主要有四个文件:
1)addcomputernode.sh,主要脚本。在centos7 hpdl580 测试过。
2)addcomputernode.conf,一些配置信息,每个节点不同,都要改。第一次不能只修改这个,下面conf也有要改的。
3)nova.conf,这个是yum安装就有的,但需要自己修改好ip、user、password等addcomputernode.conf,中不包含的配置项 ,这里可以先改好,和sh文件放同目录。然后sh脚本会复制过去。一个环境都一样的,只用改一次。
4)neutron.con,这个也是yum安装后有的,也是修改后。同3,一个环境都一样的,只用改一次。
# cat addcomputenode.sh
#!/bin/sh
conf=./addcomputenode.conf
allyes=$1
#set an option = value
function setOptionEqual(){
local file=$1
local name=$2
local value=$3
local spliter=$4
echo file=$file,name=$name,value=$value,spliter=$spliter.
[ -f $file ] || (echo new file and add.;echo "$name$splite=$splite$value" >> $file;return)
local r=`grep "^ *$name *=" $file`
if [ "$r" == "" ];then
r2=`grep "^ *# *$name *=" $file`
if [ "$r2" == "" ];then
echo add $name = $value to $file
echo "$name$spliter=$spliter$value" >> $file;
else
echo "modify # $name"
echo sed -i 's/^ *# *'$name' *=.*/'$name$spliter'='$spliter$value'/' $file
sed -i 's/^ *# *'$name' *=.*/'$name"$spliter"'='"$spliter"$value'/' $file
fi
else
echo modify $name
echo sed -i 's/'$name' *=.*/'$name$spliter'='$spliter$value'/' $file
sed -i 's/'$name' *=.*/'$name"$spliter"'='"$spliter"$value'/' $file
fi
}
function setOption(){
local file=$1
local name=$2
local value=$3
[ -f $file ] || (echo "$name $value" >> $file;return)
local r=`grep "^ *$name " $file`
if [ "$r" == "" ];then
r2=`grep "^ *# *$name" $file`
if [ "$r2" == "" ];then
echo add $name $value to $file
echo "$name $value" >> $file;
else
echo sed -i 's/^ *# *'$name' .*/'$name' '$value'/' $file
sed -i 's/^ *# *'$name' .*/'$name' '$value'/' $file
fi
else
echo sed -i 's/^ *'$name' .*/'$name' '$value'/' $file
sed -i 's/^ *'$name' .*/'$name' '$value'/' $file
fi
}
run(){
cmd="$*"
echo cmd=$cmd.
$cmd
#echo exec done.
if [ $? -eq 0 ];then
echo ok.cmd=$cmd
else
echo failed,cmd=$cmd
exit 1
fi
}
askyn(){
question=$1
yesdo=$2
nodo=$3
[ "$allyes" == "-y" ] && local answer="y" || local answer=""
while ( [ "$answer" != "y" ] && [ "$answer" != "n" ] && [ "$answer" != "s" ] );do
echo -n "$question (yes/no/skip)(y/n/s) "
read answer
done
echo answer=$answer.yesdo=$yesdo.nodo=$nodo.
if [ "$answer" == "y" ];then
[ "$yesdo" != "" ] && run $yesdo
elif [ "$answer" == "s" ];then
return 0
else
if [ "$nodo" == "" ] || [ "$nodo" == "exit" ]; then
exit
else
run $nodo
fi
fi
}
checklog(){
item=$1
r=eval echo '$'$item == 'ok'
if [ "$r" == "ok" ];then
return 0
else
return 1
fi
}
#step 0
#read config
cat $conf
askyn "is config right?"
if [ -f $conf ];then . $conf;fi
echo "-----"
#step 1,hostname
askyn "setting hostname=$NEW_HOSTNAME" "hostnamectl set-hostname $NEW_HOSTNAME" "exit"
cat /etc/hostname
echo "-----"
#step 2,interface name
askyn "confirm interface name is $IF_NAME?" "echo ok."
ip a
echo "-----"
#step 3,controller
askyn "confirm controller ip=$CONTROLLER_IP" "echo ok."
setOption /etc/hosts 192.168.36.114 controller || exit
cat /etc/hosts
echo "-----"
#step 4,update
run "yum update -y"
echo "-----"
#step 5,install
askyn "install some utils?" "yum install -y bridge-utils iputils lsof lvm2 chrony openssh-server sudo tcpdump python net-tools wget"
echo "-----"
#step 6,firewalld
systemctl stop firewalld.service;
systemctl disable firewalld.service;
systemctl status firewalld.service
echo "-----"
#step 7,selinux
setOptionEqual /etc/sysconfig/selinux SELINUX disabled " "|| exit
run "setenforce 0"
getenforce
echo "-----"
#step 8,bonding,8021q
#echo "setting openstack-ansible.conf"
#setOption /etc/modules-load.d/openstack-ansible.conf bonding
#setOption /etc/modules-load.d/openstack-ansible.conf 8021q
#cat /etc/modules-load.d/openstack-ansible.conf | egrep "(bonding|8021q)"
#echo "-----"
#step 9,chronyd.service
echo enable chronyd
systemctl enable chronyd.service && systemctl start chronyd.service && echo chronyd ok || (echo chronyd failed.;exit)
echo "-----"
#step 10,
askyn "yum centos-release-openstack-rocky?" "yum install -y centos-release-openstack-rocky"
echo "-----"
#step 11
askyn "yum install openstack-nova-compute?" "yum install -y openstack-nova-compute"
echo "-----"
#step 12 nova.conf
[ -f /etc/nova/nova.conf ] && mv /etc/nova/nova.conf /etc/nova/nova.conf.bak
cp ./nova.conf /etc/nova/nova.conf || exit
askyn "setting my_ip=$MY_IP"
setOptionEqual /etc/nova/nova.conf my_ip $MY_IP || exit
askyn "go on?" 'echo "-----"'
#step 13 kvm?
mod_kvm_conf=/etc/modprobe.d/kvm-nested.conf
([ -f $mod_kvm_conf ] && [ ! -f $mod_kvm_conf.bak ] ) && mv $mod_kvm_conf $mod_kvm_conf.bak || cat /dev/null > $mod_kvm_conf
isIntel=`cat /proc/cpuinfo | grep 'model name' |uniq|grep -i intel`
if [ "$VIRT_TYPE" == "kvm" ] && [ "$isIntel" != "" ];then
if [ "$isIntel" != "" ];then
setOptionEqual $mod_kvm_conf "options kvm-intel nested" 1 || exit
setOptionEqual $mod_kvm_conf "options kvm-intel enable_shadow_vmcs" 1 || exit
setOptionEqual $mod_kvm_conf "options kvm-intel enable_apicv" 1 || exit
setOptionEqual $mod_kvm_conf "options kvm-intel ept" 1 || exit
modprobe -r kvm-intel;
modprobe -a kvm-intel || exit
sleep 5
echo cat /sys/module/kvm_intel/parameters/nested
cat /sys/module/kvm_intel/parameters/nested
kvmintelnested=`cat /sys/module/kvm_intel/parameters/nested`
[ "$kvmintelnested" == "N" ] && exit
else
echo "This machine is not intel, You must setting kvm manually.or do not use kvm."
exit 1
fi
sed -i 's/#compute_driver/compute_driver/g' /etc/nova/nova.conf && setOptionEqual /etc/nova/nova.conf compute_driver libvirt.LibvirtDriver || exit
sed -i 's/#virt_type/virt_type/g' /etc/nova/nova.conf && setOptionEqual /etc/nova/nova.conf virt_type kvm || exit
cat /etc/nova/nova.conf
askyn "go on?" 'echo "-----"'
fi
#step 14 newtron agent
yum install -y openstack-neutron-linuxbridge ebtables ipset || exit
neutron_conf=/etc/neutron/neutron.conf
[ -f $neutron_conf ] && mv $neutron_conf $neutron_conf.bak
cp ./neutron.conf $neutron_conf || exit
neutron_agent_file=/etc/neutron/plugins/ml2/linuxbridge_agent.ini
setOptionEqual $neutron_agent_file physical_interface_mappings provider:$IF_NAME
setOptionEqual $neutron_agent_file enable_security_group true
setOptionEqual $neutron_agent_file firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
setOptionEqual $neutron_agent_file enable_vxlan true
setOptionEqual $neutron_agent_file local_ip $MY_IP
setOptionEqual $neutron_agent_file l2_population true
askyn "go on?" 'echo "-----"'
#step 15 modprobe br_netfilter
modprobe br_netfilter && sysctl -p || exit
sysctl net.bridge.bridge-nf-call-ip6tables
sysctl net.bridge.bridge-nf-call-iptables
askyn "go on?" 'echo "-----"'
#step 16 start service
systemctl restart openstack-nova-compute.service || exit
systemctl enable neutron-linuxbridge-agent.service || exit
systemctl start neutron-linuxbridge-agent.service || exit
systemctl status neutron-linuxbridge-agent.service || exit
echo check on contrller with "neutron agent-list"
askyn "go on?" 'echo "-----"'
#step 17
systemctl enable libvirtd.service openstack-nova-compute.service || exit
systemctl start libvirtd.service openstack-nova-compute.service || exit
echo "-----"
echo
echo "All done."
echo Check on dashboard website.
# cat nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:123456@controller
my_ip = 192.168.37.12
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
[barbican]
[cache]
[cells]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = 123456
[libvirt]
inject_password=True
[matchmaker_redis]
[metrics]
[mks]
[neutron]
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = 123456
[placement_database]
[powervm]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://controller:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
compute_driver = libvirt.LibvirtDriver
virt_type = kvm
# cat addcomputenode.conf
#none for no change,or set a new hostname
NEW_HOSTNAME=computer3711hpdl580
IF_NAME=enp4s0f0
CONTROLLER_IP=192.168.36.114
VIRT_TYPE=kvm
MY_IP=192.168.37.11
# cat neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:123456@controller
auth_strategy = keystone
[agent]
[cors]
[database]
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 123456
[matchmaker_redis]
[nova]
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl]