openstack nova neutron cinder节点安装

#关闭selinux、防火墙
systemctl stop firewalld.service
systemctl disable firewalld.service
firewall-cmd --state
sed -i '/^SELINUX=.*/c SELINUX=disabled' /etc/selinux/config
sed -i 's/^SELINUXTYPE=.*/SELINUXTYPE=disabled/g' /etc/selinux/config
grep --color=auto '^SELINUX' /etc/selinux/config
setenforce 0


#时间同步 #设置hostname, 每个节点分别设置
#时间同步
####所有节点执行
yum install -y ntp
systemctl enable ntpd && systemctl restart ntpd
timedatectl set-timezone Asia/Shanghai

/usr/sbin/ntpdate ntp6.aliyun.com
echo "*/3 * * * * /usr/sbin/ntpdate ntp6.aliyun.com  &> /dev/null" > /tmp/crontab
crontab /tmp/crontab

hostnamectl --static set-hostname  node$(ip addr |grep brd |grep global |head -n1 |cut -d '/' -f1 |cut -d '.' -f4)

[ `grep -c ' controller$' /etc/hosts ` -eq 0 ] && echo '192.168.0.170 v.meilele.com controller' >>/etc/hosts
tail /etc/hosts

echo '
[centos-openstack-liberty]
name=CentOS-7 - OpenStack liberty
baseurl=http://vault.centos.org/centos/7.3.1611/cloud/x86_64/openstack-liberty/
gpgcheck=0
enabled=1
gpgkey=file:///etc/pki/rpm-gpg/RPM-GPG-KEY-Centos-7
' >/etc/yum.repos.d/CentOS-OpenStack-liberty.repo

tail  /etc/yum.repos.d/CentOS-OpenStack-liberty.repo


########################################
###############node

yum install -y qemu-kvm libvirt virt-install
systemctl enable libvirtd && systemctl restart libvirtd

##Nova linux-node2.openstack
yum install -y openstack-nova-compute sysfsutils


#compute1 Nova
\cp -f /etc/nova/nova.conf{,.bak}

echo "
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = $(ip addr |grep global |grep $(route  |grep default |awk '{print $NF}') |head -n1 |awk '{print $2}' |cut -d '/' -f1)
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
verbose = True
[glance]
host = v.meilelee.com
[keystone_authtoken]
auth_uri = http://v.meilelee.com:5000
auth_url = http://v.meilelee.com:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = nova
password = 123456
[libvirt]
virt_type = kvm
[neutron]
url = http://v.meilelee.com:9696
auth_url = http://v.meilelee.com:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = 123456
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_rabbit]
rabbit_host = v.meilelee.com
rabbit_userid = openstack
rabbit_password = 123456
[vnc]
enabled = True
vncserver_listen = 0.0.0.0
vncserver_proxyclient_address = \$my_ip
novncproxy_base_url = http://v.meilele.com:6080/vnc_auto.html
" >/etc/nova/nova.conf


#[ $(egrep -c '(vmx|svm)' /proc/cpuinfo) -eq 0 ] && sed -i 's#virt_type.*#virt_type=qemu#g' /etc/nova/nova.conf || sed -i 's#virt_type.*#virt_type=kvm#g' /etc/nova/nova.conf

grep virt_type /etc/nova/nova.conf

systemctl enable libvirtd.service openstack-nova-compute.service
systemctl restart libvirtd.service openstack-nova-compute.service

########################网络模块 neutron

##Neutron linux-node2.openstack
yum install -y openstack-neutron openstack-neutron-linuxbridge ebtables ipset


\cp -f /etc/neutron/neutron.conf{,.bak}
echo '
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
verbose = True
[keystone_authtoken]
auth_uri = http://v.meilelee.com:5000
auth_url = http://v.meilelee.com:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = 123456
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_rabbit]
rabbit_host = v.meilelee.com
rabbit_userid = openstack
rabbit_password = 123456
' >/etc/neutron/neutron.conf


\cp -f /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}

echo "
[linux_bridge]
physical_interface_mappings = public:$(ip addr |grep global |grep $(route  |grep default |awk '{print $NF}') |head -n1 |awk '{print $NF}')
[vxlan]
enable_vxlan = True
local_ip = $(ip addr |grep global |grep $(route  |grep default |awk '{print $NF}') |head -n1 |awk '{print $2}' |cut -d '/' -f1)
l2_population = True
[agent]
prevent_arp_spoofing = True
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
" >/etc/neutron/plugins/ml2/linuxbridge_agent.ini



systemctl enable neutron-linuxbridge-agent.service

systemctl restart openstack-nova-compute.service neutron-linuxbridge-agent.service


###########################
##Cinder
yum install -y openstack-cinder targetcli python-oslo-policy


systemctl enable openstack-cinder-volume.service target.service
systemctl restart openstack-cinder-volume.service target.service

echo "
[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
my_ip = $(ip addr |grep global |grep $(route  |grep default |awk '{print $NF}') |head -n1 |awk '{print $2}' |cut -d '/' -f1)
glance_host = v.meilelee.com
[BRCD_FABRIC_EXAMPLE]
[CISCO_FABRIC_EXAMPLE]
[cors]
[cors.subdomain]
[database]
connection = mysql://cinder:[email protected]/cinder
[fc-zone-manager]
[keymgr]
[keystone_authtoken]
auth_uri = http://v.meilelee.com:5000 
auth_url = http://v.meilelee.com:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = cinder
password = 123456
[matchmaker_redis]
[matchmaker_ring]
[oslo_concurrency]
lock_path = /var/lib/cinder/tmp
[oslo_messaging_amqp]
[oslo_messaging_qpid]
[oslo_messaging_rabbit]
rabbit_host = v.meilelee.com
rabbit_userid = openstack
rabbit_password = 123456
[oslo_middleware]
[oslo_policy]
[oslo_reports]
[profiler]
" >/etc/cinder/cinder.conf 

systemctl enable openstack-cinder-volume.service target.service
systemctl restart openstack-cinder-volume.service target.service



################cinder nfs

yum install -y nfs-utils rpcbind

systemctl enable rpcbind nfs
systemctl restart rpcbind nfs

mkdir -p /data/nfs

echo '
/data/nfs *(rw,no_root_squash)
' >>/etc/exports

#all_squash:将远程访问的所有普通用户及所属组都映射为匿名用户或用户组;
#no_all_squash:访问用户先与本机用户匹配,匹配失败后再映射为匿名用户或用户组;
#root_squash:将root用户及所属组都映射为匿名用户或用户组;
#no_root_squash:来访的root用户保持root帐号权限;


systemctl reload nfs

echo '
[nfs]
volume_driver = cinder.volume.drivers.nfs.NfsDriver
nfs_shares_config = /etc/cinder/nfs_shares
nfs_mount_point_base = $state_path/mnt
volume_backend_name=nfs_volumes
' >>/etc/cinder/cinder.conf
tail /etc/cinder/cinder.conf

[ $(grep -c '^enabled_backends' /etc/cinder/cinder.conf) -eq 0 ] && sed -i 's/\[DEFAULT\]/ a enabled_backends=nfs/g' /etc/cinder/cinder.conf || sed -i 's/^enabled_backends.*=/enabled_backends=nfs,/g' /etc/cinder/cinder.conf

#sed -i 's/^enabled_backends.*=/enabled_backends=nfs,/g' /etc/cinder/cinder.conf
grep enabled_backends /etc/cinder/cinder.conf



echo 'localhost:/data/nfs' >/etc/cinder/nfs_shares

chown root.cinder /etc/cinder/nfs_shares
chmod 640 /etc/cinder/nfs_shares
#chgrp cinder /etc/cinder/nfs_shares
systemctl restart openstack-cinder-volume.service 
01-02 20:21