openstack Queens版本在centos7.1，最小化安装(安装neutron(控制节点)）

Hosts

10.0.2.111        con01controller

10.0.2.112        com01compute1

确保这网络OK

ping -c 4 openstack.org

ping -c 4 compute1

ping -c 4 controller

 

 

在数据库中创建neutron库和用户并授权

[root@con01~]# mysql -u root -ptest.2018

Welcometo the MariaDB monitor.  Commands endwith ; or \g.

YourMariaDB connection id is 84

Serverversion: 10.1.20-MariaDB MariaDB Server

 

Copyright(c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.

 

Type'help;' or '\h' for help. Type '\c' to clear the current input statement.

 

MariaDB[(none)]> CREATE DATABASE neutron;

QueryOK, 1 row affected (0.00 sec)

 

MariaDB[(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \

    ->  IDENTIFIED BY 'test.2018';

QueryOK, 0 rows affected (0.00 sec)

 

MariaDB[(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \

    ->  IDENTIFIED BY 'test.2018';

QueryOK, 0 rows affected (0.00 sec)

 

**********************************************************************

创建neutron用户：

openstackuser create --domain default --password-prompt neutron

openstackrole add --project service --user neutron admin

 

 

 

创建服务与api

[root@con01~]# openstack service create --name neutron \

>   --description "OpenStackNetworking" network

+-------------+----------------------------------+

|Field       | Value                            |

+-------------+----------------------------------+

|description | OpenStack Networking            |

|enabled     | True                             |

|id          |f5bb4e56bc0a4deaa50b3cf8bb4165f3 |

|name        | neutron                          |

|type        | network                          |

+-------------+----------------------------------+

[root@con01~]# openstack endpoint create --region RegionOne \

>   network public http://controller:9696

+--------------+----------------------------------+

|Field        | Value                            |

+--------------+----------------------------------+

|enabled      | True                             |

|id           |26ff4ce01e83480496f6b6752e32bcb3 |

|interface    | public                           |

|region       | RegionOne                        |

|region_id    | RegionOne                        |

|service_id   |f5bb4e56bc0a4deaa50b3cf8bb4165f3 |

|service_name | neutron                         |

|service_type | network                         |

|url          | http://controller:9696           |

+--------------+----------------------------------+

You havenew mail in /var/spool/mail/root

[root@con01~]# openstack endpoint create --region RegionOne \

>   network internal http://controller:9696

+--------------+----------------------------------+

|Field        | Value                            |

+--------------+----------------------------------+

|enabled      | True                             |

|id           |2aa85f5cf819487b88ef588b30f743ed |

|interface    | internal                         |

|region       | RegionOne                        |

|region_id    | RegionOne                        |

|service_id   |f5bb4e56bc0a4deaa50b3cf8bb4165f3 |

|service_name | neutron                         |

|service_type | network                         |

|url          | http://controller:9696           |

+--------------+----------------------------------+

[root@con01~]# openstack endpoint create --region RegionOne \

>   network admin http://controller:9696

+--------------+----------------------------------+

|Field        | Value                            |

+--------------+----------------------------------+

|enabled      | True                             |

|id           |aec5b36549514179af0e4262de123a44 |

|interface    | admin                            |

|region       | RegionOne                        |

|region_id    | RegionOne                        |

|service_id   |f5bb4e56bc0a4deaa50b3cf8bb4165f3 |

|service_name | neutron                         |

|service_type | network                         |

|url          | http://controller:9696           |

+--------------+----------------------------------+

**********************************************************************

 

安装

使用vxlan网络模式

 yum installopenstack-neutron openstack-neutron-ml2 \
  openstack-neutron-linuxbridge ebtables -y

 

修改配置文件

 

[root@con01~]# cat /etc/neutron/neutron.conf

[DEFAULT]

core_plugin= ml2

service_plugins= router

allow_overlapping_ips= true

transport_url= rabbit://openstack:test.2018@controller

auth_strategy= keystone

notify_nova_on_port_status_changes= true

notify_nova_on_port_data_changes= true

 

 

[database]

connection= mysql+pymysql://neutron:test.2018@controller/neutron

 

 

[keystone_authtoken]

# ...

auth_uri= http://controller:5000

auth_url= http://controller:35357

memcached_servers= controller:11211

auth_type= password

project_domain_name= default

user_domain_name= default

project_name= service

username= neutron

password= test.2018

 

[nova]

# ...

auth_url= http://controller:35357

auth_type= password

project_domain_name= default

user_domain_name= default

region_name= RegionOne

project_name= service

username= nova

password= test.2018

 

 

[oslo_concurrency]

# ...

lock_path= /var/lib/neutron/tmp

**********************************************************************

 

Vim/etc/neutron/plugins/ml2/ml2_conf.ini  修改以下的内容

[ml2]

type_drivers= flat,vlan,vxlan

tenant_network_types= vxlan

mechanism_drivers= linuxbridge,l2population

extension_drivers= port_security

 

[ml2_type_flat]

flat_networks= provider

 

[ml2_type_vxlan]

vni_ranges= 1:1000

 

[securitygroup]

enable_ipset= true

 

 

**********************************************************************

 

配置Linux网桥代理

修改配置文件

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

 

[linux_bridge]

physical_interface_mappings= provider:eno16777736

 

[securitygroup]

firewall_driver= neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

enable_security_group= true

 

[vxlan]

enable_vxlan= true

local_ip= 10.0.2.111

l2_population= true

 

 

 

确保值为1

[root@con01~]# sysctl -a |grep net.bridge.bridge-nf-call-iptables

net.bridge.bridge-nf-call-iptables= 1

[root@con01~]# sysctl -a |grep net.bridge.bridge-nf-call-ip6tables

net.bridge.bridge-nf-call-ip6tables= 1

 

**********************************************************************

配置第3层代理

vim/etc/neutron/l3_agent.ini

[DEFAULT]

interface_driver= linuxbridge

 

**********************************************************************

配置DHCP代理¶

/etc/neutron/dhcp_agent.ini

[DEFAULT]
# ...
interface_driver=linuxbridge
dhcp_driver=neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata=true

 

 

 

**********************************************************************

配置元数据代理

Vim  /etc/neutron/metadata_agent.ini

[DEFAULT]
# ...
nova_metadata_host=controller
metadata_proxy_shared_secret=METADATA_SECRET

 

 

**********************************************************************

配置Compute服务以使用网络服务

 

在控制节点中配置（新加入）

Vim /etc/nova/nova.conf

[neutron]

url = http://controller:9696

auth_url= http://controller:35357

auth_type= password

project_domain_name= default

user_domain_name= default

region_name= RegionOne

project_name= service

username= neutron

password= test.2018

service_metadata_proxy= true

metadata_proxy_shared_secret= METADATA_SECRET

**********************************************************************

 

 

完成安装

1.  # ln -s/etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

2.       初始化数据库

su -s /bin/sh -c "neutron-db-manage --config-file/etc/neutron/neutron.conf \
  --config-file/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

 

 

重启nova-api

[root@controller~]# systemctl restart openstack-nova-api.service

 

 

启动服务

 

# systemctl enable neutron-server.service \
  neutron-linuxbridge-agent.serviceneutron-dhcp-agent.service \
  neutron-metadata-agent.service
# systemctl restart neutron-server.service \
  neutron-linuxbridge-agent.serviceneutron-dhcp-agent.service \
  neutron-metadata-agent.service