|
|
扩容脚本:
- |' r, u8 W# u, L#!/bin/bash# }* a9 n! C0 Y" l( z& r$ c# A0 Z1 a
#
/ E& a4 [" l; x+ P, \7 Q( U#修改hostname
( L7 i. A! g! h6 l6 s' H- a+ E2 o* SMASTERHOSTNAME=`ip a|grep global|awk -F/ '{print $1}'|awk '{print $2}'|awk -F. '{print "-"$3"-"$4}'`;hostnamectl --static set-hostname compute$MASTERHOSTNAME.dev01-gonn0101.controller ]) ~1 `& G x2 |
IPADDR=`ip a|grep -w inet|grep -w brd|awk '{print $2}'|awk -F/ '{print $1}'`
" q J0 d' p# L: M9 c3 H! o* V#gome yum 源5 `+ o/ F. C# m& w+ K& u
gomerepo init9 C( J! S; n% X; I; c
gomerepo enable openstack_newton9 `1 @# z; w2 d* d. k
gomerepo enable ovirt
; W; H- T- p8 |4 |#安装软件" H5 b# E; @" W6 V* |
yum install -y libvirt-daemon-driver-storage-2.0.0-10.el7_3.9.x86_64
1 W$ ~7 X7 ~+ U! ]: }, O' S2 Dyum install -y libvirt-client-2.0.0-10.el7_3.9.x86_64
9 L% o9 J+ E: M/ Hyum install -y libvirt-daemon-driver-qemu-2.0.0-10.el7_3.9.x86_643 G6 [( ^. a" w3 `5 u9 ]
yum install -y libvirt-daemon-driver-nodedev-2.0.0-10.el7_3.9.x86_64
. @- B$ V K9 syum install -y libvirt-daemon-2.0.0-10.el7_3.9.x86_64
% y; C# D X- `6 f0 x/ uyum install -y libvirt-daemon-driver-secret-2.0.0-10.el7_3.9.x86_64
5 n' }5 X. P, A1 S% I6 ^yum install -y libvirt-python-2.0.0-2.el7.x86_642 v$ ?& w# p) ~& v/ M' |6 m
yum install -y libvirt-daemon-driver-network-2.0.0-10.el7_3.9.x86_647 A; Y0 ~% s+ Y2 G
yum install -y libvirt-daemon-driver-nwfilter-2.0.0-10.el7_3.9.x86_640 ]" k! p0 d3 U q
yum install -y libvirt-daemon-kvm-2.0.0-10.el7_3.9.x86_64- p/ A) n5 S( T, |$ O9 P
yum install -y qemu-kvm-ev-2.6.0-27.1.el7.x86_64
1 i/ `, X2 a9 Z; a- s' m( iyum install -y openvswitch-2.5.0-2.el7.x86_64
+ ]: A% M8 Z9 K3 z. E0 pyum install -y python-openvswitch-2.5.0-2.el7.noarch: v9 w& s$ F( a3 r+ R/ W
yum install -y openstack-neutron-common-9.1.1-1.el7.noarch4 g# E' q# l. a
yum install -y openstack-neutron-openvswitch-9.1.1-1.el7.noarch. v& ?! y! T4 E% e, w5 d+ T# C
yum install -y openstack-neutron-ml2-9.1.1-1.el7.noarch% M/ p; `4 c ~; x
yum install -y openstack-nova-compute-14.0.2-1.el7.noarch* i; I, Y1 j, d/ [8 e: J3 O: K( Z4 j
yum install -y openstack-nova-common-14.0.2-1.el7.noarch
- K) E; g1 M/ Y7 d8 U; @yum install -y openstack-utils-2017.1-1.el7.noarch
3 n3 A9 l9 z: E#配置文件
$ R2 Z6 t8 ]/ G3 Icat <<EOF> /etc/nova/nova.conf
9 }5 N! H* V4 q0 t! b* e0 M[DEFAULT]
5 n- Y _% M' pmy_ip = $IPADDR7 h/ \& {; D) w* a' B( W- x1 o
log_dir = /var/log/nova
( D& u7 Y$ r& x4 Y3 s/ Aauth_strategy = keystone0 h. C$ g5 i) H+ d, _
debug = false) x0 n9 E0 N3 R
workers = 40
' H8 X5 o( w! I( Zmulti_host = true
. t3 c1 k) U' Rstate_path = /data/openstack/nova
( E+ v9 O& o$ m; z0 eallow_resize_to_same_host = true1 q# \0 [$ K% {- H# C# j: Q# s
resume_guests_state_on_host_boot = true3 X/ M& G) P7 e6 E: M( L$ h: O
virt_type = kvm3 c( H* p. ~/ a2 Y; n
cpu_allocation_ratio = 3.02 y5 o! Q$ M q8 V) T+ K
ram_allocation_ratio = 1.2# @% m9 C: F) X/ T; ^; U: ~* @& Q) j9 n
disk_allocation_ratio = 1.0" P1 T0 i: K. M$ E
max_instances_per_host = 25+ e" j K" H- A: \# k$ K! N8 o
instance_usage_audit = True3 f9 d: z, v4 y0 K: g. n4 S9 t# y
instance_usage_audit_period = hour) S4 I4 }2 E; h$ B0 X& \6 [" Y
notify_on_state_change = vm_and_task_state
& q& D7 W P' S) ^enabled_apis = osapi_compute,metadata; g a5 ?* A7 ], \$ z- L$ E
running_deleted_instance_action = reap
- }6 g( t# z2 M" j. Jmulti_instance_display_name_template = %(name)s-%(count)s
; K* R: ?4 j9 i) q8 wscheduler_driver = nova.scheduler.filter_scheduler.FilterScheduler
# O E! G- ^: p! W#vcpu_pin_set = 8-39
. y0 T3 ?% ]3 T: J! V5 k9 ]( V" X#console_allowed_origins =6 x7 [% J8 w R9 ~% e' y; ]
scheduler_default_filters = RetryFilter,AvailabilityZoneFilter,RamFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter,NumInstancesFilter; X9 W9 ?9 f! ]. ^5 F; P( Q; S
firewall_driver = nova.virt.firewall.NoopFirewallDriver
' {; I) L+ L7 M/ x$ p4 V1 Luse_neutron = true
# G2 k7 I# |$ O- _: l8 h; Mosapi_compute_listen = $IPADDR
8 \1 X1 R! b7 d+ Xosapi_compute_listen_port = 8774
: E, z3 q( }( [/ rmetadata_listen = $IPADDR
) F R0 o. ~0 _5 e% Qmetadata_listen_port = 87757 M# ]$ O4 h) j u' Q7 [8 |
default_log_levels = amqplib=WARN,sqlalchemy=WARN,boto=WARN,suds=INFO,qpid.messaging=INFO,iso8601.iso8601=INFO8 w4 B6 I9 T1 O8 z' U
memcached_servers = controller-3-28:11211,controller-3-29:11211
8 M. ?$ I, \/ \" r$ u8 srpc_backend = rabbit ~( E0 R3 X! s F
network_api_class = nova.network.neutronv2.api.API5 O5 K3 N* v7 V
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
9 Y- I% J) P& `6 f& T- eneutron_admin_tenant_name = service4 a: b4 R: o& Z o
neutron_auth_strategy = keystone
7 ]# m' ^* A* L% h k5 s) vsecurity_group_api = neutron0 ~; g- A5 s5 g* K
firewall_driver = nova.virt.firewall.NoopFirewallDriver
7 T5 g. W# D3 ?9 `: M( p6 r" Mforce_config_drive = true" l9 u! `1 ?) X U7 U( v' c
# config_drive_skip_versions =
2 c/ l. N" _$ }* ^( O4 j/ x Tflat_injected = True
1 @ `. K7 B1 c+ j: t) c* guse_syslog = false# D* V3 P& I. ^& K* l! `
use_stderr = false1 F' o$ T4 w3 K, `7 ]/ w0 Y6 _
osapi_max_limit = 5000
$ Z& l2 M% D3 J. a+ `7 t[api_database]; _0 c9 l* T: K# a. o e
connection = mysql+pymysql://nova:QVcQ6QJ0Pn1a@mysqlserver/nova_api
9 \: V1 N( @9 i! o1 ymax_pool_size = 100
; D+ n1 W# U8 ?; _) u$ bmax_overflow = 200, O$ J, k2 @: Y- P5 p0 x5 g
[barbican]
- h$ W% t$ |9 t0 }6 S[cache]4 m' g# o: U; n V- }( \( ~
[cells]' w3 ~! q& C2 B g; x `# i i
[cinder]- [! z$ t8 @" _3 U& t
[cloudpipe], g/ C4 b; Z- z9 X1 c {$ `* b
[conductor]6 o1 {0 d3 n+ g" d% ?7 q b9 ]
[cors]8 x; p, {0 N# b8 m9 D
[cors.subdomain]
( y ^. `6 Z( r+ l- X[crypto]
/ B4 s8 o, H; ` V9 R[database] F4 S2 p6 i ~4 y# E( U
connection = mysql+pymysql://nova:QVcQ6QJ0Pn1a@mysqlserver/nova. [3 W, T+ d) ^2 I% F' T) [1 U6 \9 E
max_pool_size = 100
" p; F; I0 y+ R0 Q: i W2 p. s' nmax_overflow = 200+ \$ A3 N" p ^! M# B+ l! @* G0 O" W \
[ephemeral_storage_encryption]
. }& N' l" c2 d, S[glance]
" b+ G. G6 V* c( e ?) papi_servers = http://controller:9292
3 h2 {( L! V+ I8 M2 {2 H, w- J- ~[guestfs]
; X( [ _4 c, c. s% |[hyperv]
6 B, G$ Q$ R) ?' Xconfig_drive_cdrom = true
6 o+ X( L# O6 H* a7 ^% n0 J# config_drive_inject_password = true) o( g& I: U# Q
[image_file_url]
$ V& ]# J6 Z0 q) y[ironic]! w6 z, {8 `3 `- O% M4 k/ R
[key_manager]7 `! S# n/ }+ W* ^
[keystone_authtoken]
0 Y" w! ]3 {# Cauth_uri = http://controller:5000/v3+ [: t! Z c' T" r: C+ Q
auth_url = http://controller:35357/v3
$ M. g# @& ?3 c4 Q1 bauth_type = password5 k d8 u5 z9 k6 X5 c4 c
project_domain_name = default
" ~6 G: Q% P3 duser_domain_name = default& p' o3 ?( S" A9 @6 l9 c; f5 U
project_name = service
/ |* C4 V5 m- K dusername = nova
$ Z8 f* ~: z' {% I' w6 t! J3 Y2 Lpassword = newnovapass
) d2 K w0 b# f- a[libvirt]3 r! M5 n/ R Y K
[matchmaker_redis]
5 }) Z3 r+ t+ i% J, g+ \[metrics]3 h% F6 V6 ~' F1 |6 o8 s7 D7 ?
[mks]
! C1 G8 p+ e$ W' u% E[neutron]( M4 N* Y9 V5 C! j/ r, s
url = http://controller:9696 K0 p; G' W: \; E* h
auth_uri = http://controller:5000/v3( Y9 D1 O, n, Q1 Y
auth_url = http://controller:35357/v3
; B: C/ C9 n! C% Iauth_type = password5 o2 i% E/ K) a& L1 a) L
project_domain_name = default I; X4 o' g1 ]
user_domain_name = default
; f/ [1 M8 o! Y" @' E- D$ Z2 rregion_name = RegionOne
; l5 z( i8 J1 S, x# xproject_name = service
8 @3 \7 o% y7 m. ^* Z( s0 _' n Susername = neutron: Y5 w6 Q$ ]# I" g
password = newneutronpass4 J5 Z9 {5 [4 h9 F. u: X
service_metadata_proxy = false7 Y5 t% V6 b! m7 F: S4 M* U1 n2 q9 ~
[osapi_v21]
( q9 ]' a; x' a[oslo_concurrency]
+ N5 L8 O6 m$ H/ h5 Y1 o! rlock_path = /var/lib/nova/tmp
- q3 p7 K" m% x1 G0 |; n9 P# G[oslo_messaging_amqp]' M2 F0 \% T9 p( Z
[oslo_messaging_notifications]7 ~9 X9 v) \9 d+ g
[oslo_messaging_rabbit]
, K/ n+ I& Q4 S/ |rabbit_hosts = controller-3-28:5672,controller-3-29:5672
* Q, r8 q- J% d. arabbit_ha_queues = true3 `4 E# V# t1 S; Q9 E
rabbit_userid = openstack
V5 P1 W* t9 ^rabbit_password = h1Zg3IvdIiCx" W! s3 p+ K; Z- a5 p5 }/ T" \2 {" ~
heartbeat_timeout_threshold = 0! q) d2 K7 J5 P6 w
rabbit_max_retries = 3" ~2 p' J1 V) \, T2 C% ]# v! o
[oslo_messaging_zmq]5 b( T) B7 I, R5 \- E& l! C
[oslo_middleware]
. C& L$ X$ ?# ~5 e5 t0 c; r[oslo_policy]
% N7 g3 l8 w" D' O1 `, a' h[placement], L; P! ?2 d8 P) e" b! [! }
[placement_database]
" K9 n8 U; i7 _5 v( Q[rdp]6 {1 y8 x, u7 w+ W4 D$ {
[remote_debug], v& a5 W6 e* z' z
[serial_console]
) `: d! {. R7 p! P2 u/ E[spice]) c. M7 b9 P) D( u/ u
[ssl]' N, \. c& h5 {3 P6 F
[trusted_computing] i5 i8 @ k: m
[upgrade_levels]
6 H: b0 y+ c. U+ R6 W[vmware]
& O8 M8 q; x% X2 |; \4 \3 b[vnc]* ^0 f& k7 f8 k
novncproxy_base_url=http://10.152.3.1:6080/vnc_auto.html, t0 W9 _) n: N
novncproxy_host = $IPADDR+ F) }3 j5 ?3 d6 g
vncserver_listen = $IPADDR% @& X2 E8 S' j
vncserver_proxyclient_address = $IPADDR
( y/ |6 }5 Q" F; f. @2 Gnovncproxy_port = 6080% F$ a8 a9 k/ x% I9 T. ?7 \
[workarounds]
, ^2 J# ?2 N9 o. m( u( ]7 |[wsgi]7 L' m$ e2 J/ o
[xenserver]
9 `" k% E8 r9 P3 e$ p( C( k7 Z[xvp]
7 R/ ? x" y' N7 m O# |: QEOF
- \# G% K) k& h' C1 O) d$ ?: Qcat <<EOF> /etc/neutron/neutron.conf3 }% g- ~) Y) ^' R; I1 b
[DEFAULT]
/ H1 y) S* g9 } z: K* `3 v& d- p. sbind_host = $IPADDR, c6 |. b3 o3 W0 h* |9 e, J1 q
bind_port = 96969 g0 C2 i! i" A$ }
core_plugin = ml2
d& T: x! e( T3 Kdebug = false
- t5 k$ ]4 W0 vuse_syslog = false K- e0 W# D7 p6 V1 x& `% \
log_dir = /var/log/neutron
' t2 U& K# s1 @5 Wservice_plugins = router,metering l3 u7 e" Y- S c4 o$ d' f
auth_strategy = keystone
# ^% h$ \$ I& mbase_mac = fa:16:3f:00:00:00
2 D; p+ ?# F D; T6 Uallow_overlapping_ips = true+ K, Q0 I) S9 F) C4 F1 c
mac_generation_retries = 16& R g5 G ]/ e: ^
auth_strategy = keystone" A0 p p ^/ f/ x
notify_nova_on_port_status_changes = true3 ?4 y0 ]9 |( H5 f
notify_nova_on_port_data_changes = true
. U0 R9 S, v. F) Q1 ^- I# ^& i1 onotification_driver = neutron.openstack.common.notifier.rpc_notifier
6 w/ v2 w9 n* F; I( S, u7 ]rpc_backend = rabbit
$ E+ ]7 o4 y% F9 pagent_down_time = 75
- R1 h3 `. b; aapi_workers = 40
! B G1 \7 B( b' F8 `* _rpc_workers = 40; Y6 U( i1 {/ c
send_events_interval = 26 E3 j/ O b- I3 p
[agent]
0 P% K3 s0 y& G3 e6 Ycheck_child_processes_interval = 30
) }- [* h w: H ^3 Ycheck_child_processes_action = respawn1 t; ]8 W9 z, B* O V/ O+ |2 }
[cors]
( z5 v7 x9 Z$ P3 m+ Z K[cors.subdomain]
* O7 S2 {1 L- E& ?[database]0 S' @; p& E* x, [) J
connection = mysql+pymysql://neutron:Ol1fBhLMCFr7@mysqlserver/neutron& i* |4 Z* b; Y' J
max_pool_size = 150
# N! j! v( c- V" rmax_overflow = 3007 l4 }, d' V+ N' S. e
[keystone_authtoken]
- e3 ~& A5 G, h+ B( _% \auth_uri = http://controller:5000/v3$ I. ~" S/ [. y! V& L) I% _
auth_url = http://controller:35357/v3
9 u4 ^1 x5 H$ `& Nmemcached_servers = controller-3-28:11211,controller-3-29:112111 Q9 b4 }/ V% M
auth_type = password
" m5 P% `6 d9 Z( P T9 j) w9 Pproject_domain_name = default2 g' c, [$ z1 \. Y* f
user_domain_name = default
. s. ?7 ?) E' z+ k: _* v8 h! W1 c% m8 nproject_name = service( k/ F5 P Q+ V# d9 Z
username = neutron
+ z% u7 y9 \5 v& p6 }( Xpassword = newneutronpass c/ |/ Z! s+ t+ z9 I7 f: W
[matchmaker_redis]% A+ v y% `$ ]* O- E" H: b
[nova]
: m7 a% ~: l: X) z6 {9 m9 U Nurl = http://controller:8774/v2.1
+ U$ Y, U, d; D& S, F' Pauth_uri = http://controller:5000/v3& i) Y8 k! Q V$ }) I" m$ _7 l" p
auth_url = http://controller:35357/v3( i) a; C2 G, r/ M. n
auth_type = password8 H8 o- ]; X+ h% K7 l8 ?# u$ y
project_domain_name = default
6 x1 M& E6 j5 f! C( r1 K& g: suser_domain_name = default
! f2 n% j* C+ L4 |2 `* r. j4 uregion_name = RegionOne
2 x* k4 z5 @ l0 {% B5 }project_name = service
3 u6 R& f+ m) Lusername = nova
' U% k) W; |- i* a1 w: x# v9 qpassword = newnovapass
/ r; Q/ b! n4 q[oslo_concurrency]
0 g: [7 ?" E3 C( Z" X# ]6 r4 v/ Hlock_path = /var/lib/neutron/tmp
; \: ~- p3 R# k+ I' |[oslo_messaging_amqp]: `. _( {' A ]) B- u
[oslo_messaging_notifications]
- S+ F8 b* l& v3 V$ u[oslo_messaging_rabbit]* g3 g' o* t" r$ ]& d( v1 j
rabbit_hosts=controller-3-28:5672,controller-3-29:5672
: ?/ n l" W# U2 orabbit_ha_queues=true
! g1 u& d7 \0 U7 h8 D' ]rabbit_userid = openstack) |# I. f3 B+ r/ Q
rabbit_password = h1Zg3IvdIiCx
) J& `6 [- U" s# rheartbeat_timeout_threshold=0
1 O9 `7 @7 L" lrabbit_max_retries=2" P0 t" v8 A" o; ^+ |) F' x
[oslo_messaging_zmq]
3 o" ]+ {8 P+ t; y; G[oslo_middleware]; u/ p/ _; G. U9 h C
[oslo_policy], \: q1 M) A! r1 L& |
[qos]
, C+ \0 s5 v# [3 n4 b) t8 ?[quotas]
2 X4 M- ?; l- l4 z' j) P; J[ssl]+ p- n$ _" ~9 R9 H
EOF- ]- i; p e9 ^6 Q6 v
cat <<EOF> /etc/neutron/plugins/ml2/ml2_conf.ini
" C! S/ L! n7 s[DEFAULT]6 n3 R3 U& ]/ N$ A+ a* N
[ml2]
* h( w1 f- f, h' etype_drivers = vlan
" |* w+ d& q, F3 ~' ^4 i2 Ntenant_network_types = vlan4 r1 {) [8 z0 m2 }" x- M
mechanism_drivers = openvswitch3 `9 ?4 O+ h3 O0 I5 Y
[ml2_type_flat]
$ ~# S% ~7 }, z6 |" Pflat_networks = physnet1
4 A! V" E* P9 M p m9 B* C[ml2_type_geneve]) u( m0 R0 a7 `! m( Z
[ml2_type_gre]
" h2 E- T n/ o0 Y# h8 a' z[ml2_type_vlan]* w2 L. B, n+ P8 a
network_vlan_ranges = physnet1:1:4000
+ y) S4 `. [% c( A6 v% ?[ml2_type_vxlan]
. Q$ G) W! `* v. E" ^' l5 E[securitygroup]
" z3 o5 C! H# L7 p( {enable_security_group = false* b: j O2 J% E: U! R
firewall_driver = neutron.agent.firewall.NoopFirewallDriver
7 E5 D4 ^( `" C. U* zEOF
# C) K# H$ X% P5 W7 _cat <<EOF> /etc/neutron/plugins/ml2/openvswitch_agent.ini; a, |6 ?$ F: |+ V1 B/ P$ V
[DEFAULT]
$ O4 I! L2 ]. a' R) i# F7 `[agent]0 Z* i+ ~4 e1 H, ~0 ~$ X
prevent_arp_spoofing = false6 ^0 ]3 k$ s0 G) ~5 R2 }5 w+ `
[ovs]
4 x9 }& N1 v0 {5 mbridge_mappings = physnet1:br-bond03 s9 w4 d0 a5 m; X5 K2 U. V3 E. b# n
[securitygroup]
( s( G9 f! ~- [5 ?4 ?+ c+ [enable_security_group = false
+ f& r' p3 A& NEOF
) O) c% {2 ^& ?8 M, Z#修改nova权限
2 o, t* C5 j0 ]+ P) U4 \sed -i '/^nova/d' /etc/passwd
' Y0 C; |, K h* Gecho "nova:x:162:162:OpenStack Nova Daemons:/var/lib/nova:/bin/sh" >> /etc/passwd
7 c# W' O: t# Y% E# L0 u#设置开机启动: y* x/ W( M% r$ B
systemctl enable openstack-nova-compute.service neutron-openvswitch-agent.service openvswitch.service2 G$ b1 O% K( S
#启动服务
! f" c" A) Y$ N: p. R3 Asystemctl start openstack-nova-compute.service neutron-openvswitch-agent.service openvswitch.service
. g% u% A* z6 W6 z) r#设置
) k6 D" a9 C. |. L( W0 I( W: U% v6 ^ovs-vsctl show
6 D6 ^! `) h; |/ \% c: x+ covs-vsctl add-br br-int* x+ X$ x1 {: l# c
ovs-vsctl add-br br-bond0; ~$ z4 S" X4 @. D- v2 g
ovs-vsctl add-port br-bond0 bond08 Q. O6 ] q2 P9 s
#创建openstack目录并拷贝nova文件
* R) F4 W5 m: i4 s0 w s* Cmkdir -p /data/openstack ; cp -a /var/lib/nova /data/openstack/, d$ F9 t+ X- j6 M9 m
#更改权限
% G% h: Q5 _; B7 y* iecho "neutron ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers
; ^% Z Z2 d) z7 x: H* Uecho "nova ALL=(ALL) NOPASSWD: ALL" >> /etc/sudoers0 \* l6 @: o* M x/ M
cp -a /usr/share/nova/interfaces.template /usr/share/nova/interfaces.template_bak' l0 C! a' Y7 S7 u. A! I! M0 R' J
cat /usr/lib/python2.7/site-packages/nova/virt/interfaces.template > /usr/share/nova/interfaces.template
* ]/ ?1 ]( B9 b0 z# S+ R& Tsystemctl restart openstack-nova-compute.service ; systemctl restart neutron-openvswitch-agent.service& Z9 `; n2 s( l" M1 D7 b' ^5 R
#拷贝key文件
$ E' q. Z' C+ X5 [' ^" Escp -r root@10.152.3.25:/var/lib/nova/.ssh /var/lib/nova/( L+ I$ n9 a7 J( N0 k M
#更改权限5 B" r Q# F( R9 m
chown -R nova:nova /var/lib/nova/.ssh7 b5 E* ?2 o1 `6 U! o4 S. J/ o
! T$ z+ S( t# G: y. ?$ I |
|
发表于 2021-11-23 11:50:13