iaas-install-neutron-controller/compute.sh脚本详解

iaas-install-neutron-controller.sh

#!/bin/bash
source /etc/iaas-openstack/openrc.sh
source /etc/keystone/admin-openrc.sh

#neutron mysql
mysql -uroot -p$DB_PASS -e "create database IF NOT EXISTS neutron ;"   # 如果数据库中不存在neutron数据库就创建neutron数据库
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$NEUTRON_DBPASS' ;"   # 授予neutron用户对neutron数据库的所有本地权限
mysql -uroot -p$DB_PASS -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$NEUTRON_DBPASS' ;"   # 授予neutron用户对neutron数据库的所有远程权限

#neutron  user role service endpoint 
openstack user create --domain $DOMAIN_NAME --password $NEUTRON_PASS neutron   # 创建用户neutron
openstack role add --project service --user neutron admin      # 将neutron用户添加到service项目并赋予admin用户权限
openstack service create --name neutron --description "OpenStack Networking" network   # 创建名为neutron、类型为network、描述为"OpenStack Networking"的服务
openstack endpoint create --region RegionOne network public http://$HOST_NAME:9696     # 创建网络服务共有端点
openstack endpoint create --region RegionOne  network internal http://$HOST_NAME:9696   # 创建网络服务私有端点
openstack endpoint create --region RegionOne  network admin http://$HOST_NAME:9696    # 创建网络服务admin端点

#neutron install
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y   # 安装neutron
# 使用标准输出和输入覆盖第二块网卡的内容
if [[ `ip a |grep -w $INTERFACE_IP |grep -w $INTERFACE_NAME` = '' ]];then 
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME <<EOF
DEVICE=$INTERFACE_NAME    # 网卡名称
TYPE=Ethernet              # 网络类型
BOOTPROTO=none         # 禁用dhcp
ONBOOT=yes            # 开机自启设备
EOF
systemctl restart network
fi
#/etc/neutron/neutron.conf
crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin  ml2               # 启用ml2插件
crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins  router        # 启用路由服务
crudini --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips  true     # 允许ip地址重叠
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:$NEUTRON_DBPASS@$HOST_NAME       # 配置RabbitMQ的消息队列访问
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone      # 授权策略为keystone
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes  true   # 在端口状态更改时通知nova
crudini --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes  true     # 在端口数据更改时通知nova

crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:$NEUTRON_DBPASS@$HOST_NAME/neutron    # 配置数据库连接
 # 配置keystone认证服务
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_uri  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url  http://$HOST_NAME:35357
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name  service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username  neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password  $NEUTRON_PASS
# 配置nova计算服务
crudini --set /etc/neutron/neutron.conf nova auth_url  http://$HOST_NAME:35357
crudini --set /etc/neutron/neutron.conf nova auth_type  password
crudini --set /etc/neutron/neutron.conf nova project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf nova region_name  RegionOne
crudini --set /etc/neutron/neutron.conf nova project_name  service
crudini --set /etc/neutron/neutron.conf nova username  nova
crudini --set /etc/neutron/neutron.conf nova password  $NOVA_PASS

crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

#/etc/neutron/plugins/ml2/ml2_conf.ini
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers  flat,vlan,vxlan    # 启用flat,vlan,vxlan的网络类型驱动
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types  vxlan        # 设置租户网络类型为vxlan
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers  linuxbridge,l2population      # 设置linuxbridge和l2population机制驱动
crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers  port_security            # 配置扩展驱动程序

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks  $Physical_NAME      # 配置flat网络

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vlan network_vlan_ranges $Physical_NAME:$minvlan:$maxvlan       # 配置vlan网络范围

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges  $minvlan:$maxvlan       # 配置vxlan网络范围

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  true           # 启用ipset

#/etc/neutron/plugins/ml2/linuxbridge_agent.ini
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  $Physical_NAME:$INTERFACE_NAME    # 配置物理接口映射

crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true       # 开启vxlan网络模式
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip  $INTERFACE_IP              # 配置本地vxlan的网络的IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population  true

crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true      # 启用安全组
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver      # 配置iptables防火墙驱动

#/etc/neutron/l3_agent.ini
crudini --set /etc/neutron/l3_agent.ini DEFAULT interface_driver  linuxbridge  # 配置接口驱动程序

#/etc/neutron/dhcp_agent.ini 配置dhcp
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver  linuxbridge      # 配置接口驱动程序
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver  neutron.agent.linux.dhcp.Dnsmasq  # 配置dhcp驱动程序
crudini --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata  true   # 启用独立的元数据

#/etc/neutron/metadata_agent.ini
crudini --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host  $HOST_NAME      # 配置metadata的主机为控制节点
crudini --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret  $METADATA_SECRET      # 配置metadata代理的密码

#/etc/nova/nova.conf
crudini --set /etc/nova/nova.conf neutron url  http://$HOST_NAME:9696
crudini --set /etc/nova/nova.conf neutron auth_url  http://$HOST_NAME:35357
crudini --set /etc/nova/nova.conf neutron auth_type  password
crudini --set /etc/nova/nova.conf neutron project_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name  RegionOne
crudini --set /etc/nova/nova.conf neutron project_name  service
crudini --set /etc/nova/nova.conf neutron username  neutron
crudini --set /etc/nova/nova.conf neutron password  $NEUTRON_PASS
crudini --set /etc/nova/nova.conf neutron service_metadata_proxy  true      # 启用metadata代理服务代理
crudini --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret  $METADATA_SECRET      # 配置metadata代理的密码

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini  # 创建软连接文件
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron   # 同步neutron数据到数据库
systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

iaas-install-neutron-compute.sh

#!/bin/bash
source /etc/iaas-openstack/openrc.sh

#neutron install
yum install openstack-neutron-linuxbridge ebtables ipset net-tools -y

if [[ `ip a |grep -w $INTERFACE_IP |grep -w $INTERFACE_NAME` = '' ]];then 
cat > /etc/sysconfig/network-scripts/ifcfg-$INTERFACE_NAME <<EOF
DEVICE=$INTERFACE_NAME
TYPE=Ethernet
BOOTPROTO=none
ONBOOT=yes
EOF
systemctl restart network
fi

#/etc/neutron/neutron.conf
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:$NEUTRON_DBPASS@$HOST_NAME
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_uri  http://$HOST_NAME:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url  http://$HOST_NAME:35357
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers  $HOST_NAME:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type  password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name  $DOMAIN_NAME
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name  service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username  neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password  $NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

#/etc/neutron/plugins/ml2/linuxbridge_agent.ini
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:$INTERFACE_NAME  # 配置物理接口映射
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true     # 启用虚拟局域网
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip $INTERFACE_IP       # 配置虚拟局域网的本地IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population  true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true       # 启用安全组
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver  # 配置iptables防火墙驱动

#/etc/nova/nova.conf
crudini --set /etc/nova/nova.conf neutron url  http://$HOST_NAME:9696
crudini --set /etc/nova/nova.conf neutron auth_url  http://$HOST_NAME:35357
crudini --set /etc/nova/nova.conf neutron auth_type  password
crudini --set /etc/nova/nova.conf neutron project_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron user_domain_name  $DOMAIN_NAME
crudini --set /etc/nova/nova.conf neutron region_name  RegionOne
crudini --set /etc/nova/nova.conf neutron project_name  service
crudini --set /etc/nova/nova.conf neutron username  neutron
crudini --set /etc/nova/nova.conf neutron password  $NEUTRON_PASS

systemctl restart openstack-nova-compute.service
systemctl start neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service

posted @ 2021-12-13 08:33 衡衡酱阅读(0) 评论(0) 收藏举报

刷新页面返回顶部

Limerencesu

iaas-install-neutron-controller/compute.sh脚本详解

iaas-install-neutron-controller.sh

iaas-install-neutron-compute.sh

公告