OpenStack(Queens)详细安装部署(五)-网络服务(neutron)安装
OpenStack(Queens)详细安装部署(五)-网络服务(neutron)安装 原创: 扶艾 码农这些事儿 5月1日 本文为扶艾原创文章,版权所有,禁止转载!
本篇文章是本系列的第五篇文章,将继续进行OpenStack网络服务的安装 六、安装网络服务
6.1 (控制节点)配置数据库 - 连接数据库
1# mysql -u root -pfuai123
创建数据库并配置权限
1MariaDB [(none)] CREATE DATABASE neutron; 2 3MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \ 4 IDENTIFIED BY 'fuai123'; 5MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \ 6 IDENTIFIED BY 'fuai123';
6.2 (控制节点)创建认证信息 - 设置admin环境变量
1# . admin-openrc
创建neutron用户
密码我设置的fuai123
1# openstack user create --domain default --password-prompt neutron 2 3User Password: 4Repeat User Password: 5+---------------------+----------------------------------+ 6| Field | Value | 7+---------------------+----------------------------------+ 8| domain_id | default | 9| enabled | True |
10| id | 7e9b55f8c652478784749ac8fb616a4c | 11| name | neutron | 12| options | {} | 13| password_expires_at | None | 14+---------------------+----------------------------------+
将admin角色添加给neutron用户
1# openstack role add --project service --user neutron admin
创建neutron服务
1# openstack service create --name neutron \ 2 --description "OpenStack Networking" network 3 4+-------------+----------------------------------+ 5| Field | Value | 6+-------------+----------------------------------+ 7| description | OpenStack Networking | 8| enabled | True | 9| id | 43992283bd8d426a8956751c40a0de49 |
10| name | neutron | 11| type | network | 12+-------------+----------------------------------+
将网络服务端口信息注册到认证服务
1# openstack endpoint create --region RegionOne \ 2 network public http://controller:9696 3 4+--------------+----------------------------------+ 5| Field | Value | 6+--------------+----------------------------------+ 7| enabled | True | 8| id | c183875c07a54aea810bbdd9e1104827 | 9| interface | public |
10| region | RegionOne | 11| region_id | RegionOne | 12| service_id | 43992283bd8d426a8956751c40a0de49 | 13| service_name | neutron | 14| service_type | network | 15| url | http://controller:9696 | 16+--------------+----------------------------------+ 17 18# openstack endpoint create --region RegionOne \ 19 network internal http://controller:9696 20 21+--------------+----------------------------------+ 22| Field | Value | 23+--------------+----------------------------------+ 24| enabled | True | 25| id | 78b007a132654268a8d822f3f2b64678 | 26| interface | internal | 27| region | RegionOne | 28| region_id | RegionOne | 29| service_id | 43992283bd8d426a8956751c40a0de49 | 30| service_name | neutron | 31| service_type | network | 32| url | http://controller:9696 | 33+--------------+----------------------------------+ 34 35# openstack endpoint create --region RegionOne \ 36 network admin http://controller:9696 37 38+--------------+----------------------------------+ 39| Field | Value | 40+--------------+----------------------------------+ 41| enabled | True | 42| id | 5f152d4b081e448b8e9e76ba002800be | 43| interface | admin | 44| region | RegionOne | 45| region_id | RegionOne | 46| service_id | 43992283bd8d426a8956751c40a0de49 | 47| service_name | neutron | 48| service_type | network | 49| url | http://controller:9696 | 50+--------------+----------------------------------+ 51
注意:我将采用self-service network的方式部署网络
6.3 (控制节点)安装软件包并配置配置文件 - 安装软件包
1# yum install openstack-neutron openstack-neutron-ml2 \ 2 openstack-neutron-linuxbridge ebtables -y
编辑/etc/neutron/neutron.conf文件并配置如下项
1[database] 2connection = mysql+pymysql://neutron:fuai123@controller/neutron 3... 4 5[DEFAULT] 6core_plugin = ml2 7service_plugins = router 8allow_overlapping_ips = true 9transport_url = rabbit://openstack:fuai123@controller
10auth_strategy = keystone 11notify_nova_on_port_status_changes = true 12notify_nova_on_port_data_changes = true 13... 14 15[keystone_authtoken] 16auth_uri = http://controller:5000 17auth_url = http://controller:35357 18memcached_servers = controller:11211 19auth_type = password 20project_domain_name = default 21user_domain_name = default 22project_name = service 23username = neutron 24password = fuai123 25... 26 27[nova] 28auth_url = http://controller:35357 29auth_type = password 30project_domain_name = default 31user_domain_name = default 32region_name = RegionOne 33project_name = service 34username = nova 35password = fuai123 36... 37 38[oslo_concurrency] 39lock_path = /var/lib/neutron/tmp 40...
编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件配置二层插件
1[ml2] 2type_drivers = flat,vlan,vxlan 3tenant_network_types = vxlan 4mechanism_drivers = linuxbridge,l2population 5extension_drivers = port_security 6... 7 8[ml2_type_flat] 9flat_networks = provider
10... 11 12[ml2_type_vxlan] 13vni_ranges = 1:1000 14... 15 16[securitygroup] 17enable_ipset = true 18...
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件配置linux bridge插件
1[linux_bridge] 2physical_interface_mappings = provider:enp0s8 #第二张网卡网卡名 3... 4 5[vxlan] 6enable_vxlan = true 7local_ip = 192.168.0.77 8l2_population = true 9...
10 11[securitygroup] 12enable_security_group = true 13firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver 14...
确认内核支持网桥filters并作如下设置,编辑/etc/sysctl.conf增加以下内容
1net.bridge.bridge-nf-call-iptables=1 2net.bridge.bridge-nf-call-ip6tables=1
载入br_netfilter模块
1# modprobe br_netfilter
从配置文件加载内核参数
1# sysctl -p
编辑/etc/neutron/l3_agent.ini配置三层插件
1[DEFAULT] 2interface_driver = linuxbridge 3...
编辑/etc/neutron/dhcp_agent.ini配置dhcp插件
1[DEFAULT] 2interface_driver = linuxbridge 3dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 4enable_isolated_metadata = true 5...
编辑/etc/neutron/metadata_agent.ini文件配置metadata插件
1[DEFAULT] 2nova_metadata_host = controller 3metadata_proxy_shared_secret = fuai123 4...
编辑文件/etc/nova/nova.conf配置计算服务使用网络服务
1[neutron] 2url = http://controller:9696 3auth_url = http://controller:35357 4auth_type = password 5project_domain_name = default 6user_domain_name = default 7region_name = RegionOne 8project_name = service 9username = neutron
10password = fuai123 11service_metadata_proxy = true 12metadata_proxy_shared_secret = fuai123 13...
6.4 (控制节点)完成安装,导入数据库表,并启动服务
创建链接文件
1# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
导入数据库结构
1# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ 2 --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
重启计算服务
1# systemctl restart openstack-nova-api.service
设置网络服务的开机自启动,并启动网络服务
1# systemctl enable neutron-server.service \ 2 neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ 3 neutron-metadata-agent.service 4# systemctl start neutron-server.service \ 5 neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ 6 neutron-metadata-agent.service 7 8# systemctl enable neutron-l3-agent.service 9# systemctl start neutron-l3-agent.service
6.5 (计算节点)计算节点安装网络服务
安装软件包
1# yum install openstack-neutron-linuxbridge ebtables ipset -y
编辑/etc/neutron/neutron.conf文件完成如下项
1[DEFAULT] 2transport_url = rabbit://openstack:fuai123@controller 3auth_strategy = keystone 4... 5 6[keystone_authtoken] 7auth_uri = http://controller:5000 8auth_url = http://controller:35357 9memcached_servers = controller:11211
10auth_type = password 11project_domain_name = default 12user_domain_name = default 13project_name = service 14username = neutron 15password = fuai123 16... 17 18[oslo_concurrency] 19lock_path = /var/lib/neutron/tmp 20...
配置linux bridge插件,编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini完成如下项
1[linux_bridge] 2physical_interface_mappings = provider:enp0s8 #第二张网卡名 3... 4 5[vxlan] 6enable_vxlan = true 7local_ip = 192.168.0.78 8l2_population = true 9...
10 11[securitygroup] 12enable_security_group = true 13firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver 14...
确认内核支持网桥filters并作如下设置,编辑/etc/sysctl.conf增加以下内容
1net.bridge.bridge-nf-call-iptables=1 2net.bridge.bridge-nf-call-ip6tables=1
载入br_netfilter模块
1# modprobe br_netfilter
从配置文件加载内核参数
1# sysctl -p
配置计算服务使用网络服务/etc/nova/nova.conf
1[neutron] 2url = http://controller:9696 3auth_url = http://controller:35357 4auth_type = password 5project_domain_name = default 6user_domain_name = default 7region_name = RegionOne 8project_name = service 9username = neutron
10password = fuai123 11...
完成安装,设置服务
1# systemctl restart openstack-nova-compute.service 2 3# systemctl enable neutron-linuxbridge-agent.service 4# systemctl start neutron-linuxbridge-agent.service
6.6 (控制节点)验证操作
设置admin环境变量
1# . admin-openrc
执行命令验证是否成功启动neutron-server
这个输出内容太多就没有粘贴出来
1# openstack extension list --network
执行命令列出插件,验证网络插件是否成功启动
1# openstack network agent list 2 3+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ 4| ID | Agent Type | Host | Availability Zone | Alive | State | Binary | 5+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ 6| 4859bc89-2ec8-42e3-aa4e-9bd6173aa996 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent | 7| 53f36185-cd1a-437f-9b48-151c641a0018 | L3 agent | controller | nova | :-) | UP | neutron-l3-agent | 8| 68145ddd-7af4-4617-9dd4-026650a3b962 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent | 9| 8814a062-43e8-41a8-9fb7-0b07e6160dbf | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
10| fbe37150-a54b-40cb-91e6-30552a3dbcf2 | Linux bridge agent | compute | None | :-) | UP | neutron-linuxbridge-agent | 11+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
至此,OpenStack网络服务已经安装验证完成,下面将进行界面的安装,具体请参见文章《OpenStack(Queens)详细安装部署(六)-界面(horizon)安装》
更多精彩内容,OpenStack干货请扫描下方二维码,关注我们微信公众号“扶艾”!
微信扫一扫
关注该公众号
