本系列文章包含从OpenStack离线源制作到完成OpenStack安装的全部过程。
在本系列教程中使用的OpenStack的安装版本为第20个版本Train(简称T版本),2020年5月13日,OpenStack社区发布了第21个版本Ussuri(简称U版本)。
OpenStack部署系列文章
OpenStack Victoria版 安装部署系列教程
OpenStack Ussuri版 离线安装部署系列教程(全)
OpenStack Train版 离线安装部署系列教程(全)
欢迎留言沟通,共同进步。
文章目录
计算节点Neutron网络服务组件
官方参考:OpenStack官方安装指南:服务组件,Neutron-install,neutron-install-rdo,
neutron-install-controller-install-rdo,neutron-install-controller-install-rdo
博客:CentOS7安装OpenStack(Rocky版)-06.安装Neutron网络服务(控制节点)
一、安装的组件
yum install -y openstack-neutron-linuxbridge ebtables ipset
二、配置公共组件
网络公共组件配置包括身份验证机制,消息队列和插件。
/etc/neutron/neutron.conf
cd
touch compute-node-neutron.conf.sh
vim compute-node-neutron.conf.sh
bash compute-node-neutron.conf.sh
compute-node-neutron.conf.sh文件内容为:
#!bin/bash
#compute-node-neutron.conf.sh
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/neutron.conf
bash compute-node-neutron.conf.sh
三、配置网络选项
选择与为控制器节点选择的相同网络选项以配置特定于该节点的服务。
1.配置网络选项一:Provider networks
配置:https://docs.openstack.org/neutron/train/install/compute-install-option1-rdo.html
(1)配置Linux网桥代理
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
Linux网桥代理为实例构建第2层(桥接和交换)虚拟网络基础结构并处理安全组。
cd
touch compute-node-linuxbridge_agent.ini.sh
vim compute-node-linuxbridge_agent.ini.sh
bash compute-node-linuxbridge_agent.ini.sh
compute-node-linuxbridge_agent.ini.sh文件内容
#!bin/bash
#compute-node-linuxbridge_agent.ini.sh
#map the provider virtual network to the provider physical network interface,the name of the underlying provider physical network interface
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens34
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
bash compute-node-linuxbridge_agent.ini.sh
注:第一个选项physical_interface_mappings选项要配置计算节点自身的网卡名称provider:ens34
加载br_netfilter内核模块。要启用网络桥接器支持,通常br_netfilter内核模块需要加载。配置参考链接
echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf
cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
2.配置网络选项二:Self-service networks
配置:https://docs.openstack.org/neutron/train/install/compute-install-option2-rdo.html
(1)配置Linux网桥代理
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
Linux网桥代理为实例构建第2层(桥接和交换)虚拟网络基础结构并处理安全组。
#!bin/bash
#compute-node-linuxbridge_agent.ini.sh
#map the provider virtual network to the provider physical network interface,the name of the underlying provider physical network interface
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens34
#change to true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
#add new
#local_ip = OVERLAY_INTERFACE_IP_ADDRESS,replace OVERLAY_INTERFACE_IP_ADDRESS with the management IP address of the computes node
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.232.111
#add new
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
加载br_netfilter内核模块。要启用网络桥接器支持,通常br_netfilter内核模块需要加载。配置参考链接
echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf
cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
四、配置计算节点Compute服务以使用网络服务
https://docs.openstack.org/neutron/train/install/compute-install-rdo.html#configure-the-compute-service-to-use-the-networking-service
/etc/nova/nova.conf
在该[neutron]部分中,配置访问参数
cd
touch compute-node-neutron-nova.conf.sh
vim compute-node-neutron-nova.conf.sh
bash compute-node-neutron-nova.conf.sh
compute-node-neutron-nova.conf.sh文件内容
#!bin/bash
#compute-node-neutron-nova.conf.sh
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password neutron
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/nova/nova.conf
bash compute-node-neutron-nova.conf.sh
五、计算节点网络服务安装的确定
1.重新启动计算服务
systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service
2.启动Linux网桥代理,并配置开机自启
systemctl restart neutron-linuxbridge-agent.service
systemctl status neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled
六、安装完成
至此,计算节点的网络配置完成,转回到控制节点进行验证操作,进行整个Neutron网络服务的最终验证。
2019
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
