|
一、环境准备
1、虚拟机准备
IP地址主机名操作系统
192.168.56.11linux-node1CentOS7
192.168.56.12linux-node2CentOS7其中,linux-node1当作控制节点
linux-node2当作计算节点
二、neutron服务
OpenStack网络(neutron)管理OpenStack环境中所有虚拟网络基础设施(VNI),物理网络基础设施(PNI)的接入层。
三、安装和配置
1、安装
[root@linux-node1 ~]# yum install -y openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables2、配置
先决条件
(1)创建数据库
(2)获得 admin 凭证来获取只有管理员能执行的命令的访问权限
创建用户
3、配置数据库连接
我们选择配置公共网络
connection = mysql+pymysql://neutron:neutron@192.168.56.11/neutron
4、配置keystone
vim /etc/neutron/neutron.conf
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://192.168.56.11:5000
auth_url = http://192.168.56.11:35357
memcached_servers = 192.168.56.11:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron5、配置rabbitmq
vim /etc/neutron/neutron.conf
rpc_backend = rabbit
rabbit_host = 192.168.56.11
rabbit_userid = openstack
rabbit_password = openstack6、配置neutron
vim /etc/neutron/neutron.conf
core_plugin = ml2
service_plugins =
#在[DEFAULT]和[nova]部分,配置网络服务来通知计算节点的网络拓扑变化
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[nova]
auth_url = http://192.168.56.11:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
#配置锁路径
lock_path = /var/lib/neutron/tmp7、配置Modular Layer2插件
ML2插件使用Linuxbridge机制来为实例创建layer-2虚拟网络基础设施
type_drivers = flat,vlan,gre,vxlan,geneve
tenant_network_types =
mechanism_drivers = linuxbridge,openvswitch
extension_drivers = port_security
flat_networks = public
enable_ipset = true8、配置Linuxbridge代理
[root@linux-node1 ~]# vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = public:eth0
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
enable_vxlan = false9、配置DHCP代理
vim /etc/neutron/dhcp_agent.ini
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true10、配置元数据代理
vim /etc/neutron/metadata_agent.ini
nova_metadata_ip = 192.168.56.11
metadata_proxy_shared_secret = oldboy11、为nova-api配置网络服务
vim /etc/nova/nova.conf
url = http://192.168.56.11:9696
auth_url = http://192.168.56.11:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron12、完成安装后的操作
(1)创建软链接
网络服务初始化脚本需要一个超链接 /etc/neutron/plugin.ini指向ML2插件配置文件/etc/neutron/plugins/ml2/ml2_conf.ini。如果超链接不存在,使用下面的命令创建它
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini(2)同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron(3)重启nova-api服务
systemctl restart openstack-nova-api.service(4)启动neutron,并设置开机启动
[root@linux-node1 ~]# systemctl enable neutron-server.service \
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
> neutron-metadata-agent.service
[root@linux-node1 ~]# systemctl start neutron-server.service \
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
> neutron-metadata-agent.service13、在keystone上做服务注册
在创建之前,要先执行环境变量脚本
[root@linux-node1 ~]# source admin-openstack.sh再创建网络
[root@linux-node1 ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 8e34c26e3fec40f4bd0bd3f86e20df76 |
| name | neutron |
| type | network |
+-------------+----------------------------------+创建服务的API endpoint
[root@linux-node1 ~]# openstack endpoint create --region RegionOne network public http://192.168.56.11:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7bddf204d5264c678049eef6cc6ab88d |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e34c26e3fec40f4bd0bd3f86e20df76 |
| service_name | neutron |
| service_type | network |
| url | http://192.168.56.11:9696 |
+--------------+----------------------------------+[root@linux-node1 ~]# openstack endpoint create --region RegionOne network admin http://192.168.56.11:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | df3c6758c4414671b0978140ee3c6bb2 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e34c26e3fec40f4bd0bd3f86e20df76 |
| service_name | neutron |
| service_type | network |
| url | http://192.168.56.11:9696 |
+--------------+----------------------------------+[root@linux-node1 ~]# openstack endpoint create --region RegionOne network internal http://192.168.56.11:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 415f75265c074ac1bdb10b140c1fec8e |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 8e34c26e3fec40f4bd0bd3f86e20df76 |
| service_name | neutron |
| service_type | network |
| url | http://192.168.56.11:9696 |
+--------------+----------------------------------+验证是否创建成功
[root@linux-node1 ~]# neutron agent-list
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
| 0324ab11-18a1-4615-83c0-9359d9696655 | Linux bridge agent | linux-node1 | | :-) | True | neutron-linuxbridge-agent |
| 3c1c33f7-a236-4799-a4cb-00c486bced17 | DHCP agent | linux-node1 | nova | :-) | True | neutron-dhcp-agent |
| b23e4246-d1e9-45af-8d20-036d8585ed77 | Metadata agent | linux-node1 | | :-) | True | neutron-metadata-agent |
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+ |
|
|