|
|
创建用户
; Z. n" j+ Y! ]( {; _( H5 V6 z' w) q6 k6 t
, b# M5 }( c, z* p# O+ S) p
+ s% e6 D* \2 t' @# openstack user create --domain default --project service --password Changeme_123 neutron ; R4 h. S. {( E, u* G& f4 \3 f9 v
. x3 {6 v; X6 M5 h. `5 E2 |. v. h赋予neutron用户admin权限4 `/ U6 S e3 U
$ H1 { G9 y l3 p: ]
! n2 O# i7 z/ o( [) s
$ A1 z5 q' Z9 C7 o8 h# openstack role add --project service --user neutron admin; I0 Q: e8 U: a) G# @' o/ s
4 t' j) z/ M! b创建服务6 s3 e; ?# z: P* Z! S
+ ]; _- `" l7 X
/ x9 |) J! }5 N d% ]! I, o
) b$ Q: o( B5 ?9 Y
# openstack service create --name neutron --description "OpenStack Networking service" network
+ c1 _! R" w1 g6 e) o
' v# W' q0 P7 [/ T2 w定义controller的管理网IP3 M) ~# M7 k* [4 D% h
- d. O2 M! ?: }
( z8 A- h4 S- Z2 L* c& v3 C/ ]+ h, { n x
# export controller=172.16.8.501) e& i) F; j9 L
" J) N7 ^( x2 G2 I3 K' H
创建endpoint/ V+ c$ k, k1 ^( Y/ j4 O6 h! a
. x; z! _, B4 V5 [
9 D8 U3 G9 Q6 g" j$ b
% | c$ y0 x) T7 P0 C1 N1 g# openstack endpoint create --region RegionOne network public http://$controller:9696 , `5 \% Y5 `6 L! H* n$ M
& h. v4 y+ ]% Q- d, h- Z
$ P- p! L9 E! o: ?4 f2 t/ D
* C( g. L% i/ ^, B! e# openstack endpoint create --region RegionOne network internal http://$controller:9696
* ~: C- p3 H% [' q! N; @. u% D! U- z9 m0 w. b
2 ]8 U) ^- X. m# _5 E# ^
8 j: K. F! q/ n6 R4 i. V# openstack endpoint create --region RegionOne network admin http://$controller:9696 & B5 {" k" x* Z7 o+ B
/ x- |. l. k. K) b: y% i3 Y# F' c创建数据库和用户$ X3 m. J- A" R! u
t0 K: L( }' O" O+ s4 M) \3 R
$ y" `" A- t% r+ {8 q
$ K5 G5 T; C* G _
# mysql -u root -pChangeme_123 F' ~; U# u2 j! Y0 Z/ J
MariaDB [(none)]> create database neutron;
* a* p$ g2 ]- O4 z* ~1 w XQuery OK, 1 row affected (0.00 sec); {: q& B: W( t# w
MariaDB [(none)]> grant all privileges on neutron.* to neutron@'localhost' identified by 'Changeme_123'; ) Q; S0 N3 @7 e- n* ]7 M! `$ Q3 [ [
Query OK, 0 rows affected (0.00 sec)8 Z( \/ g. s+ A) \
MariaDB [(none)]> grant all privileges on neutron.* to neutron@'%' identified by 'Changeme_123'; # ]; P6 b$ `9 A; F) w( j2 t
Query OK, 0 rows affected (0.00 sec)& c' R" e, T$ j& t W
MariaDB [(none)]> flush privileges; 7 g# y+ v5 c. p
Query OK, 0 rows affected (0.00 sec)/ S8 i/ f9 Q9 C+ c5 @
MariaDB [(none)]> exit 7 R# C( N" U- p# y, A
Bye
1 F9 G# O; C1 E- A8 N1 _
4 K8 g6 |3 o) B2 w1 R安装rpm包+ G, j& ]: S% _7 j5 O9 l% R% V
3 m. k5 U; S- Z, I: ?& ~
* [6 T6 B" e0 q7 Z' {) a
/ k: w. O" B6 u; b- \$ M
# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch% J( s3 ?1 l( l0 a5 O4 j; H1 i
7 Q5 A7 P7 ^- p4 T+ {: w6 o
修改配置文件
8 d0 r) b ?! b4 |) M! U
- B2 X3 q: I# t) w# U e
: T( e5 }- i4 |8 N- j2 C$ ]) C
3 o; g( s. B; U, I4 B1 T. G# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org ( C6 ~% n! o6 R$ G( ~. e, M
# vi /etc/neutron/neutron.conf
T- \3 i* u2 X$ _9 `( W q. ^3 z$ M[DEFAULT]
' |- N( V4 |4 b2 A# {- I: Vbind_host = 172.16.8.60
. d- V$ U* r# v. m; |1 C( sbind_port = 9696# ~# R0 R6 n# ]4 b' g, m
l3_ha = True0 |5 A: ~, Y& E7 A+ V) m* b. ]
max_l3_agents_per_router = 0
" E8 |/ b4 f7 o$ J5 m; m5 lmin_l3_agents_per_router = 27 @# K, w. r! n# u, a
core_plugin = ml2
* M. E! @: Q- G; N! G B3 n3 B* K6 @service_plugins = router1 N! }) H9 |3 S$ H7 Q% j, W
auth_strategy = keystone
$ ^4 S& S% U! `6 P9 X+ Q& _. f! jstate_path = /var/lib/neutron
# O' N9 w( I9 G U2 sdhcp_agent_notification = True' a2 n; ~# w W
allow_overlapping_ips = True% a; C9 t. D. y0 U5 I& J
notify_nova_on_port_status_changes = True p( t# b9 e( \+ b' i! J1 [0 O
notify_nova_on_port_data_changes = True& Z$ V" }1 p8 G* T+ e, M
# RabbitMQ connection info- Z: `, F; y+ `0 U! r& X" E/ V
transport_url = rabbit://openstack:Changeme_123@172.16.8.50
: f$ M" n2 l' X7 q/ W$ `0 S j- D5 y: i3 x2 v5 Y+ H1 o# m& A) l X
# Keystone auth info
) t' l, P" H" x6 l( E6 w[keystone_authtoken]/ d3 d$ _6 v7 H: u5 ?
auth_uri = http://172.16.8.50:5000
2 M: }0 e3 x" o6 ]2 M/ Tauth_url = http://172.16.8.50:35357
( A7 u [. q# x! T+ ^memcached_servers = node1:11211,node2:11211,node3:11211
/ z' h2 d L0 b9 Z( N) Tauth_type = password
* k) f6 f; S/ N$ y/ H' J, ]project_domain_name = default, E9 @& m* B; g6 I$ {$ ^" ^ ^1 I% k! s
user_domain_name = default% Z6 I7 i' `! p) g% ]$ J' f
project_name = service( `$ l' E/ b; o. F
username = neutron" I+ A9 v* c, G9 N1 C2 r9 H) r
password = Changeme_123: M3 L9 y* A9 I, N3 d _6 [% g, B* `
( t, n8 a3 E( N d: W# ]/ p2 u# MariaDB connection info
$ _- t6 D' U Z[database]6 c: F2 S. P2 f5 R
connection = mysql+pymysql://neutron:Changeme_123@172.16.8.50/neutron. n% X$ k. E" I+ g
# o' K* R4 q5 q9 [" Q8 W/ G/ M
# Nova connection info; m, S! _" Q" r8 J! V* A
[nova]: L- b* j$ m5 u5 j v0 Z
auth_url = http://172.16.8.50:35357
! y" r) W4 X' mauth_type = password' e* d5 b( W/ N
project_domain_name = default+ S7 \: ~0 C% a
user_domain_name = default. G* L& ?5 Y' |7 j. F6 D" B
region_name = RegionOne- C8 Q& n% B# m5 Y
project_name = service, L( s0 ` o5 R7 C
username = nova ~7 f- o B- W8 b% N! C
password = Changeme_123: ^3 J6 L0 [& }" H& z
+ v$ [. }- M, s0 b8 d
[oslo_concurrency]
1 N5 G6 V$ T$ u3 w6 olock_path = $state_path/tmp6 a9 O" O8 D; A: Y7 F$ ~+ k
7 @! t' R& d W/ c( k1 ?4 G q7 e1 }3 e) S
赋予权限/ y& T2 F* ^; j) s6 ]+ d6 a7 _% {
4 x; H$ G0 j. e: `& J( y/ j$ `; }8 o& S' ^2 s# _! B- h; P: P
) A1 } N% M; I- e4 j" H+ ~# L# chmod 640 /etc/neutron/neutron.conf
9 {. z" ~( ~7 d- |& k# D& V# chgrp neutron /etc/neutron/neutron.conf + t3 ~0 ~7 x, {, p" j' u
& d, X7 @" P% k+ f' I1 j' ?: R9 O修改配置文件
5 K. Q: d0 V' ~, e" E0 h% z( H4 U7 q6 L
! m* d$ w/ r8 T( h Y3 s
|0 i0 P2 r2 P) w. {1 Z/ ]. W8 U, z
# cp -a /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak% d' Z$ f9 E& _; ?: e
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 172.16.8.604 Y# h) ^. y3 ?& p; o
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret Changeme_123
2 v1 H% U2 {4 D' Zopenstack-config --set /etc/neutron/metadata_agent.ini cache memcache_servers node1:11211,node2:11211,node3:112113 z8 J3 F% V8 c" G S: k
2 ~8 }( [" X+ J* i6 B/ R! X ?. j
注意:修改节点的IP' i c* k/ ]9 D# ^4 @
0 L8 V# q9 B5 \2 }修改配置文件. |" ~1 x* l" a- f; n: e' V' n
) c( }# `1 s7 G9 Z# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
p, d1 k4 a* [1 c- D: x! E/ kopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,gre,vxlan 7 b6 H" O. b8 t% F
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types3 N' z9 _8 v& l! F' q% x0 J) o
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population 1 u: `4 X. h y+ B, o
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security+ f, `( z7 n. ^( p
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver; e: H, E1 F4 S
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True " o% r; S2 h8 h5 m1 p F, P# L
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
9 `1 s/ r! {. _2 e% K- Y2 ?0 H6 ~
修改配置文件/etc/nova/nova.conf
2 L1 ?8 _; [9 G. e/ Z( t, P6 R7 u% P, D# S! {7 w
* ]8 k& } x/ F5 ]: q$ x
" \- @( U. o) ~openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True j, ~) Y* @! n8 ]
openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
~/ j5 R$ S- S5 H3 z$ z' Aopenstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
* h1 t- w5 W; ?' Hopenstack-config --set /etc/nova/nova.conf neutron url http://172.16.8.50:9696
* ^+ l1 m0 _% Xopenstack-config --set /etc/nova/nova.conf neutron auth_url http://172.16.8.50:35357( P5 Y* \5 t9 ^. P% w" D; n( D
openstack-config --set /etc/nova/nova.conf neutron auth_type password d- k8 y8 B% g* E* S( Z g7 q
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
; T$ p$ H6 `) J& `openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
3 t5 c) |6 [9 w. G) uopenstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
8 Z8 b% x+ v( D C ]+ O# Iopenstack-config --set /etc/nova/nova.conf neutron project_name service, ^* J1 @4 ~' I
openstack-config --set /etc/nova/nova.conf neutron username neutron
% q) e! _. j: L' Wopenstack-config --set /etc/nova/nova.conf neutron password Changeme_123
" Q: r6 W; W7 U/ s7 @openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True" R' \, Y `; T( q7 }/ c$ h
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret Changeme_123
4 g2 \1 q8 ]( k# g. S9 v4 I
# f0 v4 z" F) L# M创建软连接
) C# X/ t9 i6 N/ ~' z) k5 I# Z, x& R0 S: m$ e6 U
- L& G5 G8 R9 |& a
+ _# d! B0 Z" J% Q7 e
# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
+ K) `$ \; [0 X y
& W1 r) {. p% S' }同步数据库
' v3 d& n# Y w: Q, [5 V. n# q- c. B0 C& V/ c
4 r$ S+ p7 P# W& u l& U1 q+ W" o: i/ y' J0 A" U/ Y0 I. I8 F
# su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"
& j) H0 z, A0 m/ d/ k+ S' [
& U, g# v/ s! W启动neutron服务
; v# S: ]' D& O6 y$ ?/ s: A5 K
0 l- Y& C( ?- _+ g" N- g
2 Q% O j3 V% N; t. V
# systemctl start neutron-server neutron-metadata-agent % Y7 e+ {. ~# ]* t! c0 J3 u
0 b6 g+ c0 r6 y2 ]+ ^( @- Z* r/ R
c6 O+ ]( l3 }: ~' Y$ ~) H3 ]. Y b) b0 R( ~0 j/ S; {0 f
# systemctl enable neutron-server neutron-metadata-agent
* G3 [6 Q" N: |7 J: n% [- j4 M7 ], e+ e8 R9 l' S! t5 }- g7 o
重启openstack-nova-api 9 O7 C3 V$ k4 d" G
~; i- s! [( c
$ s) o% s. C# H" C: L) n6 G3 j& i8 ^/ w
# systemctl restart openstack-nova-api2 c( p; u9 T" a* j8 Q3 a5 g
- \+ p5 D5 |. f; A! B& z
修改配置文件/etc/neutron/l3_agent.ini
1 k! A# o7 A* h! |) o7 K2 Z
H0 P4 V7 R( w
# w# I, Q& |+ Y# b; C3 P' q& `5 ]; \; o; \2 z1 p5 ^
# cp -a /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak
) x+ V% _3 h: Q
. N- d5 N6 h% ?# H
) v/ x3 q3 O: b+ H! ]6 k; H, J
# x8 H2 ^& y. G/ T6 J& Y6 F0 w# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
# R0 w+ M3 V! D' G5 i, A" i( L8 p) I0 Y H0 i# I* t! u
修改配置文件/etc/neutron/dhcp_agent.ini
/ U) V6 ~4 e* V" }4 p! \2 |4 e. L" Z) S* X' u
+ x3 i9 t5 y- x
( ^; E) D* k8 U+ c$ g2 f7 q# cp -a /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak
9 {& f# k, s: _openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
$ n. ]0 I/ {9 J8 h% popenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
9 a2 q1 ?" B2 G/ o& b% l8 xopenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True9 l" b% v# X: Y9 F8 L
- `, t, q- I3 r! k" V3 l# p
启动服务$ h5 n3 `5 x9 h9 R3 t: Z ]
- ~' e3 X5 i; J+ l+ `1 a; i5 J4 l/ p# X' L6 Q% U
1 p( \5 s4 W4 d7 X# S
# systemctl start openvswitch ; P" x9 _! W6 h3 A* H
# systemctl enable openvswitch
; M: H, L2 h1 x
# Z+ T3 f& O# G创建网桥2 @, u' T: Z& J! J7 u8 |! D1 Z
$ @3 S4 ]* J, [: ]5 R- x
! m$ X7 ]# |7 S* z& S5 j) E: c" q( m; H' R0 S T& x, F
# ovs-vsctl add-br br-int ( W3 a9 I4 V6 s# [1 n
# \* @) q- C# U+ ^2 O* |* h
启动服务并设置开机启动
+ i4 G4 a: R1 _* r
7 K8 z5 Y4 R* ^1 t( o. }% b
3 [9 b8 ]4 s( R2 H
; h, g$ N5 U7 ^2 n0 Y# for service in dhcp-agent l3-agent metadata-agent openvswitch-agent; do
* b( Q! p: R$ p( lsystemctl restart neutron-$service9 ]8 }8 ~; F/ Z$ j
systemctl enable neutron-$service
0 p3 E1 Y3 H9 j9 ~done
2 o8 a% _3 X& U* E! S
* q; ?- D: U4 {) M' i7 i8 V! y |
|
发表于 2018-9-26 09:53:44