-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy path04-neutron.sh
More file actions
273 lines (248 loc) · 9.17 KB
/
04-neutron.sh
File metadata and controls
273 lines (248 loc) · 9.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
#!/bin/bash
source os.conf
source admin-openrc
[ -d ./tmp ] || mkdir ./tmp
##### Neutron Networking Service #####
cat << _EOF_ > ./tmp/neutrondb
mysql -u root -p$PASSWORD -e "SHOW DATABASES;" | grep neutron > /dev/null 2>&1 && echo "neutron database already exists" || mysql -u root -p$PASSWORD -e "CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '$PASSWORD'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '$PASSWORD';"
_EOF_
ssh $CONT_MAN_IP < ./tmp/neutrondb
openstack user list | grep neutron > /dev/null 2>&1 && echo "neutron user already exists" || openstack user create --domain default --password $PASSWORD neutron
openstack role add --project service --user neutron admin
openstack service list | grep neutron > /dev/null 2>&1 && echo "neutron service already exists" || openstack service create --name neutron --description "OpenStack Networking service" network
openstack endpoint list | grep public | grep neutron > /dev/null 2>&1 && echo "neutron public endpoint already exists" || openstack endpoint create --region RegionOne network public http://${CONT_MAN_IP}:9696
openstack endpoint list | grep internal | grep neutron > /dev/null 2>&1 && echo "neutron internal endpoint exists" || openstack endpoint create --region RegionOne network internal http://${CONT_MAN_IP}:9696
openstack endpoint list | grep admin | grep neutron > /dev/null 2>&1 && echo "neutron admin endpoint already exists" || openstack endpoint create --region RegionOne neutron admin http://${CONT_MAN_IP}:9696
ssh $CONT_MAN_IP yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
ssh $CONT_MAN_IP [ ! -f /etc/neutron/neutron.conf.orig ] && cp -v /etc/neutron/neutron.conf /etc/neutron/neutron.conf.orig
cat << _EOF_ > ./tmp/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:${PASSWORD}@${CONT_MAN_IP}
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[agent]
[cors]
[database]
connection = mysql+pymysql://neutron:${PASSWORD}@${CONT_MAN_IP}/neutron
[keystone_authtoken]
auth_uri = http://${CONT_MAN_IP}:5000
auth_url = http://${CONT_MAN_IP}:35357
memcached_servers = ${CONT_MAN_IP}:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = $PASSWORD
[matchmaker_redis]
[nova]
auth_url = http://${CONT_MAN_IP}:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = $PASSWORD
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl]
_EOF_
scp ./tmp/neutron.conf $CONT_MAN_IP:/etc/neutron/neutron.conf
ssh $CONT_MAN_IP [ ! -f /etc/neutron/plugins/ml2/ml2_conf.ini.orig ] && cp -v /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.orig
cat << _EOF_ > ./tmp/ml2_conf.ini
[DEFAULT]
[l2pop]
[ml2]
type_drivers=vxlan,flat
tenant_network_types=vxlan
mechanism_drivers=openvswitch
extension_drivers=port_security,qos
path_mtu=0
[ml2_type_flat]
flat_networks=*
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
vni_ranges=10:1000
vxlan_group=224.0.0.1
[securitygroup]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group=True
enable_ipset = true
_EOF_
scp ./tmp/ml2_conf.ini $CONT_MAN_IP:/etc/neutron/plugins/ml2/ml2_conf.ini
ssh $CONT_MAN_IP [ ! -f /etc/neutron/plugins/ml2/openvswitch_agent.ini.orig ] && cp -v /etc/neutron/plugins/ml2/openvswitch_agent.ini /etc/neutron/plugins/ml2/openvswitch_agent.ini.orig
cat << _EOF_ > ./tmp/openvswitch_agent.ini
[DEFAULT]
[agent]
tunnel_types=vxlan
vxlan_udp_port=4789
l2_population=False
drop_flows_on_start=False
[network_log]
[ovs]
integration_bridge=br-int
tunnel_bridge=br-tun
local_ip=$CONT_MAN_IP
bridge_mappings=extnet:br-ex
[securitygroup]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[xenapi]
_EOF_
scp ./tmp/openvswitch_agent.ini $CONT_MAN_IP:/etc/neutron/plugins/ml2/openvswitch_agent.ini
ssh $CONT_MAN_IP [ ! -f /etc/neutron/l3_agent.ini.orig ] && cp -v /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.orig
cat << _EOF_ > ./tmp/l3_agent.ini
[DEFAULT]
interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver
agent_mode=legacy
debug=False
[agent]
[ovs]
_EOF_
scp ./tmp/l3_agent.ini $CONT_MAN_IP:/etc/neutron/l3_agent.ini
ssh $CONT_MAN_IP [ ! -f /etc/neutron/dhcp_agent.ini.orig ] && cp -v /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.orig
cat << _EOF_ > ./tmp/dhcp_agent.ini
[DEFAULT]
interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver
resync_interval=30
enable_isolated_metadata=False
enable_metadata_network=False
debug=False
state_path=/var/lib/neutron
root_helper=sudo neutron-rootwrap /etc/neutron/rootwrap.conf
[agent]
[ovs]
_EOF_
scp ./tmp/dhcp_agent.ini $CONT_MAN_IP:/etc/neutron/dhcp_agent.ini
ssh $CONT_MAN_IP [ ! -f /etc/neutron/metadata_agent.ini.orig ] && cp -v /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.orig
cat << _EOF_ > ./tmp/metadata_agent.ini
[DEFAULT]
metadata_proxy_shared_secret=e52550a9713f45aa
metadata_workers=4
debug=False
nova_metadata_ip=$CONT_MAN_IP
[agent]
[cache]
_EOF_
scp ./tmp/metadata_agent.ini $CONT_MAN_IP:/etc/neutron/metadata_agent.ini
ssh $CONT_MAN_IP [ -h /etc/neutron/plugin.ini ] || ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cat << _EOF_ > ./tmp/neutron_db_sync
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
_EOF_
ssh $CONT_MAN_IP < ./tmp/neutron_db_sync
cat << _EOF_ > ./tmp/ifcfg-br-ex
PROXY_METHOD=none
BROWSER_ONLY=no
DEFROUTE=yes
ONBOOT=yes
IPADDR=$CONT_EXT_IP
PREFIX=24
DEVICE=br-ex
NAME=br-ex
DEVICETYPE=ovs
OVSBOOTPROTO=none
TYPE=OVSBridge
OVS_EXTRA="set bridge br-ex fail_mode=standalone"
_EOF_
scp ./tmp/ifcfg-br-ex $CONT_MAN_IP:/etc/sysconfig/network-scripts/ifcfg-br-ex
cat << _EOF_ > ./tmp/ifcfg-eth1
DEVICE=eth1
NAME=eth1
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
ONBOOT=yes
BOOTPROTO=none
_EOF_
scp ./tmp/ifcfg-eth1 $CONT_MAN_IP:/etc/sysconfig/network-scripts/ifcfg-eth1
ssh $CONT_MAN_IP ifdown eth1; ifdown br-ex; ifup br-ex; ifup eth1
ssh $CONT_MAN_IP systemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
ssh $CONT_MAN_IP systemctl restart neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
ssh $CONT_MAN_IP systemctl status neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
ssh $COMP_MAN_IP yum -y install openstack-neutron-openvswitch
ssh $COMP_MAN_IP [ ! -f /etc/neutron/neutron.conf.orig ] && cp -v /etc/neutron/neutron.conf /etc/neutron/neutron.conf.orig
cat << _EOF_ > ./tmp/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:${PASSWORD}@${CONT_MAN_IP}
auth_strategy = keystone
[agent]
[cors]
[database]
[keystone_authtoken]
auth_uri = http://${CONT_MAN_IP}:5000
auth_url = http://${CONT_MAN_IP}:35357
memcached_servers = ${CONT_MAN_IP}:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = $PASSWORD
[matchmaker_redis]
[nova]
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl]
_EOF_
scp ./tmp/neutron.conf $COMP_MAN_IP:/etc/neutron/neutron.conf
ssh $COMP_MAN_IP [ ! -f /etc/neutron/plugins/ml2/openvswitch_agent.ini.orig ] && cp -v /etc/neutron/plugins/ml2/openvswitch_agent.ini /etc/neutron/plugins/ml2/openvswitch_agent.ini.orig
cat << _EOF_ > ./tmp/openvswitch_agent.ini.compute
[DEFAULT]
[agent]
tunnel_types=vxlan
vxlan_udp_port=4789
l2_population=False
drop_flows_on_start=False
[network_log]
[ovs]
integration_bridge=br-int
tunnel_bridge=br-tun
local_ip=$COMP_MAN_IP
bridge_mappings=extnet:br-ex
[securitygroup]
firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[xenapi]
_EOF_
scp ./tmp/openvswitch_agent.ini.compute $COMP_MAN_IP:/etc/neutron/plugins/ml2/openvswitch_agent.ini
cat << _EOF_ > ./tmp/ifcfg-br-ex.compute
PROXY_METHOD=none
BROWSER_ONLY=no
DEFROUTE=yes
ONBOOT=yes
IPADDR=$COMP_EXT_IP
PREFIX=24
DEVICE=br-ex
NAME=br-ex
DEVICETYPE=ovs
OVSBOOTPROTO=none
TYPE=OVSBridge
OVS_EXTRA="set bridge br-ex fail_mode=standalone"
_EOF_
scp ./tmp/ifcfg-br-ex.compute $COMP_MAN_IP:/etc/sysconfig/network-scripts/ifcfg-br-ex
scp ./tmp/ifcfg-eth1 $COMP_MAN_IP:/etc/sysconfig/network-scripts/ifcfg-eth1
ssh $COMP_MAN_IP ifdown eth1; ifdown br-ex; ifup br-ex; ifup eth1
ssh $COMP_MAN_IP systemctl enable neutron-openvswitch-agent.service
ssh $COMP_MAN_IP systemctl restart neutron-openvswitch-agent.service
ssh $COMP_MAN_IP systemctl status neutron-openvswitch-agent.service