收藏文章 楼主

openstack shell 安装脚本

版块:shell   类型:普通   作者:小绿叶技术博客   查看:1559   回复:4   获赞:0   时间:2020-04-08 15:21:41


#!/bin/bash

selinux=`cat /etc/selinux/config | grep "SELINUX=" | awk -F"=" 'NR==2{print $2}'`

if [ $selinux != "disabled" ]

then

echo "正在为您关闭selinux 并重新启动系统,重启后重新执行本脚本"

sed -i "s/SELINUX\=.*/SELINUX\=disabled/g" /etc/selinux/config

reboot

else

echo "selinux 已经关闭,可以执行脚本"

fi



yum install centos-release-openstack-stein -y 

yum install python-openstackclient openstack-selinux -y

yum clean all

yum list


 nodeipx= # 允许node网段同步时间,ip前两位,例如:xxx.xxx



etc=$(ip a | grep -w "BROADCAST" | awk -F ":" 'NR==1{print $2}')

# 过滤网卡名

# BROADCAST [ˈbrɔdˌkæst]  广播,是外网卡


ip=$(ip a | grep -w $etc | awk -F" " 'NR==2{print $2}' )

# 用外网卡名字找改行信息,打印第二行第二列


echo " 

$ip  linux-node1.openstack  

" >> /etc/hosts 

sed -i  "s/\/24//g" /etc/hosts # 将尾巴  /24  替换为空格

# -g  特殊字符转义,  \  特殊字符转译符号,将符号 /  转译 不被识别

# 关闭 iptables

systemctl start firewalld.service

systemctl stop firewalld.service

systemctl disable firewalld.service


yum install -y chrony 

echo "

allow $nodeipx/16

" >> /etc/chrony.conf #  允许网段同步时间

systemctl enable chronyd.service 

systemctl start chronyd.service

timedatectl set-timezone Asia/Shanghai  

timedatectl status

# 设置同步时间和时区


#Base

yum install -y http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-release-7-8.noarch.rpm

yum install -y centos-release-openstack-liberty

yum install -y python-openstackclient


##MySQL

yum install -y mariadb mariadb-server MySQL-python


##RabbitMQ

yum install -y rabbitmq-server


##Keystone

yum install -y openstack-keystone httpd mod_wsgi memcached python-memcached


##Glance

yum install -y openstack-glance python-glance python-glanceclient


##Nova

yum install -y openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler python-novaclient


##Neutron linux-node1.example.com

yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge python-neutronclient ebtables ipset


##Dashboard

yum install -y openstack-dashboard


##Cinder

yum install -y openstack-cinder python-cinderclient





cp /usr/share/mysql/my-medium.cnf /etc/my.cnf   

 systemctl enable mariadb.service 

 ln -s '/usr/lib/systemd/system/mariadb.service' '/etc/systemd/system/multi-user.target.wants/mariadb.service'

mysql_install_db --datadir="/var/lib/mysql" --user="mysql" 

# 初始化数据库

systemctl start mariadb.service

#################################################################

mysql -e "set password = password('eisccn');"

# mysql 初始没有密码, 直接mysql 进入数据库。-e 是脚本模式,然后设置面登密码为eisccn

##  ====创建数据库开始====


mysql -uroot -peisccn -e "

drop database if exists keystone;

CREATE DATABASE keystone;

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone';

GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone';

drop database if exists glance;

CREATE DATABASE glance;

GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance';

GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance';

drop database if exists nova;

CREATE DATABASE nova;

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova';

GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova';

drop database if exists neutron;

CREATE DATABASE neutron;

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';

drop database if exists cinder;

CREATE DATABASE cinder;

GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'cinder';

GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY 'cinder';

flush privileges;

show databases;

"



#####################   创建数据库结束   ######################

systemctl enable rabbitmq-server.service

ln -s '/usr/lib/systemd/system/rabbitmq-server.service' '/etc/systemd/system/multi-user.target.wants/rabbitmq-server.service'

 systemctl start rabbitmq-server.service

 rabbitmqctl add_user openstack openstack   

rabbitmqctl set_permissions openstack ".*" ".*" ".*"  

rabbitmq-plugins list  

rabbitmq-plugins enable rabbitmq_management #启动插件

 systemctl restart rabbitmq-server.service

yum install -y lsof

lsof -i:15672

################

#获取主机IP地址

eth=$(ip a| grep "BROADCAST" | awk -F ":" 'NR==1{print $2}' | sed "s/ //g") ; echo "网卡名为:"$eth ;

# 命令 ip a 查看网卡 过滤;BROADCAST  [ˈbrɔːdkɑːst] >广播;字段的行

# awk -F ":" 以冒号为分隔符 ; 选择第一行,第二列,sed删空格

# 符号  ; 分号表示第一条命令结束,第二条开始


ethCatalog=$(find / -name "*$eth" | grep "/etc/" | sed "s/ //g" ) ;  echo "网卡路径为: "  $ethCatalog

# find 查找网卡名称的路径,grep 过滤/etc 目录下网卡名称。sed删除空格


ip=$(cat $ethCatalog | grep IPADDR | awk -F "=" 'NR==1{print $2}' | sed "s/ //g") ; echo "IP地址为: " $ip

                                                                                # 查看网卡文件,过滤IPADDR的行,awk -F"=" 分隔符是等于符号,打印第一行第二列

################

echo "

guest 登陆:http://$ip:15672

初始登陆密码:guest/guest


登陆后,点击: 导航栏的 Admin --- openstack --- 展开 Update this user 

写入密码 eisccn  确认密码eisccn  再输入管理权限用户组  administrator ; 点击 Update User 更新账户信息

之后退出使用 openstack 账户登录,账户/密码:openstack/eisccn

完成后,请确认继续搭建环境:

"

read -p "您是否已经登陆配置修改新账户;接下来安装 openstack组件!!!!!!!!

y|继续 任意键退出

" openstack

echo $openstack

case "$openstack" in 

y|Y) echo "您确认了继续操作";;

*)echo "您否定了继续操作,退出脚本;  case 的其他所有情况 * 号  不加双引号"

exit;;

esac


######################    获取行号,并插入内容  ################################

# 查一行,插一行,不然行号会变;  \n 换行

Random=`openssl rand -hex 10` ; echo " Random [ˈrændəm] 随机,生成10位随机数: $Random"

file="cat /etc/keystone/keystone.conf " ; echo $file

NRDEFAULT=`cat -n $file | grep "\[DEFAULT\]" | awk -F" " 'NR==1{print $1}'` ; echo $NRDEFAULT

                                                                        # 查找标签:[DEFAULT] 所在行,将print $1  改为 print $0 为打印第一行中的所有列信息

sed -i "$NRDEFAULT a\admin_token = $Random \nverbose = true" $file

                                                                        # $NRDEFAULT 是指定第一行   a\ 的下面插入字符串, \n 是换行符号

NRdatabase=`cat -n $file | grep "\[database\]" | awk -F" " 'NR==1{print $1}'` ; echo $NRdatabase

echo "写入IP地址 $ip"

sed -i "$NRdatabase a\connection = mysql://keystone:keystone@127.0.0.1/keystone" $file

                                                                        # 设置数据库连接 写到database下

NRmemcache=`cat -n $file | grep "\[memcache\]" | awk -F" " 'NR==1{print $1}'` ; echo $NRmemcache

sed -i "$NRmemcache a\servers = $ip:11211" $file

NRrevoke=`cat -n $file | grep "\[revoke\]" | awk -F" " 'NR==1{print $1}'` ; echo $NRrevoke

sed -i "$NRrevoke  a\driver = sql" $file

NRtoken=`cat -n $file | grep "\[token\]" | awk -F" " 'NR==2{print $1}'` ; echo $NRtoken

sed -i "$NRtoken a\provider = uuid \ndriver = memcache" $file

cat $file|grep -v "^#"|grep -v "^$"

#########################################################################


su -s /bin/sh -c "keystone-manage db_sync" keystone

# 创建数据库,使用同步

ll /var/log/keystone/keystone.log # 之所以上面 su 切换是因为这个日志文件属主


# 数据库检查表,生产环境密码不要用keystone,查看时间并改成复杂点的密码:set password = password('eisccn');

mysql -h $ip -u keystone -pkeystone -e "

select now();

"

systemctl enable memcached

ln -s '/usr/lib/systemd/system/memcached.service' '/etc/systemd/system/multi-user.target.wants/memcached.service'

systemctl start memcached

sed -i "s/#ServerName.*/ServerName $ip\:80/g" /etc/httpd/conf/httpd.conf

#######################################

# 修改文件: wsgi-keystone.conf

conf=`find / -name "wsgi-keystone.conf"` ; echo $conf

sed -i "1 a\Listen 35357" $conf

echo "

<VirtualHost *:35357>

WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}

WSGIProcessGroup keystone-admin

WSGIScriptAlias / /usr/bin/keystone-wsgi-admin

WSGIApplicationGroup %{GLOBAL}

WSGIPassAuthorization On

<IfVersion >= 2.4>

ErrorLogFormat "%{cu}t %M"

</IfVersion>

ErrorLog /var/log/httpd/keystone-error.log

CustomLog /var/log/httpd/keystone-access.log combined

<Directory /usr/bin>

<IfVersion >= 2.4>

Require all granted

</IfVersion>

<IfVersion < 2.4>

Order allow,deny

Allow from all

</IfVersion>

</Directory>

</VirtualHost>

" >> $conf


#######################################

systemctl enable httpd

ln -s '/usr/lib/systemd/system/httpd.service' '/etc/systemd/system/multi-user.target.wants/httpd.service'

systemctl start httpd

yum install -y net-tools

netstat -lntup|grep httpd # 查看启用的端口,grep过滤httpd的进程


TOKEN=`cat /etc/keystone/keystone.conf | grep "^admin_token =" | awk -F" " '{print $3}' | sed "s/ //g"` ; echo $TOKEN

export OS_TOKEN=$TOKEN

export OS_URL=http://$ip:35357/v3

export OS_IDENTITY_API_VERSION=3

openstack project create --domain default --description "Admin Project" admin

openstack user create --domain default --password-prompt admin

openstack role create admin

openstack role add --project admin --user admin admin

openstack project create --domain default --description "Demo Project" demo

openstack user create --domain default --password=demo demo

openstack role create user

openstack role add --project demo --user demo user

openstack project create --domain default --description "Service Project" service

openstack user list

openstack project list

openstack service create --name keystone --description "OpenStack Identity" identity

openstack endpoint create --region RegionOne identity public http://$ip:5000/v2.0

openstack endpoint create --region RegionOne identity internal http://$ip:5000/v2.0

openstack endpoint create --region RegionOne identity admin http://$ip:35357/v2.0

openstack endpoint list 












sed -i "/^$/d" 1.sh ; chmod 755 1.sh ; ./1.sh

有些梦虽然遥不可及,但并不是不可能实现。 
回复列表
默认   热门   正序   倒序

回复:openstack shell 安装脚本

Powered by ddoss.cn 12.0

©2015 - 2024 ddoss

头像

用户名:

粉丝数:

签名:

资料 关注 好友 消息