碼上快樂

相關內容    簡體    繁體

CentOS7安裝OpenStack-06.安裝Neutron網絡服務

本文轉載自   查看原文   2020-03-11 16:21   770 

6.0.Neutron概述

OpenStack Networking(neutron),允許創建、插入接口設備,這些設備由其他的OpenStack服務管理。插件式的實現可以容納不同的網絡設備和軟件,為OpenStack架構與部署提供了靈活性。

它包含下列組件:

neutron-server:接收和路由API請求到合適的OpenStack網絡插件,以達到預想的目的。

OpenStack網絡插件和代理:插拔端口,創建網絡和子網,以及提供IP地址,這些插件和代理依賴於供應商和技術而不同,OpenStack網絡基於插件和代理為Cisco 虛擬和物理交換機、NEC OpenFlow產品,Open vSwitch,Linux bridging以及VMware NSX 產品穿線搭橋。

常見的代理L3(3層),DHCP(動態主機IP地址),以及插件代理。

消息隊列:大多數的OpenStack Networking安裝都會用到,用於在neutron-server和各種各樣的代理進程間路由信息。也為某些特定的插件扮演數據庫的角色,以存儲網絡狀態

OpenStack網絡主要和OpenStack計算交互,以提供網絡連接到它的實例。

6.1.在keystone數據庫中注冊neutron相關服務(控制節點

1)創建neutron數據庫,授予合適的訪問權限

# 連接數據庫
mysql -u root -p

# 創建數據並授權
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';

2)在keystone上創建neutron用戶

cd /server/tools
source keystone-admin-pass.sh
openstack user create --domain default --password=neutron neutron
openstack user list

3)將neutron添加到service項目並授予admin角色

# 以下命令無輸出

openstack role add --project service --user neutron admin

4)創建neutron服務實體

openstack service create --name neutron --description "OpenStack Networking" network
openstack service list

5)創建neutron網絡服務的API端點(endpoint)

openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
openstack endpoint list

6.2.在控制節點安裝neutron網絡組件

1)安裝neutron軟件包

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

2)快速配置/etc/neutron/neutron.conf

openstack-config --set  /etc/neutron/neutron.conf database connection  mysql+pymysql://neutron:neutron@controller/neutron 
openstack-config --set  /etc/neutron/neutron.conf DEFAULT core_plugin  ml2  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT service_plugins 
openstack-config --set  /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller
openstack-config --set  /etc/neutron/neutron.conf DEFAULT auth_strategy  keystone  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken auth_url  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken memcached_servers  controller:11211
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken auth_type  password  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken project_domain_name default  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken user_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken project_name  service  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken username  neutron  
openstack-config --set  /etc/neutron/neutron.conf keystone_authtoken password  neutron  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes  True  
openstack-config --set  /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes  True  
openstack-config --set  /etc/neutron/neutron.conf nova auth_url  http://controller:5000
openstack-config --set  /etc/neutron/neutron.conf nova auth_type  password 
openstack-config --set  /etc/neutron/neutron.conf nova project_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf nova user_domain_name  default  
openstack-config --set  /etc/neutron/neutron.conf nova region_name  RegionOne  
openstack-config --set  /etc/neutron/neutron.conf nova project_name  service  
openstack-config --set  /etc/neutron/neutron.conf nova username  nova  
openstack-config --set  /etc/neutron/neutron.conf nova password  nova  
openstack-config --set  /etc/neutron/neutron.conf oslo_concurrency lock_path  /var/lib/neutron/tmp

# 查看生效的配置

egrep -v '(^$|^#)' /etc/neutron/neutron.conf

3)快速配置/etc/neutron/plugins/ml2/ml2_conf.ini

openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers  flat,vlan
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types 
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers  linuxbridge
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers  port_security
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks  provider 
openstack-config --set  /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  True

# 查看生效的配置

egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/ml2_conf.ini

4)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini(標記的網卡名稱,是填寫自己的網卡名稱)

openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens33
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan  enable_vxlan  False
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  enable_security_group  True 
openstack-config --set   /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup  firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 查看生效的配置

egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

# 以下參數在啟動neutron-linuxbridge-agent.service的時候會自動設置為1

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables

5)快速配置/etc/neutron/dhcp_agent.ini

openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  interface_driver  linuxbridge
openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  dhcp_driver  neutron.agent.linux.dhcp.Dnsmasq
openstack-config --set   /etc/neutron/dhcp_agent.ini DEFAULT  enable_isolated_metadata  True

# 查看生效的配置

egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini

# 至此,方式1的配置文件修改完畢

6)快速配置/etc/neutron/metadata_agent.ini

openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host controller
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret neutron

# 查看生效的配置

egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini

# metadata_proxy_shared_secret選項是元數據代理,需要設置一個合適的密碼這里設置為neutron

7)配置計算服務使用網絡服務(控制節點

# 快速配置/etc/nova/nova.conf,將neutron添加到計算節點

openstack-config --set  /etc/nova/nova.conf  neutron url http://controller:9696
openstack-config --set  /etc/nova/nova.conf  neutron auth_url http://controller:5000
openstack-config --set  /etc/nova/nova.conf  neutron auth_type password
openstack-config --set  /etc/nova/nova.conf  neutron project_domain_name default
openstack-config --set  /etc/nova/nova.conf  neutron user_domain_name default
openstack-config --set  /etc/nova/nova.conf  neutron region_name RegionOne
openstack-config --set  /etc/nova/nova.conf  neutron project_name service
openstack-config --set  /etc/nova/nova.conf  neutron username neutron
openstack-config --set  /etc/nova/nova.conf  neutron password neutron
openstack-config --set  /etc/nova/nova.conf  neutron service_metadata_proxy true
openstack-config --set  /etc/nova/nova.conf  neutron metadata_proxy_shared_secret neutron

8)初始化安裝網絡插件

# 創建網絡插件的鏈接,初始化網絡的腳本插件會用到/etc/neutron/plugin.ini,需要使用ML2的插件進行提供

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

9)同步數據庫

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

10)重啟nova_api服務

systemctl restart openstack-nova-api.service

11)啟動neutron服務並設置開機啟動

# 需要啟動4個服務

systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

6.3.在計算節點安裝neutron網絡組件

1)安裝neutron組件

yum install openstack-neutron-linuxbridge ebtables ipset -y

2)快速配置/etc/neutron/neutron.conf

openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url  rabbit://openstack:openstack@controller
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri  http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

3)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:ens33
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

# 注意:第一個選項physical_interface_mappings選項要配置計算節點自身的網卡名稱provider:ens33

4)配置nova計算服務與neutron網絡服務協同工作

# 快速配置/etc/nova/nova.conf

openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service 
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron

5)重啟計算節點

systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service

6)啟動neutron網絡組件,並配置開機自啟動

# 需要啟動1個服務,網橋代理

systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service

systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled

# 至此,計算節點的網絡配置完成,轉回到控制節點進行驗證操作

6.4.在控制節點檢查確認neutron服務安裝成功

1)獲取管理權限

cd /server/tools
source keystone-admin-pass.sh

2)列表查看加載的網絡插件

openstack extension list --network

# 或者使用另一種方法:顯示簡版信息

neutron ext-list

3)查看網絡代理列表

openstack network agent list

# 正常情況下:控制節點有3個服務,計算節點有1個服務,如果不是,需要檢查計算節點配置:網卡名稱,IP地址,端口,密碼等要素

~~~neutron安裝部署完畢~~~

 


免責聲明!

本站轉載的文章為個人學習借鑒使用,本站對版權不負任何法律責任。如果侵犯了您的隱私權益,請聯系本站郵箱yoyou2525@163.com刪除。



猜您在找 CentOS7安裝OpenStack(Rocky版)-06.安裝Neutron網絡服務(控制節點) Centos7.4安裝openstack(queens)詳細安裝部署(五)-網絡服務(neutron)安裝 OpenStack之Neutron網絡服務(一) OpenStack組件——Neutron網絡服務(1) OpenStack 網絡服務 Neutron 多網卡(提供者網絡)(十八) OpenStack 網絡服務 Neutron 私有網絡構建(十九) neutron網絡服務 【openstack N版】——網絡服務neutron(flat扁平網絡) Openstack 網絡服務 Neutron介紹和控制節點部署 (九) 雲計算管理平台之OpenStack網絡服務neutron
 
粵ICP備18138465號   © 2018-2025 CODEPRJ.COM