Last active
January 3, 2016 10:49
-
-
Save jtopjian/8452172 to your computer and use it in GitHub Desktop.
Bash scripts to build OpenStack
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
######## Variables | |
#### Network | |
primary_interface="eth0" | |
ip=$(ip addr list ${primary_interface} | grep "inet " | awk '{ print $2 }' | cut -d/ -f1) | |
mysql_network=$(echo $ip | cut -d"." -f1,2,3).% | |
public_ip="192.168.255.1" | |
fixed_range="192.168.1.0/24" | |
gateway="192.168.1.1" | |
network_size="254" | |
bridge_interface="eth0" | |
bridge="br0" | |
dns1="8.8.8.8" | |
dns2="8.8.4.4" | |
#### OpenStack | |
openstack_region="Amsterdam" | |
#### MySQL | |
mysql_root_password="password" | |
mysql_keystone_password="password" | |
mysql_glance_password="password" | |
mysql_nova_password="password" | |
mysql_cinder_password="password" | |
mysql_neutron_password="password" | |
#### Keystone, token & password should be different | |
keystone_admin_token="password" | |
keystone_admin_password="password" | |
keystone_glance_password="password" | |
keystone_nova_password="password" | |
keystone_cinder_password="password" | |
keystone_neutron_password="password" | |
#### Cinder | |
cinder_vg="cc1-vg" | |
######## Functions | |
function ini_has_option() { | |
local file=$1 | |
local section=$2 | |
local option=$3 | |
local line | |
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file") | |
[ -n "$line" ] | |
} | |
function iniset() { | |
local file=$1 | |
local section=$2 | |
local option=$3 | |
local value=$4 | |
[[ -z $section || -z $option ]] && return | |
if ! grep -q "^\[$section\]" "$file" 2>/dev/null; then | |
# Add section at the end | |
echo -e "\n[$section]" >>"$file" | |
fi | |
if ! ini_has_option "$file" "$section" "$option"; then | |
# Add it | |
sed -i -e "/^\[$section\]/ a\\ | |
$option = $value | |
" "$file" | |
else | |
local sep=$(echo -ne "\x01") | |
# Replace it | |
sed -i -e '/^\['${section}'\]/,/^\[.*\]/ s'${sep}'^\('${option}'[ \t]*=[ \t]*\).*$'${sep}'\1'"${value}"${sep} "$file" | |
fi | |
} | |
######## Prep | |
# Installing curl and wget | |
apt-get update | |
apt-get install -y curl wget | |
# ppa alternative | |
echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main >> /etc/apt/sources.list.d/cloud.list | |
echo deb-src http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main >> /etc/apt/sources.list.d/cloud.list | |
apt-get install -y ubuntu-cloud-keyring | |
apt-get update | |
######## MySQL | |
cat <<EOF | debconf-set-selections | |
mysql-server-5.5 mysql-server/root_password password ${mysql_root_password} | |
mysql-server-5.5 mysql-server/root_password_again password ${mysql_root_password} | |
mysql-server-5.5 mysql-server/start_on_boot boolean true | |
EOF | |
apt-get install -y mysql-server python-mysqldb | |
/etc/init.d/mysql restart | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on *.* to 'root'@'${mysql_network}' identified by '${mysql_root_password}'" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "create database keystone" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on keystone.* to 'keystone'@'${mysql_network}' identified by '${mysql_keystone_password}'" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "create database glance" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on glance.* to 'glance'@'${mysql_network}' identified by '${mysql_glance_password}'" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "create database nova" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on nova.* to 'nova'@'${mysql_network}' identified by '${mysql_nova_password}'" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "create database cinder" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on cinder.* to 'cinder'@'${mysql_network}' identified by '${mysql_cinder_password}'" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "create database neutron" | |
mysql -u root -p${mysql_root_password} -h 127.0.0.1 -e "grant all privileges on neutron.* to 'neutron'@'${mysql_network}' identified by '${mysql_neutron_password}'" | |
iniset /etc/mysql/my.cnf mysqld bind-address ${ip} | |
cat > /root/.my.cnf <<EOF | |
[client] | |
user=root | |
host=localhost | |
password='${mysql_root_password}' | |
EOF | |
/etc/init.d/mysql restart | |
iniset /root/.my.cnf client host ${ip} | |
######## RabbitMQ | |
apt-get install -y rabbitmq-server | |
mkdir -p /etc/rabbitmq/rabbitmq.conf.d | |
echo RABBITMQ_NODE_IP_ADDRESS=${ip} > /etc/rabbitmq/rabbitmq.conf.d/bind.conf | |
/etc/init.d/rabbitmq-server restart | |
######## Keystone | |
apt-get install -y keystone | |
iniset /etc/keystone/keystone.conf DEFAULT admin_token ${keystone_admin_token} | |
iniset /etc/keystone/keystone.conf DEFAULT bind_host ${ip} | |
iniset /etc/keystone/keystone.conf sql connection mysql://keystone:${mysql_keystone_password}@${ip}/keystone | |
iniset /etc/keystone/keystone.conf catalog driver keystone.catalog.backends.templated.TemplatedCatalog | |
iniset /etc/keystone/keystone.conf token provider keystone.token.providers.uuid.Provider | |
sed -i -e "s/RegionOne/${openstack_region}/g" /etc/keystone/default_catalog.templates | |
sed -i -e "s/localhost/${ip}/g" /etc/keystone/default_catalog.templates | |
keystone-manage db_sync | |
/etc/init.d/keystone restart | |
sleep 5 | |
export OS_SERVICE_TOKEN=${keystone_admin_token} | |
export OS_SERVICE_ENDPOINT=http://${ip}:35357/v2.0 | |
keystone tenant-create --name=admin --description="Admin Tenant" | |
keystone tenant-create --name=services --description="Services Tenant" | |
keystone user-create --name admin --tenant admin --pass ${keystone_admin_password} --email root@localhost | |
keystone role-create --name admin | |
keystone user-role-add --user admin --tenant admin --role admin | |
keystone user-create --name glance --tenant services --pass ${keystone_glance_password} --email root@localhost | |
keystone user-role-add --user glance --tenant services --role admin | |
keystone user-create --name nova --tenant services --pass ${keystone_nova_password} --email root@localhost | |
keystone user-role-add --user nova --tenant services --role admin | |
keystone user-create --name cinder --tenant services --pass ${keystone_cinder_password} --email root@localhost | |
keystone user-role-add --user cinder --tenant services --role admin | |
keystone user-create --name neutron --tenant services --pass ${keystone_neutron_password} --email root@localhost | |
keystone user-role-add --user neutron --tenant services --role admin | |
cat > /root/openrc <<EOF | |
export OS_AUTH_URL=http://${ip}:35357/v2.0/ | |
export OS_REGION_NAME=${openstack_region} | |
export OS_USERNAME=admin | |
export OS_TENANT_NAME=admin | |
export OS_PASSWORD=${keystone_admin_password} | |
export OS_NO_CACHE=1 | |
EOF | |
unset OS_SERVICE_TOKEN | |
unset OS_SERVICE_ENDPOINT | |
source /root/openrc | |
######## Glance | |
apt-get install -y glance | |
iniset /etc/glance/glance-api.conf DEFAULT bind_host ${ip} | |
iniset /etc/glance/glance-api.conf DEFAULT sql_connection mysql://glance:${mysql_glance_password}@${ip}/glance | |
iniset /etc/glance/glance-api.conf DEFAULT registry_host ${ip} | |
iniset /etc/glance/glance-api.conf keystone_authtoken auth_host ${ip} | |
iniset /etc/glance/glance-api.conf keystone_authtoken admin_tenant_name services | |
iniset /etc/glance/glance-api.conf keystone_authtoken admin_user glance | |
iniset /etc/glance/glance-api.conf keystone_authtoken admin_password ${keystone_glance_password} | |
iniset /etc/glance/glance-registry.conf DEFAULT bind_host ${ip} | |
iniset /etc/glance/glance-registry.conf DEFAULT sql_connection mysql://glance:${mysql_glance_password}@${ip}/glance | |
iniset /etc/glance/glance-registry.conf keystone_authtoken auth_host ${ip} | |
iniset /etc/glance/glance-registry.conf keystone_authtoken admin_tenant_name services | |
iniset /etc/glance/glance-registry.conf keystone_authtoken admin_user glance | |
iniset /etc/glance/glance-registry.conf keystone_authtoken admin_password ${keystone_glance_password} | |
/etc/init.d/glance-api restart | |
/etc/init.d/glance-registry restart | |
glance-manage db_sync | |
cd /root | |
wget http://cdn.download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img | |
glance image-create --name CirrOS --disk-format qcow2 --container-format bare --is-public true < cirros-0.3.1*.img | |
######## Nova | |
apt-get install -y nova-novncproxy novnc nova-api nova-ajax-console-proxy nova-cert nova-conductor nova-consoleauth nova-doc nova-scheduler python-novaclient | |
iniset /etc/nova/nova.conf DEFAULT osapi_compute_listen ${ip} | |
iniset /etc/nova/nova.conf DEFAULT ec2_listen ${ip} | |
iniset /etc/nova/nova.conf DEFAULT metadata_listen ${ip} | |
iniset /etc/nova/nova.conf DEFAULT metadata_host ${ip} | |
iniset /etc/nova/nova.conf DEFAULT sql_connection mysql://nova:${mysql_nova_password}@${ip}/nova | |
iniset /etc/nova/nova.conf DEFAULT rpc_backend nova.rpc.impl_kombu | |
iniset /etc/nova/nova.conf DEFAULT rabbit_host ${ip} | |
iniset /etc/nova/nova.conf DEFAULT rabbit_port 5672 | |
iniset /etc/nova/nova.conf DEFAULT rabbit_user guest | |
iniset /etc/nova/nova.conf DEFAULT rabbit_password guest | |
iniset /etc/nova/nova.conf DEFAULT image_service nova.image.glance.GlanceImageService | |
iniset /etc/nova/nova.conf DEFAULT glance_api_servers ${ip}:9292 | |
iniset /etc/nova/nova.conf DEFAULT auth_strategy keystone | |
iniset /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager | |
iniset /etc/nova/nova.conf keystone_authtoken auth_host ${ip} | |
iniset /etc/nova/nova.conf keystone_authtoken auth_port 35357 | |
iniset /etc/nova/nova.conf keystone_authtoken auth_protocol http | |
iniset /etc/nova/nova.conf keystone_authtoken admin_tenant_name services | |
iniset /etc/nova/nova.conf keystone_authtoken admin_user nova | |
iniset /etc/nova/nova.conf keystone_authtoken admin_password ${keystone_nova_password} | |
iniset /etc/nova/api-paste.ini filter:authtoken auth_host ${ip} | |
iniset /etc/nova/api-paste.ini filter:authtoken admin_tenant_name services | |
iniset /etc/nova/api-paste.ini filter:authtoken admin_user nova | |
iniset /etc/nova/api-paste.ini filter:authtoken admin_password ${keystone_nova_password} | |
nova-manage db sync | |
for i in /etc/init.d/nova-* | |
do | |
$i restart | |
done | |
nova-manage network create nova --fixed_range_v4 ${fixed_range} --bridge_interface ${bridge_interface} --bridge ${bridge} --network_size ${network_size} --gateway ${gateway} --multi_host T --dns1 ${dns1} --dns2 ${dns2} --fixed_cidr ${fixed_range} | |
for i in `seq 1 20` ; do nova fixed-ip-reserve 192.168.1.$i; done | |
######## Cinder | |
apt-get install -y cinder-api cinder-scheduler cinder-volume | |
iniset /etc/cinder/cinder.conf DEFAULT volume_group ${cinder_vg} | |
iniset /etc/cinder/cinder.conf DEFAULT sql_connection mysql://cinder:${mysql_cinder_password}@${ip}/cinder | |
iniset /etc/cinder/cinder.conf DEFAULT rpc_backend cinder.openstack.common.rpc.impl_kombu | |
iniset /etc/cinder/cinder.conf DEFAULT rabbit_host ${ip} | |
iniset /etc/cinder/cinder.conf DEFAULT rabbit_port 5672 | |
iniset /etc/cinder/cinder.conf DEFAULT rabbit_userid guest | |
iniset /etc/cinder/cinder.conf DEFAULT rabbit_password guest | |
iniset /etc/cinder/cinder.conf DEFAULT bind_host ${ip} | |
iniset /etc/cinder/cinder.conf DEFAULT osapi_volume_listen ${ip} | |
iniset /etc/cinder/api-paste.ini filter:authtoken auth_host ${ip} | |
iniset /etc/cinder/api-paste.ini filter:authtoken admin_tenant_name services | |
iniset /etc/cinder/api-paste.ini filter:authtoken admin_user cinder | |
iniset /etc/cinder/api-paste.ini filter:authtoken admin_password ${keystone_cinder_password} | |
cinder-manage db sync | |
for i in /etc/init.d/cinder-* | |
do | |
$i restart | |
done | |
######## Horizon | |
apt-get install -y openstack-dashboard | |
apt-get remove -y --purge openstack-dashboard-ubuntu-theme | |
sed -i -e "s/OPENSTACK_HOST = \"127.0.0.1\"/OPENSTACK_HOST = \"${ip}\"/g" /etc/openstack-dashboard/local_settings.py | |
/etc/init.d/apache2 restart | |
keystone role-create --name Member |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
######## Variables | |
#### Network | |
primary_interface="eth0" | |
ip=$(ip addr list ${primary_interface} | grep "inet " | awk '{ print $2 }' | cut -d/ -f1) | |
#fixed_range="192.168.1.0/24" | |
gateway="192.168.1.1" | |
network_size="254" | |
bridge_interface="eth0" | |
bridge="br0" | |
#### OpenStack | |
cloud_controller="192.168.255.1" | |
#### MySQL | |
mysql_nova_password="password" | |
#### Keystone | |
keystone_nova_password="password" | |
######## Functions | |
function ini_has_option() { | |
local file=$1 | |
local section=$2 | |
local option=$3 | |
local line | |
line=$(sed -ne "/^\[$section\]/,/^\[.*\]/ { /^$option[ \t]*=/ p; }" "$file") | |
[ -n "$line" ] | |
} | |
function iniset() { | |
local file=$1 | |
local section=$2 | |
local option=$3 | |
local value=$4 | |
[[ -z $section || -z $option ]] && return | |
if ! grep -q "^\[$section\]" "$file" 2>/dev/null; then | |
# Add section at the end | |
echo -e "\n[$section]" >>"$file" | |
fi | |
if ! ini_has_option "$file" "$section" "$option"; then | |
# Add it | |
sed -i -e "/^\[$section\]/ a\\ | |
$option = $value | |
" "$file" | |
else | |
local sep=$(echo -ne "\x01") | |
# Replace it | |
sed -i -e '/^\['${section}'\]/,/^\[.*\]/ s'${sep}'^\('${option}'[ \t]*=[ \t]*\).*$'${sep}'\1'"${value}"${sep} "$file" | |
fi | |
} | |
######## Prep | |
# Installing curl and wget | |
apt-get update | |
apt-get install -y curl wget | |
# ppa alternative | |
echo deb http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main >> /etc/apt/sources.list.d/cloud.list | |
echo deb-src http://ubuntu-cloud.archive.canonical.com/ubuntu precise-updates/havana main >> /etc/apt/sources.list.d/cloud.list | |
apt-get install -y ubuntu-cloud-keyring | |
apt-get update | |
######## Nova | |
apt-get install -y nova-compute-kvm nova-network nova-api-metadata | |
iniset /etc/nova/nova.conf DEFAULT sql_connection mysql://nova:${mysql_nova_password}@${cloud_controller}/nova | |
iniset /etc/nova/nova.conf DEFAULT rpc_backend nova.rpc.impl_kombu | |
iniset /etc/nova/nova.conf DEFAULT rabbit_host ${cloud_controller} | |
iniset /etc/nova/nova.conf DEFAULT rabbit_port 5672 | |
iniset /etc/nova/nova.conf DEFAULT rabbit_user guest | |
iniset /etc/nova/nova.conf DEFAULT rabbit_password guest | |
iniset /etc/nova/nova.conf DEFAULT image_service nova.image.glance.GlanceImageService | |
iniset /etc/nova/nova.conf DEFAULT glance_api_servers ${cloud_controller}:9292 | |
iniset /etc/nova/nova.conf DEFAULT auth_strategy keystone | |
iniset /etc/nova/nova.conf DEFAULT network_manager nova.network.manager.FlatDHCPManager | |
iniset /etc/nova/nova.conf DEFAULT dnsmasq_config_file /etc/nova/dnsmasq.conf | |
iniset /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.libvirt.firewall.IptablesFirewallDriver | |
iniset /etc/nova/nova.conf DEFAULT allow_same_net_traffic False | |
iniset /etc/nova/nova.conf DEFAULT network_size ${network_size} | |
iniset /etc/nova/nova.conf DEFAULT force_dhcp_release True | |
iniset /etc/nova/nova.conf DEFAULT flat_network_bridge ${bridge} | |
iniset /etc/nova/nova.conf DEFAULT flat_interface ${bridge_interface} | |
iniset /etc/nova/nova.conf DEFAULT public_interface ${bridge_interface} | |
iniset /etc/nova/nova.conf DEFAULT vnc_enabled true | |
iniset /etc/nova/nova.conf DEFAULT vncserver_listen 0.0.0.0 | |
iniset /etc/nova/nova.conf DEFAULT vncserver_proxyclient_address ${ip} | |
iniset /etc/nova/nova.conf DEFAULT novncproxy_base_url http://${cloud_controller}:6080/vnc_auto.html | |
iniset /etc/nova/nova.conf DEFAULT metadata_listen ${ip} | |
iniset /etc/nova/nova.conf DEFAULT metadata_host ${ip} | |
iniset /etc/nova/nova.conf keystone_authtoken auth_host ${cloud_controller} | |
iniset /etc/nova/nova.conf keystone_authtoken auth_port 35357 | |
iniset /etc/nova/nova.conf keystone_authtoken auth_protocol http | |
iniset /etc/nova/nova.conf keystone_authtoken admin_tenant_name services | |
iniset /etc/nova/nova.conf keystone_authtoken admin_user nova | |
iniset /etc/nova/nova.conf keystone_authtoken admin_password ${keystone_nova_password} | |
iniset /etc/nova/api-paste.ini keystone_authtoken auth_host ${cloud_controller} | |
iniset /etc/nova/api-paste.ini keystone_authtoken admin_tenant_name services | |
iniset /etc/nova/api-paste.ini keystone_authtoken admin_user glance | |
iniset /etc/nova/api-paste.ini keystone_authtoken admin_password ${keystone_nova_password} | |
echo dhcp-option=3,${gateway} > /etc/nova/dnsmasq.conf | |
for i in /etc/init.d/nova-* | |
do | |
$i restart | |
done | |
uuid=$(uuidgen) | |
echo listen_tls = 0 >> /etc/libvirt/libvirtd.conf | |
echo listen_tcp = 1 >> /etc/libvirt/libvirtd.conf | |
echo auth_tcp = \"none\" >> /etc/libvirt/libvirtd.conf | |
echo listen_addr = \"${ip}\" >> /etc/libvirt/libvirtd.conf | |
echo host_uuid = \"${uuid}\" >> /etc/libvirt/libvirtd.conf | |
sed -i -e "s/libvirtd_opts=\"-d\"/libvirtd_ops=\"-d -l\"/" /etc/default/libvirt-bin | |
/etc/init.d/libvirt-bin restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
######## Vars | |
#### Network | |
primary_interface="eth0" | |
ip=$(ip addr list ${primary_interface} | grep "inet " | awk '{ print $2 }' | cut -d/ -f1) | |
#### Swift | |
swift_hash_path_prefix="foo" | |
swift_hash_path_suffix="bar" | |
disk="vdb" | |
######## Prep | |
yum install -y http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-6.noarch.rpm | |
yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm | |
yum install -y openstack-utils | |
yum install -y openstack-selinux | |
######## Swift | |
yum install -y openstack-swift-account openstack-swift-container openstack-swift-object xfsprogs xinetd | |
umount /dev/${disk} | |
mkfs.xfs -f /dev/${disk} | |
echo "/dev/${disk} /srv/node/${disk} xfs noatime,nodiratime,nobarrier,logbufs=8 0 0" >> /etc/fstab | |
mkdir -p /srv/node/${disk} | |
mount /srv/node/${disk} | |
chown -R swift:swift /srv/node | |
#openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_prefix ${swift_hash_path_prefix} | |
openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_suffix ${swift_hash_path_suffix} | |
openstack-config --set /etc/swift/account-server.conf DEFAULT bind_ip 0.0.0.0 | |
openstack-config --set /etc/swift/container-server.conf DEFAULT bind_ip 0.0.0.0 | |
openstack-config --set /etc/swift/object-server.conf DEFAULT bind_ip 0.0.0.0 | |
######## rsync | |
perl -p -i -e 's/disable\s+=\s+yes/disable = no/g' /etc/xinetd.d/rsync | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 6000 -j ACCEPT | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 6001 -j ACCEPT | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 6002 -j ACCEPT | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 873 -j ACCEPT | |
/sbin/service iptables save | |
cat > /etc/rsyncd.conf <<EOF | |
uid = swift | |
gid = swift | |
log file = /var/log/rsyncd.log | |
pid file = /var/run/rsyncd.pid | |
address = ${ip} | |
[account] | |
max connections = 2 | |
path = /srv/node/ | |
read only = false | |
lock file = /var/lock/account.lock | |
[container] | |
max connections = 2 | |
path = /srv/node/ | |
read only = false | |
lock file = /var/lock/container.lock | |
[object] | |
max connections = 2 | |
path = /srv/node/ | |
read only = false | |
lock file = /var/lock/object.lock | |
EOF | |
service xinetd restart |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
!/bin/bash | |
######## Vars | |
#### Network | |
primary_interface="eth0" | |
ip=$(ip addr list ${primary_interface} | grep "inet " | awk '{ print $2 }' | cut -d/ -f1) | |
#### Swift | |
swift_hash_path_prefix="foo" | |
swift_hash_path_suffix="bar" | |
part_power=10 | |
replicas=2 | |
min_part_hours=1 | |
######## Prep | |
yum install -y http://repos.fedorapeople.org/repos/openstack/openstack-havana/rdo-release-havana-6.noarch.rpm | |
yum install -y http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm | |
yum install -y openstack-utils | |
yum install -y openstack-selinux | |
######## Swift | |
yum install -y openstack-swift-proxy memcached openstack-utils python-swiftclient rsync xinetd | |
mkdir /etc/swift/backups | |
#openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_prefix ${swift_hash_path_prefix} | |
openstack-config --set /etc/swift/swift.conf swift-hash swift_hash_path_suffix ${swift_hash_path_suffix} | |
openstack-config --set /etc/swift/proxy-server.conf pipeline:main pipeline "healthcheck cache tempauth proxy-server" | |
openstack-config --set /etc/swift/proxy-server.conf filter:tempauth use egg:swift#tempauth | |
openstack-config --set /etc/swift/proxy-server.conf filter:tempauth user_admin_admin "admin .admin .reseller_admin" | |
openstack-config --set /etc/swift/proxy-server.conf filter:tempauth user_owncloud_owncloud "password .admin" | |
openstack-config --set /etc/swift/proxy-server.conf filter:cache memcache_servers ${ip}:11211 | |
cd /etc/swift | |
swift-ring-builder account.builder create ${part_power} ${replicas} ${min_part_hours} | |
swift-ring-builder container.builder create ${part_power} ${replicas} ${min_part_hours} | |
swift-ring-builder object.builder create ${part_power} ${replicas} ${min_part_hours} | |
#swift-ring-builder object.builder add z1-192.168.1.11:6000/vdb 100 | |
#swift-ring-builder container.builder add z1-192.168.1.11:6001/vdb 100 | |
#swift-ring-builder account.builder add z1-192.168.1.11:6002/vdb 100 | |
#swift-ring-builder account.builder rebalance | |
#swift-ring-builder container.builder rebalance | |
#swift-ring-builder object.builder rebalance | |
######## memcached | |
sed -i -e "s/OPTIONS=\"\"/OPTIONS=\"-l ${ip}\"/g" /etc/sysconfig/memcached.conf | |
service memcached restart | |
######## rsync | |
perl -p -i -e 's/disable\s+=\s+yes/disable = no/g' /etc/xinetd.d/rsync | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 873 -j ACCEPT | |
iptables -I INPUT -s 10.0.0.0/16 -p tcp -m tcp --dport 8080 -j ACCEPT | |
/sbin/service iptables save | |
cat > /etc/rsyncd.conf <<EOF | |
pid file = /var/run/rsyncd.pid | |
uid = nobody | |
gid = nobody | |
use chroot = no | |
log format = %t %a %m %f %b | |
syslog facility = local3 | |
timeout = 300 | |
address = ${ip} | |
[ swift_server ] | |
path = /etc/swift | |
read only = true | |
write only = no | |
list = yes | |
uid = swift | |
gid = swift | |
incoming chmod = 0644 | |
outgoing chmod = 0644 | |
max connections = 5 | |
lock file = /var/lock/swift_server.lock | |
EOF | |
service xinetd restart |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment