侧边栏壁纸
博主头像
枕头下放双臭袜子博主等级

今我何功德,曾不事农桑

  • 累计撰写 166 篇文章
  • 累计创建 32 个标签
  • 累计收到 0 条评论

Openstack-neutron组件一键部署安装脚本(v1版,命令组合)

枕头下放双臭袜子
2020-01-16 / 0 评论 / 0 点赞 / 825 阅读 / 0 字 / 正在检测是否收录...

openstack系列Minimal deployment for Rocky

    neutron部分需要一块桥接网络的网卡,所以前提准备需要你自己去做

脚本已测试,如需使用,修改脚本所有controller-ZJB为你的主机名,修改所有1790600080为你的密码

win的编码与unix的编码有区别,如果你直接粘贴使用,最好安装dos2unix将脚本文件转码!

image.png

image.png

controller节点脚本:

#!/bin/bash
#This is a script for editing controller's neutron
# 如果你需要使用此脚本,将主机名controller-ZJB修改为你的主机名
# 所有1790600080处修改为自己的密码
readonly create_domain_pass=1790600080

echo "   这是一个修改neutron配置文件的脚本:"
echo "   -------------------------------"
echo "   1、下面开始创建数据库并赋予相应权限"
mysql -u root -p1790600080 <<EOF
    CREATE DATABASE neutron;
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '1790600080';
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '1790600080';
EOF


echo "   --------------------------------"
echo "   数据库已创建成功并赋予了相应权限"
echo "   --------------------------------"
echo "   2、创建服务凭证:"

export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=1790600080
export OS_AUTH_URL=http://controller-ZJB:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2

openstack user create --domain default --password $create_domain_pass neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region RegionOne network public http://controller-ZJB:9696
openstack endpoint create --region RegionOne network internal http://controller-ZJB:9696
openstack endpoint create --region RegionOne network admin http://controller-ZJB:9696

echo "   --------------------------------"
echo "         服务凭证已创建完成!"
echo "   --------------------------------"
echo "  选择第一种网络类型:Provider networks"
echo "   3、安装网络组件"
yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
echo "   --------------------------------"
if [ $? == 0 ];then
echo "    软件已成功安装!"
else
   echo "   软件安装出错,请手动查看问题!"
fi



echo "   --------------------------------"
echo "   4、修改Neutron配置文件:"
echo " "
read -p  "     选择是否一键修改neutron配置文件(y/n)" answer
#判断/etc/neutron/neutron.conf文件是否存在,不存在直接输出错误
if [ $answer == "y" ];then
  ls /etc/neutron/neutron.conf &> /dev/null
  if [ $? == 0 ];then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/neutron.conf配置文件"

  database_line=`cat -n /etc/neutron/neutron.conf | grep "\[database\]$" | awk '{print $1}'`
  sed -i $database_line'a\connection = mysql+pymysql://neutron:1790600080@controller-ZJB/neutron' /etc/neutron/neutron.conf

  Default_line=`cat -n /etc/neutron/neutron.conf | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line'a\core_plugin = ml2' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 1`'a\service_plugins =' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 2`'a\transport_url = rabbit://ZJB:1790600080@controller-ZJB' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 3`'a\auth_strategy = keystone' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 4`'a\notify_nova_on_port_status_changes = true' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 5`'a\notify_nova_on_port_data_changes = true' /etc/neutron/neutron.conf



  keystone_authtoken_line=`cat -n /etc/neutron/neutron.conf | grep "\[keystone_authtoken\]$" | awk '{print $1}'`
  sed -i $keystone_authtoken_line'a\www_authenticate_uri = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 2`'a\memcached_servers = controller-ZJB:11211' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 3`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 4`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 5`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 6`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 7`'a\username = neutron' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 8`'a\password = 1790600080' /etc/neutron/neutron.conf


  nova_line=`cat -n /etc/neutron/neutron.conf | grep "\[nova\]$" | awk '{print $1}'`
  sed -i $nova_line'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 1`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 2`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 3`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 4`'a\region_name = RegionOne' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 5`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 6`'a\username = nova' /etc/neutron/neutron.conf
  sed -i `expr $nova_line + 7`'a\password = 1790600080' /etc/neutron/neutron.conf

  oslo_concurrency_line=`cat -n /etc/neutron/neutron.conf | grep "\[oslo_concurrency\]$" | awk '{print $1}'`
  sed -i $oslo_concurrency_line'a\lock_path = /var/lib/neutron/tmp' /etc/neutron/neutron.conf

  else
     echo "   etc/neutron/neutron.conf文件不存在!"
  fi

#修改/etc/neutron/plugins/ml2/ml2_conf.ini配置文件
  ls /etc/neutron/plugins/ml2/ml2_conf.ini &>/dev/null
  if [ $? == 0 ]; then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/ml2_conf.ini配置文件"

  ml2_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[ml2\]$" | awk '{print $1}'`
  sed -i $ml2_line'a\type_drivers = flat,vlan' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 1`'a\tenant_network_types =' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 2`'a\mechanism_drivers = linuxbridge' /etc/neutron/plugins/ml2/ml2_conf.ini
  sed -i `expr $ml2_line + 3`'a\extension_drivers = port_security' /etc/neutron/plugins/ml2/ml2_conf.ini

  ml2_type_flat_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[ml2_type_flat\]$" | awk '{print $1}'`
  sed -i $ml2_type_flat_line'a\flat_networks = provider' /etc/neutron/plugins/ml2/ml2_conf.ini

  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/ml2_conf.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_ipset = true' /etc/neutron/plugins/ml2/ml2_conf.ini



  else
    echo "/etc/neutron/plugins/ml2/ml2_conf.ini配置文件不存在"
  fi

#修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件
  ls /etc/neutron/plugins/ml2/linuxbridge_agent.ini &>/dev/null
  if [ $? == 0 ]; then
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件"

  linux_bridge_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[linux_bridge\]$" | awk '{print $1}'`
  sed -i $linux_bridge_line'a\physical_interface_mappings = provider:ens37' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  vxlan_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[vxlan\]$" | awk '{print $1}'`
  sed -i $vxlan_line'a\enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_security_group = true' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  sed -i `expr $securitygroup_line + 1`'a\firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

  else
    echo "/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件不存在"
  fi


#编辑/etc/sysctl.conf文件,确保Linux操作系统内核支持网桥过滤器
#sed 匹配到文件末尾,随后使用a\在其后追加
  echo "   --------------------------------"
  echo "   下面开始修改/etc/sysctl.conf文件"
  sed -i '$a\net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf
  sed -i '$a\net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf
  modprobe br_netfilter
  sysctl -p

#编辑/etc/neutron/dhcp_agent.ini文件,在本[DEFAULT]部分,配置Linux桥接口驱动程序Dnsmasq DHCP驱动程序,并启用隔离的元数据,以便提供商网络上的实例可以通过网络访问元数据:
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/dhcp_agent.ini文件"
  Default_line1=`cat -n /etc/neutron/dhcp_agent.ini | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line1'a\interface_driver = linuxbridge' /etc/neutron/dhcp_agent.ini
  sed -i `expr $Default_line1 + 1`'a\dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq' /etc/neutron/dhcp_agent.ini
  sed -i `expr $Default_line1 + 2`'a\enable_isolated_metadata = true' /etc/neutron/dhcp_agent.ini


#编辑/etc/neutron/metadata_agent.ini文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/metadata_agent.ini文件"
  Default_line2=`cat -n /etc/neutron/metadata_agent.ini | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line2'a\nova_metadata_host = controller-ZJB' /etc/neutron/metadata_agent.ini
  sed -i `expr $Default_line2 + 1`'a\metadata_proxy_shared_secret = 1790600080' /etc/neutron/metadata_agent.ini



#编辑/etc/nova/nova.conf配置文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/nova/nova.conf文件"
  neutron_line=`cat -n /etc/nova/nova.conf | grep "[^ ]\[neutron\]$" | awk '{print $1}'`
  sed -i $neutron_line'a\url = http://controller-ZJB:9696' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 2`'a\auth_type = password' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 3`'a\project_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 4`'a\user_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 5`'a\region_name = RegionOne' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 6`'a\project_name = service' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 7`'a\username = neutron' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 8`'a\password = 1790600080' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 9`'a\service_metadata_proxy = true' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 10`'a\metadata_proxy_shared_secret = 1790600080' /etc/nova/nova.conf

  echo "   --------------------------------"
  echo "   5、创建网络服务初始化脚本所需要的软链接/etc/neutron/plugin.ini指向ML2插件的配置文件/etc/neutron/plugins/ml2/ml2_conf.ini:"
  echo " "
  ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini



  echo "   --------------------------------"
  echo "   6、填充数据库"
  echo " "
  su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

  echo "   --------------------------------"
  echo "   7、重启Compute API 服务"
  echo " "
  systemctl restart openstack-nova-api


  echo "   --------------------------------"
  echo "   8、启动网络服务并配置其为开机自启动"
  echo " "
  systemctl enable neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
  systemctl start neutron-server neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent



elif [ $answer == "n" ]; then
   echo " "
   echo "    已退出此脚本"
fi

compute节点脚本:

#!/bin/bash
#This is a script for editing compute's neutron
echo "   这是一个修改neutron配置文件的脚本:"
echo "   -------------------------------"
echo "   1、安装软件包"
yum -y install openstack-neutron-linuxbridge ebtables ipset



echo "   --------------------------------"
echo "   2、修改Neutron配置文件:"
echo " "
read -p  "     选择是否一键修改neutron配置文件(y/n)" answer
#判断/etc/neutron/neutron.conf文件是否存在,不存在直接输出错误
if [ $answer == "y" ];then
  ls /etc/neutron/neutron.conf &> /dev/null
  if [ $? == 0 ];then

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/neutron.conf配置文件"

  Default_line=`cat -n /etc/neutron/neutron.conf | grep "\[DEFAULT\]$" | awk '{print $1}'`
  sed -i $Default_line'a\transport_url = rabbit://ZJB:1790600080@controller-ZJB' /etc/neutron/neutron.conf
  sed -i `expr $Default_line + 1`'a\auth_strategy = keystone' /etc/neutron/neutron.conf
  else
     echo "   etc/neutron/neutron.conf文件不存在!"
  fi


  keystone_authtoken_line=`cat -n /etc/neutron/neutron.conf | grep "\[keystone_authtoken\]$" | awk '{print $1}'`
  sed -i $keystone_authtoken_line'a\www_authenticate_uri = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 2`'a\memcached_servers = controller-ZJB:11211' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 3`'a\auth_type = password' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 4`'a\project_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 5`'a\user_domain_name = default' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 6`'a\project_name = service' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 7`'a\username = neutron' /etc/neutron/neutron.conf
  sed -i `expr $keystone_authtoken_line + 8`'a\password = 1790600080' /etc/neutron/neutron.conf

  oslo_concurrency_line=`cat -n /etc/neutron/neutron.conf | grep "\[oslo_concurrency\]$" | awk '{print $1}'`
  sed -i $oslo_concurrency_line'a\lock_path = /var/lib/neutron/tmp' /etc/neutron/neutron.conf

  echo "   --------------------------------"
  echo "   下面开始修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini配置文件"
  linux_bridge_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[linux_bridge\]$" | awk '{print $1}'`
  sed -i $linux_bridge_line'a\physical_interface_mappings = provider:ens37' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  vxlan_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[vxlan\]$" | awk '{print $1}'`
  sed -i $vxlan_line'a\enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


  securitygroup_line=`cat -n /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep "\[securitygroup\]$" | awk '{print $1}'`
  sed -i $securitygroup_line'a\enable_security_group = true' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  sed -i `expr $securitygroup_line + 1`'a\firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

#编辑/etc/sysctl.conf文件,确保Linux操作系统内核支持网桥过滤器
#sed 匹配到文件末尾,随后使用a\在其后追加
  echo "   --------------------------------"
  echo "   下面开始修改/etc/sysctl.conf文件"
  sed -i '$a\net.bridge.bridge-nf-call-iptables = 1' /etc/sysctl.conf
  sed -i '$a\net.bridge.bridge-nf-call-ip6tables = 1' /etc/sysctl.conf
  modprobe br_netfilter
  sysctl -p



#编辑/etc/nova/nova.conf配置文件
  echo "   --------------------------------"
  echo "   下面开始修改/etc/nova/nova.conf文件"

  neutron_line=`cat -n /etc/nova/nova.conf | grep "[^ ]\[neutron\]$" | awk '{print $1}'`
  sed -i $neutron_line'a\url = http://controller-ZJB:9696' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 1`'a\auth_url = http://controller-ZJB:5000' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 2`'a\auth_type = password' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 3`'a\project_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 4`'a\user_domain_name = default' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 5`'a\region_name = RegionOne' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 6`'a\project_name = service' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 7`'a\username = neutron' /etc/nova/nova.conf
  sed -i `expr $neutron_line + 8`'a\password = 1790600080' /etc/nova/nova.conf

  echo "   --------------------------------"
  echo "   3、重启 Compute 服务"
  echo " "
  systemctl restart  openstack-nova-compute

  echo "   --------------------------------"
  echo "   4、开启Linxu网桥代理并配置开机自启动"
  systemctl enable neutron-linuxbridge-agent.service
  systemctl start neutron-linuxbridge-agent.service

elif [ $answer == "n" ]; then
   echo " "
   echo "    已退出此脚本"
fi
0

评论