diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README-FULL.md b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README-FULL.md new file mode 100644 index 0000000..caab7b7 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README-FULL.md @@ -0,0 +1,261 @@ +#### Hướng dẫn thực thi script cài đặt OpenStack Newton không có HA + +### A. MÔI TRƯỜNG LAB +- Giả lập trên VMware Workstatios, hoặc ESX hoặc Virtualbox hoặc KVM hoặc máy vật lý. +- Centos 7.3 Server 64 bit - 1611 + +### B. MÔ HÌNH + +##### Mô hình tối thiểu +== + +![topo-openstack-queens-toithieu.png](/images/queens-images/topo-openstack-queens-toithieu.png) + +##### Mô hình đầy đủ += + +![topo-openstack-queens-full.png](/images/queens-images/topo-openstack-queens-full.png) + + +### C. IP PLANNING + + +![noha_ip_planning.png](/images/queens-images/IP_Planning_queens.png) + + +## 1. Các bước thực hiện + +### 1.1. Đặt IP theo IP Planning cho từng node. +#### Thực hiện trên Controller1 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash ctl_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.211` để ssh vào và thực hiện theo các bước dưới trên node controller1. + + +#### Thực hiện trên Compute1 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash com1_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.212` để ssh vào và thực hiện theo các bước dưới trên node compute1. + +#### Thực hiện trên Compute2 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash com2_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.213` để ssh vào và thực hiện theo các bước dưới trên node compute2. + +## Thực hiện script cài đặt OpenStack +### 2. Thực hiện cài đặt trên Controller +#### 2.1. Thực thi các script cài đặt trên controller1 + +- Đứng trên node CTL1 và thực hiện các bước dưới. +- Đăng nhập sau đó chuyển sang quyền root + ```sh + su - + ``` + +- Cài đặt git và script cài đặt. + ```sh + cd Ubuntu/ + ``` + +- Thực thi script cài đặt các gói bổ trợ trên node controller1 + + ```sh + bash ctl_01_env.sh + ``` + +- Thực thi script cài đặt keystone trên controller1 + + ```sh + bash ctl_02_keystone.sh + ``` + +Sau khi chạy xong script cài đặt keystone, script sẽ sinh ra các file tại `/root/admin-openrc` dùng để xác thực với OpenStack, sử dụng lệnh dưới mỗi khi thao tác với openstack thông qua CLI. + + ```sh + source /root/admin-openrc + ``` + +- Thực thi script cài đặt glance trên controller1 + + ```sh + bash ctl_03_glance.sh + ``` + +- Thực thi script cài đặt nova trên controller1 + + ```sh + bash ctl_04_nova.sh + ``` + + +- Thực thi script cài đặt neutron trên controller1 + + ```sh + bash ctl_05_neutron.sh + ``` + +- Tới đây có 02 lựa chọn cho việc cài cinder thực hiện script dưới và nhập tùy chọn là `1` hoặc `2` để lựa chọn. + + ```sh + bash ctl_06_cinder.sh + ``` + - Nhập 1 để cài cinder-volume cùng với controller, lúc này điều kiện cần là có ổ cứng thứ 2 trên controller để tạo các volume. + - Nhập 2 để KHÔNG cài cinder-volume, lúc này cinder-volume sẽ được cài ở node khác. + + +- Thực hiện cài đặt horizon + +```sh +bash ctl_07_horizon.sh +``` + +Lúc này có thể truy cập vào địa chỉ: `http://172.16.68.211/horizon` với Domain là `Default`, User là `admin`, mật khẩu là `Vntp2018` (hoặc xem thêm file `/root/admin-openrc` để biết nếu bạn không nhớ). + +### 3. Thực hiện trên Compute1 và Compute2 +#### 3.1 Thực hiện trên Compute1 + +- SSH vào máy chủ có IP 172.16.68.212 với quyền root +- Thực hiện lệnh dưới để cài các gói môi trường cho `Compute1` + + ```sh + cd /root/queens/ + + bash com1_01_env.sh + ``` + +- Cài đặt Neutron và nova + + ```sh + bash com1_02_nova_neutron.sh + ``` + +#### 3.1 Thực hiện trên Compute2 + +- SSH vào máy chủ có IP 172.16.68.213 với quyền root +- Thực hiện lệnh dưới để cài các gói môi trường cho `Compute2` + + ```sh + cd /root/queens/ + + bash com2_01_env.sh + ``` + +- Cài đặt Neutron và nova + + ```sh + bash com2_02_nova_neutron.sh + ``` + + +### 4. Tạo network, router, flavor, vm + +Tơi bước này có 02 lựa chọn tạo các yêu cầu cần thiết để bắt đầu sử dụng OpenStack. + +#### 4.1. Tạo network, router, flavor, vm bằng script +Trong bộ script đã có sẵn script để tạo ra các hạ tầng bao gồm: Network, Router, Subnet, Flavor, VM, mở rule .... để sử dụng. Thực hiện script sau: + +Đứng trên controller1 và thực hiện các lệnh sau: + +```sh +source /root/admin-openrc +``` + +- Di chuyển vào thư mục chứa script và thực hiện script dưới. Lưu ý thực hiện với quyền root. + + ```sh + cd UbuntuScriptsQueens + + bash creat_vm.sh + ``` + +- Truy cập vào horizon với địa chỉ `http://172.16.68.211/horizon` để quan sát tiếp (mật khẩu xem ở file `/root/admin-openrc` + +Kết quả ta sẽ có giao diện OpenStack tương tự như hình dưới + +![queens-vm-provider01.png](/images/queens-images/queens-vm-provider01.png) + + +#### 4.2. Tạo network, router, flavor, vm bằng Web + +- Truy cập vào horizon với địa chỉ `http://172.16.68.211/horizon` để quan sát tiếp (mật khẩu xem ở file `/root/admin-openrc` + + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README.md b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README.md new file mode 100644 index 0000000..382d2f5 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/README.md @@ -0,0 +1 @@ +# Script cài đặt OpenStack Victoria All In One trên Ubuntu Server 20.04 diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh new file mode 100644 index 0000000..189f138 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh @@ -0,0 +1,268 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install nova-compute +function nova_install () { + echocolor "Install nova-compute" + sleep 3 + apt install nova-compute -y +} + +# Function edit /etc/nova/nova.conf file +function nova_config () { + echocolor "Edit /etc/nova/nova.conf file" + sleep 3 + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novafile $novafilebak + cp $novacomputefile $novacomputefilebak + egrep -v "^$|^#" $novafilebak > $novafile + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $COM1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) +} + +# Function finalize installation +function nova_resart () { + echocolor "Finalize installation" + sleep 3 + service nova-compute restart +} + +function neutron_install () { + echocolor "Install the components Neutron" + sleep 3 + + apt install -y neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent + apt install -y neutron-common neutron-plugin-ml2 +} + +# Function configure the common component +function neutron_config_server_component () { + echocolor "Configure the common component" + sleep 3 + + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + ops_add $neutronfile DEFAULT allow_overlapping_ips True + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/tmp + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $COM1_IP_NIC1 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function restart installation +function neutron_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-compute + systemctl enable nova-compute + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Install nova-compute +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Edit /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + +# Finalize installation +sendtelegram "Thuc thi nova_resart tren `hostname`" +nova_resart + +# Install the components Neutron +sendtelegram "Thuc thi neutron_install tren `hostname`" +neutron_install + +# Configure the common component +sendtelegram "Thuc thi neutron_config_server_component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Thuc thi neutron_config_linuxbridge tren `hostname`" +neutron_config_linuxbridge + +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the Compute service to use the Networking service +#neutron_config_compute_use_network + +# Restart installation +sendtelegram "Thuc thi neutron_restart tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/config.cfg b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/config.cfg new file mode 100644 index 0000000..cbeec02 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/config.cfg @@ -0,0 +1,83 @@ +########################################## +### Khai bao cac thanh phan cai dat + +CINDER_AIO=yes + +########################################## + +### Hostname cho cac may CONTROLLER +CTL1_HOSTNAME=openstackaio + + +### INTERFACE INFO + +INTERFACE_MGNT_DATA_VM=eth2 +INTERFACE_PUBLIC=eth3 + +# INTERFACE_PROVIDER trung voi INTERFACE_PUBLIC +INTERFACE_PROVIDER=eth3 + +### NETWORK INFO +NETMASK_NIC1=255.255.255.0 +NETMASK_NIC2=255.255.255.0 +GATAWAY_NIC1=172.16.70.1 +GATAWAY_NIC2=172.16.71.1 + +### IP Address CONTROLLER +CTL1_IP_NIC1=127.0.0.1 +CTL1_IP_NIC2=172.16.70.188 +CTL1_IP_NIC3=172.16.71.188 + + +### Khai bao network danh cho VM trong openstack ### +## IP PRIVATE Network for VMs +PRIVATE_IP_START=172.16.85.10 +PRIVATE_IP_END=172.16.85.90 +PRIVATE_DNS=8.8.8.8 +PRIVATE_GATEWAY=172.16.85.1 +PRIVATE_SUBNET=172.16.85.0/24 + + +### IP PROVIDER Network for VMs +PROVIDER_IP_START=172.16.71.200 +PROVIDER_IP_END=172.16.71.220 +PROVIDER_DNS=8.8.8.8 +PROVIDER_GATEWAY=172.16.71.1 +PROVIDER_SUBNET=172.16.71.0/24 +######################################################### + +### Pass default +PASS_DEFAULT='Welcome123' + +### Password cho MariaDB +PASS_DATABASE_ROOT=$PASS_DEFAULT +PASS_DATABASE_KEYSTONE=$PASS_DEFAULT +PASS_DATABASE_NOVA=$PASS_DEFAULT +PASS_DATABASE_NOVA_API=$PASS_DEFAULT +PASS_DATABASE_NOVA_CELL=$PASS_DEFAULT +PASS_DATABASE_NEUTRON=$PASS_DEFAULT +PASS_DATABASE_GLANCE=$PASS_DEFAULT +PASS_DATABASE_CINDER=$PASS_DEFAULT +PASS_DATABASE_SWIFT=$PASS_DEFAULT +PASS_DATABASE_CEILOMTER=$PASS_DEFAULT +PASS_DATABASE_AODH=$PASS_DEFAULT +PASS_DATABASE_GNOCCHI=$PASS_DEFAULT +PASS_DATABASE_OCTAVIA=$PASS_DEFAULT + +### Password openstack service +RABBIT_PASS=$PASS_DEFAULT +METADATA_SECRET=$PASS_DEFAULT +ADMIN_PASS=$PASS_DEFAULT +DEMO_PASS=$PASS_DEFAULT +GLANCE_PASS=$PASS_DEFAULT +NOVA_PASS=$PASS_DEFAULT +NOVA_API_PASS=$PASS_DEFAULT +PLACEMENT_PASS=$PASS_DEFAULT +CINDER_PASS=$PASS_DEFAULT +SWIFT_PASS=$PASS_DEFAULT +NEUTRON_PASS=$PASS_DEFAULT +CEILOMETER_PASS=$PASS_DEFAULT +GNOCCHI_PASS=$PASS_DEFAULT +OCTAVIA_PASS=$PASS_DEFAULT +AODH_PASS=$PASS_DEFAULT + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/controller.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/controller.sh new file mode 100644 index 0000000..6bc70a5 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/controller.sh @@ -0,0 +1,40 @@ +#!/bin/bash +#Author HOC CHU DONG + +TIMEDATE_EXEC="$(date "+%d/%m/%Y %H:%M")" + +source function.sh +source config.cfg +TIMEDATE_START=`date +%s.%N` + +./ctl_01_env.sh +sleep 5 + +./ctl_02_keystone.sh +sleep 5 + +./ctl_03_glance.sh +sleep 5 + +./ctl_04_nova.sh +sleep 5 + +./ctl_05_neutron.sh +sleep 5 + +./ctl_06_cinder.sh +sleep 5 + +./ctl_07_horizon.sh +sleep 3 + +TIMEDATE_END=`date +%s.%N` +TIMEDATE_TOTAL_TEMP=$( echo "$TIMEDATE_END - $TIMEDATE_START" | bc -l ) +TIMEDATE_TOTAL=$(cut -c-6 <<< "$TIMEDATE_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIMEDATE_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIMEDATE_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-lb.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-lb.sh new file mode 100644 index 0000000..3ff0ce8 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-lb.sh @@ -0,0 +1,72 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg +source /root/admin-openrc + +wget https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + +echocolor "Tao image Ubuntu 18" +openstack image create --disk-format qcow2 --container-format bare \ + --public --file ./bionic-server-cloudimg-amd64.img bionic-server-cloudimg-amd64 + +sleep 10 +openstack flavor create --ram 1024 --disk 8 --vcpus 1 --public small + +ssh-keygen -N "" -f /root/.ssh/id_rsa + +openstack keypair create --public-key ~/.ssh/id_rsa.pub controller-key + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP \ + --network selfservice \ + ubuntu01 + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP\ + --network selfservice \ + ubuntu02 + +sleep 60 +echocolor "Tao LB" +openstack loadbalancer create --name lb01 --vip-subnet-id sub_selfservice + +sleep 600 +echocolor "Tao listener cho LB" +openstack loadbalancer listener create --name listener01 --protocol TCP --protocol-port 80 lb01 + +sleep 60 +echocolor "Tao pool cho LB" +openstack loadbalancer pool create --name pool01 --lb-algorithm ROUND_ROBIN --listener listener01 --protocol TCP + +IP_VM01=`openstack server list | egrep ubuntu01 | awk '{print $8}' | awk -F= '{print $2}'` +IP_VM02=`openstack server list | egrep ubuntu02 | awk '{print $8}' | awk -F= '{print $2}'` + +sleep 60 +echocolor "Gan $IP_VM01 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM01 --protocol-port 80 pool01 + +sleep 60 +echocolor "Gan $IP_VM02 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM02 --protocol-port 80 pool01 + +sleep 60 +echocolor "Liet ke member cua LB" +openstack loadbalancer member list pool01 + +echocolor "Cap floating IP cho LB" +openstack floating ip create public + +echocolor "I.AM.OK" diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm01.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm01.sh new file mode 100644 index 0000000..ddfa184 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm01.sh @@ -0,0 +1,53 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +################# +echocolor "Tao flavor" +sleep 3 +openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano + +echocolor "Mo rule can thiet" +sleep 5 + +openstack security group rule create --protocol icmp $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 22 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 80:80 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +echocolor "Tao provider network" +sleep 3 +openstack network create --share --external \ + --provider-physical-network provider \ + --provider-network-type flat provider + +echocolor "Tao subnet cho provider network" +sleep 3 +openstack subnet create --network provider \ + --allocation-pool start=$PROVIDER_IP_START,end=$PROVIDER_IP_END \ + --dns-nameserver $PROVIDER_DNS --gateway $PROVIDER_GATEWAY \ + --subnet-range $PROVIDER_SUBNET sub_provider + +echocolor "Tao VM gan vao provider network" +sleep 5 + +PROVIDER_NET_ID=`openstack network list | egrep -w provider | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PROVIDER_NET_ID --security-group $ID_SECURITY_GROUP \ + provider-VM1 + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0" +sendtelegram "Da tao xong VM" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm02.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm02.sh new file mode 100644 index 0000000..4ca20e6 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-vm02.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +############################################################################### +## Init enviroiment source +source config.cfg +source function.sh + +############################################################################### +echocolor "Tao private network (selfservice network)" +sleep 3 +openstack network create selfservice + +echocolor "Tao subnnet cho private network" +sleep 3 + openstack subnet create --network selfservice \ + --dns-nameserver $PRIVATE_DNS --gateway $PRIVATE_GATEWAY \ + --subnet-range $PRIVATE_SUBNET sub_selfservice + +echocolor "Tao va gan inteface cho ROUTER" +sleep 3 +openstack router create R1 +openstack router set --external-gateway provider R1 +openstack router add subnet R1 sub_selfservice + +echocolor "Tao may ao gan vao private network (selfservice network)" +sleep 5 +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +PRIVATE_NET_ID=`openstack network list | egrep -w selfservice | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PRIVATE_NET_ID --security-group $ID_SECURITY_GROUP \ + selfservice-VM1 + +echocolor "Floatig IP" +sleep 5 +FLOATING_IP=`openstack floating ip create provider | egrep -w floating_ip_address | awk '{print $4}'` +openstack server add floating ip selfservice-VM1 $FLOATING_IP \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-volume1.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-volume1.sh new file mode 100644 index 0000000..01a86ce --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/create-volume1.sh @@ -0,0 +1,13 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +openstack volume create --size 10 disk01 + +sleep 10 + +openstack server add volume provider-VM1 disk01 \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh new file mode 100644 index 0000000..a1971b8 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# Author: HOC CHU DONG + +function echocolor { + echo "#######################################################################" + echo "$(tput setaf 3)##### $1 #####$(tput sgr0)" + echo "#######################################################################" + +} + +source config.cfg + +# Function config hostname +function config_hostname () { +echo "$CTL1_HOSTNAME" > /etc/hostname +echo "127.0.0.1 locahost $CTL1_HOSTNAME" > /etc/hosts +echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" >> /etc/hosts +echo "$COM1_IP_NIC2 $COM1_HOSTNAME" >> /etc/hosts +echo "$COM2_IP_NIC2 $COM2_HOSTNAME" >> /etc/hosts +echo "$CINDER1_IP_NIC2 $CINDER1_HOSTNAME" >> /etc/hosts +} + +# Function IP address +function config_ip () { + +cat << EOF > /etc/network/interfaces +# loopback network interface +auto lo +iface lo inet loopback + +# DATA VM network +auto eth1 +iface ens1 inet static +address $CTL1_IP_NIC1 +netmask $NETMASK_NIC1 + + +### API +auto eth2 +iface eth2 inet static +address $CTL1_IP_NIC2 +netmask $NETMASK_NIC2 +gateway $GATAWAY_NIC2 +dns-nameservers 8.8.8.8 + +# Provider Network +# MGNT +auto eth3 +iface eth3 inet static +address $CTL1_IP_NIC3 +netmask $NETMASK_NIC3 +EOF +} + +####################### +###Execute functions### +####################### + +# Config CONTROLLER node +echocolor "Config CONTROLLER node" +sleep 3 + +## Config hostname +config_hostname + +## IP address +config_ip + + +echocolor "Reboot $CTL1_HOSTNAME node" +init 6 \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_01_env.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_01_env.sh new file mode 100644 index 0000000..911b6a9 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_01_env.sh @@ -0,0 +1,190 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +apt install crudini -y + +source function.sh +source config.cfg + +function config_hostname () { + + hostnamectl set-hostname $CTL1_HOSTNAME + + echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" > /etc/hosts + echo "127.0.0.1 $CTL1_HOSTNAME" >> /etc/hosts + echo "127.0.0.2 localhost" >> /etc/hosts +} + +# Function update and upgrade for CONTROLLER +function update_upgrade () { + echocolor "Update and Update controller" + sleep 3 + apt-get update -y&& apt-get upgrade -y +} + +# Function install and config NTP +function install_ntp () { + echocolor "Install NTP" + sleep 3 + + apt-get install chrony -y + ntpfile=/etc/chrony/chrony.conf + + sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ +pool 2.debian.pool.ntp.org offline iburst \ +server 0.asia.pool.ntp.org iburst \ +server 1.asia.pool.ntp.org iburst/g' $ntpfile + + echo "allow 172.16.70.0/24" >> $ntpfile + + service chrony restart +} + +# Function install OpenStack packages (python-openstackclient) +function install_ops_packages () { + echocolor "Install OpenStack client" + sleep 3 + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:victoria -y + # sudo echo "deb http://172.16.70.131:8081/repository/u20victoria/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list + + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y + + systemctl disable ufw + systemctl stop ufw +} + +function install_database() { + echocolor "Install and Config MariaDB" + sleep 3 + + echo mariadb-server-10.0 mysql-server/root_password $PASS_DATABASE_ROOT | debconf-set-selections + echo mariadb-server-10.0 mysql-server/root_password_again $PASS_DATABASE_ROOT | debconf-set-selections + + sudo apt install mariadb-server python3-pymysql -y + + + sed -r -i 's/127\.0\.0\.1/0\.0\.0\.0/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/character-set-server = utf8mb4/character-set-server = utf8/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/collation-server/#collation-server/' /etc/mysql/mariadb.conf.d/50-server.cnf + + systemctl restart mysql + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF + + sqlfile=/etc/mysql/mariadb.conf.d/99-openstack.cnf + touch $sqlfile + ops_add $sqlfile client default-character-set utf8 + ops_add $sqlfile mysqld bind-address 0.0.0.0 + ops_add $sqlfile mysqld default-storage-engine innodb + ops_add $sqlfile mysqld innodb_file_per_table + ops_add $sqlfile mysqld max_connections 4096 + ops_add $sqlfile mysqld collation-server utf8_general_ci + ops_add $sqlfile mysqld character-set-server utf8 + + echocolor "Restarting MYSQL" + sleep 5 + systemctl restart mysql + +} + +# Function install message queue +function install_mq () { + echocolor "Install Message queue (rabbitmq)" + sleep 3 + + sudo apt -y install rabbitmq-server memcached python3-pymysql + rabbitmqctl add_user openstack $RABBIT_PASS + rabbitmqctl set_permissions openstack ".*" ".*" ".*" +} + +# Function install Memcached +function install_memcached () { + echocolor "Install Memcached" + sleep 3 + + apt-get install memcached python3-memcache -y + memcachefile=/etc/memcached.conf + sed -i 's|-l 127.0.0.1|'"-l $CTL1_IP_NIC2"'|g' $memcachefile + + systemctl restart mariadb rabbitmq-server memcached +} + +# Function install Memcached +function install_etcd () { + echocolor "Install etcd" + sleep 3 + + apt install etcd -y +cat << EOF > /etc/default/etcd +ETCD_NAME="`hostname`" +ETCD_DATA_DIR="/var/lib/etcd" +ETCD_INITIAL_CLUSTER_STATE="new" +ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" +ETCD_ADVERTISE_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" +ETCD_LISTEN_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +EOF + systemctl enable etcd + systemctl restart etcd +} + + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Thuc thi config_hostname tren `hostname`" +config_hostname + +# Update and upgrade for controller +sendtelegram "Thuc thi update_upgrade tren `hostname`" +update_upgrade + +# Install and config NTP +sendtelegram "Thuc thi install_ntp tren `hostname`" +install_ntp + +# OpenStack packages (python-openstackclient) +sendtelegram "Thuc thi install_ops_packages tren `hostname`" +install_ops_packages + +# Install SQL database (Mariadb) +sendtelegram "Thuc thi install_database tren `hostname`" +install_database + +# Install Message queue (rabbitmq) +sendtelegram "Thuc thi install_mq tren `hostname`" +install_mq + +# Install Memcached +sendtelegram "Thuc thi install_memcachedtren `hostname`" +install_memcached + +sendtelegram "Thuc thi install_etc tren `hostname`" +install_etcd + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_02_keystone.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_02_keystone.sh new file mode 100644 index 0000000..89574c5 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_02_keystone.sh @@ -0,0 +1,201 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Keystone +function keystone_create_db () { + echocolor "Create database for Keystone" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE keystone default character set utf8; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function install components of Keystone +function keystone_install () { + echocolor "Install and configure components of Keystone" + sleep 3 + apt -y install keystone python3-openstackclient apache2 libapache2-mod-wsgi-py3 python3-oauth2client libgtk-3-dev + +} + +# Function configure components of Keystone + function keystone_config () { + keystonefile=/etc/keystone/keystone.conf + keystonefilebak=/etc/keystone/keystone.conf.bak + cp $keystonefile $keystonefilebak + egrep -v "^#|^$" $keystonefilebak > $keystonefile + + ops_add $keystonefile database connection mysql+pymysql://keystone:$PASS_DATABASE_KEYSTONE@$CTL1_IP_NIC2/keystone + ops_add $keystonefile cache memcache_servers $CTL1_IP_NIC2:11211 + + ops_add $keystonefile token provider fernet +} + +# Function populate the Identity service database +function keystone_populate_db () { + su -s /bin/sh -c "keystone-manage db_sync" keystone +} + +# Function initialize Fernet key repositories +function keystone_initialize_key () { + keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone + keystone-manage credential_setup --keystone-user keystone --keystone-group keystone +} + +# Function bootstrap the Identity service +function keystone_bootstrap () { + keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \ + --bootstrap-admin-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-internal-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-public-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-region-id RegionOne +} + +# Function configure the Apache HTTP server +function keystone_config_apache () { + echocolor "Configure the Apache HTTP server" + sleep 3 + echo "ServerName $CTL1_HOSTNAME" >> /etc/apache2/apache2.conf +} + +# Function finalize the installation +function keystone_finalize_install () { + echocolor "Finalize the installation" + sleep 3 + service apache2 restart + + systemctl disable ufw + systemctl stop ufw +} + +# Function create domain, projects, users and roles +function keystone_create_domain_project_user_role () { + export OS_USERNAME=admin + export OS_PASSWORD=$ADMIN_PASS + export OS_PROJECT_NAME=admin + export OS_USER_DOMAIN_NAME=Default + export OS_PROJECT_DOMAIN_NAME=Default + export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 + export OS_IDENTITY_API_VERSION=3 + export OS_IMAGE_API_VERSION=2 + + echocolor "Create domain, projects, users and roles" + sleep 3 + + openstack domain create --description "An Example Domain" example + openstack project create --domain default --description "Service Project" service + openstack project create --domain default --description "Demo Project" demo + openstack user create --domain default --password $DEMO_PASS demo + openstack role create user + openstack role add --project demo --user demo user + } + +# Function create OpenStack client environment scripts +keystone_create_opsclient_scripts () { + echocolor "Create OpenStack client environment scripts" + sleep 3 + +cat << EOF > /root/admin-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=$ADMIN_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/admin-openrc + + +cat << EOF > /root/demo-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=demo +export OS_USERNAME=demo +export OS_PASSWORD=$DEMO_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/demo-openrc +} + +# Function verifying keystone +keystone_verify () { + echocolor "Verifying keystone" + sleep 3 + source /root/admin-openrc + openstack token issue +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Keystone +sendtelegram "Thuc thi keystone_create_db tren `hostname`" +keystone_create_db + +# Install components of Keystone +sendtelegram "Thuc thi keystone_install tren `hostname`" +keystone_install + +# Configure components of Keystone +sendtelegram "Thuc thi keystone_config tren `hostname`" +keystone_config + +# Populate the Identity service database +sendtelegram "Thuc thi keystone_populate_db tren `hostname`" +keystone_populate_db + +# Initialize Fernet key repositories +sendtelegram "Thuc thi keystone_initialize_key tren `hostname`" +keystone_initialize_key + +# Bootstrap the Identity service +sendtelegram "Thuc thi keystone_bootstrap tren `hostname`" +keystone_bootstrap + +# Configure the Apache HTTP server +sendtelegram "Thuc thi keystone_config_apache tren `hostname`" +keystone_config_apache + +# Finalize the installation +sendtelegram "Thuc thi keystone_finalize_install tren `hostname`" +keystone_finalize_install + +# Create domain, projects, users and roles +sendtelegram "Thuc thi keystone_create_domain_project_user_role tren `hostname`" +keystone_create_domain_project_user_role + +# Create OpenStack client environment scripts +sendtelegram "Thuc thi keystone_create_opsclient_scripts tren `hostname`" +keystone_create_opsclient_scripts + +# Verifying keystone +sendtelegram "Verifying keystone tren `hostname`" +keystone_verify + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_03_glance.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_03_glance.sh new file mode 100644 index 0000000..f7b6657 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_03_glance.sh @@ -0,0 +1,180 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Glance +function glance_create_db () { + echocolor "Create database for Glance" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE glance default character set utf8; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function create the Glance service credentials +function glance_create_service () { + echocolor "Set variable environment for admin user" + sleep 3 + source /root/admin-openrc + + echocolor "Create the service credentials" + sleep 3 + + openstack user create --domain default --password $GLANCE_PASS glance + openstack role add --project service --user glance admin + openstack service create --name glance --description "OpenStack Image" image + + openstack endpoint create --region RegionOne image public http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image internal http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image admin http://$CTL1_IP_NIC2:9292 +} + +# Function install components of Glance +function glance_install () { + echocolor "Install and configure components of Glance" + sleep 3 + + apt install glance -y +} + +# Function config /etc/glance/glance-api.conf file +function glance_config_api () { + glanceapifile=/etc/glance/glance-api.conf + glanceapifilebak=/etc/glance/glance-api.conf.bak + cp $glanceapifile $glanceapifilebak + egrep -v "^#|^$" $glanceapifilebak > $glanceapifile + + ops_add $glanceapifile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + ops_add $glanceapifile DEFAULT bind_host 0.0.0.0 + + ops_add $glanceapifile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $glanceapifile keystone_authtoken auth_type password + ops_add $glanceapifile keystone_authtoken project_domain_name default + ops_add $glanceapifile keystone_authtoken user_domain_name default + ops_add $glanceapifile keystone_authtoken project_name service + ops_add $glanceapifile keystone_authtoken username glance + ops_add $glanceapifile keystone_authtoken password $GLANCE_PASS + + ops_add $glanceapifile paste_deploy flavor keystone + + ops_add $glanceapifile glance_store stores file,http + ops_add $glanceapifile glance_store default_store file + ops_add $glanceapifile glance_store filesystem_store_datadir /var/lib/glance/images/ +} + +## Function config /etc/glance/glance-registry.conf file +# function glance_config_registry () { + # glanceregistryfile=/etc/glance/glance-registry.conf + # glanceregistryfilebak=/etc/glance/glance-registry.conf.bak + # cp $glanceregistryfile $glanceregistryfilebak + # egrep -v "^#|^$" $glanceregistryfilebak > $glanceregistryfile + + # ops_add $glanceregistryfile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + # ops_add $glanceregistryfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $glanceregistryfile keystone_authtoken auth_type password + # ops_add $glanceregistryfile keystone_authtoken project_domain_name default + # ops_add $glanceregistryfile keystone_authtoken user_domain_name default + # ops_add $glanceregistryfile keystone_authtoken project_name service + # ops_add $glanceregistryfile keystone_authtoken username glance + # ops_add $glanceregistryfile keystone_authtoken password $GLANCE_PASS + + # ops_add $glanceregistryfile paste_deploy flavor keystone +# } + +# Function populate the Image service database +function glance_populate_db () { + echocolor "Populate the Image service database" + sleep 3 + su -s /bin/sh -c "glance-manage db_sync" glance +} + + +# Function restart the Image services +function glance_restart () { + echocolor "Restart the Image services" + sleep 3 + + # service glance-registry restart + systemctl enable glance-api + systemctl start glance-api + + sleep 10 + systemctl restart glance-api +} + +# Function upload image to Glance +function glance_upload_image () { + echocolor "Upload image to Glance" + sleep 3 + source /root/admin-openrc + apt-get install wget -y + wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img + + openstack image create "cirros" \ + --file cirros-0.4.0-x86_64-disk.img \ + --disk-format qcow2 --container-format bare \ + --public + + openstack image list +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Glance +sendtelegram "Thuc thi glance_create_db tren `hostname`" +glance_create_db + +# Create the Glance service credentials +sendtelegram "Thuc thi glance_create_service tren `hostname`" +glance_create_service + +# Install components of Glance +sendtelegram "Thuc thi glance_install va glance_config_api tren `hostname`" +glance_install +glance_config_api + +# Config /etc/glance/glance-registry.conf file +# sendtelegram "Thuc thi glance_config_registry tren `hostname`" +# glance_config_registry + +# Populate the Image service database +sendtelegram "Thuc thi glance_populate_db tren `hostname`" +glance_populate_db + +# Restart the Image services +sendtelegram "Thuc thi glance_restart tren `hostname`" +glance_restart + +# Upload image to Glance +sendtelegram "Thuc thi glance_upload_image tren `hostname`" +glance_upload_image + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_04_nova.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_04_nova.sh new file mode 100644 index 0000000..8bca0d6 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_04_nova.sh @@ -0,0 +1,395 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for placement +function placement_create_db () { + echocolor "Create placement create db for placement" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE placement; + +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create placement +function placement_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + sleep 3 + + ## Create info for placement user + echocolor "Create info for placement user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS placement + openstack role add --project service --user placement admin + openstack service create --name placement --description "Placement API" placement + + openstack endpoint create --region RegionOne placement public http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement internal http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement admin http://$CTL1_IP_NIC2:8778 + +} + +# Function install components of placement +function placement_install () { + echocolor "Install and configure components of placement" + sleep 3 + apt install -y placement-api +} + +# Function config /etc/placement/placement.conf +function placement_config () { + placementfile=/etc/placement/placement.conf + placementfilebak=/etc/placement/placement.conf.bka + cp $placementfile $placementfilebak + egrep -v "^$|^#" $placementfilebak > $placementfile + + ops_add $placementfile placement_database connection mysql+pymysql://placement:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/placement + ops_add $placementfile api auth_strategy keystone + + ops_add $placementfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $placementfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $placementfile keystone_authtoken auth_type password + ops_add $placementfile keystone_authtoken project_domain_name Default + ops_add $placementfile keystone_authtoken user_domain_name Default + ops_add $placementfile keystone_authtoken project_name service + ops_add $placementfile keystone_authtoken username placement + ops_add $placementfile keystone_authtoken password $NOVA_PASS +} + +# Function populate the placement database +function placement_populate_db () { +echocolor "Populate the placement populate db database" +sleep 3 + +su -s /bin/sh -c "placement-manage db sync" placement +} + +# Function restart installation +function placement_restart () { + echocolor "Reload the web server" + sleep 3 + + service apache2 restart +} + +########################################################################################################## +########################################################################################################## +########################################################################################################## + +# Function create database for Nova +function nova_create_db () { + echocolor "Create database for Nova" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE nova_api; +CREATE DATABASE nova_cell0; +CREATE DATABASE nova; + +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA'; +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA'; + +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create infomation for Compute service +function nova_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + echocolor "Create infomation for Compute service" + sleep 3 + + ## Create info for nova user + echocolor "Create info for nova user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS nova + openstack role add --project service --user nova admin + openstack service create --name nova --description "OpenStack Compute" compute + openstack endpoint create --region RegionOne compute public http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute internal http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute admin http://$CTL1_IP_NIC2:8774/v2.1 + +} + +# Function install components of Nova +function nova_install () { + echocolor "Install and configure components of Nova" + sleep 3 + apt install -y nova-api nova-conductor nova-novncproxy nova-scheduler nova-compute +} + +# Function config /etc/nova/nova.conf file +function nova_config () { + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + cp $novafile $novafilebak + + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novacomputefile $novacomputefilebak + + egrep -v "^$|^#" $novafilebak > $novafile + + ops_del $novafile api_database connection + ops_add $novafile api_database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/nova_api + + ops_add $novafile database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA@$CTL1_IP_NIC2/nova + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + ops_del $novafile DEFAULT log_dir + + + ops_add $novafile vnc enabled true + ops_add $novafile vnc vncserver_listen \$my_ip + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile scheduler discover_hosts_in_cells_interval 300 + +################## KHAI BAO DE CAU HINH NOVA-COMPUTE ############################### + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) + +} + +# Function populate the nova-api database +nova_populate_nova_api_db () { +echocolor "Populate the nova-api database" +sleep 3 +su -s /bin/sh -c "nova-manage api_db sync" nova +} + +# Function register the cell0 database +nova_register_cell0 () { + echocolor "Register the cell0 database" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova +} + +# Function create the cell1 cell +nova_create_cell1 () { + echocolor "Create the cell1 cell" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova +} + +# Function populate the nova database +function nova_populate_nova_db () { + echocolor "Populate the nova database" + sleep 3 + su -s /bin/sh -c "nova-manage db sync" nova +} + +# Function verify nova cell0 and cell1 are registered correctly +function nova_verify_cell () { + echocolor "Verify nova cell0 and cell1 are registered correctly" + sleep 3 + nova-manage cell_v2 list_cells +} + +# Function restart installation +function nova_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-api + systemctl restart nova-scheduler + systemctl restart nova-conductor + systemctl restart nova-novncproxy + systemctl restart nova-compute + + systemctl enable nova-api + systemctl enable nova-scheduler + systemctl enable nova-conductor + systemctl enable nova-novncproxy + systemctl enable nova-compute + + systemctl disable ufw + systemctl stop ufw +} + +####################### +## Execute placement_## +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Bat dau cai dat placement `hostname`" + +sendtelegram "Thuc thi placement_create_db tren `hostname`" +placement_create_db + +sendtelegram "Thuc thi placement_create_info tren `hostname`" +placement_create_info + +sendtelegram "Thuc thi placement_install tren `hostname`" +placement_install + +sendtelegram "Thuc thi placement_config tren `hostname`" +placement_config + +sendtelegram "Thuc thi placement_populate_db tren `hostname`" +placement_populate_db + +sendtelegram "Thuc thiplacement_restart tren `hostname`" +placement_restart + +sendtelegram "Da hoa thanh cai dat placement `hostname`" +notify + + +####################### +###Execute Nova### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Bat dau cai dat Nova `hostname`" + +# Create database for Nova +sendtelegram "Thuc thi nova_create_db tren `hostname`" +nova_create_db + +# Create infomation for Compute service +sendtelegram "Thuc thi nova_create_info tren `hostname`" +nova_create_info + +# Install components of Nova +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Config /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + + +# Populate the nova-api database +sendtelegram "Thuc thi nova_populate_nova_api_db tren `hostname`" +nova_populate_nova_api_db + +# Register the cell0 database +sendtelegram "Thuc thi nova_register_cell0 tren `hostname`" +nova_register_cell0 + +# Create the cell1 cell +sendtelegram "Thuc thi nova_create_cell1 tren `hostname`" +nova_create_cell1 + +# Populate the nova database +sendtelegram "Thuc thi nova_populate_nova_db tren `hostname`" +nova_populate_nova_db + +# Verify nova cell0 and cell1 are registered correctly +sendtelegram "Verify nova cell0 and cell1 are registered correctly tren `hostname`" +nova_verify_cell + +# Restart installation +sendtelegram "Restart installation tren `hostname`" +nova_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_05_neutron.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_05_neutron.sh new file mode 100644 index 0000000..a535aa3 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_05_neutron.sh @@ -0,0 +1,353 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Neutron +function neutron_create_db () { + echocolor "Create database for Neutron" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE neutron; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +FLUSH PRIVILEGES; +EOF +} + +# Function create the neutron service credentials +function neutron_create_info () { + echocolor "Set environment variable for admin user" + source /root/admin-openrc + + echocolor "Create the neutron service credentials" + sleep 3 + + openstack user create --domain default --password $NEUTRON_PASS neutron + openstack role add --project service --user neutron admin + openstack service create --name neutron --description "OpenStack Networking" network + openstack endpoint create --region RegionOne network public http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network internal http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network admin http://$CTL1_IP_NIC2:9696 +} + +# Function install the components +function neutron_install () { + echocolor "Install the components" + sleep 3 + apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent + + apt install -y neutron-common +} + +# Function configure the server component +function neutron_config_server_component () { + echocolor "Configure the server component" + sleep 3 + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile database \ + connection mysql+pymysql://neutron:$PASS_DATABASE_NEUTRON@$CTL1_IP_NIC2/neutron + + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT service_plugins router + ops_add $neutronfile DEFAULT allow_overlapping_ips true + ops_add $neutronfile DEFAULT dhcp_agents_per_network 2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT notify_nova_on_port_status_changes true + ops_add $neutronfile DEFAULT notify_nova_on_port_data_changes true + + ops_add $neutronfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile nova auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile nova auth_type password + ops_add $neutronfile nova project_domain_name default + ops_add $neutronfile nova user_domain_name default + ops_add $neutronfile nova region_name RegionOne + ops_add $neutronfile nova project_name service + ops_add $neutronfile nova username nova + ops_add $neutronfile nova password $NOVA_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/lock + +############ NEUTRON tren COMPUTE + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true + + ### ML2 config tren node COMPUTE + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the Linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + + # Linux-Bridge agent tren compute + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +function neutron_config_l3agent () { + echocolor "Configure the L3 Agent" + sleep 3 + l3agent=/etc/neutron/l3_agent.ini + l3agentbak=/etc/neutron/l3_agent.ini.bak + cp $l3agent $l3agentbak + egrep -v "^$|^#" $l3agent > $l3agentbak + + ops_add $l3agent DEFAULT interface_driver linuxbridge + +} + + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the DHCP agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function configure the Compute service to use the Networking service +function neutron_config_compute_use_network () { + echocolor "Configure the Compute service to use the Networking service" + sleep 3 + novafile=/etc/nova/nova.conf + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + ops_add $novafile neutron service_metadata_proxy true + ops_add $novafile neutron metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function populate the database +function neutron_populate_db () { + echocolor "Populate the database" + sleep 3 + su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron +} + +# Function restart installation +function neutron_restart () { + echocolor "Neutron services restart " + sleep 3 + + systemctl restart nova-api + + systemctl restart neutron-server + systemctl enable neutron-server + + systemctl restart neutron-l3-agent + systemctl enable neutron-l3-agent + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai NEUTRON `hostname`" + +# Create database for Neutron +sendtelegram "Create database for Neutron tren `hostname`" +neutron_create_db + +# Create the neutron service credentials +sendtelegram "Create the neutron service credentials tren `hostname`" +neutron_create_info + +# Install the components +sendtelegram "Install the components tren `hostname`" +neutron_install + +# Configure the server component +sendtelegram "Configure the server component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Configure the Linux bridge agent tren `hostname`" +neutron_config_linuxbridge + +# Configure the neutron_config_dhcp +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +# Configure the neutron_config_metadata +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the L3 Agent +sendtelegram "Configure the L3 Agent tren `hostname`" +neutron_config_l3agent + + +# Configure the Compute service to use the Networking service +sendtelegram "Configure the Compute service to use the Networking service tren `hostname`" +neutron_config_compute_use_network + +# Populate the database +sendtelegram "Populate the database tren `hostname`" +neutron_populate_db + +# Function restart installation +sendtelegram " Function restart installation tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_06_cinder.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_06_cinder.sh new file mode 100644 index 0000000..f9ea6c4 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_06_cinder.sh @@ -0,0 +1,192 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Cinder +function cinder_create_db () { + echocolor "Create database for Cinder" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE cinder; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +FLUSH PRIVILEGES; +EOF +} + +function cinder_user_endpoint() { + echocolor "Create cinder_user_endpoint Cinder" + + openstack user create cinder --domain default --password $CINDER_PASS + openstack role add --project service --user cinder admin + + openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 + + # openstack endpoint create --region RegionOne volumev2 public http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 internal http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 admin http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + + openstack endpoint create --region RegionOne volumev3 public http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 internal http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 admin http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s +} + +function cinder_install_config() { + echocolor "Cai dat cinder" + sleep 3 + + apt -y install cinder-api cinder-scheduler cinder-volume + apt -y install python3-cinderclient python3-mysqldb python3-rtslib-fb targetcli-fb + + ctl_cinder_conf=/etc/cinder/cinder.conf + + cp $ctl_cinder_conf $ctl_cinder_conf.orig + + if [ "$CINDER_AIO" == "yes" ]; then + ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf DEFAULT state_path /var/lib/cinder + ops_add $ctl_cinder_conf DEFAULT rootwrap_config /etc/cinder/rootwrap.conf + ops_add $ctl_cinder_conf DEFAULT api_paste_confg /etc/cinder/api-paste.ini + ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + ops_add $ctl_cinder_conf DEFAULT enabled_backends lvm + ops_add $ctl_cinder_conf DEFAULT enable_v3_api True + ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + ops_add $ctl_cinder_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_cinder_conf keystone_authtoken auth_type password + ops_add $ctl_cinder_conf keystone_authtoken project_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken user_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken project_name service + ops_add $ctl_cinder_conf keystone_authtoken username cinder + ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + ops_add $ctl_cinder_conf oslo_concurrency lock_path \$state_path/tmp + + ops_add $ctl_cinder_conf lvm target_helper lioadm + ops_add $ctl_cinder_conf lvm target_protocol iscsi + ops_add $ctl_cinder_conf lvm target_ip_address $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf lvm volume_group cinder-volumes + ops_add $ctl_cinder_conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver + ops_add $ctl_cinder_conf lvm volumes_dir \$state_path/volumes + + + + else + echocolor "Tach cinder-volume" + + # ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + # ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT osapi_volume_listen \$my_ip + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + + + # ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + # ops_add $ctl_cinder_conf keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $ctl_cinder_conf keystone_authtoken auth_type password + # ops_add $ctl_cinder_conf keystone_authtoken project_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken user_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken project_name service + # ops_add $ctl_cinder_conf keystone_authtoken username cinder + # ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + # ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + # ops_add $ctl_cinder_conf oslo_concurrency lock_path /var/lib/cinder/tmp + + fi +} + +function cinder_syncdb() { + su -s /bin/sh -c "cinder-manage db sync" cinder + +} + +function cinder_enable_restart() { + sleep 3 + if [ "$CINDER_AIO" == "yes" ]; then + # service tgt restart + service cinder-volume restart + service cinder-scheduler restart + service apache2 restart + else + service cinder-scheduler restart + service apache2 restart + fi + + echo "export OS_VOLUME_API_VERSION=3" >> /root/admin-openrc + +} + +function create_lvm() { + if [ "$CINDER_AIO" == "yes" ]; then + echocolor "Cau hinh LVM" + pvcreate /dev/vdb + vgcreate cinder-volumes /dev/vdb + + # cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.orig + # sed -i '130i\ filter = [ "a/vdb/", "r/.*/"]' /etc/lvm/lvm.conf + + else + echocolor "Khong cau hinh LVM vi ko cai cinder-volume" + fi + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai CINDER `hostname`" + +source /root/admin-openrc +echocolor "Cai CINDER `hostname`" +sendtelegram "Thuc thi create_lvm tren `hostname`" +create_lvm + +echocolor "Thuc thi cinder_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi cinder_create_db tren `hostname`" +cinder_create_db + +echocolor "Tao user va endpoint cho CINDER" +sendtelegram "Thuc thi cinder_user_endpoint tren `hostname`" +cinder_user_endpoint + +echocolor "Cai dat va cau hinh CINDER" +sendtelegram "Thuc thi cinder_install_config tren `hostname`" +cinder_install_config + +echocolor "Dong bo DB cho CINDER" +sendtelegram "Thuc thi cinder_syncdb tren `hostname`" +cinder_syncdb + +echocolor "Restart dich vu CINDER" +sendtelegram "Thuc thi cinder_enable_restart tren `hostname`" +cinder_enable_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_07_horizon.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_07_horizon.sh new file mode 100644 index 0000000..b2f10f8 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_07_horizon.sh @@ -0,0 +1,128 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install the packages +horizon_install () { + echocolor "Install the packages" + sleep 3 + apt install openstack-dashboard -y + apt-get remove --auto-remove openstack-dashboard-ubuntu-theme -y +} + +function redirect_web () { +echocolor "Creating redirect page" +sleep 5 +filehtml=/var/www/html/index.html +test -f $filehtml.orig || cp $filehtml $filehtml.orig +rm $filehtml +touch $filehtml +cat << EOF >> $filehtml + + + + + +

Redirecting to OpenStack Dashboard

+ + +EOF +} + + +# Function edit the /etc/openstack-dashboard/local_settings.py file +horizon_config () { + echocolor "Config horizon" + sleep 3 + + horizonfile=/etc/openstack-dashboard/local_settings.py + horizonfilebak=/etc/openstack-dashboard/local_settings.py.bak + cp $horizonfile $horizonfilebak + egrep -v "^$|^#" $horizonfilebak > $horizonfile + + sed -i 's/OPENSTACK_HOST = "127.0.0.1"/'"OPENSTACK_HOST = \"$CTL1_IP_NIC2\""'/g' $horizonfile + + echo "SESSION_ENGINE = 'django.contrib.sessions.backends.cache'" >> $horizonfile + sed -i "s/'LOCATION': '127.0.0.1:11211',/""'LOCATION': '$CTL1_IP_NIC2:11211',""/g" $horizonfile + + sed -i 's/OPENSTACK_KEYSTONE_URL = .*$/OPENSTACK_KEYSTONE_URL = "http:\/\/IP_HORIZON:5000\/v3"/g' $horizonfile + sed -i "s/IP_HORIZON/$CTL1_IP_NIC2/g" $horizonfile + + echo "OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" >> $horizonfile + +cat << EOF >> $horizonfile +OPENSTACK_API_VERSIONS = { + "identity": 3, + "image": 2, + "volume": 3, +} +EOF + +echo 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"' >> $horizonfile +sed -i 's/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"/g' $horizonfile + +sed -i "s/'enable_router': True,/'enable_router': True,/g" $horizonfile +sed -i "s/'enable_quotas': True,/'enable_quotas': False,/g" $horizonfile +sed -i "s/'enable_ipv6': True,/'enable_ipv6': False,/g" $horizonfile +sed -i "s/'enable_ha_router': False,/'enable_ha_router': False,/g" $horizonfile +sed -i "s/'enable_lb': True,/'enable_lb': False,/g" $horizonfile +sed -i "s/'enable_firewall': True,/'enable_firewall': False,/g" $horizonfile +sed -i "s/'enable_vpn': True,/'enable_vpn': False,/g" $horizonfile +sed -i "s/'enable_fip_topology_check': True,/'enable_fip_topology_check': False,/g" $horizonfile + +sed -i 's/TIME_ZONE = "UTC"/TIME_ZONE = "Asia\/Ho_Chi_Minh"/g' $horizonfile + +sed -i "s/DEFAULT_THEME = 'ubuntu'/DEFAULT_THEME = 'default'/g" $horizonfile +} + +# Function restart installation +horizon_restart () { + echocolor "Restart installation" + sleep 3 + service apache2 reload +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thu thi script $0 tren `hostname`" + +# Install the packages +sendtelegram "Thuc thi horizon_install tren `hostname`" +horizon_install + +# Redirecting web +sendtelegram "Thuc thi redirect_web tren `hostname`" +redirect_web + +# Edit the /etc/openstack-dashboard/local_settings.py file +sendtelegram "Thuc thi horizon_config tren `hostname`" +horizon_config + +# Restart installation +sendtelegram "Thuc thi horizon_restart tren `hostname`" +horizon_restart + +echocolor #================================# +echocolor "LOGIN INFORMATION IN HORIZON" +echocolor "URL: http://$CTL1_IP_NIC2/horizon" +echocolor "Domain: Default" +echocolor "User: admin or demo" +echocolor "Password: $ADMIN_PASS" +echocolor #================================# + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_08_octavia.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_08_octavia.sh new file mode 100644 index 0000000..378a699 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/ctl_08_octavia.sh @@ -0,0 +1,241 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Octavia +function octavia_create_db () { + + echocolor "Create database for Octavia" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE octavia; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'localhost' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'%' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +FLUSH PRIVILEGES; +EOF + +} + +function octavia_user_endpoint() { + + echocolor "Create octavia_user_endpoint for Octavia" + openstack user create octavia --domain default --project service --password $OCTAVIA_PASS + openstack role add --project service --user octavia admin + openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + + openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +} + +function octavia_install_config() { + + echocolor "Cai dat octavia" + sleep 3 + apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + apt -y install python3-octaviaclient + + ctl_octavia_conf=/etc/octavia/octavia.conf + cp $ctl_octavia_conf $ctl_octavia_conf.orig + + mkdir -p /etc/octavia/certs/private + mkdir ~/work + cd ~/work + git clone https://opendev.org/openstack/octavia.git -b stable/victoria + cd octavia/bin + + ./create_dual_intermediate_CA.sh + cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private + cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + + chown -R octavia /etc/octavia/certs + + ops_add $ctl_octavia_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + + ops_add $ctl_octavia_conf api_settings bind_host $CTL1_IP_NIC2 + ops_add $ctl_octavia_conf api_settings bind_port 9876 + ops_add $ctl_octavia_conf api_settings auth_strategy keystone + ops_add $ctl_octavia_conf api_settings api_base_uri http://$CTL1_IP_NIC2:9876 + + ops_add $ctl_octavia_conf database connection mysql+pymysql://octavia:$PASS_DATABASE_OCTAVIA@$CTL1_IP_NIC2/octavia + + ops_add $ctl_octavia_conf health_manager bind_ip 0.0.0.0 + ops_add $ctl_octavia_conf health_manager bind_port 5555 + + ops_add $ctl_octavia_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf keystone_authtoken auth_type password + ops_add $ctl_octavia_conf keystone_authtoken project_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken user_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken project_name service + ops_add $ctl_octavia_conf keystone_authtoken username octavia + ops_add $ctl_octavia_conf keystone_authtoken password $OCTAVIA_PASS + + ops_add $ctl_octavia_conf certificates ca_private_key /etc/octavia/certs/private/server_ca.key.pem + ops_add $ctl_octavia_conf certificates ca_certificate /etc/octavia/certs/server_ca.cert.pem + ops_add $ctl_octavia_conf certificates server_certs_key_passphrase insecure-key-do-not-use-this-key + ops_add $ctl_octavia_conf certificates ca_private_key_passphrase not-secure-passphrase + + ops_add $ctl_octavia_conf haproxy_amphora server_ca /etc/octavia/certs/server_ca-chain.cert.pem + ops_add $ctl_octavia_conf haproxy_amphora client_cert /etc/octavia/certs/private/client.cert-and-key.pem + + ops_add $ctl_octavia_conf controller_worker client_ca /etc/octavia/certs/client_ca.cert.pem + + ops_add $ctl_octavia_conf oslo_messaging topic octavia_prov + + ops_add $ctl_octavia_conf service_auth auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf service_auth memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf service_auth auth_type password + ops_add $ctl_octavia_conf service_auth project_domain_name default + ops_add $ctl_octavia_conf service_auth user_domain_name default + ops_add $ctl_octavia_conf service_auth project_name service + ops_add $ctl_octavia_conf service_auth username octavia + ops_add $ctl_octavia_conf service_auth password $OCTAVIA_PASS +} + +function octavia_create_policy() { + +cat << EOF >/etc/octavia/policy.yaml +# create new +"context_is_admin": "role:admin or role:load-balancer_admin" +"admin_or_owner": "is_admin:True or project_id:%(project_id)s" +"load-balancer:read": "rule:admin_or_owner" +"load-balancer:read-global": "is_admin:True" +"load-balancer:write": "rule:admin_or_owner" +"load-balancer:read-quota": "rule:admin_or_owner" +"load-balancer:read-quota-global": "is_admin:True" +"load-balancer:write-quota": "is_admin:True" +EOF + +chmod 640 /etc/octavia/policy.yaml +chgrp octavia /etc/octavia/policy.yaml +} + +function octavia_syn_db() { + su -s /bin/bash octavia -c "octavia-db-manage --config-file /etc/octavia/octavia.conf upgrade head" +} + +function octavia_restart() { + systemctl restart octavia-api octavia-health-manager octavia-housekeeping octavia-worker + systemctl enable octavia-api octavia-health-manager octavia-housekeeping octavia-worker +} + +function octavia_image_create() { + wget https://tarballs.opendev.org/openstack/octavia/test-images/test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 + openstack image create "Amphora" --tag "Amphora" --file test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 --disk-format qcow2 --container-format bare --private --project service + +} + +function octavia_create_flavor_sec() { + + openstack flavor create --id 100 --vcpus 1 --ram 1024 --disk 5 m1.octavia --private --project service + + openstack security group create lb-mgmt-sec-group --project service + openstack security group rule create --protocol icmp --ingress lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 22:22 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 80:80 lb-mgmt-sec-group + + openstack security group rule create --protocol tcp --dst-port 443:443 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 9443:9443 lb-mgmt-sec-group + + # ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` + # ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + + # openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP + # openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +} + +function octavia_install_config_step2() { + + ctl_octavia_conf=/etc/octavia/octavia.conf + + ID_LB_MGMT_SEC_GROUP=`openstack security group list | egrep lb-mgmt-sec-group | awk '{print $2}'` + ID_AMP_BOOT_NETWORK_LIST=`openstack network list | egrep provider | awk '{print $2}'` + + ops_add $ctl_octavia_conf controller_worker amp_image_tag Amphora + ops_add $ctl_octavia_conf controller_worker amp_flavor_id 100 + ops_add $ctl_octavia_conf controller_worker amp_secgroup_list $ID_LB_MGMT_SEC_GROUP + ops_add $ctl_octavia_conf controller_worker amp_boot_network_list $ID_AMP_BOOT_NETWORK_LIST + ops_add $ctl_octavia_conf controller_worker network_driver allowed_address_pairs_driver + ops_add $ctl_octavia_conf controller_worker compute_driver compute_nova_driver + ops_add $ctl_octavia_conf controller_worker amphora_driver amphora_haproxy_rest_driver + + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai OCTAVIA `hostname`" + +source /root/admin-openrc +echocolor "Cai OCTAVIA `hostname`" + +echocolor "Thuc thi octavia_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_db tren `hostname`" +octavia_create_db + +echocolor "Thuc thi octavia_user_endpoint tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_user_endpoint tren `hostname`" +octavia_user_endpoint + +echocolor "Thuc thi octavia_install_config tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config tren `hostname`" +octavia_install_config + +echocolor "Thuc thi octavia_create_policy tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_policy tren `hostname`" +octavia_create_policy + +echocolor "Thuc thi octavia_restart tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_syn_db va octavia_restart tren `hostname`" +octavia_syn_db +octavia_restart + +echocolor "Thuc thi octavia_image_creat tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_image_creat tren `hostname`" +octavia_image_create + +echocolor "Thuc thi octavia_create_flavor_sec tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_flavor_sec tren `hostname`" +octavia_create_flavor_sec + +echocolor "Thuc thi octavia_install_config_step2 tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config_step2 octavia_restart tren `hostname`" +octavia_install_config_step2 +octavia_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/function.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/function.sh new file mode 100644 index 0000000..111959d --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/function.sh @@ -0,0 +1,49 @@ +#!/bin/bash +#Author HOC CHU DONG + +source config.cfg + +# Ham dinh nghia mau cho cac thong bao in ra man hinh +function echocolor { + echo "$(tput setaf 2)##### $1 #####$(tput sgr0)" +} + +# Ham sua file config cua OpenStack +## Ham add +function ops_add { + crudini --set $1 $2 $3 $4 +} +### Cach dung +### Cu phap +### ops_add PATH_FILE SECTION PARAMETER VAULE + +## Ham del +function ops_del { + crudini --del $1 $2 $3 +} + +function notify { + chatid=-557175523 + #token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + +if [ $? -eq 0 ] +then + curl -s --data-urlencode "text=I-AM-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +else + curl -s --data-urlencode "text=NOT-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + +fi + +} + +function sendtelegram { + chatid=-557175523 + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + # token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + default_message="Test canh bao" + + curl -s --data-urlencode "text=$@" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +} \ No newline at end of file diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/octavia-note.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/octavia-note.sh new file mode 100644 index 0000000..8009891 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/octavia-note.sh @@ -0,0 +1,181 @@ +openstack user create --domain default --project service --password Welcome123 octavia + +openstack role add --project service --user octavia admin + +openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + +CTL1_IP_NIC2=172.16.70.90 + +openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +######## +mysql -u root -pWelcome123 + +create database octavia; +grant all privileges on octavia.* to octavia@'localhost' identified by 'Welcome123'; +grant all privileges on octavia.* to octavia@'%' identified by 'Welcome123'; +FLUSH PRIVILEGES; + +exit +######## + +apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + +mkdir -p /etc/octavia/certs/private +mkdir ~/work +cd ~/work +git clone https://opendev.org/openstack/octavia.git -b stable/victoria +cd octavia/bin + +./create_dual_intermediate_CA.sh +cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private +cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + +chown -R octavia /etc/octavia/certs + + +###### + +mv /etc/octavia/octavia.conf /etc/octavia/octavia.conf.org + + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 + +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 + +[database] + +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia + + +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 + + +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 + +[certificates] + +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase + +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem + + +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem + + +[oslo_messaging] +topic = octavia_prov + + +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 + + +# Test LB. +for ((i=1;i<=10;i++)); do curl 172.16.71.204; done + + +### File cau hinh mau + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 +[amphora_agent] +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 +[audit] +[certificates] +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase +[compute] +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem +amp_image_tag = Amphora +amp_flavor_id = 100 +amp_secgroup_list = 6ed56312-f478-4871-8799-8466517cc0af +amp_boot_network_list = d2e5166d-b6b0-4bb7-bb28-2e12ac167cdc +network_driver = allowed_address_pairs_driver +compute_driver = compute_nova_driver +amphora_driver = amphora_haproxy_rest_driver +[database] +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia +[driver_agent] +[glance] +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 +[house_keeping] +[keepalived_vrrp] +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 +[networking] +[neutron] +[nova] +[oslo_messaging] +topic = octavia_prov +[oslo_messaging_amqp] +[oslo_messaging_kafka] +[oslo_messaging_notifications] +[oslo_messaging_rabbit] +[quotas] +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 +[task_flow] + + diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/viewlog.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/viewlog.sh new file mode 100644 index 0000000..46a3389 --- /dev/null +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu-AIO/viewlog.sh @@ -0,0 +1,11 @@ + +#!/bin/bash +# rapid CLI oneliner log inspection inside all log files +# Lookig for keywords "fail", "error", "unable", "warning". +# Ref: https://raw.githubusercontent.com/AJNOURI/COA/master/misc/oneliner_log_inspection.sh +#################################################### GUIDE#################### +# Go lenh voi cac tu khoa ERORR hoac FAIL hoac thay bang tu ban muon +# bash viewlog.sh ERROR +# bash viewlog.sh "ERROR|FAIL" +############################################################################## +for i in $(ls /var/log/*/*.log); do echo "=========="; echo $i; echo "========="; tail $i| egrep -i $1; done diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu/com1_01_env.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu/com1_01_env.sh index 1bf9451..0ea9f21 100644 --- a/scripts/OpenStack-Victoria-No-HA/Ubuntu/com1_01_env.sh +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu/com1_01_env.sh @@ -47,7 +47,7 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:victoria -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list + sudo echo "deb http://172.16.70.131:8081/repository/u20victoria/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu/com2_01_env.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu/com2_01_env.sh index 52e7e51..a5877de 100644 --- a/scripts/OpenStack-Victoria-No-HA/Ubuntu/com2_01_env.sh +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu/com2_01_env.sh @@ -47,7 +47,7 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:victoria -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list + sudo echo "deb http://172.16.70.131:8081/repository/u20victoria/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu/config.cfg b/scripts/OpenStack-Victoria-No-HA/Ubuntu/config.cfg index c3517a4..ca31a61 100644 --- a/scripts/OpenStack-Victoria-No-HA/Ubuntu/config.cfg +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu/config.cfg @@ -5,7 +5,6 @@ CINDER_AIO=yes ########################################## - ### Hostname cho cac may CONTROLLER CTL1_HOSTNAME=controller1 COM1_HOSTNAME=compute1 diff --git a/scripts/OpenStack-Victoria-No-HA/Ubuntu/ctl_01_env.sh b/scripts/OpenStack-Victoria-No-HA/Ubuntu/ctl_01_env.sh index c9eaabc..b805f16 100644 --- a/scripts/OpenStack-Victoria-No-HA/Ubuntu/ctl_01_env.sh +++ b/scripts/OpenStack-Victoria-No-HA/Ubuntu/ctl_01_env.sh @@ -33,7 +33,7 @@ function install_ntp () { echocolor "Install NTP" sleep 3 - apt-get install chrony -y 2>&1 | tee -a filelog-install.txt + apt-get install chrony -y ntpfile=/etc/chrony/chrony.conf sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ @@ -41,23 +41,24 @@ pool 2.debian.pool.ntp.org offline iburst \ server 0.asia.pool.ntp.org iburst \ server 1.asia.pool.ntp.org iburst/g' $ntpfile - echo "allow 172.16.70.212/24" >> $ntpfile + echo "allow 172.16.70.0/24" >> $ntpfile - service chrony restart 2>&1 | tee -a filelog-install.txt + service chrony restart } # Function install OpenStack packages (python-openstackclient) function install_ops_packages () { echocolor "Install OpenStack client" sleep 3 - sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt - sudo add-apt-repository cloud-archive:victoria -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list - - sudo apt update -y 2>&1 | tee -a filelog-install.txt - sudo apt upgrade -y 2>&1 | tee -a filelog-install.txt - sudo apt install python3-openstackclient -y 2>&1 | tee -a filelog-install.txt + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:victoria -y + sudo echo "deb http://172.16.70.131:8081/repository/u20victoria/ focal-updates/victoria main" > /etc/apt/sources.list.d/cloudarchive-victoria.list + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y + systemctl disable ufw systemctl stop ufw } @@ -69,7 +70,7 @@ function install_database() { echo mariadb-server-10.0 mysql-server/root_password $PASS_DATABASE_ROOT | debconf-set-selections echo mariadb-server-10.0 mysql-server/root_password_again $PASS_DATABASE_ROOT | debconf-set-selections - sudo apt install mariadb-server python3-pymysql -y 2>&1 | tee -a filelog-install.txt + sudo apt install mariadb-server python3-pymysql -y sed -r -i 's/127\.0\.0\.1/0\.0\.0\.0/' /etc/mysql/mariadb.conf.d/50-server.cnf @@ -130,11 +131,11 @@ function install_etcd () { apt install etcd -y cat << EOF > /etc/default/etcd -ETCD_NAME="controller01" +ETCD_NAME="`hostname`" ETCD_DATA_DIR="/var/lib/etcd" ETCD_INITIAL_CLUSTER_STATE="new" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" -ETCD_INITIAL_CLUSTER="controller01=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" @@ -155,11 +156,11 @@ sendtelegram "Thuc thi config_hostname tren `hostname`" config_hostname # Update and upgrade for controller -sendtelegram "Thuc thi install_ntp tren `hostname`" +sendtelegram "Thuc thi update_upgrade tren `hostname`" update_upgrade # Install and config NTP -sendtelegram "Thuc thi install_ntptren `hostname`" +sendtelegram "Thuc thi install_ntp tren `hostname`" install_ntp # OpenStack packages (python-openstackclient) diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/README.md b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/README.md new file mode 100644 index 0000000..382d2f5 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/README.md @@ -0,0 +1 @@ +# Script cài đặt OpenStack Victoria All In One trên Ubuntu Server 20.04 diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh new file mode 100644 index 0000000..189f138 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh @@ -0,0 +1,268 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install nova-compute +function nova_install () { + echocolor "Install nova-compute" + sleep 3 + apt install nova-compute -y +} + +# Function edit /etc/nova/nova.conf file +function nova_config () { + echocolor "Edit /etc/nova/nova.conf file" + sleep 3 + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novafile $novafilebak + cp $novacomputefile $novacomputefilebak + egrep -v "^$|^#" $novafilebak > $novafile + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $COM1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) +} + +# Function finalize installation +function nova_resart () { + echocolor "Finalize installation" + sleep 3 + service nova-compute restart +} + +function neutron_install () { + echocolor "Install the components Neutron" + sleep 3 + + apt install -y neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent + apt install -y neutron-common neutron-plugin-ml2 +} + +# Function configure the common component +function neutron_config_server_component () { + echocolor "Configure the common component" + sleep 3 + + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + ops_add $neutronfile DEFAULT allow_overlapping_ips True + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/tmp + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $COM1_IP_NIC1 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function restart installation +function neutron_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-compute + systemctl enable nova-compute + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Install nova-compute +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Edit /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + +# Finalize installation +sendtelegram "Thuc thi nova_resart tren `hostname`" +nova_resart + +# Install the components Neutron +sendtelegram "Thuc thi neutron_install tren `hostname`" +neutron_install + +# Configure the common component +sendtelegram "Thuc thi neutron_config_server_component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Thuc thi neutron_config_linuxbridge tren `hostname`" +neutron_config_linuxbridge + +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the Compute service to use the Networking service +#neutron_config_compute_use_network + +# Restart installation +sendtelegram "Thuc thi neutron_restart tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/config.cfg b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/config.cfg new file mode 100644 index 0000000..cbeec02 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/config.cfg @@ -0,0 +1,83 @@ +########################################## +### Khai bao cac thanh phan cai dat + +CINDER_AIO=yes + +########################################## + +### Hostname cho cac may CONTROLLER +CTL1_HOSTNAME=openstackaio + + +### INTERFACE INFO + +INTERFACE_MGNT_DATA_VM=eth2 +INTERFACE_PUBLIC=eth3 + +# INTERFACE_PROVIDER trung voi INTERFACE_PUBLIC +INTERFACE_PROVIDER=eth3 + +### NETWORK INFO +NETMASK_NIC1=255.255.255.0 +NETMASK_NIC2=255.255.255.0 +GATAWAY_NIC1=172.16.70.1 +GATAWAY_NIC2=172.16.71.1 + +### IP Address CONTROLLER +CTL1_IP_NIC1=127.0.0.1 +CTL1_IP_NIC2=172.16.70.188 +CTL1_IP_NIC3=172.16.71.188 + + +### Khai bao network danh cho VM trong openstack ### +## IP PRIVATE Network for VMs +PRIVATE_IP_START=172.16.85.10 +PRIVATE_IP_END=172.16.85.90 +PRIVATE_DNS=8.8.8.8 +PRIVATE_GATEWAY=172.16.85.1 +PRIVATE_SUBNET=172.16.85.0/24 + + +### IP PROVIDER Network for VMs +PROVIDER_IP_START=172.16.71.200 +PROVIDER_IP_END=172.16.71.220 +PROVIDER_DNS=8.8.8.8 +PROVIDER_GATEWAY=172.16.71.1 +PROVIDER_SUBNET=172.16.71.0/24 +######################################################### + +### Pass default +PASS_DEFAULT='Welcome123' + +### Password cho MariaDB +PASS_DATABASE_ROOT=$PASS_DEFAULT +PASS_DATABASE_KEYSTONE=$PASS_DEFAULT +PASS_DATABASE_NOVA=$PASS_DEFAULT +PASS_DATABASE_NOVA_API=$PASS_DEFAULT +PASS_DATABASE_NOVA_CELL=$PASS_DEFAULT +PASS_DATABASE_NEUTRON=$PASS_DEFAULT +PASS_DATABASE_GLANCE=$PASS_DEFAULT +PASS_DATABASE_CINDER=$PASS_DEFAULT +PASS_DATABASE_SWIFT=$PASS_DEFAULT +PASS_DATABASE_CEILOMTER=$PASS_DEFAULT +PASS_DATABASE_AODH=$PASS_DEFAULT +PASS_DATABASE_GNOCCHI=$PASS_DEFAULT +PASS_DATABASE_OCTAVIA=$PASS_DEFAULT + +### Password openstack service +RABBIT_PASS=$PASS_DEFAULT +METADATA_SECRET=$PASS_DEFAULT +ADMIN_PASS=$PASS_DEFAULT +DEMO_PASS=$PASS_DEFAULT +GLANCE_PASS=$PASS_DEFAULT +NOVA_PASS=$PASS_DEFAULT +NOVA_API_PASS=$PASS_DEFAULT +PLACEMENT_PASS=$PASS_DEFAULT +CINDER_PASS=$PASS_DEFAULT +SWIFT_PASS=$PASS_DEFAULT +NEUTRON_PASS=$PASS_DEFAULT +CEILOMETER_PASS=$PASS_DEFAULT +GNOCCHI_PASS=$PASS_DEFAULT +OCTAVIA_PASS=$PASS_DEFAULT +AODH_PASS=$PASS_DEFAULT + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/controller.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/controller.sh new file mode 100644 index 0000000..6bc70a5 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/controller.sh @@ -0,0 +1,40 @@ +#!/bin/bash +#Author HOC CHU DONG + +TIMEDATE_EXEC="$(date "+%d/%m/%Y %H:%M")" + +source function.sh +source config.cfg +TIMEDATE_START=`date +%s.%N` + +./ctl_01_env.sh +sleep 5 + +./ctl_02_keystone.sh +sleep 5 + +./ctl_03_glance.sh +sleep 5 + +./ctl_04_nova.sh +sleep 5 + +./ctl_05_neutron.sh +sleep 5 + +./ctl_06_cinder.sh +sleep 5 + +./ctl_07_horizon.sh +sleep 3 + +TIMEDATE_END=`date +%s.%N` +TIMEDATE_TOTAL_TEMP=$( echo "$TIMEDATE_END - $TIMEDATE_START" | bc -l ) +TIMEDATE_TOTAL=$(cut -c-6 <<< "$TIMEDATE_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIMEDATE_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIMEDATE_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-lb.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-lb.sh new file mode 100644 index 0000000..3ff0ce8 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-lb.sh @@ -0,0 +1,72 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg +source /root/admin-openrc + +wget https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + +echocolor "Tao image Ubuntu 18" +openstack image create --disk-format qcow2 --container-format bare \ + --public --file ./bionic-server-cloudimg-amd64.img bionic-server-cloudimg-amd64 + +sleep 10 +openstack flavor create --ram 1024 --disk 8 --vcpus 1 --public small + +ssh-keygen -N "" -f /root/.ssh/id_rsa + +openstack keypair create --public-key ~/.ssh/id_rsa.pub controller-key + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP \ + --network selfservice \ + ubuntu01 + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP\ + --network selfservice \ + ubuntu02 + +sleep 60 +echocolor "Tao LB" +openstack loadbalancer create --name lb01 --vip-subnet-id sub_selfservice + +sleep 600 +echocolor "Tao listener cho LB" +openstack loadbalancer listener create --name listener01 --protocol TCP --protocol-port 80 lb01 + +sleep 60 +echocolor "Tao pool cho LB" +openstack loadbalancer pool create --name pool01 --lb-algorithm ROUND_ROBIN --listener listener01 --protocol TCP + +IP_VM01=`openstack server list | egrep ubuntu01 | awk '{print $8}' | awk -F= '{print $2}'` +IP_VM02=`openstack server list | egrep ubuntu02 | awk '{print $8}' | awk -F= '{print $2}'` + +sleep 60 +echocolor "Gan $IP_VM01 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM01 --protocol-port 80 pool01 + +sleep 60 +echocolor "Gan $IP_VM02 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM02 --protocol-port 80 pool01 + +sleep 60 +echocolor "Liet ke member cua LB" +openstack loadbalancer member list pool01 + +echocolor "Cap floating IP cho LB" +openstack floating ip create public + +echocolor "I.AM.OK" diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm01.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm01.sh new file mode 100644 index 0000000..ddfa184 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm01.sh @@ -0,0 +1,53 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +################# +echocolor "Tao flavor" +sleep 3 +openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano + +echocolor "Mo rule can thiet" +sleep 5 + +openstack security group rule create --protocol icmp $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 22 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 80:80 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +echocolor "Tao provider network" +sleep 3 +openstack network create --share --external \ + --provider-physical-network provider \ + --provider-network-type flat provider + +echocolor "Tao subnet cho provider network" +sleep 3 +openstack subnet create --network provider \ + --allocation-pool start=$PROVIDER_IP_START,end=$PROVIDER_IP_END \ + --dns-nameserver $PROVIDER_DNS --gateway $PROVIDER_GATEWAY \ + --subnet-range $PROVIDER_SUBNET sub_provider + +echocolor "Tao VM gan vao provider network" +sleep 5 + +PROVIDER_NET_ID=`openstack network list | egrep -w provider | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PROVIDER_NET_ID --security-group $ID_SECURITY_GROUP \ + provider-VM1 + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0" +sendtelegram "Da tao xong VM" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm02.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm02.sh new file mode 100644 index 0000000..4ca20e6 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-vm02.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +############################################################################### +## Init enviroiment source +source config.cfg +source function.sh + +############################################################################### +echocolor "Tao private network (selfservice network)" +sleep 3 +openstack network create selfservice + +echocolor "Tao subnnet cho private network" +sleep 3 + openstack subnet create --network selfservice \ + --dns-nameserver $PRIVATE_DNS --gateway $PRIVATE_GATEWAY \ + --subnet-range $PRIVATE_SUBNET sub_selfservice + +echocolor "Tao va gan inteface cho ROUTER" +sleep 3 +openstack router create R1 +openstack router set --external-gateway provider R1 +openstack router add subnet R1 sub_selfservice + +echocolor "Tao may ao gan vao private network (selfservice network)" +sleep 5 +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +PRIVATE_NET_ID=`openstack network list | egrep -w selfservice | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PRIVATE_NET_ID --security-group $ID_SECURITY_GROUP \ + selfservice-VM1 + +echocolor "Floatig IP" +sleep 5 +FLOATING_IP=`openstack floating ip create provider | egrep -w floating_ip_address | awk '{print $4}'` +openstack server add floating ip selfservice-VM1 $FLOATING_IP \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-volume1.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-volume1.sh new file mode 100644 index 0000000..01a86ce --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/create-volume1.sh @@ -0,0 +1,13 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +openstack volume create --size 10 disk01 + +sleep 10 + +openstack server add volume provider-VM1 disk01 \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh new file mode 100644 index 0000000..a1971b8 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# Author: HOC CHU DONG + +function echocolor { + echo "#######################################################################" + echo "$(tput setaf 3)##### $1 #####$(tput sgr0)" + echo "#######################################################################" + +} + +source config.cfg + +# Function config hostname +function config_hostname () { +echo "$CTL1_HOSTNAME" > /etc/hostname +echo "127.0.0.1 locahost $CTL1_HOSTNAME" > /etc/hosts +echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" >> /etc/hosts +echo "$COM1_IP_NIC2 $COM1_HOSTNAME" >> /etc/hosts +echo "$COM2_IP_NIC2 $COM2_HOSTNAME" >> /etc/hosts +echo "$CINDER1_IP_NIC2 $CINDER1_HOSTNAME" >> /etc/hosts +} + +# Function IP address +function config_ip () { + +cat << EOF > /etc/network/interfaces +# loopback network interface +auto lo +iface lo inet loopback + +# DATA VM network +auto eth1 +iface ens1 inet static +address $CTL1_IP_NIC1 +netmask $NETMASK_NIC1 + + +### API +auto eth2 +iface eth2 inet static +address $CTL1_IP_NIC2 +netmask $NETMASK_NIC2 +gateway $GATAWAY_NIC2 +dns-nameservers 8.8.8.8 + +# Provider Network +# MGNT +auto eth3 +iface eth3 inet static +address $CTL1_IP_NIC3 +netmask $NETMASK_NIC3 +EOF +} + +####################### +###Execute functions### +####################### + +# Config CONTROLLER node +echocolor "Config CONTROLLER node" +sleep 3 + +## Config hostname +config_hostname + +## IP address +config_ip + + +echocolor "Reboot $CTL1_HOSTNAME node" +init 6 \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_01_env.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_01_env.sh new file mode 100644 index 0000000..60b4c22 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_01_env.sh @@ -0,0 +1,190 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +apt install crudini -y + +source function.sh +source config.cfg + +function config_hostname () { + + hostnamectl set-hostname $CTL1_HOSTNAME + + echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" > /etc/hosts + echo "127.0.0.1 $CTL1_HOSTNAME" >> /etc/hosts + echo "127.0.0.2 localhost" >> /etc/hosts +} + +# Function update and upgrade for CONTROLLER +function update_upgrade () { + echocolor "Update and Update controller" + sleep 3 + apt-get update -y&& apt-get upgrade -y +} + +# Function install and config NTP +function install_ntp () { + echocolor "Install NTP" + sleep 3 + + apt-get install chrony -y + ntpfile=/etc/chrony/chrony.conf + + sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ +pool 2.debian.pool.ntp.org offline iburst \ +server 0.asia.pool.ntp.org iburst \ +server 1.asia.pool.ntp.org iburst/g' $ntpfile + + echo "allow 172.16.70.0/24" >> $ntpfile + + service chrony restart +} + +# Function install OpenStack packages (python-openstackclient) +function install_ops_packages () { + echocolor "Install OpenStack client" + sleep 3 + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:wallaby -y + # sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y + + systemctl disable ufw + systemctl stop ufw +} + +function install_database() { + echocolor "Install and Config MariaDB" + sleep 3 + + echo mariadb-server-10.0 mysql-server/root_password $PASS_DATABASE_ROOT | debconf-set-selections + echo mariadb-server-10.0 mysql-server/root_password_again $PASS_DATABASE_ROOT | debconf-set-selections + + sudo apt install mariadb-server python3-pymysql -y + + + sed -r -i 's/127\.0\.0\.1/0\.0\.0\.0/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/character-set-server = utf8mb4/character-set-server = utf8/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/collation-server/#collation-server/' /etc/mysql/mariadb.conf.d/50-server.cnf + + systemctl restart mysql + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF + + sqlfile=/etc/mysql/mariadb.conf.d/99-openstack.cnf + touch $sqlfile + ops_add $sqlfile client default-character-set utf8 + ops_add $sqlfile mysqld bind-address 0.0.0.0 + ops_add $sqlfile mysqld default-storage-engine innodb + ops_add $sqlfile mysqld innodb_file_per_table + ops_add $sqlfile mysqld max_connections 4096 + ops_add $sqlfile mysqld collation-server utf8_general_ci + ops_add $sqlfile mysqld character-set-server utf8 + + echocolor "Restarting MYSQL" + sleep 5 + systemctl restart mysql + +} + +# Function install message queue +function install_mq () { + echocolor "Install Message queue (rabbitmq)" + sleep 3 + + sudo apt -y install rabbitmq-server memcached python3-pymysql + rabbitmqctl add_user openstack $RABBIT_PASS + rabbitmqctl set_permissions openstack ".*" ".*" ".*" +} + +# Function install Memcached +function install_memcached () { + echocolor "Install Memcached" + sleep 3 + + apt-get install memcached python3-memcache -y + memcachefile=/etc/memcached.conf + sed -i 's|-l 127.0.0.1|'"-l $CTL1_IP_NIC2"'|g' $memcachefile + + systemctl restart mariadb rabbitmq-server memcached +} + +# Function install Memcached +function install_etcd () { + echocolor "Install etcd" + sleep 3 + + apt install etcd -y +cat << EOF > /etc/default/etcd +ETCD_NAME="`hostname`" +ETCD_DATA_DIR="/var/lib/etcd" +ETCD_INITIAL_CLUSTER_STATE="new" +ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" +ETCD_ADVERTISE_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" +ETCD_LISTEN_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +EOF + systemctl enable etcd + systemctl restart etcd +} + + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Thuc thi config_hostname tren `hostname`" +config_hostname + +# Update and upgrade for controller +sendtelegram "Thuc thi update_upgrade tren `hostname`" +update_upgrade + +# Install and config NTP +sendtelegram "Thuc thi install_ntp tren `hostname`" +install_ntp + +# OpenStack packages (python-openstackclient) +sendtelegram "Thuc thi install_ops_packages tren `hostname`" +install_ops_packages + +# Install SQL database (Mariadb) +sendtelegram "Thuc thi install_database tren `hostname`" +install_database + +# Install Message queue (rabbitmq) +sendtelegram "Thuc thi install_mq tren `hostname`" +install_mq + +# Install Memcached +sendtelegram "Thuc thi install_memcachedtren `hostname`" +install_memcached + +sendtelegram "Thuc thi install_etc tren `hostname`" +install_etcd + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_02_keystone.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_02_keystone.sh new file mode 100644 index 0000000..89574c5 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_02_keystone.sh @@ -0,0 +1,201 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Keystone +function keystone_create_db () { + echocolor "Create database for Keystone" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE keystone default character set utf8; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function install components of Keystone +function keystone_install () { + echocolor "Install and configure components of Keystone" + sleep 3 + apt -y install keystone python3-openstackclient apache2 libapache2-mod-wsgi-py3 python3-oauth2client libgtk-3-dev + +} + +# Function configure components of Keystone + function keystone_config () { + keystonefile=/etc/keystone/keystone.conf + keystonefilebak=/etc/keystone/keystone.conf.bak + cp $keystonefile $keystonefilebak + egrep -v "^#|^$" $keystonefilebak > $keystonefile + + ops_add $keystonefile database connection mysql+pymysql://keystone:$PASS_DATABASE_KEYSTONE@$CTL1_IP_NIC2/keystone + ops_add $keystonefile cache memcache_servers $CTL1_IP_NIC2:11211 + + ops_add $keystonefile token provider fernet +} + +# Function populate the Identity service database +function keystone_populate_db () { + su -s /bin/sh -c "keystone-manage db_sync" keystone +} + +# Function initialize Fernet key repositories +function keystone_initialize_key () { + keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone + keystone-manage credential_setup --keystone-user keystone --keystone-group keystone +} + +# Function bootstrap the Identity service +function keystone_bootstrap () { + keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \ + --bootstrap-admin-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-internal-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-public-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-region-id RegionOne +} + +# Function configure the Apache HTTP server +function keystone_config_apache () { + echocolor "Configure the Apache HTTP server" + sleep 3 + echo "ServerName $CTL1_HOSTNAME" >> /etc/apache2/apache2.conf +} + +# Function finalize the installation +function keystone_finalize_install () { + echocolor "Finalize the installation" + sleep 3 + service apache2 restart + + systemctl disable ufw + systemctl stop ufw +} + +# Function create domain, projects, users and roles +function keystone_create_domain_project_user_role () { + export OS_USERNAME=admin + export OS_PASSWORD=$ADMIN_PASS + export OS_PROJECT_NAME=admin + export OS_USER_DOMAIN_NAME=Default + export OS_PROJECT_DOMAIN_NAME=Default + export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 + export OS_IDENTITY_API_VERSION=3 + export OS_IMAGE_API_VERSION=2 + + echocolor "Create domain, projects, users and roles" + sleep 3 + + openstack domain create --description "An Example Domain" example + openstack project create --domain default --description "Service Project" service + openstack project create --domain default --description "Demo Project" demo + openstack user create --domain default --password $DEMO_PASS demo + openstack role create user + openstack role add --project demo --user demo user + } + +# Function create OpenStack client environment scripts +keystone_create_opsclient_scripts () { + echocolor "Create OpenStack client environment scripts" + sleep 3 + +cat << EOF > /root/admin-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=$ADMIN_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/admin-openrc + + +cat << EOF > /root/demo-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=demo +export OS_USERNAME=demo +export OS_PASSWORD=$DEMO_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/demo-openrc +} + +# Function verifying keystone +keystone_verify () { + echocolor "Verifying keystone" + sleep 3 + source /root/admin-openrc + openstack token issue +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Keystone +sendtelegram "Thuc thi keystone_create_db tren `hostname`" +keystone_create_db + +# Install components of Keystone +sendtelegram "Thuc thi keystone_install tren `hostname`" +keystone_install + +# Configure components of Keystone +sendtelegram "Thuc thi keystone_config tren `hostname`" +keystone_config + +# Populate the Identity service database +sendtelegram "Thuc thi keystone_populate_db tren `hostname`" +keystone_populate_db + +# Initialize Fernet key repositories +sendtelegram "Thuc thi keystone_initialize_key tren `hostname`" +keystone_initialize_key + +# Bootstrap the Identity service +sendtelegram "Thuc thi keystone_bootstrap tren `hostname`" +keystone_bootstrap + +# Configure the Apache HTTP server +sendtelegram "Thuc thi keystone_config_apache tren `hostname`" +keystone_config_apache + +# Finalize the installation +sendtelegram "Thuc thi keystone_finalize_install tren `hostname`" +keystone_finalize_install + +# Create domain, projects, users and roles +sendtelegram "Thuc thi keystone_create_domain_project_user_role tren `hostname`" +keystone_create_domain_project_user_role + +# Create OpenStack client environment scripts +sendtelegram "Thuc thi keystone_create_opsclient_scripts tren `hostname`" +keystone_create_opsclient_scripts + +# Verifying keystone +sendtelegram "Verifying keystone tren `hostname`" +keystone_verify + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_03_glance.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_03_glance.sh new file mode 100644 index 0000000..f7b6657 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_03_glance.sh @@ -0,0 +1,180 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Glance +function glance_create_db () { + echocolor "Create database for Glance" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE glance default character set utf8; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function create the Glance service credentials +function glance_create_service () { + echocolor "Set variable environment for admin user" + sleep 3 + source /root/admin-openrc + + echocolor "Create the service credentials" + sleep 3 + + openstack user create --domain default --password $GLANCE_PASS glance + openstack role add --project service --user glance admin + openstack service create --name glance --description "OpenStack Image" image + + openstack endpoint create --region RegionOne image public http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image internal http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image admin http://$CTL1_IP_NIC2:9292 +} + +# Function install components of Glance +function glance_install () { + echocolor "Install and configure components of Glance" + sleep 3 + + apt install glance -y +} + +# Function config /etc/glance/glance-api.conf file +function glance_config_api () { + glanceapifile=/etc/glance/glance-api.conf + glanceapifilebak=/etc/glance/glance-api.conf.bak + cp $glanceapifile $glanceapifilebak + egrep -v "^#|^$" $glanceapifilebak > $glanceapifile + + ops_add $glanceapifile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + ops_add $glanceapifile DEFAULT bind_host 0.0.0.0 + + ops_add $glanceapifile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $glanceapifile keystone_authtoken auth_type password + ops_add $glanceapifile keystone_authtoken project_domain_name default + ops_add $glanceapifile keystone_authtoken user_domain_name default + ops_add $glanceapifile keystone_authtoken project_name service + ops_add $glanceapifile keystone_authtoken username glance + ops_add $glanceapifile keystone_authtoken password $GLANCE_PASS + + ops_add $glanceapifile paste_deploy flavor keystone + + ops_add $glanceapifile glance_store stores file,http + ops_add $glanceapifile glance_store default_store file + ops_add $glanceapifile glance_store filesystem_store_datadir /var/lib/glance/images/ +} + +## Function config /etc/glance/glance-registry.conf file +# function glance_config_registry () { + # glanceregistryfile=/etc/glance/glance-registry.conf + # glanceregistryfilebak=/etc/glance/glance-registry.conf.bak + # cp $glanceregistryfile $glanceregistryfilebak + # egrep -v "^#|^$" $glanceregistryfilebak > $glanceregistryfile + + # ops_add $glanceregistryfile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + # ops_add $glanceregistryfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $glanceregistryfile keystone_authtoken auth_type password + # ops_add $glanceregistryfile keystone_authtoken project_domain_name default + # ops_add $glanceregistryfile keystone_authtoken user_domain_name default + # ops_add $glanceregistryfile keystone_authtoken project_name service + # ops_add $glanceregistryfile keystone_authtoken username glance + # ops_add $glanceregistryfile keystone_authtoken password $GLANCE_PASS + + # ops_add $glanceregistryfile paste_deploy flavor keystone +# } + +# Function populate the Image service database +function glance_populate_db () { + echocolor "Populate the Image service database" + sleep 3 + su -s /bin/sh -c "glance-manage db_sync" glance +} + + +# Function restart the Image services +function glance_restart () { + echocolor "Restart the Image services" + sleep 3 + + # service glance-registry restart + systemctl enable glance-api + systemctl start glance-api + + sleep 10 + systemctl restart glance-api +} + +# Function upload image to Glance +function glance_upload_image () { + echocolor "Upload image to Glance" + sleep 3 + source /root/admin-openrc + apt-get install wget -y + wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img + + openstack image create "cirros" \ + --file cirros-0.4.0-x86_64-disk.img \ + --disk-format qcow2 --container-format bare \ + --public + + openstack image list +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Glance +sendtelegram "Thuc thi glance_create_db tren `hostname`" +glance_create_db + +# Create the Glance service credentials +sendtelegram "Thuc thi glance_create_service tren `hostname`" +glance_create_service + +# Install components of Glance +sendtelegram "Thuc thi glance_install va glance_config_api tren `hostname`" +glance_install +glance_config_api + +# Config /etc/glance/glance-registry.conf file +# sendtelegram "Thuc thi glance_config_registry tren `hostname`" +# glance_config_registry + +# Populate the Image service database +sendtelegram "Thuc thi glance_populate_db tren `hostname`" +glance_populate_db + +# Restart the Image services +sendtelegram "Thuc thi glance_restart tren `hostname`" +glance_restart + +# Upload image to Glance +sendtelegram "Thuc thi glance_upload_image tren `hostname`" +glance_upload_image + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_04_nova.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_04_nova.sh new file mode 100644 index 0000000..8bca0d6 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_04_nova.sh @@ -0,0 +1,395 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for placement +function placement_create_db () { + echocolor "Create placement create db for placement" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE placement; + +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create placement +function placement_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + sleep 3 + + ## Create info for placement user + echocolor "Create info for placement user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS placement + openstack role add --project service --user placement admin + openstack service create --name placement --description "Placement API" placement + + openstack endpoint create --region RegionOne placement public http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement internal http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement admin http://$CTL1_IP_NIC2:8778 + +} + +# Function install components of placement +function placement_install () { + echocolor "Install and configure components of placement" + sleep 3 + apt install -y placement-api +} + +# Function config /etc/placement/placement.conf +function placement_config () { + placementfile=/etc/placement/placement.conf + placementfilebak=/etc/placement/placement.conf.bka + cp $placementfile $placementfilebak + egrep -v "^$|^#" $placementfilebak > $placementfile + + ops_add $placementfile placement_database connection mysql+pymysql://placement:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/placement + ops_add $placementfile api auth_strategy keystone + + ops_add $placementfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $placementfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $placementfile keystone_authtoken auth_type password + ops_add $placementfile keystone_authtoken project_domain_name Default + ops_add $placementfile keystone_authtoken user_domain_name Default + ops_add $placementfile keystone_authtoken project_name service + ops_add $placementfile keystone_authtoken username placement + ops_add $placementfile keystone_authtoken password $NOVA_PASS +} + +# Function populate the placement database +function placement_populate_db () { +echocolor "Populate the placement populate db database" +sleep 3 + +su -s /bin/sh -c "placement-manage db sync" placement +} + +# Function restart installation +function placement_restart () { + echocolor "Reload the web server" + sleep 3 + + service apache2 restart +} + +########################################################################################################## +########################################################################################################## +########################################################################################################## + +# Function create database for Nova +function nova_create_db () { + echocolor "Create database for Nova" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE nova_api; +CREATE DATABASE nova_cell0; +CREATE DATABASE nova; + +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA'; +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA'; + +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create infomation for Compute service +function nova_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + echocolor "Create infomation for Compute service" + sleep 3 + + ## Create info for nova user + echocolor "Create info for nova user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS nova + openstack role add --project service --user nova admin + openstack service create --name nova --description "OpenStack Compute" compute + openstack endpoint create --region RegionOne compute public http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute internal http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute admin http://$CTL1_IP_NIC2:8774/v2.1 + +} + +# Function install components of Nova +function nova_install () { + echocolor "Install and configure components of Nova" + sleep 3 + apt install -y nova-api nova-conductor nova-novncproxy nova-scheduler nova-compute +} + +# Function config /etc/nova/nova.conf file +function nova_config () { + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + cp $novafile $novafilebak + + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novacomputefile $novacomputefilebak + + egrep -v "^$|^#" $novafilebak > $novafile + + ops_del $novafile api_database connection + ops_add $novafile api_database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/nova_api + + ops_add $novafile database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA@$CTL1_IP_NIC2/nova + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + ops_del $novafile DEFAULT log_dir + + + ops_add $novafile vnc enabled true + ops_add $novafile vnc vncserver_listen \$my_ip + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile scheduler discover_hosts_in_cells_interval 300 + +################## KHAI BAO DE CAU HINH NOVA-COMPUTE ############################### + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) + +} + +# Function populate the nova-api database +nova_populate_nova_api_db () { +echocolor "Populate the nova-api database" +sleep 3 +su -s /bin/sh -c "nova-manage api_db sync" nova +} + +# Function register the cell0 database +nova_register_cell0 () { + echocolor "Register the cell0 database" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova +} + +# Function create the cell1 cell +nova_create_cell1 () { + echocolor "Create the cell1 cell" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova +} + +# Function populate the nova database +function nova_populate_nova_db () { + echocolor "Populate the nova database" + sleep 3 + su -s /bin/sh -c "nova-manage db sync" nova +} + +# Function verify nova cell0 and cell1 are registered correctly +function nova_verify_cell () { + echocolor "Verify nova cell0 and cell1 are registered correctly" + sleep 3 + nova-manage cell_v2 list_cells +} + +# Function restart installation +function nova_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-api + systemctl restart nova-scheduler + systemctl restart nova-conductor + systemctl restart nova-novncproxy + systemctl restart nova-compute + + systemctl enable nova-api + systemctl enable nova-scheduler + systemctl enable nova-conductor + systemctl enable nova-novncproxy + systemctl enable nova-compute + + systemctl disable ufw + systemctl stop ufw +} + +####################### +## Execute placement_## +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Bat dau cai dat placement `hostname`" + +sendtelegram "Thuc thi placement_create_db tren `hostname`" +placement_create_db + +sendtelegram "Thuc thi placement_create_info tren `hostname`" +placement_create_info + +sendtelegram "Thuc thi placement_install tren `hostname`" +placement_install + +sendtelegram "Thuc thi placement_config tren `hostname`" +placement_config + +sendtelegram "Thuc thi placement_populate_db tren `hostname`" +placement_populate_db + +sendtelegram "Thuc thiplacement_restart tren `hostname`" +placement_restart + +sendtelegram "Da hoa thanh cai dat placement `hostname`" +notify + + +####################### +###Execute Nova### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Bat dau cai dat Nova `hostname`" + +# Create database for Nova +sendtelegram "Thuc thi nova_create_db tren `hostname`" +nova_create_db + +# Create infomation for Compute service +sendtelegram "Thuc thi nova_create_info tren `hostname`" +nova_create_info + +# Install components of Nova +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Config /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + + +# Populate the nova-api database +sendtelegram "Thuc thi nova_populate_nova_api_db tren `hostname`" +nova_populate_nova_api_db + +# Register the cell0 database +sendtelegram "Thuc thi nova_register_cell0 tren `hostname`" +nova_register_cell0 + +# Create the cell1 cell +sendtelegram "Thuc thi nova_create_cell1 tren `hostname`" +nova_create_cell1 + +# Populate the nova database +sendtelegram "Thuc thi nova_populate_nova_db tren `hostname`" +nova_populate_nova_db + +# Verify nova cell0 and cell1 are registered correctly +sendtelegram "Verify nova cell0 and cell1 are registered correctly tren `hostname`" +nova_verify_cell + +# Restart installation +sendtelegram "Restart installation tren `hostname`" +nova_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_05_neutron.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_05_neutron.sh new file mode 100644 index 0000000..a535aa3 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_05_neutron.sh @@ -0,0 +1,353 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Neutron +function neutron_create_db () { + echocolor "Create database for Neutron" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE neutron; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +FLUSH PRIVILEGES; +EOF +} + +# Function create the neutron service credentials +function neutron_create_info () { + echocolor "Set environment variable for admin user" + source /root/admin-openrc + + echocolor "Create the neutron service credentials" + sleep 3 + + openstack user create --domain default --password $NEUTRON_PASS neutron + openstack role add --project service --user neutron admin + openstack service create --name neutron --description "OpenStack Networking" network + openstack endpoint create --region RegionOne network public http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network internal http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network admin http://$CTL1_IP_NIC2:9696 +} + +# Function install the components +function neutron_install () { + echocolor "Install the components" + sleep 3 + apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent + + apt install -y neutron-common +} + +# Function configure the server component +function neutron_config_server_component () { + echocolor "Configure the server component" + sleep 3 + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile database \ + connection mysql+pymysql://neutron:$PASS_DATABASE_NEUTRON@$CTL1_IP_NIC2/neutron + + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT service_plugins router + ops_add $neutronfile DEFAULT allow_overlapping_ips true + ops_add $neutronfile DEFAULT dhcp_agents_per_network 2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT notify_nova_on_port_status_changes true + ops_add $neutronfile DEFAULT notify_nova_on_port_data_changes true + + ops_add $neutronfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile nova auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile nova auth_type password + ops_add $neutronfile nova project_domain_name default + ops_add $neutronfile nova user_domain_name default + ops_add $neutronfile nova region_name RegionOne + ops_add $neutronfile nova project_name service + ops_add $neutronfile nova username nova + ops_add $neutronfile nova password $NOVA_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/lock + +############ NEUTRON tren COMPUTE + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true + + ### ML2 config tren node COMPUTE + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the Linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + + # Linux-Bridge agent tren compute + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +function neutron_config_l3agent () { + echocolor "Configure the L3 Agent" + sleep 3 + l3agent=/etc/neutron/l3_agent.ini + l3agentbak=/etc/neutron/l3_agent.ini.bak + cp $l3agent $l3agentbak + egrep -v "^$|^#" $l3agent > $l3agentbak + + ops_add $l3agent DEFAULT interface_driver linuxbridge + +} + + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the DHCP agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function configure the Compute service to use the Networking service +function neutron_config_compute_use_network () { + echocolor "Configure the Compute service to use the Networking service" + sleep 3 + novafile=/etc/nova/nova.conf + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + ops_add $novafile neutron service_metadata_proxy true + ops_add $novafile neutron metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function populate the database +function neutron_populate_db () { + echocolor "Populate the database" + sleep 3 + su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron +} + +# Function restart installation +function neutron_restart () { + echocolor "Neutron services restart " + sleep 3 + + systemctl restart nova-api + + systemctl restart neutron-server + systemctl enable neutron-server + + systemctl restart neutron-l3-agent + systemctl enable neutron-l3-agent + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai NEUTRON `hostname`" + +# Create database for Neutron +sendtelegram "Create database for Neutron tren `hostname`" +neutron_create_db + +# Create the neutron service credentials +sendtelegram "Create the neutron service credentials tren `hostname`" +neutron_create_info + +# Install the components +sendtelegram "Install the components tren `hostname`" +neutron_install + +# Configure the server component +sendtelegram "Configure the server component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Configure the Linux bridge agent tren `hostname`" +neutron_config_linuxbridge + +# Configure the neutron_config_dhcp +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +# Configure the neutron_config_metadata +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the L3 Agent +sendtelegram "Configure the L3 Agent tren `hostname`" +neutron_config_l3agent + + +# Configure the Compute service to use the Networking service +sendtelegram "Configure the Compute service to use the Networking service tren `hostname`" +neutron_config_compute_use_network + +# Populate the database +sendtelegram "Populate the database tren `hostname`" +neutron_populate_db + +# Function restart installation +sendtelegram " Function restart installation tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_06_cinder.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_06_cinder.sh new file mode 100644 index 0000000..f9ea6c4 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_06_cinder.sh @@ -0,0 +1,192 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Cinder +function cinder_create_db () { + echocolor "Create database for Cinder" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE cinder; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +FLUSH PRIVILEGES; +EOF +} + +function cinder_user_endpoint() { + echocolor "Create cinder_user_endpoint Cinder" + + openstack user create cinder --domain default --password $CINDER_PASS + openstack role add --project service --user cinder admin + + openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 + + # openstack endpoint create --region RegionOne volumev2 public http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 internal http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 admin http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + + openstack endpoint create --region RegionOne volumev3 public http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 internal http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 admin http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s +} + +function cinder_install_config() { + echocolor "Cai dat cinder" + sleep 3 + + apt -y install cinder-api cinder-scheduler cinder-volume + apt -y install python3-cinderclient python3-mysqldb python3-rtslib-fb targetcli-fb + + ctl_cinder_conf=/etc/cinder/cinder.conf + + cp $ctl_cinder_conf $ctl_cinder_conf.orig + + if [ "$CINDER_AIO" == "yes" ]; then + ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf DEFAULT state_path /var/lib/cinder + ops_add $ctl_cinder_conf DEFAULT rootwrap_config /etc/cinder/rootwrap.conf + ops_add $ctl_cinder_conf DEFAULT api_paste_confg /etc/cinder/api-paste.ini + ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + ops_add $ctl_cinder_conf DEFAULT enabled_backends lvm + ops_add $ctl_cinder_conf DEFAULT enable_v3_api True + ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + ops_add $ctl_cinder_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_cinder_conf keystone_authtoken auth_type password + ops_add $ctl_cinder_conf keystone_authtoken project_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken user_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken project_name service + ops_add $ctl_cinder_conf keystone_authtoken username cinder + ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + ops_add $ctl_cinder_conf oslo_concurrency lock_path \$state_path/tmp + + ops_add $ctl_cinder_conf lvm target_helper lioadm + ops_add $ctl_cinder_conf lvm target_protocol iscsi + ops_add $ctl_cinder_conf lvm target_ip_address $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf lvm volume_group cinder-volumes + ops_add $ctl_cinder_conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver + ops_add $ctl_cinder_conf lvm volumes_dir \$state_path/volumes + + + + else + echocolor "Tach cinder-volume" + + # ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + # ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT osapi_volume_listen \$my_ip + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + + + # ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + # ops_add $ctl_cinder_conf keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $ctl_cinder_conf keystone_authtoken auth_type password + # ops_add $ctl_cinder_conf keystone_authtoken project_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken user_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken project_name service + # ops_add $ctl_cinder_conf keystone_authtoken username cinder + # ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + # ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + # ops_add $ctl_cinder_conf oslo_concurrency lock_path /var/lib/cinder/tmp + + fi +} + +function cinder_syncdb() { + su -s /bin/sh -c "cinder-manage db sync" cinder + +} + +function cinder_enable_restart() { + sleep 3 + if [ "$CINDER_AIO" == "yes" ]; then + # service tgt restart + service cinder-volume restart + service cinder-scheduler restart + service apache2 restart + else + service cinder-scheduler restart + service apache2 restart + fi + + echo "export OS_VOLUME_API_VERSION=3" >> /root/admin-openrc + +} + +function create_lvm() { + if [ "$CINDER_AIO" == "yes" ]; then + echocolor "Cau hinh LVM" + pvcreate /dev/vdb + vgcreate cinder-volumes /dev/vdb + + # cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.orig + # sed -i '130i\ filter = [ "a/vdb/", "r/.*/"]' /etc/lvm/lvm.conf + + else + echocolor "Khong cau hinh LVM vi ko cai cinder-volume" + fi + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai CINDER `hostname`" + +source /root/admin-openrc +echocolor "Cai CINDER `hostname`" +sendtelegram "Thuc thi create_lvm tren `hostname`" +create_lvm + +echocolor "Thuc thi cinder_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi cinder_create_db tren `hostname`" +cinder_create_db + +echocolor "Tao user va endpoint cho CINDER" +sendtelegram "Thuc thi cinder_user_endpoint tren `hostname`" +cinder_user_endpoint + +echocolor "Cai dat va cau hinh CINDER" +sendtelegram "Thuc thi cinder_install_config tren `hostname`" +cinder_install_config + +echocolor "Dong bo DB cho CINDER" +sendtelegram "Thuc thi cinder_syncdb tren `hostname`" +cinder_syncdb + +echocolor "Restart dich vu CINDER" +sendtelegram "Thuc thi cinder_enable_restart tren `hostname`" +cinder_enable_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_07_horizon.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_07_horizon.sh new file mode 100644 index 0000000..b2f10f8 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_07_horizon.sh @@ -0,0 +1,128 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install the packages +horizon_install () { + echocolor "Install the packages" + sleep 3 + apt install openstack-dashboard -y + apt-get remove --auto-remove openstack-dashboard-ubuntu-theme -y +} + +function redirect_web () { +echocolor "Creating redirect page" +sleep 5 +filehtml=/var/www/html/index.html +test -f $filehtml.orig || cp $filehtml $filehtml.orig +rm $filehtml +touch $filehtml +cat << EOF >> $filehtml + + + + + +

Redirecting to OpenStack Dashboard

+ + +EOF +} + + +# Function edit the /etc/openstack-dashboard/local_settings.py file +horizon_config () { + echocolor "Config horizon" + sleep 3 + + horizonfile=/etc/openstack-dashboard/local_settings.py + horizonfilebak=/etc/openstack-dashboard/local_settings.py.bak + cp $horizonfile $horizonfilebak + egrep -v "^$|^#" $horizonfilebak > $horizonfile + + sed -i 's/OPENSTACK_HOST = "127.0.0.1"/'"OPENSTACK_HOST = \"$CTL1_IP_NIC2\""'/g' $horizonfile + + echo "SESSION_ENGINE = 'django.contrib.sessions.backends.cache'" >> $horizonfile + sed -i "s/'LOCATION': '127.0.0.1:11211',/""'LOCATION': '$CTL1_IP_NIC2:11211',""/g" $horizonfile + + sed -i 's/OPENSTACK_KEYSTONE_URL = .*$/OPENSTACK_KEYSTONE_URL = "http:\/\/IP_HORIZON:5000\/v3"/g' $horizonfile + sed -i "s/IP_HORIZON/$CTL1_IP_NIC2/g" $horizonfile + + echo "OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" >> $horizonfile + +cat << EOF >> $horizonfile +OPENSTACK_API_VERSIONS = { + "identity": 3, + "image": 2, + "volume": 3, +} +EOF + +echo 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"' >> $horizonfile +sed -i 's/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"/g' $horizonfile + +sed -i "s/'enable_router': True,/'enable_router': True,/g" $horizonfile +sed -i "s/'enable_quotas': True,/'enable_quotas': False,/g" $horizonfile +sed -i "s/'enable_ipv6': True,/'enable_ipv6': False,/g" $horizonfile +sed -i "s/'enable_ha_router': False,/'enable_ha_router': False,/g" $horizonfile +sed -i "s/'enable_lb': True,/'enable_lb': False,/g" $horizonfile +sed -i "s/'enable_firewall': True,/'enable_firewall': False,/g" $horizonfile +sed -i "s/'enable_vpn': True,/'enable_vpn': False,/g" $horizonfile +sed -i "s/'enable_fip_topology_check': True,/'enable_fip_topology_check': False,/g" $horizonfile + +sed -i 's/TIME_ZONE = "UTC"/TIME_ZONE = "Asia\/Ho_Chi_Minh"/g' $horizonfile + +sed -i "s/DEFAULT_THEME = 'ubuntu'/DEFAULT_THEME = 'default'/g" $horizonfile +} + +# Function restart installation +horizon_restart () { + echocolor "Restart installation" + sleep 3 + service apache2 reload +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thu thi script $0 tren `hostname`" + +# Install the packages +sendtelegram "Thuc thi horizon_install tren `hostname`" +horizon_install + +# Redirecting web +sendtelegram "Thuc thi redirect_web tren `hostname`" +redirect_web + +# Edit the /etc/openstack-dashboard/local_settings.py file +sendtelegram "Thuc thi horizon_config tren `hostname`" +horizon_config + +# Restart installation +sendtelegram "Thuc thi horizon_restart tren `hostname`" +horizon_restart + +echocolor #================================# +echocolor "LOGIN INFORMATION IN HORIZON" +echocolor "URL: http://$CTL1_IP_NIC2/horizon" +echocolor "Domain: Default" +echocolor "User: admin or demo" +echocolor "Password: $ADMIN_PASS" +echocolor #================================# + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_08_octavia.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_08_octavia.sh new file mode 100644 index 0000000..378a699 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/ctl_08_octavia.sh @@ -0,0 +1,241 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Octavia +function octavia_create_db () { + + echocolor "Create database for Octavia" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE octavia; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'localhost' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'%' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +FLUSH PRIVILEGES; +EOF + +} + +function octavia_user_endpoint() { + + echocolor "Create octavia_user_endpoint for Octavia" + openstack user create octavia --domain default --project service --password $OCTAVIA_PASS + openstack role add --project service --user octavia admin + openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + + openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +} + +function octavia_install_config() { + + echocolor "Cai dat octavia" + sleep 3 + apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + apt -y install python3-octaviaclient + + ctl_octavia_conf=/etc/octavia/octavia.conf + cp $ctl_octavia_conf $ctl_octavia_conf.orig + + mkdir -p /etc/octavia/certs/private + mkdir ~/work + cd ~/work + git clone https://opendev.org/openstack/octavia.git -b stable/victoria + cd octavia/bin + + ./create_dual_intermediate_CA.sh + cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private + cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + + chown -R octavia /etc/octavia/certs + + ops_add $ctl_octavia_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + + ops_add $ctl_octavia_conf api_settings bind_host $CTL1_IP_NIC2 + ops_add $ctl_octavia_conf api_settings bind_port 9876 + ops_add $ctl_octavia_conf api_settings auth_strategy keystone + ops_add $ctl_octavia_conf api_settings api_base_uri http://$CTL1_IP_NIC2:9876 + + ops_add $ctl_octavia_conf database connection mysql+pymysql://octavia:$PASS_DATABASE_OCTAVIA@$CTL1_IP_NIC2/octavia + + ops_add $ctl_octavia_conf health_manager bind_ip 0.0.0.0 + ops_add $ctl_octavia_conf health_manager bind_port 5555 + + ops_add $ctl_octavia_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf keystone_authtoken auth_type password + ops_add $ctl_octavia_conf keystone_authtoken project_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken user_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken project_name service + ops_add $ctl_octavia_conf keystone_authtoken username octavia + ops_add $ctl_octavia_conf keystone_authtoken password $OCTAVIA_PASS + + ops_add $ctl_octavia_conf certificates ca_private_key /etc/octavia/certs/private/server_ca.key.pem + ops_add $ctl_octavia_conf certificates ca_certificate /etc/octavia/certs/server_ca.cert.pem + ops_add $ctl_octavia_conf certificates server_certs_key_passphrase insecure-key-do-not-use-this-key + ops_add $ctl_octavia_conf certificates ca_private_key_passphrase not-secure-passphrase + + ops_add $ctl_octavia_conf haproxy_amphora server_ca /etc/octavia/certs/server_ca-chain.cert.pem + ops_add $ctl_octavia_conf haproxy_amphora client_cert /etc/octavia/certs/private/client.cert-and-key.pem + + ops_add $ctl_octavia_conf controller_worker client_ca /etc/octavia/certs/client_ca.cert.pem + + ops_add $ctl_octavia_conf oslo_messaging topic octavia_prov + + ops_add $ctl_octavia_conf service_auth auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf service_auth memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf service_auth auth_type password + ops_add $ctl_octavia_conf service_auth project_domain_name default + ops_add $ctl_octavia_conf service_auth user_domain_name default + ops_add $ctl_octavia_conf service_auth project_name service + ops_add $ctl_octavia_conf service_auth username octavia + ops_add $ctl_octavia_conf service_auth password $OCTAVIA_PASS +} + +function octavia_create_policy() { + +cat << EOF >/etc/octavia/policy.yaml +# create new +"context_is_admin": "role:admin or role:load-balancer_admin" +"admin_or_owner": "is_admin:True or project_id:%(project_id)s" +"load-balancer:read": "rule:admin_or_owner" +"load-balancer:read-global": "is_admin:True" +"load-balancer:write": "rule:admin_or_owner" +"load-balancer:read-quota": "rule:admin_or_owner" +"load-balancer:read-quota-global": "is_admin:True" +"load-balancer:write-quota": "is_admin:True" +EOF + +chmod 640 /etc/octavia/policy.yaml +chgrp octavia /etc/octavia/policy.yaml +} + +function octavia_syn_db() { + su -s /bin/bash octavia -c "octavia-db-manage --config-file /etc/octavia/octavia.conf upgrade head" +} + +function octavia_restart() { + systemctl restart octavia-api octavia-health-manager octavia-housekeeping octavia-worker + systemctl enable octavia-api octavia-health-manager octavia-housekeeping octavia-worker +} + +function octavia_image_create() { + wget https://tarballs.opendev.org/openstack/octavia/test-images/test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 + openstack image create "Amphora" --tag "Amphora" --file test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 --disk-format qcow2 --container-format bare --private --project service + +} + +function octavia_create_flavor_sec() { + + openstack flavor create --id 100 --vcpus 1 --ram 1024 --disk 5 m1.octavia --private --project service + + openstack security group create lb-mgmt-sec-group --project service + openstack security group rule create --protocol icmp --ingress lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 22:22 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 80:80 lb-mgmt-sec-group + + openstack security group rule create --protocol tcp --dst-port 443:443 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 9443:9443 lb-mgmt-sec-group + + # ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` + # ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + + # openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP + # openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +} + +function octavia_install_config_step2() { + + ctl_octavia_conf=/etc/octavia/octavia.conf + + ID_LB_MGMT_SEC_GROUP=`openstack security group list | egrep lb-mgmt-sec-group | awk '{print $2}'` + ID_AMP_BOOT_NETWORK_LIST=`openstack network list | egrep provider | awk '{print $2}'` + + ops_add $ctl_octavia_conf controller_worker amp_image_tag Amphora + ops_add $ctl_octavia_conf controller_worker amp_flavor_id 100 + ops_add $ctl_octavia_conf controller_worker amp_secgroup_list $ID_LB_MGMT_SEC_GROUP + ops_add $ctl_octavia_conf controller_worker amp_boot_network_list $ID_AMP_BOOT_NETWORK_LIST + ops_add $ctl_octavia_conf controller_worker network_driver allowed_address_pairs_driver + ops_add $ctl_octavia_conf controller_worker compute_driver compute_nova_driver + ops_add $ctl_octavia_conf controller_worker amphora_driver amphora_haproxy_rest_driver + + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai OCTAVIA `hostname`" + +source /root/admin-openrc +echocolor "Cai OCTAVIA `hostname`" + +echocolor "Thuc thi octavia_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_db tren `hostname`" +octavia_create_db + +echocolor "Thuc thi octavia_user_endpoint tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_user_endpoint tren `hostname`" +octavia_user_endpoint + +echocolor "Thuc thi octavia_install_config tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config tren `hostname`" +octavia_install_config + +echocolor "Thuc thi octavia_create_policy tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_policy tren `hostname`" +octavia_create_policy + +echocolor "Thuc thi octavia_restart tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_syn_db va octavia_restart tren `hostname`" +octavia_syn_db +octavia_restart + +echocolor "Thuc thi octavia_image_creat tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_image_creat tren `hostname`" +octavia_image_create + +echocolor "Thuc thi octavia_create_flavor_sec tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_flavor_sec tren `hostname`" +octavia_create_flavor_sec + +echocolor "Thuc thi octavia_install_config_step2 tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config_step2 octavia_restart tren `hostname`" +octavia_install_config_step2 +octavia_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/function.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/function.sh new file mode 100644 index 0000000..111959d --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/function.sh @@ -0,0 +1,49 @@ +#!/bin/bash +#Author HOC CHU DONG + +source config.cfg + +# Ham dinh nghia mau cho cac thong bao in ra man hinh +function echocolor { + echo "$(tput setaf 2)##### $1 #####$(tput sgr0)" +} + +# Ham sua file config cua OpenStack +## Ham add +function ops_add { + crudini --set $1 $2 $3 $4 +} +### Cach dung +### Cu phap +### ops_add PATH_FILE SECTION PARAMETER VAULE + +## Ham del +function ops_del { + crudini --del $1 $2 $3 +} + +function notify { + chatid=-557175523 + #token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + +if [ $? -eq 0 ] +then + curl -s --data-urlencode "text=I-AM-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +else + curl -s --data-urlencode "text=NOT-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + +fi + +} + +function sendtelegram { + chatid=-557175523 + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + # token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + default_message="Test canh bao" + + curl -s --data-urlencode "text=$@" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +} \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/octavia-note.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/octavia-note.sh new file mode 100644 index 0000000..8009891 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/octavia-note.sh @@ -0,0 +1,181 @@ +openstack user create --domain default --project service --password Welcome123 octavia + +openstack role add --project service --user octavia admin + +openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + +CTL1_IP_NIC2=172.16.70.90 + +openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +######## +mysql -u root -pWelcome123 + +create database octavia; +grant all privileges on octavia.* to octavia@'localhost' identified by 'Welcome123'; +grant all privileges on octavia.* to octavia@'%' identified by 'Welcome123'; +FLUSH PRIVILEGES; + +exit +######## + +apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + +mkdir -p /etc/octavia/certs/private +mkdir ~/work +cd ~/work +git clone https://opendev.org/openstack/octavia.git -b stable/victoria +cd octavia/bin + +./create_dual_intermediate_CA.sh +cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private +cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + +chown -R octavia /etc/octavia/certs + + +###### + +mv /etc/octavia/octavia.conf /etc/octavia/octavia.conf.org + + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 + +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 + +[database] + +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia + + +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 + + +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 + +[certificates] + +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase + +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem + + +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem + + +[oslo_messaging] +topic = octavia_prov + + +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 + + +# Test LB. +for ((i=1;i<=10;i++)); do curl 172.16.71.204; done + + +### File cau hinh mau + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 +[amphora_agent] +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 +[audit] +[certificates] +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase +[compute] +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem +amp_image_tag = Amphora +amp_flavor_id = 100 +amp_secgroup_list = 6ed56312-f478-4871-8799-8466517cc0af +amp_boot_network_list = d2e5166d-b6b0-4bb7-bb28-2e12ac167cdc +network_driver = allowed_address_pairs_driver +compute_driver = compute_nova_driver +amphora_driver = amphora_haproxy_rest_driver +[database] +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia +[driver_agent] +[glance] +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 +[house_keeping] +[keepalived_vrrp] +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 +[networking] +[neutron] +[nova] +[oslo_messaging] +topic = octavia_prov +[oslo_messaging_amqp] +[oslo_messaging_kafka] +[oslo_messaging_notifications] +[oslo_messaging_rabbit] +[quotas] +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 +[task_flow] + + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/viewlog.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/viewlog.sh new file mode 100644 index 0000000..46a3389 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu-AIO/viewlog.sh @@ -0,0 +1,11 @@ + +#!/bin/bash +# rapid CLI oneliner log inspection inside all log files +# Lookig for keywords "fail", "error", "unable", "warning". +# Ref: https://raw.githubusercontent.com/AJNOURI/COA/master/misc/oneliner_log_inspection.sh +#################################################### GUIDE#################### +# Go lenh voi cac tu khoa ERORR hoac FAIL hoac thay bang tu ban muon +# bash viewlog.sh ERROR +# bash viewlog.sh "ERROR|FAIL" +############################################################################## +for i in $(ls /var/log/*/*.log); do echo "=========="; echo $i; echo "========="; tail $i| egrep -i $1; done diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/README.md b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/README.md index 0524a94..9461f62 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/README.md +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/README.md @@ -231,6 +231,15 @@ Trong bộ script đã có sẵn script để tạo ra các hạ tầng bao gồ Đứng trên controller1 và thực hiện các lệnh sau: +- Tạo flavor, mở rule trong security group, tạo network, subnet, tạo vm. + + ``` + source /root/admin-openrc + + bash create-vm01.sh + ``` + + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com1_01_env.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com1_01_env.sh index 585aad2..0fbadf0 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com1_01_env.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com1_01_env.sh @@ -47,7 +47,8 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:wallaby -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + # sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + sudo echo "deb https://172.16.70.131/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com2_01_env.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com2_01_env.sh index 367c15a..642e2a4 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com2_01_env.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/com2_01_env.sh @@ -47,7 +47,8 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:wallaby -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + # sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + sudo echo "deb https://172.16.70.131/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/config.cfg b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/config.cfg index c3517a4..e232c4b 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/config.cfg +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/config.cfg @@ -73,6 +73,7 @@ PASS_DATABASE_CEILOMTER=$PASS_DEFAULT PASS_DATABASE_AODH=$PASS_DEFAULT PASS_DATABASE_GNOCCHI=$PASS_DEFAULT PASS_DATABASE_OCTAVIA=$PASS_DEFAULT +PASS_DATABASE_HEAT=$PASS_DEFAULT ### Password openstack service RABBIT_PASS=$PASS_DEFAULT @@ -90,4 +91,5 @@ CEILOMETER_PASS=$PASS_DEFAULT GNOCCHI_PASS=$PASS_DEFAULT OCTAVIA_PASS=$PASS_DEFAULT AODH_PASS=$PASS_DEFAULT +HEAT_PASS=$PASS_DEFAULT diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/create-vm01.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/create-vm01.sh index ddfa184..4297dba 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/create-vm01.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/create-vm01.sh @@ -13,6 +13,8 @@ ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk echocolor "Tao flavor" sleep 3 openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano +openstack flavor create --id 1 --vcpus 1 --ram 512 --disk 2 m1.tiny +openstack flavor create --id 2 --vcpus 2 --ram 1024 --disk 5 m1.small echocolor "Mo rule can thiet" sleep 5 diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_01_env.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_01_env.sh index 94b4308..9f0d409 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_01_env.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_01_env.sh @@ -33,7 +33,7 @@ function install_ntp () { echocolor "Install NTP" sleep 3 - apt-get install chrony -y 2>&1 | tee -a filelog-install.txt + apt-get install chrony -y ntpfile=/etc/chrony/chrony.conf sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ @@ -41,22 +41,24 @@ pool 2.debian.pool.ntp.org offline iburst \ server 0.asia.pool.ntp.org iburst \ server 1.asia.pool.ntp.org iburst/g' $ntpfile - echo "allow 172.16.70.212/24" >> $ntpfile + echo "allow 172.16.70.0/24" >> $ntpfile - service chrony restart 2>&1 | tee -a filelog-install.txt + service chrony restart } # Function install OpenStack packages (python-openstackclient) function install_ops_packages () { echocolor "Install OpenStack client" sleep 3 - sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt - sudo add-apt-repository cloud-archive:wallaby -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:wallaby -y + #sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list + sudo echo "deb https://172.16.70.131/repository/u20wallaby/ focal-updates/wallaby main" > /etc/apt/sources.list.d/cloudarchive-wallaby.list - sudo apt update -y 2>&1 | tee -a filelog-install.txt - sudo apt upgrade -y 2>&1 | tee -a filelog-install.txt - sudo apt install python3-openstackclient -y 2>&1 | tee -a filelog-install.txt + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y systemctl disable ufw systemctl stop ufw @@ -130,13 +132,13 @@ function install_etcd () { apt install etcd -y cat << EOF > /etc/default/etcd -ETCD_NAME="controller01" +ETCD_NAME="`hostname`" ETCD_DATA_DIR="/var/lib/etcd" ETCD_INITIAL_CLUSTER_STATE="new" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" -ETCD_INITIAL_CLUSTER="controller01=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" -ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379" +ETCD_ADVERTISE_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" EOF @@ -155,7 +157,7 @@ sendtelegram "Thuc thi config_hostname tren `hostname`" config_hostname # Update and upgrade for controller -sendtelegram "Thuc thi install_ntp tren `hostname`" +sendtelegram "Thuc thi update_upgrade tren `hostname`" update_upgrade # Install and config NTP diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_05_neutron.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_05_neutron.sh index 78c6d51..cb44a46 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_05_neutron.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_05_neutron.sh @@ -86,7 +86,7 @@ function neutron_config_server_component () { ops_add $neutronfile nova username nova ops_add $neutronfile nova password $NOVA_PASS - ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/lock + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/tmp } # Function configure the Modular Layer 2 (ML2) plug-in @@ -104,7 +104,7 @@ function neutron_config_ml2 () { ops_add $ml2file ml2 extension_drivers port_security ops_add $ml2file ml2_type_flat flat_networks provider - ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + # ops_add $ml2file ml2_type_vlan network_vlan_ranges provider ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 ops_add $ml2file securitygroup enable_ipset true @@ -139,6 +139,11 @@ function neutron_config_l3agent () { egrep -v "^$|^#" $l3agent > $l3agentbak ops_add $l3agent DEFAULT interface_driver linuxbridge + + # Fix loi khong start duoc l3-agent, log loi trong /var/log/syslog. + touch /etc/neutron/fwaas_driver.ini + chmod 640 /etc/neutron/fwaas_driver.ini + chgrp neutron /etc/neutron/fwaas_driver.ini } @@ -261,7 +266,6 @@ neutron_config_l3agent # Configure the metadata agent # sendtelegram "Configure the metadata agent tren `hostname`" - #neutron_config_metadata # Configure the Compute service to use the Networking service diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_06_cinder.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_06_cinder.sh index f9ea6c4..d05a6df 100644 --- a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_06_cinder.sh +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_06_cinder.sh @@ -82,7 +82,7 @@ function cinder_install_config() { else - echocolor "Tach cinder-volume" + echocolor "Tach cinder-volume" # ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone # ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_08_heat.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_08_heat.sh new file mode 100644 index 0000000..4ae5d5e --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_08_heat.sh @@ -0,0 +1,157 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Heat +function heat_create_db () { + + echocolor "Create database for Heat" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE heat; +GRANT ALL PRIVILEGES ON heat.* TO heat@'localhost' IDENTIFIED BY '$PASS_DATABASE_HEAT'; +GRANT ALL PRIVILEGES ON heat.* TO heat@'%' IDENTIFIED BY '$PASS_DATABASE_HEAT'; +FLUSH PRIVILEGES; +EOF + +} + +function heat_user_endpoint() { + + openstack user create heat --domain default --project service --password $HEAT_PASS + openstack role add --project service --user heat admin + + openstack service create --name heat --description "Openstack Orchestration" orchestration + openstack service create --name heat-cfn --description "Openstack Orchestration" cloudformation + + openstack endpoint create --region RegionOne orchestration public http://$CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s + openstack endpoint create --region RegionOne orchestration internal http://$CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s + openstack endpoint create --region RegionOne orchestration admin http://$CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s + + openstack endpoint create --region RegionOne cloudformation public http://$CTL1_IP_NIC2:8000/v1 + openstack endpoint create --region RegionOne cloudformation internal http://$CTL1_IP_NIC2:8000/v1 + openstack endpoint create --region RegionOne cloudformation admin http://$CTL1_IP_NIC2:8000/v1 + + openstack domain create --description "Stack projects and users" heat + openstack user create heat_domain_admin --domain heat --password $HEAT_PASS + + openstack role add --domain heat --user heat_domain_admin admin + + openstack role create heat_stack_owner + openstack role add --project admin --user admin heat_stack_owner + + openstack role create heat_stack_user + +} + +function heat_install_config() { + echocolor "Cai dat heat" + sleep 3 + + apt -y install heat-api heat-api-cfn heat-engine python3-heatclient python3-vitrageclient python3-zunclient + + ctl_heat_config=/etc/heat/heat.conf + cp $ctl_heat_config $ctl_heat_config.bka + + ops_add $ctl_heat_config DEFAULT deferred_auth_method trusts + ops_add $ctl_heat_config DEFAULT trusts_delegated_roles heat_stack_owner + ops_add $ctl_heat_config DEFAULT heat_metadata_server_url http://$CTL1_IP_NIC2:8000 + ops_add $ctl_heat_config DEFAULT heat_waitcondition_server_url http://$CTL1_IP_NIC2:8000/v1/waitcondition + ops_add $ctl_heat_config DEFAULT heat_watch_server_url http://10.0.0.50:8003 + ops_add $ctl_heat_config DEFAULT heat_stack_user_role heat_stack_user + ops_add $ctl_heat_config DEFAULT stack_user_domain_name heat + ops_add $ctl_heat_config DEFAULT stack_domain_admin heat_domain_admin + ops_add $ctl_heat_config DEFAULT stack_domain_admin_password $HEAT_PASS + + + + ops_add $ctl_heat_config database connection mysql+pymysql://heat:$PASS_DATABASE_HEAT@$CTL1_IP_NIC2/heat + ops_add $ctl_heat_config transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $ctl_heat_config keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_heat_config keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_heat_config keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_heat_config keystone_authtoken auth_type password + ops_add $ctl_heat_config keystone_authtoken project_domain_name default + ops_add $ctl_heat_config keystone_authtoken user_domain_name default + ops_add $ctl_heat_config keystone_authtoken project_name service + ops_add $ctl_heat_config keystone_authtoken username heat + ops_add $ctl_heat_config keystone_authtoken password $HEAT_PASS + + ops_add $ctl_heat_config clients_keystone auth_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_heat_config ec2authtoken auth_uri http://$CTL1_IP_NIC2:5000 + + ops_add $ctl_heat_config heat_api bind_host 0.0.0.0 + ops_add $ctl_heat_config heat_api bind_port 8004 + + ops_add $ctl_heat_config heat_api_cfn bind_host 0.0.0.0 + ops_add $ctl_heat_config heat_api_cfn bind_port 8000 + + ops_add $ctl_heat_config trustee auth_plugin password + ops_add $ctl_heat_config trustee auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_heat_config trustee username heat + ops_add $ctl_heat_config trustee password $HEAT_PASS + ops_add $ctl_heat_config trustee user_domain_name default + +} + + +function heat_syncdb() { + chmod 640 /etc/heat/heat.conf + chgrp heat /etc/heat/heat.conf + su -s /bin/bash heat -c "heat-manage db_sync" +} + + +function heat_enable_restart() { + systemctl restart heat-api heat-api-cfn heat-engine + +} + + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai heat `hostname`" + +source /root/admin-openrc +echocolor "Cai HEAT `hostname`" + +echocolor "Thuc thi heat_create_db tren `hostname`" +heat_create_db + +echocolor "Thuc thi heat_user_endpoint tren `hostname`" +heat_user_endpoint + +echocolor "Thuc thi heat_install_config tren `hostname`" +heat_install_config + +echocolor "Thuc thi heat_syncdb tren `hostname`" +heat_syncdb + +echocolor "Thuc thi heat_enable_restart tren `hostname`" +heat_enable_restart + +sleep 10 +echocolor "Xac nhan lai trang thai cua heat sau khi cai " +openstack orchestration service list + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + + diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_08_octavia.sh b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_09_octavia.sh similarity index 100% rename from scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_08_octavia.sh rename to scripts/OpenStack-Wallaby-No-HA/Ubuntu/ctl_09_octavia.sh diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/note_heat.md b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/note_heat.md new file mode 100644 index 0000000..bd7b2ec --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/note_heat.md @@ -0,0 +1,37 @@ +# Ghi chep cai dat heat + +## Tao DB + +mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE heat; +GRANT ALL PRIVILEGES ON heat.* TO heat@'localhost' IDENTIFIED BY '$PASS_DATABASE_HEAT'; +GRANT ALL PRIVILEGES ON heat.* TO heat@'%' IDENTIFIED BY '$PASS_DATABASE_HEAT'; +FLUSH PRIVILEGES; +EOF + + +## Tao endpoint + +openstack user create heat --domain default --project service --password $HEAT_PASS +openstack role add --project service --user heat admin + +openstack service create --name heat --description "Openstack Orchestration" orchestration +openstack service create --name heat-cfn --description "Openstack Orchestration" cloudformation + +openstack endpoint create --region RegionOne orchestration public http://CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s +openstack endpoint create --region RegionOne orchestration internal http://$CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s +openstack endpoint create --region RegionOne orchestration admin http://$CTL1_IP_NIC2:8004/v1/%\(tenant_id\)s + +openstack endpoint create --region RegionOne cloudformation public http://$CTL1_IP_NIC2:8000/v1 +openstack endpoint create --region RegionOne cloudformation internal http://$CTL1_IP_NIC2:8000/v1 +openstack endpoint create --region RegionOne cloudformation admin http://$CTL1_IP_NIC2:8000/v1 + +openstack domain create --description "Stack projects and users" heat +openstack user create heat_domain_admin --domain heat --password $HEAT_PASS + +openstack role add --domain heat --user heat_domain_admin admin + +openstack role create heat_stack_owner +openstack role add --project admin --user admin heat_stack_owner + +openstack role create heat_stack_user diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack1.yml b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack1.yml new file mode 100644 index 0000000..b0cedcc --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack1.yml @@ -0,0 +1,33 @@ +# Template heat de tao VM, gan vao private. +# Thuc hien: +# Int_Net_ID=$(openstack network list | grep demo-net | awk '{ print $2 }') +# openstack stack create -t sample-stack1.yml --parameter "ImageID=cirros;NetID=$Int_Net_ID" Sample-Stack1 +# +heat_template_version: 2018-08-31 +description: Heat Sample Template + +parameters: + ImageID: + type: string + description: Image used to boot a server + NetID: + type: string + description: Network ID for the server + +resources: + server1: + type: OS::Nova::Server + properties: + name: "Heat_Deployed_Server" + image: { get_param: ImageID } + flavor: "m1.nano" + networks: + - network: { get_param: NetID } + +outputs: + server1_name: + description: Name of the instance + value: { get_attr: [server1, name] } + server1_private_ip: + description: IP address of the server in the private network + value: { get_attr: [ server1, first_address ] } \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack2.yml b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack2.yml new file mode 100644 index 0000000..fb4ddce --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack2.yml @@ -0,0 +1,47 @@ +# Template heat de tao VM, gan vao private, cap float ting IP. +# Thuc hien: +# Int_Net_ID=$(openstack network list | grep demo-net | awk '{ print $2 }') +# openstack stack create -t sample-stack2.yml --parameter "ImageID=cirros;NetID=$Int_Net_ID" Sample-Stack2 +# +heat_template_version: 2018-08-31 +description: Heat Sample Template + +parameters: + ImageID: + type: string + description: Image used to boot a server + NetID: + type: string + description: Network ID for the server + +resources: + server1: + type: OS::Nova::Server + properties: + name: "Heat_Deployed_Server" + image: { get_param: ImageID } + flavor: "m1.tiny" + networks: + - network: { get_param: NetID } + + floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network: public1 + + association: + type: OS::Neutron::FloatingIPAssociation + properties: + floatingip_id: { get_resource: floating_ip } + port_id: {get_attr: [server1, addresses, {get_param: NetID}, 0, port]} + +outputs: + server1_name: + description: Name of the instance + value: { get_attr: [server1, name] } + server1_private_ip: + description: IP address of the server in the private network + value: { get_attr: [ server1, first_address ] } + server1_public_ip: + description: IP address of the server in the public network + value: { get_attr: [ floating_ip, floating_ip_address ] } \ No newline at end of file diff --git a/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack3.yml b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack3.yml new file mode 100644 index 0000000..571e171 --- /dev/null +++ b/scripts/OpenStack-Wallaby-No-HA/Ubuntu/sample-stack3.yml @@ -0,0 +1,65 @@ +# Template heat de tao VM, gan vao private, cap float ting IP. +# Tao Volume va gan volume vao VM. +# Thuc hien: +# Int_Net_ID=$(openstack network list | grep selfservice | awk '{ print $2 }') +# openstack stack create -t sample-stack3.yml --parameter "ImageID=cirros;NetID=$Int_Net_ID;VolumeName=vol01" Sample-Stack3 +# +heat_template_version: 2021-04-16 +description: Heat Sample Template + +parameters: + ImageID: + type: string + description: Image used to boot a server + NetID: + type: string + description: Network ID for the server + VolumeName: + type: string + description: A name for the volume + +resources: + server1: + type: OS::Nova::Server + properties: + name: "Heat_Deployed_Server" + image: { get_param: ImageID } + flavor: "m1.nano" + networks: + - network: { get_param: NetID } + + floating_ip: + type: OS::Neutron::FloatingIP + properties: + floating_network: provider + + association: + type: OS::Neutron::FloatingIPAssociation + properties: + floatingip_id: { get_resource: floating_ip } + port_id: {get_attr: [server1, addresses, {get_param: NetID}, 0, port]} + + new_volume: + type: OS::Cinder::Volume + properties: + name: { get_param: VolumeName } + size: 1 + volumeattach: + type: OS::Cinder::VolumeAttachment + properties: + volume_id: { get_resource: new_volume } + instance_uuid: { get_resource: server1 } + +outputs: + server1_name: + description: Name of the instance + value: { get_attr: [server1, name] } + server1_private_ip: + description: IP address of the server in the private network + value: { get_attr: [ server1, first_address ] } + server1_public_ip: + description: IP address of the server in the public network + value: { get_attr: [ floating_ip, floating_ip_address ] } + server1_public_ip: + description: IP address of the server in the public network + value: { get_attr: [ floating_ip, floating_ip_address ] } \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README-FULL.md b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README-FULL.md new file mode 100644 index 0000000..caab7b7 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README-FULL.md @@ -0,0 +1,261 @@ +#### Hướng dẫn thực thi script cài đặt OpenStack Newton không có HA + +### A. MÔI TRƯỜNG LAB +- Giả lập trên VMware Workstatios, hoặc ESX hoặc Virtualbox hoặc KVM hoặc máy vật lý. +- Centos 7.3 Server 64 bit - 1611 + +### B. MÔ HÌNH + +##### Mô hình tối thiểu +== + +![topo-openstack-queens-toithieu.png](/images/queens-images/topo-openstack-queens-toithieu.png) + +##### Mô hình đầy đủ += + +![topo-openstack-queens-full.png](/images/queens-images/topo-openstack-queens-full.png) + + +### C. IP PLANNING + + +![noha_ip_planning.png](/images/queens-images/IP_Planning_queens.png) + + +## 1. Các bước thực hiện + +### 1.1. Đặt IP theo IP Planning cho từng node. +#### Thực hiện trên Controller1 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash ctl_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.211` để ssh vào và thực hiện theo các bước dưới trên node controller1. + + +#### Thực hiện trên Compute1 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash com1_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.212` để ssh vào và thực hiện theo các bước dưới trên node compute1. + +#### Thực hiện trên Compute2 +`Lưu ý:` IP được thiết lập như trong file excel, nếu cần sửa thì sau khi tải script về, sửa trong file `config.cfg` + +- Khai báo repos offline nếu muốn sử dụng để tăng tốc độ cài đặt (bỏ qua bước này nếu bạn không có máy chủ repos offline). + ```sh + echo 'Acquire::http::Proxy "http://172.16.68.18:3142";' > /etc/apt/apt.conf + apt-get update -y + ``` + +- Tải script + ```sh + apt-get update -y && apt-get upgrade -y && apt-get dist-upgrade -y + apt-get -y install git curl vim byobu + + git clone -b dev https://github.com/congto/openstack-tools + + cp -R openstack-tools/scripts/OpenStack-Victoria-No-HA/Ubuntu/ . + + cd Ubuntu/ + + chmod +x * + ``` + +- Thực thi script để thiết lập IP và hostname. + + ```sh + bash com2_00_setup_ip.sh + ``` + +Sau khi thực hiện xong, máy chủ sẽ khởi động lại, sử dụng IP `172.16.68.213` để ssh vào và thực hiện theo các bước dưới trên node compute2. + +## Thực hiện script cài đặt OpenStack +### 2. Thực hiện cài đặt trên Controller +#### 2.1. Thực thi các script cài đặt trên controller1 + +- Đứng trên node CTL1 và thực hiện các bước dưới. +- Đăng nhập sau đó chuyển sang quyền root + ```sh + su - + ``` + +- Cài đặt git và script cài đặt. + ```sh + cd Ubuntu/ + ``` + +- Thực thi script cài đặt các gói bổ trợ trên node controller1 + + ```sh + bash ctl_01_env.sh + ``` + +- Thực thi script cài đặt keystone trên controller1 + + ```sh + bash ctl_02_keystone.sh + ``` + +Sau khi chạy xong script cài đặt keystone, script sẽ sinh ra các file tại `/root/admin-openrc` dùng để xác thực với OpenStack, sử dụng lệnh dưới mỗi khi thao tác với openstack thông qua CLI. + + ```sh + source /root/admin-openrc + ``` + +- Thực thi script cài đặt glance trên controller1 + + ```sh + bash ctl_03_glance.sh + ``` + +- Thực thi script cài đặt nova trên controller1 + + ```sh + bash ctl_04_nova.sh + ``` + + +- Thực thi script cài đặt neutron trên controller1 + + ```sh + bash ctl_05_neutron.sh + ``` + +- Tới đây có 02 lựa chọn cho việc cài cinder thực hiện script dưới và nhập tùy chọn là `1` hoặc `2` để lựa chọn. + + ```sh + bash ctl_06_cinder.sh + ``` + - Nhập 1 để cài cinder-volume cùng với controller, lúc này điều kiện cần là có ổ cứng thứ 2 trên controller để tạo các volume. + - Nhập 2 để KHÔNG cài cinder-volume, lúc này cinder-volume sẽ được cài ở node khác. + + +- Thực hiện cài đặt horizon + +```sh +bash ctl_07_horizon.sh +``` + +Lúc này có thể truy cập vào địa chỉ: `http://172.16.68.211/horizon` với Domain là `Default`, User là `admin`, mật khẩu là `Vntp2018` (hoặc xem thêm file `/root/admin-openrc` để biết nếu bạn không nhớ). + +### 3. Thực hiện trên Compute1 và Compute2 +#### 3.1 Thực hiện trên Compute1 + +- SSH vào máy chủ có IP 172.16.68.212 với quyền root +- Thực hiện lệnh dưới để cài các gói môi trường cho `Compute1` + + ```sh + cd /root/queens/ + + bash com1_01_env.sh + ``` + +- Cài đặt Neutron và nova + + ```sh + bash com1_02_nova_neutron.sh + ``` + +#### 3.1 Thực hiện trên Compute2 + +- SSH vào máy chủ có IP 172.16.68.213 với quyền root +- Thực hiện lệnh dưới để cài các gói môi trường cho `Compute2` + + ```sh + cd /root/queens/ + + bash com2_01_env.sh + ``` + +- Cài đặt Neutron và nova + + ```sh + bash com2_02_nova_neutron.sh + ``` + + +### 4. Tạo network, router, flavor, vm + +Tơi bước này có 02 lựa chọn tạo các yêu cầu cần thiết để bắt đầu sử dụng OpenStack. + +#### 4.1. Tạo network, router, flavor, vm bằng script +Trong bộ script đã có sẵn script để tạo ra các hạ tầng bao gồm: Network, Router, Subnet, Flavor, VM, mở rule .... để sử dụng. Thực hiện script sau: + +Đứng trên controller1 và thực hiện các lệnh sau: + +```sh +source /root/admin-openrc +``` + +- Di chuyển vào thư mục chứa script và thực hiện script dưới. Lưu ý thực hiện với quyền root. + + ```sh + cd UbuntuScriptsQueens + + bash creat_vm.sh + ``` + +- Truy cập vào horizon với địa chỉ `http://172.16.68.211/horizon` để quan sát tiếp (mật khẩu xem ở file `/root/admin-openrc` + +Kết quả ta sẽ có giao diện OpenStack tương tự như hình dưới + +![queens-vm-provider01.png](/images/queens-images/queens-vm-provider01.png) + + +#### 4.2. Tạo network, router, flavor, vm bằng Web + +- Truy cập vào horizon với địa chỉ `http://172.16.68.211/horizon` để quan sát tiếp (mật khẩu xem ở file `/root/admin-openrc` + + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README.md b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README.md new file mode 100644 index 0000000..382d2f5 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/README.md @@ -0,0 +1 @@ +# Script cài đặt OpenStack Victoria All In One trên Ubuntu Server 20.04 diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh new file mode 100644 index 0000000..189f138 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/com1_02_nova_neutron.sh @@ -0,0 +1,268 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install nova-compute +function nova_install () { + echocolor "Install nova-compute" + sleep 3 + apt install nova-compute -y +} + +# Function edit /etc/nova/nova.conf file +function nova_config () { + echocolor "Edit /etc/nova/nova.conf file" + sleep 3 + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novafile $novafilebak + cp $novacomputefile $novacomputefilebak + egrep -v "^$|^#" $novafilebak > $novafile + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $COM1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) +} + +# Function finalize installation +function nova_resart () { + echocolor "Finalize installation" + sleep 3 + service nova-compute restart +} + +function neutron_install () { + echocolor "Install the components Neutron" + sleep 3 + + apt install -y neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent + apt install -y neutron-common neutron-plugin-ml2 +} + +# Function configure the common component +function neutron_config_server_component () { + echocolor "Configure the common component" + sleep 3 + + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + ops_add $neutronfile DEFAULT allow_overlapping_ips True + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/tmp + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $COM1_IP_NIC1 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function restart installation +function neutron_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-compute + systemctl enable nova-compute + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Install nova-compute +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Edit /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + +# Finalize installation +sendtelegram "Thuc thi nova_resart tren `hostname`" +nova_resart + +# Install the components Neutron +sendtelegram "Thuc thi neutron_install tren `hostname`" +neutron_install + +# Configure the common component +sendtelegram "Thuc thi neutron_config_server_component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Thuc thi neutron_config_linuxbridge tren `hostname`" +neutron_config_linuxbridge + +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the Compute service to use the Networking service +#neutron_config_compute_use_network + +# Restart installation +sendtelegram "Thuc thi neutron_restart tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/config.cfg b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/config.cfg new file mode 100644 index 0000000..cbeec02 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/config.cfg @@ -0,0 +1,83 @@ +########################################## +### Khai bao cac thanh phan cai dat + +CINDER_AIO=yes + +########################################## + +### Hostname cho cac may CONTROLLER +CTL1_HOSTNAME=openstackaio + + +### INTERFACE INFO + +INTERFACE_MGNT_DATA_VM=eth2 +INTERFACE_PUBLIC=eth3 + +# INTERFACE_PROVIDER trung voi INTERFACE_PUBLIC +INTERFACE_PROVIDER=eth3 + +### NETWORK INFO +NETMASK_NIC1=255.255.255.0 +NETMASK_NIC2=255.255.255.0 +GATAWAY_NIC1=172.16.70.1 +GATAWAY_NIC2=172.16.71.1 + +### IP Address CONTROLLER +CTL1_IP_NIC1=127.0.0.1 +CTL1_IP_NIC2=172.16.70.188 +CTL1_IP_NIC3=172.16.71.188 + + +### Khai bao network danh cho VM trong openstack ### +## IP PRIVATE Network for VMs +PRIVATE_IP_START=172.16.85.10 +PRIVATE_IP_END=172.16.85.90 +PRIVATE_DNS=8.8.8.8 +PRIVATE_GATEWAY=172.16.85.1 +PRIVATE_SUBNET=172.16.85.0/24 + + +### IP PROVIDER Network for VMs +PROVIDER_IP_START=172.16.71.200 +PROVIDER_IP_END=172.16.71.220 +PROVIDER_DNS=8.8.8.8 +PROVIDER_GATEWAY=172.16.71.1 +PROVIDER_SUBNET=172.16.71.0/24 +######################################################### + +### Pass default +PASS_DEFAULT='Welcome123' + +### Password cho MariaDB +PASS_DATABASE_ROOT=$PASS_DEFAULT +PASS_DATABASE_KEYSTONE=$PASS_DEFAULT +PASS_DATABASE_NOVA=$PASS_DEFAULT +PASS_DATABASE_NOVA_API=$PASS_DEFAULT +PASS_DATABASE_NOVA_CELL=$PASS_DEFAULT +PASS_DATABASE_NEUTRON=$PASS_DEFAULT +PASS_DATABASE_GLANCE=$PASS_DEFAULT +PASS_DATABASE_CINDER=$PASS_DEFAULT +PASS_DATABASE_SWIFT=$PASS_DEFAULT +PASS_DATABASE_CEILOMTER=$PASS_DEFAULT +PASS_DATABASE_AODH=$PASS_DEFAULT +PASS_DATABASE_GNOCCHI=$PASS_DEFAULT +PASS_DATABASE_OCTAVIA=$PASS_DEFAULT + +### Password openstack service +RABBIT_PASS=$PASS_DEFAULT +METADATA_SECRET=$PASS_DEFAULT +ADMIN_PASS=$PASS_DEFAULT +DEMO_PASS=$PASS_DEFAULT +GLANCE_PASS=$PASS_DEFAULT +NOVA_PASS=$PASS_DEFAULT +NOVA_API_PASS=$PASS_DEFAULT +PLACEMENT_PASS=$PASS_DEFAULT +CINDER_PASS=$PASS_DEFAULT +SWIFT_PASS=$PASS_DEFAULT +NEUTRON_PASS=$PASS_DEFAULT +CEILOMETER_PASS=$PASS_DEFAULT +GNOCCHI_PASS=$PASS_DEFAULT +OCTAVIA_PASS=$PASS_DEFAULT +AODH_PASS=$PASS_DEFAULT + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/controller.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/controller.sh new file mode 100644 index 0000000..6bc70a5 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/controller.sh @@ -0,0 +1,40 @@ +#!/bin/bash +#Author HOC CHU DONG + +TIMEDATE_EXEC="$(date "+%d/%m/%Y %H:%M")" + +source function.sh +source config.cfg +TIMEDATE_START=`date +%s.%N` + +./ctl_01_env.sh +sleep 5 + +./ctl_02_keystone.sh +sleep 5 + +./ctl_03_glance.sh +sleep 5 + +./ctl_04_nova.sh +sleep 5 + +./ctl_05_neutron.sh +sleep 5 + +./ctl_06_cinder.sh +sleep 5 + +./ctl_07_horizon.sh +sleep 3 + +TIMEDATE_END=`date +%s.%N` +TIMEDATE_TOTAL_TEMP=$( echo "$TIMEDATE_END - $TIMEDATE_START" | bc -l ) +TIMEDATE_TOTAL=$(cut -c-6 <<< "$TIMEDATE_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIMEDATE_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $TIMEDATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIMEDATE_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-lb.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-lb.sh new file mode 100644 index 0000000..3ff0ce8 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-lb.sh @@ -0,0 +1,72 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg +source /root/admin-openrc + +wget https://cloud-images.ubuntu.com/bionic/current/bionic-server-cloudimg-amd64.img + +echocolor "Tao image Ubuntu 18" +openstack image create --disk-format qcow2 --container-format bare \ + --public --file ./bionic-server-cloudimg-amd64.img bionic-server-cloudimg-amd64 + +sleep 10 +openstack flavor create --ram 1024 --disk 8 --vcpus 1 --public small + +ssh-keygen -N "" -f /root/.ssh/id_rsa + +openstack keypair create --public-key ~/.ssh/id_rsa.pub controller-key + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP \ + --network selfservice \ + ubuntu01 + +sleep 15 +openstack server create --flavor small \ + --image bionic-server-cloudimg-amd64 \ + --key-name controller-key \ + --security-group $ID_SECURITY_GROUP\ + --network selfservice \ + ubuntu02 + +sleep 60 +echocolor "Tao LB" +openstack loadbalancer create --name lb01 --vip-subnet-id sub_selfservice + +sleep 600 +echocolor "Tao listener cho LB" +openstack loadbalancer listener create --name listener01 --protocol TCP --protocol-port 80 lb01 + +sleep 60 +echocolor "Tao pool cho LB" +openstack loadbalancer pool create --name pool01 --lb-algorithm ROUND_ROBIN --listener listener01 --protocol TCP + +IP_VM01=`openstack server list | egrep ubuntu01 | awk '{print $8}' | awk -F= '{print $2}'` +IP_VM02=`openstack server list | egrep ubuntu02 | awk '{print $8}' | awk -F= '{print $2}'` + +sleep 60 +echocolor "Gan $IP_VM01 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM01 --protocol-port 80 pool01 + +sleep 60 +echocolor "Gan $IP_VM02 vao pool cho LB" +openstack loadbalancer member create --subnet-id sub_selfservice --address $IP_VM02 --protocol-port 80 pool01 + +sleep 60 +echocolor "Liet ke member cua LB" +openstack loadbalancer member list pool01 + +echocolor "Cap floating IP cho LB" +openstack floating ip create public + +echocolor "I.AM.OK" diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm01.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm01.sh new file mode 100644 index 0000000..ddfa184 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm01.sh @@ -0,0 +1,53 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +################# +echocolor "Tao flavor" +sleep 3 +openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano + +echocolor "Mo rule can thiet" +sleep 5 + +openstack security group rule create --protocol icmp $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 22 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 80:80 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP +openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +echocolor "Tao provider network" +sleep 3 +openstack network create --share --external \ + --provider-physical-network provider \ + --provider-network-type flat provider + +echocolor "Tao subnet cho provider network" +sleep 3 +openstack subnet create --network provider \ + --allocation-pool start=$PROVIDER_IP_START,end=$PROVIDER_IP_END \ + --dns-nameserver $PROVIDER_DNS --gateway $PROVIDER_GATEWAY \ + --subnet-range $PROVIDER_SUBNET sub_provider + +echocolor "Tao VM gan vao provider network" +sleep 5 + +PROVIDER_NET_ID=`openstack network list | egrep -w provider | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PROVIDER_NET_ID --security-group $ID_SECURITY_GROUP \ + provider-VM1 + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0" +sendtelegram "Da tao xong VM" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm02.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm02.sh new file mode 100644 index 0000000..4ca20e6 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-vm02.sh @@ -0,0 +1,39 @@ +#!/bin/bash + +############################################################################### +## Init enviroiment source +source config.cfg +source function.sh + +############################################################################### +echocolor "Tao private network (selfservice network)" +sleep 3 +openstack network create selfservice + +echocolor "Tao subnnet cho private network" +sleep 3 + openstack subnet create --network selfservice \ + --dns-nameserver $PRIVATE_DNS --gateway $PRIVATE_GATEWAY \ + --subnet-range $PRIVATE_SUBNET sub_selfservice + +echocolor "Tao va gan inteface cho ROUTER" +sleep 3 +openstack router create R1 +openstack router set --external-gateway provider R1 +openstack router add subnet R1 sub_selfservice + +echocolor "Tao may ao gan vao private network (selfservice network)" +sleep 5 +ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` +ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + +PRIVATE_NET_ID=`openstack network list | egrep -w selfservice | awk '{print $2}'` + +openstack server create --flavor m1.nano --image cirros \ + --nic net-id=$PRIVATE_NET_ID --security-group $ID_SECURITY_GROUP \ + selfservice-VM1 + +echocolor "Floatig IP" +sleep 5 +FLOATING_IP=`openstack floating ip create provider | egrep -w floating_ip_address | awk '{print $4}'` +openstack server add floating ip selfservice-VM1 $FLOATING_IP \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-volume1.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-volume1.sh new file mode 100644 index 0000000..01a86ce --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/create-volume1.sh @@ -0,0 +1,13 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +openstack volume create --size 10 disk01 + +sleep 10 + +openstack server add volume provider-VM1 disk01 \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh new file mode 100644 index 0000000..a1971b8 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_00_setup_ip.sh @@ -0,0 +1,71 @@ +#!/bin/bash +# Author: HOC CHU DONG + +function echocolor { + echo "#######################################################################" + echo "$(tput setaf 3)##### $1 #####$(tput sgr0)" + echo "#######################################################################" + +} + +source config.cfg + +# Function config hostname +function config_hostname () { +echo "$CTL1_HOSTNAME" > /etc/hostname +echo "127.0.0.1 locahost $CTL1_HOSTNAME" > /etc/hosts +echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" >> /etc/hosts +echo "$COM1_IP_NIC2 $COM1_HOSTNAME" >> /etc/hosts +echo "$COM2_IP_NIC2 $COM2_HOSTNAME" >> /etc/hosts +echo "$CINDER1_IP_NIC2 $CINDER1_HOSTNAME" >> /etc/hosts +} + +# Function IP address +function config_ip () { + +cat << EOF > /etc/network/interfaces +# loopback network interface +auto lo +iface lo inet loopback + +# DATA VM network +auto eth1 +iface ens1 inet static +address $CTL1_IP_NIC1 +netmask $NETMASK_NIC1 + + +### API +auto eth2 +iface eth2 inet static +address $CTL1_IP_NIC2 +netmask $NETMASK_NIC2 +gateway $GATAWAY_NIC2 +dns-nameservers 8.8.8.8 + +# Provider Network +# MGNT +auto eth3 +iface eth3 inet static +address $CTL1_IP_NIC3 +netmask $NETMASK_NIC3 +EOF +} + +####################### +###Execute functions### +####################### + +# Config CONTROLLER node +echocolor "Config CONTROLLER node" +sleep 3 + +## Config hostname +config_hostname + +## IP address +config_ip + + +echocolor "Reboot $CTL1_HOSTNAME node" +init 6 \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_01_env.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_01_env.sh new file mode 100644 index 0000000..e496398 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_01_env.sh @@ -0,0 +1,190 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +apt install crudini -y + +source function.sh +source config.cfg + +function config_hostname () { + + hostnamectl set-hostname $CTL1_HOSTNAME + + echo "$CTL1_IP_NIC2 $CTL1_HOSTNAME" > /etc/hosts + echo "127.0.0.1 $CTL1_HOSTNAME" >> /etc/hosts + echo "127.0.0.2 localhost" >> /etc/hosts +} + +# Function update and upgrade for CONTROLLER +function update_upgrade () { + echocolor "Update and Update controller" + sleep 3 + apt-get update -y&& apt-get upgrade -y +} + +# Function install and config NTP +function install_ntp () { + echocolor "Install NTP" + sleep 3 + + apt-get install chrony -y + ntpfile=/etc/chrony/chrony.conf + + sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ +pool 2.debian.pool.ntp.org offline iburst \ +server 0.asia.pool.ntp.org iburst \ +server 1.asia.pool.ntp.org iburst/g' $ntpfile + + echo "allow 172.16.70.0/24" >> $ntpfile + + service chrony restart +} + +# Function install OpenStack packages (python-openstackclient) +function install_ops_packages () { + echocolor "Install OpenStack client" + sleep 3 + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:xena -y + # sudo echo "deb http://172.16.70.131:8081/repository/u20wallaby/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y + + systemctl disable ufw + systemctl stop ufw +} + +function install_database() { + echocolor "Install and Config MariaDB" + sleep 3 + + echo mariadb-server-10.0 mysql-server/root_password $PASS_DATABASE_ROOT | debconf-set-selections + echo mariadb-server-10.0 mysql-server/root_password_again $PASS_DATABASE_ROOT | debconf-set-selections + + sudo apt install mariadb-server python3-pymysql -y + + + sed -r -i 's/127\.0\.0\.1/0\.0\.0\.0/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/character-set-server = utf8mb4/character-set-server = utf8/' /etc/mysql/mariadb.conf.d/50-server.cnf + sed -i 's/collation-server/#collation-server/' /etc/mysql/mariadb.conf.d/50-server.cnf + + systemctl restart mysql + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +GRANT ALL PRIVILEGES ON *.* TO 'root'@'%' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON *.* TO 'root'@'localhost' IDENTIFIED BY '$PASS_DATABASE_ROOT' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF + + sqlfile=/etc/mysql/mariadb.conf.d/99-openstack.cnf + touch $sqlfile + ops_add $sqlfile client default-character-set utf8 + ops_add $sqlfile mysqld bind-address 0.0.0.0 + ops_add $sqlfile mysqld default-storage-engine innodb + ops_add $sqlfile mysqld innodb_file_per_table + ops_add $sqlfile mysqld max_connections 4096 + ops_add $sqlfile mysqld collation-server utf8_general_ci + ops_add $sqlfile mysqld character-set-server utf8 + + echocolor "Restarting MYSQL" + sleep 5 + systemctl restart mysql + +} + +# Function install message queue +function install_mq () { + echocolor "Install Message queue (rabbitmq)" + sleep 3 + + sudo apt -y install rabbitmq-server memcached python3-pymysql + rabbitmqctl add_user openstack $RABBIT_PASS + rabbitmqctl set_permissions openstack ".*" ".*" ".*" +} + +# Function install Memcached +function install_memcached () { + echocolor "Install Memcached" + sleep 3 + + apt-get install memcached python3-memcache -y + memcachefile=/etc/memcached.conf + sed -i 's|-l 127.0.0.1|'"-l $CTL1_IP_NIC2"'|g' $memcachefile + + systemctl restart mariadb rabbitmq-server memcached +} + +# Function install Memcached +function install_etcd () { + echocolor "Install etcd" + sleep 3 + + apt install etcd -y +cat << EOF > /etc/default/etcd +ETCD_NAME="`hostname`" +ETCD_DATA_DIR="/var/lib/etcd" +ETCD_INITIAL_CLUSTER_STATE="new" +ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" +ETCD_ADVERTISE_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" +ETCD_LISTEN_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" +EOF + systemctl enable etcd + systemctl restart etcd +} + + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Thuc thi config_hostname tren `hostname`" +config_hostname + +# Update and upgrade for controller +sendtelegram "Thuc thi update_upgrade tren `hostname`" +update_upgrade + +# Install and config NTP +sendtelegram "Thuc thi install_ntp tren `hostname`" +install_ntp + +# OpenStack packages (python-openstackclient) +sendtelegram "Thuc thi install_ops_packages tren `hostname`" +install_ops_packages + +# Install SQL database (Mariadb) +sendtelegram "Thuc thi install_database tren `hostname`" +install_database + +# Install Message queue (rabbitmq) +sendtelegram "Thuc thi install_mq tren `hostname`" +install_mq + +# Install Memcached +sendtelegram "Thuc thi install_memcachedtren `hostname`" +install_memcached + +sendtelegram "Thuc thi install_etc tren `hostname`" +install_etcd + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_02_keystone.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_02_keystone.sh new file mode 100644 index 0000000..89574c5 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_02_keystone.sh @@ -0,0 +1,201 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Keystone +function keystone_create_db () { + echocolor "Create database for Keystone" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE keystone default character set utf8; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' IDENTIFIED BY '$PASS_DATABASE_KEYSTONE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function install components of Keystone +function keystone_install () { + echocolor "Install and configure components of Keystone" + sleep 3 + apt -y install keystone python3-openstackclient apache2 libapache2-mod-wsgi-py3 python3-oauth2client libgtk-3-dev + +} + +# Function configure components of Keystone + function keystone_config () { + keystonefile=/etc/keystone/keystone.conf + keystonefilebak=/etc/keystone/keystone.conf.bak + cp $keystonefile $keystonefilebak + egrep -v "^#|^$" $keystonefilebak > $keystonefile + + ops_add $keystonefile database connection mysql+pymysql://keystone:$PASS_DATABASE_KEYSTONE@$CTL1_IP_NIC2/keystone + ops_add $keystonefile cache memcache_servers $CTL1_IP_NIC2:11211 + + ops_add $keystonefile token provider fernet +} + +# Function populate the Identity service database +function keystone_populate_db () { + su -s /bin/sh -c "keystone-manage db_sync" keystone +} + +# Function initialize Fernet key repositories +function keystone_initialize_key () { + keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone + keystone-manage credential_setup --keystone-user keystone --keystone-group keystone +} + +# Function bootstrap the Identity service +function keystone_bootstrap () { + keystone-manage bootstrap --bootstrap-password $ADMIN_PASS \ + --bootstrap-admin-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-internal-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-public-url http://$CTL1_IP_NIC2:5000/v3/ \ + --bootstrap-region-id RegionOne +} + +# Function configure the Apache HTTP server +function keystone_config_apache () { + echocolor "Configure the Apache HTTP server" + sleep 3 + echo "ServerName $CTL1_HOSTNAME" >> /etc/apache2/apache2.conf +} + +# Function finalize the installation +function keystone_finalize_install () { + echocolor "Finalize the installation" + sleep 3 + service apache2 restart + + systemctl disable ufw + systemctl stop ufw +} + +# Function create domain, projects, users and roles +function keystone_create_domain_project_user_role () { + export OS_USERNAME=admin + export OS_PASSWORD=$ADMIN_PASS + export OS_PROJECT_NAME=admin + export OS_USER_DOMAIN_NAME=Default + export OS_PROJECT_DOMAIN_NAME=Default + export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 + export OS_IDENTITY_API_VERSION=3 + export OS_IMAGE_API_VERSION=2 + + echocolor "Create domain, projects, users and roles" + sleep 3 + + openstack domain create --description "An Example Domain" example + openstack project create --domain default --description "Service Project" service + openstack project create --domain default --description "Demo Project" demo + openstack user create --domain default --password $DEMO_PASS demo + openstack role create user + openstack role add --project demo --user demo user + } + +# Function create OpenStack client environment scripts +keystone_create_opsclient_scripts () { + echocolor "Create OpenStack client environment scripts" + sleep 3 + +cat << EOF > /root/admin-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=admin +export OS_USERNAME=admin +export OS_PASSWORD=$ADMIN_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/admin-openrc + + +cat << EOF > /root/demo-openrc +export OS_PROJECT_DOMAIN_NAME=Default +export OS_USER_DOMAIN_NAME=Default +export OS_PROJECT_NAME=demo +export OS_USERNAME=demo +export OS_PASSWORD=$DEMO_PASS +export OS_AUTH_URL=http://$CTL1_IP_NIC2:5000/v3 +export OS_IDENTITY_API_VERSION=3 +export OS_IMAGE_API_VERSION=2 +EOF + + chmod +x /root/demo-openrc +} + +# Function verifying keystone +keystone_verify () { + echocolor "Verifying keystone" + sleep 3 + source /root/admin-openrc + openstack token issue +} + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Keystone +sendtelegram "Thuc thi keystone_create_db tren `hostname`" +keystone_create_db + +# Install components of Keystone +sendtelegram "Thuc thi keystone_install tren `hostname`" +keystone_install + +# Configure components of Keystone +sendtelegram "Thuc thi keystone_config tren `hostname`" +keystone_config + +# Populate the Identity service database +sendtelegram "Thuc thi keystone_populate_db tren `hostname`" +keystone_populate_db + +# Initialize Fernet key repositories +sendtelegram "Thuc thi keystone_initialize_key tren `hostname`" +keystone_initialize_key + +# Bootstrap the Identity service +sendtelegram "Thuc thi keystone_bootstrap tren `hostname`" +keystone_bootstrap + +# Configure the Apache HTTP server +sendtelegram "Thuc thi keystone_config_apache tren `hostname`" +keystone_config_apache + +# Finalize the installation +sendtelegram "Thuc thi keystone_finalize_install tren `hostname`" +keystone_finalize_install + +# Create domain, projects, users and roles +sendtelegram "Thuc thi keystone_create_domain_project_user_role tren `hostname`" +keystone_create_domain_project_user_role + +# Create OpenStack client environment scripts +sendtelegram "Thuc thi keystone_create_opsclient_scripts tren `hostname`" +keystone_create_opsclient_scripts + +# Verifying keystone +sendtelegram "Verifying keystone tren `hostname`" +keystone_verify + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_03_glance.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_03_glance.sh new file mode 100644 index 0000000..f7b6657 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_03_glance.sh @@ -0,0 +1,180 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Glance +function glance_create_db () { + echocolor "Create database for Glance" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE glance default character set utf8; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' IDENTIFIED BY '$PASS_DATABASE_GLANCE' WITH GRANT OPTION; +FLUSH PRIVILEGES; +EOF +} + +# Function create the Glance service credentials +function glance_create_service () { + echocolor "Set variable environment for admin user" + sleep 3 + source /root/admin-openrc + + echocolor "Create the service credentials" + sleep 3 + + openstack user create --domain default --password $GLANCE_PASS glance + openstack role add --project service --user glance admin + openstack service create --name glance --description "OpenStack Image" image + + openstack endpoint create --region RegionOne image public http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image internal http://$CTL1_IP_NIC2:9292 + openstack endpoint create --region RegionOne image admin http://$CTL1_IP_NIC2:9292 +} + +# Function install components of Glance +function glance_install () { + echocolor "Install and configure components of Glance" + sleep 3 + + apt install glance -y +} + +# Function config /etc/glance/glance-api.conf file +function glance_config_api () { + glanceapifile=/etc/glance/glance-api.conf + glanceapifilebak=/etc/glance/glance-api.conf.bak + cp $glanceapifile $glanceapifilebak + egrep -v "^#|^$" $glanceapifilebak > $glanceapifile + + ops_add $glanceapifile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + ops_add $glanceapifile DEFAULT bind_host 0.0.0.0 + + ops_add $glanceapifile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $glanceapifile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $glanceapifile keystone_authtoken auth_type password + ops_add $glanceapifile keystone_authtoken project_domain_name default + ops_add $glanceapifile keystone_authtoken user_domain_name default + ops_add $glanceapifile keystone_authtoken project_name service + ops_add $glanceapifile keystone_authtoken username glance + ops_add $glanceapifile keystone_authtoken password $GLANCE_PASS + + ops_add $glanceapifile paste_deploy flavor keystone + + ops_add $glanceapifile glance_store stores file,http + ops_add $glanceapifile glance_store default_store file + ops_add $glanceapifile glance_store filesystem_store_datadir /var/lib/glance/images/ +} + +## Function config /etc/glance/glance-registry.conf file +# function glance_config_registry () { + # glanceregistryfile=/etc/glance/glance-registry.conf + # glanceregistryfilebak=/etc/glance/glance-registry.conf.bak + # cp $glanceregistryfile $glanceregistryfilebak + # egrep -v "^#|^$" $glanceregistryfilebak > $glanceregistryfile + + # ops_add $glanceregistryfile database connection mysql+pymysql://glance:$PASS_DATABASE_GLANCE@$CTL1_IP_NIC2/glance + + # ops_add $glanceregistryfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $glanceregistryfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $glanceregistryfile keystone_authtoken auth_type password + # ops_add $glanceregistryfile keystone_authtoken project_domain_name default + # ops_add $glanceregistryfile keystone_authtoken user_domain_name default + # ops_add $glanceregistryfile keystone_authtoken project_name service + # ops_add $glanceregistryfile keystone_authtoken username glance + # ops_add $glanceregistryfile keystone_authtoken password $GLANCE_PASS + + # ops_add $glanceregistryfile paste_deploy flavor keystone +# } + +# Function populate the Image service database +function glance_populate_db () { + echocolor "Populate the Image service database" + sleep 3 + su -s /bin/sh -c "glance-manage db_sync" glance +} + + +# Function restart the Image services +function glance_restart () { + echocolor "Restart the Image services" + sleep 3 + + # service glance-registry restart + systemctl enable glance-api + systemctl start glance-api + + sleep 10 + systemctl restart glance-api +} + +# Function upload image to Glance +function glance_upload_image () { + echocolor "Upload image to Glance" + sleep 3 + source /root/admin-openrc + apt-get install wget -y + wget http://download.cirros-cloud.net/0.4.0/cirros-0.4.0-x86_64-disk.img + + openstack image create "cirros" \ + --file cirros-0.4.0-x86_64-disk.img \ + --disk-format qcow2 --container-format bare \ + --public + + openstack image list +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" + +# Create database for Glance +sendtelegram "Thuc thi glance_create_db tren `hostname`" +glance_create_db + +# Create the Glance service credentials +sendtelegram "Thuc thi glance_create_service tren `hostname`" +glance_create_service + +# Install components of Glance +sendtelegram "Thuc thi glance_install va glance_config_api tren `hostname`" +glance_install +glance_config_api + +# Config /etc/glance/glance-registry.conf file +# sendtelegram "Thuc thi glance_config_registry tren `hostname`" +# glance_config_registry + +# Populate the Image service database +sendtelegram "Thuc thi glance_populate_db tren `hostname`" +glance_populate_db + +# Restart the Image services +sendtelegram "Thuc thi glance_restart tren `hostname`" +glance_restart + +# Upload image to Glance +sendtelegram "Thuc thi glance_upload_image tren `hostname`" +glance_upload_image + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_04_nova.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_04_nova.sh new file mode 100644 index 0000000..8bca0d6 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_04_nova.sh @@ -0,0 +1,395 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for placement +function placement_create_db () { + echocolor "Create placement create db for placement" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE placement; + +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create placement +function placement_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + sleep 3 + + ## Create info for placement user + echocolor "Create info for placement user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS placement + openstack role add --project service --user placement admin + openstack service create --name placement --description "Placement API" placement + + openstack endpoint create --region RegionOne placement public http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement internal http://$CTL1_IP_NIC2:8778 + openstack endpoint create --region RegionOne placement admin http://$CTL1_IP_NIC2:8778 + +} + +# Function install components of placement +function placement_install () { + echocolor "Install and configure components of placement" + sleep 3 + apt install -y placement-api +} + +# Function config /etc/placement/placement.conf +function placement_config () { + placementfile=/etc/placement/placement.conf + placementfilebak=/etc/placement/placement.conf.bka + cp $placementfile $placementfilebak + egrep -v "^$|^#" $placementfilebak > $placementfile + + ops_add $placementfile placement_database connection mysql+pymysql://placement:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/placement + ops_add $placementfile api auth_strategy keystone + + ops_add $placementfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $placementfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $placementfile keystone_authtoken auth_type password + ops_add $placementfile keystone_authtoken project_domain_name Default + ops_add $placementfile keystone_authtoken user_domain_name Default + ops_add $placementfile keystone_authtoken project_name service + ops_add $placementfile keystone_authtoken username placement + ops_add $placementfile keystone_authtoken password $NOVA_PASS +} + +# Function populate the placement database +function placement_populate_db () { +echocolor "Populate the placement populate db database" +sleep 3 + +su -s /bin/sh -c "placement-manage db sync" placement +} + +# Function restart installation +function placement_restart () { + echocolor "Reload the web server" + sleep 3 + + service apache2 restart +} + +########################################################################################################## +########################################################################################################## +########################################################################################################## + +# Function create database for Nova +function nova_create_db () { + echocolor "Create database for Nova" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE nova_api; +CREATE DATABASE nova_cell0; +CREATE DATABASE nova; + +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; +GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_API'; + +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA'; +GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA'; + +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; +GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' IDENTIFIED BY '$PASS_DATABASE_NOVA_CELL'; + +FLUSH PRIVILEGES; +EOF +} + +# Function create infomation for Compute service +function nova_create_info () { + echocolor "Set environment variable for user admin" + source /root/admin-openrc + echocolor "Create infomation for Compute service" + sleep 3 + + ## Create info for nova user + echocolor "Create info for nova user" + sleep 3 + + openstack user create --domain default --password $NOVA_PASS nova + openstack role add --project service --user nova admin + openstack service create --name nova --description "OpenStack Compute" compute + openstack endpoint create --region RegionOne compute public http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute internal http://$CTL1_IP_NIC2:8774/v2.1 + openstack endpoint create --region RegionOne compute admin http://$CTL1_IP_NIC2:8774/v2.1 + +} + +# Function install components of Nova +function nova_install () { + echocolor "Install and configure components of Nova" + sleep 3 + apt install -y nova-api nova-conductor nova-novncproxy nova-scheduler nova-compute +} + +# Function config /etc/nova/nova.conf file +function nova_config () { + novafile=/etc/nova/nova.conf + novafilebak=/etc/nova/nova.conf.bak + cp $novafile $novafilebak + + novacomputefile=/etc/nova/nova-compute.conf + novacomputefilebak=/etc/nova/nova-compute.conf.bka + cp $novacomputefile $novacomputefilebak + + egrep -v "^$|^#" $novafilebak > $novafile + + ops_del $novafile api_database connection + ops_add $novafile api_database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA_API@$CTL1_IP_NIC2/nova_api + + ops_add $novafile database connection mysql+pymysql://nova:$PASS_DATABASE_NOVA@$CTL1_IP_NIC2/nova + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + ops_del $novafile DEFAULT log_dir + + + ops_add $novafile vnc enabled true + ops_add $novafile vnc vncserver_listen \$my_ip + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile scheduler discover_hosts_in_cells_interval 300 + +################## KHAI BAO DE CAU HINH NOVA-COMPUTE ############################### + + ops_add $novafile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $novafile api auth_strategy keystone + + ops_add $novafile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $novafile keystone_authtoken auth_type password + ops_add $novafile keystone_authtoken project_domain_name default + ops_add $novafile keystone_authtoken user_domain_name default + ops_add $novafile keystone_authtoken project_name service + ops_add $novafile keystone_authtoken username nova + ops_add $novafile keystone_authtoken password $NOVA_PASS + + ops_add $novafile DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $novafile DEFAULT use_neutron True + ops_add $novafile DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver + + ops_add $novafile vnc enabled True + ops_add $novafile vnc vncserver_listen 0.0.0.0 + ops_add $novafile vnc vncserver_proxyclient_address \$my_ip + ops_add $novafile vnc novncproxy_base_url http://$CTL1_IP_NIC2:6080/vnc_auto.html + + ops_add $novafile glance api_servers http://$CTL1_IP_NIC2:9292 + ops_add $novafile cinder os_region_name RegionOne + + ops_add $novafile oslo_concurrency lock_path /var/lib/nova/tmp + ops_del $novafile DEFAULT log_dir + + ops_del $novafile placement os_region_name + ops_add $novafile placement os_region_name RegionOne + ops_add $novafile placement project_domain_name Default + ops_add $novafile placement project_name service + ops_add $novafile placement auth_type password + ops_add $novafile placement user_domain_name Default + ops_add $novafile placement auth_url http://$CTL1_IP_NIC2:5000/v3 + ops_add $novafile placement username placement + ops_add $novafile placement password $PLACEMENT_PASS + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + + ops_add $novacomputefile libvirt virt_type $(count=$(egrep -c '(vmx|svm)' /proc/cpuinfo); if [ $count -eq 0 ];then echo "qemu"; else echo "kvm"; fi) + +} + +# Function populate the nova-api database +nova_populate_nova_api_db () { +echocolor "Populate the nova-api database" +sleep 3 +su -s /bin/sh -c "nova-manage api_db sync" nova +} + +# Function register the cell0 database +nova_register_cell0 () { + echocolor "Register the cell0 database" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova +} + +# Function create the cell1 cell +nova_create_cell1 () { + echocolor "Create the cell1 cell" + sleep 3 + su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova +} + +# Function populate the nova database +function nova_populate_nova_db () { + echocolor "Populate the nova database" + sleep 3 + su -s /bin/sh -c "nova-manage db sync" nova +} + +# Function verify nova cell0 and cell1 are registered correctly +function nova_verify_cell () { + echocolor "Verify nova cell0 and cell1 are registered correctly" + sleep 3 + nova-manage cell_v2 list_cells +} + +# Function restart installation +function nova_restart () { + echocolor "Finalize installation" + sleep 3 + + systemctl restart nova-api + systemctl restart nova-scheduler + systemctl restart nova-conductor + systemctl restart nova-novncproxy + systemctl restart nova-compute + + systemctl enable nova-api + systemctl enable nova-scheduler + systemctl enable nova-conductor + systemctl enable nova-novncproxy + systemctl enable nova-compute + + systemctl disable ufw + systemctl stop ufw +} + +####################### +## Execute placement_## +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" + +sendtelegram "Bat dau cai dat placement `hostname`" + +sendtelegram "Thuc thi placement_create_db tren `hostname`" +placement_create_db + +sendtelegram "Thuc thi placement_create_info tren `hostname`" +placement_create_info + +sendtelegram "Thuc thi placement_install tren `hostname`" +placement_install + +sendtelegram "Thuc thi placement_config tren `hostname`" +placement_config + +sendtelegram "Thuc thi placement_populate_db tren `hostname`" +placement_populate_db + +sendtelegram "Thuc thiplacement_restart tren `hostname`" +placement_restart + +sendtelegram "Da hoa thanh cai dat placement `hostname`" +notify + + +####################### +###Execute Nova### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Bat dau cai dat Nova `hostname`" + +# Create database for Nova +sendtelegram "Thuc thi nova_create_db tren `hostname`" +nova_create_db + +# Create infomation for Compute service +sendtelegram "Thuc thi nova_create_info tren `hostname`" +nova_create_info + +# Install components of Nova +sendtelegram "Thuc thi nova_install tren `hostname`" +nova_install + +# Config /etc/nova/nova.conf file +sendtelegram "Thuc thi nova_config tren `hostname`" +nova_config + + +# Populate the nova-api database +sendtelegram "Thuc thi nova_populate_nova_api_db tren `hostname`" +nova_populate_nova_api_db + +# Register the cell0 database +sendtelegram "Thuc thi nova_register_cell0 tren `hostname`" +nova_register_cell0 + +# Create the cell1 cell +sendtelegram "Thuc thi nova_create_cell1 tren `hostname`" +nova_create_cell1 + +# Populate the nova database +sendtelegram "Thuc thi nova_populate_nova_db tren `hostname`" +nova_populate_nova_db + +# Verify nova cell0 and cell1 are registered correctly +sendtelegram "Verify nova cell0 and cell1 are registered correctly tren `hostname`" +nova_verify_cell + +# Restart installation +sendtelegram "Restart installation tren `hostname`" +nova_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_05_neutron.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_05_neutron.sh new file mode 100644 index 0000000..a535aa3 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_05_neutron.sh @@ -0,0 +1,353 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Neutron +function neutron_create_db () { + echocolor "Create database for Neutron" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE neutron; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$PASS_DATABASE_NEUTRON'; +FLUSH PRIVILEGES; +EOF +} + +# Function create the neutron service credentials +function neutron_create_info () { + echocolor "Set environment variable for admin user" + source /root/admin-openrc + + echocolor "Create the neutron service credentials" + sleep 3 + + openstack user create --domain default --password $NEUTRON_PASS neutron + openstack role add --project service --user neutron admin + openstack service create --name neutron --description "OpenStack Networking" network + openstack endpoint create --region RegionOne network public http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network internal http://$CTL1_IP_NIC2:9696 + openstack endpoint create --region RegionOne network admin http://$CTL1_IP_NIC2:9696 +} + +# Function install the components +function neutron_install () { + echocolor "Install the components" + sleep 3 + apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent + + apt install -y neutron-common +} + +# Function configure the server component +function neutron_config_server_component () { + echocolor "Configure the server component" + sleep 3 + neutronfile=/etc/neutron/neutron.conf + neutronfilebak=/etc/neutron/neutron.conf.bak + cp $neutronfile $neutronfilebak + egrep -v "^$|^#" $neutronfilebak > $neutronfile + + ops_del $neutronfile database connection + ops_add $neutronfile database \ + connection mysql+pymysql://neutron:$PASS_DATABASE_NEUTRON@$CTL1_IP_NIC2/neutron + + ops_add $neutronfile DEFAULT core_plugin ml2 + ops_add $neutronfile DEFAULT service_plugins router + ops_add $neutronfile DEFAULT allow_overlapping_ips true + ops_add $neutronfile DEFAULT dhcp_agents_per_network 2 + ops_add $neutronfile DEFAULT state_path /var/lib/neutron + + ops_add $neutronfile DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + ops_add $neutronfile DEFAULT auth_strategy keystone + ops_add $neutronfile DEFAULT notify_nova_on_port_status_changes true + ops_add $neutronfile DEFAULT notify_nova_on_port_data_changes true + + ops_add $neutronfile keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + + ops_add $neutronfile nova auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile nova auth_type password + ops_add $neutronfile nova project_domain_name default + ops_add $neutronfile nova user_domain_name default + ops_add $neutronfile nova region_name RegionOne + ops_add $neutronfile nova project_name service + ops_add $neutronfile nova username nova + ops_add $neutronfile nova password $NOVA_PASS + + ops_add $neutronfile oslo_concurrency lock_path /var/lib/neutron/lock + +############ NEUTRON tren COMPUTE + + ops_add $neutronfile keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $neutronfile keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $neutronfile keystone_authtoken auth_type password + ops_add $neutronfile keystone_authtoken project_domain_name default + ops_add $neutronfile keystone_authtoken user_domain_name default + ops_add $neutronfile keystone_authtoken project_name service + ops_add $neutronfile keystone_authtoken username neutron + ops_add $neutronfile keystone_authtoken password $NEUTRON_PASS + +} + +# Function configure the Modular Layer 2 (ML2) plug-in +function neutron_config_ml2 () { + echocolor "Configure the Modular Layer 2 (ML2) plug-in" + sleep 3 + ml2file=/etc/neutron/plugins/ml2/ml2_conf.ini + ml2filebak=/etc/neutron/plugins/ml2/ml2_conf.ini.bak + cp $ml2file $ml2filebak + egrep -v "^$|^#" $ml2filebak > $ml2file + + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true + + ### ML2 config tren node COMPUTE + ops_add $ml2file ml2 type_drivers flat,vlan,vxlan + ops_add $ml2file ml2 tenant_network_types vxlan + ops_add $ml2file ml2 mechanism_drivers linuxbridge,l2population + ops_add $ml2file ml2 extension_drivers port_security + + ops_add $ml2file ml2_type_flat flat_networks provider + ops_add $ml2file ml2_type_vlan network_vlan_ranges provider + ops_add $ml2file ml2_type_vxlan vni_ranges 1:1000 + + ops_add $ml2file securitygroup enable_ipset true +} + +# Function configure the Linux bridge agent +function neutron_config_linuxbridge () { + echocolor "Configure the Linux bridge agent" + sleep 3 + linuxbridgefile=/etc/neutron/plugins/ml2/linuxbridge_agent.ini + linuxbridgefilebak=/etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak + cp $linuxbridgefile $linuxbridgefilebak + egrep -v "^$|^#" $linuxbridgefilebak > $linuxbridgefile + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + + # Linux-Bridge agent tren compute + + ops_add $linuxbridgefile linux_bridge physical_interface_mappings provider:$INTERFACE_PROVIDER + + ops_add $linuxbridgefile vxlan enable_vxlan true + ops_add $linuxbridgefile vxlan local_ip $CTL1_IP_NIC2 + ops_add $linuxbridgefile vxlan l2_population true + + ops_add $linuxbridgefile securitygroup enable_security_group true + ops_add $linuxbridgefile securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver + +} + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the dhcp-agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true + ops_add $dhcpfile DEFAULT force_metadata True +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +function neutron_config_l3agent () { + echocolor "Configure the L3 Agent" + sleep 3 + l3agent=/etc/neutron/l3_agent.ini + l3agentbak=/etc/neutron/l3_agent.ini.bak + cp $l3agent $l3agentbak + egrep -v "^$|^#" $l3agent > $l3agentbak + + ops_add $l3agent DEFAULT interface_driver linuxbridge + +} + + +# Function configure the DHCP agent +function neutron_config_dhcp () { + echocolor "Configure the DHCP agent" + sleep 3 + dhcpfile=/etc/neutron/dhcp_agent.ini + dhcpfilebak=/etc/neutron/dhcp_agent.ini.bak + cp $dhcpfile $dhcpfilebak + egrep -v "^$|^#" $dhcpfilebak > $dhcpfile + + ops_add $dhcpfile DEFAULT interface_driver linuxbridge + ops_add $dhcpfile DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq + ops_add $dhcpfile DEFAULT enable_isolated_metadata true +} + +# Function configure the metadata agent +function neutron_config_metadata () { + echocolor "Configure the metadata agent" + sleep 3 + metadatafile=/etc/neutron/metadata_agent.ini + metadatafilebak=/etc/neutron/metadata_agent.ini.bak + cp $metadatafile $metadatafilebak + egrep -v "^$|^#" $metadatafilebak > $metadatafile + + ops_add $metadatafile DEFAULT nova_metadata_host $CTL1_IP_NIC2 + ops_add $metadatafile DEFAULT metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function configure the Compute service to use the Networking service +function neutron_config_compute_use_network () { + echocolor "Configure the Compute service to use the Networking service" + sleep 3 + novafile=/etc/nova/nova.conf + + ops_add $novafile neutron url http://$CTL1_IP_NIC2:9696 + ops_add $novafile neutron auth_url http://$CTL1_IP_NIC2:5000 + ops_add $novafile neutron auth_type password + ops_add $novafile neutron project_domain_name default + ops_add $novafile neutron user_domain_name default + ops_add $novafile neutron region_name RegionOne + ops_add $novafile neutron project_name service + ops_add $novafile neutron username neutron + ops_add $novafile neutron password $NEUTRON_PASS + ops_add $novafile neutron service_metadata_proxy true + ops_add $novafile neutron metadata_proxy_shared_secret $METADATA_SECRET +} + +# Function populate the database +function neutron_populate_db () { + echocolor "Populate the database" + sleep 3 + su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ + --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron +} + +# Function restart installation +function neutron_restart () { + echocolor "Neutron services restart " + sleep 3 + + systemctl restart nova-api + + systemctl restart neutron-server + systemctl enable neutron-server + + systemctl restart neutron-l3-agent + systemctl enable neutron-l3-agent + + systemctl restart neutron-linuxbridge-agent + systemctl enable neutron-linuxbridge-agent + + systemctl restart neutron-dhcp-agent + systemctl enable neutron-dhcp-agent + + systemctl restart neutron-metadata-agent + systemctl enable neutron-metadata-agent +} + + +####################### +###Execute functions### +####################### +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai NEUTRON `hostname`" + +# Create database for Neutron +sendtelegram "Create database for Neutron tren `hostname`" +neutron_create_db + +# Create the neutron service credentials +sendtelegram "Create the neutron service credentials tren `hostname`" +neutron_create_info + +# Install the components +sendtelegram "Install the components tren `hostname`" +neutron_install + +# Configure the server component +sendtelegram "Configure the server component tren `hostname`" +neutron_config_server_component + +# Configure the Modular Layer 2 (ML2) plug-in +sendtelegram "Configure the Modular Layer 2 tren `hostname`" +neutron_config_ml2 + +# Configure the Linux bridge agent +sendtelegram "Configure the Linux bridge agent tren `hostname`" +neutron_config_linuxbridge + +# Configure the neutron_config_dhcp +sendtelegram "Thuc thi neutron_config_dhcp tren `hostname`" +neutron_config_dhcp + +# Configure the neutron_config_metadata +sendtelegram "Thuc thi neutron_config_metadata tren `hostname`" +neutron_config_metadata + +# Configure the L3 Agent +sendtelegram "Configure the L3 Agent tren `hostname`" +neutron_config_l3agent + + +# Configure the Compute service to use the Networking service +sendtelegram "Configure the Compute service to use the Networking service tren `hostname`" +neutron_config_compute_use_network + +# Populate the database +sendtelegram "Populate the database tren `hostname`" +neutron_populate_db + +# Function restart installation +sendtelegram " Function restart installation tren `hostname`" +neutron_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_06_cinder.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_06_cinder.sh new file mode 100644 index 0000000..f9ea6c4 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_06_cinder.sh @@ -0,0 +1,192 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Cinder +function cinder_create_db () { + echocolor "Create database for Cinder" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE cinder; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' IDENTIFIED BY '$PASS_DATABASE_CINDER'; +FLUSH PRIVILEGES; +EOF +} + +function cinder_user_endpoint() { + echocolor "Create cinder_user_endpoint Cinder" + + openstack user create cinder --domain default --password $CINDER_PASS + openstack role add --project service --user cinder admin + + openstack service create --name cinderv3 --description "OpenStack Block Storage" volumev3 + + # openstack endpoint create --region RegionOne volumev2 public http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 internal http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + # openstack endpoint create --region RegionOne volumev2 admin http://$CTL1_IP_NIC2:8776/v2/%\(tenant_id\)s + + openstack endpoint create --region RegionOne volumev3 public http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 internal http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s + openstack endpoint create --region RegionOne volumev3 admin http://$CTL1_IP_NIC2:8776/v3/%\(tenant_id\)s +} + +function cinder_install_config() { + echocolor "Cai dat cinder" + sleep 3 + + apt -y install cinder-api cinder-scheduler cinder-volume + apt -y install python3-cinderclient python3-mysqldb python3-rtslib-fb targetcli-fb + + ctl_cinder_conf=/etc/cinder/cinder.conf + + cp $ctl_cinder_conf $ctl_cinder_conf.orig + + if [ "$CINDER_AIO" == "yes" ]; then + ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf DEFAULT state_path /var/lib/cinder + ops_add $ctl_cinder_conf DEFAULT rootwrap_config /etc/cinder/rootwrap.conf + ops_add $ctl_cinder_conf DEFAULT api_paste_confg /etc/cinder/api-paste.ini + ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + ops_add $ctl_cinder_conf DEFAULT enabled_backends lvm + ops_add $ctl_cinder_conf DEFAULT enable_v3_api True + ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + ops_add $ctl_cinder_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_cinder_conf keystone_authtoken auth_type password + ops_add $ctl_cinder_conf keystone_authtoken project_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken user_domain_name default + ops_add $ctl_cinder_conf keystone_authtoken project_name service + ops_add $ctl_cinder_conf keystone_authtoken username cinder + ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + ops_add $ctl_cinder_conf oslo_concurrency lock_path \$state_path/tmp + + ops_add $ctl_cinder_conf lvm target_helper lioadm + ops_add $ctl_cinder_conf lvm target_protocol iscsi + ops_add $ctl_cinder_conf lvm target_ip_address $CTL1_IP_NIC2 + ops_add $ctl_cinder_conf lvm volume_group cinder-volumes + ops_add $ctl_cinder_conf lvm volume_driver cinder.volume.drivers.lvm.LVMVolumeDriver + ops_add $ctl_cinder_conf lvm volumes_dir \$state_path/volumes + + + + else + echocolor "Tach cinder-volume" + + # ops_add $ctl_cinder_conf DEFAULT auth_strategy keystone + # ops_add $ctl_cinder_conf DEFAULT my_ip $CTL1_IP_NIC2 + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT osapi_volume_listen \$my_ip + # ops_add $ctl_cinder_conf DEFAULT control_exchange cinder + # ops_add $ctl_cinder_conf DEFAULT glance_api_servers http://$CTL1_IP_NIC2:9292 + + + # ops_add $ctl_cinder_conf database connection mysql+pymysql://cinder:$PASS_DATABASE_CINDER@$CTL1_IP_NIC2/cinder + + # ops_add $ctl_cinder_conf keystone_authtoken auth_uri http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + # ops_add $ctl_cinder_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + # ops_add $ctl_cinder_conf keystone_authtoken auth_type password + # ops_add $ctl_cinder_conf keystone_authtoken project_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken user_domain_name Default + # ops_add $ctl_cinder_conf keystone_authtoken project_name service + # ops_add $ctl_cinder_conf keystone_authtoken username cinder + # ops_add $ctl_cinder_conf keystone_authtoken password $CINDER_PASS + + # ops_add $ctl_cinder_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + # ops_add $ctl_cinder_conf oslo_concurrency lock_path /var/lib/cinder/tmp + + fi +} + +function cinder_syncdb() { + su -s /bin/sh -c "cinder-manage db sync" cinder + +} + +function cinder_enable_restart() { + sleep 3 + if [ "$CINDER_AIO" == "yes" ]; then + # service tgt restart + service cinder-volume restart + service cinder-scheduler restart + service apache2 restart + else + service cinder-scheduler restart + service apache2 restart + fi + + echo "export OS_VOLUME_API_VERSION=3" >> /root/admin-openrc + +} + +function create_lvm() { + if [ "$CINDER_AIO" == "yes" ]; then + echocolor "Cau hinh LVM" + pvcreate /dev/vdb + vgcreate cinder-volumes /dev/vdb + + # cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.orig + # sed -i '130i\ filter = [ "a/vdb/", "r/.*/"]' /etc/lvm/lvm.conf + + else + echocolor "Khong cau hinh LVM vi ko cai cinder-volume" + fi + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai CINDER `hostname`" + +source /root/admin-openrc +echocolor "Cai CINDER `hostname`" +sendtelegram "Thuc thi create_lvm tren `hostname`" +create_lvm + +echocolor "Thuc thi cinder_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi cinder_create_db tren `hostname`" +cinder_create_db + +echocolor "Tao user va endpoint cho CINDER" +sendtelegram "Thuc thi cinder_user_endpoint tren `hostname`" +cinder_user_endpoint + +echocolor "Cai dat va cau hinh CINDER" +sendtelegram "Thuc thi cinder_install_config tren `hostname`" +cinder_install_config + +echocolor "Dong bo DB cho CINDER" +sendtelegram "Thuc thi cinder_syncdb tren `hostname`" +cinder_syncdb + +echocolor "Restart dich vu CINDER" +sendtelegram "Thuc thi cinder_enable_restart tren `hostname`" +cinder_enable_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_07_horizon.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_07_horizon.sh new file mode 100644 index 0000000..b2f10f8 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_07_horizon.sh @@ -0,0 +1,128 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function install the packages +horizon_install () { + echocolor "Install the packages" + sleep 3 + apt install openstack-dashboard -y + apt-get remove --auto-remove openstack-dashboard-ubuntu-theme -y +} + +function redirect_web () { +echocolor "Creating redirect page" +sleep 5 +filehtml=/var/www/html/index.html +test -f $filehtml.orig || cp $filehtml $filehtml.orig +rm $filehtml +touch $filehtml +cat << EOF >> $filehtml + + + + + +

Redirecting to OpenStack Dashboard

+ + +EOF +} + + +# Function edit the /etc/openstack-dashboard/local_settings.py file +horizon_config () { + echocolor "Config horizon" + sleep 3 + + horizonfile=/etc/openstack-dashboard/local_settings.py + horizonfilebak=/etc/openstack-dashboard/local_settings.py.bak + cp $horizonfile $horizonfilebak + egrep -v "^$|^#" $horizonfilebak > $horizonfile + + sed -i 's/OPENSTACK_HOST = "127.0.0.1"/'"OPENSTACK_HOST = \"$CTL1_IP_NIC2\""'/g' $horizonfile + + echo "SESSION_ENGINE = 'django.contrib.sessions.backends.cache'" >> $horizonfile + sed -i "s/'LOCATION': '127.0.0.1:11211',/""'LOCATION': '$CTL1_IP_NIC2:11211',""/g" $horizonfile + + sed -i 's/OPENSTACK_KEYSTONE_URL = .*$/OPENSTACK_KEYSTONE_URL = "http:\/\/IP_HORIZON:5000\/v3"/g' $horizonfile + sed -i "s/IP_HORIZON/$CTL1_IP_NIC2/g" $horizonfile + + echo "OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True" >> $horizonfile + +cat << EOF >> $horizonfile +OPENSTACK_API_VERSIONS = { + "identity": 3, + "image": 2, + "volume": 3, +} +EOF + +echo 'OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"' >> $horizonfile +sed -i 's/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "_member_"/OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"/g' $horizonfile + +sed -i "s/'enable_router': True,/'enable_router': True,/g" $horizonfile +sed -i "s/'enable_quotas': True,/'enable_quotas': False,/g" $horizonfile +sed -i "s/'enable_ipv6': True,/'enable_ipv6': False,/g" $horizonfile +sed -i "s/'enable_ha_router': False,/'enable_ha_router': False,/g" $horizonfile +sed -i "s/'enable_lb': True,/'enable_lb': False,/g" $horizonfile +sed -i "s/'enable_firewall': True,/'enable_firewall': False,/g" $horizonfile +sed -i "s/'enable_vpn': True,/'enable_vpn': False,/g" $horizonfile +sed -i "s/'enable_fip_topology_check': True,/'enable_fip_topology_check': False,/g" $horizonfile + +sed -i 's/TIME_ZONE = "UTC"/TIME_ZONE = "Asia\/Ho_Chi_Minh"/g' $horizonfile + +sed -i "s/DEFAULT_THEME = 'ubuntu'/DEFAULT_THEME = 'default'/g" $horizonfile +} + +# Function restart installation +horizon_restart () { + echocolor "Restart installation" + sleep 3 + service apache2 reload +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thu thi script $0 tren `hostname`" + +# Install the packages +sendtelegram "Thuc thi horizon_install tren `hostname`" +horizon_install + +# Redirecting web +sendtelegram "Thuc thi redirect_web tren `hostname`" +redirect_web + +# Edit the /etc/openstack-dashboard/local_settings.py file +sendtelegram "Thuc thi horizon_config tren `hostname`" +horizon_config + +# Restart installation +sendtelegram "Thuc thi horizon_restart tren `hostname`" +horizon_restart + +echocolor #================================# +echocolor "LOGIN INFORMATION IN HORIZON" +echocolor "URL: http://$CTL1_IP_NIC2/horizon" +echocolor "Domain: Default" +echocolor "User: admin or demo" +echocolor "Password: $ADMIN_PASS" +echocolor #================================# + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0 tren `hostname`, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_08_octavia.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_08_octavia.sh new file mode 100644 index 0000000..378a699 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/ctl_08_octavia.sh @@ -0,0 +1,241 @@ +#!/bin/bash +#Author HOC CHU DONG +DATE_EXEC="$(date "+%d/%m/%Y %H:%M")" +TIME_START=`date +%s.%N` + +source function.sh +source config.cfg + +# Function create database for Octavia +function octavia_create_db () { + + echocolor "Create database for Octavia" + sleep 3 + +cat << EOF | mysql -uroot -p$PASS_DATABASE_ROOT +CREATE DATABASE octavia; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'localhost' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +GRANT ALL PRIVILEGES ON octavia.* TO octavia@'%' IDENTIFIED BY '$PASS_DATABASE_OCTAVIA'; +FLUSH PRIVILEGES; +EOF + +} + +function octavia_user_endpoint() { + + echocolor "Create octavia_user_endpoint for Octavia" + openstack user create octavia --domain default --project service --password $OCTAVIA_PASS + openstack role add --project service --user octavia admin + openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + + openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 + openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +} + +function octavia_install_config() { + + echocolor "Cai dat octavia" + sleep 3 + apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + apt -y install python3-octaviaclient + + ctl_octavia_conf=/etc/octavia/octavia.conf + cp $ctl_octavia_conf $ctl_octavia_conf.orig + + mkdir -p /etc/octavia/certs/private + mkdir ~/work + cd ~/work + git clone https://opendev.org/openstack/octavia.git -b stable/victoria + cd octavia/bin + + ./create_dual_intermediate_CA.sh + cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private + cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs + cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + + chown -R octavia /etc/octavia/certs + + ops_add $ctl_octavia_conf DEFAULT transport_url rabbit://openstack:$RABBIT_PASS@$CTL1_IP_NIC2 + + + ops_add $ctl_octavia_conf api_settings bind_host $CTL1_IP_NIC2 + ops_add $ctl_octavia_conf api_settings bind_port 9876 + ops_add $ctl_octavia_conf api_settings auth_strategy keystone + ops_add $ctl_octavia_conf api_settings api_base_uri http://$CTL1_IP_NIC2:9876 + + ops_add $ctl_octavia_conf database connection mysql+pymysql://octavia:$PASS_DATABASE_OCTAVIA@$CTL1_IP_NIC2/octavia + + ops_add $ctl_octavia_conf health_manager bind_ip 0.0.0.0 + ops_add $ctl_octavia_conf health_manager bind_port 5555 + + ops_add $ctl_octavia_conf keystone_authtoken www_authenticate_uri http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf keystone_authtoken memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf keystone_authtoken auth_type password + ops_add $ctl_octavia_conf keystone_authtoken project_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken user_domain_name default + ops_add $ctl_octavia_conf keystone_authtoken project_name service + ops_add $ctl_octavia_conf keystone_authtoken username octavia + ops_add $ctl_octavia_conf keystone_authtoken password $OCTAVIA_PASS + + ops_add $ctl_octavia_conf certificates ca_private_key /etc/octavia/certs/private/server_ca.key.pem + ops_add $ctl_octavia_conf certificates ca_certificate /etc/octavia/certs/server_ca.cert.pem + ops_add $ctl_octavia_conf certificates server_certs_key_passphrase insecure-key-do-not-use-this-key + ops_add $ctl_octavia_conf certificates ca_private_key_passphrase not-secure-passphrase + + ops_add $ctl_octavia_conf haproxy_amphora server_ca /etc/octavia/certs/server_ca-chain.cert.pem + ops_add $ctl_octavia_conf haproxy_amphora client_cert /etc/octavia/certs/private/client.cert-and-key.pem + + ops_add $ctl_octavia_conf controller_worker client_ca /etc/octavia/certs/client_ca.cert.pem + + ops_add $ctl_octavia_conf oslo_messaging topic octavia_prov + + ops_add $ctl_octavia_conf service_auth auth_url http://$CTL1_IP_NIC2:5000 + ops_add $ctl_octavia_conf service_auth memcached_servers $CTL1_IP_NIC2:11211 + ops_add $ctl_octavia_conf service_auth auth_type password + ops_add $ctl_octavia_conf service_auth project_domain_name default + ops_add $ctl_octavia_conf service_auth user_domain_name default + ops_add $ctl_octavia_conf service_auth project_name service + ops_add $ctl_octavia_conf service_auth username octavia + ops_add $ctl_octavia_conf service_auth password $OCTAVIA_PASS +} + +function octavia_create_policy() { + +cat << EOF >/etc/octavia/policy.yaml +# create new +"context_is_admin": "role:admin or role:load-balancer_admin" +"admin_or_owner": "is_admin:True or project_id:%(project_id)s" +"load-balancer:read": "rule:admin_or_owner" +"load-balancer:read-global": "is_admin:True" +"load-balancer:write": "rule:admin_or_owner" +"load-balancer:read-quota": "rule:admin_or_owner" +"load-balancer:read-quota-global": "is_admin:True" +"load-balancer:write-quota": "is_admin:True" +EOF + +chmod 640 /etc/octavia/policy.yaml +chgrp octavia /etc/octavia/policy.yaml +} + +function octavia_syn_db() { + su -s /bin/bash octavia -c "octavia-db-manage --config-file /etc/octavia/octavia.conf upgrade head" +} + +function octavia_restart() { + systemctl restart octavia-api octavia-health-manager octavia-housekeeping octavia-worker + systemctl enable octavia-api octavia-health-manager octavia-housekeeping octavia-worker +} + +function octavia_image_create() { + wget https://tarballs.opendev.org/openstack/octavia/test-images/test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 + openstack image create "Amphora" --tag "Amphora" --file test-only-amphora-x64-haproxy-ubuntu-focal.qcow2 --disk-format qcow2 --container-format bare --private --project service + +} + +function octavia_create_flavor_sec() { + + openstack flavor create --id 100 --vcpus 1 --ram 1024 --disk 5 m1.octavia --private --project service + + openstack security group create lb-mgmt-sec-group --project service + openstack security group rule create --protocol icmp --ingress lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 22:22 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 80:80 lb-mgmt-sec-group + + openstack security group rule create --protocol tcp --dst-port 443:443 lb-mgmt-sec-group + openstack security group rule create --protocol tcp --dst-port 9443:9443 lb-mgmt-sec-group + + # ID_ADMIN_PROJECT=`openstack project list | grep admin | awk '{print $2}'` + # ID_SECURITY_GROUP=`openstack security group list | grep $ID_ADMIN_PROJECT | awk '{print $2}'` + + # openstack security group rule create --protocol tcp --dst-port 443:443 $ID_SECURITY_GROUP + # openstack security group rule create --protocol tcp --dst-port 9443:9443 $ID_SECURITY_GROUP + +} + +function octavia_install_config_step2() { + + ctl_octavia_conf=/etc/octavia/octavia.conf + + ID_LB_MGMT_SEC_GROUP=`openstack security group list | egrep lb-mgmt-sec-group | awk '{print $2}'` + ID_AMP_BOOT_NETWORK_LIST=`openstack network list | egrep provider | awk '{print $2}'` + + ops_add $ctl_octavia_conf controller_worker amp_image_tag Amphora + ops_add $ctl_octavia_conf controller_worker amp_flavor_id 100 + ops_add $ctl_octavia_conf controller_worker amp_secgroup_list $ID_LB_MGMT_SEC_GROUP + ops_add $ctl_octavia_conf controller_worker amp_boot_network_list $ID_AMP_BOOT_NETWORK_LIST + ops_add $ctl_octavia_conf controller_worker network_driver allowed_address_pairs_driver + ops_add $ctl_octavia_conf controller_worker compute_driver compute_nova_driver + ops_add $ctl_octavia_conf controller_worker amphora_driver amphora_haproxy_rest_driver + + +} + +####################### +###Execute functions### +####################### + +sendtelegram "Thuc thi script $0 tren `hostname`" +sendtelegram "Cai OCTAVIA `hostname`" + +source /root/admin-openrc +echocolor "Cai OCTAVIA `hostname`" + +echocolor "Thuc thi octavia_create_db tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_db tren `hostname`" +octavia_create_db + +echocolor "Thuc thi octavia_user_endpoint tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_user_endpoint tren `hostname`" +octavia_user_endpoint + +echocolor "Thuc thi octavia_install_config tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config tren `hostname`" +octavia_install_config + +echocolor "Thuc thi octavia_create_policy tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_policy tren `hostname`" +octavia_create_policy + +echocolor "Thuc thi octavia_restart tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_syn_db va octavia_restart tren `hostname`" +octavia_syn_db +octavia_restart + +echocolor "Thuc thi octavia_image_creat tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_image_creat tren `hostname`" +octavia_image_create + +echocolor "Thuc thi octavia_create_flavor_sec tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_create_flavor_sec tren `hostname`" +octavia_create_flavor_sec + +echocolor "Thuc thi octavia_install_config_step2 tren `hostname`" +sleep 3 +sendtelegram "Thuc thi octavia_install_config_step2 octavia_restart tren `hostname`" +octavia_install_config_step2 +octavia_restart + +TIME_END=`date +%s.%N` +TIME_TOTAL_TEMP=$( echo "$TIME_END - $TIME_START" | bc -l ) +TIME_TOTAL=$(cut -c-6 <<< "$TIME_TOTAL_TEMP") + +echocolor "Da thuc hien script $0, vao luc: $DATE_EXEC" +echocolor "Tong thoi gian thuc hien $0: $TIME_TOTAL giay" + +sendtelegram "Da thuc hien script $0, vao luc: $DATE_EXEC" +sendtelegram "Tong thoi gian thuc hien script $0: $TIME_TOTAL giay" +notify + + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/function.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/function.sh new file mode 100644 index 0000000..111959d --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/function.sh @@ -0,0 +1,49 @@ +#!/bin/bash +#Author HOC CHU DONG + +source config.cfg + +# Ham dinh nghia mau cho cac thong bao in ra man hinh +function echocolor { + echo "$(tput setaf 2)##### $1 #####$(tput sgr0)" +} + +# Ham sua file config cua OpenStack +## Ham add +function ops_add { + crudini --set $1 $2 $3 $4 +} +### Cach dung +### Cu phap +### ops_add PATH_FILE SECTION PARAMETER VAULE + +## Ham del +function ops_del { + crudini --del $1 $2 $3 +} + +function notify { + chatid=-557175523 + #token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + +if [ $? -eq 0 ] +then + curl -s --data-urlencode "text=I-AM-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +else + curl -s --data-urlencode "text=NOT-OK" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + curl -s --data-urlencode "text=#######" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null + +fi + +} + +function sendtelegram { + chatid=-557175523 + token=2004478698:AAEsHPaCw_mbTsCaxtV2YoTAdmi1cB6N9Rw + # token=1117214915:AAF4LFh6uChng056_oTyM6cz9TY4dyAn3YU + default_message="Test canh bao" + + curl -s --data-urlencode "text=$@" "https://api.telegram.org/bot$token/sendMessage?chat_id=$chatid" > /dev/null +} \ No newline at end of file diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/octavia-note.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/octavia-note.sh new file mode 100644 index 0000000..8009891 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/octavia-note.sh @@ -0,0 +1,181 @@ +openstack user create --domain default --project service --password Welcome123 octavia + +openstack role add --project service --user octavia admin + +openstack service create --name octavia --description "OpenStack LBaaS" load-balancer + +CTL1_IP_NIC2=172.16.70.90 + +openstack endpoint create --region RegionOne load-balancer public http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer internal http://$CTL1_IP_NIC2:9876 +openstack endpoint create --region RegionOne load-balancer admin http://$CTL1_IP_NIC2:9876 + +######## +mysql -u root -pWelcome123 + +create database octavia; +grant all privileges on octavia.* to octavia@'localhost' identified by 'Welcome123'; +grant all privileges on octavia.* to octavia@'%' identified by 'Welcome123'; +FLUSH PRIVILEGES; + +exit +######## + +apt -y install octavia-api octavia-health-manager octavia-housekeeping octavia-worker + +mkdir -p /etc/octavia/certs/private +mkdir ~/work +cd ~/work +git clone https://opendev.org/openstack/octavia.git -b stable/victoria +cd octavia/bin + +./create_dual_intermediate_CA.sh +cp -p ./dual_ca/etc/octavia/certs/server_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca-chain.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/server_ca.key.pem /etc/octavia/certs/private +cp -p ./dual_ca/etc/octavia/certs/client_ca.cert.pem /etc/octavia/certs +cp -p ./dual_ca/etc/octavia/certs/client.cert-and-key.pem /etc/octavia/certs/private + +chown -R octavia /etc/octavia/certs + + +###### + +mv /etc/octavia/octavia.conf /etc/octavia/octavia.conf.org + + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 + +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 + +[database] + +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia + + +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 + + +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 + +[certificates] + +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase + +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem + + +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem + + +[oslo_messaging] +topic = octavia_prov + + +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 + + +# Test LB. +for ((i=1;i<=10;i++)); do curl 172.16.71.204; done + + +### File cau hinh mau + +[DEFAULT] +transport_url = rabbit://openstack:Welcome123@172.16.70.90 +[amphora_agent] +[api_settings] +bind_host = 172.16.70.90 +bind_port = 9876 +auth_strategy = keystone +api_base_uri = http://172.16.70.90:9876 +[audit] +[certificates] +ca_private_key = /etc/octavia/certs/private/server_ca.key.pem +ca_certificate = /etc/octavia/certs/server_ca.cert.pem +server_certs_key_passphrase = insecure-key-do-not-use-this-key +ca_private_key_passphrase = not-secure-passphrase +[compute] +[controller_worker] +client_ca = /etc/octavia/certs/client_ca.cert.pem +amp_image_tag = Amphora +amp_flavor_id = 100 +amp_secgroup_list = 6ed56312-f478-4871-8799-8466517cc0af +amp_boot_network_list = d2e5166d-b6b0-4bb7-bb28-2e12ac167cdc +network_driver = allowed_address_pairs_driver +compute_driver = compute_nova_driver +amphora_driver = amphora_haproxy_rest_driver +[database] +connection = mysql+pymysql://octavia:Welcome123@172.16.70.90/octavia +[driver_agent] +[glance] +[haproxy_amphora] +server_ca = /etc/octavia/certs/server_ca-chain.cert.pem +client_cert = /etc/octavia/certs/private/client.cert-and-key.pem +[health_manager] +bind_ip = 0.0.0.0 +bind_port = 5555 +[house_keeping] +[keepalived_vrrp] +[keystone_authtoken] +www_authenticate_uri = http://172.16.70.90:5000 +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = default +user_domain_name = default +project_name = service +username = octavia +password = Welcome123 +[networking] +[neutron] +[nova] +[oslo_messaging] +topic = octavia_prov +[oslo_messaging_amqp] +[oslo_messaging_kafka] +[oslo_messaging_notifications] +[oslo_messaging_rabbit] +[quotas] +[service_auth] +auth_url = http://172.16.70.90:5000 +memcached_servers = 172.16.70.90:11211 +auth_type = password +project_domain_name = Default +user_domain_name = Default +project_name = service +username = octavia +password = Welcome123 +[task_flow] + + diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/viewlog.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/viewlog.sh new file mode 100644 index 0000000..46a3389 --- /dev/null +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu-AIO/viewlog.sh @@ -0,0 +1,11 @@ + +#!/bin/bash +# rapid CLI oneliner log inspection inside all log files +# Lookig for keywords "fail", "error", "unable", "warning". +# Ref: https://raw.githubusercontent.com/AJNOURI/COA/master/misc/oneliner_log_inspection.sh +#################################################### GUIDE#################### +# Go lenh voi cac tu khoa ERORR hoac FAIL hoac thay bang tu ban muon +# bash viewlog.sh ERROR +# bash viewlog.sh "ERROR|FAIL" +############################################################################## +for i in $(ls /var/log/*/*.log); do echo "=========="; echo $i; echo "========="; tail $i| egrep -i $1; done diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu/com1_01_env.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu/com1_01_env.sh index 03060d4..5d67fda 100644 --- a/scripts/OpenStack-Xena-No-HA/Ubuntu/com1_01_env.sh +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu/com1_01_env.sh @@ -47,7 +47,9 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:xena -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + # sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo echo "deb https://172.16.70.131/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu/com2_01_env.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu/com2_01_env.sh index 0c8d056..63548b1 100644 --- a/scripts/OpenStack-Xena-No-HA/Ubuntu/com2_01_env.sh +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu/com2_01_env.sh @@ -47,7 +47,9 @@ function install_ops_packages () { sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt sudo add-apt-repository cloud-archive:xena -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + # sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo echo "deb https://172.16.70.131/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo apt-get update -y 2>&1 | tee -a filelog-install.txt sudo apt-get upgrade -y 2>&1 | tee -a filelog-install.txt diff --git a/scripts/OpenStack-Xena-No-HA/Ubuntu/ctl_01_env.sh b/scripts/OpenStack-Xena-No-HA/Ubuntu/ctl_01_env.sh index 3572467..ee5e2c9 100644 --- a/scripts/OpenStack-Xena-No-HA/Ubuntu/ctl_01_env.sh +++ b/scripts/OpenStack-Xena-No-HA/Ubuntu/ctl_01_env.sh @@ -20,7 +20,6 @@ function config_hostname () { } - # Function update and upgrade for CONTROLLER function update_upgrade () { echocolor "Update and Update controller" @@ -33,7 +32,7 @@ function install_ntp () { echocolor "Install NTP" sleep 3 - apt-get install chrony -y 2>&1 | tee -a filelog-install.txt + apt-get install chrony -y ntpfile=/etc/chrony/chrony.conf sed -i 's/pool 2.debian.pool.ntp.org offline iburst/ \ @@ -41,22 +40,25 @@ pool 2.debian.pool.ntp.org offline iburst \ server 0.asia.pool.ntp.org iburst \ server 1.asia.pool.ntp.org iburst/g' $ntpfile - echo "allow 172.16.70.212/24" >> $ntpfile + echo "allow 172.16.70.0/24" >> $ntpfile - service chrony restart 2>&1 | tee -a filelog-install.txt + service chrony restart } # Function install OpenStack packages (python-openstackclient) function install_ops_packages () { echocolor "Install OpenStack client" sleep 3 - sudo apt-get install software-properties-common -y 2>&1 | tee -a filelog-install.txt - sudo add-apt-repository cloud-archive:xena -y 2>&1 | tee -a filelog-install.txt - sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo apt-get install software-properties-common -y + sudo add-apt-repository cloud-archive:xena -y + $ sudo echo "deb http://172.16.70.131:8081/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + sudo echo "deb https://172.16.70.131/repository/u20xena/ focal-updates/xena main" > /etc/apt/sources.list.d/cloudarchive-xena.list + + sudo apt update -y + sudo apt upgrade -y + sudo apt install crudini -y + sudo apt install python3-openstackclient -y - sudo apt update -y 2>&1 | tee -a filelog-install.txt - sudo apt upgrade -y 2>&1 | tee -a filelog-install.txt - sudo apt install python3-openstackclient -y 2>&1 | tee -a filelog-install.txt systemctl disable ufw systemctl stop ufw @@ -130,18 +132,18 @@ function install_etcd () { apt install etcd -y cat << EOF > /etc/default/etcd -ETCD_NAME="controller01" +ETCD_NAME="`hostname`" ETCD_DATA_DIR="/var/lib/etcd" ETCD_INITIAL_CLUSTER_STATE="new" ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01" -ETCD_INITIAL_CLUSTER="controller01=http://$CTL1_IP_NIC2:2380" +ETCD_INITIAL_CLUSTER="`hostname`=http://$CTL1_IP_NIC2:2380" ETCD_INITIAL_ADVERTISE_PEER_URLS="http://$CTL1_IP_NIC2:2380" -ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.11:2379" +ETCD_ADVERTISE_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" ETCD_LISTEN_PEER_URLS="http://0.0.0.0:2380" ETCD_LISTEN_CLIENT_URLS="http://$CTL1_IP_NIC2:2379" EOF - systemctl enable etcd 2>&1 | tee -a filelog-install.txt - systemctl restart etcd 2>&1 | tee -a filelog-install.txt + systemctl enable etcd + systemctl restart etcd } @@ -155,7 +157,7 @@ sendtelegram "Thuc thi config_hostname tren `hostname`" config_hostname # Update and upgrade for controller -sendtelegram "Thuc thi install_ntp tren `hostname`" +sendtelegram "Thuc thi update_upgrade tren `hostname`" update_upgrade # Install and config NTP