From 2195fa1ed94786e1f5a760b860e1ee8976e1ffe4 Mon Sep 17 00:00:00 2001 From: Pasha Date: Tue, 16 Aug 2022 21:48:31 +0000 Subject: initial commit --- README | 32 ++++ configs/99-openstack.cnf | 8 + configs/admin-openrc | 8 + configs/database.sql | 29 ++++ configs/demo-openrc | 8 + configs/dhcp_agent.ini | 4 + configs/etcd | 10 ++ configs/glance-api.conf | 37 +++++ configs/keystone.conf | 9 ++ configs/linuxbridge_agent.ini | 12 ++ configs/metadata_agent.ini | 8 + configs/ml2_conf.ini | 14 ++ configs/neutron.conf | 48 ++++++ configs/nova.conf | 71 +++++++++ configs/nova2.conf | 70 +++++++++ configs/placement.conf | 17 +++ next_steps | 62 ++++++++ openstack_setup.sh | 347 ++++++++++++++++++++++++++++++++++++++++++ 18 files changed, 794 insertions(+) create mode 100644 README create mode 100644 configs/99-openstack.cnf create mode 100644 configs/admin-openrc create mode 100644 configs/database.sql create mode 100644 configs/demo-openrc create mode 100644 configs/dhcp_agent.ini create mode 100644 configs/etcd create mode 100644 configs/glance-api.conf create mode 100644 configs/keystone.conf create mode 100644 configs/linuxbridge_agent.ini create mode 100644 configs/metadata_agent.ini create mode 100644 configs/ml2_conf.ini create mode 100644 configs/neutron.conf create mode 100644 configs/nova.conf create mode 100644 configs/nova2.conf create mode 100644 configs/placement.conf create mode 100644 next_steps create mode 100644 openstack_setup.sh diff --git a/README b/README new file mode 100644 index 0000000..41f5038 --- /dev/null +++ b/README @@ -0,0 +1,32 @@ + Copyright (C) 2022 Pasha + + This program is free software: you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation, either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see . + + +Debian OpenStack Installer + +edit openstack_setup.sh and set the following setting: + +OPENSTACK_HOST_IP="192.168.0.155" +EXTERNAL_BRIDGE_INTERFACE="enp7s0" + +chmod +x openstack_setup.sh + +# ./openstack_setup.sh &> output.txt + +check output from another shell +# tail -f output.txt + + +done \ No newline at end of file diff --git a/configs/99-openstack.cnf b/configs/99-openstack.cnf new file mode 100644 index 0000000..6aedbcb --- /dev/null +++ b/configs/99-openstack.cnf @@ -0,0 +1,8 @@ +[mysqld] +bind-address = REPLACE_WITH_OPENSTACK_HOST_IP + +default-storage-engine = innodb +innodb_file_per_table = on +max_connections = 4096 +collation-server = utf8_general_ci +character-set-server = utf8 diff --git a/configs/admin-openrc b/configs/admin-openrc new file mode 100644 index 0000000..edd9a2f --- /dev/null +++ b/configs/admin-openrc @@ -0,0 +1,8 @@ +export OS_PROJECT_DOMAIN_NAME=default +export OS_USER_DOMAIN_NAME=default +export OS_PROJECT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=ADMIN_PASS +export OS_AUTH_URL=http://REPLACE_WITH_HOST:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 diff --git a/configs/database.sql b/configs/database.sql new file mode 100644 index 0000000..faed5fd --- /dev/null +++ b/configs/database.sql @@ -0,0 +1,29 @@ +CREATE DATABASE keystone; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'keystone'; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY 'keystone'; + +CREATE DATABASE glance; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'glance'; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY 'glance'; + +CREATE DATABASE placement; +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY 'placement'; +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY 'placement'; + +CREATE DATABASE nova_api; +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY 'nova'; +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY 'nova'; + +CREATE DATABASE nova; +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'nova'; +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY 'nova'; + +CREATE DATABASE nova_cell0; +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY 'nova'; +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY 'nova'; + +CREATE DATABASE neutron; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron'; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron'; + +FLUSH PRIVILEGES; diff --git a/configs/demo-openrc b/configs/demo-openrc new file mode 100644 index 0000000..62f5b61 --- /dev/null +++ b/configs/demo-openrc @@ -0,0 +1,8 @@ +export OS_PROJECT_DOMAIN_NAME=default +export OS_USER_DOMAIN_NAME=default +export OS_PROJECT_NAME=myproject +export OS_USERNAME=myuser +export OS_PASSWORD=DEMO_PASS +export OS_AUTH_URL=http://REPLACE_WITH_HOST:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 diff --git a/configs/dhcp_agent.ini b/configs/dhcp_agent.ini new file mode 100644 index 0000000..bfc2439 --- /dev/null +++ b/configs/dhcp_agent.ini @@ -0,0 +1,4 @@ +[DEFAULT] +interface_driver = linuxbridge +dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq +enable_isolated_metadata = true diff --git a/configs/etcd b/configs/etcd new file mode 100644 index 0000000..ea463ee --- /dev/null +++ b/configs/etcd @@ -0,0 +1,10 @@ + +ETCD_NAME="REPLACE_WITH_HOST" +ETCD_DATA_DIR="/var/lib/etcd" +ETCD_INITIAL_CLUSTER_STATE="new" +ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" +ETCD_INITIAL_CLUSTER="controller=http://REPLACE_WITH_OPENSTACK_HOST_IP:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="http://REPLACE_WITH_OPENSTACK_HOST_IP:2380" +ETCD_ADVERTISE_CLIENT_URLS="http://REPLACE_WITH_OPENSTACK_HOST_IP:2379" +ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" +ETCD_LISTEN_CLIENT_URLS="http://REPLACE_WITH_OPENSTACK_HOST_IP:2379" diff --git a/configs/glance-api.conf b/configs/glance-api.conf new file mode 100644 index 0000000..5df3b61 --- /dev/null +++ b/configs/glance-api.conf @@ -0,0 +1,37 @@ +[DEFAULT] +use_keystone_quotas = True +transport_url = rabbit://openstack:RABBIT_PASS@REPLACE_WITH_HOST + +rootwrap_config = /etc/glance/rootwrap.conf + +[database] +connection = mysql+pymysql://glance:glance@REPLACE_WITH_HOST/glance + +[keystone_authtoken] +www_authenticate_uri = http://REPLACE_WITH_HOST:5000 +auth_url = http://REPLACE_WITH_HOST:5000 +memcached_servers = REPLACE_WITH_HOST:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = glance +password = glance + +[paste_deploy] +flavor = keystone + +[glance_store] +stores = file,http +default_store = file +filesystem_store_datadir = /var/lib/glance/images/ + +[oslo_limit] +auth_url = http://REPLACE_WITH_HOST:5000 +auth_type = password +user_domain_id = default +username = MY_SERVICE +system_scope = all +password = MY_SERVICE +endpoint_id = ENDPOINT_ID +region_name = RegionOne diff --git a/configs/keystone.conf b/configs/keystone.conf new file mode 100644 index 0000000..7150b0a --- /dev/null +++ b/configs/keystone.conf @@ -0,0 +1,9 @@ +[DEFAULT] + +memcache_servers = REPLACE_WITH_HOST:11211 + +[database] +connection = mysql+pymysql://keystone:keystone@REPLACE_WITH_HOST/keystone + +[token] +provider = fernet diff --git a/configs/linuxbridge_agent.ini b/configs/linuxbridge_agent.ini new file mode 100644 index 0000000..e3e685a --- /dev/null +++ b/configs/linuxbridge_agent.ini @@ -0,0 +1,12 @@ +[DEFAULT] +#debug = true + +[linux_bridge] +physical_interface_mappings = provider:PROVIDER_INTERFACE + +[vxlan] +enable_vxlan = false + +[securitygroup] +enable_security_group = true +firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver diff --git a/configs/metadata_agent.ini b/configs/metadata_agent.ini new file mode 100644 index 0000000..0ab00e8 --- /dev/null +++ b/configs/metadata_agent.ini @@ -0,0 +1,8 @@ +[DEFAULT] +metadata_backlog = 4096 + +# Maximum seconds to wait for a response from an RPC call. (integer value) +rpc_response_max_timeout = 600 + +nova_metadata_host = REPLACE_WITH_HOST +metadata_proxy_shared_secret = METADATA_SECRET diff --git a/configs/ml2_conf.ini b/configs/ml2_conf.ini new file mode 100644 index 0000000..e7955b6 --- /dev/null +++ b/configs/ml2_conf.ini @@ -0,0 +1,14 @@ +[DEFAULT] +#debug = true + +[ml2] +type_drivers = flat,vlan +tenant_network_types = +mechanism_drivers = linuxbridge +extension_drivers = port_security + +[ml2_type_flat] +flat_networks = provider + +[securitygroup] +enable_ipset = true diff --git a/configs/neutron.conf b/configs/neutron.conf new file mode 100644 index 0000000..d2e72ea --- /dev/null +++ b/configs/neutron.conf @@ -0,0 +1,48 @@ +[DEFAULT] +core_plugin = ml2 +service_plugins = router +auth_strategy = keystone +state_path = /var/lib/neutron +dhcp_agent_notification = True +allow_overlapping_ips = True +notify_nova_on_port_status_changes = True +notify_nova_on_port_data_changes = True + +[agent] +root_helper = sudo neutron-rootwrap /etc/neutron/rootwrap.conf +#base_mac = fa:16:3e:00:00:00 +rpc_response_max_timeout = 600 +rpc_response_timeout = 600 +transport_url = rabbit://openstack:RABBIT_PASS@controller + +[database] +connection = mysql+pymysql://neutron:neutron@REPLACE_WITH_HOST/neutron + +[keystone_authtoken] +www_authenticate_uri = http://REPLACE_WITH_HOST:5000 +auth_url = http://REPLACE_WITH_HOST:5000 +memcached_servers = REPLACE_WITH_HOST:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = neutron +password = neutron + +[nova] +auth_url = http://REPLACE_WITH_HOST:5000 +auth_type = password +project_domain_name = default +user_domain_name = default +region_name = RegionOne +project_name = service +username = nova +password = nova + +[oslo_concurrency] +lock_path = /var/lib/neutron/tmp + +[oslo_messaging_amqp] +default_reply_timeout = 300 +default_send_timeout = 600 +default_notify_timeout = 300 diff --git a/configs/nova.conf b/configs/nova.conf new file mode 100644 index 0000000..4f898e8 --- /dev/null +++ b/configs/nova.conf @@ -0,0 +1,71 @@ +[DEFAULT] +state_path=/var/lib/nova +instances_path=/var/lib/nova/instances +enabled_apis = osapi_compute,metadata +rootwrap_config = /etc/nova/rootwrap.conf + +use_neutron = True +vif_plugging_is_fatal = True +vif_plugging_timeout = 300 + +transport_url = rabbit://openstack:RABBIT_PASS@REPLACE_WITH_HOST + +my_ip = REPLACE_WITH_OPENSTACK_HOST_IP + +[api_database] +connection = mysql+pymysql://nova:nova@REPLACE_WITH_HOST/nova_api + +[database] +connection = mysql+pymysql://nova:nova@REPLACE_WITH_HOST/nova + +[api] +auth_strategy = keystone + +[keystone_authtoken] +www_authenticate_uri = http://REPLACE_WITH_HOST:5000 +auth_url = http://REPLACE_WITH_HOST:5000 +memcached_servers = REPLACE_WITH_HOST:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = nova +password = nova + +[vnc] +enabled = true +server_listen = $my_ip +server_proxyclient_address = $my_ip +novncproxy_base_url = http://REPLACE_WITH_HOST:6080/vnc_auto.html + +[glance] +api_servers = http://REPLACE_WITH_HOST:9292 + +[oslo_concurrency] +lock_path = /var/lib/nova/tmp + +[placement] +region_name = RegionOne +project_domain_name = default +project_name = service +auth_type = password +user_domain_name = default +auth_url = http://REPLACE_WITH_HOST:5000 +username = placement +password = placement + +[wsgi] +api_paste_config = /etc/nova/api-paste.ini + +# uncomment after installing and configure neutron +#[neutron] +#auth_url = http://REPLACE_WITH_HOST:5000 +#auth_type = password +#project_domain_name = default +#user_domain_name = default +#region_name = RegionOne +#project_name = service +#username = neutron +#password = neutron +#service_metadata_proxy = true +#metadata_proxy_shared_secret = METADATA_SECRET diff --git a/configs/nova2.conf b/configs/nova2.conf new file mode 100644 index 0000000..4ce355c --- /dev/null +++ b/configs/nova2.conf @@ -0,0 +1,70 @@ +[DEFAULT] +state_path=/var/lib/nova +instances_path=/var/lib/nova/instances +enabled_apis = osapi_compute,metadata +rootwrap_config = /etc/nova/rootwrap.conf + +use_neutron = True +vif_plugging_is_fatal = True +vif_plugging_timeout = 300 + +transport_url = rabbit://openstack:RABBIT_PASS@REPLACE_WITH_HOST + +my_ip = REPLACE_WITH_OPENSTACK_HOST_IP + +[api_database] +connection = mysql+pymysql://nova:nova@REPLACE_WITH_HOST/nova_api + +[database] +connection = mysql+pymysql://nova:nova@REPLACE_WITH_HOST/nova + +[api] +auth_strategy = keystone + +[keystone_authtoken] +www_authenticate_uri = http://REPLACE_WITH_HOST:5000 +auth_url = http://REPLACE_WITH_HOST:5000 +memcached_servers = REPLACE_WITH_HOST:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = nova +password = nova + +[vnc] +enabled = true +server_listen = $my_ip +server_proxyclient_address = $my_ip +novncproxy_base_url = http://REPLACE_WITH_HOST:6080/vnc_auto.html + +[glance] +api_servers = http://REPLACE_WITH_HOST:9292 + +[oslo_concurrency] +lock_path = /var/lib/nova/tmp + +[placement] +region_name = RegionOne +project_domain_name = default +project_name = service +auth_type = password +user_domain_name = default +auth_url = http://REPLACE_WITH_HOST:5000 +username = placement +password = placement + +[wsgi] +api_paste_config = /etc/nova/api-paste.ini + +[neutron] +auth_url = http://REPLACE_WITH_HOST:5000 +auth_type = password +project_domain_name = default +user_domain_name = default +region_name = RegionOne +project_name = service +username = neutron +password = neutron +service_metadata_proxy = true +metadata_proxy_shared_secret = METADATA_SECRET diff --git a/configs/placement.conf b/configs/placement.conf new file mode 100644 index 0000000..a5261bd --- /dev/null +++ b/configs/placement.conf @@ -0,0 +1,17 @@ +[DEFAULT] + +[placement_database] +connection = mysql+pymysql://placement:placement@REPLACE_WITH_HOST/placement + +[api] +auth_strategy = keystone + +[keystone_authtoken] +auth_url = http://REPLACE_WITH_HOST:5000/ +memcached_servers = REPLACE_WITH_HOST:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = placement +password = placement diff --git a/next_steps b/next_steps new file mode 100644 index 0000000..3660f94 --- /dev/null +++ b/next_steps @@ -0,0 +1,62 @@ +Create provider network: + +openstack network create --share --external \ + --provider-physical-network provider \ + --provider-network-type flat provider + +openstack subnet create --network provider \ + --allocation-pool start=192.168.122.20,end=192.168.122.200 \ + --dns-nameserver 192.168.122.1 --gateway 192.168.122.1 \ + --subnet-range 192.168.122.0/24 provider + + +openstack security group rule create --proto icmp default +openstack security group rule create --proto tcp --dst-port 22 default + + +Generate a key pair: +$ ssh-keygen -q -N "" + +cd to your home directory +$ openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey + +verify +$ openstack keypair list + + +openstack flavor create --id 0 --vcpus 2 --ram 1024 --disk 10 m1.nano + +Download debian openstack image +https://cdimage.debian.org/cdimage/openstack/ + +upload it: +openstack image create \ + --container-format bare \ + --disk-format qcow2 \ + --property hw_disk_bus=scsi \ + --property hw_scsi_model=virtio-scsi \ + --property os_type=linux \ + --property os_distro=debian \ + --property os_admin_user=debian \ + --property os_version='10.12.7' \ + --public \ + --file debian-10.12.7-20220706-openstack-amd64.qcow2 \ + debian-10.12.7-openstack-amd64 + + +openstack network list ++--------------------------------------+----------+--------------------------------------+ +| ID | Name | Subnets | ++--------------------------------------+----------+--------------------------------------+ +| da5f9aa8-1bac-4aab-9931-0ce4d835783a | provider | eeeb4a46-8bb0-442b-b81c-20103c2d7f80 | ++--------------------------------------+----------+--------------------------------------+ + +copy ID as net-id while creating server + +openstack server create --flavor m1.nano --image debian-10.12.7-openstack-amd64 \ + --nic net-id=b2d69a6e-3a77-4d55-94fd-308558088a3d --security-group default \ + --key-name mykey debianinstance + + +verify +# openstack server list diff --git a/openstack_setup.sh b/openstack_setup.sh new file mode 100644 index 0000000..97575b5 --- /dev/null +++ b/openstack_setup.sh @@ -0,0 +1,347 @@ +#!/bin/bash + +# Copyright (C) 2022 Pasha +# +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License +# along with this program. If not, see . + + +OPENSTACK_HOST_IP="192.168.0.155" +EXTERNAL_BRIDGE_INTERFACE="enp7s0" + + +if [ -z ${OPENSTACK_HOST_IP} ]; then + echo "Please set OpenStack host IP" + exit 1 +fi + +if [ -z ${EXTERNAL_BRIDGE_INTERFACE} ]; then + echo "Please set external bridge interface name" + exit 1 +fi + +OPENSTACK_HOST=$HOSTNAME +CONFIG_DIR="configs" + +export DEBIAN_FRONTEND=noninteractive + +function download_packages() { + echo "downloading packages..." + apt-get -dy install chrony mariadb-server python3-pymysql rabbitmq-server memcached python3-memcache etcd keystone apache2 python3-openstackclient glance placement-api libguestfs-tools virt-manager nova-api nova-conductor nova-novncproxy nova-scheduler neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-plugin-ml2 neutron-openvswitch-agent neutron-l3-agent python3-neutronclient openstack-dashboard + apt-get -dy install nova-compute-qemu + echo "done" +} + +function update_hostip() { + echo "updating host IP..." + sed -i "s/127.0.1.1[[:blank:]]${OPENSTACK_HOST}/#127.0.1.1 ${OPENSTACK_HOST}/" /etc/hosts + sed -i "/#127.0.1.1/a ${OPENSTACK_HOST_IP} ${OPENSTACK_HOST}" /etc/hosts + echo "done" +} + +function setup_chrony() { + echo "installing chrony..." + apt-get -y install chrony + systemctl enable chrony + systemctl restart chrony + echo "done" +} + +function setup_mariadb() { + echo "installing mariadb..." + apt-get -y install mariadb-server python3-pymysql + sed "s/REPLACE_WITH_OPENSTACK_HOST_IP/${OPENSTACK_HOST_IP}/" ${CONFIG_DIR}/99-openstack.cnf > /etc/mysql/mariadb.conf.d/99-openstack.cnf + systemctl restart mariadb + echo "done" +} + +function setup_rabbitmq() { + echo "installing rabbitmq" + apt-get -y install rabbitmq-server + export PATH=$PATH:/usr/sbin/:/sbin + rabbitmqctl add_user openstack RABBIT_PASS + rabbitmqctl set_permissions openstack ".*" ".*" ".*" + echo "done" +} + +function setup_memcahed() { + echo "installing memcahed" + apt-get -y install memcached python3-memcache + sed -i "s/-l 127.0.0.1/-l ${OPENSTACK_HOST_IP}/" /etc/memcached.conf + systemctl enable memcached + systemctl restart memcached + echo "done" +} + +function setup_etcd() { + echo "installing etcd" + apt-get -y install etcd + sed "s/REPLACE_WITH_OPENSTACK_HOST_IP/${OPENSTACK_HOST_IP}/" ${CONFIG_DIR}/etcd >> /etc/default/etcd + sed -i "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" /etc/default/etcd + systemctl enable etcd + systemctl restart etcd + echo "done" +} + +function setup_database_tables() { + echo "creating database tables..." + mysql -u root < ${CONFIG_DIR}/database.sql + echo "done" +} + +function setup_apache2() { + echo "installing apache2..." + apt-get -y install apache2 + # set servername in apache2 + sed -i "1i ServerName ${OPENSTACK_HOST}" /etc/apache2/apache2.conf + systemctl restart apache2 + echo "done" +} + + +function setup_keystone() { + echo "installing keystone..." + apt-get -y install keystone + mv /etc/keystone/keystone.conf /etc/keystone/keystone.conf.org + systemctl stop keystone + sed "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" ${CONFIG_DIR}/keystone.conf > /etc/keystone/keystone.conf + apt-get -y install python3-openstackclient + su -s /bin/sh -c "keystone-manage db_sync" keystone + systemctl restart apache2 + systemctl start keystone + echo "done" +} + +function configure_keystone() { + echo "configuring keystone..." + # keystone-manage + keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone + keystone-manage credential_setup --keystone-user keystone --keystone-group keystone + keystone-manage bootstrap --bootstrap-password ADMIN_PASS --bootstrap-admin-url http://${OPENSTACK_HOST}:5000/v3/ --bootstrap-internal-url http://${OPENSTACK_HOST}:5000/v3/ --bootstrap-public-url http://${OPENSTACK_HOST}:5000/v3/ --bootstrap-region-id RegionOne + echo "done" +} + + +function set_auth_variables() { + echo "setting auth variables..." + sed "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" ${CONFIG_DIR}/admin-openrc > admin-openrc + sed "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" ${CONFIG_DIR}/demo-openrc > demo-openrc + source admin-openrc + echo "done" +} + +function configure_domain_project() { + echo "configuring doamin and project..." + openstack domain create --description "An Example Domain" example + openstack project create --domain default --description "Service Project" service + openstack project create --domain default --description "Demo Project" myproject + openstack user create --domain default --password myuser myuser + openstack role create myrole + openstack role add --project myproject --user myuser myrole + echo "done" +} + + +function configure_glance_endpoints() { + echo "configuring glance endpoints..." + openstack user create --domain default --password glance glance + openstack role add --project service --user glance admin + openstack service create --name glance --description "OpenStack Image" image + + openstack endpoint create --region RegionOne image public http://${OPENSTACK_HOST}:9292 + openstack endpoint create --region RegionOne image internal http://${OPENSTACK_HOST}:9292 + openstack endpoint create --region RegionOne image admin http://${OPENSTACK_HOST}:9292 + + openstack user create --domain default --password MY_SERVICE MY_SERVICE + openstack role add --user MY_SERVICE --user-domain default --system all reader + echo "done" +} + +function setup_glance() { + echo "installing glance..." + apt-get -y install glance + systemctl stop glance-* + mv /etc/glance/glance-api.conf /etc/glance/glance-api.conf.org + sed "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" ${CONFIG_DIR}/glance-api.conf > /etc/glance/glance-api.conf + su -s /bin/sh -c "glance-manage db_sync" glance + systemctl start glance-api + systemctl restart glance-* + #wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img + #glance image-create --name "cirros" \ + # --file cirros-0.4.0-x86_64-disk.img \ + # --disk-format qcow2 --container-format bare \ + # --visibility=public + echo "done" +} + +function configure_placement_endpoints() { + echo "configuring placement endpoints..." + openstack user create --domain default --password placement placement + openstack role add --project service --user placement admin + openstack service create --name placement --description "Placement API" placement + openstack endpoint create --region RegionOne placement public http://${OPENSTACK_HOST}:8778 + openstack endpoint create --region RegionOne placement internal http://${OPENSTACK_HOST}:8778 + openstack endpoint create --region RegionOne placement admin http://${OPENSTACK_HOST}:8778 + echo "done" +} + +function setup_placement() { + echo "installing placement..." + apt-get -y install placement-api + mv /etc/placement/placement.conf /etc/placement/placement.conf.org + sed "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" ${CONFIG_DIR}/placement.conf > /etc/placement/placement.conf + su -s /bin/sh -c "placement-manage db sync" placement + systemctl restart placement-api + systemctl enable placement-api + systemctl restart apache2 + echo "done" +} + +function configure_nova_endpoints() { + echo "configuring nova endpoints..." + openstack user create --domain default --password nova nova + openstack role add --project service --user nova admin + openstack service create --name nova --description "OpenStack Compute" compute + openstack endpoint create --region RegionOne compute public http://${OPENSTACK_HOST}:8774/v2.1 + openstack endpoint create --region RegionOne compute internal http://${OPENSTACK_HOST}:8774/v2.1 + openstack endpoint create --region RegionOne compute admin http://${OPENSTACK_HOST}:8774/v2.1 + echo "done" +} + +function setup_nova() { + echo "installing nova..." + apt-get -y install libguestfs-tools virt-manager + apt-get -y install nova-api nova-conductor nova-novncproxy nova-scheduler + systemctl stop nova-* + mv /etc/nova/nova.conf /etc/nova/nova.conf.org + cp ${CONFIG_DIR}/nova.conf /etc/nova/nova.conf + + sed -i "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" /etc/nova/nova.conf + sed -i "s/REPLACE_WITH_OPENSTACK_HOST_IP/${OPENSTACK_HOST_IP}/" /etc/nova/nova.conf + + su -s /bin/sh -c "nova-manage api_db sync" nova + su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova + su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova + su -s /bin/sh -c "nova-manage db sync" nova + apt-get -y install nova-compute + apt-get -y install nova-compute-qemu + systemctl start nova-api + systemctl enable nova-api + systemctl enable nova-scheduler + systemctl enable nova-conductor + systemctl enable nova-novncproxy + systemctl enable nova-serialproxy + systemctl enable nova-spicehtml5proxy + systemctl enable nova-novncproxy + systemctl enable nova-compute + # find hypervisor + su -s /bin/bash nova -c "nova-manage cell_v2 discover_hosts" + #systemctl restart nova-* + systemctl restart nova-api + systemctl restart nova-scheduler + systemctl restart nova-conductor + systemctl restart nova-novncproxy + systemctl restart nova-serialproxy + systemctl restart nova-spicehtml5proxy + systemctl restart nova-novncproxy + systemctl restart nova-compute + echo "done" +} + + +function configure_neutron_endpoints() { + echo "configuring neutron endpoints..." + openstack user create --domain default --password neutron neutron + openstack role add --project service --user neutron admin + openstack service create --name neutron --description "OpenStack Networking" network + openstack endpoint create --region RegionOne network public http://${OPENSTACK_HOST}:9696 + openstack endpoint create --region RegionOne network internal http://${OPENSTACK_HOST}:9696 + openstack endpoint create --region RegionOne network admin http://${OPENSTACK_HOST}:9696 + echo "done" +} + + +function setup_neutron() { + echo "installing neutron..." + apt-get -y install neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent + systemctl stop neutron-* + + mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org + cp ${CONFIG_DIR}/neutron.conf /etc/neutron/neutron.conf + sed -i "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" /etc/neutron/neutron.conf + + mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.org + cp ${CONFIG_DIR}/metadata_agent.ini /etc/neutron/metadata_agent.ini + sed -i "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" /etc/neutron/metadata_agent.ini + + # update for neutron config + cp ${CONFIG_DIR}/nova2.conf /etc/nova/nova.conf + sed -i "s/REPLACE_WITH_HOST/${OPENSTACK_HOST}/" /etc/nova/nova.conf + sed -i "s/REPLACE_WITH_OPENSTACK_HOST_IP/${OPENSTACK_HOST_IP}/" /etc/nova/nova.conf + + mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.org + cp ${CONFIG_DIR}/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini + mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.org + sed 's/PROVIDER_INTERFACE/'$EXTERNAL_BRIDGE_INTERFACE'/' ${CONFIG_DIR}/linuxbridge_agent.ini > /etc/neutron/plugins/ml2/linuxbridge_agent.ini + mv /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.org + cp ${CONFIG_DIR}/dhcp_agent.ini /etc/neutron/dhcp_agent.ini + + cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.org + sed -i "s/interface_driver = openvswitch/interface_driver = linuxbride/" /etc/neutron/l3_agent.ini + + systemctl enable neutron-api + systemctl enable neutron-rpc-server + systemctl enable neutron-metadata-agent + systemctl enable neutron-linuxbridge-agent + systemctl enable neutron-dhcp-agent + + systemctl restart nova-* + systemctl restart neutron-api + systemctl restart neutron-rpc-server + systemctl restart neutron-metadata-agent + systemctl restart neutron-linuxbridge-agent + systemctl restart neutron-dhcp-agent + + su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron + + echo "done" +} + +function enable_hypervisor() { + echo "updating hypervisor" + su -s /bin/bash nova -c "nova-manage cell_v2 discover_hosts" + echo "done" +} + +download_packages +update_hostip +setup_chrony +setup_mariadb +setup_rabbitmq +setup_memcahed +setup_etcd +setup_database_tables +setup_apache2 +setup_keystone +configure_keystone +set_auth_variables +configure_domain_project +configure_glance_endpoints +setup_glance +configure_placement_endpoints +setup_placement +configure_nova_endpoints +setup_nova +configure_neutron_endpoints +setup_neutron +enable_hypervisor -- cgit v1.2.1