OpenStack 学习笔记(六):OpenStack neutron服务搭建

By | 2017年2月16日

——先决条件

1.)创建数据库

1
2
3
4
5
6
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';
Query OK, 0 rows affected (0.00 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';
Query OK, 0 rows affected (0.00 sec)

2.)Create the neutron user

1
2
3
4
5
6
7
8
9
[root@openstack ~]# openstack user create --domain default --password neutron_passwd neutron 
+-----------+----------------------------------+
| Field     | Value                            |
+-----------+----------------------------------+
| domain_id | 0b741c2e67ed4d618fa7e963325221ad |
| enabled   | True                             |
| id        | b6865118c01c4c3e8e9958e4ce1500ac |
| name      | neutron                          |
+-----------+----------------------------------+

3.)Add the admin role to the neutron user

1
[root@openstack ~]# openstack role add --project service --user neutron admin

4.)Create the neutron service entity

1
2
3
4
5
6
7
8
9
10
[root@openstack ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | 2e7acf6189e24db6ba3899ec386f3740 |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+

5.)Create the Networking service API endpoints

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
[root@openstack ~]# openstack endpoint create --region RegionOne network public http://192.168.100.120:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | caa517449be64a2fb5d7706484862da0 |
interface    public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 2e7acf6189e24db6ba3899ec386f3740 |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.100.120:9696      |
+--------------+----------------------------------+
[root@openstack ~]# openstack endpoint create --region RegionOne network internal http://192.168.100.120:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | dcdcbfa94ddd427ab9e7ade919e0e12a |
interface    internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 2e7acf6189e24db6ba3899ec386f3740 |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.100.120:9696      |
+--------------+----------------------------------+
[root@openstack ~]# openstack endpoint create --region RegionOne network admin http://192.168.100.120:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 75d36bd9c18647a28229ba1e9c78c802 |
interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 2e7acf6189e24db6ba3899ec386f3740 |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.100.120:9696      |
+--------------+----------------------------------+

——控制节点neutron服务搭建配置

6.)安装neutron服务

1
2
[
root@openstack ~]# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

7.)配置neutron服务

7.1)配置neutron.conf

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
[root@openstack ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@openstack ~]# vim /etc/neutron/neutron.conf
   1: [DEFAULT]
  27: auth_strategy = keystone
  30: core_plugin = ml2
  33: service_plugins = router
 121: allow_overlapping_ips = True
 137: notify_nova_on_port_status_changes = true
 141: notify_nova_on_port_data_changes = true
 348: debug = true
 516: rpc_backend = rabbit
 658: [database]
 689: connection = mysql://neutron:neutron@localhost:3306/neutron
 766: [keystone_authtoken]
 767: auth_uri = http://192.168.100.120:5000
 768: auth_url = http://192.168.100.120:35357
 769: memcached_servers = 192.168.100.120:11211
 770: auth_type = password
 771: project_domain_name = default
 772: user_domain_name = default
 773: project_name = service
 774: username = neutron
 775: password = neutron_passwd
 943: [nova]
 944: auth_url = http://192.168.100.120:35357
 945: auth_type = password
 946: project_domain_name = default
 947: user_domain_name = default
 948: region_name = RegionOne
 949: project_name = service
 950: username = nova
 951: password = nova_passwd
1065: lock_path = $state_path/lock
1161: [oslo_messaging_rabbit]
1216: rabbit_host = 192.168.100.120
1222: rabbit_port = 5672
1234: rabbit_userid = openstack
1238: rabbit_password = 11111111

7.2)配置ML2

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@openstack ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@openstack ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  1: [DEFAULT]
  9: debug = true
127: [linux_bridge]
138: physical_interface_mappings = provider:eth0
144: [securitygroup]
151: firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
156: enable_security_group = true
163: [vxlan]
171: enable_vxlan = true
188: local_ip = 192.168.100.120
192:l2_population = true

7.4)配置Layer-3(L3)agent

1
2
3
4
5
6
[root@openstack ~]# cp /etc/neutron/l3_agent.ini  /etc/neutron/l3_agent.ini.bak
[root@openstack ~]# vim /etc/neutron/l3_agent.ini
  1: [DEFAULT]
 23: interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
107: external_network_bridge = 
159: debug = true

7.5)配置dhcp agent

1
2
3
4
5
6
7
[root@openstack ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@openstack ~]# vim /etc/neutron/dhcp_agent.ini
  1: [DEFAULT]
 23: interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
 39: dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
 48: enable_isolated_metadata = true
111: debug = true

7.6)配置metadata agent

1
2
3
4
5
6
[root@openstack ~]# cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
[root@openstack ~]# vim /etc/neutron/metadata_agent.ini
 1: [DEFAULT]
22: nova_metadata_ip = 192.168.100.120
34: metadata_proxy_shared_secret = metadata_select
76: debug = true

7.7)配置nova

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@openstack ~]# vim /etc/nova/nova.conf 
4136: [neutron]
4137: url = http://192.168.100.120:9696
4138: auth_url = http://192.168.100.120:35357
4139: auth_type = password
4140: project_domain_name = default
4141: user_domain_name = default
4142: region_name = RegionOne
4143: project_name = service
4144: username = neutron
4145: password = neutron_passwd
4153: service_metadata_proxy=true
4156: metadata_proxy_shared_secret = metadata_select

8.)Finalize installation

1
2
[root@openstack ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@openstack ~]# neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head

9.) Restart the Compute API service

1
2
[root@openstack ~]# systemctl restart openstack-nova-api.service
[root@openstack ~]# systemctl status openstack-nova-api.service

10.) Start the Networking services

1
2
3
[root@openstack ~]# systemctl enable neutron-server.service  neutron-linuxbridge-agent.service neutron-dhcp-agent.service  neutron-metadata-agent.service
[root@openstack ~]# systemctl start neutron-server.service   neutron-linuxbridge-agent.service neutron-dhcp-agent.service  neutron-metadata-agent.service
[root@openstack ~]# systemctl status neutron-server.service  neutron-linuxbridge-agent.service neutron-dhcp-agent.service  neutron-metadata-agent.service

10.1) Start the layer-3 service

1
2
3
[root@openstack ~]# systemctl enable neutron-l3-agent.service
[root@openstack ~]# systemctl start  neutron-l3-agent.service
[root@openstack ~]# systemctl status neutron-l3-agent.service

——计算节点neutron服务搭建配置

1.) 安装neutron服务

1
[root@openstack-client ~]# yum -y install openstack-neutron-linuxbridge ebtables ipset

2.) 配置neutron服务

2.1)配置neutron

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
[root@OpenStack-Compute ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@OpenStack-Compute ~]# vim /etc/neutron/neutron.conf
   1: [DEFAULT]
   9: state_path = /var/lib/neutron
  27: auth_strategy = keystone
 348: debug = true
 516: rpc_backend = rabbit
 766: [keystone_authtoken]
 767: auth_uri = http://192.168.100.120:5000
 768: auth_url = http://192.168.100.120:35357
 769: memcached_servers = 192.168.100.120:11211
 770: auth_type = password
 771: project_domain_name = default
 772: user_domain_name = default
 773: project_name = service
 774: username = neutron
 775: password = neutron_passwd
1057: lock_path = $state_path/lock
1153: [oslo_messaging_rabbit]
1208: rabbit_host = 192.168.100.120
1214: rabbit_port = 5672
1226: rabbit_userid = openstack
1230: rabbit_password = 11111111

2.2)配置bridge agent

1
2
3
4
5
6
7
8
9
10
11
12
13
[root@OpenStack-Compute ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@OpenStack-Compute ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
  1: [DEFAULT]
  9: debug = true
127: [linux_bridge]
138: physical_interface_mappings = provider:eth0
144: [securitygroup]
151: firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
156: enable_security_group = true
163: [vxlan]
171: enable_vxlan = true
188: local_ip = 192.168.100.121
192: l2_population = true

2.3)配置nova

1
2
3
4
5
6
7
8
9
10
11
[root@OpenStack-Compute ~]# vim /etc/nova/nova.conf
4136: [neutron]
4137: url = http://192.168.100.120:9696
4138: auth_url = http://192.168.100.120:35357
4139: auth_type = password
4140: project_domain_name = default
4141: user_domain_name = default
4142: region_name = RegionOne
4143: project_name = service
4144: username = neutron
4145: password = neutron_passwd

3.)restart nova-compute service

1
2
[root@OpenStack-Compute ~]# systemctl restart openstack-nova-compute.service
[root@OpenStack-Compute ~]# systemctl status  openstack-nova-compute.service

4.)start bridge agent service

1
2
3
[root@OpenStack-Compute ~]# systemctl enable neutron-linuxbridge-agent.service
[root@OpenStack-Compute ~]# systemctl start neutron-linuxbridge-agent.service
[root@OpenStack-Compute ~]# systemctl status neutron-linuxbridge-agent.service

5.)在控制节点校验操作

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
[root@openstack ~]# . admin-openrc
[root@openstack ~]# neutron ext-list
+---------------------------+-----------------------------------------------+
| alias                     | name                                          |
+---------------------------+-----------------------------------------------+
default-subnetpools       | Default Subnetpools                           |
| network-ip-availability   | Network IP Availability                       |
| network_availability_zone | Network Availability Zone                     |
| auto-allocated-topology   | Auto Allocated Topology Services              |
| ext-gw-mode               | Neutron L3 Configurable external gateway mode |
| binding                   | Port Binding                                  |
| agent                     | agent                                         |
| subnet_allocation         | Subnet Allocation                             |
| l3_agent_scheduler        | L3 Agent Scheduler                            |
| tag                       | Tag support                                   |
| external-net              | Neutron external network                      |
| net-mtu                   | Network MTU                                   |
| availability_zone         | Availability Zone                             |
| quotas                    | Quota management support                      |
| l3-ha                     | HA Router extension                           |
| provider                  | Provider Network                              |
| multi-provider            | Multi Provider Network                        |
| address-scope             | Address scope                                 |
| extraroute                | Neutron Extra Route                           |
| timestamp_core            | Time Stamp Fields addition for core resources |
| router                    | Neutron L3 Router                             |
| extra_dhcp_opt            | Neutron Extra DHCP opts                       |
| dns-integration           | DNS Integration                               |
| security-group            | security-group                                |
| dhcp_agent_scheduler      | DHCP Agent Scheduler                          |
| router_availability_zone  | Router Availability Zone                      |
| rbac-policies             | RBAC Policies                                 |
| standard-attr-description | standard-attr-description                     |
| port-security             | Port Security                                 |
| allowed-address-pairs     | Allowed Address Pairs                         |
| dvr                       | Distributed Virtual Router                    |
+---------------------------+-----------------------------------------------+
[root@openstack ~]# neutron agent-list
+--------------------------------------+--------------------+--------------------+-------------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host               | availability_zone | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+--------------------+-------------------+-------+----------------+---------------------------+
| 0ab75503-266e-41e6-938f-8660c1c581c8 | L3 agent           | openstack          | nova              | :-)   | True           | neutron-l3-agent          |
| 13ff8a61-1f8b-4bd7-b560-54f9011f0660 | DHCP agent         | openstack          | nova              | :-)   | True           | neutron-dhcp-agent        |
| 5eba5556-f85a-4e55-9166-0fd90d43e571 | Metadata agent     | openstack          |                   | :-)   | True           | neutron-metadata-agent    |
| 7b0e1dd7-79d2-415a-a09a-c50f5f9adb72 | Linux bridge agent | openstack          |                   | :-)   | True           | neutron-linuxbridge-agent |
| c014cb9e-de89-4b74-910a-7eba75a57507 | Linux bridge agent | OpenStack-Computee |                   | :-)   | True           | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+--------------------+---------------

发表评论

您的电子邮箱地址不会被公开。 必填项已用*标注