openstack pike single click installation of shell
- 2020-10-23 20:23:32
- OfStack
#VM Virtual machine 8G memory, installation completed, about half an hour
# Online installation
# Environment centos 7.4.1708 x86_64
# Install openstack pike online
curl http://elven.vip/ks/openstack/pike.install.sh>pike.install.sh && sh pike.install.sh
Last update on 2017-11-21
New Content:
After installation, the secret key, host type, cirros test image, network, virtual machine kvm01 are automatically created
When the installation is complete, the virtual machine kvm01 is automatically created and started
Interested partners, you can test feedback
Installed VMware vm images download address: https: / / www ofstack. com softs / 60337. html
#shell code sharing (the latest code is subject to the online installation, the following shell has no errors and is not updated)
#!/bin/sh
# openstack pike stand-alone 1 Key to install
# The environment centos 7.4.1708 x86_64
# More content http://dwz.cn/openstack
# Myde by Elven
[[ `uname -r` = *el7* ]] && { echo ' Open the installation openstack pike'; } || { echo ' please CentOS7.4 Environment is running ';exit; }
##########################################
# parameter
# For the first 1 Block network card name, ip address
Net=`ip add|egrep global|awk '{ print $NF }'|head -n 1`
IP=`ip add|grep global|awk -F'[ /]+' '{ print $3 }'|head -n 1`
echo " The network card name :$Net"
echo "IP address : $IP"
# parameter
DBPass=elven2017 #SQL root password
Node=controller # The node name (controller Don't change )
Netname=$Net # The network card name
MyIP=$IP #IP address
VncProxy=$IP #VNC Agent network IP address
Imgdir=/date/glance # The custom glance Image directory
VHD=/date/nova # The custom Nova Instance path
Kvm=qemu #QEMU or KVM ,KVM Hardware support required
##########################################
#1 , set
echo ' Shut down selinux , firewalls, '
systemctl stop firewalld.service
systemctl disable firewalld.service
firewall-cmd --state
sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config
sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config
grep --color=auto '^SELINUX' /etc/selinux/config
setenforce 0
echo ' Time synchronization '
/usr/sbin/ntpdate ntp6.aliyun.com
echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontab
crontab /tmp/crontab
echo ' Set up the hostname'
hostnamectl set-hostname $Node
echo "$MyIP $Node">>/etc/hosts
# Using ali-source
rm -f /etc/yum.repos.d/*
wget -O /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget -O /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo # Delete ali Intranet address
echo ' The custom openstack The source '
wget -O /etc/yum.repos.d/Ali-pike.repo http://elven.vip/ks/openstack/Ali-pike.repo
yum clean all && yum makecache # To generate cache
##########################################
#2 The installation
function installrpm()
{
echo 'OpenStack tools The installation '
yum install -y python-openstackclient openstack-selinux \
python2-PyMySQL openstack-utils
echo 'MariaDB The installation '
yum install mariadb mariadb-server mariadb-galera-server -y
yum install expect -y
echo 'RabbitMQ The installation '
yum install rabbitmq-server erlang socat -y
echo 'Keystone The installation '
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
yum install apr apr-util -y
echo ' The installation Glance'
yum install -y openstack-glance python-glance
echo ' The installation nova'
yum install -y openstack-nova-api openstack-nova-conductor \
openstack-nova-console openstack-nova-novncproxy \
openstack-nova-scheduler openstack-nova-placement-api \
openstack-nova-compute
echo ' The installation neutron'
yum install -y openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge python-neutronclient ebtables ipset
echo ' The installation dashboard'
yum install openstack-dashboard -y
}
echo ' The installation openstack'
installrpm
echo ' Install again to prevent download failure '
installrpm
##########################################
#3 , configuration,
# #------------------#####################
echo 'SQL Database configuration '
cp /etc/my.cnf.d/openstack.cnf{,.bak}
echo "#
[mysqld]
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
#">/etc/my.cnf.d/openstack.cnf
echo ' Start the database service '
systemctl enable mariadb.service
systemctl start mariadb.service
sleep 5
netstat -antp|grep mysqld
#mysql_secure_installation # Initializes the set password , Automatic interaction
[[ -f /usr/bin/expect ]] || { yum install expect -y; } # If no expect The installation
/usr/bin/expect << EOF
set timeout 30
spawn mysql_secure_installation
expect {
"enter for none" { send "\r"; exp_continue}
"Y/n" { send "Y\r" ; exp_continue}
"password:" { send "$DBPass\r"; exp_continue}
"new password:" { send "$DBPass\r"; exp_continue}
"Y/n" { send "Y\r" ; exp_continue}
eof { exit }
}
EOF
# test
mysql -u root -p$DBPass -e "show databases;"
[ $? = 0 ] || { echo "mariadb Initialization failure ";exit; }
echo ' Create database, user authorization '
mysql -u root -p$DBPass -e "
create database keystone;
grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone';
grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';
create database glance;
grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';
grant all privileges on glance.* to 'glance'@'%' identified by 'glance';
create database nova;
grant all privileges on nova.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova.* to 'nova'@'%' identified by 'nova';
create database nova_api;
grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_api.* to 'nova'@'%' identified by 'nova';
create database nova_cell0;
grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'nova';
create database neutron;
grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'neutron';
grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';
flush privileges;
select user,host from mysql.user;
show databases;
"
#
# #------------------#####################
echo 'RabbitMQ configuration '
echo 'NODENAME=rabbit@controller'>/etc/rabbitmq/rabbitmq-env.conf
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
sleep 3
rabbitmq-plugins enable rabbitmq_management # Start the web Plug-in port 15672
sleep 6
##########
#rabbit Create the user and password
rabbitmqctl add_user admin admin
rabbitmqctl set_user_tags admin administrator
rabbitmqctl add_user openstack openstack
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
rabbitmqctl set_user_tags openstack administrator
systemctl restart rabbitmq-server.service
sleep 3
netstat -antp|grep '5672'
[[ `rabbitmqctl list_users|grep openstack|wc -l` = 1 ]] || {
echo 'rabbit User creation failed ';
echo 'rabbit User creation failed , Please manually execute the command to create the user '>>./error.install.log; }
# #------------------#####################
#Keystone
#memcached Start the
cp /etc/sysconfig/memcached{,.bak}
systemctl enable memcached.service
systemctl start memcached.service
netstat -antp|grep 11211
echo 'Keystone configuration '
cp /etc/keystone/keystone.conf{,.bak} # Backup default configuration
Keys=$(openssl rand -hex 10) # Generate random password
echo $Keys
echo "kestone $Keys">/root/openstack.log
echo "
[DEFAULT]
admin_token = $Keys
verbose = true
[database]
connection = mysql+pymysql://keystone:keystone@controller/keystone
[token]
provider = fernet
driver = memcache
[memcache]
servers = controller:11211
">/etc/keystone/keystone.conf
# Initializes the database for the authentication service
su -s /bin/sh -c "keystone-manage db_sync" keystone
# Check that the table was created successfully
mysql -h controller -ukeystone -pkeystone -e "use keystone;show tables;"
# Initializes the keystore
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
# Set up the admin User (administrative user) and password
keystone-manage bootstrap --bootstrap-password admin \
--bootstrap-admin-url http://controller:35357/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
#apache configuration
cp /etc/httpd/conf/httpd.conf{,.bak}
echo "ServerName controller">>/etc/httpd/conf/httpd.conf
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
#Apache HTTP Boot and set up boot from boot
systemctl enable httpd.service
systemctl restart httpd.service
sleep 3
netstat -antp|egrep ':5000|:35357|:80'
# create OpenStack Client-side environment scripts
#admin Environment script
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=admin
export OS_AUTH_URL=http://controller:35357/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
">./admin-openstack.sh
# Test if the script works
source ./admin-openstack.sh
openstack token issue
# create service project , create glance,nova,neutron User, and authorize
openstack project create --domain default --description "Service Project" service
openstack user create --domain default --password=glance glance
openstack role add --project service --user glance admin
openstack user create --domain default --password=nova nova
openstack role add --project service --user nova admin
openstack user create --domain default --password=neutron neutron
openstack role add --project service --user neutron admin
# create demo project ( Common user passwords and roles )
openstack project create --domain default --description "Demo Project" demo
openstack user create --domain default --password=demo demo
openstack role create user
openstack role add --project demo --user demo user
#demo Environment script
echo "
export OS_PROJECT_DOMAIN_NAME=default
export OS_USER_DOMAIN_NAME=default
export OS_PROJECT_NAME=demo
export OS_USERNAME=demo
export OS_PASSWORD=demo
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
">./demo-openstack.sh
# Test if the script works
source ./demo-openstack.sh
openstack token issue
# #------------------#####################
echo 'Glance Mirror service '
# keystone Service registration , create glance Service entity ,API Endpoints (public, private, admin )
source ./admin-openstack.sh || { echo " Load the previously set admin-openstack.sh Environment variable script ";exit; }
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
cp /etc/glance/glance-api.conf{,.bak}
cp /etc/glance/glance-registry.conf{,.bak}
# images The default /var/lib/glance/images/
#Imgdir=/date/glance
mkdir -p $Imgdir
chown glance:nobody $Imgdir
echo " Mirror directory: $Imgdir"
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = $Imgdir
#">/etc/glance/glance-api.conf
#
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
#">/etc/glance/glance-registry.conf
# Synchronous database , Check the database
su -s /bin/sh -c "glance-manage db_sync" glance
mysql -h controller -u glance -pglance -e "use glance;show tables;"
# Start the service and set boot up
systemctl enable openstack-glance-api openstack-glance-registry
systemctl start openstack-glance-api openstack-glance-registry
netstat -antp|egrep '9292|9191' # Detection service port
# #------------------#####################
# create Nova Database, user, authentication, as previously set
source ./admin-openstack.sh
# keystone Service registration , create nova Users, services, API
# nova The user has been built before
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1
# create placement Users, services, API
openstack user create --domain default --password=placement placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "Placement API" placement
openstack endpoint create --region RegionOne placement public http://controller:8778
openstack endpoint create --region RegionOne placement internal http://controller:8778
openstack endpoint create --region RegionOne placement admin http://controller:8778
mkdir -p $VHD
chown -R nova:nova $VHD
echo 'nova configuration '
echo '#
[DEFAULT]
instances_path='$VHD'
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = '$MyIP'
use_neutron = True
firewall_driver = nova.virt.firewall.NoopFirewallDriver
osapi_compute_listen_port=8774
[api_database]
connection = mysql+pymysql://nova:nova@controller/nova_api
[database]
connection = mysql+pymysql://nova:nova@controller/nova
[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova
[vnc]
enabled = true
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://'$VncProxy':6080/vnc_auto.html
[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[placement]
os_region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:35357/v3
username = placement
password = placement
[scheduler]
discover_hosts_in_cells_interval = 300
[libvirt]
virt_type = '$Kvm'
#'>/etc/nova/nova.conf
echo "
#Placement API
<Directory /usr/bin>
<IfVersion >= 2.4>
Require all granted
</IfVersion>
<IfVersion < 2.4>
Order allow,deny
Allow from all
</IfVersion>
</Directory>
">>/etc/httpd/conf.d/00-nova-placement-api.conf
systemctl restart httpd
sleep 5
# Synchronous database
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova
# Testing data
nova-manage cell_v2 list_cells
mysql -h controller -u nova -pnova -e "use nova_api;show tables;"
mysql -h controller -u nova -pnova -e "use nova;show tables;"
mysql -h controller -u nova -pnova -e "use nova_cell0;show tables;"
# #------------------#####################
echo 'Neutron service '
source ./admin-openstack.sh
# create Neutron Service entity ,API The endpoint
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
#Neutron The backup configuration
cp /etc/neutron/neutron.conf{,.bak2}
cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
cp /etc/neutron/dhcp_agent.ini{,.bak}
cp /etc/neutron/metadata_agent.ini{,.bak}
cp /etc/neutron/l3_agent.ini{,.bak}
# configuration
echo '
#
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = metadata
#'>>/etc/nova/nova.conf
#
echo '
[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = metadata
#'>/etc/neutron/metadata_agent.ini
#
echo '#
[ml2]
tenant_network_types =
type_drivers = vlan,flat
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = True
#'>/etc/neutron/plugins/ml2/ml2_conf.ini
echo '#
[linux_bridge]
physical_interface_mappings = provider:'$Netname'
[vxlan]
enable_vxlan = false
[agent]
prevent_arp_spoofing = True
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = True
#'>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
#
echo '#
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
#'>/etc/neutron/dhcp_agent.ini
#
echo '
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = nova
[database]
connection = mysql://neutron:neutron@controller:3306/neutron
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
#'>/etc/neutron/neutron.conf
#
echo '
[DEFAULT]
interface_driver = linuxbridge
#'>/etc/neutron/l3_agent.ini
#
# Synchronous database
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
# Testing data
mysql -h controller -u neutron -pneutron -e "use neutron;show tables;"
# #------------------#####################
#dashboard
echo ' configuration openstack Web'
cp /etc/openstack-dashboard/local_settings{,.bak}
Setfiles=/etc/openstack-dashboard/local_settings
sed -i 's#_member_#user#g' $Setfiles
sed -i 's#OPENSTACK_HOST = "127.0.0.1"#OPENSTACK_HOST = "controller"#' $Setfiles
## Allow access to all hosts #
sed -i "/ALLOWED_HOSTS/cALLOWED_HOSTS = ['*', ]" $Setfiles
# To get rid of memcached annotation #
sed -in '153,158s/#//' $Setfiles
sed -in '160,164s/.*/#&/' $Setfiles
sed -i 's#UTC#Asia/Shanghai#g' $Setfiles
sed -i 's#%s:5000/v2.0#%s:5000/v3#' $Setfiles
sed -i '/ULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True' $Setfiles
sed -i "s@^#OPENSTACK_KEYSTONE_DEFAULT@OPENSTACK_KEYSTONE_DEFAULT@" $Setfiles
echo '
#set
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
#'>>$Setfiles
systemctl restart httpd
sleep 5
##########################################
echo ' Start the service '
#Apache
systemctl enable httpd.service
#systemctl restart httpd haproxy
#netstat -antp|egrep 'httpd'
#glance service
systemctl enable openstack-glance-api openstack-glance-registry
systemctl restart openstack-glance-api openstack-glance-registry
#nova service
systemctl enable openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service \
libvirtd.service openstack-nova-compute.service
# Start the
systemctl start openstack-nova-api.service \
openstack-nova-consoleauth.service openstack-nova-scheduler.service \
openstack-nova-conductor.service openstack-nova-novncproxy.service \
libvirtd.service openstack-nova-compute.service
#neutron service
systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service
##########################################
#cheack
echo " Look at the node "
source ./admin-openstack.sh
openstack compute service list
openstack network agent list
##########################################
#end
echo '
Installation complete!
The database root password '$DBPass'
The login Web management http://'$MyIP'/dashboard
The domain default
The user admin
password admin
recommended Firefox
'
##########################################
# # Online installation
# yum install -y wget && wget -O pike.install.sh \
http://elven.vip/ks/openstack/pike.install.sh && sh pike.install.sh