OpenStack搭建之网络服务Neutron的安装-linuxbridge方式(八)
如果想使用openvswitch方式请访问:
OpenStack搭建之网络服务Neutron的安装-openvswitch方式(八) - 运维术 (cnbugs.com)
Neutron在控制节点和计算节点都要安装
一、控制节点
创建数据库并设置权限
mysql -uroot -p000000
create database neutron;
grant all privileges on neutron.* to 'neutron'@'localhost' identified by '000000';
grant all privileges on neutron.* to 'neutron'@'%' identified by '000000';创建用户租户角色信息
openstack user create --domain default --password-prompt neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron --description "Openstack Networking" network创建端点等信息
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696安装软件包
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge.noarch cbtables ipset配置neutron配置文件
mv /etc/neutron/neutron.conf mv /etc/neutron/neutron.conf_bak
cat>/etc/neutron/neutron.conf<<EOF
[DEFAULT]
core_plugin=ml2
service_plugins=router
allow_overlapping_ips=True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
transport_url = rabbit://openstack:000000@controller
auth_strategy = keystone
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 000000
[cors]
[database]
connection = mysql+pymysql://neutron:000000@controller/neutron
[keystone_authtoken]
www_authenticate_uri=http://controller:5000/
auth_url=http://controller:5000/
memcached_servers=controller:11211
auth_type=password
project_domain_name=Default
user_domain_name=Default
project_name=service
username=neutron
password=000000
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]
EOF配置Modular Layer plug-in
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
cat>/etc/neutron/plugins/ml2/ml2_conf.ini<<EOF
[DEFAULT]
[ml2]
type_drivers=flat,vlan,vxlan
tenant_network_types=vxlan
mechanism_drivers=linuxbridge,l2population
extension_drivers=port_security
[ml2_type_flat]
flat_networks=provider
[ml2_type_vxlan]
vni_ranges=1:1000
[securitygroup]
enable_ipset=True
EOF配置linuxbridge_agent.ini
mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini_bak
cat>/etc/neutron/plugins/ml2/linuxbridge_agent.ini<<EOF
[DEFAULT]
[linux_bridge]
physical_interface_mappings=provider:eth0
[vxlan]
enable_vxlan=True
local_ip=192.168.100.103
l2_population=True
[securitygroup]
enable_security_group=True
firewall_driver=neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF配置linux内核支持网桥过滤器
cat>>/etc/sysctl.conf<<EOF
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
net.ipv4.ip_forward=1
EOF
modprobe br_netfilter
sysctl -p配置l3_agent.ini
mv /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak
cat>/etc/neutron/l3_agent.ini <<EOF
[DEFAULT]
interface_driver=linuxbridge
EOF配置DHCP代理
mv /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak
cat>/etc/neutron/dhcp_agent.ini<<EOF
[DEFAULT]
interface_driver=neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver=neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata=True
EOF配置元数据代理
mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak
cat>/etc/neutron/metadata_agent.ini<<EOF
[DEFAULT]
nova_metadata_host=controller
metadata_proxy_shared_secret=000000
[cache]
EOF配置计算服务使用网络服务
vim /etc/nova/nova.conf加入neutron段
[neutron]
auth_url=http://controller:5000
auth_type=password
project_domain_name=default
user_domain_name=default
region_name=RegionOne
project_name=service
username=neutron
password=000000
service_metadata_proxy=true
metadata_proxy_shared_secret=000000配置软链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini初始化数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron重启网络相关服务
systemctl restart network启动服务并设置开机自动启动
systemctl enable neutron-server
systemctl start neutron-server
systemctl enable neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl restart neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.servicesystemctl status neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl start neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service验证服务
. admin-openrc
neutron agent-list
二、计算节点
计算节点安装相关软件包
yum install openstack-neutron-linuxbridge ebtables ipset -y配置neutron配置文件
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
cat>/etc/neutron/neutron.conf<<EOF
[DEFAULT]
transport_url=rabbit://openstack:000000@controller
auth_strategy=keystone
[cors]
[database]
[keystone_authtoken]
www_authenticate_uri=http://controller:5000
auth_url=http://controller:5000
memcached_servers=controller:11211
auth_type=password
project_domain_name=default
user_domain_name=default
project_name=service
username=neutron
password=000000
[oslo_concurrency]
lock_path=/var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]
EOF配置linuxbridge_agent.ini配置文件
mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini_bak
cat>/etc/neutron/plugins/ml2/linuxbridge_agent.ini<<EOF
[DEFAULT]
[linux_bridge]
physical_interface_mappings=provider:eth0
[vxlan]
enable_vxlan=True
local_ip=192.168.100.104
l2_population=True
[securitygroup]
enable_security_group=True
firewall_driver=neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
EOF配置nova服务使用网络服务
修改/etc/nova/nova.conf
[neutron]
auth_url=http://controller:5000
auth_type=password
project_domain_name=default
user_domain_name=default
region_name=RegionOne
project_name=service
username=neutron
password=000000
配置软连接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini生效服务并启动服务,重启服务并设置服务开机启动
systemctl enable neutron-linuxbridge-agent.service
systemctl restart neutron-linuxbridge-agent.service
systemctl restart openstack-nova-compute查看服务启动状态
systemctl status openstack-nova-compute neutron-linuxbridge-agent.service声明:本站所有文章,如无特殊说明或标注,均为本站原创发布。任何个人或组织,在未征得本站同意时,禁止复制、盗用、采集、发布本站内容到任何网站、书籍等各类媒体平台。如若本站内容侵犯了原著者的合法权益,可联系我们进行处理。
