创建数据库
[root@controller ~]# mysql -u root -p -e "CREATE DATABASE neutron;" Enter password: [root@controller ~]# mysql -u root -p -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';" Enter password: [root@controller ~]# mysql -u root -p -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';" Enter password:
安装neutron
[root@controller ~]# yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge python-neutronclientebtables ipset
配置neutron
同步数据库
[root@controller ~]# vim etc/neutron/neutron.conf 729 connection = mysql://neutron:neutron@192.168.1.11:3306/neutron [root@controller ~]# su -s /bin/sh -c "neutron-db-manage--config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head"neutron
配置其它项目
[root@controller ~]# vim /etc/neutron/neutron.conf 锁路径 20 state_path = /var/lib/neutron 使用keystone验证 92 auth_strategy = keystone 配置连接keystone 716 [keystone_authtoken] 717 auth_uri = http://192.168.1.11:5000 718 auth_url = http://192.168.1.11:35357 719 auth_plugin = password 720 project_domain_id = default 721 user_domain_id = default 722 project_name = service 723 username = neutron 724 password = neutron 配置连接rabbitmq 985 rabbit_host = 192.168.1.11 989 rabbit_port = 5672 1001 rabbit_userid = openstack 1005 rabbit_password = openstack Neutron相关配置 60 core_plugin = ml2 77 service_plugins = router Nova相关配置 360 notify_nova_on_port_status_changes = True 364 notify_nova_on_port_data_changes = True 367 nova_url = http://192.168.1.11:8774/v2 774[nova] 775 auth_url =http://192.168.1.11:35357 776 auth_plugin = password 777 project_domain_id = default 778 user_domain_id = default 779 region_name = RegionOne 780 project_name = service 781 username = nova 782 password = nova
配置ml2_conf.ini
[root@controller ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini 5 type_drivers = flat,vlan,gre,vxlan,geneve //支持的网络驱动 12 tenant_network_types = vlan,gre,vxlan,geneve//网络类型 18 mechanism_drivers = openvswitch,linuxbridge //底层驱动 27 extension_drivers = port_security //端口安全 67 flat_networks = physnet1 //使用单一扁平网络 120 enable_ipset = True
配置linuxbridge_agent.ini
[root@controller ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini 9 physical_interface_mappings = physnet1:eth0 16 enable_vxlan = False 51 prevent_arp_spoofing= True 56 firewall_driver =neutron.agent.linux.iptables_firewall.IptablesFirewallDriver 60 enable_security_group = True
配置dhcp_agent.ini
[root@controller ~]# vim /etc/neutron/dhcp_agent.ini 27 interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver 31 dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 52 enable_isolated_metadata = True
配置metadata_agent.ini
[root@controller ~]# vim /etc/neutron/metadata_agent.ini 5 auth_uri =http://192.168.1.11:5000 6 auth_url =http://192.168.1.11:35357 7 auth_region = RegionOne 8 auth_plugin = password 9 project_domain_id = default 10 user_domain_id = default 11 project_name = service 12 username = neutron 13 password = neutron 27 nova_metadata_ip = 192.168.1.1127 nova_metadata_ip = 192.168.1.11 52 metadata_proxy_shared_secret = neutron
修改nova配置
[root@controller ~]# vim /etc/nova/nova.conf 3031 [neutron] 3032 url = http://192.168.1.11:9696 3033 auth_url = http://192.168.1.11:35357 3034 auth_plugin = password 3035 project_domain_id = default 3036 user_domain_id = default 3037 region_name = RegionOne 3038 project_name = service 3039 username = neutron 3040 password = neutron 3048 service_metadata_proxy=true 3052 metadata_proxy_shared_secret=neutron [root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini/etc/neutron/plugin.ini
创建用户
[root@controller ~]# openstack user create --domain default--password=neutron neutron +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id |33d0790e74e24a4bb0de3b21263155a5 | | name | neutron | +-----------+----------------------------------+ [root@controller ~]# openstack role add --project service --user neutron admin
注册服务
[root@controller ~]# openstack service create --name neutron--description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id |a057284a51ae4ea896fce082d0242fa6 | | name | neutron | | type | network | +-------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne network public http://192.168.1.11:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id |77d289a63ccf4fa289a42f3ebba18fad | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id |a057284a51ae4ea896fce082d0242fa6 | | service_name | neutron | | service_type | network | | url |http://192.168.1.11:9696 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne network internal http://192.168.1.11:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id |571a7fb989f14efb9db43c20a03e3aff | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id |a057284a51ae4ea896fce082d0242fa6 | | service_name | neutron | | service_type | network | | url |http://192.168.1.11:9696 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint create --region RegionOne network admin http://192.168.1.11:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id |008aac0f57e64e3084a76c2743f6c096 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id |a057284a51ae4ea896fce082d0242fa6 | | service_name | neutron | | service_type | network | | url |http://192.168.1.11:9696 | +--------------+----------------------------------+
启动服务
[root@controller ~]# systemctl restart openstack-nova-api [root@controller ~]# systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service \ neutron-dhcp-agent.service \ neutron-metadata-agent.service [root@controller ~]# systemctl start neutron-server.service \ neutron-linuxbridge-agent.service \ neutron-dhcp-agent.service \ neutron-metadata-agent.service
查看验证
[root@controller ~]# neutron agent-list +--------------------------------------+--------------------+------------+-------+----------------+---------------------------+ | id | agent_type | host | alive | admin_state_up | binary | +--------------------------------------+--------------------+------------+-------+----------------+---------------------------+ | 41bcc4cb-dea4-4a4d-9ffa-18209c746762 | Metadata agent | controller | :-) | True | neutron-metadata-agent | | 5c7c894f-5260-49d7-9da4-c90c0a591fb6 | DHCP agent | controller | :-) | True | neutron-dhcp-agent | | 7df41d2f-f4a6-42cc-a761-83d9eab0a0f0 | Linux bridge agent | controller| :-) | True | neutron-linuxbridge-agent | +--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
文章转载自DevOps视角,如果涉嫌侵权,请发送邮件至:contact@modb.pro进行举报,并提供相关证据,一经查实,墨天轮将立刻删除相关内容。
