标签:ipset int processor 网卡名 https emctl ring compute font
一、数据库配置
控制节点创建数据库
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘localhost‘ IDENTIFIED BY ‘neutron2018‘;
GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘%‘ IDENTIFIED BY ‘neutron2018‘;
二、创建认证信息(控制节点)
先生效一下环境变量
创建neutron用户:
openstack user create --domain default --password=neutron neutron #此处密码我设置了neutorn
将neutron加入到admin组和service项目
openstack role add --project service --user neutron admin
创建网络项目:
openstack service create --name neutron --description "OpenStack Networking" network
创建endpoint,将网络服务端口信息注册到认证服务
openstack endpoint create --region RegionOne network public http://10.1.80.110:9696 openstack endpoint create --region RegionOne network internal http://10.1.80.110:9696 openstack endpoint create --region RegionOne network admin http://10.1.80.110:9696
三、安装二层简单网络:
在网络节点执行安装包:
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
编辑配置文件:/etc/neutron/neutron.conf
[database] connection = mysql://neutron:neutron2018@10.1.80.110/neutron [DEFAULT] core_plugin = ml2 service_plugins = router transport_url = rabbit://openstack:openstack2018@10.1.80.110 auth_strategy = keystone notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true [keystone_authtoken] auth_uri = http://10.1.80.110:5000 auth_url = http://10.1.80.110:35357 memcached_servers = 10.1.80.110:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron [nova] auth_url = http://10.1.80.110:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = nova2018 [oslo_concurrency] lock_path = /var/lib/neutron/tmp
编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件配置二层插件
[ml2]
type_drivers = flat,vlan,gre,vxlan,geneve
tenant_network_types = vlan,gre,vxlan,geneve
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = pyth1##可以自己随便取
[securitygroup]
enable_ipset = true
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件配置linux bridge插件
[linux_bridge] physical_interface_mappings = pyth1:ens160 #第二张网卡网卡名 [vxlan] enable_vxlan = false [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
确认内核支持网桥filters并作如下设置,编辑vi /usr/lib/sysctl.d/00-system.conf 修改以下内容
net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf-call-ip6tables=1
sysctl -p
载入br_netfilter模块
modprobe br_netfilter
编辑/etc/neutron/dhcp_agent.ini
[DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true
编辑/etc/neutron/metadata_agent.ini
[default] nova_metadata_host = 10.1.80.110 metadata_proxy_shared_secret = neutron
二、在控制节点nova配置neutron
编辑/etc/nova/nova.conf
[neutron] url = http://10.1.80.112:9696 auth_url = http://10.1.80.110:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = neutron service_metadata_proxy = true metadata_proxy_shared_secret = neutron
网络节点执行:
创建连接文件
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
导入数据库结构
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
控制节点:
systemctl restart openstack-nova-api.service
网络节点:
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
四、计算节点安装网络服务
计算节点安装软件包
yum install openstack-neutron-linuxbridge ebtables ipset -y
修改配置文件/etc/neutron/neutron.conf
[DEFAULT] transport_url = rabbit://openstack:2018@10.1.80.110 auth_strategy = keystone [keystone_authtoken] auth_uri = http://10.1.80.110:5000 auth_url = http://10.1.80.110:35357 memcached_servers = 10.1.80.110:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron [oslo_concurrency] lock_path = /var/lib/neutron/tmp
修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge] physical_interface_mappings = pyth1:ens160 [vxlan] enable_vxlan = false [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置nova 使用neutron,/etc/nova/nova.conf
[neutron] url = http://10.1.80.112:9696 auth_url = http://10.1.80.110:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = neutron
确认内核支持网桥filters并作如下设置,编辑vi /usr/lib/sysctl.d/00-system.conf 修改以下内容
net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1
sysctl -p
重启服务:
systemctl restart openstack-nova-compute.service
启动服务:
systemctl enable neutron-linuxbridge-agent.service systemctl start neutron-linuxbridge-agent.service systemctl status neutron-linuxbridge-agent.service
此处服务起来一会后就自动关闭了
五、控制节点验证
设置admin环境变量
执行命令验证是否成功启动neutron-server
openstack extension list --network
执行命令列出插件,验证网络插件是否成功启动
openstack network agent list
openstack Q版部署-----网络服务(neutron)安装部署(7)
标签:ipset int processor 网卡名 https emctl ring compute font
原文地址:https://www.cnblogs.com/jinyuanliu/p/10312137.html
