CentOS7安裝OpenStack-06.安裝Neutron網絡服務

時間  2020-05-09
標籤 centos7 centos 安裝 openstack neutron 網絡 服務 欄目 Tomcat 简体版
原文   原文鏈接

6.0.Neutron概述

OpenStack Networking(neutron),容許建立、插入接口設備,這些設備由其餘的OpenStack服務管理。插件式的實現能夠容納不一樣的網絡設備和軟件,爲OpenStack架構與部署提供了靈活性。mysql

它包含下列組件:linux

neutron-server:接收和路由API請求到合適的OpenStack網絡插件,以達到預想的目的。

OpenStack網絡插件和代理:插拔端口,建立網絡和子網,以及提供IP地址,這些插件和代理依賴於供應商和技術而不一樣,OpenStack網絡基於插件和代理爲Cisco 虛擬和物理交換機、NEC OpenFlow產品,Open vSwitch,Linux bridging以及VMware NSX 產品穿線搭橋。

常見的代理L3(3層),DHCP(動態主機IP地址),以及插件代理。

消息隊列:大多數的OpenStack Networking安裝都會用到,用於在neutron-server和各類各樣的代理進程間路由信息。也爲某些特定的插件扮演數據庫的角色,以存儲網絡狀態

OpenStack網絡主要和OpenStack計算交互,以提供網絡鏈接到它的實例。

6.1.在keystone數據庫中註冊neutron相關服務(控制節點

1)建立neutron數據庫,授予合適的訪問權限

# 鏈接數據庫
mysql -u root -p

# 建立數據並受權
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';

2)在keystone上建立neutron用戶

cd /server/tools
source keystone-admin-pass.sh
openstack user create --domain default --password=neutron neutron
openstack user list

3)將neutron添加到service項目並授予admin角色

# 如下命令無輸出sql

openstack role add --project service --user neutron admin

4)建立neutron服務實體

openstack service create --name neutron --description "OpenStack Networking" network
openstack service list

5)建立neutron網絡服務的API端點(endpoint)

openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
openstack endpoint list

6.2.在控制節點安裝neutron網絡組件

1)安裝neutron軟件包

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

2)快速配置/etc/neutron/neutron.conf

openstack-config --set  /etc/neutron/neutron.conf database connection  mysql+pymysql://neutron:neutron@controller/neutron 
openstack-config --set  /etc/neutron/neutron.conf DEFAULT core_plugin  ml2  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT service_plugins 
openstack-config --set  /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller
openstack-config --set  /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken auth_url  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken memcached_servers  controller:11211
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken auth_type  password  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken project_domain_name default  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken user_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken project_name  service  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken username  neutron  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken password  neutron  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes  True  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes  True  
openstack-config --set  /etc/neutron/neutron.conf nova auth_url  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf nova auth_type  password 
openstack-config --set  /etc/neutron/neutron.conf nova project_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf nova user_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf nova region_name  RegionOne  
openstack-config --set  /etc/neutron/neutron.conf nova project_name  service  
openstack-config --set  /etc/neutron/neutron.conf nova username  nova  
openstack-config --set  /etc/neutron/neutron.conf nova password  nova  
openstack-config --set  /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

# 查看生效的配置數據庫

egrep -v '(^$|^#)' /etc/neutron/neutron.conf

3)快速配置/etc/neutron/plugins/ml2/ml2_conf.ini

openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers  flat,vlan
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types 
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers  linuxbridge
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers  port_security
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks  provider 
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  True

# 查看生效的配置api

egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/ml2_conf.ini

4)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini(標記的網卡名稱,是填寫本身的網卡名稱)

openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens33
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan  enable_vxlan  False
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  enable_security_group  True 
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 查看生效的配置網絡

egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

# 如下參數在啓動neutron-linuxbridge-agent.service的時候會自動設置爲1架構

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

5)快速配置/etc/neutron/dhcp_agent.ini

openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  interface_driver  linuxbridge
openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  dhcp_driver  neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  enable_isolated_metadata  True

# 查看生效的配置app

egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini

# 至此,方式1的配置文件修改完畢dom

6)快速配置/etc/neutron/metadata_agent.ini

openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host controller
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret neutron

# 查看生效的配置ide

egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini

# metadata_proxy_shared_secret選項是元數據代理,須要設置一個合適的密碼這裏設置爲neutron

7)配置計算服務使用網絡服務(控制節點

# 快速配置/etc/nova/nova.conf,將neutron添加到計算節點

openstack-config --set  /etc/nova/nova.conf  neutron url http://controller:9696
openstack-config --set  /etc/nova/nova.conf  neutron auth_url http://controller:5000
openstack-config --set  /etc/nova/nova.conf  neutron auth_type password
openstack-config --set  /etc/nova/nova.conf  neutron project_domain_name default
openstack-config --set  /etc/nova/nova.conf  neutron user_domain_name default
openstack-config --set  /etc/nova/nova.conf  neutron region_name RegionOne
openstack-config --set  /etc/nova/nova.conf  neutron project_name service
openstack-config --set  /etc/nova/nova.conf  neutron username neutron
openstack-config --set  /etc/nova/nova.conf  neutron password neutron
openstack-config --set  /etc/nova/nova.conf  neutron service_metadata_proxy true
openstack-config --set  /etc/nova/nova.conf  neutron metadata_proxy_shared_secret neutron

8)初始化安裝網絡插件

# 建立網絡插件的連接,初始化網絡的腳本插件會用到/etc/neutron/plugin.ini,須要使用ML2的插件進行提供

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

9)同步數據庫

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

10)重啓nova_api服務

systemctl restart openstack-nova-api.service

11)啓動neutron服務並設置開機啓動

# 須要啓動4個服務

systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

6.3.在計算節點安裝neutron網絡組件

1)安裝neutron組件

yum install openstack-neutron-linuxbridge ebtables ipset -y

2)快速配置/etc/neutron/neutron.conf

openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:openstack@controller
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

3)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens33
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 注意:第一個選項physical_interface_mappings選項要配置計算節點自身的網卡名稱provider:ens33

4)配置nova計算服務與neutron網絡服務協同工做

# 快速配置/etc/nova/nova.conf

openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service 
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron

5)重啓計算節點

systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service

6)啓動neutron網絡組件,並配置開機自啓動

# 須要啓動1個服務,網橋代理

systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service

systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

# 至此,計算節點的網絡配置完成,轉回到控制節點進行驗證操做

6.4.在控制節點檢查確認neutron服務安裝成功

1)獲取管理權限

cd /server/tools
source keystone-admin-pass.sh

2)列表查看加載的網絡插件

openstack extension list --network

# 或者使用另外一種方法:顯示簡版信息

neutron ext-list

3)查看網絡代理列表

openstack network agent list

# 正常狀況下:控制節點有3個服務,計算節點有1個服務,若是不是,須要檢查計算節點配置:網卡名稱,IP地址,端口,密碼等要素

~~~neutron安裝部署完畢~~~

相關文章
相關標籤/搜索
每日一句
    每一个你不满意的现在,都有一个你没有努力的曾经。
本站公眾號
   歡迎關注本站公眾號,獲取更多信息
聯繫我們 最近搜索 最新文章 沪ICP备13005482号-10 MyBatis教程 SQL 教程 MySQL教程 Java 教程 Thymeleaf 教程 Hibernate教程 Spring教程 Redis教程