8.OpenStack网络组件
添加网络组件
安装和配置控制器节点
创建数据库
mysql -uroot -ptoyo123
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'toyo123';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'toyo123';
exit
创建服务凭据
source admin-openrc.sh
keystone user-create --name neutron --pass Abcd1234
keystone user-role-add --user neutron --tenant service --role admin
keystone service-create --name neutron --type network \
--description "OpenStack Networking"
keystone endpoint-create \
--service-id $(keystone service-list | awk '/ network / {print $2}') \
--publicurl http://controller:9696 \
--adminurl http://controller:9696 \
--internalurl http://controller:9696 \
--region regionOne
安装网络组件
yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient which
查询service
id下面编辑配置文件会用到
source admin-openrc.sh
keystone tenant-get service
编辑/etc/neutron/neutron.conf文件
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [database]
connection = mysql://neutron:toyo123@controller/neutron [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controller:8774/v2
nova_admin_auth_url = http://controller:35357/v2.0
nova_region_name = regionOne
nova_admin_username = nova
nova_admin_tenant_id = 89bc1f42c0194ef4b1ff2dfea07caf2f
nova_admin_password = Abcd1234
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234 [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
编辑 /etc/neutron/plugins/ml2/ml2_conf.ini文件
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
编辑/etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
完成安装
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutron
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service
systemctl enable neutron-server.service
systemctl restart neutron-server.service
验证
source admin-openrc.sh
neutron ext-list
安装和配置网络节点
配置内核网络参数
vim /etc/sysctl.conf
net.ipv4.ip_forward=
net.ipv4.conf.all.rp_filter=
net.ipv4.conf.default.rp_filter= sysctl -p
安装网络组件
yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
编辑/etc/neutron/neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
编辑 /etc/neutron/plugins/ml2/ml2_conf.ini
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_flat]
flat_networks = external [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs]
local_ip = 192.168.116.8
enable_tunneling = True
bridge_mappings = external:br-ex [agent]
tunnel_types = gre
编辑/etc/neutron/l3_agent.ini
mv /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak vim /etc/neutron/l3_agent.ini [DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
verbose = True
编辑/etc/neutron/dhcp_agent.ini
mv /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak vim /etc/neutron/dhcp_agent.ini [DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dhcp_delete_namespaces = True
verbose = True
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
创建/etc/neutron/dnsmasq-neutron.conf并关掉dnsmasq进程
vim /etc/neutron/dnsmasq-neutron.conf dhcp-option-force=,
pkill dnsmasq
编辑/etc/neutron/metadata_agent.ini
mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak
vim /etc/neutron/metadata_agent.ini [DEFAULT]
auth_url = http://controller:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET
verbose = True
编辑/etc/nova/nova.conf
mv /etc/nova/nova.conf /etc/nova/nova.conf_bak
vim /etc/nova/nova.conf [neutron]
service_metadata_proxy = True
metadata_proxy_shared_secret = Abcd1234
重启nova-api服务
systemctl restart openstack-nova-api.service
配置开放的vSwitch(OVS)服务
systemctl enable openvswitch.service
systemctl start openvswitch.service
ovs-vsctl del-br br-ex && ovs-vsctl add-br br-ex && ovs-vsctl add-port br-ex eth0 && reboot
创建ifcfg-br-ex
vim /etc/sysconfig/network-scripts/ifcfg-br-ex
DEVICE=br-ex
DEVICETYPE=ovs
TYPE=OVSBridge
ONBOOT=yes
OVSBOOTPROTO=none
IPADDR=192.168.116.8
PREFIX=24
DEFROUTE=yes
GATEWAY=192.168.116.1
DNS1="114.114.114.114"
编辑/etc/sysconfig/network-scripts/ifcfg-eth0
vim /etc/sysconfig/network-scripts/ifcfg-eth0
TYPE="Ethernet"
BOOTPROTO="none"
DEFROUTE="yes"
NAME="eth0"
UUID="0e9ff19f-53db-4e78-ab16-a271ff92bd2b"
DEVICE="eth0"
ONBOOT="yes"
停止Gro并重启network服务
ethtool -K eth0 gro off && service network restart
创建ml2_conf.ini重定向并启动服务与设置开机自启动
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \
/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \
/usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service \
neutron-ovs-cleanup.service
systemctl restart neutron-openvswitch-agent.service neutron-l3-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service \
neutron-ovs-cleanup.service
验证
source admin-openrc.sh
neutron agent-list
配置计算机节点网络
编辑/etc/sysctl.conf
vim /etc/sysctl.conf net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 sysctl -p
安装网络组件
yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch
编辑/etc/neutron/neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bak
vim /etc/neutron/neutron.conf [DEFAULT]
rpc_backend = rabbit
rabbit_host = controller
rabbit_password = Abcd1234
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True [keystone_authtoken]
auth_uri = http://controller:5000/v2.0
identity_uri = http://controller:35357
admin_tenant_name = service
admin_user = neutron
admin_password = Abcd1234
编辑/etc/neutron/plugins/ml2/ml2_conf.ini
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2]
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch [ml2_type_gre]
tunnel_id_ranges = : [securitygroup]
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver [ovs]
local_ip = 192.168.116.10
enable_tunneling = True [agent]
tunnel_types = gre
启动OVS服务并将其配置为开机自启动
systemctl enable openvswitch.service
systemctl restart openvswitch.service
编辑/etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = Abcd1234
完成安装
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service \
/usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \
/usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl restart openstack-nova-compute.service
systemctl enable neutron-openvswitch-agent.service
systemctl restart neutron-openvswitch-agent.service
验证
source admin-openrc.sh
neutron agent-list
创建外部网络
source admin-openrc.sh
neutron net-create ext-net --router:external True \
--provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet \
--allocation-pool start=192.168.116.240,end=192.168.116.250 \
--disable-dhcp --gateway 192.168.116.1 192.168.116.0/
创建租户网
source demo-openrc.sh
neutron net-create lan-net
neutron subnet-create lan-net --name lan-subnet \
--gateway 192.168.101.1 192.168.101.0/
neutron router-create lan-router
neutron router-interface-add lan-router lan-subnet
neutron router-gateway-set lan-router ext-net
创建路由器以便租户网可以连接外部
验证
ping 192.168.116.150
做了上面的ovs就不要做下面的传统网络
配置控制器节点
配置传统网络
编辑/etc/nova/nova.conf
重启服务
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.api.API
security_group_api = nova
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service
配置计算机节点
安装网络组件
yum install -y openstack-nova-network openstack-nova-api
编辑 /etc/nova/nova.conf
vim /etc/nova/nova.conf [DEFAULT]
network_api_class = nova.network.api.API
security_group_api = nova
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager = nova.network.manager.FlatDHCPManager
network_size =
allow_same_net_traffic = False
multi_host = True
send_arp_for_ha = True
share_dhcp_address = True
force_dhcp_release = True
flat_network_bridge = eth0
flat_interface = eth0
public_interface = eth0
启动服务并配置为开机自启动
systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl restart openstack-nova-network.service openstack-nova-metadata-api.service
创建初始网络(192.168.116.25/29根据当前外网计算得出的这里的外网是指云主机获取到的ip可直接访问外网,生产环境中可将这里配置为从运营商那里获取到的ip段)
source admin-openrc.sh
nova network-create demo-net --bridge eth0 --multi-host T \
--fixed-range-v4 192.168.116.25/
验证
nova net-list
8.OpenStack网络组件的更多相关文章
- OpenStack云计算(一)——OpenStack 网络
关于OpenStack OpenStack它是 Rackspace Cloud 和 NASA 负责的一个开源基础架构即服务的云计算项目. OpenStack 是一个由开发者和云计算技术人员的全球协作开 ...
- 深入理解openstack网络架构(3)-----路由
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture2 译文转自:http://b ...
- 深入理解openstack网络架构(2)----Basic Use Cases
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture1 译文转自: http:// ...
- 深入理解openstack网络架构(1)
原文地址: https://blogs.oracle.com/ronen/entry/diving_into_openstack_network_architecture 译文转载自:http://b ...
- OpenStack网络的前世今生
声明: 本文转自OpenStack中国社区,原文链接:http://www.openstack.cn/p353.html,作者Joshua,转载请注明. 在OpenStack世界中,网络组件最初叫no ...
- openstack 网络架构 nova-network + neutron
openstack网络架构(nova-network/neutron) openstack网络体系中,网络技术没有创新,但用到的技术点很庞杂,包含bridge.vlan.gre.vxlan.ovs.o ...
- openstack 网络简史
openstack 网络简史 研究openstack有2个月的时间,这段时间从网上获取N多宝贵资料,对我的学习有非常大帮助,在加上我自己的研究,最终对openstack整个网络体系有了个浅显的认识,写 ...
- OpenStack—neutron组件介绍与安装
neutron介绍 Neutron 概述:传统的网络管理方式很大程度上依赖于管理员手工配置和维护各种网络硬件设备:而云环境下的网络已经变得非常复杂,特别是在多租户场景里,用户随时都可能需要创建.修改和 ...
- OpenStack—nova组件计算服务
nova介绍: Nova 是 OpenStack 最核心的服务,负责维护和管理云环境的计算资源.OpenStack 作为 IaaS 的云操作系统,虚拟机生命周期管理也就是通过 Nova 来实现的. 用 ...
随机推荐
- Mybatis常用xml
工作中mybatis常用的xml代码 <?xml version="1.0" encoding="UTF-8" ?> <!DOCTYPE ma ...
- laravel5.5任务调度
目录 1. 定义调度 1.1 使用Closure 1.2 Artisan 命令调度 1.3 队列任务调度 1.4 Shell 命令调度 1.5 调度频率设置 1.6 闭包测试限制 1.7 避免任务重复 ...
- runloop的mode作用是什么?
用来控制一些特殊操作只能在指定模式下运行,一般可以通过指定操作的运行mode来控制执行时机,以提高用户体验 系统默认注册了5个Mode kCFRunLoopDefaultMode:App的默认Mode ...
- (原)SpringMVC全注解不是你们那么玩的
前言:忙了段时间,忙得要死要活,累了一段时间,累得死去活来. 偶尔看到很多零注解配置SpringMVC,其实没有根本的零注解. 1)工程图一张: web.xml在servlet3.0里面已经被注解完全 ...
- windows 下开发的 .netCore MVC 部署到 Linux(Mint)
这两天在公司跟同事偶然聊到 .netCore,说到一些趋势什么的.但是说来说去自己也没试过在Linux 机子上部署过,所以就试一下. 尝试之前也在网上看了一些文章,包括 Linux 上.netCore ...
- python 学习分享-socket编程
socket的英文原义是“孔”或“插座”.作为BSD UNIX的进程通信机制,取后一种意思. 通常也称作"套接字",用于描述IP地址和端口,是一个通信链的句柄,可以用来实现不同虚拟 ...
- 第一天docker入门
[01 入门] docker 最核心为三部分组成 镜像,仓库和容器 镜像:一个只读的模板 仓库:代码仓库,镜像的集合 容器:镜像的实例化进程 我们可以这样理解 容器就是一个沙箱,docker利用容器运 ...
- CSU-2110 Keeping Cool
题目链接 http://acm.csu.edu.cn:20080/csuoj/problemset/problem?pid=2110 题目 Description Kevin has just got ...
- Python编码报错
Python默认编码错误SyntaxError: Non-ASCII character '\xe5'之解决方法在编写Python时,当使用中文输出或注释时运行脚本,会提示错误信息:SyntaxErr ...
- Java 循环队列的实现
队列概念 队列(Queue)是限定只能在一端插入.另一端删除的线性表.允许删除的一端叫做队头(front),允许插入的一端叫做队尾(rear),没有元素的队列称为“空队列”. 队列具有先进先出(FIF ...