这是我参与11月更文挑战的第12天，活动详情查看：2021最后一次更文挑战

计算节点Neutron网络服务组件

OpenStack部署系列文章
OpenStack Victoria版安装部署系列教程
 OpenStack Ussuri版离线安装部署系列教程（全）
OpenStack Train版离线安装部署系列教程（全）
欢迎留言沟通，共同进步。

官方参考链接：

OpenStack安装指南：Install OpenStack services

OpenStack Ussuri Installation Guides

Networking service Installation Guide

Install and configure compute node

CSDN链接：

9 Openstack-Ussuri-Neutron控制/计算节点集群部署-centos8

7.2计算节点-Neutron网络服务组件

@TOC

一、安装的组件

计算节点

yum install -y openstack-neutron-linuxbridge ebtables ipset openstack-neutron openstack-neutron-ml2

二、配置公共组件

网络公共组件配置包括身份验证机制，消息队列和插件。 /etc/neutron/neutron.conf

cd 
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
egrep -v "^$|^#" /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf

vim /etc/neutron/neutron.conf

文件内容为：

[DEFAULT]
# ...
auth_strategy = keystone
transport_url = rabbit://openstack:openstack@controller

[database]
# ...
connection = mysql+pymysql://neutron:neutron@controller/neutron
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = neutron
password = neutron

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/neutron.conf

三、配置网络选项

选择与为控制器节点选择的相同网络选项以配置特定于该节点的服务。

1.配置网络选项一：Provider networks

配置：docs.openstack.org/neutron/tra…

（1）配置Linux网桥代理

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

Linux网桥代理为实例构建第2层（桥接和交换）虚拟网络基础结构并处理安全组。

cd 
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
egrep -v "^$|^#" /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:ens34

[vxlan]
enable_vxlan = False

[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

注：第一个选项physical_interface_mappings选项要配置计算节点自身的网卡名称provider:ens34

加载br_netfilter内核模块。要启用网络桥接器支持，通常br_netfilter内核模块需要加载。配置参考链接

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

2.配置网络选项二：Self-service networks

配置：docs.openstack.org/neutron/tra…

（1）配置Linux网桥代理

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

Linux网桥代理为实例构建第2层（桥接和交换）虚拟网络基础结构并处理安全组。

cd
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak

egrep -v "^$|^#" /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]
physical_interface_mappings = provider:ens34

[vxlan]
enable_vxlan = True
local_ip = 192.168.139.111
l2_population = true

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

加载br_netfilter内核模块。要启用网络桥接器支持，通常br_netfilter内核模块需要加载。配置参考链接

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

Neutron网络配置U版本和T版本在计算计算节点配置有所不同。

3.参考步骤9.6 部署与配置neutron agent - compute163/164

[root@compute2 ~]# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      1031/sshd
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN      1/systemd
tcp6       0      0 :::22                   :::*                    LISTEN      1031/sshd
tcp6       0      0 :::111                  :::*                    LISTEN      1/systemd
[root@compute2 ~]# cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
[root@compute2 ~]# egrep -v "^$|^#" /etc/neutron/l3_agent.ini.bak >/etc/neutron/l3_agent.ini
[root@compute2 ~]# vim /etc/neutron/l3_agent.ini
[root@compute2 ~]# vim /etc/neutron/l3_agent.ini
[root@compute2 ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@compute2 ~]# egrep -v "^$|^#" /etc/neutron/dhcp_agent.ini.bak >/etc/neutron/dhcp_agent.ini
[root@compute2 ~]# vim etc/neutron/dhcp_agent.ini
[root@compute2 ~]# vim /etc/neutron/dhcp_agent.ini
[root@compute2 ~]# cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
[root@compute2 ~]# egrep -v "^$|^#" /etc/neutron/metadata_agent.ini.bak >/etc/neutron/metadata_agent.ini
[root@compute2 ~]# vim /etc/neutron/metadata_agent.ini
[root@compute2 ~]# systemctl status neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent


[root@compute2 ~]# systemctl restart neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
[root@compute2 ~]# systemctl restart neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
[root@compute2 ~]# systemctl enable neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
[root@compute2 ~]# systemctl status neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent

四、配置计算节点Compute服务以使用网络服务

docs.openstack.org/neutron/tra…

/etc/nova/nova.conf 在该[neutron]部分中，配置访问参数

cd 
vim /etc/nova/nova.conf

修改文件内容

----------------
[neutron]
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
----------------

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/nova/nova.conf

五、计算节点网络服务安装的确定

1.重新启动计算服务

systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service

2.启动Linux网桥代理，并配置开机自启

systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service

systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

六、安装完成

至此，计算节点的网络配置完成，转回到控制节点进行验证操作,进行整个Neutron网络服务的最终验证。

OpenStack Ussuri版安装系列—7.2计算节点-Neutron网络服务组件

计算节点Neutron网络服务组件

一、安装的组件

二、配置公共组件

三、配置网络选项

1.配置网络选项一：Provider networks

（1）配置Linux网桥代理

2.配置网络选项二：Self-service networks

（1）配置Linux网桥代理

3.参考步骤9.6 部署与配置neutron agent - compute163/164

四、配置计算节点Compute服务以使用网络服务

五、计算节点网络服务安装的确定

1.重新启动计算服务

2.启动Linux网桥代理，并配置开机自启

六、安装完成