Welcome to part 7, the final blog post in my series, Deploying Private Cloud at Home, where I will be sharing the scripts to configure controller and computer nodes. In my previous post, part six, I demonstrated how to configure the controller and compute nodes.
Kindly update the script with the password you want and then execute. I am assuming here that this is a fresh installation and no service is configured on the nodes.
Below script configures controller node, and has two parts
- Pre compute node configuration
- Post compute node configuration
The “config-controller.sh -pre” will run the pre compute node configuration and prepare the controller node and OpenStack services. “config-controller.sh -post” will run the post compute node configuration of the controller node as these services are dependant of compute node services.
config-controller.sh
#!/bin/bash
#Configure controller script v 4.4
#############################################
# Rohan Bhagat ##################
# Email:Me at rohanbhagat.com ###############
#############################################
#set variables used in the configuration
#Admin user password
ADMIN_PASS=YOUR_PASSWORD
#Demo user password
DEMO_PASS=YOUR_PASSWORD
#Keystone database password
KEYSTONE_DBPASS=YOUR_PASSWORD
#Admin user Email
ADMIN_EMAIL=YOUR_EMAIL
#Demo user Email
DEMO_EMAIL=YOUR_EMAIL
#Glance db user pass
GLANCE_DBPASS=YOUR_PASSWORD
#Glance user pass
GLANCE_PASS=YOUR_PASSWORD
#Glance user email
GLANCE_EMAIL=YOUR_EMAIL
#Nova db user pass
NOVA_DBPASS=YOUR_PASSWORD
#Nova user pass
NOVA_PASS=YOUR_PASSWORD
#Nova user Email
NOVA_EMAIL=YOUR_EMAIL
#Neutron db user pass
NEUTRON_DBPASS=YOUR_PASSWORD
#Neutron user pass
NEUTRON_PASS=YOUR_PASSWORD
#Neutron user email
NEUTRON_EMAIL=YOUR_EMAIL
#Metadata proxy pass
METADATA_SECRET=YOUR_PASSWORD
#IP to be declared for controller
MY_IP=192.168.1.140
#FQDN for controller hostname or IP
CONTROLLER=controller
#MYSQL root user pass
MYSQL_PASS=YOUR_PASSWORD
#Heat db user pass
HEAT_DBPASS=YOUR_PASSWORD
#Heat user pass
HEAT_PASS=YOUR_PASSWORD
#Heat user email
HEAT_EMAIL=YOUR_EMAIL
#IP range for VM Instances
RANGE=192.168.1.16\\/28
#Secure MySQL
MYSQL_ROOT_PASSWORD=YOUR_PASSWORD
#Current MySQL root password leave blank if you have not configured MySQL
CURNT_PASS=""
# Get versions:
SCRIPT_VER="v4.4"
if [ "$1" = "--version" -o "$1" = "-v" ]; then
echo "`basename $0` script version $SCRIPT_VER"
exit 0
elif [ "$1" = "" ] || [ "$1" = "--help" ]; then
echo "Configures controller node with pre compute and post compute deployment settings"
echo "Usage:"
echo " `basename $0` [--help | --version | -pre | -post]"
exit 0
elif [ "$1" = "-pre" ]; then
echo "============================================="
echo "This installation script is based on OpenStack icehouse guide"
echo "Found https://docs.openstack.org/icehouse/install-guide/install/yum/content/index.html"
echo "============================================="
echo "============================================="
echo "controller configuration started"
echo "============================================="
echo "Installing MySQL packages"
yum install -y mysql mysql-server MySQL-python
echo "Installing RDO OpenStack repo"
yum install -y https://repos.fedorapeople.org/repos/openstack/openstack-icehouse/rdo-release-icehouse-4.noarch.rpm
echo "Installing openstack keystone, qpid Identity Service, and required packages for controller"
yum install -y yum-plugin-priorities openstack-utils mysql mysql-server MySQL-python qpid-cpp-server openstack-keystone python-keystoneclient expect
echo "Modification of qpid config file"
perl -pi -e 's,auth=yes,auth=no,' /etc/qpidd.conf
chkconfig qpidd on
service qpidd start
echo "Configuring mysql database server"
cat > /etc/my.cnf <&1 | grep -q token_flush) || echo '@hourly /usr/bin/keystone-manage token_flush >/var/log/keystone/keystone-tokenflush.log 2>&1' >> /var/spool/cron/keystone
echo "Define users, tenants, and roles"
export OS_SERVICE_TOKEN=$ADMIN_TOKEN
export OS_SERVICE_ENDPOINT=https://$CONTROLLER:35357/v2.0
echo "keystone admin creation"
keystone user-create --name=admin --pass=$ADMIN_PASS --email=$ADMIN_EMAIL
keystone role-create --name=admin
keystone tenant-create --name=admin --description="Admin Tenant"
keystone user-role-add --user=admin --tenant=admin --role=admin
keystone user-role-add --user=admin --role=_member_ --tenant=admin
echo "keystone demo creation"
keystone user-create --name=demo --pass=$DEMO_PASS --email=$DEMO_EMAIL
keystone tenant-create --name=demo --description="Demo Tenant"
keystone user-role-add --user=demo --role=_member_ --tenant=demo
keystone tenant-create --name=service --description="Service Tenant"
echo "Create a service entry for the Identity Service"
keystone service-create --name=keystone --type=identity --description="OpenStack Identity"
keystone endpoint-create --service-id=$(keystone service-list | awk '/ identity / {print $2}') \
--publicurl=https://$CONTROLLER:5000/v2.0 \
--internalurl=https://$CONTROLLER:5000/v2.0 \
--adminurl=https://$CONTROLLER:35357/v2.0
echo "Verify Identity service installation"
unset OS_SERVICE_TOKEN OS_SERVICE_ENDPOINT
echo "Request a authentication token by using the admin user and the password you chose for that user"
keystone --os-username=admin --os-password=$ADMIN_PASS \
--os-auth-url=https://$CONTROLLER:35357/v2.0 token-get
keystone --os-username=admin --os-password=$ADMIN_PASS \
--os-tenant-name=admin --os-auth-url=https://$CONTROLLER:35357/v2.0 \
token-get
cat > /root/admin-openrc.sh <<EOF
export OS_USERNAME=admin
export OS_PASSWORD=$ADMIN_PASS
export OS_TENANT_NAME=admin
export OS_AUTH_URL=https://controller:35357/v2.0
EOF
source /root/admin-openrc.sh
echo "keystone token-get"
keystone token-get
echo "keystone user-list"
keystone user-list
echo "keystone user-role-list --user admin --tenant admin"
keystone user-role-list --user admin --tenant admin
echo "Install the Image Service"
yum install -y openstack-glance python-glanceclient
openstack-config --set /etc/glance/glance-api.conf database connection mysql://glance:[email protected]$CONTROLLER/glance
openstack-config --set /etc/glance/glance-registry.conf database connection mysql://glance:[email protected]$CONTROLLER/glance
echo "configure glance database"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "CREATE DATABASE glance;"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$GLANCE_DBPASS';"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$GLANCE_DBPASS';"
echo "Create the database tables for the Image Service"
su -s /bin/sh -c "glance-manage db_sync" glance
echo "creating glance user"
keystone user-create --name=glance --pass=$GLANCE_PASS --email=$GLANCE_EMAIL
keystone user-role-add --user=glance --tenant=service --role=admin
echo "glance configuration"
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_uri https://$CONTROLLER:5000
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_host $CONTROLLER
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_user glance
openstack-config --set /etc/glance/glance-api.conf keystone_authtoken admin_password $GLANCE_PASS
openstack-config --set /etc/glance/glance-api.conf paste_deploy flavor keystone
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_uri https://$CONTROLLER:5000
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_host $CONTROLLER
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_user glance
openstack-config --set /etc/glance/glance-registry.conf keystone_authtoken admin_password $GLANCE_PASS
openstack-config --set /etc/glance/glance-registry.conf paste_deploy flavor keystone
echo "Register the Image Service with the Identity service"
keystone service-create --name=glance --type=image --description="OpenStack Image Service"
keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ image / {print $2}') \
--publicurl=https://$CONTROLLER:9292 \
--internalurl=https://$CONTROLLER:9292 \
--adminurl=https://$CONTROLLER:9292
echo "Start the glance-api and glance-registry services"
service openstack-glance-api start
service openstack-glance-registry start
chkconfig openstack-glance-api on
chkconfig openstack-glance-registry on
echo "Testing image service"
echo "Download the cloud image"
wget -q https://cdn.download.cirros-cloud.net/0.3.2/cirros-0.3.2-x86_64-disk.img -O /root/cirros-0.3.2-x86_64-disk.img
echo "Upload the image to the Image Service"
source /root/admin-openrc.sh
glance image-create --name "cirros-0.3.2-x86_64" --disk-format qcow2 \
--container-format bare --is-public True \
--progress < /root/cirros-0.3.2-x86_64-disk.img
echo "Install Compute controller services"
yum install -y openstack-nova-api openstack-nova-cert openstack-nova-conductor openstack-nova-console openstack-nova-novncproxy openstack-nova-scheduler python-novaclient
source /root/admin-openrc.sh
echo "Configure compute database"
openstack-config --set /etc/nova/nova.conf database connection mysql://nova:[email protected]$CONTROLLER/nova
echo "configuration keys to configure Compute to use the Qpid message broker"
openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid
openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $CONTROLLER
source /root/admin-openrc.sh
echo "Set the my_ip, vncserver_listen, and vncserver_proxyclient_address configuration options"
echo "to the management interface IP address of the $CONTROLLER node"
openstack-config --set /etc/nova/nova.conf DEFAULT my_ip $MY_IP
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen $MY_IP
openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address $MY_IP
echo "Create a nova database user"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "CREATE DATABASE nova;"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$NOVA_DBPASS';"
mysql -uroot -p$MYSQL_PASS -hlocalhost -e "GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$NOVA_DBPASS';"
echo "Create the Compute service tables"
su -s /bin/sh -c "nova-manage db sync" nova
echo "Create a nova user that Compute uses to authenticate with the Identity Service"
keystone user-create --name=nova --pass=$NOVA_PASS --email=$NOVA_EMAIL
keystone user-role-add --user=nova --tenant=service --role=admin
echo "Configure Compute to use these credentials with the Identity Service running on the controller"
openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri https://$CONTROLLER:5000
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $CONTROLLER
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS
echo "Register Compute with the Identity Service"
keystone service-create --name=nova --type=compute --description="OpenStack Compute"
keystone endpoint-create \
--service-id=$(keystone service-list | awk '/ compute / {print $2}') \
--publicurl=https://$CONTROLLER:8774/v2/%\(tenant_id\)s \
--internalurl=https://$CONTROLLER:8774/v2/%\(tenant_id\)s \
--adminurl=https://$CONTROLLER:8774/v2/%\(tenant_id\)s
echo "Start Compute services and configure them to start when the system boots"
service openstack-nova-api start
service openstack-nova-cert start
service openstack-nova-consoleauth start
service openstack-nova-scheduler start
service openstack-nova-conductor start
service openstack-nova-novncproxy start
chkconfig openstack-nova-api on
chkconfig openstack-nova-cert on
chkconfig openstack-nova-consoleauth on
chkconfig openstack-nova-scheduler on
chkconfig openstack-nova-conductor on
chkconfig openstack-nova-novncproxy on
echo "To verify your configuration, list available images"
echo "nova image-list"
sleep 5
source /root/admin-openrc.sh
nova image-list
fi
if [ "$1" = "-post" ]; then
#set variables used in the configuration
source /root/admin-openrc.sh
############OpenStack Networking start here##############
echo "configure legacy networking"
openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.api.API
openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api nova
echo "Restart the Compute services"
service openstack-nova-api restart
service openstack-nova-scheduler restart
service openstack-nova-conductor restart
echo "Create the network"
source /root/admin-openrc.sh
nova network-create vmnet --bridge br0 --multi-host T --fixed-range-v4 $RANGE
echo "Verify creation of the network"
nova net-list
############OpenStack Legacy ends##############
echo "Install the dashboard"
yum install -y mod_wsgi openstack-dashboard
echo "Configure openstack dashborad"
sed -i 's/horizon.example.com/\*/g' /etc/openstack-dashboard/local_settings
echo "Start the Apache web server and memcached"
service httpd start
chkconfig httpd on
fi
Below is the config-compute.sh script which configures compute node
config-compute.sh
#!/bin/bash #configure comutue script v4 ############################################# # Rohan Bhagat ################## # Email:Me at rohanbhagat.com ############### ############################################# #set variables used in the configuration #Nova user pass NOVA_PASS=YOUR_PASSWORD #NEUTRON user pass NEUTRON_PASS=YOUR_PASSWORD #Nova db user pass NOVA_DBPASS=YOUR_PASSWORD FLAT_INTERFACE=eth0 PUB_INTERFACE=eth0 #FQDN for $CONTROLLER hostname or IP CONTROLLER=controller #IP of the compute node MY_IP=192.168.1.142 echo "=============================================" echo "This installation script is based on OpenStack icehouse guide" echo "Found https://docs.openstack.org/icehouse/install-guide/install/yum/content/index.html" echo "=============================================" echo "=============================================" echo "compute configuration started" echo "=============================================" echo "Install the MySQL Python library" yum install -y MySQL-python echo "Install the Compute packages" yum install -y openstack-nova-compute openstack-utils echo "Edit the /etc/nova/nova.conf configuration file" openstack-config --set /etc/nova/nova.conf database connection mysql://nova:[email protected]$CONTROLLER/nova openstack-config --set /etc/nova/nova.conf DEFAULT auth_strategy keystone openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_uri https://$CONTROLLER:5000 openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_host $CONTROLLER openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_protocol http openstack-config --set /etc/nova/nova.conf keystone_authtoken auth_port 35357 openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_user nova openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_tenant_name service openstack-config --set /etc/nova/nova.conf keystone_authtoken admin_password $NOVA_PASS echo "Configure the Compute service to use the Qpid message broker" openstack-config --set /etc/nova/nova.conf DEFAULT rpc_backend qpid openstack-config --set /etc/nova/nova.conf DEFAULT qpid_hostname $CONTROLLER echo "Configure Compute to provide remote console access to instances" openstack-config --set /etc/nova/nova.conf DEFAULT my_ip $MY_IP openstack-config --set /etc/nova/nova.conf DEFAULT vnc_enabled True openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0 openstack-config --set /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address $MY_IP openstack-config --set /etc/nova/nova.conf DEFAULT novncproxy_base_url https://$CONTROLLER:6080/vnc_auto.html echo "Specify the host that runs the Image Service" openstack-config --set /etc/nova/nova.conf DEFAULT glance_host $CONTROLLER echo "Start the Compute service and its dependencies. Configure them to start automatically when the system boots" service libvirtd start service messagebus start service openstack-nova-compute start chkconfig libvirtd on chkconfig messagebus on chkconfig openstack-nova-compute on echo "kernel networking functions" perl -pi -e 's,net.ipv4.ip_forward = 0,net.ipv4.ip_forward = 1,' /etc/sysctl.conf perl -pi -e 's,net.ipv4.conf.default.rp_filter = 1,net.ipv4.conf.default.rp_filter = 0,' /etc/sysctl.conf echo "net.ipv4.conf.all.rp_filter=0" >> /etc/sysctl.conf sysctl -p echo "Install legacy networking components" yum install -y openstack-nova-network openstack-nova-api sleep 5 echo "Configure legacy networking" openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.api.API openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api nova openstack-config --set /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver openstack-config --set /etc/nova/nova.conf DEFAULT network_size 254 openstack-config --set /etc/nova/nova.conf DEFAULT allow_same_net_traffic False openstack-config --set /etc/nova/nova.conf DEFAULT multi_host True openstack-config --set /etc/nova/nova.conf DEFAULT send_arp_for_ha True openstack-config --set /etc/nova/nova.conf DEFAULT share_dhcp_address True openstack-config --set /etc/nova/nova.conf DEFAULT force_dhcp_release True openstack-config --set /etc/nova/nova.conf DEFAULT flat_network_bridge br0 openstack-config --set /etc/nova/nova.conf DEFAULT flat_interface $FLAT_INTERFACE openstack-config --set /etc/nova/nova.conf DEFAULT public_interface $PUB_INTERFACE echo "Start the services and configure them to start when the system boots" service openstack-nova-network start service openstack-nova-metadata-api start chkconfig openstack-nova-network on chkconfig openstack-nova-metadata-api on echo "Now restart networking" service network restart echo "Compute node configuration competed" echo "Now you can run config-congroller.sh -post on the controller node" echo "To complete the OpenStack configuration"
No comments