前言:
此时兄弟们对“openstack安装centos”都比较关怀,你们都想要分析一些“openstack安装centos”的相关知识。那么小编在网络上网罗了一些有关“openstack安装centos””的相关知识,希望我们能喜欢,兄弟们快快来了解一下吧!安装环境:centos 7.4.1708 x86_64
修改节点名称:controller
编辑系统名称:$ vi /etc/hostnamecontroller
使用root用户 登录
cd /root #进入到根目录
vi install-pike.sh
下面是 install_pike.sh 文件里面的代码 全部拷贝进去
#!/bin/sh# openstack pike 一键安装脚本 单机# 环境 centos 7.4.1708 x86_64[[ `uname -r` = *el7* ]] && { echo '开启安装openstack pike'; } || { echo '请在CentOS7.4 环境运行';exit; }[[ $(whoami) == root ]] || { sudo su - root; }[[ $? = 0 ]] || { echo 'Must run in root !';exit; }###########################################参数#获取第一块网卡名、ip地址Net=`ip add|egrep global|awk '{ print $NF }'|head -n 1`IP=`ip add|grep global|awk -F'[ /]+' '{ print $3 }'|head -n 1`echo "网卡名称:$Net"echo "IP地址: $IP"
#参数DBPass=123456 #SQL root密码Node=controller #节点名(controller不要改动)Netname=$Net #网卡名称MyIP=$IP #IP地址VncProxy=$IP #VNC代理外网IP地址Imgdir=/data/glance #自定义glance镜像目录VHD=/data/nova #自定义Nova实例路径Kvm=qemu #QEMU或KVM ,KVM需要硬件支持###########################################1、设置echo '关闭selinux、防火墙'systemctl stop firewalld.servicesystemctl disable firewalld.servicefirewall-cmd --statesed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/configsed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/configgrep --color=auto '^SELINUX' /etc/selinux/configsetenforce 0echo '设置hostname,上面已设置,这里怕忘记设置,在搞一遍'hostnamectl set-hostname $Nodeecho "$MyIP $Node">>/etc/hostsyum install -y wget
#使用阿里源
mkdir -p /etc/yum.repos.d/remark && mv /etc/yum.repos.d/* /etc/yum.repos.d/remark/
wget -O /etc/yum.repos.d/CentOS-Base.repo
wget -O /etc/yum.repos.d/epel.repo
sed -i '/aliyuncs.com/d' /etc/yum.repos.d/*.repo
##设置yum源
echo "阿里云yum源 repo
[Ali-pike]
name=Aliyun-pike
baseurl=
gpgcheck=0
enabled=1
cost=88
[Ali-qemu-ev]
name=Aliyun-qemu-ev
baseurl=
gpgcheck=0
enabled=1
">/etc/yum.repos.d/ali-openstack.repo
yum clean all && yum makecache #清理缓存
echo '时间同步'[[ -f /usr/sbin/ntpdate ]] || { echo "install ntp";yum install ntp ntpdate -y &> /dev/null; } #若没NTP则安装/usr/sbin/ntpdate ntp6.aliyun.com echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com &> /dev/null" > /tmp/crontabcrontab /tmp/crontab###########################################2 安装function installrpm() {yum install -y ntp wget vim net-tools openssh tree &> /dev/nullecho 'OpenStack tools 安装'yum install -y python-openstackclient openstack-selinux \ python2-PyMySQL openstack-utils echo 'MariaDB安装'yum install mariadb mariadb-server mariadb-galera-server -yyum install expect -yecho 'RabbitMQ安装'yum install rabbitmq-server erlang socat -yecho 'Keystone安装'yum install -y openstack-keystone httpd mod_wsgi memcached python-memcachedyum install apr apr-util -yecho '安装Glance'yum install -y openstack-glance python-glanceecho '安装nova'yum install -y openstack-nova-api openstack-nova-conductor \ openstack-nova-console openstack-nova-novncproxy \ openstack-nova-scheduler openstack-nova-placement-api \ openstack-nova-computeecho '安装neutron'yum install -y openstack-neutron openstack-neutron-ml2 \ openstack-neutron-linuxbridge python-neutronclient ebtables ipsetecho '安装dashboard'yum install openstack-dashboard -y}echo '安装openstack'installrpmecho '再次安装,防止下载失败'installrpm &> /dev/null###########################################3、配置# #------------------#####################echo 'SQL数据库配置'echo "#[mysqld]bind-address = 0.0.0.0default-storage-engine = innodbinnodb_file_per_tablemax_connections = 4096collation-server = utf8_general_cicharacter-set-server = utf8#">/etc/my.cnf.d/openstack.cnfecho '启动数据库服务'systemctl enable mariadb.servicesystemctl start mariadb.servicesleep 5netstat -antp|grep mysqld#mysql_secure_installation #初始化设置密码,自动交互[[ -f /usr/bin/expect ]] || { yum install expect -y; } #若没expect则安装/usr/bin/expect << EOFset timeout 30spawn mysql_secure_installationexpect { "enter for none" { send "\r"; exp_continue} "Y/n" { send "Y\r" ; exp_continue} "password:" { send "$DBPass\r"; exp_continue} "new password:" { send "$DBPass\r"; exp_continue} "Y/n" { send "Y\r" ; exp_continue} eof { exit }}EOF#测试mysql -u root -p$DBPass -e "show databases;"[ $? = 0 ] || { echo "mariadb初始化失败";exit; }echo '创建数据库、用户授权'mysql -u root -p$DBPass -e "create database keystone;grant all privileges on keystone.* to 'keystone'@'localhost' identified by 'keystone';grant all privileges on keystone.* to 'keystone'@'%' identified by 'keystone';create database glance;grant all privileges on glance.* to 'glance'@'localhost' identified by 'glance';grant all privileges on glance.* to 'glance'@'%' identified by 'glance';create database nova;grant all privileges on nova.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova.* to 'nova'@'%' identified by 'nova';create database nova_api;grant all privileges on nova_api.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova_api.* to 'nova'@'%' identified by 'nova';create database nova_cell0;grant all privileges on nova_cell0.* to 'nova'@'localhost' identified by 'nova';grant all privileges on nova_cell0.* to 'nova'@'%' identified by 'nova';create database neutron;grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'neutron';grant all privileges on neutron.* to 'neutron'@'%' identified by 'neutron';flush privileges;select user,host from mysql.user;show databases;"## #------------------#####################echo 'RabbitMQ配置'echo 'NODENAME=rabbit@controller'>/etc/rabbitmq/rabbitmq-env.confsystemctl enable rabbitmq-server.servicesystemctl start rabbitmq-server.servicesleep 3rabbitmq-plugins enable rabbitmq_management #启动web插件端口15672sleep 6#添加用户及密码rabbitmqctl add_user admin adminrabbitmqctl set_user_tags admin administratorrabbitmqctl add_user openstack openstack rabbitmqctl set_permissions openstack ".*" ".*" ".*" rabbitmqctl set_user_tags openstack administratorsystemctl restart rabbitmq-server.servicesleep 3netstat -antp|grep '5672'[[ `rabbitmqctl list_users|grep openstack|wc -l` = 1 ]] || { echo 'rabbit创建用户失败'; echo 'rabbit创建用户失败,请手动执行命令创建用户'>>./error.install.log; }# #------------------######################Keystone#memcached启动cp /etc/sysconfig/memcached{,.bak}systemctl enable memcached.servicesystemctl start memcached.servicenetstat -antp|grep 11211echo 'Keystone 配置'cp /etc/keystone/keystone.conf{,.bak} #备份默认配置Keys=$(openssl rand -hex 10) #生成随机密码echo $Keysecho "kestone $Keys">/root/openstack.logecho "[DEFAULT]admin_token = $Keysverbose = true[database]connection = mysql+pymysql://keystone:keystone@controller/keystone[token]provider = fernetdriver = memcache[memcache]servers = controller:11211">/etc/keystone/keystone.conf#初始化身份认证服务的数据库su -s /bin/sh -c "keystone-manage db_sync" keystone#检查表是否创建成功mysql -h controller -ukeystone -pkeystone -e "use keystone;show tables;"#初始化密钥存储库keystone-manage fernet_setup --keystone-user keystone --keystone-group keystonekeystone-manage credential_setup --keystone-user keystone --keystone-group keystone#设置admin用户(管理用户)和密码keystone-manage bootstrap --bootstrap-password admin \ --bootstrap-admin-url \ --bootstrap-internal-url \ --bootstrap-public-url \ --bootstrap-region-id RegionOne#apache配置cp /etc/httpd/conf/httpd.conf{,.bak}echo "ServerName controller">>/etc/httpd/conf/httpd.confln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/#Apache HTTP 启动并设置开机自启动systemctl enable httpd.servicesystemctl restart httpd.servicesleep 3netstat -antp|egrep ':5000|:35357|:80'#创建 OpenStack 客户端环境脚本#admin环境脚本echo "export OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=default export OS_PROJECT_NAME=admin export OS_USERNAME=adminexport OS_PASSWORD=adminexport OS_AUTH_URL= OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2">./admin-openstack.sh#测试脚本是否生效source ./admin-openstack.shopenstack token issue#创建service项目,创建glance,nova,neutron用户,并授权openstack project create --domain default --description "Service Project" serviceopenstack user create --domain default --password=glance glanceopenstack role add --project service --user glance adminopenstack user create --domain default --password=nova novaopenstack role add --project service --user nova adminopenstack user create --domain default --password=neutron neutronopenstack role add --project service --user neutron admin#创建demo项目(普通用户密码及角色)openstack project create --domain default --description "Demo Project" demoopenstack user create --domain default --password=demo demoopenstack role create useropenstack role add --project demo --user demo user#demo环境脚本echo "export OS_PROJECT_DOMAIN_NAME=defaultexport OS_USER_DOMAIN_NAME=defaultexport OS_PROJECT_NAME=demoexport OS_USERNAME=demoexport OS_PASSWORD=demoexport OS_AUTH_URL= OS_IDENTITY_API_VERSION=3export OS_IMAGE_API_VERSION=2">./demo-openstack.sh#测试脚本是否生效source ./demo-openstack.shopenstack token issue# #------------------#####################echo 'Glance镜像服务'# keystone上服务注册 ,创建glance服务实体,API端点(公有、私有、admin)source ./admin-openstack.sh || { echo "加载前面设置的admin-openstack.sh环境变量脚本";exit; }openstack service create --name glance --description "OpenStack Image" imageopenstack endpoint create --region RegionOne image public endpoint create --region RegionOne image internal endpoint create --region RegionOne image admin /etc/glance/glance-api.conf{,.bak}cp /etc/glance/glance-registry.conf{,.bak}# images默认/var/lib/glance/images/#Imgdir=/data/glancemkdir -p $Imgdirchown glance:nobody $Imgdirecho "镜像目录: $Imgdir"echo "#[database]connection = mysql+pymysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = = = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance[paste_deploy]flavor = keystone[glance_store]stores = file,httpdefault_store = filefilesystem_store_datadir = $Imgdir#">/etc/glance/glance-api.conf#echo "#[database]connection = mysql+pymysql://glance:glance@controller/glance[keystone_authtoken]auth_uri = = = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = glancepassword = glance[paste_deploy]flavor = keystone#">/etc/glance/glance-registry.conf#同步数据库,检查数据库su -s /bin/sh -c "glance-manage db_sync" glancemysql -h controller -u glance -pglance -e "use glance;show tables;"#启动服务并设置开机自启动systemctl enable openstack-glance-api openstack-glance-registrysystemctl start openstack-glance-api openstack-glance-registrynetstat -antp|egrep '9292|9191' #检测服务端口# #------------------######################创建Nova数据库、用户、认证,前面已设置source ./admin-openstack.sh# keystone上服务注册 ,创建nova用户、服务、API# nova用户前面已建openstack service create --name nova --description "OpenStack Compute" computeopenstack endpoint create --region RegionOne compute public endpoint create --region RegionOne compute internal endpoint create --region RegionOne compute admin 创建placement用户、服务、APIopenstack user create --domain default --password=placement placementopenstack role add --project service --user placement adminopenstack service create --name placement --description "Placement API" placementopenstack endpoint create --region RegionOne placement public endpoint create --region RegionOne placement internal endpoint create --region RegionOne placement admin -p $VHDchown -R nova:nova $VHDecho 'nova配置'echo '#[DEFAULT]instances_path='$VHD'enabled_apis = osapi_compute,metadatatransport_url = rabbit://openstack:openstack@controllermy_ip = '$MyIP'use_neutron = Truefirewall_driver = nova.virt.firewall.NoopFirewallDriverosapi_compute_listen_port=8774[api_database]connection = mysql+pymysql://nova:nova@controller/nova_api[database]connection = mysql+pymysql://nova:nova@controller/nova[api]auth_strategy = keystone[keystone_authtoken]auth_uri = = = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = novapassword = nova[vnc]enabled = truevncserver_listen = $my_ipvncserver_proxyclient_address = $my_ipnovncproxy_base_url = ;$VncProxy':6080/vnc_auto.html[glance]api_servers = [oslo_concurrency]lock_path = /var/lib/nova/tmp[placement]os_region_name = RegionOneproject_domain_name = Defaultproject_name = serviceauth_type = passworduser_domain_name = Defaultauth_url = = placementpassword = placement[scheduler]discover_hosts_in_cells_interval = 300[libvirt]virt_type = '$Kvm'#'>/etc/nova/nova.confecho "#Placement API<Directory /usr/bin> <IfVersion >= 2.4> Require all granted </IfVersion> <IfVersion < 2.4> Order allow,deny Allow from all </IfVersion></Directory>">>/etc/httpd/conf.d/00-nova-placement-api.confsystemctl restart httpdsleep 5#同步数据库su -s /bin/sh -c "nova-manage api_db sync" novasu -s /bin/sh -c "nova-manage cell_v2 map_cell0" novasu -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" novasu -s /bin/sh -c "nova-manage db sync" nova#检测数据nova-manage cell_v2 list_cellsmysql -h controller -u nova -pnova -e "use nova_api;show tables;"mysql -h controller -u nova -pnova -e "use nova;show tables;" mysql -h controller -u nova -pnova -e "use nova_cell0;show tables;"# #------------------#####################echo 'Neutron服务'source ./admin-openstack.sh # 创建Neutron服务实体,API端点openstack service create --name neutron --description "OpenStack Networking" networkopenstack endpoint create --region RegionOne network public endpoint create --region RegionOne network internal endpoint create --region RegionOne network admin 备份配置cp /etc/neutron/neutron.conf{,.bak2}cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inicp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}cp /etc/neutron/dhcp_agent.ini{,.bak}cp /etc/neutron/metadata_agent.ini{,.bak}cp /etc/neutron/l3_agent.ini{,.bak}#配置echo '#[neutron]url = = = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = neutronservice_metadata_proxy = truemetadata_proxy_shared_secret = metadata#'>>/etc/nova/nova.conf#echo '[DEFAULT]nova_metadata_ip = controllermetadata_proxy_shared_secret = metadata#'>/etc/neutron/metadata_agent.ini#echo '#[ml2]tenant_network_types = type_drivers = vlan,flatmechanism_drivers = linuxbridgeextension_drivers = port_security[ml2_type_flat]flat_networks = provider[securitygroup]enable_ipset = True#'>/etc/neutron/plugins/ml2/ml2_conf.iniecho '#[linux_bridge]physical_interface_mappings = provider:'$Netname'[vxlan]enable_vxlan = false[agent]prevent_arp_spoofing = True[securitygroup]firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriverenable_security_group = True#'>/etc/neutron/plugins/ml2/linuxbridge_agent.ini#echo '#[DEFAULT]interface_driver = linuxbridgedhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = true#'>/etc/neutron/dhcp_agent.ini#echo '[DEFAULT]core_plugin = ml2service_plugins = routerallow_overlapping_ips = truetransport_url = rabbit://openstack:openstack@controllerauth_strategy = keystonenotify_nova_on_port_status_changes = truenotify_nova_on_port_data_changes = true[keystone_authtoken]auth_uri = = = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = neutron[nova]auth_url = = passwordproject_domain_id = defaultuser_domain_id = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = nova[database]connection = mysql://neutron:neutron@controller:3306/neutron[oslo_concurrency]lock_path = /var/lib/neutron/tmp #'>/etc/neutron/neutron.conf#echo '[DEFAULT]interface_driver = linuxbridge#'>/etc/neutron/l3_agent.ini##同步数据库su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron#检测数据mysql -h controller -u neutron -pneutron -e "use neutron;show tables;" # #------------------######################dashboardecho '配置openstack Web'cp /etc/openstack-dashboard/local_settings{,.bak}Setfiles=/etc/openstack-dashboard/local_settingssed -i 's#_member_#user#g' $Setfilessed -i 's#OPENSTACK_HOST = "127.0.0.1"#OPENSTACK_HOST = "controller"#' $Setfiles##允许所有主机访问#sed -i "/ALLOWED_HOSTS/cALLOWED_HOSTS = ['*', ]" $Setfiles#登录界面域#sed -i '/MULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False' $Setfiles#去掉memcached注释#sed -in '153,158s/#//' $Setfiles sed -in '160,164s/.*/#&/' $Setfilessed -i 's#UTC#Asia/Shanghai#g' $Setfilessed -i 's#%s:5000/v2.0#%s:5000/v3#' $Setfilessed -i '/ULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True' $Setfilessed -i "s@^#OPENSTACK_KEYSTONE_DEFAULT@OPENSTACK_KEYSTONE_DEFAULT@" $Setfilesecho '#setOPENSTACK_API_VERSIONS = { "identity": 3, "image": 2, "volume": 2,}#'>>$Setfilessystemctl restart httpdsleep 5##########################################echo '启动服务'#Apache systemctl enable httpd.service#systemctl restart httpd haproxy#netstat -antp|egrep 'httpd'#glance服务systemctl enable openstack-glance-api openstack-glance-registrysystemctl restart openstack-glance-api openstack-glance-registry#nova服务 systemctl enable openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service \ libvirtd.service openstack-nova-compute.service#启动systemctl start openstack-nova-api.service \ openstack-nova-consoleauth.service openstack-nova-scheduler.service \ openstack-nova-conductor.service openstack-nova-novncproxy.service \ libvirtd.service openstack-nova-compute.service#neutron服务systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service neutron-l3-agent.servicesystemctl start neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service neutron-l3-agent.service###########################################cheack#登录界面域#sed -i '/MULTIDOMAIN_SUPPORT/cOPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = False' $Setfilesecho "查看节点"source ./admin-openstack.sh openstack compute service list#openstack network agent list#####################################################################################可选,创建虚机#source ./admin-openstack.shecho ' 创建秘钥'ssh-keygen -t dsa -P '' -f ~/.ssh/id_dsanova keypair-add --pub-key ~/.ssh/id_dsa.pub mykeyecho ' 创建云主机类型'openstack flavor create --id 1 --vcpus 1 --ram 512 --disk 5 m1.nanoecho '安全规则'openstack security group rule create --proto icmp defaultopenstack security group rule create --proto tcp --dst-port 22 'default'echo '创建网络'openstack network create --share --external --provider-physical-network provider --provider-network-type flat public#本机网段IPS=`echo $IP|awk -F\. '{ print $1"."$2"."$3 }'` #创建子网openstack subnet create --network public --allocation-pool start=$IPS.70,end=$IPS.100 \ --dns-nameserver 8.8.8.8 --gateway $IPS.1 --subnet-range $IPS.0/24 public-lanecho '下载测试镜像'echo ''wget '上传镜像到镜像服务'openstack image create "cirros" --file cirros-0.3.5-x86_64-disk.img \ --disk-format qcow2 --container-format bare --publicecho '创建虚拟机 kvm01'NET=`openstack network list|grep 'public'|awk '{print $2}'`nova boot --flavor m1.nano --image cirros \ --nic net-id=$NET --security-group default --key-name mykey \ kvm01echo '查看虚机列表'sleep 18openstack server listecho ''echo '虚机 kvm01 控制台访问地址'openstack console url show kvm01|awk ' /http/ { print $4 }'#####################################################################################endecho '安装完毕!数据库root密码 '$DBPass'shell加载admin权限 source '$(pwd)'/admin-openstack.sh登录Web管理 ;$MyIP'/dashboard用户 admin密码 admin'#域 default
保存退出,执行脚本
bash install-pike.sh
根据个人网络下载情况,一般安装半个小时就可以安装成功。
http://你的IP地址/dashboard用户 admin密码 admin
标签: #openstack安装centos