mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum makecache
yum install centos-release-openstack-victoria -y
yum config-manager --set-enabled powertools
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum upgrade -y
yum install chrony
sed -i '7s/^/pool ntp1.aliyun.com iburst/g' /etc/chrony.conf
echo "allow 192.168.0.0/16" >> /etc/chrony.conf
echo "local stratum 10" >> /etc/chrony.conf
systemctl enable chronyd.service
systemctl restart chronyd.service
chronyc sources
sed -i -e 's/#UseDNS yes/UseDNS no/g' -e 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
sed -i 's/SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
setenforce 0
systemctl stop firewalld
systemctl disable firewalld
yum remove -y firewalld
systemctl restart network
yum install python3-openstackclient openstack-selinux crudini expect -y
DB_PASS = 000000
RABBIT_USER = openstack
RABBIT_PASS = 000000
HOST_IP = 192.168 .116.200
HOST_NAME = controller
yum install mariadb mariadb-server python2-PyMySQL -y
sed -i "/^symbolic-links/a\default-storage-engine = innodb\n innodb_file_per_table\n collation-server = utf8_general_ci\n init-connect = 'SET NAMES utf8'\n character-set-server = utf8\n max_connections=10000" /etc/my.cnf
sed -i 's/plugin-load-add*/#plugin-load-add/g' /etc/my.cnf.d/auth_gssapi.cnf
crudini --set /usr/lib/systemd/system/mariadb.service Service LimitNOFILE 10000
crudini --set /usr/lib/systemd/system/mariadb.service Service LimitNPROC 10000
systemctl daemon-reload
systemctl enable mariadb.service
systemctl restart mariadb.service
expect -c "
spawn /usr/bin/mysql_secure_installation
expect \" Enter current password for root (enter for none):\"
send \" \r \"
expect \" Set root password?\"
send \" y\r \"
expect \" New password:\"
send \" $DB_PASS \r \"
expect \" Re-enter new password:\"
send \" $DB_PASS \r \"
expect \" Remove anonymous users?\"
send \" y\r \"
expect \" Disallow root login remotely?\"
send \" n\r \"
expect \" Remove test database and access to it?\"
send \" y\r \"
expect \" Reload privilege tables now?\"
send \" y\r \"
expect eof
"
yum install rabbitmq-server -y
systemctl start rabbitmq-server.service
systemctl enable rabbitmq-server.service
rabbitmqctl add_user $RABBIT_USER $RABBIT_PASS
rabbitmqctl set_permissions $RABBIT_USER
yum install memcached python3-memcached -y
sed -i -e 's/OPTIONS.*/OPTIONS="-l 127.0.0.1,::1,' $HOST_NAME '"/g' /etc/sysconfig/memcached
systemctl start memcached.service
systemctl enable memcached.service
yum install etcd -y
sed -i -e 's/#ETCD_LISTEN_PEER_URLS.*/ETCD_LISTEN_PEER_URLS="http:\/\/' $HOST_IP ':2380"/g' \
-e 's/^ETCD_LISTEN_CLIENT_URLS.*/ETCD_LISTEN_CLIENT_URLS="http:\/\/' $HOST_IP ':2379"/g' \
-e 's/^ETCD_NAME="default"/ETCD_NAME="' $HOST_NAME '"/g' \
-e 's/#ETCD_INITIAL_ADVERTISE_PEER_URLS.*/ETCD_INITIAL_ADVERTISE_PEER_URLS="http:\/\/' $HOST_IP ':2380"/g' \
-e 's/^ETCD_ADVERTISE_CLIENT_URLS.*/ETCD_ADVERTISE_CLIENT_URLS="http:\/\/' $HOST_IP ':2379"/g' \
-e 's/#ETCD_INITIAL_CLUSTER=.*/ETCD_INITIAL_CLUSTER="' $HOST_NAME '=http:\/\/' $HOST_IP ':2380"/g' \
-e 's/#ETCD_INITIAL_CLUSTER_TOKEN.*/ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"/g' \
-e 's/#ETCD_INITIAL_CLUSTER_STATE.*/ETCD_INITIAL_CLUSTER_STATE="new"/g' /etc/etcd/etcd.conf
systemctl start etcd
systemctl enable etcd
DB_PASS = 000000
KEYSTONE_DBPASS = 000000
ADMIN_PASS = 000000
HOST_NAME = controller
DEMO_PASS = 000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS keystone ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$KEYSTONE_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$KEYSTONE_DBPASS ' ;"
yum install openstack-keystone httpd python3-mod_wsgi -y
crudini --set /etc/keystone/keystone.conf database connection mysql+pymysql://keystone:$KEYSTONE_DBPASS @$HOST_NAME /keystone
crudini --set /etc/keystone/keystone.conf token provider fernet
su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password 000000 \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
sed -i "s/#ServerName www.example.com:80/ServerName $HOST_NAME /g" /etc/httpd/conf/httpd.conf
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
systemctl enable httpd.service
systemctl restart httpd.service
export OS_USERNAME = admin
export OS_PASSWORD = 000000
export OS_PROJECT_NAME = admin
export OS_USER_DOMAIN_NAME = Default
export OS_PROJECT_DOMAIN_NAME = Default
export OS_AUTH_URL = http://controller:5000/v3
export OS_IDENTITY_API_VERSION = 3
openstack domain create --description "An Example Domain" example
openstack project create --domain default --description "Service Project" service
openstack project create --domain default --description "Demo Project" myproject
openstack user create --domain default --password $KEYSTONE_DBPASS myuser
openstack role create myrole
openstack role add --project myproject --user myuser myrole
unset OS_AUTH_URL OS_PASSWORD
cat >> /root/admin-openrc.sh << EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
cat >> /root/demo-openrc.sh << EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=$DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF
source /root/admin-openrc.sh
openstack token issue
GLANCE_DBPASS = 000000
HOST_NAME = controller
DOMAIN_NAME = Default
GLANCE_PASS = 000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS glance ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$GLANCE_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$GLANCE_DBPASS ' ;"
source /root/admin-openrc.sh
openstack user create --domain default --password $GLANCE_DBPASS glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
yum install openstack-glance -y
crudini --set /etc/glance/glance-api.conf database connection mysql+pymysql://glance:$GLANCE_DBPASS @$HOST_NAME /glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://$HOST_NAME :5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_name service
crudini --set /etc/glance/glance-api.conf keystone_authtoken username glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken password $GLANCE_PASS
crudini --set /etc/glance/glance-api.conf paste_deploy flavor keystone
crudini --set /etc/glance/glance-api.conf glance_store stores file,http
crudini --set /etc/glance/glance-api.conf glance_store default_store file
crudini --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/
su -s /bin/sh -c "glance-manage db_sync" glance
systemctl enable openstack-glance-api.service
systemctl restart openstack-glance-api.service
wget https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
source /root/admin-openrc.sh
glance image-create --name "cirros" \
--file /root/cirros-0.5.2-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility= public
glance image-list
source /root/admin-openrc.sh
DB_PASS = 000000
NOVA_DBPASS = 000000
HOST_NAME = controller
HOST_IP = 192.168 .116.200
DOMAIN_NAME = Default
NOVA_PASS = 000000
PLACEMENT_PASS = 000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_api ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_cell0 ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS ' ;"
openstack user create --domain $DOMAIN_NAME --password $NOVA_PASS nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://$HOST_NAME :8774/v2.1
openstack endpoint create --region RegionOne compute internal http://$HOST_NAME :8774/v2.1
openstack endpoint create --region RegionOne compute admin http://$HOST_NAME :8774/v2.1
openstack user create --domain $DOMAIN_NAME --password $NOVA_PASS placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://$HOST_NAME :8778
openstack endpoint create --region RegionOne placement internal http://$HOST_NAME :8778
openstack endpoint create --region RegionOne placement admin http://$HOST_NAME :8778
yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler openstack-placement-api -y
crudini --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
crudini --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:$NOVA_DBPASS @$HOST_NAME
crudini --set /etc/nova/nova.conf DEFAULT my_ip $HOST_IP
crudini --set /etc/nova/nova.conf DEFAULT use_neutron True
crudini --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
crudini --set /etc/nova/nova.conf api auth_strategy keystone
crudini --set /etc/nova/nova.conf api_database connection mysql+pymysql://nova:$NOVA_DBPASS @$HOST_NAME /nova_api
crudini --set /etc/nova/nova.conf database connection mysql+pymysql://nova:$NOVA_DBPASS @$HOST_NAME /nova
crudini --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000/v3
crudini --set /etc/nova/nova.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/nova/nova.conf keystone_authtoken auth_type password
crudini --set /etc/nova/nova.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken username nova
crudini --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASS
crudini --set /etc/nova/nova.conf vnc enabled true
crudini --set /etc/nova/nova.conf vnc server_listen 0.0 .0.0
crudini --set /etc/nova/nova.conf vnc server_proxyclient_address $HOST_IP
crudini --set /etc/nova/nova.conf glance api_servers http://$HOST_NAME :9292
crudini --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
crudini --set /etc/nova/nova.conf placement os_region_name RegionOne
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement project_name service
crudini --set /etc/nova/nova.conf placement auth_type password
crudini --set /etc/nova/nova.conf placement user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement www_authenticate_uri http://$HOST_NAME :5000/v3
crudini --set /etc/nova/nova.conf placement username placement
crudini --set /etc/nova/nova.conf placement password $NOVA_PASS
echo " " >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "<Directory /usr/bin>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " <IfVersion >= 2.4>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " Require all granted" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " </IfVersion>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " <IfVersion < 2.4>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " Order allow,deny" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " Allow from all" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo " </IfVersion>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "</Directory>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
DB_PASS = 000000
PLACEMENT_DBPASS = 000000
PLACEMENT_PASS = 000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS placement;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PLACEMENT_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PLACEMENT_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "flush privileges;"
HOST_NAME = controller
DOMAIN_NAME = Default
PLACEMENT_DBPASS = 000000
crudini --set /etc/placement/placement.conf placement_database connection mysql+pymysql://placement:$PLACEMENT_DBPASS @$HOST_NAME /placement
crudini --set /etc/placement/placement.conf api auth_strategy keystone
crudini --set /etc/placement/placement.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000/v3
crudini --set /etc/placement/placement.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/placement/placement.conf keystone_authtoken auth_type password
crudini --set /etc/placement/placement.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/placement/placement.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/placement/placement.conf keystone_authtoken project_name service
crudini --set /etc/placement/placement.conf keystone_authtoken username placement
crudini --set /etc/placement/placement.conf keystone_authtoken password $PLACEMENT_PASS
su -s /bin/sh -c "placement-manage db sync" placement
systemctl restart httpd
pip3 install osc-placement
placement-status upgrade check
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
nova-manage cell_v2 list_cells
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
yum install openstack-nova-compute -y
RABBIT_PASS = 000000
NOVA_PASS = 000000
HOST_NAME = controller
my_ip = 192.168 .116.200
crudini --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
crudini --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS @$HOST_NAME :5672/
crudini --set /etc/nova/nova.conf DEFAULT my_ip $my_ip
crudini --set /etc/nova/nova.conf api auth_strategy keystone
crudini --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000/v3
crudini --set /etc/nova/nova.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/nova/nova.conf keystone_authtoken auth_type password
crudini --set /etc/nova/nova.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken username nova
crudini --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASS
crudini --set /etc/nova/nova.conf vnc enabled true
crudini --set /etc/nova/nova.conf vnc server_listen 0.0 .0.0
crudini --set /etc/nova/nova.conf vnc server_proxyclient_address $my_ip
crudini --set /etc/nova/nova.conf vnc novncproxy_base_url http://$my_ip :6080/vnc_auto.html
crudini --set /etc/nova/nova.conf glance api_servers http://$HOST_NAME :9292
crudini --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
crudini --set /etc/nova/nova.conf placement region_name RegionOne
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement project_name service
crudini --set /etc/nova/nova.conf placement auth_type password
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement www_authenticate_uri http://$HOST_NAME :5000/v3
crudini --set /etc/nova/nova.conf placement username placement
crudini --set /etc/nova/nova.conf placement password $PLACEMENT_PASS
crudini --set /etc/nova/nova.conf libvirt virt_type qemu
crudini --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval 300
systemctl enable libvirtd.service openstack-nova-compute.service
systemctl restart libvirtd.service openstack-nova-compute.service
openstack compute service list --service nova-compute
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
source /root/admin-openrc.sh
DB_PASS = 000000
NEUTRON_DBPASS = 000000
DOMAIN_NAME = Default
HOST_NAME = controller
INTERFACE_IP = 192.168 .116.200
INTERFACE_NAME = ens34
NEUTRON_PASS = 000000
Physical_NAME = provider
METADATA_SECRET = 000000
NEUTRON_DBPASS = 000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS neutron ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$NEUTRON_DBPASS ' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$NEUTRON_DBPASS ' ;"
openstack user create --domain $DOMAIN_NAME --password $NEUTRON_PASS neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://$HOST_NAME :9696
openstack endpoint create --region RegionOne network internal http://$HOST_NAME :9696
openstack endpoint create --region RegionOne network admin http://$HOST_NAME :9696
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
if [ [ ` ip a | grep -w $INTERFACE_IP | grep -w $INTERFACE_NAME` = '' ] ] ; then
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME << EOF
DEVICE=$INTERFACE_NAME
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
EOF
systemctl restart network
fi
crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins router
crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:$NEUTRON_DBPASS @$HOST_NAME
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:$NEUTRON_DBPASS @$HOST_NAME /neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://$HOST_NAME :5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password $NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf nova auth_url http://$HOST_NAME :5000
crudini --set /etc/neutron/neutron.conf nova auth_type password
crudini --set /etc/neutron/neutron.conf nova project_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova user_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova region_name RegionOne
crudini --set /etc/neutron/neutron.conf nova project_name service
crudini --set /etc/neutron/neutron.conf nova username nova
crudini --set /etc/neutron/neutron.conf nova password $NOVA_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks $Physical_NAME
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vlan network_vlan_ranges $Physical_NAME :1:1000
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1 :1000
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings $Physical_NAME : $INTERFACE_NAME
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip $INTERFACE_IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
crudini --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true
crudini --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host $HOST_NAME
crudini --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret $METADATA_SECRET
crudini --set /etc/nova/nova.conf neutron url http://$HOST_NAME :9696
crudini --set /etc/nova/nova.conf neutron auth_url http://$HOST_NAME :5000
crudini --set /etc/nova/nova.conf neutron auth_type password
crudini --set /etc/nova/nova.conf neutron project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name RegionOne
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password $NEUTRON_PASS
crudini --set /etc/nova/nova.conf neutron service_metadata_proxy true
crudini --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret $METADATA_SECRET
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack-nova-api.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
DB_PASS = 000000
NEUTRON_DBPASS = 000000
DOMAIN_NAME = Default
HOST_NAME = controller
INTERFACE_IP = 192.168 .116.200
INTERFACE_NAME = ens34
NEUTRON_PASS = 000000
Physical_NAME = provider
METADATA_SECRET = 000000
NEUTRON_DBPASS = 000000
yum install openstack-neutron-linuxbridge ebtables ipset net-tools -y
if [ [ ` ip a | grep -w $INTERFACE_IP | grep -w $INTERFACE_NAME` = '' ] ] ; then
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME << EOF
DEVICE=$INTERFACE_NAME
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
EOF
systemctl restart network
fi
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:$NEUTRON_DBPASS @$HOST_NAME
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://$HOST_NAME :5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME :5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers $HOST_NAME :11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password $NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:$INTERFACE_NAME
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip $INTERFACE_IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
crudini --set /etc/nova/nova.conf neutron url http://$HOST_NAME :9696
crudini --set /etc/nova/nova.conf neutron auth_url http://$HOST_NAME :5000
crudini --set /etc/nova/nova.conf neutron auth_type password
crudini --set /etc/nova/nova.conf neutron project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name RegionOne
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password $NEUTRON_PASS
systemctl restart openstack-nova-compute.service
systemctl start neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service
HOST_NAME = controller
yum install openstack-dashboard -y
sed -i "s/^ALLOWED_HOSTS.*/ALLOWED_HOSTS = ['*', 'two.example.com']/g" /etc/openstack-dashboard/local_settings
sed -i 's/^OPENSTACK_HOST.*/OPENSTACK_HOST = "' $HOST_NAME '"/g' /etc/openstack-dashboard/local_settings
sed -i 's/^OPENSTACK_KEYSTONE_URL .*/OPENSTACK_KEYSTONE_URL = "http:\/\/%s:5000\/v3" % OPENSTACK_HOST/g' /etc/openstack-dashboard/local_settings
echo "SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '$HOST_NAME :11211',
}
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = " Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = " user"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
" \ "identity"\" : 3,
" \ "image"\" : 2,
" \ "volume"\" : 2,
}" >> /etc/openstack-dashboard/local_settings
sed -i -e 'N;4aWSGIApplicationGroup %{GLOBAL}' /etc/httpd/conf.d/openstack-dashboard.conf
systemctl restart httpd
cd /usr/share/openstack-dashboard
python3 manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
sed -i "s/WSGIScriptAlias \//WSGIScriptAlias \/dashboard /g" /etc/httpd/conf.d/openstack-dashboard.conf
sed -i "s/Alias \/static/Alias \/dashboard\/static /g" /etc/httpd/conf.d/openstack-dashboard.conf
ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf
cd
sed -i "32c WEBROOT = '/dashboard' " /usr/share/openstack-dashboard/openstack_dashboard/defaults.py
sed -i "32c WEBROOT = '/dashboard'" /usr/share/openstack-dashboard/openstack_dashboard/test/settings.py
sed -i '1c var STATIC_URL="/dashboard/static/";var WEBROOT="/dashboard/";/*!' /usr/share/openstack-dashboard/static/dashboard/js/output.*.js
systemctl restart httpd.service memcached.service
cd
source /root/admin-openrc.sh
openstack flavor create --id 0 --vcpus 1 --ram 256 --disk 10 1U256M10G
openstack flavor create --id 2 --vcpus 1 --ram 1024 --disk 20 1U1G20G
openstack flavor create --id 3 --vcpus 1 --ram 2048 --disk 20 1U2G20G
openstack network create --share --external --provider-physical-network provider --provider-network-type flat providernet
openstack network list
openstack subnet create --network providernet --allocation-pool start = 192.168 .116.100,end= 192.168 .116.200 --dns-nameserver 114.114 .114.114 --gateway 192.168 .116.2 --subnet-range 192.168 .116.0/24 providernet-subnet1
openstack subnet list
openstack network list
openstack network create int-net
openstack subnet create --network int-net --dns-nameserver 114.114 .114.114 --gateway 10.0 .0.1 --subnet-range 10.0 .0.0/24 int-subnet1
openstack router create router
openstack router add subnet router int-subnet1
openstack router set router --external-gateway providernet
openstack port list --router router
-----------------------------------------------------------------------------
这里是在配置yum源遇到的问题
Configuration: OptionBinding with id "failovermethod" does not exist
Error: Failed to download metadata for repo 'appstream' : Cannot prepare internal mirrorlist: No URLs in mirrorlist
https://www.cnblogs.com/EthanWong/p/15932675.html
-----------------------------------------------------------------------------
这里是在配置yum install centos-release-openstack-victoria 之后 yum upgrade 遇到的问题
Error: Failed to download metadata for repo 'centos-ceph-nautilus' : Cannot prepare internal mirrorlist: No URLs in mirrorlist
https://stackoverflow.com/questions/70984003/centos-8-stream
-----------------------------------------------------------------------------
http://192.168.200.116/dashboard
Not Found
The requested URL was not found on this server.
https://blog.csdn.net/Dick633/article/details/108637185
https://blog.csdn.net/u011521019/article/details/51678270?spm= 1001.2014 .3001.5502
-----------------------------------------------------------------------------
2022 -04-11 05:13:46.500 189740 WARNING keystone.server.flask.application [ req-f9cc85e6-493f-42c2-8603-1e6ebb0bedd3 - - - - -] Authorization failed. The request you have made requires authentication. from 192.168 .116.200: keystone.exception.Unauthorized: The request you have made requires authentication.
https://blog.csdn.net/timego/article/details/111280313
https://blog.csdn.net/u013469753/article/details/116198460
-----------------------------------------------------------------------------
云主机控制台出现Guest has not initialized the display ( yet)
https://blog.csdn.net/str125757855/article/details/115015977
https://tieba.baidu.com/p/6082655208
https://blog.csdn.net/wylfengyujiancheng/article/details/54634628