Openstack Victoria版本部署脚本

已于 2022-04-11 20:47:08 修改
阅读量556 收藏 1
点赞数 1
文章标签: 云计算
于 2022-04-11 12:29:35 首次发布
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_43663238/article/details/124096311
版权 
# 本机IP地址是属于192.168.116.200/24

# yum 

mv /etc/yum.repos.d/CentOS-Base.repo /etc/yum.repos.d/CentOS-Base.repo.backup
wget -O /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-vault-8.5.2111.repo


sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum makecache


# openstack yum
yum install centos-release-openstack-victoria -y
yum config-manager --set-enabled powertools
sed -i 's/mirrorlist/#mirrorlist/g' /etc/yum.repos.d/CentOS-*
 sed -i 's|#baseurl=http://mirror.centos.org|baseurl=http://vault.centos.org|g' /etc/yum.repos.d/CentOS-*
yum upgrade -y


#  chrony
yum install chrony
sed -i '7s/^/pool ntp1.aliyun.com iburst/g' /etc/chrony.conf
echo "allow 192.168.0.0/16" >> /etc/chrony.conf
echo "local stratum 10" >> /etc/chrony.conf
systemctl enable chronyd.service
systemctl restart chronyd.service
chronyc sources

# sshd/firewalld/selinux/NetworkManager
sed -i -e 's/#UseDNS yes/UseDNS no/g' -e 's/GSSAPIAuthentication yes/GSSAPIAuthentication no/g' /etc/ssh/sshd_config
#selinux
sed -i 's/SELINUX=.*/SELINUX=permissive/g' /etc/selinux/config
setenforce 0

systemctl stop firewalld
systemctl disable firewalld 

#systemctl stop NetworkManager 
#systemctl disable NetworkManager 
yum remove -y  firewalld
systemctl restart network

# install package
yum install python3-openstackclient openstack-selinux  crudini expect  -y 


# SQL
DB_PASS=000000
RABBIT_USER=openstack
RABBIT_PASS=000000
HOST_IP=192.168.116.200
HOST_NAME=controller

yum install mariadb mariadb-server python2-PyMySQL -y
sed -i  "/^symbolic-links/a\default-storage-engine = innodb\ninnodb_file_per_table\ncollation-server = utf8_general_ci\ninit-connect = 'SET NAMES utf8'\ncharacter-set-server = utf8\nmax_connections=10000" /etc/my.cnf

sed -i 's/plugin-load-add*/#plugin-load-add/g' /etc/my.cnf.d/auth_gssapi.cnf
crudini --set /usr/lib/systemd/system/mariadb.service Service LimitNOFILE 10000
crudini --set /usr/lib/systemd/system/mariadb.service Service LimitNPROC 10000
systemctl daemon-reload
systemctl enable mariadb.service
systemctl restart mariadb.service

expect -c "
spawn /usr/bin/mysql_secure_installation
expect \"Enter current password for root (enter for none):\"
send \"\r\"
expect \"Set root password?\"
send \"y\r\"
expect \"New password:\"
send \"$DB_PASS\r\"
expect \"Re-enter new password:\"
send \"$DB_PASS\r\"
expect \"Remove anonymous users?\"
send \"y\r\"
expect \"Disallow root login remotely?\"
send \"n\r\"
expect \"Remove test database and access to it?\"
send \"y\r\"
expect \"Reload privilege tables now?\"
send \"y\r\"
expect eof
"

# RabbitMQ
yum install rabbitmq-server -y
systemctl start rabbitmq-server.service
systemctl enable rabbitmq-server.service

rabbitmqctl add_user $RABBIT_USER $RABBIT_PASS
rabbitmqctl set_permissions $RABBIT_USER 

# Memcache
yum install memcached python3-memcached -y
sed -i  -e 's/OPTIONS.*/OPTIONS="-l 127.0.0.1,::1,'$HOST_NAME'"/g' /etc/sysconfig/memcached

systemctl start memcached.service
systemctl enable memcached.service


# ETCD
yum install etcd -y
sed -i -e 's/#ETCD_LISTEN_PEER_URLS.*/ETCD_LISTEN_PEER_URLS="http:\/\/'$HOST_IP':2380"/g' \
-e 's/^ETCD_LISTEN_CLIENT_URLS.*/ETCD_LISTEN_CLIENT_URLS="http:\/\/'$HOST_IP':2379"/g' \
-e 's/^ETCD_NAME="default"/ETCD_NAME="'$HOST_NAME'"/g' \
-e 's/#ETCD_INITIAL_ADVERTISE_PEER_URLS.*/ETCD_INITIAL_ADVERTISE_PEER_URLS="http:\/\/'$HOST_IP':2380"/g' \
-e 's/^ETCD_ADVERTISE_CLIENT_URLS.*/ETCD_ADVERTISE_CLIENT_URLS="http:\/\/'$HOST_IP':2379"/g' \
-e 's/#ETCD_INITIAL_CLUSTER=.*/ETCD_INITIAL_CLUSTER="'$HOST_NAME'=http:\/\/'$HOST_IP':2380"/g' \
-e 's/#ETCD_INITIAL_CLUSTER_TOKEN.*/ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"/g' \
-e 's/#ETCD_INITIAL_CLUSTER_STATE.*/ETCD_INITIAL_CLUSTER_STATE="new"/g' /etc/etcd/etcd.conf
systemctl start etcd
systemctl enable etcd

#keystone mysql
DB_PASS=000000
KEYSTONE_DBPASS=000000
ADMIN_PASS=000000
HOST_NAME=controller
DEMO_PASS=000000

mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS keystone ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$KEYSTONE_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$KEYSTONE_DBPASS' ;"

yum install openstack-keystone httpd python3-mod_wsgi -y

#/etc/keystone/keystone.conf
crudini --set /etc/keystone/keystone.conf database connection  mysql+pymysql://keystone:$KEYSTONE_DBPASS@$HOST_NAME/keystone
crudini --set /etc/keystone/keystone.conf token provider  fernet

su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone

keystone-manage bootstrap --bootstrap-password 000000 \
  --bootstrap-admin-url http://controller:5000/v3/ \
  --bootstrap-internal-url http://controller:5000/v3/ \
  --bootstrap-public-url http://controller:5000/v3/ \
  --bootstrap-region-id RegionOne

sed -i "s/#ServerName www.example.com:80/ServerName $HOST_NAME/g" /etc/httpd/conf/httpd.conf
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/


systemctl enable httpd.service
systemctl restart httpd.service

export OS_USERNAME=admin
export OS_PASSWORD=000000
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3


openstack domain create --description "An Example Domain" example
openstack project create --domain default  --description "Service Project" service
openstack project create --domain default  --description "Demo Project" myproject
openstack user create --domain default  --password $KEYSTONE_DBPASS myuser
openstack role create myrole
openstack role add --project myproject --user myuser myrole

unset OS_AUTH_URL OS_PASSWORD

cat >> /root/admin-openrc.sh <<EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF


cat >> /root/demo-openrc.sh <<EOF
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=myproject
export OS_USERNAME=myuser
export OS_PASSWORD=$DEMO_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
EOF

source /root/admin-openrc.sh
openstack token issue


# glance
GLANCE_DBPASS=000000
HOST_NAME=controller
DOMAIN_NAME=Default
GLANCE_PASS=000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS glance ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$GLANCE_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$GLANCE_DBPASS' ;"

source /root/admin-openrc.sh
openstack user create --domain default --password $GLANCE_DBPASS glance
openstack role add --project service --user glance admin

openstack service create --name glance  --description "OpenStack Image" image
openstack endpoint create --region RegionOne  image public http://controller:9292
openstack endpoint create --region RegionOne  image internal http://controller:9292
openstack endpoint create --region RegionOne  image admin http://controller:9292 
yum install openstack-glance -y


crudini --set /etc/glance/glance-api.conf database connection  mysql+pymysql://glance:$GLANCE_DBPASS@$HOST_NAME/glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken www_authenticate_uri   http://$HOST_NAME:5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://$HOST_NAME:5000
crudini --set /etc/glance/glance-api.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/glance/glance-api.conf keystone_authtoken auth_type password
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/glance/glance-api.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/glance/glance-api.conf keystone_authtoken project_name service
crudini --set /etc/glance/glance-api.conf keystone_authtoken username glance
crudini --set /etc/glance/glance-api.conf keystone_authtoken password $GLANCE_PASS
crudini --set /etc/glance/glance-api.conf paste_deploy flavor keystone

crudini --set /etc/glance/glance-api.conf glance_store stores file,http
crudini --set /etc/glance/glance-api.conf glance_store default_store  file
crudini --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /var/lib/glance/images/

su -s /bin/sh -c "glance-manage db_sync" glance
systemctl enable openstack-glance-api.service
systemctl restart openstack-glance-api.service

wget https://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
source /root/admin-openrc.sh
glance image-create --name "cirros" \
  --file /root/cirros-0.5.2-x86_64-disk.img \
  --disk-format qcow2 --container-format bare \
  --visibility=public

glance image-list


## nova 控制节点安装
source /root/admin-openrc.sh
DB_PASS=000000
NOVA_DBPASS=000000
HOST_NAME=controller
HOST_IP=192.168.116.200
DOMAIN_NAME=Default
NOVA_PASS=000000
PLACEMENT_PASS=000000


#mysql nova mysql
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_api ;"
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS nova_cell0 ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS' ;"

#nova user role service endpoint
openstack user create --domain $DOMAIN_NAME --password $NOVA_PASS nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://$HOST_NAME:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://$HOST_NAME:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://$HOST_NAME:8774/v2.1
openstack user create --domain $DOMAIN_NAME --password $NOVA_PASS placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://$HOST_NAME:8778
openstack endpoint create --region RegionOne placement internal http://$HOST_NAME:8778
openstack endpoint create --region RegionOne placement admin http://$HOST_NAME:8778

#nova install

yum install openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler openstack-placement-api -y


#/etc/nova/nova.conf
crudini --set /etc/nova/nova.conf DEFAULT enabled_apis  osapi_compute,metadata
crudini --set /etc/nova/nova.conf DEFAULT transport_url rabbit://openstack:$NOVA_DBPASS@$HOST_NAME
crudini --set /etc/nova/nova.conf DEFAULT my_ip $HOST_IP
crudini --set /etc/nova/nova.conf DEFAULT use_neutron  True
crudini --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver

crudini --set /etc/nova/nova.conf api auth_strategy keystone

crudini --set /etc/nova/nova.conf api_database connection  mysql+pymysql://nova:$NOVA_DBPASS@$HOST_NAME/nova_api

crudini --set /etc/nova/nova.conf database connection  mysql+pymysql://nova:$NOVA_DBPASS@$HOST_NAME/nova

crudini --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri  http://$HOST_NAME:5000/v3
crudini --set /etc/nova/nova.conf keystone_authtoken memcached_servers $HOST_NAME:11211
crudini --set /etc/nova/nova.conf keystone_authtoken auth_type password
crudini --set /etc/nova/nova.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken username nova
crudini --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASS

crudini --set /etc/nova/nova.conf vnc enabled true
crudini --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
crudini --set /etc/nova/nova.conf vnc server_proxyclient_address $HOST_IP

crudini --set /etc/nova/nova.conf glance api_servers http://$HOST_NAME:9292

crudini --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

crudini --set /etc/nova/nova.conf placement os_region_name RegionOne
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement project_name service
crudini --set /etc/nova/nova.conf placement auth_type password
crudini --set /etc/nova/nova.conf placement user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement www_authenticate_uri http://$HOST_NAME:5000/v3
crudini --set /etc/nova/nova.conf placement username placement
crudini --set /etc/nova/nova.conf placement password $NOVA_PASS

#/etc/httpd/conf.d/00-nova-placement-api.conf
echo " " >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "<Directory /usr/bin>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "	<IfVersion >= 2.4>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "		Require all granted" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "	</IfVersion>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "	<IfVersion < 2.4>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "		Order allow,deny" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "		Allow from all" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "	</IfVersion>" >> /etc/httpd/conf.d/00-nova-placement-api.conf
echo "</Directory>" >> /etc/httpd/conf.d/00-nova-placement-api.conf

#httpd restart
DB_PASS=000000
PLACEMENT_DBPASS=000000
PLACEMENT_PASS=000000
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS placement;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PLACEMENT_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PLACEMENT_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "flush privileges;"

HOST_NAME=controller
DOMAIN_NAME=Default
PLACEMENT_DBPASS=000000
crudini --set /etc/placement/placement.conf placement_database connection  mysql+pymysql://placement:$PLACEMENT_DBPASS@$HOST_NAME/placement
crudini --set /etc/placement/placement.conf api auth_strategy  keystone
crudini --set /etc/placement/placement.conf keystone_authtoken www_authenticate_uri http://$HOST_NAME:5000/v3
crudini --set /etc/placement/placement.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/placement/placement.conf keystone_authtoken auth_type password
crudini --set /etc/placement/placement.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/placement/placement.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/placement/placement.conf keystone_authtoken project_name service
crudini --set /etc/placement/placement.conf keystone_authtoken username placement
crudini --set /etc/placement/placement.conf keystone_authtoken password $PLACEMENT_PASS
su -s /bin/sh -c "placement-manage db sync" placement

systemctl restart httpd

pip3 install osc-placement
placement-status upgrade check

#su nova mysql
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
 
nova-manage cell_v2 list_cells
 
#nova start service 
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl enable openstack-nova-api.service  openstack-nova-scheduler.service  openstack-nova-conductor.service  openstack-nova-novncproxy.service


# 计算节点安装
yum install openstack-nova-compute -y
RABBIT_PASS=000000
NOVA_PASS=000000
HOST_NAME=controller
my_ip=192.168.116.200

crudini --set /etc/nova/nova.conf DEFAULT enabled_apis osapi_compute,metadata
crudini --set /etc/nova/nova.conf DEFAULT transport_url  rabbit://openstack:$RABBIT_PASS@$HOST_NAME:5672/
crudini --set /etc/nova/nova.conf DEFAULT my_ip $my_ip

crudini --set /etc/nova/nova.conf api auth_strategy keystone 

crudini --set /etc/nova/nova.conf keystone_authtoken www_authenticate_uri  http://$HOST_NAME:5000/v3
#crudini --set /etc/nova/nova.conf keystone_authtoken auth_url http://$HOST_NAME:5000/
crudini --set /etc/nova/nova.conf keystone_authtoken memcached_servers $HOST_NAME:11211
crudini --set /etc/nova/nova.conf keystone_authtoken auth_type password
crudini --set /etc/nova/nova.conf keystone_authtoken project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken user_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf keystone_authtoken project_name service
crudini --set /etc/nova/nova.conf keystone_authtoken username nova
crudini --set /etc/nova/nova.conf keystone_authtoken password $NOVA_PASS

crudini --set /etc/nova/nova.conf vnc enabled true
crudini --set /etc/nova/nova.conf vnc server_listen 0.0.0.0
crudini --set /etc/nova/nova.conf vnc server_proxyclient_address $my_ip
# 与控制节点的区别
crudini --set /etc/nova/nova.conf vnc novncproxy_base_url  http://$my_ip:6080/vnc_auto.html



crudini --set /etc/nova/nova.conf glance api_servers  http://$HOST_NAME:9292
crudini --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp

crudini --set /etc/nova/nova.conf placement region_name   RegionOne
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement project_name  service
crudini --set /etc/nova/nova.conf placement auth_type password
crudini --set /etc/nova/nova.conf placement project_domain_name $DOMAIN_NAME
crudini --set /etc/nova/nova.conf placement www_authenticate_uri  http://$HOST_NAME:5000/v3
crudini --set /etc/nova/nova.conf placement username placement
crudini --set /etc/nova/nova.conf placement password $PLACEMENT_PASS

# 与控制节点的区别
crudini --set /etc/nova/nova.conf libvirt virt_type qemu
crudini --set /etc/nova/nova.conf scheduler discover_hosts_in_cells_interval  300

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl restart libvirtd.service openstack-nova-compute.service

openstack compute service list --service nova-compute
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova


# neutron
source /root/admin-openrc.sh
DB_PASS=000000
NEUTRON_DBPASS=000000
DOMAIN_NAME=Default
HOST_NAME=controller
INTERFACE_IP=192.168.116.200
INTERFACE_NAME=ens34
NEUTRON_PASS=000000
Physical_NAME=provider
METADATA_SECRET=000000
NEUTRON_DBPASS=000000


#neutron mysql
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS neutron ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$NEUTRON_DBPASS' ;"
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$NEUTRON_DBPASS' ;"

#neutron  user role service endpoint 
openstack user create --domain $DOMAIN_NAME --password $NEUTRON_PASS neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://$HOST_NAME:9696
openstack endpoint create --region RegionOne  network internal http://$HOST_NAME:9696
openstack endpoint create --region RegionOne  network admin http://$HOST_NAME:9696

#neutron install
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

if [[ `ip a |grep -w $INTERFACE_IP |grep -w $INTERFACE_NAME` = '' ]];then 
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME <<EOF
DEVICE=$INTERFACE_NAME
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
EOF
systemctl restart network
fi

#/etc/neutron/neutron.conf
crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin  ml2
crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins  router
crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips  true
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:$NEUTRON_DBPASS@$HOST_NAME
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes  true
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes  true

crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:$NEUTRON_DBPASS@$HOST_NAME/neutron

crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name  service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username  neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password  $NEUTRON_PASS

crudini --set /etc/neutron/neutron.conf nova auth_url  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf nova auth_type  password
crudini --set /etc/neutron/neutron.conf nova project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova region_name  RegionOne
crudini --set /etc/neutron/neutron.conf nova project_name  service
crudini --set /etc/neutron/neutron.conf nova username  nova
crudini --set /etc/neutron/neutron.conf nova password  $NOVA_PASS

crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

#/etc/neutron/plugins/ml2/ml2_conf.ini
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers  flat,vlan,vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types  vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers  linuxbridge,l2population
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers  port_security

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks  $Physical_NAME

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vlan network_vlan_ranges $Physical_NAME:1:1000

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges  1:1000

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  true

#/etc/neutron/plugins/ml2/linuxbridge_agent.ini
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  $Physical_NAME:$INTERFACE_NAME

crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip  $INTERFACE_IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population  true

crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

#/etc/neutron/l3_agent.ini
crudini --set /etc/neutron/l3_agent.ini DEFAULT interface_driver  linuxbridge

#/etc/neutron/dhcp_agent.ini
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver  linuxbridge
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver  neutron.agent.linux.dhcp.Dnsmasq
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata  true

#/etc/neutron/metadata_agent.ini
crudini --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host  $HOST_NAME
crudini --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret  $METADATA_SECRET

#/etc/nova/nova.conf
crudini --set /etc/nova/nova.conf neutron url  http://$HOST_NAME:9696
crudini --set /etc/nova/nova.conf neutron auth_url  http://$HOST_NAME:5000
crudini --set /etc/nova/nova.conf neutron auth_type  password
crudini --set /etc/nova/nova.conf neutron project_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name  RegionOne
crudini --set /etc/nova/nova.conf neutron project_name  service
crudini --set /etc/nova/nova.conf neutron username  neutron
crudini --set /etc/nova/nova.conf neutron password  $NEUTRON_PASS
crudini --set /etc/nova/nova.conf neutron service_metadata_proxy  true
crudini --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret  $METADATA_SECRET

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

# 计算节点compute
DB_PASS=000000
NEUTRON_DBPASS=000000
DOMAIN_NAME=Default
HOST_NAME=controller
INTERFACE_IP=192.168.116.200
INTERFACE_NAME=ens34
NEUTRON_PASS=000000
Physical_NAME=provider
METADATA_SECRET=000000
NEUTRON_DBPASS=000000

yum install openstack-neutron-linuxbridge ebtables ipset net-tools -y

if [[ `ip a |grep -w $INTERFACE_IP |grep -w $INTERFACE_NAME` = '' ]];then 
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME <<EOF
DEVICE=$INTERFACE_NAME
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
EOF
systemctl restart network
fi

#/etc/neutron/neutron.conf
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:$NEUTRON_DBPASS@$HOST_NAME
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name  service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username  neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password  $NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

#/etc/neutron/plugins/ml2/linuxbridge_agent.ini
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:$INTERFACE_NAME
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip $INTERFACE_IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

#/etc/nova/nova.conf
crudini --set /etc/nova/nova.conf neutron url  http://$HOST_NAME:9696
crudini --set /etc/nova/nova.conf neutron auth_url  http://$HOST_NAME:5000
crudini --set /etc/nova/nova.conf neutron auth_type  password
crudini --set /etc/nova/nova.conf neutron project_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name  RegionOne
crudini --set /etc/nova/nova.conf neutron project_name  service
crudini --set /etc/nova/nova.conf neutron username  neutron
crudini --set /etc/nova/nova.conf neutron password  $NEUTRON_PASS

systemctl restart openstack-nova-compute.service
systemctl start neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service

#  openstack-dashboard
HOST_NAME=controller

#dashboard install
yum install openstack-dashboard -y 

#/etc/openstack-dashboard/local_settings

sed -i  "s/^ALLOWED_HOSTS.*/ALLOWED_HOSTS = ['*', 'two.example.com']/g" /etc/openstack-dashboard/local_settings 
sed -i  's/^OPENSTACK_HOST.*/OPENSTACK_HOST = "'$HOST_NAME'"/g' /etc/openstack-dashboard/local_settings 
sed -i  's/^OPENSTACK_KEYSTONE_URL .*/OPENSTACK_KEYSTONE_URL = "http:\/\/%s:5000\/v3" % OPENSTACK_HOST/g'  /etc/openstack-dashboard/local_settings 
echo "SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
    'default': {
         'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
         'LOCATION': '$HOST_NAME:11211',
    }
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
    "\"identity"\": 3,
    "\"image"\": 2,
    "\"volume"\": 2,
}" >> /etc/openstack-dashboard/local_settings

#/etc/httpd/conf.d/openstack-dashboard.conf
sed -i -e 'N;4aWSGIApplicationGroup %{GLOBAL}' /etc/httpd/conf.d/openstack-dashboard.conf

systemctl restart httpd

cd /usr/share/openstack-dashboard
python3 manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf

sed -i  "s/WSGIScriptAlias \//WSGIScriptAlias \/dashboard /g" /etc/httpd/conf.d/openstack-dashboard.conf
sed -i "s/Alias \/static/Alias \/dashboard\/static /g" /etc/httpd/conf.d/openstack-dashboard.conf


ln -s /etc/openstack-dashboard /usr/share/openstack-dashboard/openstack_dashboard/conf

cd

sed -i "32c WEBROOT = '/dashboard' " /usr/share/openstack-dashboard/openstack_dashboard/defaults.py

sed -i "32c WEBROOT = '/dashboard'" /usr/share/openstack-dashboard/openstack_dashboard/test/settings.py

sed -i '1c var STATIC_URL="/dashboard/static/";var WEBROOT="/dashboard/";/*!' /usr/share/openstack-dashboard/static/dashboard/js/output.*.js



systemctl restart httpd.service memcached.service

cd

source /root/admin-openrc.sh 
openstack flavor create --id 0 --vcpus 1 --ram 256 --disk 10 1U256M10G
openstack flavor create --id 2 --vcpus 1 --ram 1024 --disk 20 1U1G20G
openstack flavor create --id 3 --vcpus 1 --ram 2048 --disk 20 1U2G20G

openstack network create --share --external --provider-physical-network provider --provider-network-type flat providernet
openstack network list
openstack subnet create --network providernet   --allocation-pool start=192.168.116.100,end=192.168.116.200  --dns-nameserver 114.114.114.114  --gateway 192.168.116.2   --subnet-range 192.168.116.0/24 providernet-subnet1
openstack subnet list
openstack network list



openstack network create int-net
openstack subnet create --network int-net   --dns-nameserver 114.114.114.114  --gateway 10.0.0.1   --subnet-range 10.0.0.0/24 int-subnet1 
openstack router create router
openstack router add subnet router int-subnet1
openstack router set router --external-gateway providernet
openstack port list --router router





#参考链接
-----------------------------------------------------------------------------
这里是在配置yum源遇到的问题
Configuration: OptionBinding with id "failovermethod" does not exist

Error: Failed to download metadata for repo 'appstream': Cannot prepare internal mirrorlist: No URLs in mirrorlist

https://www.cnblogs.com/EthanWong/p/15932675.html#
-----------------------------------------------------------------------------
这里是在配置yum install centos-release-openstack-victoria 之后 yum upgrade 遇到的问题
Error: Failed to download metadata for repo 'centos-ceph-nautilus': Cannot prepare internal mirrorlist: No URLs in mirrorlist

https://stackoverflow.com/questions/70984003/centos-8-stream
-----------------------------------------------------------------------------
http://192.168.200.116/dashboard
Not Found
The requested URL was not found on this server.

https://blog.csdn.net/Dick633/article/details/108637185
https://blog.csdn.net/u011521019/article/details/51678270?spm=1001.2014.3001.5502

-----------------------------------------------------------------------------
#创建虚拟机失败
2022-04-11 05:13:46.500 189740 WARNING keystone.server.flask.application [req-f9cc85e6-493f-42c2-8603-1e6ebb0bedd3 - - - - -] Authorization failed. The request you have made requires authentication. from 192.168.116.200: keystone.exception.Unauthorized: The request you have made requires authentication.

https://blog.csdn.net/timego/article/details/111280313
https://blog.csdn.net/u013469753/article/details/116198460



-----------------------------------------------------------------------------
云主机控制台出现Guest has not initialized the display (yet)
https://blog.csdn.net/str125757855/article/details/115015977
https://tieba.baidu.com/p/6082655208
https://blog.csdn.net/wylfengyujiancheng/article/details/54634628
啊酒弟弟
关注
  • 1
    点赞
  • 1
    收藏
    觉得还不错? 一键收藏
  • 打赏
    打赏
  • 0
    评论
专栏目录
OpenStack Victoria版安装部署实例教程
03-07
本文档详细介绍了openstack Victoria版安装部署过程,包括网络环境设置、控制节点、计算节点、存储节点配置方法,Keystone、Glance、Placement、Nova、Neutron、Horizon、Cinder等组件配置方法及常见问题处理。
Centos 8安装部署openstack Victoria
小白典的博客
02-28 7882
文章目录OpenStack基础介绍硬件最低要求安装环境一、基础服务安装1、基本配置2、基础服务3、SQL数据库4、消息队列5、Memcached缓存6、Etcd集群二、KeyStone服务安装1、创库授权2、安装KeyStone相关软件包3、配置Apache HTTP服务4、创建域,项目,用户和角色三、Glance服务安装1、创库授权2、创建glance用户并关联角色3、创建glance服务并注册API4、安装并配置glance四、Placement服务安装1、创库授权2、配置用户和Endpoint3、创建
Centos 8中使用Packstack(RDO)快速安装openstack Victoria
小白典的博客
02-27 2872
OpenStack介绍 openstack详细介绍及常用命令请查看此文 通过Packstack(RDO)部署OpenStack,官方文档点击此处查看 安装环境 工具:VMware Workstation 16 Pro 操作系统:CentOS 8.3 虚拟机配置 内存 8G 处理器 6C 磁盘 120G 虚拟化引擎 以上配置非最低要求,可根据实际情况尝试安装 基础配置 配置环境 编辑vim /etc/environment文件,添加以下内容 LANG=en_US.ut
使用RDO Packstack在CentOS 8上安装版本Victoriaopenstack
宝耶需努力的技术分享博客
12-07 3191
使用RDO Packstack在CentOS 8上安装OpenStack Victoria 安装操作步骤步骤1:修改主机名并更新域名解析文件步骤2:禁用NetworkManager并使用network-scripts配置网络步骤3:启用OpenStack repositories并安装packstack工具步骤4:生成答案文件并使用packstack安装openstack 步骤1:修改主机名并更新域名解析文件 Last login: Wed Nov 11 13:46:10 2020 [root@localh
OpenStack Victoria搭建(一)简介
qq_40277608的博客
06-21 988
openstack
openstack自动化部署脚本T版本centos7官方镜像
01-15
openstack自动化部署脚本T版本centos7官方镜像
openstack自动化搭建脚本
07-20
openstack自动化搭建脚本openstack私有云平台部署。 这次是基于devstack进⾏⾃动化部署,后续会通过解析这个部署脚本代码的形式,学习openstack部署,同时⼀步步阅读 openstack其他服务的码,⽐如keystone...
openstack:部署OpenStack脚本
05-07
这些脚本旨在在Ubuntu 14.04上部署Kilo OpenStack。 它们用于OpenStack的初始安装。 它们不涉及网络,项目,用户,扫视图像等的创建。这将在以后的“操作方法”部分中介绍。 这些脚本受创建的Folsom和Grizzly文档的...
openstack-victoria-手动部署基础版
cyx199602的博客
05-04 1442
环境准备 网卡配置(全部) vi /etc/sysconfig/network-scripts/ifcfg-ens33 TYPE=Ethernet PROXY_METHOD=none BROWSER_ONLY=no BOOTPROTO=none DEFROUTE=yes IPV4_FAILURE_FATAL=no IPV6INIT=yes IPV6_AUTOCONF=yes IPV6_DEFROUTE=yes IPV6_FAILURE_FATAL=no NAME=ens33 DEVICE=ens33 ON
OpenStack Victoria版——8.控制节点-Horizon服务组件
北观止的博客
05-02 1501
8.控制节点-Horizon服务组件 文章目录一、服务说明二、安装与配置dashboard相关软件1.安装软件包2.配置文件修改3.重建apache的dashboard配置文件4.重启Web服务器和会话存储服务5.访问Dashboard 一、服务说明 OpenStack仪表板Dashboard服务的项目名称是Horizon,它所需的唯一服务是身份服务keystone,开发语言是python的web框架Django。 从Stein版本开始,Horizon支持以下服务: cinder:块状存储 glance
centos下最简安装openstack——使用packstack详解
09-30
本篇文章主要介绍了centos下最简安装openstack——使用packstack,具有一定的参考价值,有兴趣的可以了解一下。
OpenStack Victoria搭建(八)安装和配置 Nova 服务
qq_40277608的博客
07-02 1228
openstack,nova
OpenStack Victoria版安装部署系列教程
北观止的博客
05-22 4753
OpenStack Victoria版安装部署系列教程
手动搭建openstack云平台-Linux
qq_63086586的博客
03-19 1395
准备2台VMware虚拟机,手动最小化安装2台CentOS 7.2系统,作为OpenStack节点,第一张网卡为仅主机模式,第二张网卡为NAT模式,以及配置CPU虚拟化,计算节点至少使用4 GB内存,硬盘不小于50GB。上传XianDian-IaaS-v2.2.iso和CentOS-7-x86_64-DVD-1511.iso两个镜像包至controller节点/root目录中,并将ISO文件挂载至/opt/目录中。将controller节点的openrc.sh传输至compute节点所放目录下。
openstack基础平台部署
不知道
02-01 3335
openstack基础平台部署
云计算平台运维与开发-第五章私有云技术(wlw)
qq_68495605的博客
04-03 920
使用脚本部署OpenStack平台—虚拟机安装教程
OpenStack Victoria搭建(五) Keystone认证服务
qq_40277608的博客
07-01 1160
OpenStack环境搭建,keystone
OpenStack部署(一)
u010230019的博客
06-06 2989
openstack-keystone部署
OpenStack最新版本--Victoria发布亮点与初体验
NewTyun的博客
10-14 3723
前言:OpenStack是一个云操作系统,可控制整个数据中心内的大型计算,存储和网络资池,所有资均通过具有通用身份验证机制的API进行管理和配置。还提供了一个仪表板,可让管理员进行控...
写一个openstack得批量部署脚本
最新发布
09-08
我们可以使用Ansible来编写一个脚本来批量部署OpenStack,这个脚本可以完成以下任务: 1)安装OpenStack所需的软件包 2)创建OpenStack组件所需的配置文件 3)运行OpenStack各个组件 4)检查OpenStack安装是否...

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包

打赏作者

啊酒弟弟

你的鼓励将是我创作的最大动力

¥1 ¥2 ¥4 ¥6 ¥10 ¥20
扫码支付:¥1
获取中
扫码支付

您的余额不足,请更换扫码支付或充值

打赏作者

实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值