一、变量设置
set - e - x
CONTROLLER_IP="192.168.0.1"
CTRL_HOST_NAME="rocky-xxx"
ALL_PASS="111111"
NTP_SERVER="192.168.0.100"
二、基础环境设置
yum - y install vim
yum - y install net- tools
yum - y install expect
sleep 5
hostnamectl set-hostname ${ CTRL_HOST_NAME}
systemctl stop firewalld
systemctl disable firewalld
cp / etc/ selinux/ config / etc/ selinux/ config. bak. $( date + % Y% m% d) _$( date + % H% M% S)
sed - i "/SELINUX=enforcing/cSELINUX=disabled" / etc/ selinux/ config
setenforce 0
cp / etc/ chrony. conf / etc/ chrony. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
sed - i "/server 0.centos.pool.ntp.org iburst/cserver {NTP_SERVER} iburst" / etc/ chrony. conf
sed - i "/centos.pool.ntp.org/d" / etc/ chrony. conf
systemctl enable chronyd
systemctl restart chronyd
sleep 2
chronyc sources
timedatectl set-timezone Asia/ Shanghai
date
sleep 3
三、安装包
yum - y install openstack- utils
yum - y install python- openstackclient
yum - y install openstack- selinux
四、SQL
yum - y install mariadb
yum - y install mariadb- server
yum - y install python2- PyMySQL
touch / etc/ my. cnf. d/ openstack. cnf
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld bind- address ${ CONTROLLER_IP}
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld default- storage- engine innodb
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld innodb_file_per_table on
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld max_connections 4096
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld collation- server utf8_general_ci
openstack- config -- set / etc/ my. cnf. d/ openstack. cnf mysqld character- set-server utf8
systemctl enable mariadb. service
systemctl start mariadb. service
systemctl status mariadb. service
sleep 1
mysql_secure_installation <<EOF
y
$ALL_PASS
$ALL_PASS
y
y
y
y
EOF
五、rabbitmq、memcached、ETCD
yum install rabbitmq- server - y
systemctl enable rabbitmq- server. service
systemctl start rabbitmq- server. service
systemctl status rabbitmq- server. service
sleep 1
rabbitmqctl add_user openstack ${ ALL_PASS}
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
yum - y install memcached
yum - y install python- memcached
cp / etc/ sysconfig/ memcached / etc/ sysconfig/ memcached. bak. $( date + % Y% m% d) _$( date + % H% M% S)
sed - i "/OPTIONS=\" - l 127. 0. 0. 1, ::1\"/cOPTIONS=\" - l 127. 0. 0. 1, ::1, $CONTROLLER_IP \"" / etc/ sysconfig/ memcached
systemctl enable memcached. service
systemctl start memcached. service
systemctl status memcached. service
sleep 2
yum install etcd - y
cp / etc/ etcd/ etcd. conf / etc/ etcd/ etcd. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
sed - i '/ETCD_DATA_DIR/cETCD_DATA_DIR="/var/lib/etcd/default.etcd"' / etc/ etcd/ etcd. conf
sed - i "/ETCD_LISTEN_PEER_URLS/cETCD_LISTEN_PEER_URLS=\" http:/ / $CONTROLLER_IP :2380\"" / etc/ etcd/ etcd. conf
sed - i "/ETCD_LISTEN_CLIENT_URLS/cETCD_LISTEN_CLIENT_URLS=\" http:/ / $CONTROLLER_IP :2379\"" / etc/ etcd/ etcd. conf
sed - i "/ETCD_NAME/cETCD_NAME=\" $CON_HOST_NAME \"" / etc/ etcd/ etcd. conf
sed - i "/ETCD_INITIAL_ADVERTISE_PEER_URLS/cETCD_INITIAL_ADVERTISE_PEER_URLS=\" http:/ / $CONTROLLER_IP :2380\"" / etc/ etcd/ etcd. conf
sed - i "/ETCD_ADVERTISE_CLIENT_URLS/cETCD_ADVERTISE_CLIENT_URLS=\" http:/ / $CONTROLLER_IP :2379\"" / etc/ etcd/ etcd. conf
sed - i "/ETCD_INITIAL_CLUSTER=/cETCD_INITIAL_CLUSTER=\" $CON_HOST_NAME =http:/ / $CONTROLLER_IP :2380\"" / etc/ etcd/ etcd. conf
sed - i '/ETCD_INITIAL_CLUSTER_TOKEN/cETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"' / etc/ etcd/ etcd. conf
sed - i '/ETCD_INITIAL_CLUSTER_STATE/cETCD_INITIAL_CLUSTER_STATE="new"' / etc/ etcd/ etcd. conf
systemctl enable etcd
systemctl start etcd
systemctl status etcd
sleep 2
六、KeyStone
mysql - N - uroot - p$ALL_PASS <<EOF
DROP DATABASE if exists keystone;
CREATE DATABASE if not exists keystone;
GRANT ALL PRIVILEGES ON keystone. * TO 'keystone' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON keystone. * TO 'keystone' @'%' IDENTIFIED BY '$ALL_PASS' ;
EOF
yum install openstack- keystone - y
yum install httpd - y
yum install mod_wsgi - y
cp / etc/ keystone/ keystone. conf / etc/ keystone/ keystone. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ keystone/ keystone. conf database connection mysql+ pymysql:/ / keystone:$ALL_PASS @$CONTROLLER_IP / keystone
openstack- config -- set / etc/ keystone/ keystone. conf token provider fernet
su - s / bin/ sh - c "keystone-manage db_sync" keystone
keystone- manage fernet_setup -- keystone- user keystone -- keystone- group keystone
keystone- manage credential_setup -- keystone- user keystone -- keystone- group keystone
keystone- manage bootstrap -- bootstrap- password $ALL_PASS \
-- bootstrap- admin- url http:/ / $CONTROLLER_IP :5000/ v3/ \
-- bootstrap- internal- url http:/ / $CONTROLLER_IP :5000/ v3/ \
-- bootstrap- public- url http:/ / $CONTROLLER_IP :5000/ v3/ \
-- bootstrap- region- id RegionOne
sed - i "/#ServerName/aServerName $CONTROLLER_IP " / etc/ httpd/ conf/ httpd. conf
ln - s / usr/ share/ keystone/ wsgi- keystone. conf / etc/ httpd/ conf. d/
systemctl enable httpd. service
systemctl start httpd. service
systemctl status httpd. service
export OS_USERNAME=admin
export OS_PASSWORD=$ALL_PASS
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http:/ / $CONTROLLER_IP :5000/ v3
export OS_IDENTITY_API_VERSION=3
openstack domain create -- description "An Example Domain" example
openstack project create -- domain default -- description "Service Project" service
openstack project create -- domain default -- description "Demo Project" myproject
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack user create -- domain default -- password- prompt myuser
expect "User*"
send "$ALL_PASS \r"
expect "Repeat *"
send "$ALL_PASS \r"
expect eof
EOF
openstack role create myrole
openstack role add -- project myproject -- user myuser myrole
unset OS_AUTH_URL OS_PASSWORD
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack -- os- auth- url http:/ / $CONTROLLER_IP :35357/ v3 \
-- os- project- domain- name Default -- os- user- domain- name Default \
-- os- project- name admin -- os- username admin token issue
expect "*Password*"
send "$ALL_PASS \r"
expect eof
EOF
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack -- os- auth- url http:/ / $CONTROLLER_IP :5000/ v3 \
-- os- project- domain- name Default -- os- user- domain- name Default \
-- os- project- name myproject -- os- username myuser token issue
expect "*Password*"
send "$ALL_PASS \r"
expect eof
EOF
touch / root/ admin- openrc
echo "export OS_PROJECT_DOMAIN_NAME=Default" >/ root/ admin- openrc
echo "export OS_USER_DOMAIN_NAME=Default" >>/ root/ admin- openrc
echo "export OS_PROJECT_NAME=admin" >>/ root/ admin- openrc
echo "export OS_USERNAME=admin" >>/ root/ admin- openrc
echo "export OS_PASSWORD=$ALL_PASS " >>/ root/ admin- openrc
echo "export OS_AUTH_URL=http://$CONTROLLER_IP :5000/v3" >>/ root/ admin- openrc
echo "export OS_IDENTITY_API_VERSION=3" >>/ root/ admin- openrc
echo "export OS_IMAGE_API_VERSION=2" >>/ root/ admin- openrc
touch / root/ demo- openrc
echo "export OS_PROJECT_DOMAIN_NAME=Default" >/ root/ demo- openrc
echo "export OS_USER_DOMAIN_NAME=Default" >>/ root/ demo- openrc
echo "export OS_PROJECT_NAME=myuser" >>/ root/ demo- openrc
echo "export OS_USERNAME=demo" >>/ root/ demo- openrc
echo "export OS_PASSWORD=$ALL_PASS " >>/ root/ demo- openrc
echo "export OS_AUTH_URL=http://$CONTROLLER_IP :5000/v3" >>/ root/ demo- openrc
echo "export OS_IDENTITY_API_VERSION=3" >>/ root/ demo- openrc
echo "export OS_IMAGE_API_VERSION=2" >>/ root/ demo- openrc
source / root/ admin- openrc
openstack token issue
sleep 2
七、glance
mysql - N - uroot - p$ALL_PASS <<EOF
DROP DATABASE if exists glance;
CREATE DATABASE if not exists glance;
GRANT ALL PRIVILEGES ON glance. * TO 'glance' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON glance. * TO 'glance' @'%' IDENTIFIED BY '$ALL_PASS' ;
EOF
source / root/ admin- openrc
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack user create -- domain default -- password- prompt glance
expect "User*"
send "$ALL_PASS \r"
expect "Repeat*"
send "$ALL_PASS \r"
expect eof
EOF
openstack role add -- project service -- user glance admin
openstack service create -- name glance -- description "OpenStack Image" image
openstack endpoint create -- region RegionOne image public http:/ / $CONTROLLER_IP :9292
openstack endpoint create -- region RegionOne image internal http:/ / $CONTROLLER_IP :9292
openstack endpoint create -- region RegionOne image admin http:/ / $CONTROLLER_IP :9292
yum install openstack- glance - y
cp / etc/ glance/ glance- api. conf / etc/ glance/ glance- api. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ glance/ glance- api. conf database connection mysql+ pymysql:/ / glance:$ALL_PASS @$CONTROLLER_IP / glance
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken www_authenticate_uri http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken auth_url http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken memcached_servers $CONTROLLER_IP :11211
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken auth_type password
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken project_domain_name Default
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken user_domain_name Default
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken project_name service
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken username glance
openstack- config -- set / etc/ glance/ glance- api. conf keystone_authtoken password ${ ALL_PASS}
openstack- config -- set / etc/ glance/ glance- api. conf paste_deploy flavor keystone
openstack- config -- set / etc/ glance/ glance- api. conf glance_store stores file, http
openstack- config -- set / etc/ glance/ glance- api. conf glance_store default_store file
openstack- config -- set / etc/ glance/ glance- api. conf glance_store filesystem_store_datadir / var / lib/ glance/ images/
cp / etc/ glance/ glance- registry. conf / etc/ glance/ glance- registry. conf. bak$( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ glance/ glance- registry. conf database connection mysql+ pymysql:/ / glance:$ALL_PASS @$CONTROLLER_IP / glance
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken www_authenticate_uri http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken auth_url http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken memcached_servers $CONTROLLER_IP :11211
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken auth_type password
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken project_domain_name Default
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken user_domain_name Default
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken project_name service
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken username glance
openstack- config -- set / etc/ glance/ glance- registry. conf keystone_authtoken password ${ ALL_PASS}
openstack- config -- set / etc/ glance/ glance- registry. conf paste_deploy flavor keystone
su - s / bin/ sh - c "glance-manage db_sync" glance
systemctl enable openstack- glance- api. service openstack- glance- registry. service
systemctl start openstack- glance- api. service openstack- glance- registry. service
systemctl status openstack- glance- api. service openstack- glance- registry. service
sleep 2
八、Nova
mysql - N - uroot - p$ALL_PASS <<EOF
CREATE DATABASE nova_api;
CREATE DATABASE nova;
CREATE DATABASE nova_cell0;
CREATE DATABASE placement;
GRANT ALL PRIVILEGES ON nova_api. * TO 'nova' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON nova_api. * TO 'nova' @'%' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON nova. * TO 'nova' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON nova. * TO 'nova' @'%' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON nova_cell0. * TO 'nova' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON nova_cell0. * TO 'nova' @'%' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON placement. * TO 'placement' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON placement. * TO 'placement' @'%' IDENTIFIED BY '$ALL_PASS' ;
EOF
source / root/ admin- openrc
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack user create -- domain default -- password- prompt nova
expect "User*"
send "$ALL_PASS \r"
expect "Repeat*"
send "$ALL_PASS \r"
expect eof
EOF
openstack role add -- project service -- user nova admin
openstack service create -- name nova -- description "OpenStack Compute" compute
openstack endpoint create -- region RegionOne compute public http:/ / $CONTROLLER_IP :8774/ v2. 1
openstack endpoint create -- region RegionOne compute internal http:/ / $CONTROLLER_IP :8774/ v2. 1
openstack endpoint create -- region RegionOne compute admin http:/ / $CONTROLLER_IP :8774/ v2. 1
/ usr/ bin/ expect << EOF
set timeout 15
spawn openstack user create -- domain default -- password- prompt placement
expect "User*"
send "$ALL_PASS \r"
expect "Repeat*"
send "$ALL_PASS \r"
expect eof
EOF
openstack role add -- project service -- user placement admin
openstack service create -- name placement -- description "Placement API" placement
openstack endpoint create -- region RegionOne placement public http:/ / $CONTROLLER_IP :8778
openstack endpoint create -- region RegionOne placement internal http:/ / $CONTROLLER_IP :8778
openstack endpoint create -- region RegionOne placement admin http:/ / $CONTROLLER_IP :8778
yum - y install openstack- nova- api
yum - y install openstack- nova- conductor
yum - y install openstack- nova- console
yum - y install openstack- nova- novncproxy
yum - y install openstack- nova- scheduler
yum - y install openstack- nova- placement- api
cp / etc/ nova/ nova. conf / etc/ nova/ nova. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ nova/ nova. conf DEFAULT enabled_apis osapi_compute, metadata
openstack- config -- set / etc/ nova/ nova. conf DEFAULT transport_url rabbit:/ / openstack:$ALL_PASS @$CONTROLLER_IP
openstack- config -- set / etc/ nova/ nova. conf DEFAULT my_ip $CONTROLLER_IP
openstack- config -- set / etc/ nova/ nova. conf DEFAULT use_neutron true
openstack- config -- set / etc/ nova/ nova. conf DEFAULT firewall_driver nova. virt. firewall. NoopFirewallDriver
openstack- config -- set / etc/ nova/ nova. conf api_database connection mysql+ pymysql:/ / nova:$ALL_PASS @$CONTROLLER_IP / nova_api
openstack- config -- set / etc/ nova/ nova. conf database connection mysql+ pymysql:/ / nova:$ALL_PASS @$CONTROLLER_IP / nova
openstack- config -- set / etc/ nova/ nova. conf placement_database connection mysql+ pymysql:/ / placement:$ALL_PASS @$CONTROLLER_IP / placement
openstack- config -- set / etc/ nova/ nova. conf api auth_strategy keystone
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken auth_url http:/ / $CONTROLLER_IP :5000/ v3
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken memcached_servers $CONTROLLER_IP :11211
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken auth_type password
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken project_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken user_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken project_name service
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken username nova
openstack- config -- set / etc/ nova/ nova. conf keystone_authtoken password ${ ALL_PASS}
openstack- config -- set / etc/ nova/ nova. conf vnc enabled true
openstack- config -- set / etc/ nova/ nova. conf vnc server_listen \$my_ip
openstack- config -- set / etc/ nova/ nova. conf vnc server_proxyclient_address \$my_ip
openstack- config -- set / etc/ nova/ nova. conf glance api_servers http:/ / $CONTROLLER_IP :9292
openstack- config -- set / etc/ nova/ nova. conf oslo_concurrency lock_path / var / lib/ nova/ tmp
openstack- config -- set / etc/ nova/ nova. conf placement os_region_name RegionOne
openstack- config -- set / etc/ nova/ nova. conf placement project_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf placement project_name service
openstack- config -- set / etc/ nova/ nova. conf placement auth_type password
openstack- config -- set / etc/ nova/ nova. conf placement user_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf placement auth_url http:/ / $CONTROLLER_IP :5000/ v3
openstack- config -- set / etc/ nova/ nova. conf placement username placement
openstack- config -- set / etc/ nova/ nova. conf placement password ${ ALL_PASS}
cp / etc/ httpd/ conf. d/ 00- nova- placement- api. conf / etc/ httpd/ conf. d/ 00- nova- placement- api. conf. bak
echo "
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
" >> / etc/ httpd/ conf. d/ 00- nova- placement- api. conf
systemctl restart httpd
systemctl status httpd
sleep 2
su - s / bin/ sh - c "nova-manage api_db sync" nova
su - s / bin/ sh - c "nova-manage cell_v2 map_cell0" nova
su - s / bin/ sh - c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su - s / bin/ sh - c "nova-manage db sync" nova
su - s / bin/ sh - c "nova-manage cell_v2 list_cells" nova
systemctl enable openstack- nova- api. service \
openstack- nova- consoleauth openstack- nova- scheduler. service \
openstack- nova- conductor. service openstack- nova- novncproxy. service
systemctl start openstack- nova- api. service \
openstack- nova- consoleauth openstack- nova- scheduler. service \
openstack- nova- conductor. service openstack- nova- novncproxy. service
source / root/ admin- openrc
openstack compute service list
openstack catalog list
openstack image list
nova- status upgrade check
sleep 3
九、Neutron
mysql - N - uroot - p$ALL_PASS <<EOF
DROP DATABASE if exists neutron;
CREATE DATABASE if not exists neutron;
GRANT ALL PRIVILEGES ON neutron. * TO 'neutron' @'localhost' IDENTIFIED BY '$ALL_PASS' ;
GRANT ALL PRIVILEGES ON neutron. * TO 'neutron' @'%' IDENTIFIED BY '$ALL_PASS' ;
EOF
source / root/ admin- openrc
/ usr/ bin/ expect << EOF
spawn openstack user create -- domain default -- password- prompt neutron
expect "User*"
send "$ALL_PASS \r"
expect "Repeat*"
send "$ALL_PASS \r"
expect eof
EOF
openstack role add -- project service -- user neutron admin
openstack service create -- name neutron -- description "OpenStack Networking" network
openstack endpoint create -- region RegionOne network public http:/ / $CONTROLLER_IP :9696
openstack endpoint create -- region RegionOne network internal http:/ / $CONTROLLER_IP :9696
openstack endpoint create -- region RegionOne network admin http:/ / $CONTROLLER_IP :9696
yum - y install openstack- neutron
yum - y install openstack- neutron- ml2
yum - y install openstack- neutron- openvswitch
yum - y install ebtables
cp / etc/ neutron/ neutron. conf / etc/ neutron/ neutron. conf. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ neutron. conf database connection mysql+ pymysql:/ / neutron:$ALL_PASS @$CONTROLLER_IP / neutron
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT core_plugin ml2
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT service_plugins router
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT allow_overlapping_ips true
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT transport_url rabbit:/ / openstack:$ALL_PASS @$CONTROLLER_IP
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT auth_strategy keystone
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT notify_nova_on_port_status_changes true
openstack- config -- set / etc/ neutron/ neutron. conf DEFAULT notify_nova_on_port_data_changes true
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken www_authenticate_uri http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken auth_url http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken memcached_servers $CONTROLLER_IP :11211
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken auth_type password
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken project_domain_name Default
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken user_domain_name Default
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken project_name service
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken username neutron
openstack- config -- set / etc/ neutron/ neutron. conf keystone_authtoken password $ALL_PASS
openstack- config -- set / etc/ neutron/ neutron. conf nova auth_url http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ neutron/ neutron. conf nova auth_type password
openstack- config -- set / etc/ neutron/ neutron. conf nova project_domain_name Default
openstack- config -- set / etc/ neutron/ neutron. conf nova user_domain_name Default
openstack- config -- set / etc/ neutron/ neutron. conf nova region_name RegionOne
openstack- config -- set / etc/ neutron/ neutron. conf nova project_name service
openstack- config -- set / etc/ neutron/ neutron. conf nova username nova
openstack- config -- set / etc/ neutron/ neutron. conf nova password ${ ALL_PASS}
openstack- config -- set / etc/ neutron/ neutron. conf oslo_concurrency lock_path / var / lib/ neutron/ tmp
cp / etc/ neutron/ plugins/ ml2/ ml2_conf. ini / etc/ neutron/ plugins/ ml2/ ml2_conf. ini. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2 type_drivers flat, vlan, vxlan
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2 tenant_network_types vxlan, vlan
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2 mechanism_drivers openvswitch, l2population
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2 extension_drivers port_security
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2_type_flat flat_networks provider
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2_type_vlan network_vlan_ranges physicnet:1000:2000
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini ml2_type_vxlan vni_ranges 20000:21000
openstack- config -- set / etc/ neutron/ plugins/ ml2/ ml2_conf. ini securitygroup enable_ipset true
cp / etc/ neutron/ plugins/ ml2/ openvswitch_agent. ini / etc/ neutron/ plugins/ ml2/ openvswitch_agent. ini. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ plugins/ ml2/ openvswitch_agent. ini securitygroup firewall_driver neutron. agent. linux. iptables_firewall. OVSHybridIptablesFirewallDriver
openstack- config -- set / etc/ neutron/ plugins/ ml2/ openvswitch_agent. ini securitygroup enable_security_group true
cp / etc/ neutron/ l3_agent. ini / etc/ neutron/ l3_agent. ini. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ l3_agent. ini DEFAULT interface_driver neutron. agent. linux. interface. OVSInterfaceDriver
cp / etc/ neutron/ dhcp_agent. ini / etc/ neutron/ dhcp_agent. ini. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ dhcp_agent. ini DEFAULT interface_driver neutron. agent. linux. interface. OVSInterfaceDriver
openstack- config -- set / etc/ neutron/ dhcp_agent. ini DEFAULT dhcp_driver neutron. agent. linux. dhcp. Dnsmasq
openstack- config -- set / etc/ neutron/ dhcp_agent. ini DEFAULT enable_isolated_metadata true
sed - i "/force_metadata = /aforce_metadata = true" / etc/ neutron/ dhcp_agent. ini
cp / etc/ neutron/ metadata_agent. ini / etc/ neutron/ metadata_agent. ini. bak. $( date + % Y% m% d) _$( date + % H% M% S)
openstack- config -- set / etc/ neutron/ metadata_agent. ini DEFAULT nova_metadata_host $CONTROLLER_IP
openstack- config -- set / etc/ neutron/ metadata_agent. ini DEFAULT metadata_proxy_shared_secret $ALL_PASS
openstack- config -- set / etc/ nova/ nova. conf neutron url http:/ / $CONTROLLER_IP :9696
openstack- config -- set / etc/ nova/ nova. conf neutron auth_url http:/ / $CONTROLLER_IP :5000
openstack- config -- set / etc/ nova/ nova. conf neutron auth_type password
openstack- config -- set / etc/ nova/ nova. conf neutron project_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf neutron user_domain_name Default
openstack- config -- set / etc/ nova/ nova. conf neutron region_name RegionOne
openstack- config -- set / etc/ nova/ nova. conf neutron project_name service
openstack- config -- set / etc/ nova/ nova. conf neutron username neutron
openstack- config -- set / etc/ nova/ nova. conf neutron password $ALL_PASS
openstack- config -- set / etc/ nova/ nova. conf neutron service_metadata_proxy true
openstack- config -- set / etc/ nova/ nova. conf neutron metadata_proxy_shared_secret $ALL_PASS
ln - s / etc/ neutron/ plugins/ ml2/ ml2_conf. ini / etc/ neutron/ plugin. ini
su - s / bin/ sh - c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack- nova- api. service
systemctl enable neutron- server. service \
neutron- openvswitch- agent. service neutron- dhcp- agent. service \
neutron- metadata- agent. service neutron- l3- agent. service
systemctl start neutron- server. service \
neutron- openvswitch- agent. service neutron- dhcp- agent. service \
neutron- metadata- agent. service neutron- l3- agent. service
systemctl status neutron- server. service \
neutron- openvswitch- agent. service neutron- dhcp- agent. service \
neutron- metadata- agent. service neutron- l3- agent. service
sleep 2
十、dashboard
yum install openstack- dashboard - y
cp / etc/ openstack- dashboard/ local_settings / etc/ openstack- dashboard/ local_settings. bak. $( date + % Y% m% d) _$( date + % H% M% S)
sed - i "/OPENSTACK_HOST = /cOPENSTACK_HOST = \" $CONTROLLER_IP \"" / etc/ openstack- dashboard/ local_settings
sed - i "/ALLOWED_HOSTS = /cALLOWED_HOSTS = ['*']" / etc/ openstack- dashboard/ local_settings
sed - i "/^CACHES =/iSESSION_ENGINE = 'django.contrib.sessions.backends.cache'" / etc/ openstack- dashboard/ local_settings
sed - i "/^[ \t]*'BACKEND'/a\\ \t'LOCATION': '$CONTROLLER_IP :11211'," / etc/ openstack- dashboard/ local_settings
sed - i 's/django.core.cache.backends.locmem.LocMemCache/django.core.cache.backends.memcached.MemcachedCache/g' / etc/ openstack- dashboard/ local_settings
sed - i "/OPENSTACK_KEYSTONE_URL/cOPENSTACK_KEYSTONE_URL = \" http:/ /% s:5000/ v3\" % OPENSTACK_HOST" / etc/ openstack- dashboard/ local_settings
sed - i "/OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" / etc/ openstack- dashboard/ local_settings
sed - i "s/#OPENSTACK_API_VERSIONS/OPENSTACK_API_VERSIONS/g" / etc/ openstack- dashboard/ local_settings
sed - i "/# \" identity\": 3,/c\\ \" identity\": 3," / etc/ openstack- dashboard/ local_settings
sed - i "/# \" image\": 2,/c\\ \" image\": 2," / etc/ openstack- dashboard/ local_settings
sed - i "/# \" volume\": 2,/c\\ \" volume\": 2," / etc/ openstack- dashboard/ local_settings
sed - i "/# \" compute\": 2,/a}" / etc/ openstack- dashboard/ local_settings
sed - i "/#OPENSTACK_KEYSTONE_DEFAULT_DOMAIN/cOPENSTACK_KEYSTONE_DEFAULT_DOMAIN = \" Default\"" / etc/ openstack- dashboard/ local_settings
sed - i "/OPENSTACK_KEYSTONE_DEFAULT_ROLE/cOPENSTACK_KEYSTONE_DEFAULT_ROLE = \" user\"" / etc/ openstack- dashboard/ local_settings
cp / etc/ httpd/ conf. d/ openstack- dashboard. conf / etc/ httpd/ conf. d/ openstack- dashboard. conf. bak
sed - i "/WSGIScriptAlias/iWSGIApplicationGroup %{GLOBAL}" / etc/ httpd/ conf. d/ openstack- dashboard. conf
systemctl restart httpd. service memcached. service
yum install openstack- neutron- fwaas - y
neutron- db- manage -- subproject neutron- fwaas upgrade head
yum install openstack- neutron- lbaas - y
neutron- db- manage -- subproject neutron- lbaas upgrade head
yum install openstack- neutron- vpnaas - y
neutron- db- manage -- subproject neutron- vpnaas upgrade head
:<<!
source / root/ admin- openrc
openstack image create "cirros" -- file "$0 " -- disk- format qcow2 -- container- format bare -- public
openstack image list
openstack compute service list -- service nova- compute
su - s / bin/ sh - c "nova-manage cell_v2 discover_hosts --verbose" nova
!