Linlink~文档

Appearance

Return to top
On this page

安装及配置控制节点的Neutron服务

将NAT网卡设置成混杂模式 

ifconfig ens36 promisc

添加外网网卡为混杂模式开机自启 

echo "ifconfig ens36 promisc" >> /etc/profile

加载桥接防火墙模块 

echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf

modprobe br_netfilter

sysctl -p

安装Neutron软件包 

yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge

cat /etc/passwd | grep neutron

cat /etc/group | grep neutron

创建Neutron数据库并授权 

mysql -uroot -p000000 -e "CREATE DATABASE neutron;"

mysql -uroot -p000000 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';"

mysql -uroot -p000000 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';"

修改Neutron配置文件

基本操作 

cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak

grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf

编辑 

vi /etc/neutron/neutron.conf

修改[DEFAULT] 

[DEFAULT]
core_plugin = ml2
service_plugins = 
transport_url = rabbit://rabbitmq:000000@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

修改[database] 

[database]
connection = mysql+pymysql://neutron:000000@controller/neutron

修改[keystone_authtoken] 

[keystone_authtoken]
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = project
username = neutron
password = 000000

修改[oslo_concurrency] 

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

添加[nova] 

[nova]
auth_url = http://controller:5000
auth_type = password
username = nova
password = 000000
project_name = project
user_domain_name = default
project_domain_name = default
region_name = RegionOne
server_proxyclient_address = 192.168.10.160

基本操作 

cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak

grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini

编辑 

vi /etc/neutron/plugins/ml2/ml2_conf.ini

修改[ml2] 

[ml2]
type_drivers = flat
tenant_network_types=
machanism_drivers = linuxbridge
extension_drivers = port_security

修改[ml2_type_flat] 

[ml2_type_flat]
flat_networks = provider

修改[securitygroup] 

[securitygroup]
enable_ipset = true

启用ml2插件 

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

基本操作 

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.bak

grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini

编辑 

vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini

修改[linux_bridge],(provider:NAT网卡) 

[linux_bridge]
physical_interface_mappings = provider:ens36

修改[vxlan] 

[vxlan]
enable_vxlan = false

修改[securitygroup] 

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

基本操作 

cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.bak

grep -Ev '^$|#' /etc/neutron/dhcp_agent.bak > /etc/neutron/dhcp_agent.ini

编辑 

vi /etc/neutron/dhcp_agent.ini

修改[DEFAULT] 

[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

编辑元数据代理 

vi /etc/neutron/metadata_agent.ini

修改[DEFAULT] 

[DEFAULT]
nova_matadata_host = controller
metadata_proxy_shared_secret = METADATA_SECRET

修改nova配置文件 

vi /etc/nova/nova.conf

[neutron]
auth_url = http://controller:5000
auth_type = password
username = neutron
password = 000000
project_name = project
user_domain_name = default
project_domain_name = default
region_name = RegionOne
service_matadata_proxy = true
metadata_proxy_shared_secret = METADATA_SECRET

初始化Neutron的数据库 

su neutron -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head"

Neutron组件初始化

创建Neutron用户并分配角色 

source admin.sh

openstack user create --domain default --password 000000 neutron

openstack role add --project project --user neutron admin

创建Neutron服务及服务端点 

openstack service create --name neutron network

openstack endpoint create --region RegionOne neutron public http://controller:9696

openstack endpoint create --region RegionOne neutron internal http://controller:9696

openstack endpoint create --region RegionOne neutron admin http://controller:9696

启动控制节点的Neutron服务 

systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

检测控制节点的Neutron服务

查看端口占用情况 

netstat -tnlup|grep 9696

检验服务端点 

curl http://controller:9696

查看服务运行状态 

systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

检测Neutron服务

查看网络代理服务列表 

. admin.sh

openstack network agent list

用Neutron状态检测工具检测 

neutron-status upgrade check

所有文章除特别声明外,均采用 CC BY-NC-SA 4.0 许可协议。转载请注明来自linlink~文档

Copyright © 2022-present Evan Linlink