openstack pike单机一键安装shell的示例分析
发表于:2024-11-19 作者:千家信息网编辑
千家信息网最后更新 2024年11月19日,这篇文章主要介绍openstack pike单机一键安装shell的示例分析,文中介绍的非常详细,具有一定的参考价值,感兴趣的小伙伴们一定要看完!#VM虚拟机8G内存,安装完毕,半个小时左右#在线安装
千家信息网最后更新 2024年11月19日openstack pike单机一键安装shell的示例分析
这篇文章主要介绍openstack pike单机一键安装shell的示例分析,文中介绍的非常详细,具有一定的参考价值,感兴趣的小伙伴们一定要看完!
#VM虚拟机8G内存,安装完毕,半个小时左右
#在线安装
#环境 centos 7.4.1708 x86_64
#在线安装openstack pike
curl http://elven.vip/ks/openstack/pike.install.sh>pike.install.sh && sh pike.install.sh
更新日期 2017-11-21
新增内容:
安装完成后,自动创建秘钥、主机类型、cirros测试镜像、网络、虚拟机kvm01
也就是安装完成后,就自动创建启动了虚拟机kvm01
# 有兴趣的小伙伴,可以测试反馈
已安装的VMware虚拟机镜像下载地址:https://www.jb51.net/softs/60337.html
#shell代码分享( 最新代码以在线安装为准,以下shell无错误,不在更新)
#!/bin/sh# openstack pike 单机 一键安装# 环境 centos 7.4.1708 x86_64# 更多内容 http://dwz.cn/openstack# Myde by Elven[[ `uname -r` = *el7* ]] && { echo '开启安装openstack pike'; } || { echo '请在CentOS7.4 环境运行';exit; }###########################################参数#获取第一块网卡名、ip地址Net=`ip add|egrep global|awk '{ print $NF }'|head -n 1`IP=`ip add|grep global|awk -F'[ /]+' '{ print $3 }'|head -n 1`echo "网卡名称:$Net"echo "IP地址: $IP"#参数DBPass=elven2017 #SQL root密码Node=controller #节点名(controller不要改动)Netname=$Net #网卡名称MyIP=$IP #IP地址VncProxy=$IP #VNC代理外网IP地址Imgdir=/date/glance #自定义glance镜像目录VHD=/date/nova #自定义Nova实例路径Kvm=qemu #QEMU或KVM ,KVM需要硬件支持###########################################1、设置echo '关闭selinux、防火墙'systemctl stop firewalld.servicesystemctl disable firewalld.servicefirewall-cmd --statesed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/configsed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/configgrep --color=auto '^SELINUX' /etc/selinux/configsetenforce 0echo '时间同步'/usr/sbin/ntpdate ntp6.aliyun.com echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontabcrontab /tmp/crontabecho '设置hostname'hostnamectl set-hostname $Nodeecho "$MyIP $Node">>/etc/hosts#使用阿里源rm -f /etc/yum.repos.d/*wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repowget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.reposed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo #删除阿里内网地址echo '自定义openstack源'wget -O /etc/yum.repos.d/Ali-pike.repo http://elven.vip/ks/openstack/Ali-pike.repoyum clean all && yum makecache #生成缓存###########################################2 安装function installrpm() {echo 'OpenStack tools 安装'yum install -y python-openstackclient openstack-selinux \ python2-PyMySQL openstack-utils echo 'MariaDB安装'yum install mariadb mariadb-server mariadb-galera-server -yyum install expect -yecho 'RabbitMQ安装'yum install rabbitmq-server erlang socat -yecho 'Keystone安装'yum install -y openstack-keystone httpd mod_wsgi memcached python-memcachedyum install apr apr-util -yecho '安装Glance'yum install -y openstack-glance python-glanceecho '安装nova'yum install -y openstack-nova-api openstack-nova-conductor \ openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler openstack-nova-placement-api \ openstack-nova-computeecho '安装neutron'yum install -y openstack-neutron openstack-neutron-ml2 \ openstack-neutron-linuxbridge python-neutronclient ebtables ipsetecho '安装dashboard'yum install openstack-dashboard -y}echo '安装openstack'installrpmecho '再次安装,防止下载失败'installrpm###########################################3、配置# #------------------#####################echo 'SQL数据库配置'cp /etc/my.cnf.d/openstack.cnf{,.bak}echo "#[mysqld]bind-address = 0.0.0.0default-storage-engine = innodbinnodb_file_per_tablemax_connections = 4096collation-server = utf8_general_cicharacter-set-server = utf8#">/etc/my.cnf.d/openstack.cnfecho '启动数据库服务'systemctl enable mariadb.servicesystemctl start mariadb.servicesleep 5netstat -antp|grep mysqld#mysql_secure_installation #初始化设置密码,自动交互[[ -f /usr/bin/expect ]] || { yum install expect -y; } #若没expect则安装/usr/bin/expect << EOFset timeout 30spawn mysql_secure_installationexpect { "enter for none" { send "\r"; exp_continue} "Y/n" { send "Y\r" ; exp_continue} "password:" { send "$DBPass\r"; exp_continue} "new password:" { send "$DBPass\r"; exp_continue} "Y/n" { send "Y\r" ; exp_continue} eof { exit }}EOF#测试mysql -u root -p$DBPass -e "show databases;"[ $? = 0 ] || { echo "mariadb初始化失败";exit; }echo '创建数据库、用户授权'mysql -u root -p$DBPass -e "create database keystone;grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone';grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';create database glance;grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';grant all privileges on glance.* to 'glance'@'%' identified by 'glance';create database nova;grant all privileges on nova.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova.* to 'nova'@'%' identified by 'nova';create database nova_api;grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova_api.* to 'nova'@'%' identified by 'nova';create database nova_cell0;grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'nova';create database neutron;grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'neutron';grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';flush privileges;select user,host from mysql.user;show databases;"## #------------------#####################echo 'RabbitMQ配置'echo 'NODENAME=rabbit@controller'>/etc/rabbitmq/rabbitmq-env.confsystemctl enable rabbitmq-server.servicesystemctl start rabbitmq-server.servicesleep 3rabbitmq-plugins enable rabbitmq_management #启动web插件端口15672sleep 6###########rabbit创建用户及密码rabbitmqctl add_user admin adminrabbitmqctl set_user_tags admin administratorrabbitmqctl add_user openstack openstack rabbitmqctl set_permissions openstack ".*" ".*" ".*" rabbitmqctl set_user_tags openstack administratorsystemctl restart rabbitmq-server.servicesleep 3netstat -antp|grep '5672'[[ `rabbitmqctl list_users|grep openstack|wc -l` = 1 ]] || { echo 'rabbit创建用户失败'; echo 'rabbit创建用户失败,请手动执行命令创建用户'>>./error.install.log; }# #------------------######################Keystone#memcached启动cp /etc/sysconfig/memcached{,.bak}systemctl enable memcached.servicesystemctl start memcached.servicenetstat -antp|grep 11211echo 'Keystone 配置'cp /etc/keystone/keystone.conf{,.bak} #备份默认配置Keys=$(openssl rand -hex 10) #生成随机密码echo $Keysecho "kestone $Keys">/root/openstack.logecho "[DEFAULT]admin_token = $Keysverbose = true[database]connection = mysql+pymysql://keystone:keystone@controller/keystone[token]provider = fernetdriver = memcache[memcache]servers = controller:11211">/etc/keystone/keystone.conf#初始化身份认证服务的数据库su -s /bin/sh -c "keystone-manage db_sync" keystone#检查表是否创建成功mysql -h controller -ukeystone -pkeystone -e "use keystone;show tables;"#初始化密钥存储库keystone-manage fernet_setup --keystone-user keystone --keystone-group keystonekeystone-manage credential_setup --keystone-user keystone --keystone-group keystone#设置admin用户(管理用户)和密码keystone-manage bootstrap --bootstrap-password admin \ --bootstrap-admin-url http://controller:35357/v3/ \ --bootstrap-internal-url http://controller:5000/v3/ \ --bootstrap-public-url http://controller:5000/v3/ \ --bootstrap-region-id RegionOne#apache配置cp /etc/httpd/conf/httpd.conf{,.bak}echo "ServerName controller">>/etc/httpd/conf/httpd.confln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/#Apache HTTP 启动并设置开机自启动systemctl enable httpd.servicesystemctl restart httpd.servicesleep 3netstat -antp|egrep ':5000|:35357|:80'#创建 OpenStack 客户端环境脚本#admin环境脚本echo "export OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=adminexport OS_PASSWORD=adminexport OS_AUTH_URL=http://controller:35357/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2">./admin-openstack.sh#测试脚本是否生效source ./admin-openstack.shopenstack token issue#创建service项目,创建glance,nova,neutron用户,并授权openstack project create --domain default --description "Service Project" serviceopenstack user create --domain default --password=glance glanceopenstack role add --project service --user glance adminopenstack user create --domain default --password=nova novaopenstack role add --project service --user nova adminopenstack user create --domain default --password=neutron neutronopenstack role add --project service --user neutron admin#创建demo项目(普通用户密码及角色)openstack project create --domain default --description "Demo Project" demoopenstack user create --domain default --password=demo demoopenstack role create useropenstack role add --project demo --user demo user#demo环境脚本echo "export OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=demoexport OS_USERNAME=demoexport OS_PASSWORD=demoexport OS_AUTH_URL=http://controller:5000/v3export OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2">./demo-openstack.sh#测试脚本是否生效source ./demo-openstack.shopenstack token issue# #------------------#####################echo 'Glance镜像服务'# keystone上服务注册 ,创建glance服务实体,API端点(公有、私有、admin)source ./admin-openstack.sh || { echo "加载前面设置的admin-openstack.sh环境变量脚本";exit; }openstack service create --name glance --description "OpenStack Image" imageopenstack endpoint create --region RegionOne image public http://controller:9292openstack endpoint create --region RegionOne image internal http://controller:9292openstack endpoint create --region RegionOne image admin http://controller:9292cp /etc/glance/glance-api.conf{,.bak}cp /etc/glance/glance-registry.conf{,.bak}# images默认/var/lib/glance/images/#Imgdir=/date/glancemkdir -p $Imgdirchown glance:nobody $Imgdirecho "镜像目录: $Imgdir"echo "#[database]connection = mysql+pymysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = http://controller:5000/v3auth_url = http://controller:35357/v3memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance[paste_deploy]flavor = keystone[glance_store]stores = file,httpdefault_store = filefilesystem_store_datadir = $Imgdir#">/etc/glance/glance-api.conf#echo "#[database]connection = mysql+pymysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = http://controller:5000/v3auth_url = http://controller:35357/v3memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance[paste_deploy]flavor = keystone#">/etc/glance/glance-registry.conf#同步数据库,检查数据库su -s /bin/sh -c "glance-manage db_sync" glancemysql -h controller -u glance -pglance -e "use glance;show tables;"#启动服务并设置开机自启动systemctl enable openstack-glance-api openstack-glance-registrysystemctl start openstack-glance-api openstack-glance-registrynetstat -antp|egrep '9292|9191' #检测服务端口# #------------------######################创建Nova数据库、用户、认证,前面已设置source ./admin-openstack.sh# keystone上服务注册 ,创建nova用户、服务、API# nova用户前面已建openstack service create --name nova --description "OpenStack Compute" computeopenstack endpoint create --region RegionOne compute public http://controller:8774/v2.1openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1#创建placement用户、服务、APIopenstack user create --domain default --password=placement placementopenstack role add --project service --user placement adminopenstack service create --name placement --description "Placement API" placementopenstack endpoint create --region RegionOne placement public http://controller:8778openstack endpoint create --region RegionOne placement internal http://controller:8778openstack endpoint create --region RegionOne placement admin http://controller:8778mkdir -p $VHDchown -R nova:nova $VHDecho 'nova配置'echo '#[DEFAULT]instances_path='$VHD'enabled_apis = osapi_compute,metadatatransport_url = rabbit://openstack:openstack@controllermy_ip = '$MyIP'use_neutron = Truefirewall_driver = nova.virt.firewall.NoopFirewallDriverosapi_compute_listen_port=8774[api_database]connection = mysql+pymysql://nova:nova@controller/nova_api[database]connection = mysql+pymysql://nova:nova@controller/nova[api]auth_strategy = keystone[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = nova[vnc]enabled = truevncserver_listen = $my_ipvncserver_proxyclient_address = $my_ipnovncproxy_base_url = http://'$VncProxy':6080/vnc_auto.html[glance]api_servers = http://controller:9292[oslo_concurrency]lock_path = /var/lib/nova/tmp[placement]os_region_name = RegionOneproject_domain_name = Defaultproject_name = serviceauth_type = passworduser_domain_name = Defaultauth_url = http://controller:35357/v3username = placementpassword = placement[scheduler]discover_hosts_in_cells_interval = 300[libvirt]virt_type = '$Kvm'#'>/etc/nova/nova.confecho "#Placement API = 2.4> Require all granted Order allow,deny Allow from all ">>/etc/httpd/conf.d/00-nova-placement-api.confsystemctl restart httpdsleep 5#同步数据库su -s /bin/sh -c "nova-manage api_db sync" novasu -s /bin/sh -c "nova-manage cell_v2 map_cell0" novasu -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" novasu -s /bin/sh -c "nova-manage db sync" nova#检测数据nova-manage cell_v2 list_cellsmysql -h controller -u nova -pnova -e "use nova_api;show tables;"mysql -h controller -u nova -pnova -e "use nova;show tables;" mysql -h controller -u nova -pnova -e "use nova_cell0;show tables;"# #------------------#####################echo 'Neutron服务'source ./admin-openstack.sh # 创建Neutron服务实体,API端点openstack service create --name neutron --description "OpenStack Networking" networkopenstack endpoint create --region RegionOne network public http://controller:9696openstack endpoint create --region RegionOne network internal http://controller:9696openstack endpoint create --region RegionOne network admin http://controller:9696#Neutron 备份配置cp /etc/neutron/neutron.conf{,.bak2}cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inicp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}cp /etc/neutron/dhcp_agent.ini{,.bak}cp /etc/neutron/metadata_agent.ini{,.bak}cp /etc/neutron/l3_agent.ini{,.bak}#配置echo '#[neutron]url = http://controller:9696auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = neutronservice_metadata_proxy = truemetadata_proxy_shared_secret = metadata#'>>/etc/nova/nova.conf#echo '[DEFAULT]nova_metadata_ip = controllermetadata_proxy_shared_secret = metadata#'>/etc/neutron/metadata_agent.ini#echo '#[ml2]tenant_network_types = type_drivers = vlan,flatmechanism_drivers = linuxbridgeextension_drivers = port_security[ml2_type_flat]flat_networks = provider[securitygroup]enable_ipset = True#'>/etc/neutron/plugins/ml2/ml2_conf.iniecho '#[linux_bridge]physical_interface_mappings = provider:'$Netname'[vxlan]enable_vxlan = false[agent]prevent_arp_spoofing = True[securitygroup]firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriverenable_security_group = True#'>/etc/neutron/plugins/ml2/linuxbridge_agent.ini#echo '#[DEFAULT]interface_driver = linuxbridgedhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = true#'>/etc/neutron/dhcp_agent.ini#echo '[DEFAULT]core_plugin = ml2service_plugins = routerallow_overlapping_ips = truetransport_url = rabbit://openstack:openstack@controllerauth_strategy = keystonenotify_nova_on_port_status_changes = truenotify_nova_on_port_data_changes = true[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = neutron[nova]auth_url = http://controller:35357auth_type = passwordproject_domain_id = defaultuser_domain_id = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = nova[database]connection = mysql://neutron:neutron@controller:3306/neutron[oslo_concurrency]lock_path = /var/lib/neutron/tmp #'>/etc/neutron/neutron.conf#echo '[DEFAULT]interface_driver = linuxbridge#'>/etc/neutron/l3_agent.ini##同步数据库su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron#检测数据mysql -h controller -u neutron -pneutron -e "use neutron;show tables;" # #------------------######################dashboardecho '配置openstack Web'cp /etc/openstack-dashboard/local_settings{,.bak}Setfiles=/etc/openstack-dashboard/local_settingssed -i 's#_member_#user#g' $Setfilessed -i 's#OPENSTACK_HOST = "127.0.0.1"#OPENSTACK_HOST = "controller"#' $Setfiles##允许所有主机访问#sed -i "/ALLOWED_HOSTS/cALLOWED_HOSTS = ['*', ]" $Setfiles#去掉memcached注释#sed -in '153,158s/#//' $Setfiles sed -in '160,164s/.*/#&/' $Setfilessed -i 's#UTC#Asia/Shanghai#g' $Setfilessed -i 's#%s:5000/v2.0#%s:5000/v3#' $Setfilessed -i '/ULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True' $Setfilessed -i "s@^#OPENSTACK_KEYSTONE_DEFAULT@OPENSTACK_KEYSTONE_DEFAULT@" $Setfilesecho '#setOPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2,}#'>>$Setfilessystemctl restart httpdsleep 5##########################################echo '启动服务'#Apache systemctl enable httpd.service#systemctl restart httpd haproxy#netstat -antp|egrep 'httpd'#glance服务systemctl enable openstack-glance-api openstack-glance-registrysystemctl restart openstack-glance-api openstack-glance-registry#nova服务 systemctl enable openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service \ libvirtd.service openstack-nova-compute.service#启动systemctl start openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service \ libvirtd.service openstack-nova-compute.service#neutron服务systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service neutron-l3-agent.servicesystemctl start neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service neutron-l3-agent.service###########################################cheackecho "查看节点"source ./admin-openstack.sh openstack compute service listopenstack network agent list###########################################endecho '安装完毕!数据库root密码 '$DBPass'登录Web管理 http://'$MyIP'/dashboard域 default用户 admin密码 admin推荐 火狐浏览器'########################################### #在线安装# yum install -y wget && wget -O pike.install.sh \ http://elven.vip/ks/openstack/pike.install.sh && sh pike.install.sh以上是"openstack pike单机一键安装shell的示例分析"这篇文章的所有内容,感谢各位的阅读!希望分享的内容对大家有帮助,更多相关知识,欢迎关注行业资讯频道!
服务
用户
数据
数据库
配置
密码
环境
地址
脚本
镜像
内容
同步
在线
测试
单机
一键
网卡
检测
示例
分析
数据库的安全要保护哪些东西
数据库安全各自的含义是什么
生产安全数据库录入
数据库的安全性及管理
数据库安全策略包含哪些
海淀数据库安全审计系统
建立农村房屋安全信息数据库
易用的数据库客户端支持安全管理
连接数据库失败ssl安全错误
数据库的锁怎样保障安全
宿迁购买网络技术保养
数据库查询过多导致服务无响应
7rp 数据库 tbase
电影 服务器系统
微信视频腾讯服务器会备份吗
网络安全专业专升本院校
时软件开发
双阳区新时代网络安全创新服务
中南大学数据库原理实验
审计网络安全自查整改
行列混存数据库
北京上地有几家软件开发公司
不属于网络安全事件的是断网
美国fair药物安全数据库
医学专用软件开发有关知识
郑州物流软件开发公司排名
索尼电视服务器怎么弄
wamp5默认数据库密码
三级网络技术获证条件
山东直播软件开发公司有哪些
校园网网络技术基础结课
网络安全解决方案建设内容
道路运输安全风险数据库
昌平区信息化软件开发价格信息
服务器cpu2630
数据库用什么语言编程
李现会不会网络安全大赛
北京上地有几家软件开发公司
国内较好的软件开发公司
河北君坤互联网科技有限公司电话
