Centos7安装部署openstack--Networking 网络服务(控制节点)

一、概述

  OpenStack Networking(neutron),允许创建、插入接口设备,这些设备由其他的OpenStack服务管理。插件式的实现可以容纳不同的网络设备和软件,为OpenStack架构与部署提供了灵活性。

  它包含下列组件:

    neutron-server:接收和响应外部的网络管理请求
    neutron-linuxbridge-agent:负责创建桥接网卡
    neutron-dhcp-agent:负责分配IP
    neutron-metadata-agent:配合nova-metadata-api实现虚拟机的定制化操作
    L3-agent:实现三层网络vxlan(网络层)
二、安装服务
  1、创库授权
 CREATE DATABASE neutron;
 GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
  IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
  IDENTIFIED BY 'NEUTRON_DBPASS';

  2、在keystone上创建用户(glance、nova、neutron)关联角色。

 openstack user create --domain default --password NEUTRON_PASS neutron
 openstack role add --project service --user neutron admin

  3、在keystone上创建服务和注册api

 openstack service create --name neutron  --description "OpenStack Networking" network    创建``neutron``服务实体
 openstack endpoint create --region RegionOne network public http://controller:9696       创建网络服务API端点
 openstack endpoint create --region RegionOne network internal http://controller:9696     创建网络服务API端点
 openstack endpoint create --region RegionOne network admin http://controller:9696        创建网络服务API端点

  4、安装服务响应的软件包

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

  5、修改配置文件

    1、修改/etc/neutron/neutron.conf

  cp /etc/neutron/neutron.conf{,.bak}
  grep '^[a-z\[]' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
  
  openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
  openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins 
  openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
  openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
  openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
  openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes  True
  openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name  default
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
  openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
  openstack-config --set /etc/neutron/neutron.conf nova auth_url http://controller:35357
  openstack-config --set /etc/neutron/neutron.conf nova auth_type password
  openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
  openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
  openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
  openstack-config --set /etc/neutron/neutron.conf nova project_name service
  openstack-config --set /etc/neutron/neutron.conf nova username nova
  openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS
  openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
  openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host controller
  openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
  openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password RABBIT_PASS

    2、修改/etc/neutron/plugins/ml2/ml2_conf.ini

  cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
  grep '^[a-z\[]' /etc/neutron/plugins/ml2/ml2_conf.ini.bak >/etc/neutron/plugins/ml2/ml2_conf.ini
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types 
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
  openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True

    3、修改/etc/neutron/plugins/ml2/linuxbridge_agent.ini

  cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
  grep '^[a-z\[]' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
  openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens33
  openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False
  openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
  openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

    4、修改/etc/neutron/dhcp_agent.ini文件

  cp /etc/neutron/dhcp_agent.ini{,.bak}
  grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak >/etc/neutron/dhcp_agent.ini
  openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
  openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
  openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True

     5、修改/etc/neutron/metadata_agent.ini文件

 cp /etc/neutron/metadata_agent.ini{,.bak}
 grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.bak >/etc/neutron/metadata_agent.ini
 openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
 openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET

    6、再次修改/etc/nova/nova.conf文件

 openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
 openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:35357
 openstack-config --set /etc/nova/nova.conf neutron auth_type password
 openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
 openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
 openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
 openstack-config --set /etc/nova/nova.conf neutron project_name service
 openstack-config --set /etc/nova/nova.conf neutron username neutron
 openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
 openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
 openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET

    7、同步数据库

 ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
 su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

     同步成功!!!

    8、验证查看数据库

 mysql neutron -e 'show tables;'

三、启动服务

  1、重启计算服务

systemctl restart openstack-nova-api.service

  2、加入自启动

  systemctl enable neutron-server.service \
  neutron-linuxbridge-agent.service \
  neutron-dhcp-agent.service \
  neutron-metadata-agent.service

  3、启动服务

  systemctl start neutron-server.service \
  neutron-linuxbridge-agent.service \
  neutron-dhcp-agent.service \
  neutron-metadata-agent.service

  4、验证服务

neutron agent-list

 

posted @ 2020-07-08 19:00  人走茶良  阅读(462)  评论(0编辑  收藏  举报
推荐:华为云