设为首页 收藏本站
查看: 872|回复: 0

[经验分享] 关于shell脚本部署openstack平台controller节点(CentOS,Pike)

[复制链接]

尚未签到

发表于 2018-5-30 12:00:18 | 显示全部楼层 |阅读模式
  **首先声明:此脚本只适合用于实验环境,比如虚拟机等,不适合实际生产环境操作
(新手,大神勿喷)
  **本脚本由 shell 编写执行,部署的是 openstackPike 版本
因为我把 memcached 、 rabbitMQ 和 MariaDB 全部集成在了 controller 节点上,
所以建议controller节点的配置相对高一些
  实验环境:
VMware 14 Pro   CentOS  7  虚拟机
  controller节点虚拟机的配置是这样的:
DSC0000.jpg

  操作系统和内核版本如下:
DSC0001.jpg

  在运行脚本之前,首先要做一些如下准备:
关闭 SELINUX ,(虽然加了 openstack-selinux 的安装包,但是感觉还是关掉比较好)
更改主机名,
更改IP地址,更改成如下的样子:
DSC0002.jpg

  其中第二块为controller节点的网卡,第三块可以改成disabled,第四块为桥接网卡,方便外部连接
  至于【/etc/yum.repos.d/】的 【 * .  repo  】源文件就靠自己动手啦~
  然后就可以执行脚本了(后面有脚本文件和具体内容),以 root 用户身份执行
  整个安装过程没有任何交互,只需要安静等待安装完毕就好
DSC0003.jpg

  安装完毕后,检查一下服务有没有全部开启
DSC0004.jpg

  正常情况下所有的服务应该是   active   running
  进入 root 文件夹,下面有一个 admin-openrc 文件,以 bash 或者  .   执行一下就可以,获取 admin 权限,
以后如果出现权限不够的情况就再执行一次即可
  打开浏览器,输入【  controllerIP/dashboard  】,就可以看到登陆面板了
DSC0005.jpg

  **登陆域是 defualt  ,  用户名是 admin  ,  密码是 iforgot
  登录成功界面
DSC0006.jpg

  **
  分
  割
  线
  **
  下面就是脚本的具体内容了,感谢Louis
  #!/bin/bash
  #set -x
PASSWORD=iforgot
yum remove firewalld-filesystem NetworkManager-libnm -y
FIRST_PKG=centos-release-openstack-pike
CONTROLLER_PKGS=(
net-tools
chrony
python-openstackclient
openstack-selinux
mariadb
mariadb-server
python2-PyMySQL
rabbitmq-server
memcached
python-memcached
openstack-keystone
httpd
mod_wsgi
openstack-glance
openstack-nova-api
openstack-nova-conductor
openstack-nova-console
openstack-nova-novncproxy
openstack-nova-scheduler
openstack-nova-placement-api
openstack-neutron
openstack-neutron-ml2
openstack-neutron-linuxbridge
ebtables
openstack-cinder
openstack-dashboard
)
declare -A SERVICE_USERS
SERVICE_USERS=(
[identity]="keystone"
[image]="glance"
[compute]="nova"
[placement]="placement"
[network]="neutron"
[volume]="cinder"
)
ENDPOINTS=(
"admin"
"internal"
"public"
)
#yum install $FIRST_PKG -y
yum upgrade -y
yum install ${CONTROLLER_PKGS
  • } -y
    NIC_NAME=(ip addr | grep '^[0-9]' | awk -F':' '{print $2}')
    MGMT_IP=ifconfig ${NIC_NAME[1]} | grep -w inet | awk '{print $2}'
    echo "$MGMT_IP controller" >> /etc/hosts
    sed -i "s/#ServerName www.example.com:80/ServerName controller/g" /etc/httpd/conf/httpd.conf
    cat > /etc/chrony.conf << EOF
    server $MGMT_IP iburst
    driftfile /var/lib/chrony/drift
    makestep 1.0 3
    rtcsync
    allow 0.0.0.0
    local stratum 10
    EOF
    systemctl enable chronyd
    systemctl start chronyd
    cat > /etc/my.cnf.d/openstack.cnf << EOF
    [mysqld]
    bind-address = $MGMT_IP
    default-storage-engine = innodb
    innodb_file_per_table = on
    max_connections = 4096
    collation-server = utf8_general_ci
    character-set-server = utf8
    EOF
    systemctl enable mariadb
    systemctl start mariadb
    mysql_secure_installation <<EOF
      y
    $PASSWORD
    $PASSWORD
    y
    y
    y
    y
    EOF
    systemctl enable rabbitmq-server.service
    systemctl start rabbitmq-server.service
    rabbitmqctl add_user openstack $PASSWORD
    rabbitmqctl set_permissions openstack &quot;.&quot; &quot;.&quot; &quot;.&quot;
    sed -i &quot;s/127.0.0.1/$MGMT_IP/g&quot; /etc/sysconfig/memcached
    systemctl enable memcached.service
    systemctl start memcached.service
    for USER in ${SERVICE_USERS[
    ]}; do
    if [[ $USER = nova ]]; then
    mysql -uroot -p$PASSWORD -e &quot;CREATE DATABASE nova_api&quot;
    mysql -uroot -p$PASSWORD -e &quot;CREATE DATABASE $USER&quot;
    mysql -uroot -p$PASSWORD -e &quot;CREATE DATABASE nova_cell0&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON nova_api. TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON nova_api.
    TO '$USER'@'%' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON $USER. TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON $USER.
    TO '$USER'@'%' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON nova_cell0. TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON nova_cell0.
    TO '$USER'@'%' IDENTIFIED BY '$PASSWORD'&quot;
    else
    mysql -uroot -p$PASSWORD -e &quot;CREATE DATABASE $USER&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON $USER. TO '$USER'@'localhost' IDENTIFIED BY '$PASSWORD'&quot;
    mysql -uroot -p$PASSWORD -e &quot;GRANT ALL PRIVILEGES ON $USER.
    TO '$USER'@'%' IDENTIFIED BY '$PASSWORD'&quot;
    fi
    done
    cat > /etc/keystone/keystone.conf <<EOF
    [database]
    connection = mysql+pymysql://keystone:$PASSWORD@$MGMT_IP/keystone
    [token]
    provider = fernet
    EOF
    chown root:keystone /etc/keystone/keystone.conf
    su -s /bin/sh -c &quot;keystone-manage db_sync&quot; keystone
    keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
    keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
    keystone-manage bootstrap --bootstrap-password $PASSWORD \
    --bootstrap-admin-url http://$MGMT_IP:35357/v3/ \
    --bootstrap-internal-url http://$MGMT_IP:5000/v3/ \
    --bootstrap-public-url http://$MGMT_IP:5000/v3/ \
    --bootstrap-region-id RegionOne
    ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
    systemctl enable httpd.service
    systemctl start httpd.service
    export OS_PROJECT_DOMAIN_NAME=Default
    export OS_USER_DOMAIN_NAME=Default
    export OS_PROJECT_NAME=admin
    export OS_USERNAME=admin
    export OS_PASSWORD=$PASSWORD
    export OS_AUTH_URL=http://$MGMT_IP:35357/v3
    export OS_IDENTITY_API_VERSION=3
    export OS_IMAGE_API_VERSION=2
    openstack project create --domain default \
    --description &quot;Service Project&quot; service
    openstack role create user
    cat > ~/admin-openrc << EOF
    export OS_PROJECT_DOMAIN_NAME=Default
    export OS_USER_DOMAIN_NAME=Default
    export OS_PROJECT_NAME=admin
    export OS_USERNAME=admin
    export OS_PASSWORD=$PASSWORD
    export OS_AUTH_URL=http://$MGMT_IP:35357/v3
    export OS_IDENTITY_API_VERSION=3
    export OS_IMAGE_API_VERSION=2
    EOF
    for SERVICE in ${!SERVICE_USERS[]}; do
    if [[ $SERVICE = volume ]]; then
    openstack user create --domain default --password $PASSWORD ${SERVICE_USERS[$SERVICE]}
    openstack role add --project service --user ${SERVICE_USERS[$SERVICE]} admin
    openstack service create --name ${SERVICE_USERS[$SERVICE]}&quot;v2&quot; \
    --description &quot;OpenStack Block Storage&quot; $SERVICE&quot;v2&quot;
    openstack service create --name ${SERVICE_USERS[$SERVICE]}&quot;v3&quot; \
    --description &quot;OpenStack Block Storage&quot; $SERVICE&quot;v3&quot;
    for ENDPOINT in ${ENDPOINTS[
    ]}; do
    openstack endpoint create --region RegionOne \
    $SERVICE&quot;v2&quot; $ENDPOINT http://$MGMT_IP:8776/v2/%\(project_id\)s
    openstack endpoint create --region RegionOne \
    $SERVICE&quot;v3&quot; $ENDPOINT http://$MGMT_IP:8776/v3/%\(project_id\)s
    done
    elif [[ $SERVICE = compute ]]; then
    openstack user create --domain default --password $PASSWORD ${SERVICE_USERS[$SERVICE]}
    openstack role add --project service --user ${SERVICE_USERS[$SERVICE]} admin
    openstack service create --name ${SERVICE_USERS[$SERVICE]} \
    --description &quot;OpenStack Compute&quot; $SERVICE
    for ENDPOINT in ${ENDPOINTS[]}; do
    openstack endpoint create --region RegionOne \
    $SERVICE $ENDPOINT http://$MGMT_IP:8774/v2.1
    done
    elif [[ $SERVICE = placement ]]; then
    openstack user create --domain default --password $PASSWORD ${SERVICE_USERS[$SERVICE]}
    openstack role add --project service --user ${SERVICE_USERS[$SERVICE]} admin
    openstack service create --name ${SERVICE_USERS[$SERVICE]} \
    --description &quot;OpenStack Placement&quot; $SERVICE
    for ENDPOINT in ${ENDPOINTS[
    ]}; do
    openstack endpoint create --region RegionOne \
    $SERVICE $ENDPOINT http://$MGMT_IP:8778
    done
    elif [[ $SERVICE = image ]]; then
    openstack user create --domain default --password $PASSWORD ${SERVICE_USERS[$SERVICE]}
    openstack role add --project service --user ${SERVICE_USERS[$SERVICE]} admin
    openstack service create --name ${SERVICE_USERS[$SERVICE]} \
    --description &quot;OpenStack Image&quot; $SERVICE
    for ENDPOINT in ${ENDPOINTS[]}; do
    openstack endpoint create --region RegionOne \
    $SERVICE $ENDPOINT http://$MGMT_IP:9292
    done
    elif [[ $SERVICE = network ]]; then
    openstack user create --domain default --password $PASSWORD ${SERVICE_USERS[$SERVICE]}
    openstack role add --project service --user ${SERVICE_USERS[$SERVICE]} admin
    openstack service create --name ${SERVICE_USERS[$SERVICE]} \
    --description &quot;OpenStack Network&quot; $SERVICE
    for ENDPOINT in ${ENDPOINTS[
    ]}; do
    openstack endpoint create --region RegionOne \
    $SERVICE $ENDPOINT http://$MGMT_IP:9696
    done
    fi
    done
    cat > /etc/glance/glance-api.conf << EOF
    [database]
    connection = mysql+pymysql://glance:$PASSWORD@$MGMT_IP/glance
    [keystone_authtoken]
    auth_uri = http://$MGMT_IP:5000
    auth_url = http://$MGMT_IP:35357
    memcached_servers = $MGMT_IP:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = glance
    password = $PASSWORD
    [paste_deploy]
    flavor = keystone
    [glance_store]
    stores = file,http
    default_store = file
    filesystem_store_datadir = /var/lib/glance/images/
    EOF
    cat > /etc/glance/glance-registry.conf << EOF
    [database]
    connection = mysql+pymysql://glance:$PASSWORD@$MGMT_IP/glance
    [keystone_authtoken]
    auth_uri = http://$MGMT_IP:5000
    auth_url = http://$MGMT_IP:35357
    memcached_servers = $MGMT_IP:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = glance
    password = $PASSWORD
    [paste_deploy]
    flavor = keystone
    EOF
    chown root:glance /etc/glance/glance-api.conf /etc/glance/glance-registry.conf
    su -s /bin/sh -c &quot;glance-manage db_sync&quot; glance
    cat > /etc/nova/nova.conf << EOF
    [DEFAULT]
    enabled_apis = osapi_compute,metadata
    transport_url = rabbit://openstack:$PASSWORD@$MGMT_IP
    my_ip = $MGMT_IP
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
    [api]
    auth_strategy = keystone
    [api_database]
    connection = mysql+pymysql://nova:$PASSWORD@$MGMT_IP/nova_api
    [cinder]
    os_region_name = RegionOne
    [database]
    connection = mysql+pymysql://nova:$PASSWORD@$MGMT_IP/nova
    [glance]
    api_servers = http://$MGMT_IP:9292
    [keystone_authtoken]
    auth_uri = http://$MGMT_IP:5000
    auth_url = http://$MGMT_IP:35357
    memcached_servers = $MGMT_IP:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = $PASSWORD
    [neutron]
    url = http://$MGMT_IP:9696
    auth_url = http://$MGMT_IP:35357
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    region_name = RegionOne
    project_name = service
    username = neutron
    password = $PASSWORD
    service_metadata_proxy = true
    metadata_proxy_shared_secret = METADATA_SECRET
    [oslo_concurrency]
    lock_path = /var/lib/nova/tmp
    [placement]
    os_region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://$MGMT_IP:35357/v3
    username = placement
    password = $PASSWORD
    [scheduler]
    discover_hosts_in_cells_interval = 300
    [vnc]
    enabled = true
    vncserver_listen = $MGMT_IP
    vncserver_proxyclient_address = $MGMT_IP
    EOF
    chown root:nova /etc/nova/nova.conf
    cat >> /etc/httpd/conf.d/00-nova-placement-api.conf << EOF
      <Directory /usr/bin>
    <IfVersion >= 2.4>
    Require all granted
    </IfVersion>
    <IfVersion < 2.4>
    Order allow,deny
    Allow from all
    </IfVersion>
    </Directory>
    EOF
    systemctl restart httpd
    su -s /bin/sh -c &quot;nova-manage api_db sync&quot; nova
    su -s /bin/sh -c &quot;nova-manage cell_v2 map_cell0&quot; nova
    su -s /bin/sh -c &quot;nova-manage cell_v2 create_cell --name=cell1 --verbose&quot; nova
    su -s /bin/sh -c &quot;nova-manage db sync&quot; nova
    cat > /etc/neutron/neutron.conf << EOF
    [DEFAULT]
    core_plugin = ml2
    service_plugins = router
    allow_overlapping_ips = true
    transport_url = rabbit://openstack:$PASSWORD@$MGMT_IP
    auth_strategy = keystone
    notify_nova_on_port_status_changes = true
    notify_nova_on_port_data_changes = true
    [database]
    connection = mysql+pymysql://neutron:$PASSWORD@$MGMT_IP/neutron
    [keystone_authtoken]
    auth_uri = http://$MGMT_IP:5000
    auth_url = http://$MGMT_IP:35357
    memcached_servers = $MGMT_IP:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = neutron
    password = $PASSWORD
    [nova]
    auth_url = http://$MGMT_IP:35357
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    region_name = RegionOne
    project_name = service
    username = nova
    password = $PASSWORD
    [oslo_concurrency]
    lock_path = /var/lib/neutron/tmp
    EOF
    cat > /etc/neutron/plugins/ml2/ml2_conf.ini << EOF
    [ml2]
    type_drivers = flat,vlan,vxlan
    tenant_network_types = vxlan
    mechanism_drivers = linuxbridge,l2population
    extension_drivers = port_security
    [ml2_type_flat]
    flat_networks = provider
    [ml2_type_vxlan]
    vni_ranges = 1:1000
    [securitygroup]
    enable_ipset = true
    EOF
    cat > /etc/neutron/plugins/ml2/linuxbridge_agent.ini << EOF
    [linux_bridge]
    physical_interface_mappings = provider:${NIC_NAME[2]}
    [securitygroup]
    enable_security_group = true
    firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    [vxlan]
    enable_vxlan = true
    local_ip = $MGMT_IP
    l2_population = true
    EOF
    cat > /etc/neutron/l3_agent.ini << EOF
    [DEFAULT]
    interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
    EOF
    cat > /etc/neutron/dhcp_agent.ini << EOF
    [DEFAULT]
    interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
    dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
    enable_isolated_metadata = true
    EOF
    cat > /etc/neutron/metadata_agent.ini << EOF
    [DEFAULT]
    nova_metadata_host = $MGMT_IP
    metadata_proxy_shared_secret = METADATA_SECRET
    EOF
    chown root:neutron /etc/neutron/neutron.conf
    chown root:neutron /etc/neutron/plugins/ml2/ml2_conf.ini
    chown root:neutron /etc/neutron/plugins/ml2/linuxbridge_agent.ini
    chown root:neutron /etc/neutron/l3_agent.ini
    chown root:neutron /etc/neutron/dhcp_agent.ini
    chown root:neutron /etc/neutron/metadata_agent.ini
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    su -s /bin/sh -c &quot;neutron-db-manage --config-file /etc/neutron/neutron.conf \
    --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head&quot; neutron
    cat > /etc/cinder/cinder.conf << EOF
    [DEFAULT]
    transport_url = rabbit://openstack:$PASSWORD@$MGMT_IP
    auth_strategy = keystone
    my_ip = $MGMT_IP
    [database]
    connection = mysql+pymysql://cinder:$PASSWORD@$MGMT_IP/cinder
    [keystone_authtoken]
    auth_uri = http://$MGMT_IP:5000
    auth_url = http://$MGMT_IP:35357
    memcached_servers = $MGMT_IP:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = cinder
    password = $PASSWORD
    [oslo_concurrency]
    lock_path = /var/lib/cinder/tmp
    EOF
    chown root:cinder /etc/cinder/cinder.conf
    su -s /bin/sh -c &quot;cinder-manage db sync&quot; cinder
      cp /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.bak
    sed -i &quot;4i\WSGIApplicationGroup %{GLOBAL}&quot; /etc/httpd/conf.d/openstack-dashboard.conf
    cat > /etc/openstack-dashboard/local_settings << EOF
    -- coding: utf-8 --
      import os
    from django.utils.translation import ugettextlazy as
    from openstack_dashboard import exceptions
    from openstack_dashboard.settings import HORIZON_CONFIG
    DEBUG = False
    WEBROOT = '/dashboard/'
    ALLOWED_HOSTS = ['', ]
    OPENSTACK_API_VERSIONS = {
    &quot;identity&quot;: 3,
    &quot;image&quot;: 2,
    &quot;volume&quot;: 2,
    }
    OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
    OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'default'
    LOCAL_PATH = '/tmp'
    SECRET_KEY='b24999645d719cedb521'
    SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
    CACHES = {
    'default': {
    'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
    'LOCATION': 'controller:11211',
    }
    }
    EMAIL_BACKEND = 'django.core.mail.backends.console.EmailBackend'
    OPENSTACK_HOST = &quot;controller&quot;
    OPENSTACK_KEYSTONE_URL = &quot;http://%s:5000/v3&quot; % OPENSTACK_HOST
    OPENSTACK_KEYSTONE_DEFAULT_ROLE = &quot;user&quot;
    OPENSTACK_KEYSTONE_BACKEND = {
    'name': 'native',
    'can_edit_user': True,
    'can_edit_group': True,
    'can_edit_project': True,
    'can_edit_domain': True,
    'can_edit_role': True,
    }
    OPENSTACK_HYPERVISOR_FEATURES = {
    'can_set_mount_point': False,
    'can_set_password': False,
    'requires_keypair': False,
    'enable_quotas': True
    }
    OPENSTACK_CINDER_FEATURES = {
    'enable_backup': False,
    }
    OPENSTACK_NEUTRON_NETWORK = {
    'enable_router': True,
    'enable_quotas': True,
    'enable_ipv6': False,
    'enable_distributed_router': False,
    'enable_ha_router': False,
    'enable_lb': False,
    'enable_firewall': False,
    'enable_vpn': False,
    'enable_fip_topology_check': True,
    'profile_support': None,
    'supported_vnic_types': ['
    '],
    }
    OPENSTACK_HEAT_STACK = {
    'enable_user_pass': True,
    }
    IMAGE_CUSTOM_PROPERTYTITLES = {
    &quot;architecture&quot;:
    (&quot;Architecture&quot;),
    &quot;kernelid&quot;: (&quot;Kernel ID&quot;),
    &quot;ramdiskid&quot;: (&quot;Ramdisk ID&quot;),
    &quot;imagestate&quot;: (&quot;Euca2ools state&quot;),
    &quot;projectid&quot;: (&quot;Project ID&quot;),
    &quot;imagetype&quot;: (&quot;Image Type&quot;),
    }
    IMAGE_RESERVED_CUSTOM_PROPERTIES = []
    API_RESULT_LIMIT = 1000
    API_RESULT_PAGE_SIZE = 20
    SWIFT_FILE_TRANSFER_CHUNK_SIZE = 512 * 1024
    INSTANCE_LOG_LENGTH = 35
    DROPDOWN_MAX_ITEMS = 30
    TIME_ZONE = &quot;UTC&quot;
    POLICY_FILES_PATH = '/etc/openstack-dashboard'
    LOGGING = {
    'version': 1,
    'disable_existing_loggers': False,
    'formatters': {
    'operation': {
    'format': '%(asctime)s %(message)s'
    },
    },
    'handlers': {
    'null': {
    'level': 'DEBUG',
    'class': 'logging.NullHandler',
    },
    'console': {
    'level': 'INFO',
    'class': 'logging.StreamHandler',
    },
    'operation': {
    'level': 'INFO',
    'class': 'logging.StreamHandler',
    'formatter': 'operation',
    },
    },
    'loggers': {
    'django.db.backends': {
    'handlers': ['null'],
    'propagate': False,
    },
    'requests': {
    'handlers': ['null'],
    'propagate': False,
    },
    'horizon': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'horizon.operation_log': {
    'handlers': ['operation'],
    'level': 'INFO',
    'propagate': False,
    },
    'openstack_dashboard': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'novaclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'cinderclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'keystoneclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'glanceclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'neutronclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'heatclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'ceilometerclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'swiftclient': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'openstack_auth': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'nose.plugins.manager': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'django': {
    'handlers': ['console'],
    'level': 'DEBUG',
    'propagate': False,
    },
    'iso8601': {
    'handlers': ['null'],
    'propagate': False,
    },
    'scss': {
    'handlers': ['null'],
    'propagate': False,
    },
    },
    }
    SECURITY_GROUP_RULES = {
    'alltcp': {
    'name':
    ('All TCP'),
    'ip_protocol': 'tcp',
    'from_port': '1',
    'to_port': '65535',
    },
    'alludp': {
    'name':
    ('All UDP'),
    'ip_protocol': 'udp',
    'from_port': '1',
    'to_port': '65535',
    },
    'allicmp': {
    'name':
    ('All ICMP'),
    'ip_protocol': 'icmp',
    'from_port': '-1',
    'to_port': '-1',
    },
    'ssh': {
    'name': 'SSH',
    'ip_protocol': 'tcp',
    'from_port': '22',
    'to_port': '22',
    },
    'smtp': {
    'name': 'SMTP',
    'ip_protocol': 'tcp',
    'from_port': '25',
    'to_port': '25',
    },
    'dns': {
    'name': 'DNS',
    'ip_protocol': 'tcp',
    'from_port': '53',
    'to_port': '53',
    },
    'http': {
    'name': 'HTTP',
    'ip_protocol': 'tcp',
    'from_port': '80',
    'to_port': '80',
    },
    'pop3': {
    'name': 'POP3',
    'ip_protocol': 'tcp',
    'from_port': '110',
    'to_port': '110',
    },
    'imap': {
    'name': 'IMAP',
    'ip_protocol': 'tcp',
    'from_port': '143',
    'to_port': '143',
    },
    'ldap': {
    'name': 'LDAP',
    'ip_protocol': 'tcp',
    'from_port': '389',
    'to_port': '389',
    },
    'https': {
    'name': 'HTTPS',
    'ip_protocol': 'tcp',
    'from_port': '443',
    'to_port': '443',
    },
    'smtps': {
    'name': 'SMTPS',
    'ip_protocol': 'tcp',
    'from_port': '465',
    'to_port': '465',
    },
    'imaps': {
    'name': 'IMAPS',
    'ip_protocol': 'tcp',
    'from_port': '993',
    'to_port': '993',
    },
    'pop3s': {
    'name': 'POP3S',
    'ip_protocol': 'tcp',
    'from_port': '995',
    'to_port': '995',
    },
    'ms_sql': {
    'name': 'MS SQL',
    'ip_protocol': 'tcp',
    'from_port': '1433',
    'to_port': '1433',
    },
    'mysql': {
    'name': 'MYSQL',
    'ip_protocol': 'tcp',
    'from_port': '3306',
    'to_port': '3306',
    },
    'rdp': {
    'name': 'RDP',
    'ip_protocol': 'tcp',
    'from_port': '3389',
    'to_port': '3389',
    },
    }
    REST_API_REQUIRED_SETTINGS = ['OPENSTACK_HYPERVISOR_FEATURES',
    'LAUNCH_INSTANCE_DEFAULTS',
    'OPENSTACK_IMAGE_FORMATS']
    ALLOWED_PRIVATE_SUBNET_CIDR = {'ipv4': [], 'ipv6': []}
    EOF
      chown root:apache /etc/openstack-dashboard/local_settings
    systemctl restart httpd
      echo &quot;######### Start ALL Services ##########&quot;
    systemctl enable openstack-glance-api.service \
    openstack-glance-registry.service
    systemctl start openstack-glance-api.service \
    openstack-glance-registry.service
    systemctl enable openstack-nova-api.service \
    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
    openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl start openstack-nova-api.service \
    openstack-nova-consoleauth.service openstack-nova-scheduler.service \
    openstack-nova-conductor.service openstack-nova-novncproxy.service
    systemctl restart openstack-nova-api.service
    systemctl enable neutron-server.service \
    neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
    neutron-metadata-agent.service neutron-l3-agent.service
    systemctl start neutron-server.service \
    neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
    neutron-metadata-agent.service neutron-l3-agent.service
    systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
    systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service

  • 运维网声明 1、欢迎大家加入本站运维交流群:群②:261659950 群⑤:202807635 群⑦870801961 群⑧679858003
    2、本站所有主题由该帖子作者发表,该帖子作者与运维网享有帖子相关版权
    3、所有作品的著作权均归原作者享有,请您和我们一样尊重他人的著作权等合法权益。如果您对作品感到满意,请购买正版
    4、禁止制作、复制、发布和传播具有反动、淫秽、色情、暴力、凶杀等内容的信息,一经发现立即删除。若您因此触犯法律,一切后果自负,我们对此不承担任何责任
    5、所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其内容的准确性、可靠性、正当性、安全性、合法性等负责,亦不承担任何法律责任
    6、所有作品仅供您个人学习、研究或欣赏,不得用于商业或者其他用途,否则,一切后果均由您自己承担,我们对此不承担任何法律责任
    7、如涉及侵犯版权等问题,请您及时通知我们,我们将立即采取措施予以解决
    8、联系人Email:admin@iyunv.com 网址:www.yunweiku.com

    所有资源均系网友上传或者通过网络收集,我们仅提供一个展示、介绍、观摩学习的平台,我们不对其承担任何法律责任,如涉及侵犯版权等问题,请您及时通知我们,我们将立即处理,联系人Email:kefu@iyunv.com,QQ:1061981298 本贴地址:https://www.yunweiku.com/thread-483077-1-1.html 上篇帖子: openstack是什么,能干什么 下篇帖子: Openstack N版 双节点搭建
    您需要登录后才可以回帖 登录 | 立即注册

    本版积分规则

    扫码加入运维网微信交流群X

    扫码加入运维网微信交流群

    扫描二维码加入运维网微信交流群,最新一手资源尽在官方微信交流群!快快加入我们吧...

    扫描微信二维码查看详情

    客服E-mail:kefu@iyunv.com 客服QQ:1061981298


    QQ群⑦:运维网交流群⑦ QQ群⑧:运维网交流群⑧ k8s群:运维网kubernetes交流群


    提醒:禁止发布任何违反国家法律、法规的言论与图片等内容;本站内容均来自个人观点与网络等信息,非本站认同之观点.


    本站大部分资源是网友从网上搜集分享而来,其版权均归原作者及其网站所有,我们尊重他人的合法权益,如有内容侵犯您的合法权益,请及时与我们联系进行核实删除!



    合作伙伴: 青云cloud

    快速回复 返回顶部 返回列表