#!/bin/bash #Centos8最小化部署安装OpenStack Ussuri #共两台主机,分别是一台控制节点,一台计算节点 #1、控制节点内存4096M。双网卡,分别为eth0:10.0.0.11,eth1:10.0.0.12 #2、计算节点内存2048M。双网卡,分别为eth0:10.0.0.31,eth1:10.0.0.32 #设置阿里云yum源 curl -o /etc/yum.repos.d/CentOS-Base.repo https://mirrors.aliyun.com/repo/Centos-8.repo rm -f /etc/yum.repos.d/CentOS-AppStream.repo /etc/yum.repos.d/CentOS-PowerTools.repo /etc/yum.repos.d/CentOS-centosplus.repo /etc/yum.repos.d/CentOS-Extras.repo && rm -rf /var/cache/yum && yum makecache && yum -y update && yum -y autoremove #关闭防火墙 systemctl stop firewalld && systemctl disable firewalld #关闭SELinux setenforce 0 sed -i "s/SELINUX=enforcing/SELINUX=disabled/g" /etc/selinux/config #关闭swap分区 swapoff -a sed -i '/ swap / s/^(.*)$/#1/g' /etc/fstab #设置内核 modprobe bridge modprobe br_netfilter cat > /etc/sysconfig/modules/neutron.modules <<EOF #!/bin/bash modprobe -- bridge modprobe -- br_netfilter EOF chmod 755 /etc/sysconfig/modules/neutron.modules && bash /etc/sysconfig/modules/neutron.modules echo "vm.max_map_count=262144" >> /etc/sysctl.conf echo "net.ipv4.ip_forward=1" >> /etc/sysctl.conf echo "net.bridge.bridge-nf-call-iptables=1" >> /etc/sysctl.conf echo "net.bridge.bridge-nf-call-ip6tables=1" >> /etc/sysctl.conf sysctl -p #设置时间同步 yum install -y chrony && yum -y autoremove sed -i '/^pool/d' /etc/chrony.conf sed -i '/^server/d' /etc/chrony.conf echo "pool ntp.aliyun.com iburst" >> /etc/chrony.conf systemctl start chronyd.service && systemctl enable chronyd.service #控制节点 设置hostname hostnamectl set-hostname controller #计算节点 设置hostname hostnamectl set-hostname compute1 #添加host echo "10.0.0.11 controller" >> /etc/hosts echo "10.0.0.31 compute1" >> /etc/hosts #安装基础组件 yum install -y centos-release-openstack-ussuri yum config-manager --set-enabled PowerTools yum upgrade -y yum install -y python3-openstackclient #控制节点 安装Mariadb yum install -y mariadb mariadb-server python2-PyMySQL tee /etc/my.cnf.d/openstack.cnf <<-'EOF' [mysqld] bind-address = 10.0.0.11 default-storage-engine = innodb innodb_file_per_table = on max_connections = 4096 collation-server = utf8_general_ci character-set-server = utf8 EOF systemctl enable mariadb.service && systemctl start mariadb.service echo -e " Y 123456 123456 Y n Y Y " | mysql_secure_installation #控制节点 安装RabbitMQ yum install -y rabbitmq-server systemctl enable rabbitmq-server.service && systemctl start rabbitmq-server.service rabbitmqctl add_user openstack 123456 rabbitmqctl set_permissions openstack ".*" ".*" ".*" #控制节点 安装Memcached yum install -y memcached python3-memcached sed -i "s/-l 127.0.0.1,::1/-l 127.0.0.1,::1,controller/g" /etc/sysconfig/memcached systemctl enable memcached.service && systemctl start memcached.service #控制节点 安装Etcd yum install -y etcd rm -f /etc/etcd/etcd.conf tee /etc/etcd/etcd.conf <<-'EOF' #[Member] ETCD_DATA_DIR="/var/lib/etcd/default.etcd" ETCD_LISTEN_PEER_URLS="http://10.0.0.11:2380" ETCD_LISTEN_CLIENT_URLS="http://10.0.0.11:2379" ETCD_NAME="controller" #[Clustering] ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.0.0.11:2380" ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379" ETCD_INITIAL_CLUSTER="controller=http://10.0.0.11:2380" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" ETCD_INITIAL_CLUSTER_STATE="new" EOF systemctl enable etcd && systemctl start etcd #控制节点 安装Identity service mysql -uroot -p123456 -e "CREATE DATABASE keystone" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '123456'" yum install -y openstack-keystone httpd python3-mod_wsgi sed -i "556c connection = mysql+pymysql://keystone:123456@controller/keystone" /etc/keystone/keystone.conf sed -i "2418c provider = fernet" /etc/keystone/keystone.conf su -s /bin/sh -c "keystone-manage db_sync" keystone keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone keystone-manage credential_setup --keystone-user keystone --keystone-group keystone keystone-manage bootstrap --bootstrap-password 123456 --bootstrap-admin-url http://controller:5000/v3/ --bootstrap-internal-url http://controller:5000/v3/ --bootstrap-public-url http://controller:5000/v3/ --bootstrap-region-id RegionOne echo "ServerName controller" >> /etc/httpd/conf/httpd.conf ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/ systemctl enable httpd.service && systemctl start httpd.service echo "export OS_USERNAME=admin" >> /etc/profile echo "export OS_PASSWORD=123456" >> /etc/profile echo "export OS_PROJECT_NAME=admin" >> /etc/profile echo "export OS_USER_DOMAIN_NAME=Default" >> /etc/profile echo "export OS_PROJECT_DOMAIN_NAME=Default" >> /etc/profile echo "export OS_AUTH_URL=http://controller:5000/v3" >> /etc/profile echo "export OS_IDENTITY_API_VERSION=3" >> /etc/profile source /etc/profile openstack project create --domain default --description "Service Project" service #控制节点 安装Image service mysql -uroot -p123456 -e "CREATE DATABASE glance" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '123456'" openstack user create --domain default --password 123456 glance openstack role add --project service --user glance admin openstack service create --name glance --description "OpenStack Image" image openstack endpoint create --region RegionOne image public http://controller:9292 openstack endpoint create --region RegionOne image internal http://controller:9292 openstack endpoint create --region RegionOne image admin http://controller:9292 yum install -y openstack-glance sed -i "2062c connection = mysql+pymysql://glance:123456@controller/glance" /etc/glance/glance-api.conf sed -i "5034c www_authenticate_uri = http://controller:5000" /etc/glance/glance-api.conf sed -i "5035c auth_url = http://controller:5000" /etc/glance/glance-api.conf sed -i "5036c memcached_servers = controller:11211" /etc/glance/glance-api.conf sed -i "5037c auth_type = password" /etc/glance/glance-api.conf sed -i "5038c project_domain_name = Default" /etc/glance/glance-api.conf sed -i "5039c user_domain_name = Default" /etc/glance/glance-api.conf sed -i "5040c project_name = service" /etc/glance/glance-api.conf sed -i "5041c username = glance" /etc/glance/glance-api.conf sed -i "5042c password = 123456" /etc/glance/glance-api.conf sed -i "5678c flavor = keystone" /etc/glance/glance-api.conf sed -i "3413c stores = file,http" /etc/glance/glance-api.conf sed -i "3414c default_store = file" /etc/glance/glance-api.conf sed -i "3415c filesystem_store_datadir = /var/lib/glance/images/" /etc/glance/glance-api.conf su -s /bin/sh -c "glance-manage db_sync" glance systemctl enable openstack-glance-api.service && systemctl start openstack-glance-api.service #控制节点 安装Placement service mysql -uroot -p123456 -e "CREATE DATABASE placement" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '123456'" openstack user create --domain default --password 123456 placement openstack role add --project service --user placement admin openstack service create --name placement --description "Placement API" placement openstack endpoint create --region RegionOne placement public http://controller:8778 openstack endpoint create --region RegionOne placement internal http://controller:8778 openstack endpoint create --region RegionOne placement admin http://controller:8778 yum install -y openstack-placement-api sed -i "507c connection = mysql+pymysql://placement:123456@controller/placement" /etc/placement/placement.conf sed -i "192c auth_strategy = keystone" /etc/placement/placement.conf sed -i "241c auth_url = http://controller:5000/v3" /etc/placement/placement.conf sed -i "242c memcached_servers = controller:11211" /etc/placement/placement.conf sed -i "243c auth_type = password" /etc/placement/placement.conf sed -i "244c project_domain_name = Default" /etc/placement/placement.conf sed -i "245c user_domain_name = Default" /etc/placement/placement.conf sed -i "246c project_name = service" /etc/placement/placement.conf sed -i "247c username = placement" /etc/placement/placement.conf sed -i "248c password = 123456" /etc/placement/placement.conf su -s /bin/sh -c "placement-manage db sync" placement systemctl restart httpd #控制节点 安装Compute service mysql -uroot -p123456 -e "CREATE DATABASE nova_api" mysql -uroot -p123456 -e "CREATE DATABASE nova" mysql -uroot -p123456 -e "CREATE DATABASE nova_cell0" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '123456'" openstack user create --domain default --password 123456 nova openstack role add --project service --user nova admin openstack service create --name nova --description "OpenStack Compute" compute openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1 openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1 openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1 yum install -y openstack-nova-api openstack-nova-conductor openstack-nova-novncproxy openstack-nova-scheduler sed -i "2c enabled_apis = osapi_compute,metadata" /etc/nova/nova.conf sed -i "3c transport_url = rabbit://openstack:123456@controller:5672/" /etc/nova/nova.conf sed -i "4c my_ip = 10.0.0.11" /etc/nova/nova.conf sed -i "1079c connection = mysql+pymysql://nova:123456@controller/nova_api" /etc/nova/nova.conf sed -i "1622c connection = mysql+pymysql://nova:123456@controller/nova" /etc/nova/nova.conf sed -i "872c auth_strategy = keystone" /etc/nova/nova.conf sed -i "2561c www_authenticate_uri = http://controller:5000/" /etc/nova/nova.conf sed -i "2562c auth_url = http://controller:5000/" /etc/nova/nova.conf sed -i "2563c memcached_servers = controller:11211" /etc/nova/nova.conf sed -i "2564c auth_type = password" /etc/nova/nova.conf sed -i "2565c project_domain_name = Default" /etc/nova/nova.conf sed -i "2566c user_domain_name = Default" /etc/nova/nova.conf sed -i "2567c project_name = service" /etc/nova/nova.conf sed -i "2568c username = nova" /etc/nova/nova.conf sed -i "2569c password = 123456" /etc/nova/nova.conf sed -i "5171c enabled = true" /etc/nova/nova.conf sed -i '5172c server_listen = $my_ip' /etc/nova/nova.conf sed -i '5173c server_proxyclient_address = $my_ip' /etc/nova/nova.conf sed -i "1937c api_servers = http://controller:9292" /etc/nova/nova.conf sed -i "3571c lock_path = /var/lib/nova/tmp" /etc/nova/nova.conf sed -i "4093c region_name = RegionOne" /etc/nova/nova.conf sed -i "4094c project_domain_name = Default" /etc/nova/nova.conf sed -i "4095c project_name = service" /etc/nova/nova.conf sed -i "4096c auth_type = password" /etc/nova/nova.conf sed -i "4097c user_domain_name = Default" /etc/nova/nova.conf sed -i "4098c auth_url = http://controller:5000/v3" /etc/nova/nova.conf sed -i "4099c username = placement" /etc/nova/nova.conf sed -i "4100c password = 123456" /etc/nova/nova.conf sed -i "4509c discover_hosts_in_cells_interval = 300" /etc/nova/nova.conf su -s /bin/sh -c "nova-manage api_db sync" nova su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova su -s /bin/sh -c "nova-manage db sync" nova systemctl enable openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service && systemctl start openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service #计算节点 安装Compute service yum install -y openstack-nova-compute sed -i "2c enabled_apis = osapi_compute,metadata" /etc/nova/nova.conf sed -i "3c transport_url = rabbit://openstack:123456@controller" /etc/nova/nova.conf sed -i "4c my_ip = 10.0.0.31" /etc/nova/nova.conf sed -i "872c auth_strategy = keystone" /etc/nova/nova.conf sed -i "2561c www_authenticate_uri = http://controller:5000/" /etc/nova/nova.conf sed -i "2562c auth_url = http://controller:5000/" /etc/nova/nova.conf sed -i "2563c memcached_servers = controller:11211" /etc/nova/nova.conf sed -i "2564c auth_type = password" /etc/nova/nova.conf sed -i "2565c project_domain_name = Default" /etc/nova/nova.conf sed -i "2566c user_domain_name = Default" /etc/nova/nova.conf sed -i "2567c project_name = service" /etc/nova/nova.conf sed -i "2568c username = nova" /etc/nova/nova.conf sed -i "2569c password = 123456" /etc/nova/nova.conf sed -i "5171c enabled = true" /etc/nova/nova.conf sed -i "5172c server_listen = 0.0.0.0" /etc/nova/nova.conf sed -i '5173c server_proxyclient_address = $my_ip' /etc/nova/nova.conf sed -i "5174c novncproxy_base_url = http://controller:6080/vnc_auto.html" /etc/nova/nova.conf sed -i "1937c api_servers = http://controller:9292" /etc/nova/nova.conf sed -i "3571c lock_path = /var/lib/nova/tmp" /etc/nova/nova.conf sed -i "4093c region_name = RegionOne" /etc/nova/nova.conf sed -i "4094c project_domain_name = Default" /etc/nova/nova.conf sed -i "4095c project_name = service" /etc/nova/nova.conf sed -i "4096c auth_type = password" /etc/nova/nova.conf sed -i "4097c user_domain_name = Default" /etc/nova/nova.conf sed -i "4098c auth_url = http://controller:5000/v3" /etc/nova/nova.conf sed -i "4099c username = placement" /etc/nova/nova.conf sed -i "4100c password = 123456" /etc/nova/nova.conf #执行命令,查看是否支持CPU虚拟化,如果大于0则支持。 egrep -c '(vmx|svm)' /proc/cpuinfo #如果不支持的话还需要执行下面的命令 sed -i "2722c virt_type = qemu" /etc/nova/nova.conf systemctl enable libvirtd.service openstack-nova-compute.service && systemctl start libvirtd.service openstack-nova-compute.service #控制节点 计算节点从注册到发现会有延迟,根据discover_hosts_in_cells_interval 配置轮询发现时间,可以执行下面命令手动发现计算节点 su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova #控制节点 安装Networking service mysql -uroot -p123456 -e "CREATE DATABASE neutron" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456'" mysql -uroot -p123456 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456'" openstack user create --domain default --password 123456 neutron openstack role add --project service --user neutron admin openstack service create --name neutron --description "OpenStack Networking" network openstack endpoint create --region RegionOne network public http://controller:9696 openstack endpoint create --region RegionOne network internal http://controller:9696 openstack endpoint create --region RegionOne network admin http://controller:9696 yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables #配置服务器组件 sed -i "2c core_plugin = ml2" /etc/neutron/neutron.conf sed -i "3c service_plugins = router" /etc/neutron/neutron.conf sed -i "4c allow_overlapping_ips = true" /etc/neutron/neutron.conf sed -i "5c transport_url = rabbit://openstack:123456@controller" /etc/neutron/neutron.conf sed -i "6c auth_strategy = keystone" /etc/neutron/neutron.conf sed -i "7c notify_nova_on_port_status_changes = true" /etc/neutron/neutron.conf sed -i "8c notify_nova_on_port_data_changes = true" /etc/neutron/neutron.conf sed -i "254c connection = mysql+pymysql://neutron:123456@controller/neutron" /etc/neutron/neutron.conf sed -i "359c www_authenticate_uri = http://controller:5000" /etc/neutron/neutron.conf sed -i "360c auth_url = http://controller:5000" /etc/neutron/neutron.conf sed -i "361c memcached_servers = controller:11211" /etc/neutron/neutron.conf sed -i "362c auth_type = password" /etc/neutron/neutron.conf sed -i "363c project_domain_name = default" /etc/neutron/neutron.conf sed -i "364c user_domain_name = default" /etc/neutron/neutron.conf sed -i "365c project_name = service" /etc/neutron/neutron.conf sed -i "366c username = neutron" /etc/neutron/neutron.conf sed -i "367c password = 123456" /etc/neutron/neutron.conf sed -i "521c lock_path = /var/lib/neutron/tmp" /etc/neutron/neutron.conf echo "[nova]" >> /etc/neutron/neutron.conf echo "auth_url = http://controller:5000" >> /etc/neutron/neutron.conf echo "auth_type = password" >> /etc/neutron/neutron.conf echo "project_domain_name = default" >> /etc/neutron/neutron.conf echo "user_domain_name = default" >> /etc/neutron/neutron.conf echo "region_name = RegionOne" >> /etc/neutron/neutron.conf echo "project_name = service" >> /etc/neutron/neutron.conf echo "username = nova" >> /etc/neutron/neutron.conf echo "password = 123456" >> /etc/neutron/neutron.conf #配置Modular Layer 2 (ML2) plug-in echo "[ml2]" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "type_drivers = flat,vlan,vxlan" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "tenant_network_types = vxlan" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "mechanism_drivers = linuxbridge,l2population" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "extension_drivers = port_security" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "[ml2_type_flat]" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "flat_networks = provider" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "vni_ranges = 1:1000" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "[securitygroup]" >> /etc/neutron/plugins/ml2/ml2_conf.ini echo "enable_ipset = true" >> /etc/neutron/plugins/ml2/ml2_conf.ini #配置Linux bridge agent echo "[linux_bridge]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #eth1为另外第二张网卡 echo "physical_interface_mappings = provider:eth1" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "[vxlan]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "enable_vxlan = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #10.0.0.12为第二张网卡的IP echo "local_ip = 10.0.0.12" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "l2_population = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "[securitygroup]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "enable_security_group = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #配置layer-3 agent sed -i "2c interface_driver = linuxbridge" /etc/neutron/l3_agent.ini #配置DHCP agent sed -i "2c interface_driver = linuxbridge" /etc/neutron/dhcp_agent.ini sed -i "3c dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq" /etc/neutron/dhcp_agent.ini sed -i "4c enable_isolated_metadata = true" /etc/neutron/dhcp_agent.ini #配置metadata agent sed -i "2c nova_metadata_host = controller" /etc/neutron/metadata_agent.ini sed -i "3c metadata_proxy_shared_secret = 123456" /etc/neutron/metadata_agent.ini #配置计算服务使用网络服务 sed -i " 3334c auth_url = http://controller:5000" /etc/nova/nova.conf sed -i " 3335c auth_type = password" /etc/nova/nova.conf sed -i " 3336c project_domain_name = default" /etc/nova/nova.conf sed -i " 3337c user_domain_name = default" /etc/nova/nova.conf sed -i " 3338c region_name = RegionOne" /etc/nova/nova.conf sed -i " 3339c project_name = service" /etc/nova/nova.conf sed -i " 3340c username = neutron" /etc/nova/nova.conf sed -i " 3341c password = 123456" /etc/nova/nova.conf sed -i " 3342c service_metadata_proxy = true" /etc/nova/nova.conf sed -i " 3343c metadata_proxy_shared_secret = 123456" /etc/nova/nova.conf ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron systemctl restart openstack-nova-api.service systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service && systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl enable neutron-l3-agent.service && systemctl start neutron-l3-agent.service #计算节点 安装Networking service yum install -y openstack-neutron-linuxbridge ebtables ipset sed -i "2c transport_url = rabbit://openstack:123456@controller" /etc/neutron/neutron.conf sed -i "3c auth_strategy = keystone" /etc/neutron/neutron.conf sed -i "359c www_authenticate_uri = http://controller:5000" /etc/neutron/neutron.conf sed -i "360c auth_url = http://controller:5000" /etc/neutron/neutron.conf sed -i "361c memcached_servers = controller:11211" /etc/neutron/neutron.conf sed -i "362c auth_type = password" /etc/neutron/neutron.conf sed -i "363c project_domain_name = default" /etc/neutron/neutron.conf sed -i "364c user_domain_name = default" /etc/neutron/neutron.conf sed -i "365c project_name = service" /etc/neutron/neutron.conf sed -i "366c username = neutron" /etc/neutron/neutron.conf sed -i "367c password = 123456" /etc/neutron/neutron.conf sed -i "521c lock_path = /var/lib/neutron/tmp" /etc/neutron/neutron.conf echo "[linux_bridge]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #eth1为另外第二张网卡 echo "physical_interface_mappings = provider:eth1" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "[vxlan]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "enable_vxlan = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #10.0.0.32为第二张网卡的IP echo "local_ip = 10.0.0.32" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "l2_population = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "[securitygroup]" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "enable_security_group = true" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini echo "firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver" >> /etc/neutron/plugins/ml2/linuxbridge_agent.ini #配置计算服务使用网络服务 sed -i " 3334c auth_url = http://controller:5000" /etc/nova/nova.conf sed -i " 3335c auth_type = password" /etc/nova/nova.conf sed -i " 3336c project_domain_name = default" /etc/nova/nova.conf sed -i " 3337c user_domain_name = default" /etc/nova/nova.conf sed -i " 3338c region_name = RegionOne" /etc/nova/nova.conf sed -i " 3339c project_name = service" /etc/nova/nova.conf sed -i " 3340c username = neutron" /etc/nova/nova.conf sed -i " 3341c password = 123456" /etc/nova/nova.conf systemctl restart openstack-nova-compute.service systemctl enable neutron-linuxbridge-agent.service && systemctl start neutron-linuxbridge-agent.service #控制节点 安装Dashboard yum install -y openstack-dashboard sed -i '118c OPENSTACK_HOST = "controller"' /etc/openstack-dashboard/local_settings sed -i "39c ALLOWED_HOSTS = ['*']" /etc/openstack-dashboard/local_settings sed -i "104c SESSION_ENGINE = 'django.contrib.sessions.backends.cache'" /etc/openstack-dashboard/local_settings sed -i "94c CACHES = {" /etc/openstack-dashboard/local_settings sed -i "95c 'default': {" /etc/openstack-dashboard/local_settings sed -i "96c 'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache'," /etc/openstack-dashboard/local_settings sed -i "97c 'LOCATION': 'controller:11211'," /etc/openstack-dashboard/local_settings sed -i "98c }" /etc/openstack-dashboard/local_settings sed -i "99c }" /etc/openstack-dashboard/local_settings sed -i '119c OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST' /etc/openstack-dashboard/local_settings echo 'OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True' >> /etc/openstack-dashboard/local_settings echo 'OPENSTACK_API_VERSIONS = {' >> /etc/openstack-dashboard/local_settings echo ' "identity": 3,' >> /etc/openstack-dashboard/local_settings echo ' "image": 2,' >> /etc/openstack-dashboard/local_settings echo ' "volume": 3' >> /etc/openstack-dashboard/local_settings echo '}' >> /etc/openstack-dashboard/local_settings echo 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"' >> /etc/openstack-dashboard/local_settings echo 'OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"' >> /etc/openstack-dashboard/local_settings sed -i '123c TIME_ZONE = "Asia/Shanghai"' /etc/openstack-dashboard/local_settings echo "WEBROOT = '/dashboard/'" >> /etc/openstack-dashboard/local_settings echo 'WSGIApplicationGroup %{GLOBAL}' >> /etc/httpd/conf.d/openstack-dashboard.conf systemctl restart httpd.service memcached.service #安装完成,可访问http://10.0.0.11/dashboard/查看