我的OPENSTACK部署文档-essex

部署脚本，非自动化安装，Exess版本

########################################

###### 0. Prepare Before Install ######

########################################

 

# System

# 1. Ubuntu Server amd64 12.04 LTS

# 2. 分区：Controller：3 ，Compute Node：4

# 3. 1 for OS , 2 for image storage  , 3 for swap

# 4. 1 for OS , 2 for VM , 3 for volume(block storage) , 4 for swap

# 5. 主机名不能相同，最好用编号表示主机名。

 

# Network

# 静态IP , config /etc/network/interfaces

# 1. 1 网卡

 

# 2. 3 网卡

 

# 1 for internet , 2 for LAN , 3 for manage

 

# BIOS

# 1. VT virtualization Technology Support (process setting)

 

#########################################

########### 1. Controller ###############

#########################################

 

 

####### MySql install & config ########

 

# Some variable.

MYSQL_PASS='hisoft'

OPENSTACK_USER='openstack'

OPENSTACK_PASS='hisoft'

 

# Preseed the mysql install

cat<<EOF | sudodebconf-set-selections

mysql-server-5.1 mysql-server/root_passwordpassword ${MYSQL_PASS}

mysql-server-5.1 mysql-server/root_password_againpassword ${MYSQL_PASS}

mysql-server-5.1 mysql-server/start_on_bootboolean true

EOF

 

# Set up the mysql database server

sudoapt-get install-y python-mysqldb mysql-server

# Configure MySQL and Restart

sudosed -i 's/127.0.0.1/0.0.0.0/g'/etc/mysql/my.cnf

sudoservice mysql restart

 

# Create the openstack database

sudorm /var/lib/keystone/keystone.db

sudomysql -u root -p$MYSQL_PASS -e "CREATE DATABASE openstack;"

sudomysql -u root -p$MYSQL_PASS -e "GRANT ALL ON openstack.* TO '${OPENSTACK_USER}'@'localhost' IDENTIFIED BY '${OPENSTACK_PASS}';"

sudomysql -u root -p$MYSQL_PASS -e "GRANT ALL ON openstack.* TO '${OPENSTACK_USER}'@'%' IDENTIFIED BY '${OPENSTACK_PASS}';"

 

 

######  Install Nova & Dependencies ######

 

#Install Dependencies

sudoapt-get install-y rabbitmq-server euca2ools bridge-utils

 

#Install the compute service (nova) except nova volume

sudoapt-get install-y nova-api nova-compute nova-network nova-scheduler nova-cert nova-consoleauth nova-doc nova-vncproxy novnc

 

#############################################################

##NODE:FITTING YOUR CONDITION BEFORE EXECUTE THIS COMMOND####

#############################################################

# DESC:

# --vlan_interface=eth0 ,Configure LAN IP On this device

# --public_interface=eth1 ,Configure public IP on this device

# IF Only have one device , ALL use eth0 ,

#   --vlan_interface=eth0

#   --public_interface=eth0

# --my_ip=[this host's IP]

# --sql_connection=mysql://openstack:hisoft@[the controller's IP]/openstack

# --rabbit_host=[the controller's IP]

# --glance_api_servers=[the controller's IP]

# --ec2_dmz_host=[the controller's IP]

# --ec2_host=[the controller's IP]

# --instances_path=[the/path/to/store/instances]

 

(cat| sudotee -a /etc/nova/nova.conf ) <<EOF

--dhcpbridge_flagfile=/etc/nova/nova.conf

--dhcpbridge=/usr/bin/nova-dhcpbridge

--logdir=/var/log/nova

--state_path=/var/lib/nova

--lock_path=/var/lock/nova

--force_dhcp_release

--iscsi_helper=tgtadm

--libvirt_use_virtio_for_bridges

--connection_type=libvirt

--root_helper=sudonova-rootwrap

--verbose

--ec2_private_dns_show_ip

--network_manager=nova.network.manager.VlanManager

--fixed_range=10.0.0.0/8

--vlan_interface=eth0

--public_interface=eth0

--auth_strategy=keystone

--my_ip=192.168.80.54

--instances_path=/mnt/instances

--sql_connection=mysql://openstack:hisoft@127.0.0.1/openstack

--rabbit_host=192.168.80.54

--glance_api_servers=192.168.80.54:9292

--ec2_dmz_host=192.168.80.54

--ec2_host=192.168.80.54

--quota_cores=200

--quota_floating_ips=50

--quota_gigabytes=3000

--quota_instances=100

--quota_ram=300000

--quota_volumes=100

EOF

 

# Initialize the nova database

sudonova nova-manage db sync

 

# Restart nova services

sudoservice nova-network restart

sudoservice nova-compute restart

sudoservice nova-scheduler restart

sudoservice nova-api restart

sudoservice nova-cert restart

sudoservice nova-consoleauth restart

 

watchsudo nova-manage service list

 

 

####  Install the image service (glance)#####

 

sudoapt-get install-y glance

 

# Configure glance to use the new database

sudosed -i "s|sql_connection = sqlite:////var/lib/glance/glance.sqlite|sql_connection = mysql://${OPENSTACK_USER}:${OPENSTACK_PASS}@127.0.0.1/openstack|g" /etc/glance/glance-registry.conf

echo"sql_connection = mysql://${OPENSTACK_USER}:${OPENSTACK_PASS}@127.0.0.1/openstack" | sudotee -a /etc/glance/glance-scrubber.conf

 

# modify default image store path

vi/etc/glance/glance-api.conf

# change this option

# filesystem_store_datadir = /path/you/want/to/store/

 

sudoglance-manage version_control 0

sudoglance-manage db_sync

 

# Verify glance is functioning

glance --version

 

 

#### Install the identity service (keystone)####

 

sudoapt-get install-y keystone

 

# Configure keystone to use the new database

sudosed -i "s|connection = sqlite:////var/lib/keystone/keystone.db|connection = mysql://${OPENSTACK_USER}:${OPENSTACK_PASS}@127.0.0.1/openstack|g" /etc/keystone/keystone.conf

# Initialize the database

sudoservice keystone restart

sudokeystone-manage db_sync

 

# Set up the keystone credentials

mkdir~/credentials

cat> ~/credentials/openrc<<EOF

exportOS_USERNAME=admin

exportOS_PASSWORD=hisoft

exportOS_TENANT_NAME=admin

exportOS_AUTH_URL=http://127.0.0.1:5000/v2.0/

exportOS_REGION_NAME=RegionOne

exportSERVICE_TOKEN=ADMIN

exportSERVICE_ENDPOINT=http://127.0.0.1:35357/v2.0

EOF

 

# Update the envirnoment with the new credentials

cat~/credentials/openrc>> ~/.bashrc

source~/.bashrc

 

# Create a new tenant

TENANT_ID=`keystone tenant-create --name admin | awk-F"|"'{ if (NR == 6) print $3}' | tr-d ' '`

 

# Create a new user

USER_ID=`keystone user-create --tenant_id $TENANT_ID --name admin --pass admin | awk-F"|"'{ if (NR == 6) print $3}' | tr-d ' '`

 

# Create new roles

ROLE_ID=`keystone role-create --name admin | awk-F"|"'{ if (NR == 4) print $3}' | tr-d ' '`

keystone role-create --name member

 

# List the new tenants, users and roles

keystone tenant-list

keystone user-list

keystone role-list

 

# Grant the role to the user

keystone user-role-add --user $USER_ID --tenant_id $TENANT_ID --role $ROLE_ID

 

# Populate the services in the service catalog

KEYSTONE_SVC_ID=`keystone service-create --name=keystone --type=identity --description="Keystone Identity Service" | awk-F"|"'{ if (NR == 5) print $3}' | tr-d ' '`

NOVA_SVC_ID=`keystone service-create --name=nova --type=compute --description="Nova Compute Service" | awk-F"|"'{ if (NR == 5) print $3}' | tr-d ' '`

VOLUME_SVC_ID=`keystone service-create --name=volume --type=volume --description="Nova Volume Service" | awk-F"|"'{ if (NR == 5) print $3}' | tr-d ' '`

GLANCE_SVC_ID=`keystone service-create --name=glance --type=image --description="Glance Image Service" | awk-F"|"'{ if (NR == 5) print $3}' | tr-d ' '`

EC2_SVC_ID=`keystone service-create --name=ec2 --type=ec2 --description="EC2 Compatibility Layer" | awk-F"|"'{ if (NR == 5) print $3}' | tr-d ' '`

 

# Verify the new services

keystone service-list

 

# Populate the endpoints in the service catalog

keystone endpoint-create --region RegionOne --service_id=$KEYSTONE_SVC_ID --publicurl=http://[public IP]:5000/v2.0 --internalurl=http://[Internal IP]:5000/v2.0 --adminurl=http://[Internal IP]:35357/v2.0

keystone endpoint-create --region RegionOne --service_id=$NOVA_SVC_ID --publicurl='http://192.168.80.52:8774/v2/%(tenant_id)s'--internalurl='http://127.0.0.1:8774/v2/%(tenant_id)s'--adminurl='http://127.0.0.1:8774/v2/%(tenant_id)s'

keystone endpoint-create --region RegionOne --service_id=$VOLUME_SVC_ID --publicurl='http://192.168.80.52:8776/v1/%(tenant_id)s'--internalurl='http://127.0.0.1:8776/v1/%(tenant_id)s'--adminurl='http://127.0.0.1:8776/v1/%(tenant_id)s'

keystone endpoint-create --region RegionOne --service_id=$GLANCE_SVC_ID --publicurl=http://192.168.80.52:9292/v1--internalurl=http://127.0.0.1:9292/v1--adminurl=http://127.0.0.1:9292/v1

keystone endpoint-create --region RegionOne --service_id=$EC2_SVC_ID --publicurl='http://192.168.80.52:8773/services/Cloud'--internalurl='http://127.0.0.1:8773/services/Cloud'--adminurl='http://127.0.0.1:8773/services/Admin'

 

# Verify the new endpoints

keystone endpoint-list

 

# Verify identity service is functioning

curl -d '{"auth": {"tenantName": "admin", "passwordCredentials": {"username": "admin", "password": "admin"}}}'-H "Content-type: application/json" http://127.0.0.1:35357/v2.0/tokens| python -m json.tool

 

# Configure nova to use keystone

sudosed -i 's/admin_tenant_name = %SERVICE_TENANT_NAME%/admin_tenant_name = admin/g' /etc/nova/api-paste.ini

sudosed -i 's/admin_user = %SERVICE_USER%/admin_user = admin/g' /etc/nova/api-paste.ini

sudosed -i 's/admin_password = %SERVICE_PASSWORD%/admin_password = admin/g' /etc/nova/api-paste.ini

sudosed -i 's/--use_deprecated_auth/--auth_strategy=keystone/g'/etc/nova/nova.conf

 

# Configure the glance-api service to use keystone

sudosed -i 's/admin_tenant_name = %SERVICE_TENANT_NAME%/admin_tenant_name = admin/g' /etc/glance/glance-api-paste.ini

sudosed -i 's/admin_user = %SERVICE_USER%/admin_user = admin/g' /etc/glance/glance-api-paste.ini

sudosed -i 's/admin_password = %SERVICE_PASSWORD%/admin_password = admin/g' /etc/glance/glance-api-paste.ini

sudosed -i 's/pipeline = versionnegotiation context apiv1app/pipeline = versionnegotiation authtoken auth-context apiv1app/g'/etc/glance/glance-api-paste.ini

 

(cat| sudotee -a /etc/glance/glance-api.conf ) <<EOF

[paste_deploy]

flavor = keystone

EOF

 

# Configure the glance-registry service to use keystone

sudosed -i 's/admin_tenant_name = %SERVICE_TENANT_NAME%/admin_tenant_name = admin/g' /etc/glance/glance-registry-paste.ini

sudosed -i 's/admin_user = %SERVICE_USER%/admin_user = admin/g' /etc/glance/glance-registry-paste.ini

sudosed -i 's/admin_password = %SERVICE_PASSWORD%/admin_password = admin/g' /etc/glance/glance-registry-paste.ini

sudosed -i 's/pipeline = context registryapp/pipeline = authtoken auth-context context registryapp/g'/etc/glance/glance-registry-paste.ini

 

(cat| sudotee -a /etc/glance/glance-registry.conf ) <<EOF

[paste_deploy]

flavor = keystone

EOF

 

# Restart all services

sudoservice nova-network restart

sudoservice nova-compute restart

sudoservice nova-scheduler restart

sudoservice nova-api restart

sudoservice nova-consoleauth restart

sudoservice nova-cert restart

sudoservice glance-api restart

sudoservice glance-registry restart

sudoservice keystone restart

sudoservice novnc restart

 

watchsudo nova-manage service list

 

# Verify the image exists in glance

# Nothing output means glance works well

glance index

 

# Configure fixed IP , private Network/--mulit-host=T For network HA , So IF Single node , you can remove this option

sudonova-manage network create private --fixed_range_v4=10.0.0.0/24--num_networks=1 --network_size=256 --vlan=100 --bridge_interface=eth0 --multi_host=T --project_id=$TENANT_ID

sudonova-manage network list

 

 

################################################

###############  Compute Node  #################

################################################

 

apt-getinstall-y nova-api nova-compute nova-network

 

#############################################################

##NODE:FITTING YOUR CONDITION BEFORE EXECUTE THIS COMMOND####

#############################################################

# DESC:

# --vlan_interface=eth0 ,Configure LAN IP On this device

# --public_interface=eth1 ,Configure public IP on this device

# IF Only have one device , ALL use eth0 ,

#   --vlan_interface=eth0

#   --public_interface=eth0

# --my_ip=[this host's IP]

# --sql_connection=mysql://openstack:hisoft@[the controller's IP]/openstack

# --rabbit_host=[the controller's IP]

# --glance_api_servers=[the controller's IP]

# --ec2_dmz_host=[the controller's IP]

# --ec2_host=[the controller's IP]

# --instances_path=[the/path/to/store/instances]

 

(cat| sudotee -a /etc/nova/nova.conf ) <<EOF

--dhcpbridge_flagfile=/etc/nova/nova.conf

--dhcpbridge=/usr/bin/nova-dhcpbridge

--logdir=/var/log/nova

--state_path=/var/lib/nova

--lock_path=/var/lock/nova

--force_dhcp_release

--iscsi_helper=tgtadm

--libvirt_use_virtio_for_bridges

--connection_type=libvirt

--root_helper=sudonova-rootwrap

--verbose

--ec2_private_dns_show_ip

--network_manager=nova.network.manager.VlanManager

--fixed_range=10.0.0.0/8

--vlan_interface=eth0

--public_interface=eth0

--auth_strategy=keystone

--my_ip=192.168.80.54

--instances_path=/mnt/instances

--sql_connection=mysql://openstack:hisoft@127.0.0.1/openstack

--rabbit_host=192.168.80.54

--glance_api_servers=192.168.80.54:9292

--ec2_dmz_host=192.168.80.54

--ec2_host=192.168.80.54

--quota_cores=200

--quota_floating_ips=50

--quota_gigabytes=3000

--quota_instances=100

--quota_ram=300000

--quota_volumes=100

EOF

 

# Install nova-volume

# Check the LVM partition

fdisk-l

 

pvcreate/dev/sdb1

vgcreate nova-volumes /dev/sdb1

sudoapt-get installlvm2 nova-volume open-iscsi

 

sudoservice nova-network restart

sudoservice nova-compute restart

sudoservice nova-volume restart

sudoservice nova-api restart

 

watchsudo nova-manage service list