欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  网络运营

openstack pike单机一键安装shell的方法

程序员文章站 2022-03-18 12:59:06
#vm虚拟机8g内存,安装完毕,半个小时左右 #在线安装 #环境 centos 7.4.1708 x86_64 #在线安装openstack pike cu...

#vm虚拟机8g内存,安装完毕,半个小时左右

#在线安装

#环境 centos 7.4.1708 x86_64
#在线安装openstack pike

curl http://elven.vip/ks/openstack/pike.install.sh>pike.install.sh && sh pike.install.sh

更新日期 2017-11-21
新增内容:
安装完成后,自动创建秘钥、主机类型、cirros测试镜像、网络、虚拟机kvm01
也就是安装完成后,就自动创建启动了虚拟机kvm01

# 有兴趣的小伙伴,可以测试反馈

已安装的vmware虚拟机镜像下载地址:

#shell代码分享( 最新代码以在线安装为准,以下shell无错误,不在更新)

#!/bin/sh
# openstack pike 单机 一键安装
# 环境 centos 7.4.1708 x86_64
# 更多内容 http://dwz.cn/openstack
# myde by elven

[[ `uname -r` = *el7* ]] && { echo '开启安装openstack pike'; } || { echo '请在centos7.4 环境运行';exit; }

##########################################
#参数

#获取第一块网卡名、ip地址
net=`ip add|egrep global|awk '{ print $nf }'|head -n 1`
ip=`ip add|grep global|awk -f'[ /]+' '{ print $3 }'|head -n 1`
echo "网卡名称:$net"
echo "ip地址: $ip"

#参数
dbpass=elven2017  #sql root密码
node=controller   #节点名(controller不要改动)
netname=$net    #网卡名称
myip=$ip      #ip地址
vncproxy=$ip    #vnc代理外网ip地址
imgdir=/date/glance #自定义glance镜像目录
vhd=/date/nova   #自定义nova实例路径
kvm=qemu      #qemu或kvm ,kvm需要硬件支持

##########################################
#1、设置

echo '关闭selinux、防火墙'
systemctl stop firewalld.service
systemctl disable firewalld.service
firewall-cmd --state
sed -i '/^selinux=.*/c selinux=disabled' /etc/selinux/config
sed -i 's/^selinuxtype=.*/selinuxtype=disabled/g' /etc/selinux/config
grep --color=auto '^selinux' /etc/selinux/config
setenforce 0

echo '时间同步'
/usr/sbin/ntpdate ntp6.aliyun.com 
echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontab
crontab /tmp/crontab

echo '设置hostname'
hostnamectl set-hostname $node
echo "$myip  $node">>/etc/hosts

#使用阿里源
rm -f /etc/yum.repos.d/*
wget -o /etc/yum.repos.d/centos-base.repo http://mirrors.aliyun.com/repo/centos-7.repo

wget -o /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo

sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo #删除阿里内网地址
echo '自定义openstack源'
wget -o /etc/yum.repos.d/ali-pike.repo http://elven.vip/ks/openstack/ali-pike.repo
yum clean all && yum makecache #生成缓存

##########################################
#2 安装

function installrpm() 
{
echo 'openstack tools 安装'
yum install -y python-openstackclient openstack-selinux \
 python2-pymysql openstack-utils 
echo 'mariadb安装'
yum install mariadb mariadb-server mariadb-galera-server -y
yum install expect -y
echo 'rabbitmq安装'
yum install rabbitmq-server erlang socat -y
echo 'keystone安装'
yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached
yum install apr apr-util -y
echo '安装glance'
yum install -y openstack-glance python-glance
echo '安装nova'
yum install -y openstack-nova-api openstack-nova-conductor \
 openstack-nova-console openstack-nova-novncproxy \
 openstack-nova-scheduler openstack-nova-placement-api \
 openstack-nova-compute
echo '安装neutron'
yum install -y openstack-neutron openstack-neutron-ml2 \
 openstack-neutron-linuxbridge python-neutronclient ebtables ipset
echo '安装dashboard'
yum install openstack-dashboard -y
}

echo '安装openstack'
installrpm
echo '再次安装,防止下载失败'
installrpm

##########################################
#3、配置

# #------------------#####################
echo 'sql数据库配置'
cp /etc/my.cnf.d/openstack.cnf{,.bak}
echo "#
[mysqld]
bind-address = 0.0.0.0
default-storage-engine = innodb
innodb_file_per_table
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
#">/etc/my.cnf.d/openstack.cnf
echo '启动数据库服务'
systemctl enable mariadb.service
systemctl start mariadb.service
sleep 5
netstat -antp|grep mysqld
#mysql_secure_installation #初始化设置密码,自动交互
[[ -f /usr/bin/expect ]] || { yum install expect -y; } #若没expect则安装
/usr/bin/expect << eof
set timeout 30
spawn mysql_secure_installation
expect {
  "enter for none" { send "\r"; exp_continue}
  "y/n" { send "y\r" ; exp_continue}
  "password:" { send "$dbpass\r"; exp_continue}
  "new password:" { send "$dbpass\r"; exp_continue}
  "y/n" { send "y\r" ; exp_continue}
  eof { exit }
}
eof
#测试
mysql -u root -p$dbpass -e "show databases;"
[ $? = 0 ] || { echo "mariadb初始化失败";exit; }

echo '创建数据库、用户授权'
mysql -u root -p$dbpass -e "
create database keystone;
grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone';
grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';
create database glance;
grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';
grant all privileges on glance.* to 'glance'@'%' identified by 'glance';

create database nova;
grant all privileges on nova.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova.* to 'nova'@'%' identified by 'nova';
create database nova_api;
grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_api.* to 'nova'@'%' identified by 'nova';
create database nova_cell0;
grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'nova';
grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'nova';

create database neutron;
grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'neutron';
grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';

flush privileges;
select user,host from mysql.user;
show databases;
"
#
# #------------------#####################
echo 'rabbitmq配置'
echo 'nodename=rabbit@controller'>/etc/rabbitmq/rabbitmq-env.conf
systemctl enable rabbitmq-server.service
systemctl start rabbitmq-server.service
sleep 3
rabbitmq-plugins enable rabbitmq_management #启动web插件端口15672

sleep 6
##########
#rabbit创建用户及密码
rabbitmqctl add_user admin admin
rabbitmqctl set_user_tags admin administrator
rabbitmqctl add_user openstack openstack 
rabbitmqctl set_permissions openstack ".*" ".*" ".*" 
rabbitmqctl set_user_tags openstack administrator
systemctl restart rabbitmq-server.service
sleep 3
netstat -antp|grep '5672'

[[ `rabbitmqctl list_users|grep openstack|wc -l` = 1 ]] || {
 echo 'rabbit创建用户失败'; 
echo 'rabbit创建用户失败,请手动执行命令创建用户'>>./error.install.log; }


# #------------------#####################
#keystone
#memcached启动
cp /etc/sysconfig/memcached{,.bak}
systemctl enable memcached.service
systemctl start memcached.service
netstat -antp|grep 11211

echo 'keystone 配置'
cp /etc/keystone/keystone.conf{,.bak} #备份默认配置
keys=$(openssl rand -hex 10) #生成随机密码
echo $keys
echo "kestone $keys">/root/openstack.log
echo "
[default]
admin_token = $keys
verbose = true
[database]
connection = mysql+pymysql://keystone:keystone@controller/keystone
[token]
provider = fernet
driver = memcache
[memcache]
servers = controller:11211
">/etc/keystone/keystone.conf

#初始化身份认证服务的数据库
su -s /bin/sh -c "keystone-manage db_sync" keystone
#检查表是否创建成功
mysql -h controller -ukeystone -pkeystone -e "use keystone;show tables;"
#初始化密钥存储库
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
#设置admin用户(管理用户)和密码
keystone-manage bootstrap --bootstrap-password admin \
 --bootstrap-admin-url http://controller:35357/v3/ \
 --bootstrap-internal-url http://controller:5000/v3/ \
 --bootstrap-public-url http://controller:5000/v3/ \
 --bootstrap-region-id regionone

#apache配置
cp /etc/httpd/conf/httpd.conf{,.bak}
echo "servername controller">>/etc/httpd/conf/httpd.conf
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/

#apache http 启动并设置开机自启动
systemctl enable httpd.service
systemctl restart httpd.service
sleep 3
netstat -antp|egrep ':5000|:35357|:80'

#创建 openstack 客户端环境脚本
#admin环境脚本
echo "
export os_project_domain_name=default
export os_user_domain_name=default 
export os_project_name=admin 
export os_username=admin
export os_password=admin
export os_auth_url=http://controller:35357/v3
export os_identity_api_version=3
export os_image_api_version=2
">./admin-openstack.sh
#测试脚本是否生效
source ./admin-openstack.sh
openstack token issue

#创建service项目,创建glance,nova,neutron用户,并授权
openstack project create --domain default --description "service project" service
openstack user create --domain default --password=glance glance
openstack role add --project service --user glance admin
openstack user create --domain default --password=nova nova
openstack role add --project service --user nova admin
openstack user create --domain default --password=neutron neutron
openstack role add --project service --user neutron admin

#创建demo项目(普通用户密码及角色)
openstack project create --domain default --description "demo project" demo
openstack user create --domain default --password=demo demo
openstack role create user
openstack role add --project demo --user demo user
#demo环境脚本
echo "
export os_project_domain_name=default
export os_user_domain_name=default
export os_project_name=demo
export os_username=demo
export os_password=demo
export os_auth_url=http://controller:5000/v3
export os_identity_api_version=3
export os_image_api_version=2
">./demo-openstack.sh
#测试脚本是否生效
source ./demo-openstack.sh
openstack token issue

# #------------------#####################
echo 'glance镜像服务'
# keystone上服务注册 ,创建glance服务实体,api端点(公有、私有、admin)
source ./admin-openstack.sh || { echo "加载前面设置的admin-openstack.sh环境变量脚本";exit; }
openstack service create --name glance --description "openstack image" image
openstack endpoint create --region regionone image public http://controller:9292
openstack endpoint create --region regionone image internal http://controller:9292
openstack endpoint create --region regionone image admin http://controller:9292

cp /etc/glance/glance-api.conf{,.bak}
cp /etc/glance/glance-registry.conf{,.bak}
# images默认/var/lib/glance/images/
#imgdir=/date/glance
mkdir -p $imgdir
chown glance:nobody $imgdir
echo "镜像目录: $imgdir"
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = $imgdir
#">/etc/glance/glance-api.conf
#
echo "#
[database]
connection = mysql+pymysql://glance:glance@controller/glance
[keystone_authtoken]
auth_uri = http://controller:5000/v3
auth_url = http://controller:35357/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = glance
password = glance
[paste_deploy]
flavor = keystone
#">/etc/glance/glance-registry.conf

#同步数据库,检查数据库
su -s /bin/sh -c "glance-manage db_sync" glance
mysql -h controller -u glance -pglance -e "use glance;show tables;"

#启动服务并设置开机自启动
systemctl enable openstack-glance-api openstack-glance-registry
systemctl start openstack-glance-api openstack-glance-registry
netstat -antp|egrep '9292|9191' #检测服务端口

# #------------------#####################
#创建nova数据库、用户、认证,前面已设置
source ./admin-openstack.sh

# keystone上服务注册 ,创建nova用户、服务、api
# nova用户前面已建
openstack service create --name nova --description "openstack compute" compute
openstack endpoint create --region regionone compute public http://controller:8774/v2.1
openstack endpoint create --region regionone compute internal http://controller:8774/v2.1
openstack endpoint create --region regionone compute admin http://controller:8774/v2.1
#创建placement用户、服务、api
openstack user create --domain default --password=placement placement
openstack role add --project service --user placement admin
openstack service create --name placement --description "placement api" placement
openstack endpoint create --region regionone placement public http://controller:8778
openstack endpoint create --region regionone placement internal http://controller:8778
openstack endpoint create --region regionone placement admin http://controller:8778

mkdir -p $vhd
chown -r nova:nova $vhd
echo 'nova配置'
echo '#
[default]
instances_path='$vhd'
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:openstack@controller
my_ip = '$myip'
use_neutron = true
firewall_driver = nova.virt.firewall.noopfirewalldriver
osapi_compute_listen_port=8774

[api_database]
connection = mysql+pymysql://nova:nova@controller/nova_api
[database]
connection = mysql+pymysql://nova:nova@controller/nova

[api]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova

[vnc]
enabled = true
vncserver_listen = $my_ip
vncserver_proxyclient_address = $my_ip
novncproxy_base_url = http://'$vncproxy':6080/vnc_auto.html

[glance]
api_servers = http://controller:9292
[oslo_concurrency]
lock_path = /var/lib/nova/tmp

[placement]
os_region_name = regionone
project_domain_name = default
project_name = service
auth_type = password
user_domain_name = default
auth_url = http://controller:35357/v3
username = placement
password = placement

[scheduler]
discover_hosts_in_cells_interval = 300

[libvirt]
virt_type = '$kvm'
#'>/etc/nova/nova.conf

echo "

#placement api
<directory /usr/bin>
  <ifversion >= 2.4>
   require all granted
  </ifversion>
  <ifversion < 2.4>
   order allow,deny
   allow from all
  </ifversion>
</directory>
">>/etc/httpd/conf.d/00-nova-placement-api.conf
systemctl restart httpd
sleep 5

#同步数据库
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
su -s /bin/sh -c "nova-manage db sync" nova

#检测数据
nova-manage cell_v2 list_cells
mysql -h controller -u nova -pnova -e "use nova_api;show tables;"
mysql -h controller -u nova -pnova -e "use nova;show tables;" 
mysql -h controller -u nova -pnova -e "use nova_cell0;show tables;"
# #------------------#####################

echo 'neutron服务'
source ./admin-openstack.sh 
# 创建neutron服务实体,api端点
openstack service create --name neutron --description "openstack networking" network
openstack endpoint create --region regionone network public http://controller:9696
openstack endpoint create --region regionone network internal http://controller:9696
openstack endpoint create --region regionone network admin http://controller:9696

#neutron 备份配置
cp /etc/neutron/neutron.conf{,.bak2}
cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
cp /etc/neutron/dhcp_agent.ini{,.bak}
cp /etc/neutron/metadata_agent.ini{,.bak}
cp /etc/neutron/l3_agent.ini{,.bak}

#配置
echo '
#
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = regionone
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = metadata
#'>>/etc/nova/nova.conf
#
echo '
[default]
nova_metadata_ip = controller
metadata_proxy_shared_secret = metadata
#'>/etc/neutron/metadata_agent.ini
#
echo '#
[ml2]
tenant_network_types = 
type_drivers = vlan,flat
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = true
#'>/etc/neutron/plugins/ml2/ml2_conf.ini
echo '#
[linux_bridge]
physical_interface_mappings = provider:'$netname'
[vxlan]
enable_vxlan = false

[agent]
prevent_arp_spoofing = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.iptablesfirewalldriver
enable_security_group = true
#'>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
#
echo '#
[default]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.dnsmasq
enable_isolated_metadata = true
#'>/etc/neutron/dhcp_agent.ini
#
echo '
[default]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:openstack@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron

[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_id = default
user_domain_id = default
region_name = regionone
project_name = service
username = nova
password = nova

[database]
connection = mysql://neutron:neutron@controller:3306/neutron

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp 
#'>/etc/neutron/neutron.conf
#
echo '
[default]
interface_driver = linuxbridge
#'>/etc/neutron/l3_agent.ini
#
#同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
 --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
#检测数据
mysql -h controller -u neutron -pneutron -e "use neutron;show tables;" 

# #------------------#####################
#dashboard

echo '配置openstack web'
cp /etc/openstack-dashboard/local_settings{,.bak}
setfiles=/etc/openstack-dashboard/local_settings
sed -i 's#_member_#user#g' $setfiles
sed -i 's#openstack_host = "127.0.0.1"#openstack_host = "controller"#' $setfiles
##允许所有主机访问#
sed -i "/allowed_hosts/callowed_hosts = ['*', ]" $setfiles
#去掉memcached注释#
sed -in '153,158s/#//' $setfiles 
sed -in '160,164s/.*/#&/' $setfiles
sed -i 's#utc#asia/shanghai#g' $setfiles
sed -i 's#%s:5000/v2.0#%s:5000/v3#' $setfiles
sed -i '/ultidomain_support/copenstack_keystone_multidomain_support = true' $setfiles
sed -i "s@^#openstack_keystone_default@openstack_keystone_default@" $setfiles
echo '
#set
openstack_api_versions = {
  "identity": 3,
  "image": 2,
  "volume": 2,
}
#'>>$setfiles
systemctl restart httpd
sleep 5

##########################################

echo '启动服务'
#apache 
systemctl enable httpd.service
#systemctl restart httpd haproxy
#netstat -antp|egrep 'httpd'

#glance服务
systemctl enable openstack-glance-api openstack-glance-registry
systemctl restart openstack-glance-api openstack-glance-registry

#nova服务
 systemctl enable openstack-nova-api.service \
 openstack-nova-consoleauth.service openstack-nova-scheduler.service \
 openstack-nova-conductor.service openstack-nova-novncproxy.service \
 libvirtd.service openstack-nova-compute.service
#启动
systemctl start openstack-nova-api.service \
 openstack-nova-consoleauth.service openstack-nova-scheduler.service \
 openstack-nova-conductor.service openstack-nova-novncproxy.service \
 libvirtd.service openstack-nova-compute.service

#neutron服务
systemctl enable neutron-server.service \
 neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
 neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service \
 neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
 neutron-metadata-agent.service neutron-l3-agent.service

##########################################
#cheack

echo "查看节点"
source ./admin-openstack.sh 
openstack compute service list
openstack network agent list

##########################################
#end

echo '
安装完毕!
数据库root密码 '$dbpass'

登录web管理 http://'$myip'/dashboard
域  default
用户 admin
密码 admin
推荐 火狐浏览器
'
##########################################
# #在线安装
# yum install -y wget && wget -o pike.install.sh \
  http://elven.vip/ks/openstack/pike.install.sh && sh pike.install.sh

以上就是本文的全部内容,希望对大家的学习有所帮助,也希望大家多多支持。