传统公司部署OpenStack(t版)简易介绍(六)——neutron模块部署
生活随笔
收集整理的這篇文章主要介紹了
传统公司部署OpenStack(t版)简易介绍(六)——neutron模块部署
小編覺得挺不錯的,現在分享給大家,幫大家做個參考.
傳統公司部署OpenStack(t版)簡易介紹(六)——neutron模塊部署
- 一、ct 控制節點創建數據庫neutron,并進行授權
- 二、c1、c2 節點(以c1為例)
- 三、ct 節點驗證
- 總結
一、ct 控制節點創建數據庫neutron,并進行授權
mysql -u root -p CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS'; flush privileges; exit#創建neutron用戶,用于在keystone做認證 openstack user create --domain default --password NEUTRON_PASS neutron#將neutron用戶添加到service項目中擁有管理員權限 openstack role add --project service --user neutron admin#創建network服務,服務類型為network openstack service create --name neutron --description "OpenStack Networking" network#注冊API到neutron服務,給neutron服務關聯端口,即添加endpoint openstack endpoint create --region RegionOne network public http://ct:9696 openstack endpoint create --region RegionOne network internal http://ct:9696 openstack endpoint create --region RegionOne network admin http://ct:9696#安裝提供者網絡(橋接)#ebtables包是用來管理iptables規則的 yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables conntrack-tools#更改主配置文件neutron.conf cp -a /etc/neutron/neutron.conf{,.bak} grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp openstack-config --set /etc/neutron/neutron.conf nova auth_url http://ct:5000 openstack-config --set /etc/neutron/neutron.conf nova auth_type password openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne openstack-config --set /etc/neutron/neutron.conf nova project_name service openstack-config --set /etc/neutron/neutron.conf nova username nova openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS#修改 ML2 plugin 配置文件 ml2_conf.ini cp -a /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak} grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000 openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true#修改 linux bridge network provider 配置文件 cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak} grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth1 ###eth1網卡名稱 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.100.10 ##控制節點IP地址 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver#修改內核參數 echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf modprobe br_netfilter sysctl -p#配置Linux bridge接口驅動和外部網絡網橋 cp -a /etc/neutron/l3_agent.ini{,.bak} grep -Ev '^$|#' /etc/neutron/l3_agent.ini.bak > /etc/neutron/l3_agent.ini openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge#修改dhcp_agent 配置文件 cp -a /etc/neutron/dhcp_agent.ini{,.bak} grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak > /etc/neutron/dhcp_agent.ini openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true#修改dhcp_agent的配置文件內容 cat dhcp_agent.ini [DEFAULT] interface_driver = linuxbridge #指定默認接口驅動為linux網橋 dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq #指定DHCP驅動 enable_isolated_metadata = true #開啟iso元數據#配置元數據代理、用于配置橋接與自服務網絡的通用配置 cp -a /etc/neutron/metadata_agent.ini{,.bak} grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host ct openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET#配置文件內容 cat metadata_agent.ini [DEFAULT] nova_metadata_host = ct metadata_proxy_shared_secret = METADATA_SECRET [cache]#修改nova配置文件,用于neutron交互 openstack-config --set /etc/nova/nova.conf neutron url http://ct:9696 openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET#創建ML2插件文件符號連接 #網絡服務初始化腳本需要/etc/neutron/plugin.ini指向ML2插件配置文件的符號鏈接 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini#初始化數據庫 su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron#重啟計算節點nova-api服務 systemctl restart openstack-nova-api.service#開啟neutron服務、設置開機自啟動 systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service systemctl start neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service netstat -anutp |grep 9696#因為配置了第三層L3網絡服務、所以需要啟動第三層服務 systemctl enable neutron-l3-agent.service systemctl restart neutron-l3-agent.service
二、c1、c2 節點(以c1為例)
yum -y install openstack-neutron-linuxbridge ebtables ipset conntrack-tools#修改neutron.conf文件 cp -a /etc/neutron/neutron.conf{,.bak} grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp#配置Linux網橋代理 cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak} grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth1 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.100.20 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver#修改內核 echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf #允許虛擬機的數據通過物理機出去 echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf modprobe br_netfilter #modprobe:用于向內核中加載模塊或者從內核中移除模塊。modprobe -r 表示移除 sysctl -p#修改nova.conf配置文件 openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS#重啟openstack-nova-compute服務,配置網絡服務。 systemctl restart openstack-nova-compute.service ###重新啟動計算節點上的Nova服務#啟動neutron網橋代理服務 設置開機自啟動 systemctl enable neutron-linuxbridge-agent.service systemctl start neutron-linuxbridge-agent.service
三、ct 節點驗證
#驗證服務組件 openstack extension list --network openstack network agent list總結
- 三個節點都需要配置neutron網絡,以下為部署思路:
- 配置neutron組件的用戶、認證、endpoint
- 設置提供者provider網絡(這里是橋接模式)
① 配置二層網絡
② 配置網橋(插件)
③ 優化內核
④ 配置網橋接口與外部對接
⑤ 修改DHCP配置(修改配置文件、代理)
⑥ 配置網橋與內部組件的配置(修改配置文件、代理)
設置neutron與nova對接的配置
其中C1、C2節點配置相同
總結
以上是生活随笔為你收集整理的传统公司部署OpenStack(t版)简易介绍(六)——neutron模块部署的全部內容,希望文章能夠幫你解決所遇到的問題。
- 上一篇: 传统公司部署OpenStack(t版)简
- 下一篇: 传统公司部署OpenStack(t版)简