configure neutron controller node:
1. on keystone node
mysql -uroot -p
mysql> create database neutron;
mysql> grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'NEUTRON-DBPASS';
mysql> grant all privileges on neutron.* to 'neutron'@'%' identified by 'NEUTRON-DBPASS';
mysql> flush privileges;
# Create a neutron user
keystone user-create --tenant service --name neutron --pass NEUTRON-USER-PASSWORD
# Add role to the neutron user
keystone user-role-add --user neutron --tenant service --role admin
# Create the neutron service
keystone service-create --name=neutron --type=network --description="Neutron Network Service"
service neutron-server start; chkconfig neutron-server on
Neutron Network Node:
1. service NetworkManager stop; chkconfig NetworkManager off
service network start; chkconfig network on
disable firewall and selinux
service iptables stop; chkconfig iptables off
service ip6tables stop; chkconfig ip6tables off
2. eth0 for management/public/floating (192.168.1.0/24), eth1 for internal/flat (192.168.30.0/24), it's recommended to use seperated nic for management network
vi /etc/sysconfig/network-scripts/ifcfg-eth2
DEVICE=eth2
TYPE=Ethernet
ONBOOT=yes
BOOTPROTO=none
3. set hostname in /etc/sysconfig/network and /etc/hosts
192.168.1.10 controller
192.168.1.11 node1
192.168.1.12 neutronnet
4. yum -y install ntp
vi /etc/ntp.conf
server 192.168.1.10
restrict 192.168.1.10
for s in neutron-{dhcp,metadata,l3,openvswitch}-agent; do
service $s start
chkconfig $s on
done
Neutron Compute Node:
1. service NetworkManager stop; chkconfig NetworkManager off
service network start; chkconfig network on
disable firewall and selinux
service iptables stop; chkconfig iptables off
service ip6tables stop; chkconfig ip6tables off
2. eth0 for management/public/floating (192.168.1.0/24), eth1 for internal/flat (192.168.30.0/24), it's recommended to use seperated nic for management network
3. set hostname in /etc/sysconfig/network and /etc/hosts
192.168.1.10 controller
192.168.1.11 node1
192.168.1.12 neutronnet
4. yum -y install qemu-kvm libvirt python-virtinst bridge-utils
# make sure modules are loaded
lsmod | grep kvm
service libvirtd start; chekconfig libvirtd on
service messagebus start; chkconfig messagebus on
5. yum -y install ntp
vi /etc/ntp.conf
server 192.168.1.10
restrict 192.168.1.10
9. egrep -c '(vmx|svm)' /proc/cpuinfo
If this command returns a value of one or greater, do nothiong
If this command returns a value of zero, set libvirt_type=qemu in nova.conf
10. chown -R nova:nova /etc/nova /var/log/nova
service openstack-nova-compute start; chkconfig openstack-nova-compute on
now for neutron plugin agent:
11. disable packet destination filtering
vi /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
nova keypair-add demokey > demokey.pem
nova keypair-list
nova flavor-list
nova image-list
neutron net-list
neutron subnet-list
demonet=`neutron net-list | grep demo-net | awk '{ print $2 }'`
nova boot --flavor 1 --image "CirrOS 0.3.2" --key-name demokey --security-groups test-sec --nic net-id=$demonet CirrOS Notes: you should have enough memory on KVM nodes, or you will not get instances created.
1. you can use vmware workstation to build images, then upload to glance using dashboard
ubuntu
1). vi /etc/hosts to remove 127.0.1.1. item
2). enable ssh login
3). enable dhcp client on interface
4). enable normal username/password
5). set root password
centos/redhat
1). rm -rf /etc/ssh/ssh_host_*
2). vi /etc/sysconfig/network-scripts/ifcfg-ethX to remove HWADDR and UUID items
3). rm -rf /etc/udev/rules.d/70-persistent-net.rules
4). enable ssh login
5). enable dhcp client on interface (also vi /etc/sysconfig/network, /etc/resolv.conf) 6). enable normal username/password
7). set root password
2. launch instance without keypair
nova commands:
nova list; nova show CirrOS
nova stop CirrOS
nova start CirrOS
# get vnc console address via web browser:
nova get-vnc-console CirrOS novnc
# Create a floating IP addresson the ext-net external network
neutron floatingip-create ext-net
neutron floatingip-list
# Associate the floating IP address with your instance even it's running
nova floating-ip-associate CirrOS 192.168.1.201
( nova floating-ip-disassociate cirros 192.168.1.201 )
nova list
ping 192.168.1.201 (floating ip)
using xshell or putty to ssh -i demokey.pem cirros@192.168.1.201 (username: cirros, password: cubswin:))
[ for ubuntu cloud image: username is ubuntu, for fedora cloud image: username is fedora ]
now we can ping and ssh to 192.168.1.201, and CirrOS can access Internet now.
Notes: you should have enough space in /var/lib/nova/instances for store VMs, you can mount partition to it ( using local or shared storages).
Fixed IP addresses with OpenStack Neutron for tenant networks