↓↓↓↓↓↓↓↓視頻已上線B站↓↓↓↓↓↓↓↓
》》》》》》傳送門
1.創建網路服務資料庫
2.獲得 admin 憑證來獲取只有管理員能執行的命令的訪問權限
3.創建服務證書,neutron用戶
4.創建網路服務API端點:
5.Controller節點安裝并配置網路服務組件
6.網路服務初始化
7.同步資料庫
8.Controller節點重啟計算API服務
9.啟動網路服務并設定開機啟動
10.Compute節點安裝并配置neutron服務
11.compute節點重啟服務并設定開機自啟
12.驗證(Controller節點)
1.創建網路服務資料庫
#mysql -uroot -p000000
>create database neutron;
> grant all privileges on neutron.* to 'neutron'@'localhost' identified by '000000';
> grant all privileges on neutron.* to 'neutron'@'%' identified by '000000';
2.獲得 admin 憑證來獲取只有管理員能執行的命令的訪問權限
#. /root/admin-openrc
3.創建服務證書,neutron用戶
#openstack user create --domain default --password 000000 neutron
#openstack role add --project service --user neutron admin
#openstack service create --name neutron --description "OpenStack Networking" network
4.創建網路服務API端點:
#openstack endpoint create --region RegionOne network public http://controller:9696
#openstack endpoint create --region RegionOne network internal http://controller:9696
#openstack endpoint create --region RegionOne network admin http://controller:9696
5.Controller節點安裝并配置網路服務組件
#yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
1.編輯組態檔 /etc/neutron/neutron.conf
#vi /etc/neutron/neutron.conf
在 [database] 部分,配置資料庫訪問:
connection = mysql+pymysql://neutron:000000@controller/neutron
在``[DEFAULT]``部分,添加如下內容
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
rpc_backend = rabbit
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
在[oslo_messaging_rabbit]部分,配置 “RabbitMQ” 訊息佇列的連接:
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 000000
在[keystone_authtoken]部分,配置認證服務訪問
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 000000
在[nova]部分,配置網路服務來通知計算節點的網路拓撲變化:
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = 000000
在 [oslo_concurrency] 部分,配置鎖路徑:
lock_path = /var/lib/neutron/tmp
2.編輯/etc/neutron/plugins/ml2/ml2_conf.ini檔案,配置啟用flat,VLAN,GRE,LOCAL以及VXLAN網路:
#vi /etc/neutron/plugins/ml2/ml2_conf.ini
在[ml2]下添加
type_drivers = flat,vlan,vxlan,gre,local
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
在 [ml2_type_flat] 部分,配置公共虛擬網路為flat網路
flat_networks = provider
在 [ml2_type_vxlan] 部分,為私有網路配置VXLAN網路識別的網路范圍:
vni_ranges = 1:1000
在 [securitygroup] 部分,啟用 ipset 增加安全組規則的高效性:
enable_ipset = True
3.配置linuxbridge代理,編輯檔案/etc/neutron/plugins/ml2/linuxbridge_agent.ini
#vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
在 [linux_bridge] 部分,將公共虛擬網路和公共物理網路介面對應起來:
physical_interface_mappings = provider:eth1
#注意,此處的eth1為基礎環境配置中的200的網段 也就是 192.168.200.0/24
在 [vxlan] 部分,啟用VXLAN覆寫網路,配置覆寫網路的物理網路介面的IP地址,啟用layer-2 population:
enable_vxlan = True
local_ip = 192.168.100.10 #這里的IP地址是controller的管理網路
l2_population = True
在 [securitygroup] 部分,啟用安全組并配置 Linuxbridge iptables firewall driver:
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
4.配置layer-3代理,編輯檔案/etc/neutron/l3_agent.ini
#vi /etc/neutron/l3_agent.ini
在[DEFAULT]下添加
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge =
5.配置DHCP代理編輯/etc/neutron/dhcp_agent.ini檔案
#vi /etc/neutron/dhcp_agent.ini
在[DEFAULT]下添加
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = https://www.cnblogs.com/zhijian1574/p/True
6.編輯/etc/neutron/metadata_agent.ini檔案
#vi /etc/neutron/metadata_agent.ini
在``[DEFAULT]`` 部分,配置元資料主機以及共享密碼:
nova_metadata_ip = controller
metadata_proxy_shared_secret = 000000
7.編輯/etc/nova/nova.conf檔案
#vi /etc/nova/nova.conf
在``[neutron]``部分,配置訪問引數,啟用元資料代理并設定密碼:
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 000000
service_metadata_proxy = True
metadata_proxy_shared_secret = 000000
6.網路服務初始化
# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
7.同步資料庫
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
8.Controller節點重啟計算API服務
# systemctl restart openstack-nova-api.service
9.啟動網路服務并設定開機啟動
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
10.Compute節點安裝并配置neutron服務
# yum -y install openstack-neutron-linuxbridge ebtables ipset
1.編輯/etc/neutron/neutron.conf 檔案
#vi /etc/neutron/neutron.conf
在 “[DEFAULT]” 下添加
rpc_backend = rabbit
auth_strategy = keystone
在[oslo_messaging_rabbit]下添加
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = 000000
在[keystone_authtoken]下添加
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = 000000
在 [oslo_concurrency] 部分,配置鎖路徑:
lock_path = /var/lib/neutron/tmp
2.編輯/etc/neutron/plugins/ml2/linuxbridge_agent.ini檔案
#vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
在 [linux_bridge] 部分,將公共虛擬網路和公共物理網路介面對應起來
physical_interface_mappings = provider:eth1
在 [vxlan] 部分,啟用VXLAN覆寫網路,配置覆寫網路的物理網路介面的IP地址,啟用layer-2 population:
enable_vxlan = True
local_ip = 192.168.100.20
l2_population = True
在 [securitygroup] 部分,啟用安全組并配置 Linuxbridge iptables firewall driver:
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
3.編輯/etc/nova/nova.conf檔案并完成下面的操作
#vi /etc/nova/nova.conf
在[neutron]部分添加
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = 000000
11.compute節點重啟服務并設定開機自啟
# systemctl restart openstack-nova-compute.service neutron-linuxbridge-agent.service
# systemctl enable neutron-linuxbridge-agent.service
12.驗證(Controller節點)
#. /root/admin-openrc
#neutron ext-list
#neutron agent-list
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/53451.html
標籤:其他