版权声明:本文为博主原创文章,未经博主允许不得转载。 https://blog.csdn.net/BAKBad/article/details/74907759
上篇文章讲述了如何安装计算服务组件(Nova),本文开始讲述如何安装网络服务组件(Neutron)。
在安装和配置Neutron服务之前,必须先完成数据库,服务凭证以及API endpoints的创建
1.创建数据库
mysql -u root -p
CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
2. 创建服务凭证
. admin-openrc
openstack user create --domain default --password-prompt neutron
openstack role add --project service --user neutron admin
openstack service create --name neutron \
--description "OpenStack Networking" network3. 创建网络服务API endpoints
openstack endpoint create --region RegionOne \
network public http://192.168.152.166:9696
openstack endpoint create --region RegionOne \
network internal http://192.168.152.166:9696
openstack endpoint create --region RegionOne \
netwrok admin http://192.168.152.166:9696网络选项的话我用的是Provider Network,所以下面的网络配置也是针对该网络选项配置来进行的,请注意这点。
安装组件
sudo apt install neutron-server neutron-plugin-ml2 \
neutron-linuxbridge-agent neutron-dhcp-agent \
neutron-metadata-agent编辑/etc/neutron/neutron.conf文件,并完成如下操作
在[database]部分,配置数据库访问
[database]
# ...
connection = mysql+pymysql://neutron:[email protected]/neutron在[default]部分,完成如下配置
[DEFAULT]
# ...
core_plugin = ml2
service_plugins =
# ...
transport_url = rabbit://openstack:[email protected]
# ...
auth_strategy = keystone
# ...
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true在[keystone_authtoken]部分,完成如下配置
[keystone_authtoken]
# ...
auth_uri = http://192.168.152.166:5000
auth_url = http://192.168.152.166:35357
memcached_servers = 192.168.152.166:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS在[nova]部分,完成如下配置
[nova]
# ...
auth_url = http://192.168.152.166:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS配置ML2插件部分
编辑/etc/neutron/plugins/ml2/ml2_conf.ini,并完成如下操作
在[ml2]部分,完成如下配置
[ml2]
# ...
type_drivers = flat,vlan
# ...
tenant_network_types =
# ...
mechanism_drivers = linuxbridge
# ...
extension_drivers = port_security在[ml2_type_flat]部分,配置公共虚拟网络为flat网络
[ml2_type_flat]
# ...
flat_networks = provider在[securitygroup]部分,启用ipset增加安全组的方便性
[securitygroup]
# ...
enable_ipset = true配置LinuxBridge代理
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini,并完成如下操作
在[linux_bridge]部分,将公共虚拟网络与公共物理网络接口对应起来
[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME在[vxlan]部分,禁止VXLAN覆盖网络
[vxlan]
enable_vxlan = false在[securitygroup]部分,启用安全组并配置Linux桥接防火墙驱动
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver配置DHCP代理
编辑/etc/neutron/dhcp_agent.ini,并完成如下操作
在[default]部分,完成以下配置:
[DEFAULT]
# ...
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true配置元数据代理
`编辑/etc/neutron/metadata_agent.ini,并完成如下操作
在[default]部分,配置元数据主机以及共享密码
[DEFAULT]
# ...
nova_metadata_ip = 192.168.152.166
metadata_proxy_shared_secret = METADATA_SECRET(设置成你自己的密码)在/etc/nova/nova.conf中的[neutron]部分,配置访问参数,启用元数据代理并设置密码
[neutron]
# ...
url = http://192.168.152.166:9696
auth_url = http://192.168.152.166:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
service_metadata_proxy = true
metadata_proxy_shared_secret = METADATA_SECRET同步数据库
sudo su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron重启计算API服务
sudo service nova-api restart重启网络服务
sudo service neutron-server restart
sudo service neutron-linuxbridge-agent restart
sudo service neutron-dhcp-agent restart
sudo service neutron-metadata-agent restart以上操作均在控制节点上进行,下面讲述计算节点上的网络配置
安装组件
sudo apt install neutron-linuxbridge-agent通用组件配置/etc/neutron/neutron.conf,注意[database]部分全部注释掉,计算节点不直接访问数据库
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
[DEFAULT]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS网络选项(Provider)部分的配置同控制节点上的 配置LinuxBridge代理一样,这里不再描述。
编辑/etc/nova/nova.conf,完成如下操作
在[neutron]部分,配置访问参数
[neutron]
# ...
url = http://192.168.152.166:9696
auth_url = http://192.168.152.166:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASSsudo service nova-compute restart
sudo service neutron-linuxbridge-agent restart验证网络服务
. admin-openrc
openstack extension list --network验证代理服务
openstack network agent list+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 0400c2f6-4d3b-44bc-89fa-99093432f3bf | Metadata agent | controller | None | True | UP | neutron-metadata-agent |
| 83cf853d-a2f2-450a-99d7-e9c6fc08f4c3 | DHCP agent | controller | nova | True | UP | neutron-dhcp-agent |
| ec302e51-6101-43cf-9f19-88a78613cbee | Linux bridge agent | compute | None | True | UP | neutron-linuxbridge-agent |
| fcb9bc6e-22b1-43bc-9054-272dd517d025 | Linux bridge agent | controller | None | True | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+现在你的OpenStack环境已经包含了启动一个基础实例所需要的核心组件。你可以选择继续安装其它服务组件或者是现在就开始尝试运行实例。祝各位好运!