2. Java
  3. OpenStack多节点安装(五):Neutron

OpenStack多节点安装(五):Neutron

xiaoxiao2021-02-27  179

上篇文章讲述了如何安装计算服务组件(Nova),本文开始讲述如何安装网络服务组件(Neutron)。

在安装和配置Neutron服务之前,必须先完成数据库,服务凭证以及API endpoints的创建

1.创建数据库

mysql -u root -p CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS'; 用合适的密码替换NEUTRON_DBPASS

2. 创建服务凭证

. admin-openrc openstack user create --domain default --password-prompt neutron openstack role add --project service --user neutron admin openstack service create --name neutron \ --description "OpenStack Networking" network

3. 创建网络服务API endpoints

openstack endpoint create --region RegionOne \ network public http://192.168.152.166:9696 openstack endpoint create --region RegionOne \ network internal http://192.168.152.166:9696 openstack endpoint create --region RegionOne \ netwrok admin http://192.168.152.166:9696

网络选项的话我用的是Provider Network,所以下面的网络配置也是针对该网络选项配置来进行的,请注意这点。

安装组件

sudo apt install neutron-server neutron-plugin-ml2 \ neutron-linuxbridge-agent neutron-dhcp-agent \ neutron-metadata-agent

编辑/etc/neutron/neutron.conf文件,并完成如下操作

在[database]部分,配置数据库访问

[database] # ... connection = mysql+pymysql://neutron:NEUTRON_DBPASS@192.168.152.166/neutron 在[default]部分,完成如下配置

[DEFAULT] # ... core_plugin = ml2 service_plugins = # ... transport_url = rabbit://openstack:RABBIT_PASS@192.168.152.166 # ... auth_strategy = keystone # ... notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true

在[keystone_authtoken]部分,完成如下配置

[keystone_authtoken] # ... auth_uri = http://192.168.152.166:5000 auth_url = http://192.168.152.166:35357 memcached_servers = 192.168.152.166:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = NEUTRON_PASS 在[nova]部分,完成如下配置

[nova] # ... auth_url = http://192.168.152.166:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = NOVA_PASS 配置ML2插件部分

编辑/etc/neutron/plugins/ml2/ml2_conf.ini,并完成如下操作

在[ml2]部分,完成如下配置

[ml2] # ... type_drivers = flat,vlan # ... tenant_network_types = # ... mechanism_drivers = linuxbridge # ... extension_drivers = port_security 在[ml2_type_flat]部分,配置公共虚拟网络为flat网络

[ml2_type_flat] # ... flat_networks = provider 在[securitygroup]部分,启用ipset增加安全组的方便性

[securitygroup] # ... enable_ipset = true 配置LinuxBridge代理

编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini,并完成如下操作

在[linux_bridge]部分,将公共虚拟网络与公共物理网络接口对应起来

[linux_bridge] physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME将PUBLIC_INTERFACE_NAME替换成底层物理网络接口(如,ens34/eth1等)

在[vxlan]部分,禁止VXLAN覆盖网络

[vxlan] enable_vxlan = false 在[securitygroup]部分,启用安全组并配置Linux桥接防火墙驱动

[securitygroup] # ... enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver 配置DHCP代理

编辑/etc/neutron/dhcp_agent.ini,并完成如下操作

在[default]部分,完成以下配置:

[DEFAULT] # ... interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true 配置元数据代理 `编辑/etc/neutron/metadata_agent.ini,并完成如下操作

在[default]部分,配置元数据主机以及共享密码

[DEFAULT] # ... nova_metadata_ip = 192.168.152.166 metadata_proxy_shared_secret = METADATA_SECRET(设置成你自己的密码)配置计算服务来使用网络服务

在/etc/nova/nova.conf中的[neutron]部分,配置访问参数,启用元数据代理并设置密码

[neutron] # ... url = http://192.168.152.166:9696 auth_url = http://192.168.152.166:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = NEUTRON_PASS service_metadata_proxy = true metadata_proxy_shared_secret = METADATA_SECRET 同步数据库

sudo su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron 重启计算API服务

sudo service nova-api restart 重启网络服务

sudo service neutron-server restart sudo service neutron-linuxbridge-agent restart sudo service neutron-dhcp-agent restart sudo service neutron-metadata-agent restart 以上操作均在控制节点上进行,下面讲述计算节点上的网络配置

安装组件

sudo apt install neutron-linuxbridge-agent 通用组件配置/etc/neutron/neutron.conf,注意[database]部分全部注释掉,计算节点不直接访问数据库

[DEFAULT] # ... transport_url = rabbit://openstack:RABBIT_PASS@controller [DEFAULT] # ... auth_strategy = keystone [keystone_authtoken] # ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = NEUTRON_PASS 网络选项(Provider)部分的配置同控制节点上的 配置LinuxBridge代理一样,这里不再描述。

编辑/etc/nova/nova.conf,完成如下操作

在[neutron]部分,配置访问参数

[neutron] # ... url = http://192.168.152.166:9696 auth_url = http://192.168.152.166:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = NEUTRON_PASS

重启服务 sudo service nova-compute restart sudo service neutron-linuxbridge-agent restart 验证网络服务

. admin-openrc openstack extension list --network如果上面的命令有正常输出,则说明网络服务安装正确。

验证代理服务

openstack network agent list如果上面的命令有类似如下的输出,则说明neutron代理启动成功

+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | 0400c2f6-4d3b-44bc-89fa-99093432f3bf | Metadata agent | controller | None | True | UP | neutron-metadata-agent | | 83cf853d-a2f2-450a-99d7-e9c6fc08f4c3 | DHCP agent | controller | nova | True | UP | neutron-dhcp-agent | | ec302e51-6101-43cf-9f19-88a78613cbee | Linux bridge agent | compute | None | True | UP | neutron-linuxbridge-agent | | fcb9bc6e-22b1-43bc-9054-272dd517d025 | Linux bridge agent | controller | None | True | UP | neutron-linuxbridge-agent | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

现在你的OpenStack环境已经包含了启动一个基础实例所需要的核心组件。你可以选择继续安装其它服务组件或者是现在就开始尝试运行实例。祝各位好运!

转载请注明原文地址: https://www.6miu.com/read-12454.html

技术

最新回复(0)