openstack一键安装脚本(转载)
生活随笔
收集整理的這篇文章主要介紹了
openstack一键安装脚本(转载)
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
#!/bin/sh
# openstack pike 單機 一鍵安裝
# 環境 centos 7.4.1708 x86_64
# 更多內容 http://dwz.cn/openstack
# Myde by Elven[[ `uname -r` = *el7* ]] && { echo '開啟安裝openstack pike'; } || { echo '請在CentOS7.4 環境運行';exit; }##########################################
#參數#獲取第一塊網卡名、ip地址
Net=`ip add|egrep global|awk '{ print $NF }'|head -n 1`
IP=`ip add|grep global|awk -F'[ /]+' '{ print $3 }'|head -n 1`
echo "網卡名稱:$Net"
echo "IP地址: $IP"#參數
DBPass=elven2017 #SQL root密碼
Node=controller #節點名
Netname=$Net #網卡名稱
MyIP=$IP #IP地址
VncProxy=$IP #VNC代理外網IP地址
Imgdir=/date/glance #自定義glance鏡像目錄
VHD=/date/nova #自定義Nova實例路徑
Kvm=qemu #QEMU或KVM ,KVM需要硬件支持##########################################
#1、設置echo '關閉selinux、防火墻'
systemctl stop firewalld.service
systemctl disable firewalld.service
firewall-cmd --state
sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config
sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config
grep --color=auto '^SELINUX' /etc/selinux/config
setenforce 0echo '時間同步'
/usr/sbin/ntpdate ntp6.aliyun.com
echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontab
crontab /tmp/crontabecho '設置hostname'
hostnamectl set-hostname $Node
echo "$SetIP $Node">>/etc/hostsecho '自定義openstack源'
wget -O /etc/yum.repos.d/Ali-pike.repo http://elven.vip/ks/openstack/Ali-pike.repo
yum clean all && yum makecache #生成緩存##########################################
#2 安裝function installrpm()
{
echo 'OpenStack tools 安裝'
yum install -y python-openstackclient openstack-selinux \python2-PyMySQL openstack-utils
echo 'MariaDB安裝'
yum install mariadb mariadb-server mariadb-galera-server -y
yum install expect -y
echo 'RabbitMQ安裝'
yum install rabbitmq-server erlang socat -y
echo 'Keystone安裝'
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
yum install apr apr-util -y
echo '安裝Glance'
yum install -y openstack-glance python-glance
echo '安裝nova'
yum install -y openstack-nova-api openstack-nova-conductor \openstack-nova-console openstack-nova-novncproxy \openstack-nova-scheduler openstack-nova-placement-api \openstack-nova-compute
echo '安裝neutron'
yum install -y openstack-neutron openstack-neutron-ml2 \openstack-neutron-linuxbridge python-neutronclient ebtables ipset
echo '安裝dashboard'
yum install openstack-dashboard -y
}echo '安裝openstack'
installrpm
echo '再次安裝,防止下載失敗'
installrpm##########################################
#3、配置# #------------------#####################
echo 'SQL數據庫配置'
cp /etc/my.cnf.d/openstack.cnf{,.bak}
echo "#
[mysqld]
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
#">/etc/my.cnf.d/openstack.cnf
echo '啟動數據庫服務'
systemctl enable mariadb.service
systemctl start mariadb.service
sleep 5
netstat -antp|grep mysqld
#mysql_secure_installation #初始化設置密碼,自動交互
[[ -f /usr/bin/expect ]] || { yum install expect -y; } #若沒expect則安裝
/usr/bin/expect << EOF
set timeout 30
spawn mysql_secure_installation
expect {"enter for none" { send "\r"; exp_continue}"Y/n" { send "Y\r" ; exp_continue}"password:" { send "$DBPass\r"; exp_continue}"new password:" { send "$DBPass\r"; exp_continue}"Y/n" { send "Y\r" ; exp_continue}eof { exit }
}
EOF
#測試
mysql -u root -p$DBPass -e "show databases;"
[ $? = 0 ] || { echo "mariadb初始化失敗";exit; }echo '創建數據庫、用戶授權'
mysql -u root -p$DBPass -e "
create database keystone;
grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone';
grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';
create database glance;
grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';
grant all privileges on glance.* to 'glance'@'%' identified by 'glance';create database nova;
grant all privileges on nova.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova.* to 'nova'@'%' identified by 'nova';
create database nova_api;
grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_api.* to 'nova'@'%' identified by 'nova';
create database nova_cell0;
grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'nova';create database neutron;
grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'neutron';
grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';flush privileges;
select user,host from mysql.user;
show databases;
"
#
# #------------------#####################
echo 'RabbitMQ配置'
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
sleep 3
rabbitmq-plugins enable rabbitmq_management #啟動web插件端口15672
#添加用戶及密碼
rabbitmqctl add_user admin admin
rabbitmqctl set_user_tags admin administrator
rabbitmqctl add_user openstack openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
rabbitmqctl set_user_tags openstack administrator
systemctl restart rabbitmq-server.service
sleep 3
netstat -antp|grep '5672'# #------------------#####################
#Keystone
#memcached啟動
cp /etc/sysconfig/memcached{,.bak}
systemctl enable memcached.service
systemctl start memcached.service
netstat -antp|grep 11211echo 'Keystone 配置'
cp /etc/keystone/keystone.conf{,.bak} #備份默認配置
Keys=$(openssl rand -hex 10) #生成隨機密碼
echo $Keys
echo "kestone $Keys">/root/openstack.log
echo "
[DEFAULT]
admin_token = $Keys
verbose = true
[database]
connection = mysql+pymysql://keystone:keystone@controller/keystone
[token]
provider = fernet
driver = memcache
[memcache]
servers = controller:11211
">/etc/keystone/keystone.conf#初始化身份認證服務的數據庫
su -s /bin/sh -c "keystone-manage db_sync" keystone
#檢查表是否創建成功
mysql -h controller -ukeystone -pkeystone -e "use keystone;show tables;"
#初始化密鑰存儲庫
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
#設置admin用戶(管理用戶)和密碼
keystone-manage bootstrap --bootstrap-password admin \--bootstrap-admin-url http://controller:35357/v3/ \--bootstrap-internal-url http://controller:5000/v3/ \--bootstrap-public-url http://controller:5000/v3/ \--bootstrap-region-id RegionOne#apache配置
cp /etc/httpd/conf/httpd.conf{,.bak}
echo "ServerName controller">>/etc/httpd/conf/httpd.conf
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/#Apache HTTP 啟動并設置開機自啟動
systemctl enable httpd.service
systemctl restart httpd.service
sleep 3
netstat -antp|egrep ':5000|:35357|:80'#創建 OpenStack 客戶端環境腳本
#admin環境腳本
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
">./admin-openstack.sh
#測試腳本是否生效
source ./admin-openstack.sh
openstack token issue#創建service項目,創建glance,nova,neutron用戶,并授權
openstack project create --domain default --description "Service Project" service
openstack user create --domain default --password=glance glance
openstack role add --project service --user glance admin
openstack user create --domain default --password=nova nova
openstack role add --project service --user nova admin
openstack user create --domain default --password=neutron neutron
openstack role add --project service --user neutron admin#創建demo項目(普通用戶密碼及角色)
openstack project create --domain default --description "Demo Project" demo
openstack user create --domain default --password=demo demo
openstack role create user
openstack role add --project demo --user demo user
#demo環境腳本
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
">./demo-openstack.sh
#測試腳本是否生效
source ./demo-openstack.sh
openstack token issue# #------------------#####################
echo 'Glance鏡像服務'
# keystone上服務注冊 ,創建glance服務實體,API端點(公有、私有、admin)
source ./admin-openstack.sh || { echo "加載前面設置的admin-openstack.sh環境變量腳本";exit; }
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292cp /etc/glance/glance-api.conf{,.bak}
cp /etc/glance/glance-registry.conf{,.bak}
# images默認/var/lib/glance/images/
#Imgdir=/date/glance
mkdir -p $Imgdir
chown glance:nobody $Imgdir
echo "鏡像目錄: $Imgdir"
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = $Imgdir
#">/etc/glance/glance-api.conf
#
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
#">/etc/glance/glance-registry.conf#同步數據庫,檢查數據庫
su -s /bin/sh -c "glance-manage db_sync" glance
mysql -h controller -u glance -pglance -e "use glance;show tables;"#啟動服務并設置開機自啟動
systemctl enable openstack-glance-api openstack-glance-registry
systemctl start openstack-glance-api openstack-glance-registry
netstat -antp|egrep '9292|9191' #檢測服務端口# #------------------#####################
#創建Nova數據庫、用戶、認證,前面已設置
source ./admin-openstack.sh# keystone上服務注冊 ,創建nova用戶、服務、API
# nova用戶前面已建
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
#創建placement用戶、服務、API
openstack user create --domain default --password=placement placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778mkdir -p $VHD
chown -R nova:nova $VHD
echo 'nova配置'
echo '#
[DEFAULT]
instances_path='$VHD'
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = '$MyIP'
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
osapi_compute_listen_port=8774[api_database]
connection = mysql+pymysql://nova:nova@controller/nova_api
[database]
connection = mysql+pymysql://nova:nova@controller/nova[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova[vnc]
enabled = true
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://'$VncProxy':6080/vnc_auto.html[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = placement[scheduler]
discover_hosts_in_cells_interval = 300[libvirt]
virt_type = '$Kvm'
#'>/etc/nova/nova.confecho "#Placement API
<Directory /usr/bin><IfVersion >= 2.4>Require all granted</IfVersion><IfVersion < 2.4>Order allow,denyAllow from all</IfVersion>
</Directory>
">>/etc/httpd/conf.d/00-nova-placement-api.conf
systemctl restart httpd
sleep 5#同步數據庫
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova#檢測數據
nova-manage cell_v2 list_cells
mysql -h controller -u nova -pnova -e "use nova_api;show tables;"
mysql -h controller -u nova -pnova -e "use nova;show tables;"
mysql -h controller -u nova -pnova -e "use nova_cell0;show tables;"
# #------------------#####################echo 'Neutron服務'
source ./admin-openstack.sh
# 創建Neutron服務實體,API端點
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696#Neutron 備份配置
cp /etc/neutron/neutron.conf{,.bak2}
cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
cp /etc/neutron/dhcp_agent.ini{,.bak}
cp /etc/neutron/metadata_agent.ini{,.bak}
cp /etc/neutron/l3_agent.ini{,.bak}#配置
echo '
#
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = metadata
#'>>/etc/nova/nova.conf
#
echo '
[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = metadata
#'>/etc/neutron/metadata_agent.ini
#
echo '#
[ml2]
tenant_network_types =
type_drivers = vlan,flat
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = True
#'>/etc/neutron/plugins/ml2/ml2_conf.ini
echo '#
[linux_bridge]
physical_interface_mappings = provider:'$Netname'
[vxlan]
enable_vxlan = false[agent]
prevent_arp_spoofing = True
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = True
#'>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
#
echo '#
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
#'>/etc/neutron/dhcp_agent.ini
#
echo '
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron[nova]
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = nova[database]
connection = mysql://neutron:neutron@controller:3306/neutron[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
#'>/etc/neutron/neutron.conf
#
echo '
[DEFAULT]
interface_driver = linuxbridge
#'>/etc/neutron/l3_agent.ini
#
#同步數據庫
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
#檢測數據
mysql -h controller -u neutron -pneutron -e "use neutron;show tables;" # #------------------#####################
#dashboardecho '配置openstack Web'
cp /etc/openstack-dashboard/local_settings{,.bak}
Setfiles=/etc/openstack-dashboard/local_settings
sed -i 's#_member_#user#g' $Setfiles
sed -i 's#OPENSTACK_HOST = "127.0.0.1"#OPENSTACK_HOST = "controller"#' $Setfiles
##允許所有主機訪問#
sed -i "/ALLOWED_HOSTS/cALLOWED_HOSTS = ['*', ]" $Setfiles
#去掉memcached注釋#
sed -in '153,158s/#//' $Setfiles
sed -in '160,164s/.*/#&/' $Setfiles
sed -i 's#UTC#Asia/Shanghai#g' $Setfiles
sed -i 's#%s:5000/v2.0#%s:5000/v3#' $Setfiles
sed -i '/ULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True' $Setfiles
sed -i "s@^#OPENSTACK_KEYSTONE_DEFAULT@OPENSTACK_KEYSTONE_DEFAULT@" $Setfiles
echo '
#set
OPENSTACK_API_VERSIONS = {"identity": 3,"image": 2,"volume": 2,
}
#'>>$Setfiles
systemctl restart httpd
sleep 5##########################################echo '啟動服務'
#Apache
systemctl enable httpd.service
#systemctl restart httpd haproxy
#netstat -antp|egrep 'httpd'#glance服務
systemctl enable openstack-glance-api openstack-glance-registry
systemctl restart openstack-glance-api openstack-glance-registry#nova服務systemctl enable openstack-nova-api.service \openstack-nova-consoleauth.service openstack-nova-scheduler.service \openstack-nova-conductor.service openstack-nova-novncproxy.service \libvirtd.service openstack-nova-compute.service
#啟動
systemctl start openstack-nova-api.service \openstack-nova-consoleauth.service openstack-nova-scheduler.service \openstack-nova-conductor.service openstack-nova-novncproxy.service \libvirtd.service openstack-nova-compute.service#neutron服務
systemctl enable neutron-server.service \neutron-linuxbridge-agent.service neutron-dhcp-agent.service \neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service \neutron-linuxbridge-agent.service neutron-dhcp-agent.service \neutron-metadata-agent.service neutron-l3-agent.service##########################################
#cheackecho "查看節點"
source ./admin-openstack.sh
openstack compute service list
openstack network agent list##########################################
#endecho '
安裝完畢!
數據庫root密碼 '$DBPass'登錄Web管理 http://'$MyIP'/dashboard
域 default
用戶 admin
密碼 admin
推薦 火狐瀏覽器
'
##########################################
# #使用
# yum install -y wget && wget -O pike.install.sh http://elven.vip/ks/openstack/pike.install.sh && sh pike.install.sh
?
轉載于:https://www.cnblogs.com/Dev0ps/p/7845010.html
總結
以上是生活随笔為你收集整理的openstack一键安装脚本(转载)的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 端口占用
- 下一篇: 以客户的名义,宏杉科技“存储七项式”律己