Centos7.4安装openstack(queens)详细安装部署(五)-网络服务(neutron)安装

一、创库授权

  1.1.、(控制节点)配置数据库 

mysql -u root -pADMIN_PASS

  1.2、创建数据库并配置权限

CREATE DATABASE neutron;

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'ADMIN_PASS';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'ADMIN_PASS';

  1.3、控制节点)创建认证信息 

openstack user create --domain default --password ADMIN_PASS neutron

openstack role add --project service --user neutron admin

openstack service create --name neutron --description "OpenStack Networking" network

openstack endpoint create --region RegionOne network public http://controller:9696

openstack endpoint create --region RegionOne network internal http://controller:9696

openstack endpoint create --region RegionOne network admin http://controller:9696

二、安装服务

  1.1、(控制节点)安装软件包并配置配置文件 

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

  1.2、编辑/etc/neutron/neutron.conf文件并配置如下项

/etc/neutron/neutron.conf
cp /etc/neutron/neutron.conf{,.bak}
grep '^[a-z\[]' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf

[database]
connection = mysql+pymysql://neutron:ADMIN_PASS@controller/neutron
...

[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:ADMIN_PASS@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
...

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = ADMIN_PASS
...

[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = ADMIN_PASS
...
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

  1.3、编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件配置二层插件

cp /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
grep '^[a-z\[]' /etc/neutron/plugins/ml2/ml2_conf.ini.bak >/etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
...

[ml2_type_flat]
flat_networks = provider
...

[ml2_type_vxlan]
vni_ranges = 1:1000
...

[securitygroup]
enable_ipset = true

  1.4、编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件配置linux bridge插件

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
grep '^[a-z\[]' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:ens34   #第二张网卡网卡名
...

[vxlan]
enable_vxlan = true
local_ip = 172.16.1.11
l2_population = true
...

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

  1.5、确认内核支持网桥filters并作如下设置,编辑/etc/sysctl.conf增加以下内容

/etc/sysctl.conf

net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1

  1.6、载入br_netfilter模块

modprobe br_netfilter

  从配置文件加载内核参数

sysctl -p

  1.7、编辑/etc/neutron/l3_agent.ini配置三层插件

/etc/neutron/l3_agent.ini

[DEFAULT]
interface_driver = linuxbridge

  1.8、编辑/etc/neutron/dhcp_agent.ini配置dhcp插件

/etc/neutron/dhcp_agent.ini

[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

  1.9、编辑/etc/neutron/metadata_agent.ini文件配置metadata插件

/etc/neutron/metadata_agent.ini

[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = ADMIN_PASS

  2.0、编辑文件/etc/nova/nova.conf配置计算服务使用网络服务

/etc/nova/nova.conf

[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = ADMIN_PASS
service_metadata_proxy = true
metadata_proxy_shared_secret = ADMIN_PASS

三、(控制节点)完成安装,导入数据库表,并启动服务

  1.1、创建链接文件

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

  1.2、导入数据库结构

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

  1.3、重启计算服务,设置网络服务的开机自启动,并启动网络服务

systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

systemctl enable neutron-l3-agent.service
systemctl start neutron-l3-agent.service

四、(计算节点)计算节点安装网络服务

  1.1、安装软件包

yum install openstack-neutron-linuxbridge ebtables ipset -y

  1.2、编辑/etc/neutron/neutron.conf文件完成如下项

cp /etc/neutron/neutron.conf{,.bak}
grep '^[a-z\[]' /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf

[DEFAULT]
transport_url = rabbit://openstack:ADMIN_PASS@controller
auth_strategy = keystone
...

[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = ADMIN_PASS
...
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

  1.3、配置linux bridge插件,编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini完成如下项

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
grep '^[a-z\[]' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens34  #第二张网卡名
...
[vxlan]
enable_vxlan = true
local_ip = 172.16.1.31
l2_population = true
...

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

  1.4、确认内核支持网桥filters并作如下设置,编辑/etc/sysctl.conf增加以下内容

net.bridge.bridge-nf-call-iptables=1
net.bridge.bridge-nf-call-ip6tables=1

  1.5、载入br_netfilter模块

modprobe br_netfilter

  1.6、从配置文件加载内核参数

sysctl -p  

  1.7、配置计算服务使用网络服务/etc/nova/nova.conf

[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = ADMIN_PASS

  1.8、完成安装,设置服务

systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

五、(控制节点)验证操作

  1.1、执行命令验证是否成功启动

neutron-server
openstack extension list --network

  1.2、执行命令列出插件,验证网络插件是否成功启动

openstack network agent list

 六、打通第二张网卡(用于vxaln隧道的)网络

  1、修改控制节点第二张网卡

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=c7fc6c96-2cf4-4e4e-b0e9-c3d6103c0a02
DEVICE=ens34
ONBOOT=yes
IPADDR="172.16.1.11"
NETMASK="255.255.255.0"

  2、启动单张网卡

ifup ens34
ifconfig eth1 172.16.1.11 netmask 255.255.255.0

  3、修改计算节点第二张网卡

TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens34
UUID=6346da53-51b2-4bf7-bd01-244df80590dc
DEVICE=ens34
ONBOOT=yes
IPADDR="172.16.1.31"
NETMASK="255.255.255.0"

  4、启动单张网卡

ifup ens34

  5、验证操作

 

posted @ 2020-07-16 15:58  人走茶良  阅读(818)  评论(0编辑  收藏  举报
推荐:华为云