OpenStack stein安裝（七）neutron on controller

時間 2019-11-06

標籤 openstack stein 安裝 neutron controller 简体版

原文原文鏈接

OpenStack網絡(neutron)容許您建立並將其餘OpenStack服務管理的接口設備附加到網絡上。能夠實現插件來適應不一樣的網絡設備和軟件，從而爲OpenStack體系結構和部署提供靈活性。
它包括如下組成部分:mysql

neutron-server
接受API請求並將其路由到適當的OpenStack網絡插件以執行操做。
OpenStack Networking plug-ins and agents
插件式的網絡端口，建立網絡或子網，並提供IP地址。這些插件和代理的差別取決於特定雲中使用的供應商和技術。OpenStack網絡附帶了用於Cisco虛擬和物理交換機、NEC OpenFlow產品、Open vSwitch、Linux橋接和VMware NSX產品的插件和代理。
常見的代理包括L3 (layer 3)、DHCP(動態主機IP尋址)和插件代理。
Messaging queue
大多數OpenStack網絡安裝都使用它在neutron-server和各類代理之間路由信息。還充當數據庫，存儲特定插件的網絡狀態。linux

Prerequisites

Before you configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API endpoints.sql
1. To create the database, complete these steps:
```
○ Use the database access client to connect to the database server as the root user:
$ mysql -u root -p root123
○ Create the neutron database:
MariaDB [keystone]> CREATE DATABASE neutron;
○ Grant proper access to the neutron database, replacing NEUTRON_DBPASS with a suitable password:
MariaDB [keystone]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron123';
```
2. Source the admin credentials to gain access to admin-only CLI commands:
```
$ . admin-openrc
```
3. To create the service credentials, complete these steps:數據庫
```
○ Create the neutron user:
$ openstack user create --domain default --password-prompt neutron
User Password:neutron123
Repeat User Password:neutron123
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | fdb0f541e28141719b6a43c8944bf1fb |
| name                | neutron                          |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
○ Add the admin role to the neutron user:
$ openstack role add --project service --user neutron admin
 
Note: This command provides no output.
○ Create the neutron service entity:
$ openstack service create --name neutron --description "OpenStack Networking" network

+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | f71529314dab4a4d8eca427e701d209e |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+
```
4. Create the Networking service API endpoints:
```
#openstack endpoint create --region RegionOne network public http://stack.flex.net:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 85d80a6d02fc4b7683f611d7fc1493a3 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://stack.flex.net:9696           |
+--------------+----------------------------------+
```
#openstack endpoint create --region RegionOne network internal http://stack.flex.net:9696api

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 09753b537ac74422a68d2d791cf3714f |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron |
| service_type | network |
| url | http://stack.flex.net:9696 |
+--------------+----------------------------------+服務器

#openstack endpoint create --region RegionOne network admin http://stack.flex.net:9696網絡

+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1ee14289c9374dffb5db92a5c112fc4e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron |
| service_type | network |
| url | http://stack.flex.net:9696 |
+--------------+----------------------------------+dom
```
#### Configure networking options
```
可使用選項1和選項2表示的兩種體系結構中的一種部署網絡服務。ide

選項1部署了最簡單的體系結構，它只支持將實例附加到provider(external)網絡。沒有self-service(private)網絡、路由器或浮動IP地址。只有管理員或其餘特權用戶才能管理provider網絡。flex

選項2支持將實例附加到自助服務網絡的3層服務來加強選項1。demo或其餘無特權用戶能夠管理自助服務網絡，包括在自助服務網絡和提供者網絡之間提供鏈接的路由器。此外，浮動IP地址使用來自外部網絡(如Internet)的自助服務網絡提供到實例的鏈接。

自服務網絡一般使用overlay網絡。overlay網絡協議如vxlan包括額外的頭部信息，這些頭文件增長了開銷，減小了有效負載或用戶數據可用的空間。在不瞭解虛擬網絡基礎設施的狀況下，實例嘗試使用默認的1500字節以太網最大傳輸單元(MTU)發送數據包。網絡服務經過DHCP自動向實例提供正確的MTU值。可是，有些雲鏡像不使用DHCP或忽略DHCP MTU選項，須要使用元數據或腳本進行配置。

選擇下列網絡選項中的一個，或兩個全選，參看下面的兩個章節。並返回這裏再向下繼續配置
○ Networking Option 1: Provider networks
○ Networking Option 2: Self-service networks

Configure the metadata agent

The metadata agent provides configuration information such as credentials to instances.
Edit the /etc/neutron/metadata_agent.ini file and complete the following actions:

○ In the [DEFAULT] section, configure the metadata host and shared secret:
        [DEFAULT]
        # ...
        nova_metadata_host = stack.flex.net
        metadata_proxy_shared_secret = 1234 

        Replace METADATA_SECRET with a suitable secret for the metadata proxy.

Configure the Compute service to use the Networking service

Note: The Nova compute service must be installed to complete this step.
Edit the /etc/nova/nova.conf file and perform the following actions:

○ In the [neutron] section, configure access parameters, enable the metadata proxy, and configure the secret:
        [neutron]
        # ...
        url = http://stack.flex.net:9696
        auth_url = http://stack.flex.net:5000
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        region_name = RegionOne
        project_name = service
        username = neutron
        password = neutron123
        service_metadata_proxy = true
        metadata_proxy_shared_secret = 1234

Finalize installation

The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If this symbolic link does not exist, create it using the following command:
```
# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
```

Populate the database:

# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
注意：因爲腳本須要完整的服務器和插件配置文件，數據庫填充將在稍後用於網絡。

Restart the Compute API service:

# systemctl restart openstack-nova-api.service

Start the Networking services and configure them to start when the system boots.

For both networking options:
    # systemctl enable neutron-server.service \
      neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
      neutron-metadata-agent.service
    # systemctl start neutron-server.service \
      neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
      neutron-metadata-agent.service

For networking option 2, also enable and start the layer-3 service:
    # systemctl enable neutron-l3-agent.service
    # systemctl start neutron-l3-agent.service