【OpenStack】环境搭建- 配置Neutron服务

雪糕是宝贝
378 阅读3分钟

image.png

开启掘金成长之旅!这是我参与「掘金日新计划 · 2 月更文挑战」的第 10 天,点击查看活动详情

neutron组件安装!!!

首先安装neutron 数据库!!

在控制节点!!!

mysql -uroot -p

CREATE DATABASE neutron;


GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'D3LvC@F01xmR';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'D3LvC@F01xmR';

openstack user create --domain default --password-prompt neutron

# D3LvC@F01xmR

openstack role add --project service --user neutron admin

openstack service create --name neutron --description "OpenStack Networking" network
  • 确保neutron用户能够看到neutron数据库

image.png

image.png

  • 确保服务名称正确创建

image.png

创建endpoints

openstack endpoint create --region RegionOne network public http://10.8.4.38:9696

openstack endpoint create --region RegionOne network internal http://10.8.4.38:9696

openstack endpoint create --region RegionOne network admin http://10.8.4.38:9696
  • 确保endpoint正确创建

image.png

在控制节点安装neutron !!

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
yum install libibverbs
  • 确保2者正确安装

image.png

image.png

首先安装openvswitch

control compute 两个节点同时安装

yum install -y openvswitch

systemctl enable openvswitch.service
systemctl start openvswitch.service
  • 确保安装正确

image.png

  • 确保OVS命令正常使用 image.png

创建网桥 control节点

  • cd /etc/sysconfig/network-scripts

计算内网 301

vi ifcfg-compute_inside

TYPE=Bridge
BOOTPROTO=none
NAME=compute_inside
DEVICE=compute_inside
ONBOOT=yes
IPADDR=10.8.16.38
PREFIX=21
MTU=9000
ZONE=public
STP=off

vi ifcfg-bond1.301

VLAN=yes
TYPE=Vlan
VLAN_ID=301
NAME=bond1.301
DEVICE=bond1.301
ONBOOT=yes
BRIDGE=compute_inside
MTU=9000
ZONE=public

存储外网 300

vi ifcfg-storage_ext

TYPE=Bridge
BOOTPROTO=none
NAME=storage_ext
DEVICE=storage_ext
ONBOOT=yes
IPADDR=10.8.32.38
PREFIX=22
MTU=9000
ZONE=public
STP=off

vi ifcfg-bond2.300

VLAN=yes
TYPE=Vlan
VLAN_ID=300
NAME=bond2.300
DEVICE=bond2.300
ONBOOT=yes
BRIDGE=storage_ext
MTU=9000
ZONE=public

存储内网 302

vi ifcfg-storage_inside

TYPE=Bridge
BOOTPROTO=none
NAME=storage_inside
DEVICE=storage_inside
ONBOOT=yes
IPADDR=10.8.40.38
PREFIX=23
MTU=9000
ZONE=public
STP=off

vi ifcfg-bond1.302

VLAN=yes
TYPE=Vlan
VLAN_ID=302
NAME=bond1.302
DEVICE=bond1.302
ONBOOT=yes
BRIDGE=storage_inside
MTU=9000
ZONE=public

存储管理 150

vi ifcfg-storage_manage

TYPE=Bridge
BOOTPROTO=none
NAME=storage_manage
DEVICE=storage_manage
ONBOOT=yes
IPADDR=10.8.8.38
PREFIX=23
MTU=1500
ZONE=public
STP=off

vi ifcfg-bond0.150

VLAN=yes
TYPE=Vlan
VLAN_ID=150
NAME=bond0.150
DEVICE=bond0.150
ONBOOT=yes
BRIDGE=storage_manage
MTU=1500
ZONE=public

计算两个节点相同操作,重启网络

service network restart
  • 确保网络配置无误

image.png

  • 查看网桥信息
brctl show
  • 确保网桥配置无误

image.png

OpenVSwitch

ovs-vsctl add-br br-int

这部分内容由于需要使用OVS而不是Linux bridge,因此参考了部署教程与这篇文章

  • 此前创建了数据库,并且安装了openstack-neutron openstack-neutron-ml2等,同时物理机安装了openvswitch,并且配置了网桥,但是不知道干啥用的暂时,下面的步骤将底层的网络互联模式改为OVS

安装openvswitch软件包,控制节点!!!

yum install openstack-neutron-openvswitch -y
  • 确保OVS安装正确 image.png

配置neutron.conf文件

[DEFAULT]  
core_plugin = ml2  
service_plugins = router  
notify_nova_on_port_status_changes = true  
notify_nova_on_port_data_changes = true  
transport_url = rabbit://openstack:D3LvC@F01xmR@10.8.4.38  
auth_strategy = keystone  
  
[database]  
connection = mysql+pymysql://neutron:D3LvC@F01xmR@10.8.4.38/neutron  
  
[keystone_authtoken]  
auth_url = http://10.8.4.38:5000/v3  
memcached_servers = 10.8.4.38:11211  
auth_type = password  
project_domain_name = default  
user_domain_name = default  
project_name = service  
username = neutron  
password = D3LvC@F01xmR  
  
[nova]  
auth_url = http://10.8.4.38:5000  
auth_type = password  
project_domain_name = default  
user_domain_name = default  
region_name = RegionOne  
project_name = service  
username = nova  
password = D3LvC@F01xmR  
  
  
[oslo_concurrency]  
lock_path = /var/lib/neutron/tmp/lock

配置ML2插件

  • vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = true
[ml2_type_vxlan]
vni_ranges = 1:1000
[ml2_type_vlan]
network_vlan_ranges = default:1:4000

配置ML3插件

  • vi /etc/neutron/l3_agent.ini
[DEFAULT]  
verbose = true  
interface_driver = neutron.agent.linux.interface.OVSInterfaceDrive

配置openvswitch_agent

[ovs]
tunnel_bridge = br-tun
local_ip = 192.168.100.10   #隧道IP地址即管理网卡IP地址
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
bridge_mappings = provider:br-ex
prevent_arp_spoofing = true
[agent]
tunnel_types = vxlan
l2_population = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_controller01security_group = true

配置dhcp

  • vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

修改matedata_agent.ini

  • vi /etc/neutron/metadata_agent.ini
[DEFAULT]  
nova_metadata_host = controller01  
metadata_proxy_shared_secret = D3LvC@F01xm

修改nova.conf

  • vi /etc/nova/nova.conf
[neutron]

# 配置访问参数,启用metadata代理并配置密码:

url = http://10.8.4.38:9696
auth_url = http://10.8.4.38:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = D3LvC@F01xmR
service_metadata_proxy = true
metadata_proxy_shared_secret = D3LvC@F01xmR

修改内核参数 控制节点

  • vi /etc/sysctl.conf
net.ipv4.ip_forward=1

配置动态链接

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
  • 确保服务正常 image.png

填充数据库

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

image.png

重启nova服务

systemctl restart openstack-nova-api.service

# 在计算节点吗????
systemctl restart openstack-nova-compute.service

启动网络服务

systemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

image.png

计算节点 neutron服务

yum install openstack-neutron-openvswitch -y

image.png

配置openvswitch_agent.in

  • vi /etc/neutron/plugins/ml2/openvswitch_agent.in
[ovs]
tunnel_bridge = br-tun
local_ip = 192.168.100.20   #隧道IP地址 管理网卡IP地址
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
[agent]
tunnel_types = vxlan
l2_population = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true

配置 neutron.conf

[DEFAULT]  
transport_url = rabbit://openstack:D3LvC@F01xmR@10.8.4.38  
auth_strategy = keystone  
  
[keystone_authtoken]  
auth_url = http://10.8.4.38:5000/v3  
memcached_servers = 10.8.4.38:11211  
auth_type = password  
project_domain_name = default  
user_domain_name = default  
project_name = service  
username = neutron  
password = D3LvC@F01xmR  
  
[oslo_concurrency]  
lock_path = /var/lib/neutron/tmp/lock

配置nova.conf

# 添加如下

[neutron]  
url = http://10.8.4.38:9696  
auth_url = http://10.8.4.38:5000  
auth_type = password  
project_domain_name = default  
user_domain_name = default  
region_name = RegionOne  
project_name = service  
username = neutron  
password = D3LvC@F01xmR  
service_metadata_proxy = true  
metadata_proxy_shared_secret = D3LvC@F01xmR

重启计算服务

systemctl restart openstack-nova-compute.service

启动openswitch服务

systemctl start neutron-openvswitch-agent.service
systemctl enable neutron-openvswitch-agent.service

systemctl restart neutron-openvswitch-agent.service

验证

openstack network agent list
  • 确保OVS agent服务正常运行

image.png

image.png

avatar
文章
阅读
粉丝