欢迎留言讨论，期待与你共同进步掘金人的第一篇博客 - 掘金 (juejin.cn)

本系列文章包教你如何从零开始搭建一套OpenStack开发环境，涉及多个OpenStack。
当前教程中使用的OpenStack的安装版本为第20个版本Train，简称T版本。
Release Note
Train，Originally Released: 16 October, 2019
Ussuri，Originally Released: 13 May, 2020
Victoria，Originally Released: 14 October, 2020

掘金社区

掘金社区：OpenStack Train版离线部署｜系列教程「全」
掘金社区：OpenStack Ussuri版离线部署｜系列教程「全」
掘金社区：OpenStack Victoria版部署｜系列教程「全」

掘金社区：个性化制作OpenStack镜像｜系列教程
个性化制作OpenStack镜像｜环境准备
 个性化制作OpenStack镜像｜Windows7
个性化制作OpenStack镜像｜Windows10
个性化制作OpenStack镜像｜Linux
个性化制作OpenStack镜像｜Windows Server2019

CSDN

CSDN：OpenStack部署系列文章
OpenStack Victoria版安装部署系列教程
 OpenStack Ussuri版离线安装部署系列教程（全）
OpenStack Train版离线安装部署系列教程（全）
欢迎留言讨论，期待与你共同进步。

OpenStack Train版离线部署｜7.2计算节点-Neutron网络服务组件

官方参考：
OpenStack官方安装指南：服务组件
 Neutron-install
neutron-install-rdo
neutron-install-controller-install-rdo
neutron-install-controller-install-rdo
博客：
CentOS7安装OpenStack(Rocky版)-06.安装Neutron网络服务（控制节点）

一、安装的组件

yum install -y openstack-neutron-linuxbridge ebtables ipset

二、配置公共组件

网络公共组件配置包括身份验证机制，消息队列和插件。 /etc/neutron/neutron.conf

cd 
touch compute-node-neutron.conf.sh
vim compute-node-neutron.conf.sh
bash compute-node-neutron.conf.sh

compute-node-neutron.conf.sh文件内容为：

#!bin/bash
#compute-node-neutron.conf.sh
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:openstack@controller
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron

openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/neutron.conf

bash compute-node-neutron.conf.sh

三、配置网络选项

选择与为控制器节点选择的相同网络选项以配置特定于该节点的服务。

1.配置网络选项一：Provider networks

配置：docs.openstack.org/neutron/tra…

（1）配置Linux网桥代理

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

Linux网桥代理为实例构建第2层（桥接和交换）虚拟网络基础结构并处理安全组。

cd 
touch compute-node-linuxbridge_agent.ini.sh
vim compute-node-linuxbridge_agent.ini.sh
bash compute-node-linuxbridge_agent.ini.sh

compute-node-linuxbridge_agent.ini.sh文件内容

#!bin/bash
#compute-node-linuxbridge_agent.ini.sh

#map the provider virtual network to the provider physical network interface，the name of the underlying provider physical network interface
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens34

openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan  enable_vxlan  False
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  enable_security_group  True 
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

bash compute-node-linuxbridge_agent.ini.sh

注：第一个选项physical_interface_mappings选项要配置计算节点自身的网卡名称provider:ens34

加载br_netfilter内核模块。要启用网络桥接器支持，通常br_netfilter内核模块需要加载。配置参考链接

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

2.配置网络选项二：Self-service networks

配置：docs.openstack.org/neutron/tra…

（1）配置Linux网桥代理

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

Linux网桥代理为实例构建第2层（桥接和交换）虚拟网络基础结构并处理安全组。

#!bin/bash
#compute-node-linuxbridge_agent.ini.sh

#map the provider virtual network to the provider physical network interface，the name of the underlying provider physical network interface
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens34

#change to true
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan  enable_vxlan  True

#add new 
#local_ip = OVERLAY_INTERFACE_IP_ADDRESS，replace OVERLAY_INTERFACE_IP_ADDRESS with the management IP address of the computes node
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan  local_ip  192.168.232.111
#add new
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  enable_security_group  True 
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

加载br_netfilter内核模块。要启用网络桥接器支持，通常br_netfilter内核模块需要加载。配置参考链接

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

四、配置计算节点Compute服务以使用网络服务

docs.openstack.org/neutron/tra…

/etc/nova/nova.conf 在该[neutron]部分中，配置访问参数

cd 
touch compute-node-neutron-nova.conf.sh
vim compute-node-neutron-nova.conf.sh
bash compute-node-neutron-nova.conf.sh

compute-node-neutron-nova.conf.sh文件内容

#!bin/bash
#compute-node-neutron-nova.conf.sh
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service 
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/nova/nova.conf

bash compute-node-neutron-nova.conf.sh

五、计算节点网络服务安装的确定

1.重新启动计算服务

systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service

2.启动Linux网桥代理，并配置开机自启

systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service

systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

六、安装完成

至此，计算节点的网络配置完成，转回到控制节点进行验证操作,进行整个Neutron网络服务的最终验证。