API tools faq
paste
Advertisement
tab87vn

Compute node setup

tab87vn
Jun 20th, 2015
451
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
Bash 11.61 KB | None | 0 0
raw download clone embed print report
  1. # compute.sh
  2.  
  3.  
  4. echo "########## PREPARING... ##########"
  5. export CONTROLLER_HOST=130.104.230.109
  6. export CONTROLLER_EXT_HOST=192.168.100.6
  7.  
  8. export NETWORK_HOST=130.104.230.110
  9. export NETWORK_VMN_HOST=10.0.100.7
  10. export NETWORK_EXT_HOST=192.168.100.7
  11.  
  12. export COMPUTE1_HOST=130.104.230.106
  13. export COMPUTE1_VMN_HOST=10.0.100.3
  14. export COMPUTE1_EXT_HOST=192.168.100.3
  15.  
  16. export COMPUTE2_HOST=130.104.230.107
  17. export COMPUTE2_VMN_HOST=10.0.100.4
  18. export COMPUTE2_EXT_HOST=192.168.100.4
  19.  
  20. export INSTALL_DIR=/home/ubuntu/junoscript
  21. export HOME_DIR=/home/ubuntu
  22. # export INSTALL_DIR=/vagrant
  23. # export HOME_DIR=/home/vagrant
  24.  
  25. # interfaces & bridges
  26. export MNG_IP=130.104.230.106
  27. export VMN_IP=10.0.100.3
  28. export VMN_BR=br-em3
  29. export VMN_IF=em3
  30. export EXT_IP=192.168.100.3
  31. export EXT_BR=br-ex
  32. export EXT_IF=em1
  33.  
  34. export PUBLIC_IP=${MNG_IP} #EXT_IP
  35. export INT_IP=${MNG_IP}
  36. export ADMIN_IP=${MNG_IP} #EXT_IP
  37.  
  38. export GLANCE_HOST=${CONTROLLER_HOST}
  39. export MYSQL_HOST=${CONTROLLER_HOST}
  40. export KEYSTONE_ADMIN_ENDPOINT=${CONTROLLER_HOST} #CONTROLLER_EXT_HOST
  41. export KEYSTONE_ENDPOINT=${KEYSTONE_ADMIN_ENDPOINT}
  42. #export CONTROLLER_EXTERNAL_HOST=${KEYSTONE_ADMIN_ENDPOINT}
  43. export MYSQL_NEUTRON_PASS=openstack
  44. export SERVICE_TENANT_NAME=service
  45. export SERVICE_PASS=openstack
  46. export ENDPOINT=${KEYSTONE_ADMIN_ENDPOINT}
  47. export SERVICE_TOKEN=ADMIN
  48. export SERVICE_ENDPOINT=https://${KEYSTONE_ADMIN_ENDPOINT}:35357/v2.0
  49. export MONGO_KEY=MongoFoo
  50. export OS_CACERT=${INSTALL_DIR}/ca.pem
  51. export OS_KEY=${INSTALL_DIR}/cakey.pem
  52. export CINDER_ENDPOINT=${CONTROLLER_HOST}
  53.  
  54. # configure host resolution
  55. echo "
  56. # OpenStack hosts
  57. ${CONTROLLER_HOST} controller.ostest controller
  58. ${NETWORK_HOST} network.ostest network
  59. ${COMPUTE1_HOST} compute-01.ostest compute-01
  60. ${COMPUTE2_HOST} compute-02.ostest compute-02" | sudo tee -a /etc/hosts
  61.  
  62. # UPGRADE
  63. sudo apt-get install -y software-properties-common ubuntu-cloud-keyring
  64. sudo add-apt-repository -y cloud-archive:juno
  65. sudo apt-get update && sudo apt-get upgrade -y
  66.  
  67.  
  68. # ssh-keyscan controller >> ~/.ssh/known_hosts
  69. # cat ${INSTALL_DIR}/id_rsa.pub | sudo tee -a /root/.ssh/authorized_keys
  70. # cp ${INSTALL_DIR}/id_rsa* ~/.ssh/
  71. sudo scp root@controller:/etc/ssl/certs/ca.pem /etc/ssl/certs/ca.pem
  72. sudo c_rehash /etc/ssl/certs/ca.pem
  73.  
  74. #######################
  75. # Chapter 4 - Compute #
  76. #######################
  77.  
  78. # Must define your environment
  79. MYSQL_HOST=${CONTROLLER_HOST}
  80. GLANCE_HOST=${CONTROLLER_HOST}
  81.  
  82. SERVICE_TENANT=service
  83. NOVA_SERVICE_USER=nova
  84. NOVA_SERVICE_PASS=nova
  85.  
  86. nova_compute_install() {
  87.     # Install some packages:
  88.     sudo apt-get -y install ntp nova-api-metadata nova-compute nova-compute-qemu nova-doc novnc nova-novncproxy sasl2-bin
  89.     sudo apt-get -y install neutron-common neutron-plugin-ml2 neutron-plugin-openvswitch-agent
  90.     # [DVR] # sudo apt-get -y install neutron-l3-agent
  91.     sudo apt-get -y install vlan bridge-utils
  92.     sudo apt-get -y install libvirt-bin pm-utils sysfsutils
  93.     sudo service ntp restart
  94. }
  95.  
  96. nova_configure() {
  97.  
  98. # Networking
  99. # ip forwarding
  100. echo "net.ipv4.ip_forward=1
  101. net.ipv4.conf.all.rp_filter=0
  102. net.ipv4.conf.default.rp_filter=0" | tee -a /etc/sysctl.conf
  103. sysctl -p
  104.  
  105. # configure libvirtd.conf
  106. cat > /etc/libvirt/libvirtd.conf << EOF
  107. listen_tls = 0
  108. listen_tcp = 1
  109. unix_sock_group = "libvirtd"
  110. unix_sock_ro_perms = "0777"
  111. unix_sock_rw_perms = "0770"
  112. unix_sock_dir = "/var/run/libvirt"
  113. auth_unix_ro = "none"
  114. auth_unix_rw = "none"
  115. auth_tcp = "none"
  116. EOF
  117.  
  118. # configure libvirtd.conf
  119. cat > /etc/libvirt/libvirt.conf << EOF
  120. uri_default = "qemu:///system"
  121. EOF
  122.  
  123. # configure libvirt-bin.conf
  124. sudo sed -i 's/libvirtd_opts="-d"/libvirtd_opts="-d -l"/g' /etc/default/libvirt-bin
  125.  
  126. # restart libvirt
  127. sudo service libvirt-bin restart
  128.  
  129. # OpenVSwitch
  130. sudo apt-get install -y linux-headers-`uname -r` build-essential
  131. sudo apt-get install -y openvswitch-switch
  132.  
  133. # OpenVSwitch Configuration
  134. #br-int will be used for VM integration
  135. sudo ovs-vsctl add-br br-int
  136.  
  137. # Neutron Tenant Tunnel Network
  138. sudo ovs-vsctl add-br ${VMN_BR}
  139. sudo ovs-vsctl add-port ${VMN_BR} ${VMN_IF}
  140.  
  141. # In reality you would edit the /etc/network/interfaces file for eth3?
  142. sudo ifconfig ${VMN_IF} 0.0.0.0 up
  143. sudo ip link set ${VMN_IF} promisc on
  144. # Assign IP to br-eth2 so it is accessible
  145. sudo ifconfig ${VMN_BR} ${VMN_IP} netmask 255.255.255.0
  146.  
  147. #
  148. # Uncomment for DVR
  149. #
  150. # Neutron External Router Network
  151. #sudo ovs-vsctl add-br ${EXT_BR}
  152. #sudo ovs-vsctl add-port ${EXT_BR} ${EXT_IF}
  153. #
  154. ## In reality you would edit the /etc/network/interfaces file for eth3
  155. #sudo ifconfig ${EXT_IF} 0.0.0.0 up
  156. #sudo ip link set ${EXT_IF} promisc on
  157. ## Assign IP to br-ex so it is accessible
  158. #sudo ifconfig ${EXT_BR} ${EXT_IP} netmask 255.255.255.0
  159.  
  160.  
  161. # Config Files
  162. NEUTRON_CONF=/etc/neutron/neutron.conf
  163. NEUTRON_PLUGIN_ML2_CONF_INI=/etc/neutron/plugins/ml2/ml2_conf.ini
  164. NEUTRON_L3_AGENT_INI=/etc/neutron/l3_agent.ini
  165. NEUTRON_DHCP_AGENT_INI=/etc/neutron/dhcp_agent.ini
  166. NEUTRON_METADATA_AGENT_INI=/etc/neutron/metadata_agent.ini
  167.  
  168. NEUTRON_SERVICE_USER=neutron
  169. NEUTRON_SERVICE_PASS=neutron
  170.  
  171. # Configure Neutron
  172. cat > ${NEUTRON_CONF} << EOF
  173. [DEFAULT]
  174. verbose = True
  175. debug = True
  176. state_path = /var/lib/neutron
  177. lock_path = \$state_path/lock
  178. log_dir = /var/log/neutron
  179.  
  180. bind_host = 0.0.0.0
  181. bind_port = 9696
  182.  
  183. # Plugin
  184. core_plugin = ml2
  185. service_plugins = router
  186. allow_overlapping_ips = True
  187. #router_distributed = True
  188. #dvr_base_mac = fa:16:3f:01:00:00
  189.  
  190. # auth
  191. auth_strategy = keystone
  192. nova_api_insecure = True
  193.  
  194. # RPC configuration options. Defined in rpc __init__
  195. # The messaging module to use, defaults to kombu.
  196. rpc_backend = neutron.openstack.common.rpc.impl_kombu
  197.  
  198. rabbit_host = ${CONTROLLER_HOST}
  199. rabbit_password = guest
  200. rabbit_port = 5672
  201. rabbit_userid = guest
  202. rabbit_virtual_host = /
  203. rabbit_ha_queues = false
  204.  
  205. # ============ Notification System Options =====================
  206. notification_driver = neutron.openstack.common.notifier.rpc_notifier
  207.  
  208. [agent]
  209. root_helper = sudo
  210.  
  211. [keystone_authtoken]
  212. auth_host = ${KEYSTONE_ADMIN_ENDPOINT}
  213. auth_port = 35357
  214. auth_protocol = https
  215. admin_tenant_name = ${SERVICE_TENANT}
  216. admin_user = ${NEUTRON_SERVICE_USER}
  217. admin_password = ${NEUTRON_SERVICE_PASS}
  218. signing_dir = \$state_path/keystone-signing
  219. insecure = True
  220.  
  221. [database]
  222. connection = mysql://neutron:${MYSQL_NEUTRON_PASS}@${CONTROLLER_HOST}/neutron
  223.  
  224. [service_providers]
  225. #service_provider=LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
  226. #service_provider=FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:defaul
  227. #service_provider=VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
  228.  
  229. EOF
  230.  
  231. #
  232. # Chapter 3 - Networking DVR
  233. #
  234.  
  235. #cat > ${NEUTRON_L3_AGENT_INI} << EOF
  236. #[DEFAULT]
  237. #interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
  238. #use_namespaces = True
  239. #agent_mode = dvr
  240. #external_network_bridge = br-ex
  241. #verbose = True
  242. #EOF
  243.  
  244. cat > ${NEUTRON_PLUGIN_ML2_CONF_INI} << EOF
  245. [ml2]
  246. type_drivers = gre,vxlan
  247. tenant_network_types = vxlan
  248. mechanism_drivers = openvswitch,l2population
  249.  
  250. [ml2_type_gre]
  251. tunnel_id_ranges = 1:1000
  252.  
  253. [ml2_type_vxlan]
  254. vni_ranges = 1:1000
  255.  
  256. #[vxlan]
  257. #enable_vxlan = True
  258. #vxlan_group =
  259. #local_ip = ${ETH2_IP}
  260. #l2_population = True
  261.  
  262. [agent]
  263. tunnel_types = vxlan
  264. l2_population = True
  265. #enable_distributed_routing = True
  266. #arp_responder = True
  267.  
  268. [ovs]
  269. local_ip = ${MNG_IP} #${ETH2_IP}
  270. tunnel_type = vxlan
  271. enable_tunneling = True
  272. l2_population = True
  273. #enable_distributed_routing = True
  274. tunnel_bridge = br-tun
  275.  
  276.  
  277.  
  278. [securitygroup]
  279. firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
  280. enable_security_group = True
  281. EOF
  282.  
  283. echo "
  284. Defaults !requiretty
  285. neutron ALL=(ALL:ALL) NOPASSWD:ALL" | tee -a /etc/sudoers
  286.  
  287. # Metadata
  288. cat > ${NEUTRON_METADATA_AGENT_INI} << EOF
  289. [DEFAULT]
  290. auth_url = https://${KEYSTONE_ENDPOINT}:5000/v2.0
  291. auth_region = regionOne
  292. admin_tenant_name = service
  293. admin_user = neutron
  294. admin_password = neutron
  295. nova_metadata_ip = ${CONTROLLER_HOST}
  296. auth_insecure = True
  297. metadata_proxy_shared_secret = foo
  298. EOF
  299.  
  300.  
  301. # Restart Neutron Services
  302. service neutron-plugin-openvswitch-agent restart
  303. restart neutron-metadata-agent
  304.  
  305. # Qemu or KVM (VT-x/AMD-v)
  306. KVM=$(egrep '(vmx|svm)' /proc/cpuinfo)
  307. if [[ ${KVM} ]]
  308. then
  309.     LIBVIRT=kvm
  310. else
  311.     LIBVIRT=qemu
  312. fi
  313.  
  314.  
  315. # Clobber the nova.conf file with the following
  316. NOVA_CONF=/etc/nova/nova.conf
  317. NOVA_API_PASTE=/etc/nova/api-paste.ini
  318. #copy cert from controller to trust it
  319.  
  320. cat > ${NOVA_CONF} <<EOF
  321. [DEFAULT]
  322. dhcpbridge_flagfile=/etc/nova/nova.conf
  323. dhcpbridge=/usr/bin/nova-dhcpbridge
  324. logdir=/var/log/nova
  325. state_path=/var/lib/nova
  326. lock_path=/var/lock/nova
  327. root_helper=sudo nova-rootwrap /etc/nova/rootwrap.conf
  328. verbose=True
  329.  
  330. use_syslog = True
  331. syslog_log_facility = LOG_LOCAL0
  332.  
  333. api_paste_config=/etc/nova/api-paste.ini
  334. enabled_apis=ec2,osapi_compute,metadata
  335.  
  336. # Libvirt and Virtualization
  337. libvirt_use_virtio_for_bridges=True
  338. connection_type=libvirt
  339. libvirt_type=${LIBVIRT}
  340.  
  341. # Database
  342. sql_connection=mysql://nova:openstack@${MYSQL_HOST}/nova
  343.  
  344. # Messaging
  345. rabbit_host=${MYSQL_HOST}
  346.  
  347. # EC2 API Flags
  348. ec2_host=${MYSQL_HOST}
  349. ec2_dmz_host=${MYSQL_HOST}
  350. ec2_private_dns_show_ip=True
  351.  
  352. # Network settings
  353. network_api_class=nova.network.neutronv2.api.API
  354. neutron_url=http://${CONTROLLER_HOST}:9696
  355. neutron_auth_strategy=keystone
  356. neutron_admin_tenant_name=service
  357. neutron_admin_username=neutron
  358. neutron_admin_password=neutron
  359. neutron_admin_auth_url=https://${KEYSTONE_ENDPOINT}:5000/v2.0
  360. libvirt_vif_driver=nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
  361. linuxnet_interface_driver=nova.network.linux_net.LinuxOVSInterfaceDriver
  362. #firewall_driver=nova.virt.libvirt.firewall.IptablesFirewallDriver
  363. security_group_api=neutron
  364. firewall_driver=nova.virt.firewall.NoopFirewallDriver
  365. neutron_ca_certificates_file=/etc/ssl/certs/ca.pem
  366.  
  367. service_neutron_metadata_proxy=true
  368. neutron_metadata_proxy_shared_secret=foo
  369.  
  370. #Metadata
  371. metadata_host = ${CONTROLLER_HOST}
  372. metadata_listen = ${CONTROLLER_HOST}
  373. metadata_listen_port = 8775
  374.  
  375. # Cinder #
  376. volume_driver=nova.volume.driver.ISCSIDriver
  377. enabled_apis=ec2,osapi_compute,metadata
  378. volume_api_class=nova.volume.cinder.API
  379. iscsi_helper=tgtadm
  380. iscsi_ip_address=${CINDER_ENDPOINT}
  381.  
  382. # Images
  383. image_service=nova.image.glance.GlanceImageService
  384. glance_api_servers=${GLANCE_HOST}:9292
  385.  
  386. # Scheduler
  387. scheduler_default_filters=AllHostsFilter
  388.  
  389. # Auth
  390. auth_strategy=keystone
  391. keystone_ec2_url=https://${KEYSTONE_ENDPOINT}:5000/v2.0/ec2tokens
  392.  
  393. # NoVNC
  394. novnc_enabled=true
  395. novncproxy_host=${CONTROLLER_HOST} #CONTROLLER_EXTERNAL_HOST
  396. novncproxy_base_url=http://${CONTROLLER_HOST}:6080/vnc_auto.html #CONTROLLER_EXTERNAL_HOST
  397. novncproxy_port=6080
  398. #
  399. xvpvncproxy_port=6081
  400. xvpvncproxy_host=${CONTROLLER_HOST} #CONTROLLER_EXTERNAL_HOST
  401. xvpvncproxy_base_url=http://${CONTROLLER_HOST}:6081/console #CONTROLLER_EXTERNAL_HOST
  402.  
  403. vnc_enabled = True
  404. vncserver_proxyclient_address=${EXT_IP} #
  405. vncserver_listen=0.0.0.0
  406.  
  407. [keystone_authtoken]
  408. admin_tenant_name = ${SERVICE_TENANT}
  409. admin_user = ${NOVA_SERVICE_USER}
  410. admin_password = ${NOVA_SERVICE_PASS}
  411. identity_uri = https://${KEYSTONE_ADMIN_ENDPOINT}:35357/
  412. insecure = True
  413.  
  414.  
  415. EOF
  416.  
  417. sudo chmod 0640 $NOVA_CONF
  418. sudo chown nova:nova $NOVA_CONF
  419.  
  420. }
  421.  
  422.  
  423. ##############################
  424. # Chapter 9 - More OpenStack #
  425. ##############################
  426.  
  427. # nova_ceilometer() {
  428. #   /vagrant/ceilometer-compute.sh
  429. # }
  430.  
  431. nova_restart() {
  432.     sudo stop libvirt-bin
  433.     sudo start libvirt-bin
  434.     for P in $(ls /etc/init/nova* | cut -d'/' -f4 | cut -d'.' -f1)
  435.     do
  436.         sudo stop ${P}
  437.         sudo start ${P}
  438.     done
  439. }
  440.  
  441. # Main
  442. nova_compute_install
  443. nova_configure
  444. # nova_ceilometer
  445. nova_restart
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!