# 配置控制节点
# 1. 更新系统
# apt update && apt upgrade -y

# 2. 安装OpenStack依赖
# apt install -y python3-openstackclient python3-pip

# 3. 安装OpenStack服务
# apt install -y nova-api nova-conductor nova-novncproxy nova-scheduler
# apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
# apt install -y glance
# apt install -y cinder-api cinder-scheduler
# apt install -y keystone
# apt install -y horizon
# apt install -y heat-api heat-engine

# 4. 配置数据库
# apt install -y mariadb-server
# mysql_secure_installation

# 5. 配置消息队列
# apt install -y rabbitmq-server
# rabbitmqctl add_user openstack password
# rabbitmqctl set_permissions openstack “.*” “.*” “.*”

# 6. 配置Memcached
# apt install -y memcached python3-memcache

# 配置Keystone
# 1. 创建Keystone数据库
# mysql -u root -p
CREATE DATABASE keystone;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’localhost’ IDENTIFIED BY ‘password’;
GRANT ALL PRIVILEGES ON keystone.* TO ‘keystone’@’%’ IDENTIFIED BY ‘password’;
FLUSH PRIVILEGES;
EXIT;

# 2. 配置Keystone
# vi /etc/keystone/keystone.conf
[database]
connection = mysql+pymysql://keystone:password@localhost/keystone

[token]
driver = fernet

# 3. 初始化Keystone
# su -s /bin/sh -c “keystone-manage db_sync” keystone
# keystone-manage fernet_setup –keystone-user keystone –keystone-group keystone
# keystone-manage credential_setup –keystone-user keystone –keystone-group keystone
# keystone-manage bootstrap –bootstrap-password admin_password –bootstrap-admin-url http://controller:5000/v3/ –bootstrap-internal-url http://controller:5000/v3/ –bootstrap-public-url http://controller:5000/v3/ –bootstrap-region-id RegionOne

# 4. 配置Apache
# vi /etc/apache2/apache2.conf
ServerName controller

# 5. 重启Apache
# systemctl restart apache2

# 6. 配置环境变量
# vi ~/.bashrc
export OS_USERNAME=admin
export OS_PASSWORD=admin_password
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3

# 7. 验证Keystone
# openstack user list

# 配置Nova
# vi /etc/nova/nova.conf
[DEFAULT]
compute_driver = libvirt.LibvirtDriver

[libvirt]
virt_type = kvm

# 配置Neutron
# vi /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins = router

# 配置Glance
# vi /etc/glance/glance-api.conf
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

# 配置Cinder
# vi /etc/cinder/cinder.conf
[DEFAULT]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_ip_address = 192.168.1.150

# 重启服务
# systemctl restart nova-* neutron-* glance-* cinder-*

# 配置OpenStack高可用
# 1. 安装HAProxy
# apt install -y haproxy

# 2. 配置HAProxy
# vi /etc/haproxy/haproxy.cfg
frontend keystone
bind *:5000
default_backend keystone-back

backend keystone-back
balance roundrobin
server controller1 192.168.1.150:5000 check
server controller2 192.168.1.154:5000 check

# 3. 安装Keepalived
# apt install -y keepalived

# 4. 配置Keepalived
# vi /etc/keepalived/keepalived.conf
vrrp_instance VI_1 {
state MASTER
interface eth0
virtual_router_id 51
priority 100
advert_int 1
authentication {
auth_type PASS
auth_pass password
}
virtual_ipaddress {
192.168.1.155
}
}

# 5. 重启服务
# systemctl restart haproxy keepalived

# 配置管理网络
# 1. 配置控制节点网络
# vi /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses:
– 192.168.1.150/24
gateway4: 192.168.1.1
nameservers:
addresses: [114.114.114.114]

# 2. 应用网络配置
# netplan apply

# 3. 配置计算节点网络
# vi /etc/netplan/01-netcfg.yaml
network:
version: 2
renderer: networkd
ethernets:
eth0:
addresses:
– 192.168.1.151/24
gateway4: 192.168.1.1
nameservers:
addresses: [114.114.114.114]

# 4. 应用网络配置
# netplan apply

# 配置租户网络
# 1. 配置Neutron ML2插件
# vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security

[ml2_type_vxlan]
vni_ranges = 1:1000

# 2. 配置Linux Bridge代理
# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eth1

[vxlan]
enable_vxlan = true
local_ip = 192.168.1.150
l2_population = true

# 3. 重启服务
# systemctl restart neutron-linuxbridge-agent

# 配置外部网络
# 1. 创建外部网络
# openstack network create –external –provider-physical-network provider –provider-network-type flat external-network

# 2. 创建外部网络子网
# openstack subnet create –network external-network –allocation-pool start=192.168.20.100,end=192.168.20.200 –dns-nameserver 114.114.114.114 –gateway 192.168.20.1 –subnet-range 192.168.20.0/24 external-subnet

# 3. 创建租户网络
# openstack network create demo-network

# 4. 创建租户网络子网
# openstack subnet create –network demo-network –dns-nameserver 114.114.114.114 –gateway 192.168.10.1 –subnet-range 192.168.10.0/24 demo-subnet

# 5. 创建路由器
# openstack router create demo-router

# 6. 连接路由器到外部网络
# openstack router set demo-router –external-gateway external-network

# 7. 连接路由器到租户网络
# openstack router add subnet demo-router demo-subnet

# 配置本地存储
# 1. 配置Nova本地存储
# vi /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata

# 2. 配置Cinder本地存储
# 1. 创建卷组
# pvcreate /dev/sdb
# vgcreate cinder-volumes /dev/sdb

# 2. 配置Cinder
# vi /etc/cinder/cinder.conf
[DEFAULT]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
iscsi_ip_address = 192.168.1.150

# 3. 重启服务
# systemctl restart cinder-volume

# 配置Ceph存储
# 1. 安装Ceph
# apt install -y ceph-deploy

# 2. 配置Ceph集群
# mkdir ceph-cluster
# cd ceph-cluster
# ceph-deploy new storage

# 3. 配置Ceph
# vi ceph.conf
[global]
fsid = $(uuidgen)
mon initial members = storage
mon host = 192.168.1.153
public network = 192.168.1.0/24
cluster network = 192.168.30.0/24

# 4. 部署Ceph
# ceph-deploy install storage
# ceph-deploy mon create-initial
# ceph-deploy admin storage

# 5. 配置Cinder使用Ceph
# vi /etc/cinder/cinder.conf
[DEFAULT]
volume_driver = cinder.volume.drivers.rbd.RBDDriver
rbd_pool = volumes
rbd_ceph_conf = /etc/ceph/ceph.conf
rbd_flatten_volume_from_snapshot = false
rbd_max_clone_depth = 5
rbd_store_chunk_size = 4
rados_connect_timeout = -1
glance_api_version = 2

# 6. 重启服务
# systemctl restart cinder-volume

# 创建虚拟机
# 1. 上传镜像
# openstack image create “ubuntu2204” –file ubuntu-22.04-desktop-amd64.iso –disk-format iso –container-format bare

# 2. 创建 flavor
# openstack flavor create –id 1 –vcpus 4 –ram 8192 –disk 100 m1.large

# 3. 创建网络
# openstack network create demo-network
# openstack subnet create –network demo-network –dns-nameserver 114.114.114.114 –gateway 192.168.10.1 –subnet-range 192.168.10.0/24 demo-subnet

# 4. 创建安全组
# openstack security group create demo-security-group
# openstack security group rule create –proto icmp –dst-port 0 demo-security-group
# openstack security group rule create –proto tcp –dst-port 22 demo-security-group

# 5. 创建虚拟机
# openstack server create –flavor m1.large –image ubuntu2204 –network demo-network –security-group demo-security-group ubuntu2204

# 6. 查看虚拟机状态
# openstack server list

# 配置虚拟机
# 1. 查看虚拟机详情
# openstack server show ubuntu2204

# 2. 调整虚拟机规格
# openstack server resize –flavor m1.xlarge ubuntu2204

# 3. 确认调整
# openstack server resize –confirm ubuntu2204

# 4. 重启虚拟机
# openstack server reboot ubuntu2204

# 5. 验证虚拟机配置
# openstack server show ubuntu2204

# 配置Nova内存
# vi /etc/nova/nova.conf
[DEFAULT]
ram_allocation_ratio = 1.5

# 配置计算节点内存
# vi /etc/nova/nova.conf
[libvirt]
memory_backing_dir = /dev/shm

# 配置Nova处理器
# vi /etc/nova/nova.conf
[DEFAULT]
cpu_allocation_ratio = 16.0

# 配置计算节点处理器
# vi /etc/nova/nova.conf
[libvirt]
cpu_mode = host-passthrough

# 配置Cinder存储
# vi /etc/cinder/cinder.conf
[DEFAULT]
volume_clear = zero
volume_clear_size = 0

# 配置Glance存储
# vi /etc/glance/glance-api.conf
[glance_store]
stores = file,http
default_store = file
filesystem_store_datadir = /var/lib/glance/images/

# 备份OpenStack配置
# tar -czf /backup/openstack-config-$(date +%Y%m%d).tar.gz /etc/nova /etc/neutron /etc/glance /etc/cinder /etc/keystone

# 升级OpenStack
# 1. 更新系统
# apt update && apt upgrade -y

# 2. 升级OpenStack服务
# apt install -y python3-openstackclient
# apt upgrade -y nova-* neutron-* glance-* cinder-* keystone horizon heat-*

# 3. 同步数据库
# su -s /bin/sh -c “nova-manage db sync” nova
# su -s /bin/sh -c “neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head” neutron
# su -s /bin/sh -c “glance-manage db_sync” glance
# su -s /bin/sh -c “cinder-manage db sync” cinder
# su -s /bin/sh -c “keystone-manage db_sync” keystone

# 4. 重启服务
# systemctl restart nova-* neutron-* glance-* cinder-* keystone horizon heat-*

# 5. 验证升级
# openstack –version

# 执行虚拟机迁移
# 1. 查看虚拟机
# openstack server list

# 2. 执行冷迁移
# openstack server migrate –live ubuntu2204 compute02

# 3. 确认迁移
# openstack server resize –confirm ubuntu2204

# 4. 验证迁移
# openstack server show ubuntu2204

# 创建备份脚本
# vi /data/scripts/backup_vm.sh

#!/bin/bash
BACKUP_DIR=”/backup/openstack”
DATE=$(date +%Y%m%d)

# 创建备份目录
mkdir -p $BACKUP_DIR

# 备份虚拟机
# 1. 列出所有虚拟机
VM_LIST=$(openstack server list -c ID -f value)

# 2. 备份每个虚拟机
for VM in $VM_LIST; do
VM_NAME=$(openstack server show $VM -c name -f value)
echo “Backing up $VM_NAME…”
openstack server backup create –name ${VM_NAME}-${DATE} $VM

# 导出虚拟机配置
openstack server show $VM > $BACKUP_DIR/${VM_NAME}-${DATE}.txt
done

# 清理旧备份（保留7天）
find $BACKUP_DIR -type f -mtime +7 -exec rm -f {} \;

# 添加执行权限
# chmod +x /data/scripts/backup_vm.sh

# 添加定时任务
# crontab -e
0 0 * * * /data/scripts/backup_vm.sh

# 恢复虚拟机
# 1. 查看备份
# openstack backup list

# 2. 恢复虚拟机
# openstack server restore –name ubuntu2204-restored

# 3. 验证恢复
# openstack server list

# 配置OpenStack监控
# 1. 安装Ceilometer
# apt install -y ceilometer-api ceilometer-collector ceilometer-agent-compute ceilometer-agent-central

# 2. 配置Ceilometer
# vi /etc/ceilometer/ceilometer.conf
[DEFAULT]
metering_secret = secret

[database]
connection = mongodb://ceilometer:password@localhost:27017/ceilometer

# 3. 启动Ceilometer
# systemctl start ceilometer-*

# 4. 查看监控数据
# openstack meter list
# openstack sample list