Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Preliminari per entrambi i nodi
- -------------------------------
- #systemctl enable ntpd
- #systemctl start ntpd
- Installare il repository Yum per OpenStack Kilo
- -----------------------------------------------
- #yum -y install https://rdo.fedorapeople.org/openstack-kilo/rdo-release-kilo.rpm
- #yum clean all
- #yum -y upgrade
- #yum -y install openstack-selinux openstack-utils
- NODO CONTROLLER
- ---------------
- Database
- --------
- #yum -y install mariadb mariadb-server MySQL-python
- Configurare MariaDB
- -------------------
- #cat << EOF > /etc/my.cnf
- [mysqld]
- datadir=/var/lib/mysql
- socket=/var/lib/mysql/mysql.sock
- # Disabling symbolic-links is recommended to prevent assorted security risks
- symbolic-links=0
- # Settings user and group are ignored when systemd is used.
- # If you need to run mysqld under a different user or group,
- # customize your systemd unit file for mariadb according to the
- # instructions in http://fedoraproject.org/wiki/Systemd
- bind-address = <IP-MGMT_NODO_CONTROLLER>
- default-storage-engine = innodb
- innodb_file_per_table
- collation-server = utf8_general_ci
- init-connect = 'SET NAMES utf8'
- character-set-server = utf8
- [mysqld_safe]
- log-error=/var/log/mariadb/mariadb.log
- pid-file=/var/run/mariadb/mariadb.pid
- #
- # include all files from the config directory
- #
- !includedir /etc/my.cnf.d
- EOF
- #systemctl enable mariadb.service
- #systemctl start mariadb.service
- #firewall-cmd --add-port=3306/tcp
- #firewall-cmd --permanent --add-port=3306/tcp
- #systemctl restart firewalld
- RabbitMQ (AMQP)
- ------------------------------------------------------
- #yum -y install rabbitmq-server
- #systemctl enable rabbitmq-server.service
- #systemctl start rabbitmq-server.service
- #firewall-cmd --add-port=5672/tcp
- #firewall-cmd --add-port=5672/udp
- #firewall-cmd --permanent --add-port=5672/tcp
- #firewall-cmd --permanent --add-port=5672/udp
- #systemctl restart firewalld
- #mysql -u root
- #CREATE DATABASE keystone;
- #CREATE DATABASE glance;
- #CREATE DATABASE nova;
- #CREATE DATABASE neutron;
- #CREATE DATABASE cinder;
- #CREATE DATABASE heat;
- #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY 'KEYSTONE_DB_PWD';
- #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'KEYSTONE_DB_PWD';
- #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'KEYSTONE_DB_PWD';
- #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'KEYSTONE_DB_PWD';
- #GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'KEYSTONE_DB_PWD';
- #GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY 'GLANCE_DB_PWD';
- #GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'GLANCE_DB_PWD';
- #GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'GLANCE_DB_PWD';
- #GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'GLANCE_DB_PWD';
- #GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'GLANCE_DB_PWD';
- #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY 'NOVA_DB_PWD';
- #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'NOVA_DB_PWD';
- #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'NOVA_DB_PWD';
- #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'NOVA_DB_PWD';
- #GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'NOVA_DB_PWD';
- #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DB_PWD';
- #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'NEUTRON_DB_PWD';
- #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'NEUTRON_DB_PWD';
- #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'NEUTRON_DB_PWD';
- #GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'NEUTRON_DB_PWD';
- #GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY 'CINDER_DB_PWD';
- #GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'CINDER_DB_PWD';
- #GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'CINDER_DB_PWD';
- #GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'CINDER_DB_PWD';
- #GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'CINDER_DB_PWD';
- #GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY 'HEAT_DB_PWD';
- #GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'<IP-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'HEAT_DB_PWD';
- #GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'<IP-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'HEAT_DB_PWD';
- #GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'<HOSTNAME-MGMT_NODO_CONTROLLER>' IDENTIFIED BY 'HEAT_DB_PWD';
- #GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'<HOSTNAME-MGMT_NODO_COMPUTE>' IDENTIFIED BY 'HEAT_DB_PWD';
- #flush privileges;
- #commit;
- #exit
- Servizio identita' e catalogo: Keystone
- ---------------------------------------
- #yum -y install openstack-keystone httpd mod_wsgi python-openstackclient memcached python-memcached
- #systemctl enable memcached.service
- #systemctl start memcached.service
- #ADMIN_TOKEN=`openssl rand -hex 10`
- #openstack-config --set /etc/keystone/keystone.conf DEFAULT admin_token $ADMIN_TOKEN
- #openstack-config --set /etc/keystone/keystone.conf database connection "mysql://keystone:KEYSTONE_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/keystone"
- #openstack-config --set /etc/keystone/keystone.conf memcache servers localhost:11211
- #openstack-config --set /etc/keystone/keystone.conf token provider keystone.token.providers.uuid.Provider
- #openstack-config --set /etc/keystone/keystone.conf token driver keystone.token.persistence.backends.sql.Token
- #openstack-config --set /etc/keystone/keystone.conf revoke driver keystone.contrib.revoke.backends.sql.Revoke
- #sed -i 's+^#ServerName+ServerName+' /etc/httpd/conf/httpd.conf
- #sed -i 's+^ServerName.*+ServerName <IP-MGMT_NODO_CONTROLLER>+' /etc/httpd/conf/httpd.conf
- #cat << EOF > /etc/httpd/conf.d/wsgi-keystone.conf
- Listen 5000
- Listen 35357
- <VirtualHost *:5000>
- WSGIDaemonProcess keystone-public processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-public
- WSGIScriptAlias / /var/www/cgi-bin/keystone/main
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- LogLevel info
- ErrorLogFormat "%{cu}t %M"
- ErrorLog /var/log/httpd/keystone-error.log
- CustomLog /var/log/httpd/keystone-access.log combined
- </VirtualHost>
- <VirtualHost *:35357>
- WSGIDaemonProcess keystone-admin processes=5 threads=1 user=keystone group=keystone display-name=%{GROUP}
- WSGIProcessGroup keystone-admin
- WSGIScriptAlias / /var/www/cgi-bin/keystone/admin
- WSGIApplicationGroup %{GLOBAL}
- WSGIPassAuthorization On
- LogLevel info
- ErrorLogFormat "%{cu}t %M"
- ErrorLog /var/log/httpd/keystone-error.log
- CustomLog /var/log/httpd/keystone-access.log combined
- </VirtualHost>
- EOF
- #mkdir -p /var/www/cgi-bin/keystone
- #curl http://git.openstack.org/cgit/openstack/keystone/plain/httpd/keystone.py?h=stable/kilo | tee /var/www/cgi-bin/keystone/main /var/www/cgi-bin/keystone/admin
- #chown -R keystone:keystone /var/www/cgi-bin/keystone
- #chmod 755 /var/www/cgi-bin/keystone/*
- #systemctl enable httpd.service
- #systemctl start httpd.service
- #su -s /bin/sh -c "keystone-manage db_sync" keystone
- #export OS_TOKEN=$ADMIN_TOKEN
- #export OS_URL=http://<IP-MGMT_NODO_CONTROLLER>:35357/v2.0
- #openstack service create --name keystone --description "OpenStack Identity" identity
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:5000/v2.0 --internalurl http://<IP-MGMT_NODO_CONTROLLER>:5000/v2.0 --adminurl http://<IP-MGMT_NODO_CONTROLLER>:35357/v2.0 --region RegionOne identity
- #openstack project create --description "Admin Project" admin
- #openstack user create --password ADMIN_PASS admin
- #openstack role create admin
- #openstack role create _member_
- #openstack role add --project admin --user admin admin
- #openstack project create --description "Service Project" service
- #unset OS_TOKEN OS_URL
- #cat << EOF > /root/admin-openrc.sh
- export OS_PROJECT_DOMAIN_ID=default
- export OS_USER_DOMAIN_ID=default
- export OS_PROJECT_NAME=admin
- export OS_TENANT_NAME=admin
- export OS_USERNAME=admin
- export OS_PASSWORD=ADMIN_PASS
- export OS_AUTH_URL=http://<IP-MGMT_NODO_CONTROLLER>:35357/v3
- EOF
- #source admin-openrc.sh
- #openstack token issue
- #firewall-cmd --add-port=5000/tcp
- #firewall-cmd --add-port=35357/tcp
- #firewall-cmd --permanent --add-port=5000/tcp
- #firewall-cmd --permanent --add-port=35357/tcp
- #systemctl restart firewalld
- #(crontab -l -u keystone 2>&1 | grep -q token_flush) || echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1' >> /var/spool/cron/keystone
- #yum -y install openstack-glance python-glance python-glanceclient
- #openstack user create --password GLANCE_PASS glance
- #openstack role add --project service --user glance admin
- #openstack service create --name glance --description "OpenStack Image service" image
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:9292 --internalurl http://<IP-MGMT_NODO_CONTROLLER>:9292 --adminurl http://<IP-MGMT_NODO_CONTROLLER>:9292 --region RegionOne image
- #openstack-config --set /etc/glance/glance-api.conf database connection "mysql://glance:GLANCE_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/glance"
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_plugin password
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_domain_id default
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken user_domain_id default
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken project_name service
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken username glance
- #openstack-config --set /etc/glance/glance-api.conf keystone_authtoken password GLANCE_PASS
- #openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
- #openstack-config --set /etc/glance/glance-api.conf DEFAULT image_size_cap 26843545600
- #openstack-config --set /etc/glance/glance-api.conf glance_store default_store file
- #openstack-config --set /etc/glance/glance-api.conf glance_store filesystem_store_datadir /glanceImages/
- #openstack-config --set /etc/glance/glance-api.conf DEFAULT notification_driver noop
- #openstack-config --set /etc/glance/glance-registry.conf database connection "mysql://glance:GLANCE_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/glance"
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_plugin password
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_domain_id default
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken user_domain_id default
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken project_name service
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken username glance
- #openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken password GLANCE_PASS
- #openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
- #openstack-config --set /etc/glance/glance-registry.conf DEFAULT notification_driver noop
- #su -s /bin/sh -c "glance-manage db_sync" glance
- #chown glance:glance /glanceImages
- #systemctl enable openstack-glance-api.service openstack-glance-registry.service
- #systemctl start openstack-glance-api.service openstack-glance-registry.service
- #firewall-cmd --add-port=9292/tcp
- #firewall-cmd --permanent --add-port=9292/tcp
- #systemctl restart firewalld
- #glance image-list
- #wget --no-check-certificate https://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img
- #glance image-create --human-readable --is-public True --file ./cirros-0.3.4-x86_64-disk.img --min-ram 256 --min-disk 1 --container-format bare --disk-format qcow2 --name "CirrOS 0.3.4 x86_64"
- #glance image-list
- +--------------------------------------+---------------------+-------------+------------------+----------+--------+
- | ID | Name | Disk Format | Container Format | Size | Status |
- +--------------------------------------+---------------------+-------------+------------------+----------+--------+
- | a876c8ea-9873-4be2-845d-c1b75f02c82d | CirrOS 0.3.4 x86_64 | qcow2 | bare | 13287936 | active |
- +--------------------------------------+---------------------+-------------+------------------+----------+--------+
- #yum -y install openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler python-novaclient
- #openstack user create --password NOVA_PASS nova
- #openstack role add --project service --user nova admin
- #openstack service create --name nova --description "OpenStack Compute" compute
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:8774/v2/%\(tenant_id\)s --internalurl http://<IP-MGMT_NODO_CONTROLLER>:8774/v2/%\(tenant_id\)s --adminurl http://<IP-MGMT_NODO_CONTROLLER>:8774/v2/%\(tenant_id\)s --region RegionOne compute
- #openstack-config --set /etc/nova/nova.conf database connection "mysql://nova:NOVA_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/nova"
- #openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend rabbit
- #openstack-config --set /etc/nova/nova.conf oslo_messaging_rabbit rabbit_host <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
- #openstack-config --set /etc/nova/nova.conf DEFAULT my_ip <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen <IP-PUBLIC_NODO_CONTROLLER>
- #openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address <IP-PUBLIC_NODO_CONTROLLER>
- #openstack-config --set /etc/nova/nova.conf libvirt inject_password true
- #openstack-config --set /etc/nova/nova.conf libvirt inject_key true
- #openstack-config --set /etc/nova/nova.conf libvirt inject_partition -2
- #openstack-config --set /etc/nova/nova.conf DEFAULT cpu_allocation_ratio 4.0
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_plugin password
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken project_domain_id default
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken user_domain_id default
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken project_name service
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken username nova
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken password NOVA_PASS
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000
- #openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/nova/nova.conf glance host <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/nova/nova.conf oslo_concurrency lock_path /var/lib/nova/tmp
- sed -i '/^.*\"admin_or_owner/a \"admin_or_user\": \"is_admin:True or user_id:%(user_id)s\",' /etc/nova/policy.json
- sed -i 's/^.*\"default\": \"rule:admin_or_owner\",/ \"default\": \"rule:admin_or_user\",/' /etc/nova/policy.json
- #su -s /bin/sh -c "nova-manage db sync" nova
- #systemctl enable openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
- #systemctl start openstack-nova-api.service openstack-nova-cert.service openstack-nova-consoleauth.service openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.service
- #firewall-cmd --add-port=8774/tcp
- #firewall-cmd --permanent --add-port=8774/tcp
- #firewall-cmd --add-port=6080/tcp
- #firewall-cmd --permanent --add-port=6080/tcp
- #systemctl restart firewalld
- Servizio di networking: Neutron
- -------------------------------
- #yum -y install openstack-neutron openstack-neutron-ml2 python-neutronclient which
- #openstack user create --password NEUTRON_PASS neutron
- #openstack role add --project service --user neutron admin
- #openstack service create --name neutron --description "OpenStack Networking" network
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:9696 --adminurl http://<IP-MGMT_NODO_CONTROLLER>:9696 --internalurl http://<IP-MGMT_NODO_CONTROLLER>:9696 --region RegionOne network
- #openstack-config --set /etc/neutron/neutron.conf database connection "mysql://neutron:NEUTRON_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/neutron"
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
- #openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
- #openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_url http://<IP-MGMT_NODO_CONTROLLER>:8774/v2
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_plugin password
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_id default
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_id default
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
- #openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
- #openstack-config --set /etc/neutron/neutron.conf nova auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/neutron/neutron.conf nova auth_plugin password
- #openstack-config --set /etc/neutron/neutron.conf nova project_domain_id default
- #openstack-config --set /etc/neutron/neutron.conf nova user_domain_id default
- #openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
- #openstack-config --set /etc/neutron/neutron.conf nova project_name service
- #openstack-config --set /etc/neutron/neutron.conf nova username nova
- #openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,gre,vxlan
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
- #openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
- #openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
- #openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
- #openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
- #openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
- #openstack-config --set /etc/nova/nova.conf neutron url http://<IP-MGMT_NODO_CONTROLLER>:9696
- #openstack-config --set /etc/nova/nova.conf neutron auth_strategy keystone
- #openstack-config --set /etc/nova/nova.conf neutron admin_auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357/v2.0
- #openstack-config --set /etc/nova/nova.conf neutron admin_tenant_name service
- #openstack-config --set /etc/nova/nova.conf neutron admin_username neutron
- #openstack-config --set /etc/nova/nova.conf neutron admin_password NEUTRON_PASS
- #ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
- #su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
- #systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service
- #systemctl enable neutron-server.service
- #systemctl start neutron-server.service
- #firewall-cmd --add-port=9696/tcp
- #firewall-cmd --permanent --add-port=9696/tcp
- #systemctl restart firewalld
- neutron net-list # nessun output ma neppure nessun errore
- nova net-list # nessun output ma neppure nessun errore
- +----+-------+------+
- | ID | Label | CIDR |
- +----+-------+------+
- +----+-------+------+
- Servizio di gestione volumi: Cinder
- -----------------------------------
- #yum -y install openstack-cinder python-cinderclient python-oslo-db qemu lvm2 openstack-cinder targetcli python-oslo-db python-oslo-log MySQL-python scsi-target-utils
- #openstack user create --password CINDER_PASS cinder
- #openstack role add --project service --user cinder admin
- #openstack service create --name cinder --description "OpenStack Block Storage" volume
- #openstack service create --name cinderv2 --description "OpenStack Block Storage" volumev2
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --internalurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --adminurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --region RegionOne volume
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --internalurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --adminurl http://<IP-MGMT_NODO_CONTROLLER>:8776/v2/%\(tenant_id\)s --region RegionOne volumev2
- #openstack-config --set /etc/cinder/cinder.conf database connection "mysql://cinder:CINDER_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/cinder"
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT rpc_backend rabbit
- #openstack-config --set /etc/cinder/cinder.conf oslo_messaging_rabbit rabbit_host <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT auth_strategy keystone
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT my_ip <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/cinder/cinder.conf oslo_concurrency lock_path /var/lib/cinder/tmp
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_url http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken auth_plugin password
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_domain_id default
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken user_domain_id default
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken username cinder
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken password CINDER_PASS
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT enable_v1_api false
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT enable_v2_api true
- #openstack-config --set /etc/cinder/cinder.conf keystone_authtoken project_name service
- #openstack-config --set /etc/cinder/cinder.conf DEFAULT glance_host <IP-MGMT_NODO_CONTROLLER>
- #su -s /bin/sh -c "cinder-manage db sync" cinder
- #systemctl enable openstack-cinder-api.service openstack-cinder-scheduler.service
- #systemctl start openstack-cinder-api.service openstack-cinder-scheduler.service
- #firewall-cmd --add-port=8776/tcp
- #firewall-cmd --permanent --add-port=8776/tcp
- #firewall-cmd --add-port=3260/tcp
- #firewall-cmd --permanent --add-port=3260/tcp
- #systemctl restart firewalld
- Servizio di orchestrazione e automazione: Heat
- ----------------------------------------------
- #yum -y install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine python-heatclient
- #openstack user create --password HEAT_PASS heat
- #openstack role add --project service --user heat admin
- #openstack role create heat_stack_owner
- #openstack role create heat_stack_user
- #openstack service create --name heat --description "Orchestration" orchestration
- #openstack service create --name heat-cfn --description "Orchestration" cloudformation
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:8004/v1/%\(tenant_id\)s --internalurl http://<IP-MGMT_NODO_CONTROLLER>:8004/v1/%\(tenant_id\)s --adminurl http://<IP-MGMT_NODO_CONTROLLER>:8004/v1/%\(tenant_id\)s --region RegionOne orchestration
- #openstack endpoint create --publicurl http://<IP-MGMT_NODO_CONTROLLER>:8000/v1 --internalurl http://<IP-MGMT_NODO_CONTROLLER>:8000/v1 --adminurl http://<IP-MGMT_NODO_CONTROLLER>:8000/v1 --region RegionOne cloudformation
- #cp /usr/share/heat/heat-dist.conf /etc/heat/heat.conf
- #chown -R heat:heat /etc/heat/heat.conf
- #openstack-config --set /etc/heat/heat.conf database connection "mysql://heat:HEAT_DB_PWD@<IP-MGMT_NODO_CONTROLLER>/heat"
- #openstack-config --set /etc/heat/heat.conf DEFAULT rpc_backend rabbit
- #openstack-config --set /etc/heat/heat.conf oslo_messaging_rabbit rabbit_host <IP-MGMT_NODO_CONTROLLER>
- #openstack-config --set /etc/heat/heat.conf keystone_authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000/v2.0
- #openstack-config --set /etc/heat/heat.conf keystone_authtoken identity_uri http://<IP-MGMT_NODO_CONTROLLER>:35357
- #openstack-config --set /etc/heat/heat.conf keystone_authtoken admin_tenant_name service
- #openstack-config --set /etc/heat/heat.conf keystone_authtoken admin_user heat
- #openstack-config --set /etc/heat/heat.conf keystone_authtoken admin_password HEAT_PASS
- #openstack-config --set /etc/heat/heat.conf ec2authtoken auth_uri http://<IP-MGMT_NODO_CONTROLLER>:5000/v2.0
- #openstack-config --set /etc/heat/heat.conf DEFAULT heat_metadata_server_url http://<IP-MGMT_NODO_CONTROLLER>:8000
- #openstack-config --set /etc/heat/heat.conf DEFAULT heat_waitcondition_server_url http://<IP-MGMT_NODO_CONTROLLER>:8000/v1/waitcondition
- #openstack-config --set /etc/heat/heat.conf DEFAULT stack_domain_admin heat_domain_admin
- #openstack-config --set /etc/heat/heat.conf DEFAULT stack_user_domain_name heat_user_domain
- #openstack-config --set /etc/heat/heat.conf DEFAULT stack_domain_admin_password HEAT_DOMAIN_PASS
- #heat-keystone-setup-domain --stack-user-domain-name heat_user_domain --stack-domain-admin heat_domain_admin --stack-domain-admin-password HEAT_DOMAIN_PASS
- #su -s /bin/sh -c "heat-manage db_sync" heat
- #systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
- #systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
- #firewall-cmd --add-port=8004/tcp
- #firewall-cmd --add-port=8000/tcp
- #firewall-cmd --permanent --add-port=8004/tcp
- #firewall-cmd --permanent --add-port=8000/tcp
- #systemctl restart firewalld
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement