Openstack-neutron组件一键部署安装脚本(v1版,命令组合)
OpenStack    

Openstack-neutron组件一键部署安装脚本(v1版,命令组合)

888 次访问
枕头下放双臭袜子
Scroll Down

openstack系列Minimal deployment for Rocky

    neutron部分需要一块桥接网络的网卡,所以前提准备需要你自己去做

脚本已测试,如需使用,修改脚本所有controller-ZJB为你的主机名,修改所有1790600080为你的密码

win的编码与unix的编码有区别,如果你直接粘贴使用,最好安装dos2unix将脚本文件转码!

image.png

image.png

controller节点脚本:

#!/bin/bash
#This is a script for editing controller's neutron
# 如果你需要使用此脚本,将主机名controller-ZJB修改为你的主机名
# 所有1790600080处修改为自己的密码
readonly create_domain_pass=1790600080

echo "   这是一个修改neutron配置文件的脚本:"
echo "   -------------------------------"
echo "   1、下面开始创建数据库并赋予相应权限"
mysql -u root -p1790600080 <<EOF
    CREATE DATABASE neutron;
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '1790600080';
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '1790600080';
EOF


echo "   --------------------------------"
echo "   数据库已创建成功并赋予了相应权限"
echo "   --------------------------------"
echo "   2、创建服务凭证:"

export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=1790600080
export OS_AUTH_URL=http://controller-ZJB:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

openstack user create --domain default --password $create_domain_pass neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://controller-ZJB:9696
openstack endpoint create --region RegionOne network internal http://controller-ZJB:9696
openstack endpoint create --region RegionOne network admin http://controller-ZJB:9696

echo "   --------------------------------"
echo "         服务凭证已创建完成!"
echo "   --------------------------------"
echo "  选择第一种网络类型:Provider networks"
echo "   3、安装网络组件"
yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
echo "   --------------------------------"
if [ $? == 0 ];then
echo "    软件已成功安装!"
else
   echo "   软件安装出错,请手动查看问题!"
fi



echo "   --------------------------------"
echo "   4、修改Neutron配置文件:"
echo " "
read -p  "     选择是否一键修改neutron配置文件(y/n)" answer
#判断/etc/neutron/neutron.conf文件是否存在,不存在直接输出错误
if [ $answer == "y" ];then
  ls /etc/neutron/neutron.conf &> /dev/null
  if [ $? == 0 ];then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/neutron.conf配置文件"

  database_line=`cat -n /etc/neutron/neutron.conf | grep "\[database\]$" | awk '{print $1}'`
  sed -i $database_line'a\connection = mysql+pymysql://neutron:1790600080@controller-ZJB/neutron' /etc/neutron/neutron.conf

  Default_line=`cat -n /etc/neutron/neutron.conf | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line'a\core_plugin = ml2' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 1`'a\service_plugins =' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 2`'a\transport_url = rabbit://ZJB:1790600080@controller-ZJB' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 3`'a\auth_strategy = keystone' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 4`'a\notify_nova_on_port_status_changes = true' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 5`'a\notify_nova_on_port_data_changes = true' /etc/neutron/neutron.conf



  keystone_authtoken_line=`cat -n /etc/neutron/neutron.conf | grep "\[keystone_authtoken\]$" | awk '{print $1}'`
  sed -i $keystone_authtoken_line'a\www_authenticate_uri = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 2`'a\memcached_servers = controller-ZJB:11211' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 3`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 4`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 5`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 6`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 7`'a\username = neutron' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 8`'a\password = 1790600080' /etc/neutron/neutron.conf


  nova_line=`cat -n /etc/neutron/neutron.conf | grep "\[nova\]$" | awk '{print $1}'`
  sed -i $nova_line'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 1`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 2`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 3`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 4`'a\region_name = RegionOne' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 5`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 6`'a\username = nova' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 7`'a\password = 1790600080' /etc/neutron/neutron.conf

  oslo_concurrency_line=`cat -n /etc/neutron/neutron.conf | grep "\[oslo_concurrency\]$" | awk '{print $1}'`
  sed -i $oslo_concurrency_line'a\lock_path = /var/lib/neutron/tmp' /etc/neutron/neutron.conf

  else
     echo "   etc/neutron/neutron.conf文件不存在!"
  fi

#修改/etc/neutron/plugins/ml2/ml2_conf.ini配置文件
  ls /etc/neutron/plugins/ml2/ml2_conf.ini &>/dev/null
  if [ $? == 0 ]; then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/ml2_conf.ini配置文件"

  ml2_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[ml2\]$" | awk '{print $1}'`
  sed -i $ml2_line'a\type_drivers = flat,vlan' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 1`'a\tenant_network_types =' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 2`'a\mechanism_drivers = linuxbridge' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 3`'a\extension_drivers = port_security' /etc/neutron/plugins/ml2/ml2_conf.ini

  ml2_type_flat_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[ml2_type_flat\]$" | awk '{print $1}'`
  sed -i $ml2_type_flat_line'a\flat_networks = provider' /etc/neutron/plugins/ml2/ml2_conf.ini

  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_ipset = true' /etc/neutron/plugins/ml2/ml2_conf.ini



  else
    echo "/etc/neutron/plugins/ml2/ml2_conf.ini配置文件不存在"
  fi

#修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件
  ls /etc/neutron/plugins/ml2/linuxbridge_agent.ini &>/dev/null
  if [ $? == 0 ]; then
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件"

  linux_bridge_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[linux_bridge\]$" | awk '{print $1}'`
  sed -i $linux_bridge_line'a\physical_interface_mappings = provider:ens37' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  vxlan_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[vxlan\]$" | awk '{print $1}'`
  sed -i $vxlan_line'a\enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_security_group = true' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  sed -i `expr $securitygroup_line + 1`'a\firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

  else
    echo "/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件不存在"
  fi


#编辑/etc/sysctl.conf文件,确保Linux操作系统内核支持网桥过滤器
#sed 匹配到文件末尾,随后使用a\在其后追加
  echo "   --------------------------------"
  echo "   下面开始修改/etc/sysctl.conf文件"
  sed -i '$a\net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf
  sed -i '$a\net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf
  modprobe br_netfilter
  sysctl -p

#编辑/etc/neutron/dhcp_agent.ini文件,在本[DEFAULT]部分,配置Linux桥接口驱动程序Dnsmasq DHCP驱动程序,并启用隔离的元数据,以便提供商网络上的实例可以通过网络访问元数据:
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/dhcp_agent.ini文件"
  Default_line1=`cat -n /etc/neutron/dhcp_agent.ini | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line1'a\interface_driver = linuxbridge' /etc/neutron/dhcp_agent.ini
  sed -i `expr $Default_line1 + 1`'a\dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq' /etc/neutron/dhcp_agent.ini
  sed -i `expr $Default_line1 + 2`'a\enable_isolated_metadata = true' /etc/neutron/dhcp_agent.ini


#编辑/etc/neutron/metadata_agent.ini文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/metadata_agent.ini文件"
  Default_line2=`cat -n /etc/neutron/metadata_agent.ini | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line2'a\nova_metadata_host = controller-ZJB' /etc/neutron/metadata_agent.ini
  sed -i `expr $Default_line2 + 1`'a\metadata_proxy_shared_secret = 1790600080' /etc/neutron/metadata_agent.ini



#编辑/etc/nova/nova.conf配置文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/nova/nova.conf文件"
  neutron_line=`cat -n /etc/nova/nova.conf | grep "[^ ]\[neutron\]$" | awk '{print $1}'`
  sed -i $neutron_line'a\url = http://controller-ZJB:9696' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 2`'a\auth_type = password' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 3`'a\project_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 4`'a\user_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 5`'a\region_name = RegionOne' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 6`'a\project_name = service' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 7`'a\username = neutron' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 8`'a\password = 1790600080' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 9`'a\service_metadata_proxy = true' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 10`'a\metadata_proxy_shared_secret = 1790600080' /etc/nova/nova.conf

  echo "   --------------------------------"
  echo "   5、创建网络服务初始化脚本所需要的软链接/etc/neutron/plugin.ini指向ML2插件的配置文件/etc/neutron/plugins/ml2/ml2_conf.ini:"
  echo " "
  ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini



  echo "   --------------------------------"
  echo "   6、填充数据库"
  echo " "
  su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

  echo "   --------------------------------"
  echo "   7、重启Compute API 服务"
  echo " "
  systemctl restart openstack-nova-api


  echo "   --------------------------------"
  echo "   8、启动网络服务并配置其为开机自启动"
  echo " "
  systemctl enable neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
  systemctl start neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent



elif [ $answer == "n" ]; then
   echo " "
   echo "    已退出此脚本"
fi

compute节点脚本:

#!/bin/bash
#This is a script for editing compute's neutron
echo "   这是一个修改neutron配置文件的脚本:"
echo "   -------------------------------"
echo "   1、安装软件包"
yum -y install openstack-neutron-linuxbridge ebtables ipset



echo "   --------------------------------"
echo "   2、修改Neutron配置文件:"
echo " "
read -p  "     选择是否一键修改neutron配置文件(y/n)" answer
#判断/etc/neutron/neutron.conf文件是否存在,不存在直接输出错误
if [ $answer == "y" ];then
  ls /etc/neutron/neutron.conf &> /dev/null
  if [ $? == 0 ];then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/neutron.conf配置文件"

  Default_line=`cat -n /etc/neutron/neutron.conf | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line'a\transport_url = rabbit://ZJB:1790600080@controller-ZJB' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 1`'a\auth_strategy = keystone' /etc/neutron/neutron.conf
  else
     echo "   etc/neutron/neutron.conf文件不存在!"
  fi


  keystone_authtoken_line=`cat -n /etc/neutron/neutron.conf | grep "\[keystone_authtoken\]$" | awk '{print $1}'`
  sed -i $keystone_authtoken_line'a\www_authenticate_uri = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 2`'a\memcached_servers = controller-ZJB:11211' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 3`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 4`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 5`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 6`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 7`'a\username = neutron' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 8`'a\password = 1790600080' /etc/neutron/neutron.conf

  oslo_concurrency_line=`cat -n /etc/neutron/neutron.conf | grep "\[oslo_concurrency\]$" | awk '{print $1}'`
  sed -i $oslo_concurrency_line'a\lock_path = /var/lib/neutron/tmp' /etc/neutron/neutron.conf

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件"
  linux_bridge_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[linux_bridge\]$" | awk '{print $1}'`
  sed -i $linux_bridge_line'a\physical_interface_mappings = provider:ens37' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  vxlan_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[vxlan\]$" | awk '{print $1}'`
  sed -i $vxlan_line'a\enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_security_group = true' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  sed -i `expr $securitygroup_line + 1`'a\firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

#编辑/etc/sysctl.conf文件,确保Linux操作系统内核支持网桥过滤器
#sed 匹配到文件末尾,随后使用a\在其后追加
  echo "   --------------------------------"
  echo "   下面开始修改/etc/sysctl.conf文件"
  sed -i '$a\net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf
  sed -i '$a\net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf
  modprobe br_netfilter
  sysctl -p



#编辑/etc/nova/nova.conf配置文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/nova/nova.conf文件"

  neutron_line=`cat -n /etc/nova/nova.conf | grep "[^ ]\[neutron\]$" | awk '{print $1}'`
  sed -i $neutron_line'a\url = http://controller-ZJB:9696' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 2`'a\auth_type = password' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 3`'a\project_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 4`'a\user_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 5`'a\region_name = RegionOne' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 6`'a\project_name = service' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 7`'a\username = neutron' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 8`'a\password = 1790600080' /etc/nova/nova.conf

  echo "   --------------------------------"
  echo "   3、重启 Compute 服务"
  echo " "
  systemctl restart  openstack-nova-compute

  echo "   --------------------------------"
  echo "   4、开启Linxu网桥代理并配置开机自启动"
  systemctl enable neutron-linuxbridge-agent.service
  systemctl start neutron-linuxbridge-agent.service

elif [ $answer == "n" ]; then
   echo " "
   echo "    已退出此脚本"
fi

© 本文著作权归作者所有,转载前请务必署名

最新文章
添加公网 IP 到 kubernetes 的 apiserver

通常情况下, kubernetes 集群都是内网环境,如果希望通过本地访问这个集群,怎么办呢?
Restful API是什么?有什么特点?

REST,全名 Representational State Transfer( 表现层状态转移),它是一种设计风格,RESTful 只是转为形容词,像是 peace 和平这名词,转成形容词是 peaceful,RESTful 则形容以此规范设计的 API,称为 `RESTful API`
PS1变量

linux ps1自定义变量
k8s集群内部dns解析梳理排查(emqx通过k8s自动集群问题解决)

解决emqx的通过k8s自动集群的过程中,顺带回顾了一下k8s集群dns解析的相关原理,并分享了k8s集群内常见dns解析问题的排查思路。
k8s Pod 如何连接 USB 设备

docker容器可以通过--device参数将设备挂载到容器中,k8s能不能也将usb设备挂载到Pod中呢?答案当然是可以
分类
shell shell
linux linux
k8s k8s
OpenStack openstack
docker docker
ZJIB-HIMSELF zjib-himself
伪努力 伪努力
云存储与分布式 云存储与分布式
python python
cluster cluster
Linux-Service linux-service
心情笔记 心情笔记
Web-Server web-server
Network network
android-hunzi android-hunzi
Windows-Server windows-server
Zabbix zabbix
AWS aws
istio istio
kubeSphere kubesphere
Golang golang
jupyter jupyter
influxdb influxdb
mqtt mqtt
telegraf telegraf
mongodb mongodb
code code
标签
code code
mongodb mongodb
telegraf telegraf
mqtt mqtt
influxdb influxdb
jupyter jupyter
Golang golang
kubeSphere kubesphere
istio istio
windows windows
AWS aws
Zabbix zabbix
Windows-Server windows-server
android-hunzi android-hunzi
Network network
Web-Server web-server
心情笔记 心情笔记
mood mood
Linux-Service linux-service
database database
cluster cluster
python python
云存储与分布式 云存储与分布式
伪努力 1578027100242
ZJIB-HIMSELF zjib-himself
docker docker
OpenStack openstack
shell shell
linux linux
k8s k8s