标签:service 部署 agent etc controller OpenStack root neutron
部署版本:pike
部署环境:CentOS7.6
配置文件中所有controller可修改为控制节点ip地址
配置过程中使用 echo $? 验证命令执行情况
Networking service
安装与配置neutron (OVS+VXLAN)
OpenStack Networking允许创建由其他OpenStack服务管理的接口设备,并将其连接到网络。可以实现插件以适应不同的网络设备和软件,从而为OpenStack架构和部署提供灵活性。
VXLAN
部署控制节点
一、安装和配置
先决条件
1.使用root进入数据库
[root@controller /]# mysql -u root -p
Enter password:
Welcome to the MariaDB monitor.
2.创建数据库
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.00 sec)
3.赋予权限
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'controller' IDENTIFIED BY 'qwer1234';
Query OK, 0 rows affected (0.02 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'qwer1234';
Query OK, 0 rows affected (0.00 sec)
安装和配置组件:
1.安装软件
[root@controller /]# yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-fwaas openstack-neutron-lbaas
2.配置neutron server服务
获取管理员凭据以启用仅限管理员的CLI命令:
[root@controller openrc]# source admin-openrc.sh
创建服务凭据、创建neutron用户:
[root@controller /]# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 9ed51eb476a74cb89951db63d8e8cd06 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
将管理员角色添加到用户:
[root@controller /]# openstack role add --project service --user neutron admin
[root@controller /]# echo $?
0
创建neutron 服务实体:
[root@controller /]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | b280ad289b4045c589f4306e4bf013af |
| name | neutron |
| type | network |
+-------------+----------------------------------+
创建网络服务API端点:
[root@controller /]# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 20b23b30bd9d43578b27f69f8cc0d146 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b280ad289b4045c589f4306e4bf013af |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller /]# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3cbf83e296ff4a96963dee771830cf7d |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b280ad289b4045c589f4306e4bf013af |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller /]# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 324e054ad36f465192c0db6284a7e886 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | b280ad289b4045c589f4306e4bf013af |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
3.网络服务器组件配置
编辑/etc/nova/nova.conf文件及修改内容
[root@controller /]# vim /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:Sitech_AMQP~2021@controller:5672
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
bind_port = 10.121.17.2
rpc_workers = 32
[database]
connection = mysql+pymysql://neutron:Sitech_Neutron~2021@controller/neutron
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = qwer1234
[nova]
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = qwer1234
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
4.配置模块化第2层(ML2)插件
编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件及修改内容
[root@controller /]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan,gre
tenant_network_types = vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
创建软连接:
[root@controller /]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@controller /]# echo $?
0
5.配置nova api使用neutron服务
[root@controller /]# vim /etc/nova/nova.conf
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = qwer1234
service_metadata_proxy = true
metadata_proxy_shared_secret = qwer1234
6.所有计算节点配置nova compute使用neutron服务
[neutron]
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = qwer1234
7.填充neutron数据库
[root@controller /]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
8.启动设计开机自启
[root@controller /]# systemctl start neutron-server.service
[root@controller /]# systemctl enable neutron-server.service
[root@controller /]# systemctl restart openstack-nova-api.service
[root@controller /]# echo $?
0
9.重启nova-compute
[root@controller /]# systemctl restart openstack-nova-compute.service
[root@controller /]# echo $?
0
部署网络节点
一、安装和配置组件
1.安装软件
[root@controller /]# yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch openstack-neutron-fwaas openstack-neutron-lbaas ebtables ipset
2.配置agent服务
编辑 /etc/neutron/neutron.conf文件及修改内容
[DEFAULT]
auth_strategy = keystone
transport_url = rabbit://openstack:qwer1234@controller
[database]
connection = mysql+pymysql://neutron:qwer1234@controller/neutron
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = qwer1234
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
3.配置l3 agent
[root@controller /]# vim /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver
external_network_bridge = br-ex
4.配置dhcp agent
[root@controller /]# vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
5.配置metadata agent
[root@controller /]# vim /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = qwer1234
6.配置openvswitch agent
[root@controller /]# vim /etc/neutron/plugins/ml2/openvswitch_agent.ini
[agent]
tunnel_types = vxlan,gre
l2_population = true
arp_responder = true
[ovs]
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = controller
bridge_mappings = provider:br-ex
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
启动服务并设置开机自启
[root@controller /]# systemctl enable openvswitch neutron-openvswitch-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
Created symlink from /etc/systemd/system/multi-user.target.wants/openvswitch.service to /usr/lib/systemd/system/openvswitch.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-openvswitch-agent.service to /usr/lib/systemd/system/neutron-openvswitch-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service to /usr/lib/systemd/system/neutron-l3-agent.service.
[root@controller /]# systemctl start openvswitch neutron-openvswitch-agent neutron-dhcp-agent neutron-metadata-agent neutron-l3-agent
[root@controller /]# echo $?
0
[root@controller /]# ovs-vsctl add-br br-ex
[root@controller /]# echo $?
0
7.配置fwaas
管理节点操作
[root@controller /]# vim /etc/neutron/neutron.conf
[DEFAULT]
service_plugins = [existing service plugins],firewall
[service_providers]
service_provider = FIREWALL:Iptables:neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver:default
[fwaas]
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
网络节点操作
[root@controller /]# vim /etc/neutron/l3_agent.ini
[agent]
extensions = fwaas
[root@controller /]# vim /etc/neutron/neutron.conf
[fwaas]
agent_version = v1
driver = neutron_fwaas.services.firewall.drivers.linux.iptables_fwaas.IptablesFwaasDriver
enabled = True
conntrack_driver = conntrack
重启服务
[root@controller /]# neutron-db-manage --subproject neutron-fwaas upgrade head
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron-fwaas ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
OK
[root@controller /]# systemctl restart neutron-server
[root@controller /]# echo $?
0
[root@controller /]# systemctl restart neutron-l3-agent
[root@controller /]# echo $?
0
8.配置lbaas agent
安装软件
[root@controller /]# yum install -y haproxy
管理节点操作:
[root@controller /]# vim /etc/neutron/neutron.conf
service_plugins = [existing service plugins],neutron_lbaas.services.loadbalancer.plugin.LoadBalancerPluginv2
管理节点和网络节点操作:
[root@controller /]# vim /etc/neutron/neutron_lbaas.conf
[service_providers]
service_provider = LOADBALANCERV2:Haproxy:neutron_lbaas.drivers.haproxy.plugin_driver.HaproxyOnHostPluginDriver:default
[root@controller /]# vim /etc/neutron/lbaas_agent.ini
[DEFAULT]
device_driver = neutron_lbaas.drivers.haproxy.namespace_driver.HaproxyNSDriver
interface_driver = openvswitch
[haproxy]
user_group = haproxy
管理节点操作
[root@controller /]# neutron-db-manage --subproject neutron-lbaas upgrade head
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron-lbaas ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
OK
网络节点操作:
[root@controller /]# systemctl start neutron-lbaasv2-agent.service
[root@controller /]# echo $?
0
[root@controller /]# systemctl enable neutron-lbaasv2-agent.service
[root@controller /]# echo $?
0
管理节点操作
[root@controller /]# systemctl restart neutron-server
[root@controller /]# echo $?
0
9.配置qos
[root@controller /]# vim /etc/neutron/neutron.conf
service_plugins = [existing service plugins],neutron.services.qos.qos_plugin.QoSPlugin
[root@controller /]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
extension_drivers = port_security,qos
[root@controller /]# vim /etc/neutron/plugins/ml2/openvswitch_agent.ini
[agent]
extensions = qos
重启服务
[root@controller /]# systemctl restart neutron-server.service
[root@controller /]# echo $?
0
[root@controller /]# systemctl restart neutron-openvswitch-agent.service
[root@controller /]# echo $?
0
部署计算节点
一、安装和配置组件
1.安装软件
[root@controller /]# yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch ebtables ipset
2.配置服务
[root@controller /]# vim /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@controller
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = qwer1234
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[root@controller /]# vim /etc/neutron/plugins/ml2/openvswitch_agent.ini
[ovs]
local_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
3.启动服务及设置开机重启
systemctl enable openvswitch neutron-openvswitch-agent
systemctl start openvswitch neutron-openvswitch-agent
ovs-vsctl add-br br-ex
ovs-vsctl add-port br-ex ens37
展示现有节点和虚拟机的所有情况
ovs-vsctl showovs-vsctl show
验证
openstack network agent list
标签:service,部署,agent,etc,controller,OpenStack,root,neutron 来源: https://blog.csdn.net/weixin_44099173/article/details/123184270
本站声明: 1. iCode9 技术分享网(下文简称本站)提供的所有内容,仅供技术学习、探讨和分享; 2. 关于本站的所有留言、评论、转载及引用,纯属内容发起人的个人观点,与本站观点和立场无关; 3. 关于本站的所有言论和文字,纯属内容发起人的个人观点,与本站观点和立场无关; 4. 本站文章均是网友提供,不完全保证技术分享内容的完整性、准确性、时效性、风险性和版权归属;如您发现该文章侵犯了您的权益,可联系我们第一时间进行删除; 5. 本站为非盈利性的个人网站,所有内容不会用来进行牟利,也不会利用任何形式的广告来间接获益,纯粹是为了广大技术爱好者提供技术内容和技术思想的分享性交流网站。