CentOS7-徒手安装OpenStack（Rocky版）系列-06-Neutron服务安装

疯子行者 2020-06-19

1728

近期在学习OpenStack，分享一下Rocky版本的OpenStack安装过程，请各位大佬多多关注，不当之处望斧正。

本小节分享Neutron服务的安装配置。接上小节：CentOS7-徒手安装OpenStack（Rocky版）系列-05-配置一个nova计算节点

***本节操作命令2.4在计算节点执行，其余在控制节点****

1. 基础知识

Neutron是openstack核心项目之一，提供云计算环境下的虚拟网络功能，用来管理OpenStack环境中所有虚拟网络基础设施，物理网络基础设施的接入层。Neutron为整个OpenStack环境提供网络支持，包括二层交换，三层路由，负载均衡，防火墙和VPN等。Neutron提供了一个灵活的框架，通过配置，无论是开源还是商业软件都可以被用来实现这些功能。

（1）二层交换 Switching

Nova的Instance是通过虚拟交换机连接到虚拟二层网络的。Neutron支持多种虚拟交换机，包括Linux原生的Linux Bridge和Open vSwitch，Open vSwitch (OVS)是一个开源的虚拟交换机，它支持标准的管理接口和协议。利用Linux Bridge和OVS, Neutron除了可以创建传统的VLAN网络，还可以创建基于隧道技术的Overlay网络，比如VxLAN和GRE (Linux Bridge目前只支持VxLAN)。

（2）三层路由 Routing

Instance可以配置不同网段的IP, Neutron的router （虚拟路由器）实现instance跨网段通信。router通过IP forwardings iptables等技术来实现路由和NAT。

（3）负载均衡 Load Balancing

OpenStack目前是以Plugin的形式集成到Neutron，目前默认的是HAProxy。

（4）防火墙 Firwalling

Neutron目前通过iptables实现，有两种方式：Security Group：限制进出instance的网络包；Firewalls-as-a-Service：限制进出路由器的网络。

（5）Neutron 管理的网络资源包括network、subnet和port

a. network：是一个隔离的二层广播域。Neutron支持多种类型的netwok，包括 local、fla、VLAN、VxLAN 和 GRE。

b. subnet（子网）：subnet是一个IPv4或者IPv6地址段。instance的IP从subnet中分配。每个subnet需要定义IP地址的范围和掩码。network与subnet是1对多关系。一个subnet只能属于某个network；一个netwok可以有多个subnet,这些subnet可以是不同的IP段，但不能重叠。

c. prot：虚拟交换机上的一个端口，port上定义了MAC和IP地址。port与subnet是1对多的关系，一个port必须属于某个subnet；一个subnet可以有多个port。

#Neutron组件相当复杂。

1.1 组件

1.2基本架构

。Neutron Server

对外提供OpenStack网络API,接收请求，并调用Plugin处理请求。

。Plugin

处理Neutron Server发来的请求，维护OpenStack逻辑网络的状态，并调用Agent处理

请求。

。Agent

处理Plugin的请求，负责在network provider上真正实现各种网络功能。

。network provider

提供网络服务的虚拟或物理网络设备，例如Linux Bridge, Open vSwitch或者其他支持Neutron的物理交换机。

。Queue

Neutron Server^ Plugin 和 Agent 之间通过 Messaging Queue 通信和调用。

。Datebase

Database 用来存放 OpenStack 的网络状态信息，包括 Network、Subnet、Port、Router 等。

2 安装Neutron组件

2.1 确认网络配置

（1）控制节点

[root@controller ~]# more etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

**********

192.168.137.100 controller.fzxz686.com controller

192.168.137.101 nova.fzxz686.com nova block object

**********

[root@controller ~]#

（2）计算节点

[root@nova ~]# more etc/hosts

127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4

::1 localhost localhost.localdomain localhost6 localhost6.localdomain6

**********

192.168.137.100 controller.fzxz686.com controller

192.168.137.101 nova.fzxz686.com nova block object

**********

[root@nova ~]#

（3）ping测试

[root@controller ~]# ping -c 2 nova

PING nova.fzxz686.com (192.168.137.101) 56(84) bytes of data.

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=1 ttl=64 time=2.09 ms

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=2 ttl=64 time=0.912 ms

--- nova.fzxz686.com ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1001ms

rtt min/avg/max/mdev = 0.912/1.503/2.094/0.591 ms

[root@controller ~]# ping -c 2 object

PING nova.fzxz686.com (192.168.137.101) 56(84) bytes of data.

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=1 ttl=64 time=0.834 ms

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=2 ttl=64 time=0.349 ms

--- nova.fzxz686.com ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1002ms

rtt min/avg/max/mdev = 0.349/0.591/0.834/0.243 ms

[root@controller ~]# ping -c 2 block

PING nova.fzxz686.com (192.168.137.101) 56(84) bytes of data.

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=1 ttl=64 time=0.671 ms

64 bytes from nova.fzxz686.com (192.168.137.101): icmp_seq=2 ttl=64 time=0.338 ms

--- nova.fzxz686.com ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1000ms

rtt min/avg/max/mdev = 0.338/0.504/0.671/0.168 ms

[root@controller ~]#

2.2 在keystone数据中注册neutron服务

1）创建neutron数据库并赋权

[root@controller ~]# mysql -predhat

Welcome to the MariaDB monitor. Commands end with ; or \g.

Your MariaDB connection id is 30

Server version: 10.1.20-MariaDB MariaDB Server

Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.

MariaDB [(none)]> CREATE DATABASE neutron;

Query OK, 1 row affected (0.01 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron';

Query OK, 0 rows affected (0.00 sec)

MariaDB [(none)]> exit

Bye

You have mail in /var/spool/mail/root

[root@controller ~]#

（2）创建neutron用户

[root@controller ~]# cd /server/tools/

[root@controller tools]# source keystone-admin-pass.sh

[root@controller tools]# openstack user create --domain default --password=neutron neutron

+---------------------+----------------------------------+

| Field | Value |

+---------------------+----------------------------------+

| domain_id | default |

| enabled | True |

| id | 24a0a037c3a940a0a9c2318cc1dc53e8 |

| name | neutron |

| options | {} |

| password_expires_at | None |

+---------------------+----------------------------------+

[root@controller tools]# openstack user list

+----------------------------------+-----------+

| ID | Name |

+----------------------------------+-----------+

| 07d8304d0e7346f5940e3b7842f88f2d | myuser |

| 0e10848856dd40d5abf8ef91801766c8 | placement |

| 24a0a037c3a940a0a9c2318cc1dc53e8 | neutron |

| 417263d5a1d44e7486a52f5466794b57 | glance |

| 7129dac220e041acabf74d8f722bc080 | admin |

| 8dad157be2734f5083bfd92c14f3f2fe | nova |

+----------------------------------+-----------+

（3）授权admin角色

[root@controller tools]# openstack role add --project service --user neutron admin

（4）创建neutron服务实体

[root@controller tools]# openstack service create --name neutron --description "OpenStack Networking" network

+-------------+----------------------------------+

| Field | Value |

+-------------+----------------------------------+

| description | OpenStack Networking |

| enabled | True |

| id | 852aa5da037f4181bae4d81901a4e7e4 |

| name | neutron |

| type | network |

+-------------+----------------------------------+

[root@controller tools]# openstack service list

+----------------------------------+-----------+-----------+

| ID | Name | Type |

+----------------------------------+-----------+-----------+

| 0360d744466f45028fd796a2eb2d77d4 | glance | image |

| 079ea394c9ea476085ab6f0790d18296 | nova | compute |

| 16f472518085448da6542ff821e1e6d0 | keystone | identity |

| 7eaf62ef2f99421abe8d1d614517d913 | placement | placement |

| 852aa5da037f4181bae4d81901a4e7e4 | neutron | network |

+----------------------------------+-----------+-----------+

（5）创建neutron的API endpoint

[root@controller tools]# openstack endpoint create --region RegionOne network public http://controller:9696

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | b024ea0cbba4416ab0a53129dc9cc96a |

| interface | public |

| region | RegionOne |

| region_id | RegionOne |

| service_id | 852aa5da037f4181bae4d81901a4e7e4 |

| service_name | neutron |

| service_type | network |

| url | http://controller:9696 |

+--------------+----------------------------------+

[root@controller tools]# openstack endpoint create --region RegionOne network internal http://controller:9696

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | c5d3b5e66ee24544aca6d372e2028516 |

| interface | internal |

| region | RegionOne |

| region_id | RegionOne |

| service_id | 852aa5da037f4181bae4d81901a4e7e4 |

| service_name | neutron |

| service_type | network |

| url | http://controller:9696 |

+--------------+----------------------------------+

[root@controller tools]# openstack endpoint create --region RegionOne network internal http://controller:9696

+--------------+----------------------------------+

| Field | Value |

+--------------+----------------------------------+

| enabled | True |

| id | 2cec3c012b91464d84e40b6b3cbe9ca9 |

| interface | internal |

| region | RegionOne |

| region_id | RegionOne |

| service_id | 852aa5da037f4181bae4d81901a4e7e4 |

| service_name | neutron |

| service_type | network |

| url | http://controller:9696 |

+--------------+----------------------------------+

[root@controller tools]#

2.3 在控制节点安装neutron网络组件

# 关于neutron的网络提供了两种方式：

https://docs.openstack.org/neutron/rocky/install/controller-install-option1-rdo.html

以下为第一种Networking Option 1: Provider networks

（1）安装neutron软件包

[root@controller tools]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

（2）配置/etc/neutron/neutron.conf

openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@controller/neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2

openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins

openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller

openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron

openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron

openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True

openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True

openstack-config --set /etc/neutron/neutron.conf nova auth_url http://controller:5000

openstack-config --set /etc/neutron/neutron.conf nova auth_type password

openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default

openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default

openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne

openstack-config --set /etc/neutron/neutron.conf nova project_name service

openstack-config --set /etc/neutron/neutron.conf nova username nova

openstack-config --set /etc/neutron/neutron.conf nova password nova

openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

[root@controller tools]# egrep -v '(^$|^#)' /etc/neutron/neutron.conf

[DEFAULT]

core_plugin = ml2

service_plugins =

transport_url = rabbit://openstack:openstack@controller

auth_strategy = keystone

notify_nova_on_port_status_changes = True

notify_nova_on_port_data_changes = True

[agent]

[cors]

[database]

connection = mysql+pymysql://neutron:neutron@controller/neutron

[keystone_authtoken]

www_authenticate_uri = http://controller:5000

auth_url = http://controller:5000

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = neutron

[matchmaker_redis]

[nova]

auth_url = http://controller:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = nova

password = nova

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[quotas]

[ssl]

[root@controller tools]

（3）配置/etc/neutron/plugins/ml2/ml2_conf.ini

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True

[root@controller tools]# egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/ml2_conf.ini

[DEFAULT]

[l2pop]

[ml2]

type_drivers = flat,vlan

tenant_network_types =

mechanism_drivers = linuxbridge

extension_drivers = port_security

[ml2_type_flat]

flat_networks = provider

[ml2_type_geneve]

[ml2_type_gre]

[ml2_type_vlan]

[ml2_type_vxlan]

[securitygroup]

enable_ipset = True

[root@controller tools]#

（4）配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens32

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True

openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

##注意修改网卡名称为系统内的网卡，我这里是ens32

[root@controller tools]# egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[DEFAULT]

[agent]

[linux_bridge]

physical_interface_mappings = provider:ens32

[network_log]

[securitygroup]

enable_security_group = True

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

[vxlan]

enable_vxlan = False

[root@controller tools]#

（5）配置/etc/neutron/dhcp_agent.ini

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq

openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True

[root@controller tools]# egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini

[DEFAULT]

interface_driver = linuxbridge

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata = True

[agent]

[ovs]

[root@controller tools]#

#方式1配置文件修改完毕

（6）配置/etc/neutron/metadata_agent.ini

openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host controller

openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret neutron

[root@controller tools]# egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini

[DEFAULT]

nova_metadata_host = controller

metadata_proxy_shared_secret = neutron

[agent]

[cache]

[root@controller tools]#

（7）配置计算服务使用网络服务

openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696

openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000

openstack-config --set /etc/nova/nova.conf neutron auth_type password

openstack-config --set /etc/nova/nova.conf neutron project_domain_name default

openstack-config --set /etc/nova/nova.conf neutron user_domain_name default

openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne

openstack-config --set /etc/nova/nova.conf neutron project_name service

openstack-config --set /etc/nova/nova.conf neutron username neutron

openstack-config --set /etc/nova/nova.conf neutron password neutron

openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true

openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret neutron

[root@controller tools]# egrep -v '(^$|^#)' /etc/nova/nova.conf

[DEFAULT]

enabled_apis = osapi_compute,metadata

my_ip = 192.168.137.100

use_neutron = true

firewall_driver = nova.virt.firewall.NoopFirewallDriver

transport_url = rabbit://openstack:openstack@controller

[api]

auth_strategy = keystone

[api_database]

connection = mysql+pymysql://nova:nova@controller/nova_api

[barbican]

[cache]

[cells]

[cinder]

[compute]

[conductor]

[console]

[consoleauth]

[cors]

[database]

connection = mysql+pymysql://nova:nova@controller/nova

[devices]

[ephemeral_storage_encryption]

[filter_scheduler]

[glance]

api_servers = http://controller:9292

[guestfs]

[healthcheck]

[hyperv]

[ironic]

[key_manager]

[keystone]

[keystone_authtoken]

auth_url = http://controller:5000/v3

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = nova

password = nova

[libvirt]

[matchmaker_redis]

[metrics]

[mks]

[neutron]

url = http://controller:9696

auth_url = http://controller:5000

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = neutron

password = neutron

service_metadata_proxy = true

metadata_proxy_shared_secret = neutron

[notifications]

[osapi_v21]

[oslo_concurrency]

lock_path = /var/lib/nova/tmp

[oslo_messaging_amqp]

[oslo_messaging_kafka]

[oslo_messaging_notifications]

[oslo_messaging_rabbit]

[oslo_messaging_zmq]

[oslo_middleware]

[oslo_policy]

[pci]

[placement]

region_name = RegionOne

project_domain_name = Default

project_name = service

auth_type = password

user_domain_name = Default

auth_url = http://controller:5000/v3

username = placement

password = placement

[placement_database]

connection = mysql+pymysql://placement:placement@controller/placement

[powervm]

[profiler]

[quota]

[rdp]

[remote_debug]

[scheduler]

discover_hosts_in_cells_interval = 300

[serial_console]

[service_user]

[spice]

[upgrade_levels]

[vault]

[vendordata_dynamic_auth]

[vmware]

[vnc]

enabled = true

server_listen = $my_ip

server_proxyclient_address = $my_ip

[workarounds]

[wsgi]

[xenserver]

[xvp]

[zvm]

[root@controller tools]#

（8）初始化安装网络插件

# 创建网络插件的链接，初始化网络的脚本插件会用到/etc/neutron/plugin.ini，需要使用ML2的插件进行提供

[root@controller tools]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

[root@controller tools]#

（9）同步数据库

[root@controller tools]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \

> --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

INFO [alembic.runtime.migration] Context impl MySQLImpl.

INFO [alembic.runtime.migration] Will assume non-transactional DDL.

Running upgrade for neutron ...

INFO [alembic.runtime.migration] Context impl MySQLImpl.

INFO [alembic.runtime.migration] Will assume non-transactional DDL.

INFO [alembic.runtime.migration] Running upgrade -> kilo

INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225

INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151

INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf

INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee

INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f

INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773

INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592

INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7

INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79

INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051

INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136

INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59

INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d

INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a

INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25

INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee

INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9

INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4

INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664

INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5

INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f

INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821

INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4

INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81

INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6

INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532

INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f

INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a

INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b

INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73

INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99

INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada

INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016

INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3

INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d

INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d

INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297

INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c

INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39

INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b

INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050

INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9

INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada

INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc

INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53

INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70

INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502

INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee

INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048

INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4

INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90

INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4

INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426

INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524

INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37

INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa

INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf

INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4

INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e

INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc

INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d

INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70

INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c

INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c

INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da

INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192

INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9

INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6

INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f

INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee

INFO [alembic.runtime.migration] Running upgrade 594422d373ee -> 61663558142c

INFO [alembic.runtime.migration] Running upgrade 61663558142c -> 867d39095bf4, port forwarding

INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a

INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad

INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab

INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0

INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62

INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353

INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586

INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d

[root@controller tools]#

（10）重启服务

#重启nova-api

[root@controller tools]# systemctl restart openstack-nova-api.service

#重启neutron 并设置为开机启动

[root@controller tools]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

[root@controller tools]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

● neutron-server.service - OpenStack Neutron Server

Loaded: loaded (/usr/lib/systemd/system/neutron-server.service; disabled; vendor preset: disabled)

Active: active (running) since Sun 2020-06-14 11:40:17 CST; 27s ago

Main PID: 8062 (neutron-server)

CGroup: /system.slice/neutron-server.service

├─8062 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

├─8133 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

├─8134 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

├─8135 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

├─8136 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

├─8137 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

└─8138 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neut...

Jun 14 11:40:04 controller.fzxz686.com systemd[1]: Starting OpenStack Neutron Server...

Jun 14 11:40:17 controller.fzxz686.com systemd[1]: Started OpenStack Neutron Server.

● neutron-linuxbridge-agent.service - OpenStack Neutron Linux Bridge Agent

Loaded: loaded (/usr/lib/systemd/system/neutron-linuxbridge-agent.service; disabled; vendor preset: disabled)

Active: active (running) since Sun 2020-06-14 11:40:04 CST; 40s ago

Process: 8063 ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh (code=exited, status=0/SUCCESS)

Main PID: 8073 (neutron-linuxbr)

CGroup: /system.slice/neutron-linuxbridge-agent.service

└─8073 /usr/bin/python2 /usr/bin/neutron-linuxbridge-agent --config-file /usr...

Jun 14 11:40:04 controller.fzxz686.com systemd[1]: Starting OpenStack Neutron Linux Bri....

Jun 14 11:40:04 controller.fzxz686.com neutron-enable-bridge-firewall.sh[8063]: net.brid...

Jun 14 11:40:04 controller.fzxz686.com systemd[1]: Started OpenStack Neutron Linux Brid....

Jun 14 11:40:15 controller.fzxz686.com sudo[8122]: neutron : TTY=unknown ; PWD=/ ; USER...

Jun 14 11:40:18 controller.fzxz686.com sudo[8150]: neutron : TTY=unknown ; PWD=/ ; USE...f

● neutron-dhcp-agent.service - OpenStack Neutron DHCP Agent

Loaded: loaded (/usr/lib/systemd/system/neutron-dhcp-agent.service; disabled; vendor preset: disabled)

Active: active (running) since Sun 2020-06-14 11:40:04 CST; 40s ago

Main PID: 8064 (neutron-dhcp-ag)

CGroup: /system.slice/neutron-dhcp-agent.service

└─8064 /usr/bin/python2 /usr/bin/neutron-dhcp-agent --config-file /usr/share/...

Jun 14 11:40:04 controller.fzxz686.com systemd[1]: Started OpenStack Neutron DHCP Agent.

● neutron-metadata-agent.service - OpenStack Neutron Metadata Agent

Loaded: loaded (/usr/lib/systemd/system/neutron-metadata-agent.service; disabled; vendor preset: disabled)

Active: active (running) since Sun 2020-06-14 11:40:04 CST; 40s ago

Main PID: 8065 (neutron-metadat)

CGroup: /system.slice/neutron-metadata-agent.service

├─8065 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/sh...

└─8121 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/sh...

Jun 14 11:40:04 controller.fzxz686.com systemd[1]: Started OpenStack Neutron Metadata A....

Hint: Some lines were ellipsized, use -l to show in full.

[root@controller tools]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service.

Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.

Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service.

Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service.

[root@controller tools]# systemctl list-unit-files |grep neutron* |grep enabled

neutron-dhcp-agent.service enabled

neutron-linuxbridge-agent.service enabled

neutron-metadata-agent.service enabled

neutron-server.service enabled

[root@controller tools]#

##控制端配置完成

2.4 计算节点安装neutron服务

（1）安装neutron组件

[root@nova ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y