Openstack_newton手动安装配置（二）

q2009a06z22

Networking service

Prerequisites

• To create the database, complete these steps:
  
  

Use the databaseaccess client to connect to the database server as the root user:

mysql -u root -p

Create the neutron database:

mysql> CREATE DATABASE neutron;

Grant properaccess to the neutron database,replacing NEUTRON_DBPASS with a suitablepassword:

mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \  IDENTIFIED BY 'NEUTRON_DBPASS';mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \  IDENTIFIED BY 'NEUTRON_DBPASS';

• To create the service credentials, completethese steps:
  
  

Create the neutron user:

openstack user create --domain default --password-prompt neutron
密码：neutron

Add the admin role to the neutron user:

openstack role add --project service --user neutron admin

Create the neutron service entity:

$ openstack service create --name neutron \  --description "OpenStack Networking" network

• Create the Networking service API endpoints:
  
  

openstack endpoint create --region RegionOne \  network public http://controller:9696
openstack endpoint create --region RegionOne \  network internal http://controller:9696
openstack endpoint create --region RegionOne \  network admin http://controller:9696

Configure themetadata agent

Networking Option 2: Self-servicenetworks
yum install openstack-neutron openstack-neutron-ml2 \  openstack-neutron-linuxbridge ebtables

Configure the server component

• Edit the /etc/neutron/neutron.conf file andcomplete the following actions:
  
  

In the [database] section,configure database access:

[database]...connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron

In the [DEFAULT] section, enablethe Modular Layer 2 (ML2) plug-in, router service, and overlapping IPaddresses:

[DEFAULT]...core_plugin = ml2service_plugins = routerallow_overlapping_ips = True

In the [DEFAULT] section,configure RabbitMQ message queueaccess:

[DEFAULT]...transport_url = rabbit://openstack:RABBIT_PASS@controller

In the [DEFAULT] and [keystone_authtoken] sections,configure Identity service access:

[DEFAULT]...auth_strategy = keystone
[keystone_authtoken]...auth_uri = http://controller:5000auth_url = http://controller:35357memcached_servers = controller:11211auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultproject_name = serviceusername = neutronpassword = NEUTRON_PASS

In the [DEFAULT] and [nova] sections,configure Networking to notify Compute of network topology changes:

[DEFAULT]...notify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes = True
[nova]...auth_url = http://controller:35357auth_type = passwordproject_domain_name = defaultuser_domain_name = defaultregion_name = RegionOneproject_name = serviceusername = novapassword = NOVA_PASS

In the [oslo_concurrency] section,configure the lock path:

[oslo_concurrency]...lock_path = /var/lib/neutron/tmp

Configure the Modular Layer 2 (ML2) plug-in

• Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file andcomplete the following actions:
  
  

In the [ml2] section, enableflat, VLAN, and VXLAN networks:

[ml2]...type_drivers = flat,vlan,vxlan

In the [ml2] section, enableVXLAN self-service networks:

[ml2]...tenant_network_types = vxlan

In the [ml2] section, enablethe Linux bridge and layer-2 population mechanisms:

[ml2]...mechanism_drivers = linuxbridge,l2population

In the [ml2] section, enablethe port security extension driver:

[ml2]...extension_drivers = port_security

In the [ml2_type_flat] section,configure the provider virtual network as a flat network:

[ml2_type_flat]...flat_networks = provider

In the [ml2_type_vxlan] section,configure the VXLAN network identifier range for self-service networks:

[ml2_type_vxlan]...vni_ranges = 1:1000

In the [securitygroup] section, enable ipset to increaseefficiency of security group rules:

[securitygroup]...enable_ipset = True

Configure the Linux bridgeagent

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file andcomplete the following actions:

In the [linux_bridge] section, map theprovider virtual network to the provider physical network interface:

[linux_bridge]physical_interface_mappings=provider:eno33554984

In the [vxlan] section, enableVXLAN overlay networks, configure the IP address of the physical networkinterface that handles overlay networks, and enable layer-2 population:

[vxlan]enable_vxlan=Truelocal_ip=192.168.174.222l2_population=True

In the [securitygroup] section, enablesecurity groups and configure the Linux bridge iptables firewall driver:

[securitygroup]...enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure the layer-3agent

Edit the /etc/neutron/l3_agent.ini file andcomplete the following actions:

In the [DEFAULT] section,configure the Linux bridge interface driver and external network bridge:

[DEFAULT]...interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriverexternal_network_bridge =

Configure the DHCP agent

Edit the /etc/neutron/dhcp_agent.ini file and complete the followingactions:

• In the [DEFAULT] section, configure the Linuxbridge interface driver, Dnsmasq DHCP driver, and enable isolated metadata soinstances on provider networks can access metadata over the network:
  
  

·        [DEFAULT]

·        ...

·        interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver

·        dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

·        enable_isolated_metadata = True

Install the components

yum install openstack-neutron-linuxbridgeebtables ipset

Configure the common component

Edit the /etc/neutron/neutron.conf file and complete the followingactions:

• In the [database] section, comment out any connection options because compute nodes donot directly access the database.
  
  
• In the [DEFAULT] section, configure RabbitMQ message queue access:
  
  

·        [DEFAULT]

·        ...

·        transport_url = rabbit://openstack:RABBIT_PASS@controller

In the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:

[DEFAULT]

...

auth_strategy = keystone

[keystone_authtoken]

...

auth_uri = http://controller:5000

auth_url = http://controller:35357

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = NEUTRON_PASS

In the [oslo_concurrency] section, configure the lock path:

[oslo_concurrency]

...

lock_path = /var/lib/neutron/tmp

Configure networking options

ConfigureCompute to use Networking

Edit the /etc/nova/nova.conf file and complete the followingactions:

• In the [neutron] section, configure accessparameters:
  
  

·        [neutron]

·        ...

·        url = http://controller:9696

·        auth_url = http://controller:35357

·        auth_type = password

·        project_domain_name = default

·        user_domain_name = default

·        region_name = RegionOne

·        project_name = service

·        username = neutron

·        password = NEUTRON_PASS

Finalize installation

Restart the Compute service:

systemctl restartopenstack-nova-compute.service

Start the Linux bridge agent andconfigure it to start when the system boots:

# systemctl enable neutron-linuxbridge-agent.service

# systemctl start neutron-linuxbridge-agent.service

• The Networkingservice initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If thissymbolic link does not exist, create it using the following command:
  
  

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini/etc/neutron/plugin.ini

• Populate thedatabase:
  
  

su -s /bin/sh -c "neutron-db-manage --config-file/etc/neutron/neutron.conf \

  --config-file/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

• Restart theCompute API service:
  
  

systemctl restart openstack-nova-api.service

• Start the Networking services andconfigure them to start when the system boots.
  
  
  For both networking options:
  
  

# systemctl enable neutron-server.service \

neutron-linuxbridge-agent.service neutron-dhcp-agent.service \

neutron-metadata-agent.service

# systemctl start neutron-server.service \

neutron-linuxbridge-agent.service neutron-dhcp-agent.service \

neutron-metadata-agent.service

For networking option 2, also enable and start the layer-3service:

# systemctl enable neutron-l3-agent.service

# systemctl start neutron-l3-agent.service

验证网络配置：

the dashboard on the controller node

yum install openstack-dashboard

1. Edit the /etc/openstack-dashboard/local_settings file and complete the followingactions:

• Configure the dashboard to useOpenStack services on the controller node:
  
  

·        OPENSTACK_HOST="controller"

• Allow all hoststo access the dashboard:
  
  

·        ALLOWED_HOSTS=['*', ]

• Configure the memcached session storageservice:
  
  

·        SESSION_ENGINE = 'django.contrib.sessions.backends.cache'

·        

·        CACHES = {

·            'default': {

·                 'BACKEND':'django.core.cache.backends.memcached.MemcachedCache',

·                 'LOCATION':'controller:11211',

·            }

·        }

• Enable theIdentity API version 3:
  
  

·        OPENSTACK_KEYSTONE_URL="http://%s:5000/v3" % OPENSTACK_HOST

• Enable supportfor domains:
  
  

·        OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=True

• Configure APIversions:
  
  

·        OPENSTACK_API_VERSIONS = {

·            "identity": 3,

·            "image": 2,

·            "volume": 2,

·        }

• Configure default as the defaultdomain for users that you create via the dashboard:
  
  

·        OPENSTACK_KEYSTONE_DEFAULT_DOMAIN="default"

• Configure user as the defaultrole for users that you create via the dashboard:
  
  

·        OPENSTACK_KEYSTONE_DEFAULT_ROLE="user"

• If you chosenetworking option 1, disable support for layer-3 networking services:
  
  

·        OPENSTACK_NEUTRON_NETWORK = {

·            ...

·            'enable_router': False,

·            'enable_quotas': False,

·            'enable_distributed_router':False,

·            'enable_ha_router': False,

·            'enable_lb': False,

·            'enable_firewall': False,

·            'enable_vpn': False,

·            'enable_fip_topology_check':False,

·        }

• Optionally,configure the time zone:
  
  

·        TIME_ZONE="TIME_ZONE"

Finalize installation

systemctl restart httpd.servicememcached.service

OK，安装完成可以使用啦

刚开始进入的时候先创建网络

网络创建完毕后创建云主机类型

Ok可以创建虚拟机啦

由于做的比较简单当下一步到网络的时候就可以直接点击创建云主机啦

OK大功告成。

附上官方文档地址：centos7，linux系统可自行选择。

http://docs.openstack.org/newton/install-guide-rdo/horizon-install.html