openstack-o版-neutron安裝

時間  2020-09-24 標籤 openstack neutron 安裝

    Neutron 爲整個 OpenStack 環境提供網絡支持,包括二層交換,三層路由,負載均衡,防火牆和
××× 等。Neutron 提供了一個靈活的框架,經過配置,不管是開源仍是商業軟件均可以被用來實現
這些功能。下面咱們來搭建neutron服務。mysql

    

    建立數據庫linux

[root@wang01 ~]# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
    ->   IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
    ->   IDENTIFIED BY 'NEUTRON_DBPASS';

    建立neutron用戶sql

[root@wang02 ~]# openstack user create --domain default --password NEUTRON_PASS neutron
wKiom1lkJ26CRXBGAAAeifvFjL8374.png數據庫


    將admin角色添加到neutron項目中api

[root@wang02 ~]# openstack role add --project service --user neutron admin網絡


    建立neutron實體app

[root@wang02 ~]#  openstack service create --name neutron \
>   --description "OpenStack Networking" network
wKiom1lkKcOi-DX4AAAfpYfx9bU095.png負載均衡


    建立neutron的api框架

[root@wang02 ~]# openstack endpoint create --region RegionOne \
>   network public http://wang02:9696
wKiom1lkKmXyvnboAAArMLprHmQ670.pngdom


[root@wang02 ~]#  openstack endpoint create --region RegionOne \
>   network internal http://wang02:9696
wKiom1lkKqzxZyUgAAAtEOo9VV0971.png


[root@wang02 ~]# openstack endpoint create --region RegionOne \
>   network admin http://wang02:9696

wKiom1lkKuehdLucAAAsdn5Ogl4580.png


    下載neutron的安裝包

[root@wang02 ~]# yum install openstack-neutron openstack-neutron-ml2 \
>   openstack-neutron-linuxbridge ebtables -y

    修改配置文件

<1> /etc/neutron/neutron.conf

[root@wang02 ~]# sed -i '/^\[database\]$/a\
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@wang01/neutron' /etc/neutron/neutron.conf
[root@wang02 ~]# sed -i '/^\[DEFAULT\]$/a\
core_plugin = ml2 \
service_plugins = \
transport_url = rabbit://openstack:rabbit_pass@wang01 \
auth_strategy = keystone \
notify_nova_on_port_status_changes = true \
notify_nova_on_port_data_changes = true' /etc/neutron/neutron.conf
[root@wang02 ~]# sed -i '/^\[keystone_authtoken\]$/a\
auth_uri = http://wang02:5000 \
auth_url = http://wang02:35357 \
memcached_servers = wang01:11211 \
auth_type = password \
project_domain_name = default \
user_domain_name = default \
project_name = service \
username = neutron \
password = neutron_pass' /etc/neutron/neutron.conf
[root@wang02 ~]# sed -i '/^\[nova\]$/a\
auth_url = http://wang02:35357 \
auth_type = password \
project_domain_name = default \
user_domain_name = default \
region_name = RegionOne \
project_name = service \
username = nova \
password = nova_pass' /etc/neutron/neutron.conf
[root@wang02 ~]# sed -i '/^\[oslo_concurrency\]$/a\
lock_path = /var/lib/neutron/tmp' /etc/neutron/neutron.conf


<2>/etc/neutron/plugins/ml2/ml2_conf.ini

[root@wang02 ~]# cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
[root@wang02 ~]# cat /etc/neutron/plugins/ml2/ml2_conf.ini.bak | grep -v ^# | uniq > /etc/neutron/plugins/ml2/ml2_conf.ini

[root@wang02 ~]# sed -i '/^\[ml2\]$/a\
type_drivers = flat,vlan,gre,vxlan,geneve \
tenant_network_types = flat,vlan,gre,vxlan,geneve \
mechanism_drivers = linuxbridge \
extension_drivers = port_security' /etc/neutron/plugins/ml2/ml2_conf.ini
[root@wang02 ~]# sed -i '/^\[ml2_type_flat\]$/a\
flat_networks = provider' /etc/neutron/plugins/ml2/ml2_conf.ini
[root@wang02 ~]# sed -i '/^\[securitygroup\]$/a\
enable_ipset = true' /etc/neutron/plugins/ml2/ml2_conf.ini


<3>/etc/neutron/dhcp_agent.ini

[root@wang02 ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@wang02 ~]# cat /etc/neutron/dhcp_agent.ini.bak | grep -v ^# | uniq > /etc/neutron/dhcp_agent.ini

[root@wang02 ~]# sed -i '/^\[DEFAULT\]$/a\
interface_driver = linuxbridge \
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq \
enable_isolated_metadata = true' /etc/neutron/dhcp_agent.ini


<5>/etc/neutron/plugins/ml2/linuxbridge_agent.ini

[root@wang02 ~]#cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@wang02 ~]#cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak | grep -v ^# | uniq > /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[root@wang02 ~]#sed -i '/^\[linux_bridge\]$/a\
physical_interface_mappings = provider:eth0' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@wang02 ~]#sed -i '/^\[vxlan\]$/a\
enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@wang02 ~]#sed -i '/^\[securitygroup\]$/a\
enable_security_group = true \
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


<4>/etc/neutron/metadata_agent.ini

[root@wang02 ~]#cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
[root@wang02 ~]#cat /etc/neutron/metadata_agent.ini.bak | grep -v ^# | uniq > /etc/neutron/metadata_agent.ini

[root@wang02 ~]#sed -i '/^\[DEFAULT\]$/a\
nova_metadata_ip = ctrl.ryb.edu \
metadata_proxy_shared_secret = metadata_secret' /etc/neutron/metadata_agent.ini

[root@wang02 ~]#sed -i '/^\[neutron\]$/a\
url = http://ctrl.ryb.edu:9696 \
auth_url = http://ctrl.ryb.edu:35357 \
auth_type = password \
project_domain_name = default \
user_domain_name = default \
region_name = RegionOne \
project_name = service \
username = neutron \
password = neutron_pass \
service_metadata_proxy = true \
metadata_proxy_shared_secret = metadata_secret' /etc/nova/nova.conf


[root@wang02 ~]#ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini


    同步數據庫

[root@wang02 ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron


    重啓NOVA服務

[root@wang02 ~]# systemctl restart openstack-nova-api.service

    

    啓動NEUTRON服務
[root@wang02 ~]# systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service \
neutron-dhcp-agent.service \
neutron-metadata-agent.service

[root@wang02 ~]# systemctl restart neutron-server.service \
neutron-linuxbridge-agent.service \
neutron-dhcp-agent.service \
neutron-metadata-agent.service


    計算節點配置


    下載安裝包

[root@wang03 ~] yum install openstack-neutron-linuxbridge ebtables ipset

    修改配置文件

[root@wang03 ~] cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@wang03 ~] cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak | grep -v ^# | uniq > /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[root@wang03 ~] sed -i '/^\[linux_bridge\]$/a\
physical_interface_mappings = provider:eth0' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@wang03 ~] sed -i '/^\[vxlan\]$/a\
enable_vxlan = false' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@wang03 ~] sed -i '/^\[securitygroup\]$/a\
enable_security_group = true \
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver' /etc/neutron/plugins/ml2/linuxbridge_agent.ini


    修改NOVA的配置文件

[root@wang03 ~] sed -i '/^\[neutron\]$/a\
url = http://wang02:9696 \
auth_url = http://wang02:35357 \
auth_type = password \
project_domain_name = default \
user_domain_name = default \
region_name = RegionOne \
project_name = service \
username = neutron \
password = neutron_pass' /etc/nova/nova.conf


    重啓NOVA服務

[root@wang03 ~] systemctl restart openstack-nova-compute.service
    

    啓動neutron服務
[root@wang03 ~] systemctl enable neutron-linuxbridge-agent.service
[root@wang03 ~] systemctl restart neutron-linuxbridge-agent.service


    控制節點驗證服務

[root@wang02 ~]#  openstack network agent list
wKioL1lkOO-z3DAOAABRKL9J_VM455.png

联系我们 沪ICP备13005482号-10