OpenStack:安装Neutron与provider network

  1. 安装
    (1)Install Networking services on a dedicated network node
    # apt-get install neutron-server neutron-dhcp-agent
    neutron-plugin-openvswitch-agent
    不需要L3Agent
    删除sqlite
    rm -f /var/lib/neutron/neutron.sqlite

编辑/etc/sysctl.conf, Enable packet forwarding and disable packet
destination filtering
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

双重加载
# sysctl -p
# service networking restart
若果这些,则
# /etc/init.d/networking restart

  1. 创建db
    create database neutron;
    grant all privileges on neutron.* to ‘neutron’@’%’ identified by
    ‘openstack’;
    grant all privileges on neutron.* to ‘neutron’@’localhost’ identified
    by ‘openstack’;

  2. 创建user, role
    # keystone user-create –name=neutron –pass=openstack
    # keystone user-role-add –user=neutron –tenant=service –role=admin

  3. 配置:
    (1)配置/etc/neutron/neutron.conf :
    [DEFAULT]
    core_plugin =
    neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
    auth_strategy=keystone
    control_exchange = neutron
    rabbit_host = controller
    rabbit_userid = guest
    rabbit_password = openstack
    notification_driver =
    neutron.openstack.common.notifier.rabbit_notifier

[database]
connection = mysql://neutron:openstack@controller/neutron

[keystone_authtoken]
auth_uri = http://controller:35357
auth_host = controller
auth_port = 35357
auth_protocol = http
admin_tenant_name = service
admin_user = neutron
admin_password = openstack

(2)配置/etc/neutron/api-paste.ini:
[filter:authtoken]
paste.filter_factory =
keystoneclient.middleware.auth_token:filter_factory
auth_uri = http://controller:35357
auth_host = controller
auth_port = 35357
admin_tenant_name = service
admin_user = neutron
admin_password = openstack

警告:Warning
keystoneclient.middleware.auth_token: You must configure auth_uri to
point to the public identity endpoint. Otherwise, clients might not be
able to authenticate against an admin endpoint.

(3)配置/etc/neutron/dhcp_agent.ini
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

(4)配置 /etc/nova/nova.conf, 回头关联nova
[DEFAULT]
neutron_metadata_proxy_shared_secret = openstack
service_neutron_metadata_proxy = true

network_api_class=nova.network.neutronv2.api.API

neutron_admin_username=neutron
neutron_admin_password=openstack
neutron_admin_auth_url=http://controller:35357/v2.0/
neutron_auth_strategy=keystone
neutron_admin_tenant_name=service
neutron_url=http://controller:9696/

亟需重启:
# service nova-api restart

(5)配置/etc/neutron/metadata_agent.ini
[DEFAULT]
auth_url = http://controller:35357/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = openstack
nova_metadata_ip = controller
metadata_proxy_shared_secret = openstack

  1. 注册service, endpoint:
    # keystone service-create \
    –name=neutron –type=network \
    –description=”OpenStack Networking Service”

# keystone endpoint-create \
–service-id 455075d2fb9540ac864c345109c291cf \
–publicurl http://controller:9696 \
–adminurl http://controller:9696 \
–internalurl http://controller:9696


>在Network Node安装Neutron

  1. 安装OVS
    知道3种interface
    MGMI_INTERFACE: 管理接口, 使用eth1, 一般要关张
    DATA_INTERFACE: 数据接口, 使用eth1
    EXTERNAL_INTERFACE: 外部接口, 使用eth0,
    如若有多ISP,都绑定于该interface.
    (1) 安装
    # apt-get install neutron-plugin-openvswitch-agent
    # ovs-vsctl add-br br-int
    br-int是OVS连接VM必需的, 至于br-ex按照网络拓扑需要, 在flat网络则不用.

(2) 配置 /etc/neutron/dhcp_agent.ini
[DEFAULT]
enable_isolated_metadata = True
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = False
其中use_namespaces依照需要设定,假诺是flat应该没有必要吗?
需要重启
# service neutron-dhcp-agent restart

(3)配置/etc/neutron/neutron.conf, 设置OVS
core_plugin =
neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2

(4)配置/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini,
设置firewall_driver
[securitygroup]
# Firewall driver for realizing neutron security group function.
firewall_driver =
neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]
tenant_network_type = none
enable_tunneling = False
network_vlan_ranges = physnet0, physnet1
bridge_mappings = physnet0:br-eth0, physnet1:br-eth1
则需要创建

(5)重启
# service openvswitch-switch restart(只在装置后重启一回即可,不可能重启)

# service neutron-plugin-openvswitch-agent restart

  1. 重启neutron服务.
    service neutron-server restart
    service neutron-dhcp-agent restart
    service neutron-metadata-agent restart
    service neutron-plugin-openvswitch-agent restart

======================================
配置网络:

(1)执行下述ovs命令
# ovs-vsctl add-br br-eth0
# ovs-vsctl add-port br-eth0 eth0
# ovs-vsctl add-br br-eth1
# ovs-vsctl add-port br-eth1 eth1

(2)配置interfaces
openstack@openstack:~$ cat /etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see interfaces(5).

# The loopback network interface
auto lo
iface lo inet loopback

auto eth0
iface eth0 inet manual
        up ifconfig eth0 0.0.0.0 promisc up
        down ifconfig eth0 down

auto br-eth0
iface br-eth0 inet static
        address 192.168.2.3
        netmask 255.255.255.0
        gateway 192.168.2.2
        dns-nameservers 192.168.2.2

auto eth1
iface eth1 inet manual
        up ifconfig eth1 0.0.0.0 promisc up
        down ifconfig eth1 down

auto br-eth1
iface br-eth1 inet static
        address 10.0.0.3
        netmastk 255.255.255.0

假若阐明 bridge_ports eth0,就不可能再声称iface eth0,

要不然Linux启动会报网络错误.

关闭gro
ethtool -k eth0
ethtool -K eth0 gro off
ethtool -k eth1

ethtool -K eth1 gro off

网站地图xml地图