RDO部署openstack(3)
目前OpenStackNeutron框架支持的网络服务有:LoadBalancing as a Service,VPNas a Service,Firewallas a Service。
1. 安装和配置网络服务(在网络节点上)
(1) 安装软件包
yum install openstack-neutron-vpn-agent openstack-neutron openswan haproxy
/etc/sysctl.conf:
net.ipv4.conf.default.accept_redirects=0
net.ipv4.conf.default.send_redirects=0
(2) VPNaaS的特别要求
检查Ipsec服务状态,VPNaaS需要。
chkconfig ipsec on
service ipsec start
ipsec verify
ln -s /dev/urandom /dev/random
(3) 配置服务(我这边把三类服务一起配了,其实一看就该明白,配置项都类似)
/usr/share/neutron/neutron-dist.conf
service_provider = LOADBALANCER:Haproxy:neutron.services.loadbalancer.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
service_provider = VPN:openswan:neutron.services.vpn.service_drivers.ipsec.IPsecVPNDriver:default
service_provider = FIREWALL:Iptables:neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
/etc/neutron/neutron.conf
service_plugins = neutron.services.l3_router.l3_router_plugin.L3RouterPlugin,neutron.services.loadbalancer.plugin.LoadBalancerPlugin, neutron.services.firewall.fwaas_plugin.FirewallPlugin,neutron.services.vpn.plugin.VPNDriverPlugin
/etc/neutron/fwaas_driver.ini
[fwaas]
#driver =neutron.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
/etc/neutron/vpn_agent.ini
[DEFAULT]
# VPN-Agent configuration file
# Note vpn-agent inherits l3-agent, so you can use configs on l3-agent also
[vpnagent]
#vpn device drivers which vpn agent will use
#If we want to use multiple drivers, we need to define this option multipletimes.
vpn_device_driver=neutron.services.vpn.device_drivers.ipsec.OpenSwanDriver
#vpn_device_driver=another_driver
[ipsec]
#Status check interval
#ipsec_status_check_interval=60
/etc/neutron/lbaas_agent.ini
[DEFAULT]
# Show debugging output in log (sets DEBUG log level output).
# debug = False
debug = False
# The LBaaS agent will resync its state with Neutron to recoverfrom any
# transient notification or rpc errors. The interval is number of
# seconds between attempts.
# periodic_interval = 10
# LBaas requires an interface driver be set. Choose the one thatbest
# matches your plugin.
# interface_driver =
interface_driver =neutron.agent.linux.interface.OVSInterfaceDriver
# Example of interface_driver option for OVS based plugins (OVS, Ryu, NEC, NVP,
# BigSwitch/Floodlight)
# interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
# Use veth for an OVS interface or not.
# Support kernels with limited namespace support
# (e.g. RHEL 6.5) so long as ovs_use_veth is set to True.
# ovs_use_veth = False
# Example of interface_driver option for LinuxBridge
#interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
# The agent requires a driver to manage the loadbalancer. HAProxy is the
# opensource version.
# device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
device_driver = neutron.services.loadbalancer.drivers.haproxy.namespace_driver.HaproxyNSDriver
# The user group
# user_group = nogroup
user_group = haproxy
use_namespaces=True
需要在所有计算节点上配置:
/etc/nova/nova.conf:
# 该配置项有时候会遗漏,导致iptables策略无法生效
libvirt_vif_driver = nova.virt.libvirt.vif.LibvirtHybridOVSBridgeDriver
linuxnet_interface_driver =nova.network.linux_net.LinuxOVSInterfaceDriver
# 让Nova在调用安全组API时,直接通知neutron处理
security_group_api = neutron
# 配置Nova禁用firewalldriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
/etc/neutron/ovs_neutron_plugin.ini:
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
RDO部署openstack(3)的更多相关文章
- O01-Linux CentOS7中利用RDO部署OpenStack
一.前言 1.RDO是红帽Red Hat 的一个开源项目,全称是RPM Distribution of OpenStack,能够帮助我们快捷部署OpenStack项目. 官方部署文档:https:// ...
- RDO部署openstack(1)
1. 安装系统CentOS 6.5 2. 网络配置 Eth0 设置 # cat /etc/sysconfig/network-scripts/ifcfg-eth0 DEVICE=eth0 ON ...
- RDO部署openstack(2)
配置ML2和VXLAN 1. 安装和配置Neutron ML2 框架 (1) 安装在控制节点上(运行Neutron-server的节点) service neutron-server stop y ...
- RDO快速部署OpenStack
RDO快速部署OpenStack 1.RDO是什么 RDO是红帽Red Hat Enterprise Linux OpenStack Platform的社区版,类似RHEL和Fedora,RHEV和o ...
- RDO部署多节点OpenStack Havana(OVS+GRE)
RDO是由红帽RedHat公司推出的部署OpenStack集群的一个基于Puppet的部署工具,可以很快地通过RDO部署一套复杂的OpenStack环境,当前的RDO默认情况下,使用Neutron进行 ...
- 部署 OpenStack VirtualBox
VirtualBox 中部署 OpenStack 大家新年好,CloudMan 今天给大家带来一件新年礼物. 一直以来大家都反馈 OpenStack 学习有两大障碍:1. 实验环境难搭2. 体系复杂, ...
- CentOS6.6部署OpenStack Havana(Nova-Network版)
CentOS6.4部署OpenStack Havana(Nova-Network版) 一 基本设备介绍 测试环境 CentOS6.4 x64 OpenStack 服务 介绍 计算 (Compute) ...
- 在CentOS7上部署OpenStack 步骤详解
OpenStack作为一个由NASA(美国国家航空航天局)和Rackspace合作研发并发起的,开放源代码项目的云计算管理平台项目.具体知识我会在后面文章中做出介绍,本章主要按步骤给大家演示在Cent ...
- CentOS7.2非HA分布式部署Openstack Pike版 (实验)
部署环境 一.组网拓扑 二.设备配置 笔记本:联想L440处理器:i3-4000M 2.40GHz内存:12G虚拟机软件:VMware® Workstation 12 Pro(12.5.2 build ...
随机推荐
- 【Avalon源码】dateGetter
function dateGetter(name, size, offset, trim) { return function(date) { var value = date["get&q ...
- phpcms站---去除域名绑定目录中的HTML
原网址:http://www.xker.com/page/e2014/1207/148536.html 打开 \install_package 打开 \caches\configs 目录下的 syst ...
- 部分android手机CCEditBox输入之后键盘输入框不消失得问题
用小米2s做登录界面时,用到CCEditBOx,输入完之后,键盘可以移下去,但是屏幕上还是显示得键盘自己得输入框,这时点击屏幕任何位置都无法把输入框干掉. 为什么ios上就没有这些android得琐碎 ...
- Git 基础学习篇(应用-windows篇)
此篇教程主要是讲应用,因为理论,,,额,我也说不出来.大家要深入学习还是看廖老师的教程吧. 可以把这篇当作一个简单应用的参考,因为当初看廖老师的也难看啊!!! 以下是资料: 廖雪峰-Git教程 [Gi ...
- JMS生产者+单线程发送-我们到底能走多远系列(29)
我们到底能走多远系列(29) 扯淡: “然后我俩各自一端/望着大河弯弯/终于敢放胆/嘻皮笑脸/面对/人生的难” --- <山丘> “迎着风/迎向远方的天空/路上也有艰难/也有那解 ...
- Highcharts入门+Highcharts基础教程,【非常值得学习的资料】
http://www.hcharts.cn/docs/index.php?doc=index Highcharts入门章节目录 Highcharts简介 Highcharts下载与使用 Highcha ...
- ZOJ 1178 Booklet Printing
原题链接 题目大意:书本印刷都是用大开的纸张对折.比如一个册子一共4页,为了方便装订,外侧印刷1.4页,内侧印刷2.3页,这样对折之后就可以按照正常阅读习惯翻页了.此题目的就是给出书的总页数,要求计算 ...
- Radiobutton编辑
package com.example.yuekao3; import java.util.ArrayList;import java.util.List; import com.baidu.farm ...
- Android Studio 使用教程
http://www.tuicool.com/articles/amMvM3B 用 Android Studio 开发安卓 APP-使用篇 http://ask.android-studio.org/ ...
- C#加载dll 创建类对象
//加载dll 创建类对象string sqlightAssembly = Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "syst ...