变量
ctrl_ip="172.36.214.11" #controller_mgt_ip
#Note: The hostname cannot contain "_"
ctrl_hostname=`cat /etc/hostname`
all_pwd="123456"
#inspector_ip you should set on inspector_interface
inspector_ip="10.0.0.1"
inspector_intface="ens256"
inspector_ippool_start="10.0.0.100"
inspector_ippool_end="10.0.0.200"
source /root/admin-openrc
openstack network create Provision --provider-network-type vxlan --provider-segment 4001
#provision_ip you should set on inspector_interface's vlan subinterface, for example: ens256.1255
provision_vlan="4001"
provision_ip="20.0.0.1"
provision_uuid=`openstack network show Provision | grep id|grep -v pro|grep -v qos|tr -d " "|awk -F '|' '{print$3}'`
echo $provision_uuid
sleep 3
set inpspector interface
sed -i "/BOOTPROTO/cBOOTPROTO=none" /etc/sysconfig/network-scripts/ifcfg-$inspector_intface
sed -i "/ONBOOT/cONBOOT=yes" /etc/sysconfig/network-scripts/ifcfg-$inspector_intface
echo "IPADDR=$inspector_ip" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface
echo "PREFIX=24" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface
set provision interface
echo "BOOTPROTO=none" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "DEVICE=$inspector_intface.$provision_vlan" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "ONBOOT=yes" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "IPADDR=$provision_ip" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
echo "VLAN=yes" >>/etc/sysconfig/network-scripts/ifcfg-$inspector_intface.$provision_vlan
systemctl restart network
systemctl status network
yum install qemu-img iscsi-initiator-utils python2-ironicclient psmisc gdisk -y
Database
mysql -N -u root -p$all_pwd<
ironic
openstack user create --password $all_pwd --email [email protected] ironic
openstack role add --project service --user ironic admin
openstack service create --name ironic --description "ironic baremetal provisioning service" baremetal
openstack endpoint create --region RegionOne baremetal admin http://$ctrl_ip:6385
openstack endpoint create --region RegionOne baremetal public http://$ctrl_ip:6385
openstack endpoint create --region RegionOne baremetal internal http://$ctrl_ip:6385
iroic-inspector
openstack user create --password $all_pwd --email [email protected] ironic_inspector
openstack role add --project service --user ironic_inspector admin
openstack service create --name ironic_inspector --description "ironic inspector baremetal provisioning service" baremetal-introspection
openstack endpoint create --region RegionOne --enable ironic_inspector admin http://$ctrl_ip:5050
openstack endpoint create --region RegionOne --enable ironic_inspector internal http://$ctrl_ip:5050
openstack endpoint create --region RegionOne --enable ironic_inspector public http://$ctrl_ip:5050
ironic ironic-soft install
yum install -y openstack-ironic-api openstack-ironic-conductor python-ironicclient
yum install -y openstack-ironic-inspector
sed -i "/\[DEFAULT]$/adebug = True" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_inspect_interfaces = inspector,no-inspect" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_power_interfaces = ipmitool" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_management_interfaces = ipmitool" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_deploy_interfaces = iscsi,direct" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_boot_interfaces = pxe" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_hardware_types = ipmi" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/adefault_network_interface = neutron" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aenabled_network_interfaces = neutron" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/amy_ip=$ctrl_ip" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/aauth_strategy=keystone" /etc/ironic/ironic.conf
sed -i "/\[DEFAULT]$/atransport_url = rabbit://openstack:$all_pwd@$ctrl_ip/" /etc/ironic/ironic.conf
sed -i "/\[api]$/aport = 6385" /etc/ironic/ironic.conf
sed -i "/\[api]$/ahost_ip = 0.0.0.0" /etc/ironic/ironic.conf
sed -i "/\[conductor]$/aautomated_clean=false" /etc/ironic/ironic.conf
sed -i "/\[conductor]$/aapi_url=http://$ctrl_ip:6385" /etc/ironic/ironic.conf
sed -i "/\[database]$/aconnection=mysql+pymysql://ironic:$all_pwd@$ctrl_ip/ironic?charset=utf8" /etc/ironic/ironic.conf
sed -i "/\[deploy]$/adefault_boot_option = local" /etc/ironic/ironic.conf
sed -i "/\[dhcp]$/adhcp_provider = neutron" /etc/ironic/ironic.conf
sed -i "/\[glance]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[glance]$/ausername = glance" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[glance]$/auser_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aproject_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aendpoint_override = http://$ctrl_ip:9292" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aurl =http://$ctrl_ip:9292" /etc/ironic/ironic.conf
sed -i "/\[glance]$/aglance_host = $ctrl_ip" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aservice_url = http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aurl = http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aendpoint_override = http://$ctrl_ip:5050" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aenabled=true" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/auser_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aproject_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aproject_name=service" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/apassword=$all_pwd" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/ausername=ironic_inspector" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[inspector]$/aauth_type=password" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name=default" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aproject_name=service" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/apassword=$all_pwd" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/ausername=ironic" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_uri=http://$ctrl_ip:5000" /etc/ironic/ironic.conf
sed -i "/\[keystone_authtoken]$/aauth_type=password" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aprovisioning_network=$provision_uuid" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/acleaning_network=$provision_uuid" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/ausername = neutron" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/auser_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aproject_domain_name = default" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aauth_url = http://$ctrl_ip:5000/" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aendpoint_override = http://$ctrl_ip:9696" /etc/ironic/ironic.conf
sed -i "/\[neutron]$/aurl = http://$ctrl_ip:9696" /etc/ironic/ironic.conf
#对应的是provision网段的网关地址,这个provision不能绑定在路由上,不然交换机也下发该网关地址就冲突了
sed -i "/\[pxe]$/atftp_server = $provision_ip" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aregion_name = RegionOne" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/apassword = $all_pwd" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/ausername = ironic" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aproject_name = service" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/auser_domain_id = default" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aproject_domain_id = default" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aauth_type = password" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/ainsecure = true" /etc/ironic/ironic.conf
sed -i "/\[service_catalog]$/aendpoint_override=http://$ctrl_ip:6385" /etc/ironic/ironic.conf
ironic-dbsync --config-file /etc/ironic/ironic.conf create_schema
systemctl enable openstack-ironic-api openstack-ironic-conductor
systemctl restart openstack-ironic-api openstack-ironic-conductor
xinetd tftp-server syslinux-tftpboot
yum install tftp-server syslinux-tftpboot xinetd -y
echo > /etc/xinetd.d/tftp
echo "service tftp" >> /etc/xinetd.d/tftp
echo "{" >> /etc/xinetd.d/tftp
echo " socket_type = dgram" >> /etc/xinetd.d/tftp
echo " protocol = udp" >> /etc/xinetd.d/tftp
echo " port = 69" >> /etc/xinetd.d/tftp
echo " wait = yes" >> /etc/xinetd.d/tftp
echo " user = root" >> /etc/xinetd.d/tftp
echo " server = /usr/sbin/in.tftpd" >> /etc/xinetd.d/tftp
echo " server_args = -v -v -v -v -v --map-file /tftpboot/map-file /tftpboot" >> /etc/xinetd.d/tftp
echo " disable = no" >> /etc/xinetd.d/tftp
echo " per_source = 11" >> /etc/xinetd.d/tftp
echo " cps = 100 2" >> /etc/xinetd.d/tftp
echo " flags = IPv4" >> /etc/xinetd.d/tftp
echo "}" >> /etc/xinetd.d/tftp
systemctl enable xinetd && systemctl restart xinetd
mkdir /tftpboot
cp /var/lib/tftpboot/pxelinux.0 /tftpboot
echo 're ^(/tftpboot/) /tftpboot/\2' > /tftpboot/map-file
echo 're ^/tftpboot/ /tftpboot/' >> /tftpboot/map-file
echo 're ^(^/) /tftpboot/\1' >> /tftpboot/map-file
echo 're ^([^/]) /tftpboot/\1' >> /tftpboot/map-file
#cp /var/lib/tftpboot/chain.c32 /tftpboot/
mkdir /tftpboot/pxelinux.cfg
echo "default introspect" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "label introspect" >>/tftpboot/pxelinux.cfg/default
echo "kernel ironic-agent.kernel" >>/tftpboot/pxelinux.cfg/default
echo "append initrd=ironic-agent.initramfs ipa-inspection-callback-url=http://$inspector_ip:5050/v1/continue ipa-inspection-collectors=default ipa-collect-lldp=1 systemd.journald.forward_to_console=no selinux=0" >>/tftpboot/pxelinux.cfg/default
echo "" >>/tftpboot/pxelinux.cfg/default
echo "ipappend 3" >>/tftpboot/pxelinux.cfg/default
if [ -f "ironic-agent.kernel" ] && [ -f "ironic-agent.initramfs" ]
then
cp ironic-agent.kernel /tftpboot/
cp ironic-agent.initramfs /tftpboot/
chown -R ironic:ironic /tftpboot && chmod -R 777 /tftpboot
glance image-create --name ironic-agent.kernel --visibility public --disk-format aki --container-format aki < ironic-agent.kernel
glance image-create --name ironic-agent.initramfs --visibility public --disk-format ari --container-format ari < ironic-agent.initramfs
sleep 2
else
echo "Manual execution"
fi
ironic-inspector
#Edit /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/averbose = true" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/adebug = true" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/aauth_strategy = keystone" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/alisten_port = 5050" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/alisten_address = 0.0.0.0" /etc/ironic-inspector/inspector.conf
sed -i "/\[DEFAULT]$/arootwrap_config = /etc/ironic-inspector/rootwrap.conf" /etc/ironic-inspector/inspector.conf
sed -i "/\[capabilities]$/aboot_mode = true" /etc/ironic-inspector/inspector.conf
sed -i "/\[database]$/aconnection = mysql+pymysql://ironic_inspector:$all_pwd@$ctrl_ip/ironic_inspector?charset=utf8" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aregion_name = RegionOne" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/auser_domain_name = default" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aproject_domain_name = default" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/apassword = $all_pwd" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/ausername = ironic" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aproject_name = service" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aauth_url = http://$ctrl_ip:5000" /etc/ironic-inspector/inspector.conf
sed -i "/\[ironic]$/aauth_type = password" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/auser_domain_name = Default" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aproject_domain_name = Default" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aproject_name = service" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/apassword = $all_pwd" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/ausername = ironic_inspector" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_url = http://$ctrl_ip:35357" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_uri = http://$ctrl_ip:5000" /etc/ironic-inspector/inspector.conf
sed -i "/\[keystone_authtoken]$/aauth_type = password" /etc/ironic-inspector/inspector.conf
sed -i "/\[processing]$/aadd_ports = active" /etc/ironic-inspector/inspector.conf
sed -i "/\[processing]$/aprocessing_hooks=ramdisk_error,root_disk_selection,scheduler,validate_interfaces,capabilities,pci_devices,local_link_connection" /etc/ironic-inspector/inspector.conf
sed -i "/\[processing]$/astore_data = none" /etc/ironic-inspector/inspector.conf
#Edit /etc/ironic-inspector/dnsmasq.conf
#inspector的dhcp server
echo > /etc/ironic-inspector/dnsmasq.conf
echo "port = 0" >> /etc/ironic-inspector/dnsmasq.conf
echo "interface = $inspector_intface" >> /etc/ironic-inspector/dnsmasq.conf
echo "bind-interfaces" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-range = $inspector_ippool_start,$inspector_ippool_end" >> /etc/ironic-inspector/dnsmasq.conf
echo "enable-tftp" >> /etc/ironic-inspector/dnsmasq.conf
echo "tftp-root = /tftpboot" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-boot = pxelinux.0" >> /etc/ironic-inspector/dnsmasq.conf
echo "dhcp-sequential-ip" >> /etc/ironic-inspector/dnsmasq.conf
ironic-inspector-dbsync --config-file /etc/ironic-inspector/inspector.conf upgrade
systemctl enable openstack-ironic-inspector.service openstack-ironic-inspector-dnsmasq.service
systemctl restart openstack-ironic-inspector.service openstack-ironic-inspector-dnsmasq.service
#Edit /etc/nova/nova.conf on controller node
sed -i "/\[DEFAULT]$/areserved_host_memory_mb = 0" /etc/nova/nova.conf
sed -i "/\[DEFAULT]$/aram_allocation_ratio = 1.0" /etc/nova/nova.conf
sed -i "/\[filter_scheduler]$/atrack_instance_changes = false" /etc/nova/nova.conf
sed -i "/\[filter_scheduler]$/aenabled_filters=RetryFilter,AvailabilityZoneFilter,ComputeFilter,ComputeCapabilitiesFilter,ImagePropertiesFilter,ServerGroupAntiAffinityFilter,ServerGroupAffinityFilter" /etc/nova/nova.conf
sed -i "/\[filter_scheduler]$/ahost_subset_size = 9999999" /etc/nova/nova.conf
sed -i "/\[ironic]/auser_domain_name = default" /etc/nova/nova.conf
sed -i "/\[ironic]/aproject_domain_name = default" /etc/nova/nova.conf
sed -i "/\[ironic]/apassword = $all_pwd" /etc/nova/nova.conf
sed -i "/\[ironic]/ausername = ironic" /etc/nova/nova.conf
sed -i "/\[ironic]/aproject_name = service" /etc/nova/nova.conf
sed -i "/\[ironic]/aauth_url = http://$ctrl_ip:5000" /etc/nova/nova.conf
sed -i "/\[ironic]/aauth_type = password" /etc/nova/nova.conf
sed -i "/\[ironic]/aendpoint_override = http://$ctrl_ip:6385" /etc/nova/nova.conf
#set [quota] :Modify the number of instances, cores, and memory to be unlimited
sed -i "/\[quota]/aram=-1" /etc/nova/nova.conf
sed -i "/\[quota]/acores=-1" /etc/nova/nova.conf
sed -i "/\[quota]/ainstances=-1" /etc/nova/nova.conf
systemctl restart openstack-nova-*
systemctl status openstack-nova-*
sleep 2
Install openstack-ironic-ui
yum install openstack-ironic-ui -y
#如果重启一次ironic界面出不来,那就在restart一次,我也不知道为什么-_-!
systemctl restart httpd
systemctl status httpd
#
##
#检测xinetd服务器用端口的准确性!
echo "We need to detect xinetd service"
netstat -lpun
echo "udp 0 0 0.0.0.0:69 0.0.0.0:* 2972/xinetd"
echo "If you do not have the above information"
echo "Your xinetd service have some error, you need test xinetd's configuration file!"