CentOS 7.2 Mitaka云平台控制节点部署脚本(VLAN+VXLAN+DVR私有网络)
来源:互联网 发布:服装erp软件排名 编辑:程序博客网 时间:2024/05/29 16:59
#!/bin/bash#部署控制节点#openssl rand -hex 10#a54b7e09c69b15563e5f#配置时间服务器IP=192.168.101.3GATE=192.168.101.0yum install chrony -ycat <<EOF> /etc/chrony.confserver s2m.time.edu.cn iburststratumweight 0driftfile /var/lib/chrony/driftrtcsyncmakestep 10 3allow $GATE/24bindcmdaddress 127.0.0.1bindcmdaddress ::1keyfile /etc/chrony.keyscommandkey 1generatecommandkeynoclientloglogchange 0.5logdir /var/log/chronyEOFsystemctl enable chronyd.servicesystemctl start chronyd.service#安装openstack环境包yum install centos-release-openstack-mitaka -yyum upgrade -yyum install python-openstackclient openstack-selinux -y#安装数据库yum install mariadb mariadb-server python2-PyMySQL -ycat <<EOF> /etc/my.cnf.d/openstack.cnf[mysqld]bind-address = $IPdefault-storage-engine = innodbinnodb_file_per_tablemax_connections = 4096collation-server = utf8_general_cicharacter-set-server = utf8EOFsed -i '/Group=mysql/a\LimitNOFILE=10000\nLimitNPROC=10000' /usr/lib/systemd/system/mariadb.servicesystemctl enable mariadb.servicesystemctl start mariadb.service#*#mysql_secure_installation #要交互#安装rabbitmqyum install rabbitmq-server -ysystemctl enable rabbitmq-server.servicesystemctl start rabbitmq-server.servicerabbitmqctl add_user openstack RABBIT_PASSrabbitmqctl set_permissions openstack ".*" ".*" ".*"#安装memcachedyum install memcached python-memcached -ysystemctl enable memcached.servicesystemctl start memcached.service#安装配置认证服务#创建数据库mysql -u root -p111111 -e "CREATE DATABASE keystone;GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DBPASS';GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'KEYSTONE_DBPASS';"#*#openssl rand -hex 10 #要记录yum install openstack-keystone httpd mod_wsgi -ycat <<EOF> /etc/keystone/keystone.conf[DEFAULT]admin_token = e0ace34ab551f97dce52[database]connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone[token]provider = fernetEOFsu -s /bin/sh -c "keystone-manage db_sync" keystonekeystone-manage fernet_setup --keystone-user keystone --keystone-group keystonesed -i '/#ServerName/a\ServerName controller' /etc/httpd/conf/httpd.confcat <<EOF> /etc/httpd/conf.d/wsgi-keystone.confListen 5000Listen 35357<VirtualHost *:5000> WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-public WSGIScriptAlias / /usr/bin/keystone-wsgi-public WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined <Directory /usr/bin> Require all granted </Directory></VirtualHost><VirtualHost *:35357> WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP} WSGIProcessGroup keystone-admin WSGIScriptAlias / /usr/bin/keystone-wsgi-admin WSGIApplicationGroup %{GLOBAL} WSGIPassAuthorization On ErrorLogFormat "%{cu}t %M" ErrorLog /var/log/httpd/keystone-error.log CustomLog /var/log/httpd/keystone-access.log combined <Directory /usr/bin> Require all granted </Directory></VirtualHost>EOFsystemctl enable httpd.servicesystemctl start httpd.serviceexport OS_TOKEN=e0ace34ab551f97dce52export OS_URL=http://controller:35357/v3export OS_IDENTITY_API_VERSION=3openstack service create --name keystone --description "OpenStack Identity" identityopenstack endpoint create --region RegionOne identity public http://controller:5000/v3openstack endpoint create --region RegionOne identity internal http://controller:5000/v3openstack endpoint create --region RegionOne identity admin http://controller:35357/v3openstack domain create --description "Default Domain" defaultopenstack project create --domain default --description "Admin Project" adminopenstack user create --domain default --password-prompt admin #要交互openstack role create adminopenstack role add --project admin --user admin adminopenstack project create --domain default --description "Service Project" serviceopenstack project create --domain default --description "Demo Project" demoopenstack user create --domain default --password-prompt demo #要交互openstack role create useropenstack role add --project demo --user demo usersed -i '/request_id admin_token_auth/s/request_id admin_token_auth/request_id/g' /etc/keystone/keystone-paste.iniunset OS_TOKEN OS_URLcat <<EOF> /root/admin-openrc.shexport OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=adminexport OS_USERNAME=adminexport OS_PASSWORD=111111export OS_AUTH_URL=http://controller:35357/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2EOFcat <<EOF> /root/demo-openrc.shexport OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=demoexport OS_USERNAME=demoexport OS_PASSWORD=123456export OS_AUTH_URL=http://controller:5000/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2EOF#安装镜像服务#创建数据库mysql -u root -p111111 -e "CREATE DATABASE glance;GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DBPASS';GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'GLANCE_DBPASS';"openstack user create --domain default --password-prompt glance #要交互openstack role add --project service --user glance adminopenstack service create --name glance --description "OpenStack Image" imageopenstack endpoint create --region RegionOne image public http://controller:9292openstack endpoint create --region RegionOne image internal http://controller:9292openstack endpoint create --region RegionOne image admin http://controller:9292yum install openstack-glance -ycat <<EOF> /etc/glance/glance-api.conf[database]connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = 123456[paste_deploy]flavor = keystone[glance_store]stores = file,httpdefault_store = filefilesystem_store_datadir = /var/lib/glance/images/EOFcat <<EOF> /etc/glance/glance-registry.conf[database]connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = 123456[paste_deploy]flavor = keystoneEOFsu -s /bin/sh -c "glance-manage db_sync" glancesystemctl enable openstack-glance-api.service openstack-glance-registry.servicesystemctl start openstack-glance-api.service openstack-glance-registry.service#安装计算服务mysql -u root -p111111 -e "CREATE DATABASE nova_api;GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';"mysql -u root -p111111 -e "CREATE DATABASE nova;GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DBPASS';GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'NOVA_DBPASS';"openstack user create --domain default --password-prompt nova #要交互openstack role add --project service --user nova adminopenstack service create --name nova --description "OpenStack Compute" computeopenstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)sopenstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)sopenstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)syum install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler -ycat <<EOF> /etc/nova/nova.conf[DEFAULT]enabled_apis = osapi_compute,metadatarpc_backend = rabbitauth_strategy = keystonemy_ip = $IPuse_neutron = Truefirewall_driver = nova.virt.firewall.NoopFirewallDriver[oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = RABBIT_PASS[api_database]connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api[database]connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = 123456[vnc]vncserver_listen = \$my_ipvncserver_proxyclient_address = \$my_ip[glance]api_servers = http://controller:9292[oslo_concurrency]lock_path = /var/lib/nova/tmp[neutron]url = http://controller:9696auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = 123456service_metadata_proxy = Truemetadata_proxy_shared_secret = METADATA_SECRETEOFsu -s /bin/sh -c "nova-manage api_db sync" novasu -s /bin/sh -c "nova-manage db sync" novasystemctl enable openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.servicesystemctl start openstack-nova-api.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service#安装网络服务mysql -u root -p111111 -e "CREATE DATABASE neutron;GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';"openstack user create --domain default --password-prompt neutron #要交互openstack role add --project service --user neutron adminopenstack service create --name neutron --description "OpenStack Networking" networkopenstack endpoint create --region RegionOne network public http://controller:9696openstack endpoint create --region RegionOne network internal http://controller:9696openstack endpoint create --region RegionOne network admin http://controller:9696yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables -y#!/bin/bash#控制节点,配置DVRcat <<EOF> /etc/neutron/neutron.conf[DEFAULT]core_plugin = ml2service_plugins = routerallow_overlapping_ips = Truerouter_distributed = Truerpc_backend = rabbitauth_strategy = keystonenotify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes = True[database]connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron[oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = RABBIT_PASS[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = 123456[nova]auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = 123456[oslo_concurrency]lock_path = /var/lib/neutron/tmpEOFcat <<EOF> /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,vlan,vxlantenant_network_types = vxlanmechanism_drivers = openvswitch,l2populationextension_drivers = port_security[ml2_type_flat]flat_networks = provider[ml2_type_vlan]network_vlan_ranges = provider[ml2_type_vxlan]vni_ranges = 1:1000[securitygroup]enable_ipset = Truefirewall_driver = iptables_hybridEOFcat <<EOF> /etc/neutron/plugins/ml2/openvswitch_agent.ini[ovs]local_ip = $IPbridge_mappings = provider:br-provider[agent]tunnel_types = vxlanenable_distributed_routing = Truel2_population = Truearp_responder = True[securitygroup]firewall_driver = iptables_hybridEOFcat <<EOF> /etc/neutron/l3_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.OVSInterfaceDriverexternal_network_bridge =agent_mode = dvr_snatEOFsystemctl enable neutron-l3-agent.servicesystemctl start neutron-l3-agent.servicesystemctl enable openvswitch.service systemctl start openvswitch.service ovs-vsctl add-br br-providerovs-vsctl add-port br-provider bond1cat <<EOF> /etc/neutron/dhcp_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.OVSInterfaceDriverdhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = TrueEOFcat <<EOF> /etc/neutron/metadata_agent.ini[DEFAULT]nova_metadata_ip = controllermetadata_proxy_shared_secret = METADATA_SECRETEOFln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inisu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutronsystemctl restart openstack-nova-api.servicesystemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.servicesystemctl start neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service#安装仪表盘yum install openstack-dashboard -y#编辑文件内容***略***systemctl restart httpd.service memcached.service
0 0
- CentOS 7.2 Mitaka云平台控制节点部署脚本(VLAN+VXLAN+DVR私有网络)
- CentOS 7.2 Mitaka云平台计算节点部署脚本(VLAN+VXLAN+DVR私有网络)
- CentOS 7.2 Mitaka云平台控制节点部署脚本(VLAN+VXLAN私有网络)
- CentOS 7.2 Mitaka云平台计算节点部署脚本(VLAN+VXLAN私有网络)
- CentOS 7.2 Mitaka云平台控制节点部署脚本(VLAN供应商网络)
- CentOS 7.2 Mitaka云平台计算节点部署脚本(VLAN供应商网络)
- Centos 7使用RDO部署Openstack(mitaka)(单节点+多节点)
- Mitaka版本openstack只支持VXLAN的分布式部署配置
- 快速入门Openstack,无脑多节点部署Mitaka(6)--Neutron网络部署
- 私有云落地解决方案之openstack高可用(pike版本)-配置ovs的vxlan网络
- VLAN,FC ZONE,VxLAN
- 私有云落地解决方案之网络篇-关键技术-vlan间通信
- 安装部署CloudStack 4.0企业私有云平台
- 安装部署CloudStack 4.0企业私有云平台
- 安装部署CloudStack 4.0企业私有云平台
- 安装部署CloudStack 4.0企业私有云平台
- 安装部署CloudStack 4.0企业私有云平台
- 安装部署CloudStack 4.0企业私有云平台
- LayoutInflater的inflate函数用法详解
- android中AsyncTask的使用
- mac
- Gym 100507G The Debut Album
- 设计模式之-代理模式
- CentOS 7.2 Mitaka云平台控制节点部署脚本(VLAN+VXLAN+DVR私有网络)
- Effective Java学习笔记: 第57条只针对异常的情况才使用异常
- LeetCode #187: Repeated DNA Sequences
- JAVA最常用的排序_冒泡排序、选择排序、快速排序
- Hadoop压缩方式
- Gridview的简单应用
- substring的一个易错点
- 使用Visual Studio cl编译的步骤
- Socket、Tcp、Udp、Http 知识点学习