1. 程式人生 > >openstack 自動化部署/離線部署

openstack 自動化部署/離線部署

前言

openstack如何部署,怎樣使用,在官網上很是詳細,即使是linux小白使用者,按照官網上一步一步做起來,還是可以讓雲平臺跑起來的。使用linux是離不開shell,我們可以使用shell來自動化部署openstack平臺。其實,說是自動化其實也不是,只是把繁瑣的配置檔案,openstack service,sql等使用指令碼來直接拷貝進去,使之生效。這樣能夠很方便的讓一個有一個openstack平臺搭建起來,提高工作效率,縮短專案週期。

手動干預項

使用本地源,能夠非常快速的安裝openstack依賴包,這是利器,推薦所有使用openstack的,事先搭建好。

  • 準備ubuntu16.04.2 : controller(1個),compute(1個),cinder(1個),swift(1個)
  • 修改這4臺主機的hosts
    hosts:
10.0.0.11 controller
10.0.0.21 compute1
10.0.0.31 block1
10.0.0.41 swift
  • 修改這4個主機的hostname
    • controller、compute1、block1、swift

controller 自動部署指令碼

  • 配置混雜網絡卡程式碼塊
#!/bin/sh
set -x
readonly interface_name=ens7 
echo "begin config menual interface"
# 下面這5行是刪除符合條件的內容,防止重複新增
sed -i "/^auto\\$interface_name/d" /etc/network/interfaces
sed -i "/^iface $interface_name inet manual/d" /etc/network/interfaces
sed -i '/^up*/d' /etc/network/interfaces
sed -i '/^down*/d'
/etc/network/interfaces sed -i '/^# The provider*/d' /etc/network/interfaces # 新增網絡卡 sed -i '$a\ ' /etc/network/interfaces sed -i '$a\# The provider network interface' /etc/network/interfaces sed -i "\$a\auto $interface_name" /etc/network/interfaces sed -i "\$a\iface $interface_name inet manual" /etc/network/interfaces sed -i '$a\up ip link set dev $IFACE up' /etc/network/interfaces sed -i '$a\down ip link set dev $IFACE down' /etc/network/interfaces
  • ntp服務配置
readonly chrony_allow=10.0.0.0\\/16
readonly my_ip=10.0.0.11
echo "begin config chrony,you should config pool menual"
# 
(echo 'y'
echo 'y')| apt-get install chrony
echo '時間同步,同步伺服器需要手動設定'
sed -i -e "s/^allow.*/allow = $chrony_allow/" ./conf/chrony.conf
cp ./conf/chrony.conf /etc/chrony/chrony.conf
/etc/init.d/chrony restart
sleep 5s
echo 'chrony set finished'
  • apache2 配置
echo 'begin config apache2'
(echo 'y'
echo 'y')|apt-get install apache2
# 刪除Servername 
sed -i '/^ServerName\s.*/d' /etc/apache2/apache2.conf
sed -i '1i ServerName controller' /etc/apache2/apache2.conf
/etc/init.d/apache2 restart
  • 安裝公共依賴包
echo 'begin config common packages'
(echo 'y'
echo 'y')|apt-get install software-properties-common \
python-openstackclient \
mariadb-server
echo 'begin config mysql'
  • mysql配置
echo 'begin config mysql'
# cpy /etc/mysql/mariadb.conf.d/99-openstack.cnf
sed -i -e "s/^bind-address.*/bind-address = $my_ip/" ./conf/99-openstack.cnf
cp ./conf/99-openstack.cnf /etc/mysql/mariadb.conf.d/
/etc/init.d/mysql restart
mysql_secure_installation << !EOF
longruan
n
y
n
y
y
!EOF
  • rabbitmq配置
echo 'begin config rabbitmq'
(echo 'y'
echo 'y')|apt-get install rabbitmq-server
rabbitmqctl add_user openstack longruan
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
  • memcache 配置
echo 'begin config memcached'
(echo 'y'
echo 'y')|apt-get install memcached \
python-memcache
sed -i -e "s/^-l\s.*/-l $my_ip/" /etc/memcached.conf
/etc/init.d/memcached restart
  • keystone 配置,並儲存admin-openrc.sh
echo 'begin config openstack-keystone'
(echo 'y'
echo 'y')|apt-get install keystone
source ./sql_scripts/keystone.sql

cp ./conf/keystone.conf /etc/keystone/
su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password longruan \
--bootstrap-admin-url http://controller:35357/v3/ \
--bootstrap-internal-url http://controller:35357/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
rm -f /var/lib/keystone/keystone.db
echo -e '#!/bin/bash\nexport OS_USERNAME=admin\nexport OS_PASSWORD=longruan\nexport OS_PROJECT_NAME=admin\nexport OS_USER_DOMAIN_NAME=Default\nexport OS_PROJECT_DOMAIN_NAME=Default\nexport OS_AUTH_URL=http://controller:35357/v3\nexport OS_IDENTITY_API_VERSION=3' > admin-openrc.sh
source admin-openrc.sh
openstack project create --domain default --description "Service Project" service
openstack project create --domain default --description "Demo Project" demo
openstack user create --domain default --password longruan demo
openstack role create user
openstack role add --project demo --user demo user
echo -e '#!/bin/bash\nexport OS_PROJECT_DOMAIN_NAME=Default\nexport OS_USER_DOMAIN_NAME=Default\nexport OS_PROJECT_NAME=demo\nexport OS_USERNAME=demo\nexport OS_PASSWORD=longruan\nexport OS_AUTH_URL=http://controller:5000/v3\nexport OS_IDENTITY_API_VERSION=3\nexport OS_IMAGE_API_VERSION=2'> demo-openrc.sh
source admin-openrc.sh
openstack token issue
  • glance 配置
echo 'begin config openstack-glance'
(echo 'y'
echo 'y')|apt-get install glance
source ./sql_scripts/glance.sql
openstack user create --domain default --password longruan glance
openstack role add --project service --user glance admin
openstack service create --name glance --description "OpenStack Image" image
openstack endpoint create --region RegionOne image public http://controller:9292
openstack endpoint create --region RegionOne image internal http://controller:9292
openstack endpoint create --region RegionOne image admin http://controller:9292
cp ./conf/glance-api.conf /etc/glance/glance-api.conf
cp ./conf/glance-registry.conf /etc/glance/glance-registry.conf
cd /etc/glance/
chown glance.glance glance-api.conf
chown glance.glance glance-registry.conf
cd -
su -s /bin/sh -c "glance-manage db_sync" glance
/etc/init.d/glance-registry restart
/etc/init.d/glance-api restart
sleep 5s
openstack image create "cirros" --file ./imgs/cirros-0.3.4-x86_64-disk.img --disk-format qcow2 --container-format bare --public
openstack image list
  • nova 配置
echo 'begin config openstack-nova'
(echo 'y'
echo 'y')|apt-get install nova-api \
nova-conductor \
nova-consoleauth \
nova-novncproxy \
nova-scheduler
source ./sql_scripts/nova.sql
source admin-openrc.sh
openstack user create --domain default --password longruan nova
openstack role add --project service --user nova admin
openstack service create --name nova --description "OpenStack Compute" compute
openstack endpoint create --region RegionOne compute public http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute internal http://controller:8774/v2.1/%\(tenant_id\)s
openstack endpoint create --region RegionOne compute admin http://controller:8774/v2.1/%\(tenant_id\)s

sed -i -e "s/^my_ip.*/my_ip = $my_ip/" ./conf/nova.conf
cp ./conf/nova.conf /etc/nova/nova.conf
su -s /bin/sh -c "nova-manage api_db sync" nova
su -s /bin/sh -c "nova-manage db sync" nova
/etc/init.d/nova-api restart
/etc/init.d/nova-consoleauth restart
/etc/init.d/nova-scheduler restart
/etc/init.d/nova-novncproxy restart
echo '等待服務重啟...'
sleep 5s
  • neutron 配置
echo 'begin config openstack-neutron'
(echo 'y'
echo 'y')|apt-get install neutron-server \
neutron-plugin-ml2 \
neutron-linuxbridge-agent \
neutron-l3-agent \
neutron-dhcp-agent \
neutron-metadata-agent
source ./sql_scripts/neutron.sql
openstack user create --domain default --password longruan neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696

cp ./conf/neutron.conf /etc/neutron/neutron.conf
cp ./conf/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini
sed -i "s/^physical_interface_mappings.*/physical_interface_mappings = provider:$interface_name/" ./conf/linuxbridge_agent.ini
sed -i "s/^local_ip.*/local_ip = $my_ip/" ./conf/linuxbridge_agent.ini
cp ./conf/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini
cp ./conf/l3_agent.ini /etc/neutron/l3_agent.ini
cp ./conf/dhcp_agent.ini /etc/neutron/dhcp_agent.ini
cp ./conf/metadata_agent.ini /etc/neutron/metadata_agent.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

/etc/init.d/nova-api restart
/etc/init.d/neutron-server restart
/etc/init.d/neutron-linuxbridge-agent restart
/etc/init.d/neutron-dhcp-agent restart
/etc/init.d/neutron-metadata-agent restart
/etc/init.d/neutron-l3-agent restart
sleep 5s

dashboard 配置

echo 'begin config opensack-dashboard'
(echo 'y'
echo 'y')|apt-get install openstack-dashboard
cp ./conf/local_settings.py /etc/openstack-dashboard/local_settings.py
/etc/init.d/apache2 restart
sleep 5s
/etc/init.d/apache2 reload
  • cinder 配置
echo 'begin config openstack-cinder'
(echo 'y'
echo 'y')|apt-get install cinder-api \
cinder-scheduler
source ./sql_scripts/cinder.sql
openstack user create --domain default --password longruan cinder
openstack role add --project service --user cinder admin
openstack service create --name cinder --description "OpenStack Block Storage" volume
openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
openstack endpoint create --region RegionOne volume public http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volume internal http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volume admin http://controller:8776/v1/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 public http://controller:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 internal http://controller:8776/v2/%\(tenant_id\)s
openstack endpoint create --region RegionOne volumev2 admin http://controller:8776/v2/%\(tenant_id\)s
sed -i "s/^my_ip.*/my_ip = $my_ip/" ./conf/cinder.conf
cp ./conf/cinder.conf /etc/cinder/cinder.conf
su -s /bin/sh -c "cinder-manage db sync" cinder
/etc/init.d/nova-api restart
/etc/init.d/cinder-scheduler restart
/etc/init.d/cinder-api restart
sleep 5s
  • swift 配置
echo 'begin config openstack-swift'
(echo 'y'
echo 'y')|apt-get install swift swift-proxy python-swiftclient \
  python-keystoneclient python-keystonemiddleware \
  memcached
openstack user create --domain default --password longruan swift
openstack role add --project service --user swift admin
openstack service create --name swift --description "OpenStack Object Storage" object-store
openstack endpoint create --region RegionOne object-store public http://controller:8080/v1/AUTH_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store internal http://controller:8080/v1/AUTH_%\(tenant_id\)s
openstack endpoint create --region RegionOne object-store admin http://controller:8080/v1
rm -r /etc/swift
mkdir /etc/swift
cp ./conf/proxy-server.conf /etc/swift/

sql指令碼

# cinder.sql
mysql << !EOF
CREATE DATABASE cinder;
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'longruan';
!EOF
# glance.sql
mysql << EOF!
CREATE DATABASE glance;
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'longruan';
EOF!
# nova.sql
mysql << EOF!
CREATE DATABASE nova_api;
CREATE DATABASE nova;
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'longruan';
EOF!
# keystone.sql
mysql << EOF!
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'longruan';
EOF!
mysql << EOF!

# neutron.sql
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'longruan';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'longruan';
EOF!

總結

  • 安裝包的格式
(echo 'y'
echo 'y')|apt-get install ...
  • sed -i -e 的用法…刪除一行文字,追加檔案,替換檔案
    • 注意特殊字元的處理
  • set -x 和 set +x 等 set 的使用
  • shell 語法初步學習

涉及的檔案傳送陣:openstack-controller指令碼示例