控制节点配置

1. 建库建用户

CREATE DATABASE neutron;

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '';

flush privileges;

2. keystone相关

. admin-openrc

openstack user create --domain default --password-prompt neutron

+---------------------+----------------------------------+

| Field               | Value                            |

+---------------------+----------------------------------+

| domain_id           | 135e691ebbb74fefb5086970eac74706 |

| enabled             | True                             |

| id                  | 44c83659c24a4442bdd5a633ce0c20a6 |

| name                | neutron                          |

| options             | {}                               |

| password_expires_at | None                             |

+---------------------+----------------------------------+

openstack role add --project service --user neutron admin

openstack service create --name neutron --description "OpenStack Networking" network

+-------------+----------------------------------+

| Field       | Value                            |

+-------------+----------------------------------+

| description | OpenStack Networking             |

| enabled     | True                             |

| id          | d6bba9ae89234d44a6d9ecae8663a1d5 |

| name        | neutron                          |

| type        | network                          |

+-------------+----------------------------------+

openstack endpoint create --region RegionOne network public http://controller01:9696

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 0bcd1c09ec7f43b3a5e795a667dd0718 |

| interface    | public                           |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | d6bba9ae89234d44a6d9ecae8663a1d5 |

| service_name | neutron                          |

| service_type | network                          |

| url          | http://controller01:9696         |

+--------------+----------------------------------+

openstack endpoint create --region RegionOne network internal http://controller01:9696

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | d2e28de6e48749b2afef7a2ae40a2bb1 |

| interface    | internal                         |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | d6bba9ae89234d44a6d9ecae8663a1d5 |

| service_name | neutron                          |

| service_type | network                          |

| url          | http://controller01:9696         |

+--------------+----------------------------------+

openstack endpoint create --region RegionOne network admin http://controller01:9696

+--------------+----------------------------------+

| Field        | Value                            |

+--------------+----------------------------------+

| enabled      | True                             |

| id           | 09d901455aee4e018523b212369690ed |

| interface    | admin                            |

| region       | RegionOne                        |

| region_id    | RegionOne                        |

| service_id   | d6bba9ae89234d44a6d9ecae8663a1d5 |

| service_name | neutron                          |

| service_type | network                          |

| url          | http://controller01:9696         |

+--------------+----------------------------------+

3. 安装软件包

 yum install openstack-neutron openstack-neutron-ml2 python-neutronclient which  -y

4. 配置服务器组件

vim /etc/neutron/neutron.conf

# 在[数据库]节中,配置数据库访问:

[DEFAULT]

core_plugin = ml2

service_plugins = router

#下面配置:启用重叠IP地址功能

allow_overlapping_ips = True

rpc_backend = rabbit

auth_strategy = keystone

notify_nova_on_port_status_changes = True

notify_nova_on_port_data_changes = True

[oslo_messaging_rabbit]

rabbit_host = controller

rabbit_userid = openstack

rabbit_password = 123456

[database]

connection = mysql+pymysql://neutron:123456@controller/neutron

[keystone_authtoken]

auth_url = http://controller:5000

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = 123456

[nova]

auth_url = http://controller:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = nova

password = 123456

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

[neutron]

url = http://controller:9696

auth_url = http://controller:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = neutron

password = 123456

service_metadata_proxy = True

metadata_proxy_shared_secret = 123456

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

type_drivers = flat,vlan,vxlan,gre

tenant_network_types = vxlan

mechanism_drivers = openvswitch,l2population

extension_drivers = port_security

[ml2_type_flat]

flat_networks = provider

[ml2_type_vxlan]

vni_ranges = 1:1000

[securitygroup]

enable_ipset = True

vim /etc/nova/nova.conf

[neutron]

url = http://controller01:9696

auth_url = http://controller01:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = neutron

password = 123456

service_metadata_proxy = True

vim /etc/neutron/metadata_agent.ini

nova_metadata_ip = controller

metadata_proxy_shared_secret = 123456

5. 创建连接

 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

6. 同步数据库

此处会报一些关于future的问题,自行忽略

 su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

7. 重启nova服务

 systemctl restart openstack-nova-api.service

8. 启动neutron服务

 systemctl enable neutron-server.service

 systemctl start neutron-server.service

网络节点配置

1. 编辑配置文件

vim /etc/sysctl.conf

net.ipv4.ip_forward=1

net.ipv4.conf.all.rp_filter=0

net.ipv4.conf.default.rp_filter=0

2. 执行下列命令,立即生效

sysctl -p

3. 安装软件包

 yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch -y

4.配置组件

vim /etc/neutron/neutron.conf

[DEFAULT]

core_plugin = ml2

service_plugins = router

allow_overlapping_ips = True

rpc_backend = rabbit

auth_strategy = keystone

[database]

connection = mysql+pymysql://neutron:123456@controller01/neutron

[oslo_messaging_rabbit]

rabbit_host = controller01

rabbit_userid = openstack

rabbit_password = 123456

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

vim /etc/neutron/plugins/ml2/openvswitch_agent.ini

[ovs]

#下面ip为网络节点数据网络ip

local_ip=10.0.0.1

bridge_mappings=external:br-ex

[agent]

tunnel_types=gre,vxlan

#l2_population=True

prevent_arp_spoofing=True

7. 配置L3代理

vim /etc/neutron/l3_agent.ini

[DEFAULT]

interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver

external_network_bridge=br-ex

8. 配置DHCP代理

vim /etc/neutron/dhcp_agent.ini

[DEFAULT]

interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver

dhcp_driver=neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata=True

9. 配置元数据代理

vim /etc/neutron/metadata_agent.ini

[DEFAULT]

nova_metadata_ip=controller01

metadata_proxy_shared_secret=123456

10. 启动服务(先启动服务再建网桥br-ex)

 systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service

 systemctl start neutron-dhcp-agent.service neutron-metadata-agent.service

 systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service

 systemctl enable neutron-dhcp-agent.service neutron-metadata-agent.service

11.建网桥

方法一:

注意,如果网卡数量有限,想用网路节点的管理网络网卡作为br-ex绑定的物理网卡

那么需要将网络节点管理网络网卡ip去掉,建立br-ex的配置文件,ip使用原管理网ip

cat /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE=eth0

TYPE=Ethernet

ONBOOT="yes"

BOOTPROTO="none"

NM_CONTROLLED=no

cat /etc/sysconfig/network-scripts/ifcfg-br-ex

DEVICE=br-ex

TYPE=Ethernet

ONBOOT="yes"

BOOTPROTO="none"

#HWADDR=bc:ee:7b:78:7b:a7

IPADDR=192.168.198.10

GATEWAY=192.168.198.1

NETMASK=255.255.255.0

DNS1=202.106.0.20

DNS1=8.8.8.8

NM_CONTROLLED=no #注意加上这一句否则网卡可能启动不成功

添加网桥设备

ovs-vsctl add-br br-ex

ovs-vsctl add-port br-ex eth2 #要在network服务重启前将物理端口eth0加入网桥br-ex

systemctl restart network # 重启网络时,务必保证eth2网卡没有ip或者干脆是down掉的状态,并且一定要NM_CONTROLLED=no,否则会无法启动服务

方法二:http://www.cnblogs.com/cq146637/p/8322064.html

计算节点配置

1. 优化系统内核参数

vim /etc/sysctl.conf

net.ipv4.conf.all.rp_filter=0

net.ipv4.conf.default.rp_filter=0

2. 修改参数立即生效

sysctl -p

3. 安装软件

 yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch -y

4. 编辑配置文件

vim /etc/neutron/neutron.conf

[DEFAULT]

rpc_backend = rabbit

auth_strategy = keystone

[oslo_messaging_rabbit]

rabbit_host = controller01

rabbit_userid = openstack

rabbit_password = che001

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

vim /etc/neutron/plugins/ml2/openvswitch_agent.ini

[ovs]

#下面ip为计算节点数据网络ip

local_ip = 10.0.0.2

#bridge_mappings = vlan:br-vlan

[agent]

tunnel_types = gre,vxlan

l2_population = True #开启l2_population功能用于接收sdn控制器(一般放在控制节点)发来的(新建的vm)arp信息,这样就把arp信息推送到了每个中断设备(计算节点),减少了一大波初识arp广播流量(说初始是因为如果没有l2pop机制,一个vm对另外一个vm的arp广播一次后就缓存到本地了),好强大,详见https://assafmuller.com/2014/05/21/ovs-arp-responder-theory-and-practice/

arp_responder = True #开启br-tun的arp响应功能,这样br-tun就成了一个arp proxy,来自本节点对其他虚拟机而非物理主机的arp请求可以基于本地的br-tun轻松搞定,不能再牛逼了

prevent_arp_spoofing = True

[securitygroup]

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

enable_security_group = True

vim /etc/nova/nova.conf

[neutron]

url = http://controller01:9696

auth_url = http://controller01:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = neutron

password = 123456

7.启动服务

 systemctl enable neutron-openvswitch-agent.service

 systemctl start neutron-openvswitch-agent.service

 systemctl restart openstack-nova-compute.service

参考博客 http://blog.51cto.com/egon09/1839667

Openstack_O版(otaka)部署_网络服务Neutron部署的更多相关文章

  1. Openstack_O版(otaka)部署_镜像服务glance部署

    安装和配置服务 1. 建库建用户 mysql -u root -p CREATE DATABASE glance; GRANT ALL PRIVILEGES ON glance.* TO '; GRA ...

  2. 【openstack N版】——网络服务neutron

    一.openstack网络服务neutron 1.1neutron介绍 neutron是openstack重要组件之一,在以前是时候没有neutron项目,早期的时候是没有neutron,早期所使用的 ...

  3. OpenStack-Ocata版+CentOS7.6 云平台环境搭建 —7.网络服务Neutron配置

    网络服务Neutron本章节结束如何安装并配置网络服务(neutron)采用:ref:`provider networks <network1>`或:ref:`self-service n ...

  4. 【openstack N版】——网络服务neutron(flat扁平网络)

    一.openstack网络服务neutron 1.1neutron介绍 neutron是openstack重要组件之一,在以前是时候没有neutron项目,早期的时候是没有neutron,早期所使用的 ...

  5. OpenStack实践系列⑤网络服务Neutron

    OpenStack实践系列⑤网络服务Neutron 3.8 Neturn 服务部署 注册neutron服务 [root@node1 ~]# source admin-openrc.sh [root@n ...

  6. OpenStack 网络服务 Neutron 私有网络构建(十九)

    本章内容基于之前提供者网络构建的基础上进行改动,之前文章参考如下: Openstack 网络服务 Neutron介绍和控制节点部署 (九) Openstack 网络服务 Neutron计算节点部署(十 ...

  7. OpenStack 网络服务 Neutron 多网卡(提供者网络)(十八)

    OpenStack 网络服务 Neutron 多网卡,分为内部网络.外部网络 使用vmware模拟两张网卡 添加网卡 网卡配置 cd /etc/sysconfig/network-scripts cp ...

  8. Openstack 网络服务 Neutron计算节点部署(十)

    Neutron计算节点部署 安装组件,安装的服务器是192.168.137.12 1.安装软件包 yum install -y openstack-neutron-linuxbridge ebtabl ...

  9. Openstack 网络服务 Neutron介绍和控制节点部署 (九)

    Neutron介绍 neutron是openstack重要组件之一,在以前是时候没有neutron项目. 早期的时候是没有neutron,早期所使用的网络的nova-network,经过版本改变才有个 ...

随机推荐

  1. 浏览器通过file://访问文件和通过http://访问文件有什么区别

    1.file协议用于访问本地计算机中的文件,就如同在Windows资源管理器中打开文件一样,注意它是针对本地(本机)的,简单来说,file协议是访问你本机的文件资源.http访问本地HTML,是在本地 ...

  2. apache配置详解

    可参考:Apache 的 httpd.conf 详解 ServerTokens OS 此指令控制了Server回送给客户端的回应头域是否包含关于服务器OS类型和编译进的模块描述信息.服务器会发送:Se ...

  3. MIB Browser如何导入已编译的mib

    开发过程中,如果需要来回在几套mib之间来回切换,每次都进行编译工作那将是一件很繁琐的事情,我们可以直接导入已经编译好的mib文件,避免重复的编译工作. 第一步,备份已经编译好的mib文件.    将 ...

  4. log4cpp退出时内存泄露的修复方案

    1.缘由 一直对log4cpp非常有好感,就在自己的项目中集成了log4cpp1.1.1版本,并围绕着它建立了一系列的封装函数方便外部调用.写完了一个测试代码后,忽然想看看自己写的程序有没有内存泄露问 ...

  5. Docker Compose容器编排

    Compose是Docker官方的开源项目,可以实现对Docker容器集群的快速编排.Compose 中有两个重要的概念:服务(service):一个应用的容器,实际上可以包括若干运行相同镜像的容器实 ...

  6. PHP读取大文本文件并处理数据的思路

    //处理文件 $file = fopen($filename, "r") or exit("Unable to open file!"); $total_lin ...

  7. 并行执行 Job - 每天5分钟玩转 Docker 容器技术(134)

    有时,我们希望能同时运行多个 Pod,提高 Job 的执行效率.这个可以通过 parallelism 设置. 这里我们将并行的 Pod 数量设置为 2,实践一下: Job 一共启动了两个 Pod,而且 ...

  8. php常用面试知识点

    1.php基础 2.mysql基础 3.js基础 4.jq 5.正则 6.面向对象 7.分页类,购物车类,数据库类,上传类,图片处理类 8.smarty模板技术(以及自己写模板引擎) 9.ajax 1 ...

  9. ubuntu下boost编译安装

    ubuntu下boost编译安装 boost 安装 1.依赖安装 apt-get install mpi-default-dev libicu-dev python-dev python3-dev l ...

  10. 聊聊JavaScript-闭包

    今天聊聊闭包,网上五花八门的定义和解释很多很多,是不是搞得你很懵逼:每次看闭包,都不同,本来自己懂,看完别人的之后就开始怀疑自己了.在我看来,闭包简单的说就是函数里面套函数,再往大了说就是我函数外面想 ...