etc/nova/nova.conf
sed -i "/\[ironic]/aendpoint_override = http://$ctrl_ip:6385" /etc/nova/nova.conf
#set [quota] :Modify the number of instances, cores, and memory to be unlimited
sed -i "/\[quota]/aram=-1" /etc/nova/nova.conf
sed -i "/\[quota]/acores=-1" /etc/nova/nova.conf
sed -i "/\[quota]/ainstances=-1" /etc/nova/nova.confsystemctl restart openstack-nova-*
systemctl status openstack-nova-*
sleep 2Install openstack-ironic-ui
yum install openstack-ironic-ui -y#如果重启一次ironic界面出不来,那就在restart一次,我也不知道为什么-_-!
systemctl restart httpd
systemctl status httpd
#
###检测xinetd服务器用端口的准确性!
echo "We need to detect xinetd service"
netstat -lpun
echo "udp00 0.0.0.0:690.0.0.0:*2972/xinetd"
echo "If you do not have the above information"
echo "Your xinetd service have some error, you need test xinetd's configuration file!"推荐阅读
- 好想,找个大海去裸奔…
- 先放下|先放下 ,求一个好心情
- 裸辞后的只言片语
- c语言|一文搞懂栈(stack)、堆(heap)、单片机裸机内存管理malloc
- 遮挡
- 当小鲜肉开始浓妆艳抹,女明星都换上了高段位裸妆
- 被妈妈爸爸赤裸裸的嫌弃
- 化学
- 我浑身赤裸
- 重金属废水处理之一体化污水处理设备