openstack-M版--Controller端
来源:互联网 发布:战舰世界 烟雾数据 编辑:程序博客网 时间:2024/05/18 13:48
#!/bin/bash
echo '-------------节点IP----------------------------------'
controller=192.168.2.11
computer1=192.168.2.12
echo '-------------网卡设备----------------------------------'
dev=eno33554992
echo '-------------服务密码----------------------------------'
keystone=keystone
glance=glance
nova=nova
neutron=neutron
rabbit=rabbit
echo '-------------用户密码----------------------------------'
admin=admin
demo=demo
echo '------------下载所需安装包-------------------------------------------'
yum -y install python-openstackclient mariadb mariadb-server \
python2-PyMySQL rabbitmq-server memcached python-memcached \
openstack-keystone httpd mod_wsgi openstack-glance \
openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables wget openstack-dashboard
echo '------------数据库初始化-----------------------------'
echo "[mysqld]
bind-address = $controller
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8" > /etc/my.cnf.d/openstack.cnf
systemctl enable mariadb
systemctl start mariadb
mysql_secure_installation
echo '------------启动rabbit服务和更改密码-----------------------------'
systemctl enable rabbitmq-server
systemctl start rabbitmq-server
rabbitmqctl add_user openstack $rabbit
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
systemctl restart rabbitmq-server.service
echo '------------启动缓存服务memcached-----------------------------'
systemctl enable memcached.service
systemctl restart memcached.service
echo '------------建立数据库-------------------------------------------'
echo "CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$keystone';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$keystone';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$glance';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$glance';
CREATE DATABASE nova_api;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$nova';
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$nova';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$neutron';
flush privileges;" > /root/xxx
mysql -u root -p < /root/xxx
echo '---------------备份配置文件----------------------------------------'
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
echo '--------------配置 keystone----------------------------------------'
token=`openssl rand -hex 10`
echo "[DEFAULT]
admin_token = $token
[database]
connection = mysql+pymysql://keystone:$keystone@controller/keystone " > /etc/keystone/keystone.conf
echo '--------------修改keystone权限和数据同步-------------------'
keystone-manage db_sync
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone.keystone /var/log/keystone/
chown -R keystone.keystone /etc/keystone/
echo '--------------配置wsgi-keystone.conf---------------------'
echo "Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>" > /etc/httpd/conf.d/wsgi-keystone.conf
echo '---------------配置httpd.conf----------------------------------------'
echo "ServerName $controller" >> /etc/httpd/conf/httpd.conf
setenforce 0
echo '---------------启动httpd服务----------------------------------------'
systemctl enable httpd.service
systemctl start httpd.service
echo '---------------认证TOKEN----------------------------------------'
export OS_TOKEN=$token
export OS_URL=http://$controller:35357/v3
export OS_IDENTITY_API_VERSION=3
echo '---------------创建keystone服务和端口----------------------------------------'
openstack service create --name keystone --description 'OpenStack Identity' identity #创建keystone服务
openstack endpoint create --region RegionOne identity public http://controller:5000/v3
openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
openstack endpoint create --region RegionOne identity admin http://controller:35357/v3 #创建keystone服务端口
echo '---------------创建 默认域 ,admin项目,admin角色和admin用户----------------------------------------'
openstack domain create --description 'Default Domain' default #默认域
openstack project create --domain default --description 'Admin Project' admin #admin项目
openstack user create --domain default --password $admin admin #admin用户
openstack role create admin #admin角色
openstack role add --project admin --user admin admin #将admin角色添加至admin项目和用户
echo '---------------创建 service项目----------------------------------------'
openstack project create --domain default --description 'Service Project' service #service项目
echo '---------------创建 demo项目,user角色和demo用户----------------------------------------'
openstack project create --domain default --description 'Demo Project' demo #demo项目
openstack user create --domain default --password $demo demo #demo用户
openstack role create user #user角色
openstack role add --project demo --user demo user #将user角色添加至demo项目和用户
echo '----------------创建管理员环境脚本---------------------------------------'
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$admin
export OS_AUTH_URL=http://$controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2" > /root/openstack-admin
echo '----------------创建demo环境脚本---------------------------------------'
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=$demo
export OS_AUTH_URL=http://$controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2" > /root/openstack-demo
#echo '----------------更换管理员环境---------------------------------------'
#unset OS_TOKEN OS_URL
#openstack --os-auth-url http://$controller:35357/v3 \
#--os-project-domain-name default --os-user-domain-name default \
#--os-project-name admin --os-username admin --os-password admin token issue
#openstack --os-auth-url http://$controller:5000/v3 \
#--os-project-domain-name default --os-user-domain-name default \
#--os-project-name demo --os-username demo --os-password demo token issue
#echo '----------------验证---------------------------------------'
#source /root/openstack-admin
#openstack token issue
echo '----------------开始配置glance---------------------------------------'
echo '------------创建glance用户和分配admin权限-----------------------------'
openstack user create --domain default --password $glance glance #创建 glance用户
openstack role add --project service --user glance admin #添加admin角色到glance用户和service项目
openstack service create --name glance --description 'OpenStack Image' image #创建glance服务
echo '------------创建glance服务和端口-----------------------------'
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
echo '------------配置 /etc/glance/glance-api.conf----------------------------'
echo "[database]
connection = mysql+pymysql://glance:$glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = $glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/" > /etc/glance/glance-api.conf
echo '---------------配置 /etc/glance/glance-registry.conf--------------'
echo "[database]
connection = mysql+pymysql://glance:$glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = $glance
[paste_deploy]
flavor = keystone " > /etc/glance/glance-registry.conf
echo '--------------同步glance数据库和开启glance服务------------------------'
glance-manage db_sync
chown -R glance.glance /etc/glance/
chown -R glance.glance /var/log/glance/
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
echo '---------------开始配置nova--------------------------------'
echo '-----------------创建nova用户--------------------------------'
openstack user create --domain default --password $nova nova
echo '-----------------添加管理员角色到nova用户和服务项目----------'
openstack role add --project service --user nova admin
echo '-----------------创建nova服务--------------------------------'
openstack service create --name nova --description 'OpenStack Compute' compute
echo '-----------------创建nova服务端口--------------------------------'
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s
echo '---------------/etc/nova/nova.conf--------------------------------'
echo "[DEFAULT]
enabled_apis = osapi_compute,metadata
rpc_backend = rabbit
auth_strategy = keystone
my_ip = $controller
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:$nova@controller/nova_api
[database]
connection = mysql+pymysql://nova:$nova@controller/nova
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = $rabbit
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = $nova
[vnc]
vncserver_listen = $controller
vncserver_proxyclient_address = $controller
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp " > /etc/nova/nova.conf
echo '-----------------同步数据库--------------------------------'
nova-manage api_db sync
nova-manage db sync
chown -R nova.nova /var/log/nova
chown -R nova.nova /etc/nova/
echo '-----------------启动服务--------------------------------'
systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
echo '-----------------开始配置neutron--------------------------------'
echo '-----------------创建neutron用户--------------------------------'
openstack user create --domain default --password $neutron neutron
echo '-----------------添加管理员角色到neutron用户和服务项目----------'
openstack role add --project service --user neutron admin
echo '-----------------创建neutron服务--------------------------------'
openstack service create --name neutron --description 'OpenStack Networking' network
echo '-----------------创建neutron服务端口--------------------------------'
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
echo '----------------/etc/neutron/neutron.conf---------------------------'
echo "[database]
connection = mysql+pymysql://neutron:$neutron@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
rpc_backend = rabbit
auth_strategy = keystone
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = $rabbit
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = $neutron
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = $nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp" > /etc/neutron/neutron.conf
echo '-------------/etc/neutron/plugins/ml2/ml2_conf.ini-------------------------'
echo "[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = True " > /etc/neutron/plugins/ml2/ml2_conf.ini
echo '--------/etc/neutron/plugins/ml2/linuxbridge_agent.ini------'
echo "[linux_bridge]
physical_interface_mappings = provider:$dev
[vxlan]
enable_vxlan = True
local_ip = $controller
l2_population = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver " > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
echo '--------/etc/neutron/l3_agent.ini---------------'
echo "[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge = " > /etc/neutron/l3_agent.ini
echo '---------/etc/neutron/dhcp_agent.ini---------------'
echo "[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True " > /etc/neutron/dhcp_agent.ini
echo '----------metadata_agent.ini---------------'
echo "[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET" > /etc/neutron/metadata_agent.ini
echo '----------/etc/nova/nova.conf--------------'
echo "[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = $neutron
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET " >> /etc/nova/nova.conf
echo '----------初始化和同步neutron数据--------------'
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade mitaka
echo '----------修改权限---------------'
chown -R neutron.neutron /var/log/neutron/
chown -R neutron.neutron /etc/neutron/
echo '-----------------重新启动nova服务--------------------------------'
systemctl restart openstack-nova-api.service
echo '----------------启动neutron服务--------------------------------'
systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service
echo '-----------------END--------------------------------'
echo '-------------节点IP----------------------------------'
controller=192.168.2.11
computer1=192.168.2.12
echo '-------------网卡设备----------------------------------'
dev=eno33554992
echo '-------------服务密码----------------------------------'
keystone=keystone
glance=glance
nova=nova
neutron=neutron
rabbit=rabbit
echo '-------------用户密码----------------------------------'
admin=admin
demo=demo
echo '------------下载所需安装包-------------------------------------------'
yum -y install python-openstackclient mariadb mariadb-server \
python2-PyMySQL rabbitmq-server memcached python-memcached \
openstack-keystone httpd mod_wsgi openstack-glance \
openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables wget openstack-dashboard
echo '------------数据库初始化-----------------------------'
echo "[mysqld]
bind-address = $controller
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8" > /etc/my.cnf.d/openstack.cnf
systemctl enable mariadb
systemctl start mariadb
mysql_secure_installation
echo '------------启动rabbit服务和更改密码-----------------------------'
systemctl enable rabbitmq-server
systemctl start rabbitmq-server
rabbitmqctl add_user openstack $rabbit
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
systemctl restart rabbitmq-server.service
echo '------------启动缓存服务memcached-----------------------------'
systemctl enable memcached.service
systemctl restart memcached.service
echo '------------建立数据库-------------------------------------------'
echo "CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$keystone';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$keystone';
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$glance';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$glance';
CREATE DATABASE nova_api;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$nova';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$nova';
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$nova';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$nova';
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$neutron';
flush privileges;" > /root/xxx
mysql -u root -p < /root/xxx
echo '---------------备份配置文件----------------------------------------'
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
cp /etc/glance/glance-registry.conf /etc/glance/glance-registry.conf.bak
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
echo '--------------配置 keystone----------------------------------------'
token=`openssl rand -hex 10`
echo "[DEFAULT]
admin_token = $token
[database]
connection = mysql+pymysql://keystone:$keystone@controller/keystone " > /etc/keystone/keystone.conf
echo '--------------修改keystone权限和数据同步-------------------'
keystone-manage db_sync
keystone-manage pki_setup --keystone-user keystone --keystone-group keystone
chown -R keystone.keystone /var/log/keystone/
chown -R keystone.keystone /etc/keystone/
echo '--------------配置wsgi-keystone.conf---------------------'
echo "Listen 5000
Listen 35357
<VirtualHost *:5000>
WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-public
WSGIScriptAlias / /usr/bin/keystone-wsgi-public
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:35357>
WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
WSGIProcessGroup keystone-admin
WSGIScriptAlias / /usr/bin/keystone-wsgi-admin
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
ErrorLog /var/log/httpd/keystone-error.log
CustomLog /var/log/httpd/keystone-access.log combined
<Directory /usr/bin>
Require all granted
</Directory>
</VirtualHost>" > /etc/httpd/conf.d/wsgi-keystone.conf
echo '---------------配置httpd.conf----------------------------------------'
echo "ServerName $controller" >> /etc/httpd/conf/httpd.conf
setenforce 0
echo '---------------启动httpd服务----------------------------------------'
systemctl enable httpd.service
systemctl start httpd.service
echo '---------------认证TOKEN----------------------------------------'
export OS_TOKEN=$token
export OS_URL=http://$controller:35357/v3
export OS_IDENTITY_API_VERSION=3
echo '---------------创建keystone服务和端口----------------------------------------'
openstack service create --name keystone --description 'OpenStack Identity' identity #创建keystone服务
openstack endpoint create --region RegionOne identity public http://controller:5000/v3
openstack endpoint create --region RegionOne identity internal http://controller:5000/v3
openstack endpoint create --region RegionOne identity admin http://controller:35357/v3 #创建keystone服务端口
echo '---------------创建 默认域 ,admin项目,admin角色和admin用户----------------------------------------'
openstack domain create --description 'Default Domain' default #默认域
openstack project create --domain default --description 'Admin Project' admin #admin项目
openstack user create --domain default --password $admin admin #admin用户
openstack role create admin #admin角色
openstack role add --project admin --user admin admin #将admin角色添加至admin项目和用户
echo '---------------创建 service项目----------------------------------------'
openstack project create --domain default --description 'Service Project' service #service项目
echo '---------------创建 demo项目,user角色和demo用户----------------------------------------'
openstack project create --domain default --description 'Demo Project' demo #demo项目
openstack user create --domain default --password $demo demo #demo用户
openstack role create user #user角色
openstack role add --project demo --user demo user #将user角色添加至demo项目和用户
echo '----------------创建管理员环境脚本---------------------------------------'
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=$admin
export OS_AUTH_URL=http://$controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2" > /root/openstack-admin
echo '----------------创建demo环境脚本---------------------------------------'
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=$demo
export OS_AUTH_URL=http://$controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2" > /root/openstack-demo
#echo '----------------更换管理员环境---------------------------------------'
#unset OS_TOKEN OS_URL
#openstack --os-auth-url http://$controller:35357/v3 \
#--os-project-domain-name default --os-user-domain-name default \
#--os-project-name admin --os-username admin --os-password admin token issue
#openstack --os-auth-url http://$controller:5000/v3 \
#--os-project-domain-name default --os-user-domain-name default \
#--os-project-name demo --os-username demo --os-password demo token issue
#echo '----------------验证---------------------------------------'
#source /root/openstack-admin
#openstack token issue
echo '----------------开始配置glance---------------------------------------'
echo '------------创建glance用户和分配admin权限-----------------------------'
openstack user create --domain default --password $glance glance #创建 glance用户
openstack role add --project service --user glance admin #添加admin角色到glance用户和service项目
openstack service create --name glance --description 'OpenStack Image' image #创建glance服务
echo '------------创建glance服务和端口-----------------------------'
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
echo '------------配置 /etc/glance/glance-api.conf----------------------------'
echo "[database]
connection = mysql+pymysql://glance:$glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = $glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/" > /etc/glance/glance-api.conf
echo '---------------配置 /etc/glance/glance-registry.conf--------------'
echo "[database]
connection = mysql+pymysql://glance:$glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = $glance
[paste_deploy]
flavor = keystone " > /etc/glance/glance-registry.conf
echo '--------------同步glance数据库和开启glance服务------------------------'
glance-manage db_sync
chown -R glance.glance /etc/glance/
chown -R glance.glance /var/log/glance/
systemctl enable openstack-glance-api.service openstack-glance-registry.service
systemctl start openstack-glance-api.service openstack-glance-registry.service
echo '---------------开始配置nova--------------------------------'
echo '-----------------创建nova用户--------------------------------'
openstack user create --domain default --password $nova nova
echo '-----------------添加管理员角色到nova用户和服务项目----------'
openstack role add --project service --user nova admin
echo '-----------------创建nova服务--------------------------------'
openstack service create --name nova --description 'OpenStack Compute' compute
echo '-----------------创建nova服务端口--------------------------------'
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s
echo '---------------/etc/nova/nova.conf--------------------------------'
echo "[DEFAULT]
enabled_apis = osapi_compute,metadata
rpc_backend = rabbit
auth_strategy = keystone
my_ip = $controller
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api_database]
connection = mysql+pymysql://nova:$nova@controller/nova_api
[database]
connection = mysql+pymysql://nova:$nova@controller/nova
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = $rabbit
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = $nova
[vnc]
vncserver_listen = $controller
vncserver_proxyclient_address = $controller
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp " > /etc/nova/nova.conf
echo '-----------------同步数据库--------------------------------'
nova-manage api_db sync
nova-manage db sync
chown -R nova.nova /var/log/nova
chown -R nova.nova /etc/nova/
echo '-----------------启动服务--------------------------------'
systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service
echo '-----------------开始配置neutron--------------------------------'
echo '-----------------创建neutron用户--------------------------------'
openstack user create --domain default --password $neutron neutron
echo '-----------------添加管理员角色到neutron用户和服务项目----------'
openstack role add --project service --user neutron admin
echo '-----------------创建neutron服务--------------------------------'
openstack service create --name neutron --description 'OpenStack Networking' network
echo '-----------------创建neutron服务端口--------------------------------'
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
echo '----------------/etc/neutron/neutron.conf---------------------------'
echo "[database]
connection = mysql+pymysql://neutron:$neutron@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
rpc_backend = rabbit
auth_strategy = keystone
[oslo_messaging_rabbit]
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = $rabbit
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = $neutron
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = $nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp" > /etc/neutron/neutron.conf
echo '-------------/etc/neutron/plugins/ml2/ml2_conf.ini-------------------------'
echo "[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = True " > /etc/neutron/plugins/ml2/ml2_conf.ini
echo '--------/etc/neutron/plugins/ml2/linuxbridge_agent.ini------'
echo "[linux_bridge]
physical_interface_mappings = provider:$dev
[vxlan]
enable_vxlan = True
local_ip = $controller
l2_population = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver " > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
echo '--------/etc/neutron/l3_agent.ini---------------'
echo "[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge = " > /etc/neutron/l3_agent.ini
echo '---------/etc/neutron/dhcp_agent.ini---------------'
echo "[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True " > /etc/neutron/dhcp_agent.ini
echo '----------metadata_agent.ini---------------'
echo "[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET" > /etc/neutron/metadata_agent.ini
echo '----------/etc/nova/nova.conf--------------'
echo "[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = $neutron
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET " >> /etc/nova/nova.conf
echo '----------初始化和同步neutron数据--------------'
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade mitaka
echo '----------修改权限---------------'
chown -R neutron.neutron /var/log/neutron/
chown -R neutron.neutron /etc/neutron/
echo '-----------------重新启动nova服务--------------------------------'
systemctl restart openstack-nova-api.service
echo '----------------启动neutron服务--------------------------------'
systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service
echo '-----------------END--------------------------------'
0 0
- openstack-M版--Controller端
- openstack-M版--Compute端
- openstack-M版--页面安装
- M-Openstack入门指导
- openstack Installing the Cloud Controller
- openstack-M版启动虚拟机的XML文件
- OpenStack-M版(Mitaka)搭建- – -环境准备篇
- openstack M 版 neutron网络组件基础入门
- openstack(m版)官网创建云主机过程
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++二、Openstack环境准备篇上
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++二、Openstack环境准备篇中
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++二、Openstack环境准备篇下
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++三、Openstack身份认证服务(keystone)
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++四、Openstack镜像服务(glance)
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++五、Openstack计算服务(nova)上
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++五、Openstack计算服务(nova)下
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++六、Openstack网络服务(neutron)上
- OpenStack-M版(Mitaka)搭建基于(Centos7.2)+++六、Openstack网络服务(neutron)下
- 算法训练 关联矩阵
- 书籍列表
- Qt实现360安全卫士9.2
- Git分支管理策略
- C语言学习摘要
- openstack-M版--Controller端
- 常用框架(二) : spring+springMvc+mybatis+maven+redis
- adb 常用命令大全
- cocos2d-x自制RPG游戏总结
- 算法学习 -- a+b
- 三方应用点击拍照下两次拍照命令问题
- 2016年蓝桥杯C语言大学A组题目2--生日蜡烛
- 1057. Stack (30)
- Java RESTful框架的性能比较