安装配置network(neutron) 服务
Mitaka版本网络有两个选择,Provider network 和Self-service network,这里我们选择第二种。
controller 节点一、创建数据库
[root@controller ~]# mysql -u root -p>>CREATE DATABASE neutron;>>GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';>>GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
NEUTRON_DBPASS改为自己想要设置的密码
二、创建服务实体和api接口
[root@controller ~]# source /root/admin-openrc.sh[root@controller ~]# openstack user create --domain default --password-prompt neutron[root@controller ~]# openstack role add --project service --user neutron admin[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696[root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696 [root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696
三、安装nuetron服务
[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
编辑neutron服务配置文件
[root@controller ~]# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak[root@controller ~]# vim /etc/neutron/neutron.conf[DEFAULT]core_plugin = ml2service_plugins = routerallow_overlapping_ips = Truerpc_backend = rabbitauth_strategy = keystonenotify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes = True[database]connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron #改为自己数据库密码[oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = RABBIT_PASS #改为rabbitmq的密码[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = NEUTRON_PASS #改为自己neutron服务的密码[nova]auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = NOVA_PASS #改为自己nova服务的密码[oslo_concurrency]lock_path = /var/lib/neutron/tmp
编辑ML2插件的配置
[root@controller ~]#mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak[root@controller ~]#vim /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,vlan,vxlantenant_network_types = vxlanmechanism_drivers = linuxbridge,l2populationextension_drivers = port_security[ml2_type_flat]flat_networks = provider[ml2_type_vxlan]vni_ranges = 1:1000[securitygroup]enable_ipset = True
编辑linuxbridge agent 配置文件
[root@controller ~]#mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini_bak[root@controller ~]#vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge]physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME #这里设置为provider网络的网卡名称,我这里eth1[vxlan]enable_vxlan = Truelocal_ip = OVERLAY_INTERFACE_IP_ADDRESS #这个ip地址我们使用的是管理网段的ip (10.0.0.11)l2_population = True[securitygroup]enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
编辑L3 agent 配置文件
[root@controller ~]#mv /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak[root@controller ~]#vim /etc/neutron/l3_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriverexternal_network_bridge = #留空
编辑dhcp agent配置
[root@controller ~]#mv /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak[root@controller ~]#vim /etc/neutron/dhcp_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriverdhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = True
配置metadata agent
[root@controller ~]#mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak[root@controller ~]#vim /etc/neutron/metadata_agent.ini[DEFAULT]nova_metadata_ip = controllermetadata_proxy_shared_secret = METADATA_SECRET #修改为自己的METADATA_SECRET,也可以不修改,要和nova服务配置一样
配置nova服务使用network
[root@controller ~]#vim /etc/nova/nova.conf #增加以下内容[neutron]url = http://controller:9696auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = NEUTRON_PASS #改为自己neutron服务密码 service_metadata_proxy = Truemetadata_proxy_shared_secret = METADATA_SECRET #和上面的METADATA对应
给ML2插件做个软连接
[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
同步数据库
[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
重启nova-api
[root@controller ~]# systemctl restart openstack-nova-api.service
启动neutron相关服务,并设置开机启动
[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service[root@controller ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
启动L3 agent
[root@controller ~]# systemctl enable neutron-l3-agent.service[root@controller ~]# systemctl start neutron-l3-agent.service
compute 节点配置
一、安装neutron服务
[root@compute1 ~]# yum install openstack-neutron-linuxbridge ebtables ipset
编辑neutron服务配置
[root@compute1 ~]#mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak[root@compute1 ~]#vim /etc/neutron/neutron.conf[DEFAULT]rpc_backend = rabbitauth_strategy = keystone[oslo_messaging_rabbit]rabbit_host = controllerrabbit_userid = openstackrabbit_password = RABBIT_PASS #改为rabbit密码[keystone_authtoken]auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = NEUTRON_PASS #改为自己neutron服务密码[oslo_concurrency]lock_path = /var/lib/neutron/tmp
编辑linuxbridge agent 配置
[root@compute1 ~]#mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini_bak[root@compute1 ~]#vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini[linux_bridge]physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME #改为provider网络的网卡,这里是eth1[vxlan]enable_vxlan = Truelocal_ip = OVERLAY_INTERFACE_IP_ADDRESS #改为本机managent网络的ip地址 10.0.0.31l2_population = True[securitygroup]enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置nova服务使用network
[root@compute1 ~]#vim /etc/nova/nova.conf #增加以下内容[neutron]url = http://controller:9696auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = neutronpassword = NEUTRON_PASS #改为自己的neutron服务密码
重启nova服务
[root@compute1 ~]# systemctl restart openstack-nova-compute.service
启动neutron服务,并加入开机启动
[root@compute1 ~]# systemctl enable neutron-linuxbridge-agent.service[root@compute1 ~]# systemctl start neutron-linuxbridge-agent.service
验证
在controller节点执行
[root@controller ~]#source /root/admin-openrc.sh[root@controller ~]# neutron ext-list+---------------------------+-----------------------------------------------+| alias | name |+---------------------------+-----------------------------------------------+| default-subnetpools | Default Subnetpools || network-ip-availability | Network IP Availability || network_availability_zone | Network Availability Zone || auto-allocated-topology | Auto Allocated Topology Services || ext-gw-mode | Neutron L3 Configurable external gateway mode || binding | Port Binding || agent | agent || subnet_allocation | Subnet Allocation || l3_agent_scheduler | L3 Agent Scheduler || tag | Tag support || external-net | Neutron external network || net-mtu | Network MTU || availability_zone | Availability Zone || quotas | Quota management support || l3-ha | HA Router extension || provider | Provider Network || multi-provider | Multi Provider Network || address-scope | Address scope || extraroute | Neutron Extra Route || timestamp_core | Time Stamp Fields addition for core resources || router | Neutron L3 Router || extra_dhcp_opt | Neutron Extra DHCP opts || dns-integration | DNS Integration || security-group | security-group || dhcp_agent_scheduler | DHCP Agent Scheduler || router_availability_zone | Router Availability Zone || rbac-policies | RBAC Policies || standard-attr-description | standard-attr-description || port-security | Port Security || allowed-address-pairs | Allowed Address Pairs || dvr | Distributed Virtual Router |+---------------------------+-----------------------------------------------+[root@controller ~]# neutron agent-list+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+| id | agent_type | host | availability_zone | alive | admin_state_up | binary |+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+| 45320f3f-bea4-44aa-a79a-f7cf582146d1 | L3 agent | controller | nova | :-) | True | neutron-l3-agent || 780c205c-867f-4997-90b4-a2f2b2c739bf | Metadata agent | controller | | :-) | True | neutron-metadata-agent || 7ba54a28-2a26-41b3-a02b-b69c9e5f83d7 | DHCP agent | controller | nova | :-) | True | neutron-dhcp-agent || 9b37f144-f697-4ee9-b761-6ae6ae1d2782 | Linux bridge agent | compute2 | | xxx | True | neutron-linuxbridge-agent || c4f84424-9e37-417f-b587-d474d7b8c6fd | Linux bridge agent | compute1 | | :-) | True | neutron-linuxbridge-agent || ca7f5ce5-ef15-4777-8c53-70bb32939d9e | Linux bridge agent | controller | | :-) | True | neutron-linuxbridge-agent |+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
我这里compute2没有启动所以 alive状态是xxx
出现以上信息,表示安装成功。
dashboard安装请参考: