关于OpenStack的组件之一neutron
关于neutron组件部署
ct部署
1.创建数据库neutron,并进行授权
[root@ct ~]# mysql -uroot -p123456
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> flush privileges;
2.创建neutron用户,用于在keystone做认证:
[root@ct ~]# openstack user create --domain default --password NEUTRON_PASS neutron
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 8716ddf8da484a6a84a8f823d1ecf012 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
3.将neutron用户添加到service项目中拥有管理员权限
[root@ct ~]# openstack role add --project service --user neutron admin
4.创建network服务,服务类型为network
[root@ct ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 2e9ba08752c54c7c8521ecf6290535f7 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
5.注册API到neutron服务,给neutron服务关联端口,即添加endpoint
[root@ct ~]# openstack endpoint create --region RegionOne network public http://ct:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | d4487d85fb54415fa765a759277acabf |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2e9ba08752c54c7c8521ecf6290535f7 |
| service_name | neutron |
| service_type | network |
| url | http://ct:9696 |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne network internal http://ct:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | de35544def264088a14019504914de93 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2e9ba08752c54c7c8521ecf6290535f7 |
| service_name | neutron |
| service_type | network |
| url | http://ct:9696 |
+--------------+----------------------------------+
[root@ct ~]# openstack endpoint create --region RegionOne network admin http://ct:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9fb31f93267f44b6b7bd4160e88097ca |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 2e9ba08752c54c7c8521ecf6290535f7 |
| service_name | neutron |
| service_type | network |
| url | http://ct:9696 |
+--------------+----------------------------------+
6.安装提供者网络,ebtables包是用来管理iptables规则的
[root@ct ~]# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables conntrack-tools
7.更改主配置文件
[root@ct ~]# cp -a /etc/neutron/neutron.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_type password
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova project_name service
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova username nova
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS
[root@ct ~]# cat /etc/neutron/neutron.conf
[DEFAULT]
core_plugin = ml2 #启用二层网络插件
service_plugins = router #启用三层网络插件
allow_overlapping_ips = true
transport_url = rabbit://openstack:RABBIT_PASS@ct #配置rabbitmq连接
auth_strategy = keystone #认证的方式:keystone
notify_nova_on_port_status_changes = true #当网络接口发生变化时,通知给计算节点
notify_nova_on_port_data_changes = true #当端口数据发生变化,通知计算节点
[cors]
[database] #配置数据库连接
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron
[keystone_authtoken] #配置keystone认证信息
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
[oslo_concurrency] #配置锁路径
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]
[nova] #neutron需要给nova返回数据
auth_url = http://ct:5000 #到keystone认证nova
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova #通过nova的用户名和密码到keystone验证nova的token
password = NOVA_PASS
8.修改 ML2 plugin 配置文件 ml2_conf.ini
[root@ct ~]# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
[root@ct ~]#
[root@ct ~]#
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
[root@ct ~]# cat //etc/neutron/plugins/ml2/ml2_conf.ini
[DEFAULT]
[ml2]
type_drivers = flat,vlan,vxlan #配置类型驱动;单一扁平网络(桥接)和vlan;让二层网络支持桥接,支持基于vlan做子网划分
tenant_network_types = vxlan #租户网络类型(vxlan)
mechanism_drivers = linuxbridge,l2population #启用Linuxbridge和l2机制,(l2population机制是为了简化网络通信拓扑,减少网络广播):
extension_drivers = port_security #启用端口安全扩展驱动程序,基于iptables实现访问控制;但配置了扩展安全组会导致一些端口限制,造成一些服务无法启动
[ml2_type_flat]
flat_networks = provider #配置公共虚拟网络为flat网络
[ml2_type_vxlan]
vni_ranges = 1:1000 #为私有网络配置VXLAN网络识别的网络范围
[securitygroup]
enable_ipset = true #启用 ipset 增加安全组的方便性
9.修改 linux bridge network provider 配置文件
[root@ct ~]# cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth1
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.52.10
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@ct ~]#
[root@ct ~]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:eth1
#指定上个文件中的桥接网络名称,与eth0物理网卡做关联,后期给虚拟机分配external网络,就可以通过eth0上外网;物理网卡有可能是bind0、br0等
[vxlan] #启用VXLAN覆盖网络,配置覆盖网络的物理网络接口的IP地址,启用layer-2 population
enable_vxlan = true #允许用户创建自定义网络(3层网络)
local_ip = 192.168.100.11
l2_population = true
[securitygroup] #启用安全组并配置 Linux 桥接 iptables 防火墙驱动
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
10.修改内核参数
[root@ct ~]# echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf
[root@ct ~]# echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf
[root@ct ~]# modprobe br_netfilter
[root@ct ~]# sysctl -p
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
11.配置Linuxbridge接口驱动和外部网络网桥
[root@ct ~]# cp -a /etc/neutron/l3_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/l3_agent.ini.bak > /etc/neutron/l3_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge
[root@ct ~]# cat /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge
12.修改dhcp_agent 配置文件
[root@ct ~]# cp -a /etc/neutron/dhcp_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak > /etc/neutron/dhcp_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true
[root@ct ~]#
[root@ct ~]# cat /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge #指定默认接口驱动为linux网桥
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq #指定DHCP驱动
enable_isolated_metadata = true #开启iso元数据
13.配置元数据代理、用于配置桥接与自服务网络的通用配置
[root@ct ~]# cp -a /etc/neutron/metadata_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host ct
[root@ct ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET
[root@ct ~]# cat /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = ct
metadata_proxy_shared_secret = METADATA_SECRET
[cache]
14.修改nova配置文件,用于neutron交互
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron url http://ct:9696
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron auth_type password
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
15.创建ML2插件文件符号连接, 网络服务初始化脚本需要/etc/neutron/plugin.ini指向ML2插件配置文件的符号链接
[root@ct ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
16.初始化数据库
[root@ct ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
17.重启计算节点nova-api服务
[root@ct ~]# systemctl restart openstack-nova-api.service
18.开启neutron服务、设置开机自启动
[root@ct ~]# systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
[root@ct ~]# systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
[root@ct ~]# netstat -anutp |grep 9696
tcp 0 0 0.0.0.0:9696 0.0.0.0:* LISTEN 104070/server.log
19.因为配置了第三层L3网络服务、所以需要启动第三层服务
[root@ct ~]# systemctl enable neutron-l3-agent.service
[root@ct ~]# systemctl restart neutron-l3-agent.servicec1部署
1.#ipset:iptables的扩展,允许匹配规则的集合而不仅仅是一个IP
[root@c1 ~]# yum -y install openstack-neutron-linuxbridge ebtables ipset conntrack-tools
2.修改neutron.conf文件
[root@c1 ~]# cp -a /etc/neutron/neutron.conf{,.bak}
[root@c1 ~]# grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
[root@c1 ~]# cat /etc/neutron/neutron.conf
[DEFAULT] #neutron的server端与agent端通讯也是通过rabbitmq进行通讯的
transport_url = rabbit://openstack:RABBIT_PASS@ct
auth_strategy = keystone #认证策略:keystone
[cors]
[database]
[keystone_authtoken] #指定keystone认证的信息
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
[oslo_concurrency] #配置锁路径(管理线程库)
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]
3.配置Linux网桥代理
[root@c1 ~]# cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
[root@c1 ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth1
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.52.20
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@c1 ~]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:eth1
● 直接将node节点external网络绑定在当前节点的指定的物理网卡,不需要node节点配置网络名称,node节点只需要接收controller节点指令即可;controller节点上配置的external网络名称是针对整个openstack环境生效的,所以指定external网络绑定在当前node节点的eth0物理网卡上(也可能是bind0或br0)
[vxlan]
enable_vxlan = true #开启Vxlan网络
local_ip = 192.168.52.20
l2_population = true #L2 Population 是用来提高 VXLAN 网络扩展能力的组件
[securitygroup]
enable_security_group = true #开启安全组
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver #指定安全组驱动文件
4.修改内核参数
[root@c1 ~]# echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf
#允许虚拟机的数据通过物理机出去
[root@c1 ~]# echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf
#modprobe:用于向内核中加载模块或者从内核中移除模块。modprobe -r 表示移除
[root@c1 ~]# modprobe br_netfilter
[root@c1 ~]# sysctl -p
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
5.修改nova.conf配置文件
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron auth_type password
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
[root@c1 ~]# cat /etc/nova/nova.conf
[DEFAULT]
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@ct
my_ip = 192.168.52.20
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
[barbican]
[cache]
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://ct:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://ct:5000/v3
memcached_servers = ct:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[libvirt]
virt_type = qemu
[metrics]
[mks]
[neutron]
auth_url = http://ct:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://ct:5000/v3
username = placement
password = PLACEMENT_PASS
[powervm]
[privsep]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://192.168.52.10:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm]
[root@c1 ~]#
6.重启openstack-nova-compute服务,配置网络服务(可在c2节点验证,应该也可以在c1节点上验证)
[root@c1 ~]# systemctl restart openstack-nova-compute.service #重新启动计算节点上的Nova服务
7.启动neutron网桥代理服务 设置开机自启动
[root@c1 ~]# systemctl enable neutron-linuxbridge-agent.service
[root@c1 ~]# systemctl start neutron-linuxbridge-agent.service
注意:C2节点部署neutron服务(与C1节点相同)验证(ct节点上)
[root@ct ~]# openstack extension list --network
+--------------------------------------------------------------------------------------------------------------------
......省略
-----+
[root@ct ~]# openstack network agent listneutron组件小结
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
