- 积分
- 16841
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
一、控制节点配置
5 Z& q) C. O, x( p% M& z在控制节点进行以下操作。) w% p* H K3 V. c
. O/ p4 D7 G( ?) @, l0 I/ q1、配置数据库* b4 |8 e. i0 w. o, w4 j0 ~5 `
进入数据库控制台(密码123456):( C9 |# [: P+ ]) s: Z5 J" G7 R
, {* r8 ^9 [) Rmysql -u root -p
' |3 K2 g! i5 w" K, p( c6 a3 O! z$ v
+ U+ I" C9 O6 i' ~9 Z2 T
bash
2 w" W. m+ h1 J8 k/ c: H创建数据库并授予权限,退出数据库:7 ^ O1 q" _9 Z2 F3 V
+ O; T+ Y! x" Q/ i$ Z5 g: w+ K$ S) _" }$ qCREATE DATABASE neutron;3 u- o9 `6 l/ b) X( U. c. W8 B) M
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
; N% I: f* t$ X: }GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';$ {% e# o# u8 g
+ M* |- g5 ^# _
3 r2 P+ {% O" i2 X9 N
% f/ _0 M C, w7 o
1 V3 g3 E9 p+ u. S4 h" G$ M
. K7 `3 F4 ~. C; j5 v
% q5 z5 I0 _8 [$ {7 f9 h5 @& D2、创建neutron用户+ z2 }) O' a6 j7 t- n" M
登录admin支行好:
( R7 F$ R; H8 v; Z7 F6 y/ V4 _: i
. N0 O I* W! x/ L0 h" R _" ?+ b. admin-openrc
) t1 T# x/ r7 A; @) _2 u P1 S/ B( q: n, v# F. [
bash7 o/ F; g3 K! f3 k: E
在domain:default创建用户neutron:" {7 K! D# W' f$ }3 F: [1 @
7 @1 Y. |1 ]; ~+ B; ^) J; iopenstack user create --domain default --password-prompt neutron
9 Q' Q0 V- n9 T
/ [! j' |/ x/ e' Q( Z0 wbash
1 ?2 F/ b. z" T, |4 }$ H9 h; e如下图:; N$ q' |; ]) \- Z! I) R
( e4 G6 q/ Q: C" w! D: N4 N2 D% d
5 v+ {1 M) O. B- J8 C5 m( a4 R i& X
+ b1 p7 J* O3 @0 G
授予neutron服务admin权限:
% \( u7 K# `" I" v2 A+ v% o
i& r# K5 `4 Topenstack role add --project service --user neutron admin
T$ T/ ?( D, n& z5 ]+ n V4 f; h4 r* x L# S# C
bash# W- ], C* |! h2 I( x
创建neutron服务入口:
8 |" |" V( O/ W* W: `
5 @- ]6 s3 ]9 p9 J1 k8 b; Iopenstack service create --name neutron --description "OpenStack Networking" network! E% g N& ^7 ]0 ]# Y" T
& b) p9 l8 i: S3 N3 X
bash' V) y' m, X. _5 |
如下图:6 w1 h- \; s4 p# c8 n2 d
5 R- d# b7 w" n* `* E/ _6 b
' \$ [+ s# \4 }/ ?/ ~8 n0 c* @ C
. M9 r; Z7 q! i创建网络服务API端点:
2 ~8 o& \# J; @1 a: V: z5 \
# V5 {# ?5 ^# p& v. h: B) dopenstack endpoint create --region RegionOne network public http://controller:9696" I0 U( k& U1 @/ X( u$ i* @ S6 F
openstack endpoint create --region RegionOne network internal http://controller:9696
/ K3 I# \7 { y* x. K/ Yopenstack endpoint create --region RegionOne network admin http://controller:96962 c+ [- h" e6 i* D6 w% Y, B2 ?
AI构建项目
7 ^7 { v- b* `; s8 u5 U( B1 u( kbash4 ~7 o- C6 f, c w; S7 [% J- t9 e: F; @
如下图:
" |, K1 b+ W8 @- [7 P" j
/ r5 G; ]* @: }) N) i( e1 R# j- q4 T# n3 |2 }
* H/ S) _9 m$ _8 j4 C0 r+ U3、配置selfservice网络$ E0 B+ f+ C. @& f& m2 g
安装neutron:
, P. L/ ?$ U' Q" ], d( L5 y0 `8 _, u1 }/ l
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y/ q) s) y1 a {9 L& A) J3 Q+ e
AI构建项目
; b% ?6 I' `- h% ~8 s- Q- Lbash. U+ m7 f. y) t7 O, `* J7 w
备份/etc/neutron/neutron.conf,删除其注释:1 H3 w, J3 `+ ]$ |+ X, |7 A# z( E
; ?' u$ f. v5 u$ Omv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source5 z, B# d: A: H3 p
cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf
+ [4 ]; f/ t" ^+ J# ^AI构建项目
, K; w& @* i8 N ?/ Z. R( Qbash" o9 O! V6 g& g* Y
编辑/etc/neutron/neutron.conf:9 ]1 |3 A. V6 l3 t) _0 L
( l0 x' s( ^& Y( H[DEFAULT]
0 c" s! }* Q% g/ F+ \' o5 ?; f0 q# ...1 d7 w+ e! C! p3 N6 R3 G
core_plugin = ml2& i3 w- ]! L0 v H* w9 ^: o: c/ L
service_plugins = router2 @- `. ?$ L6 `1 \& M* k
allow_overlapping_ips = true5 r0 j- E$ L0 X; a1 K5 B0 ^
transport_url = rabbit://openstack:123456@controller
; |0 w- V3 T( \! l+ Y+ Aauth_strategy = keystone/ `4 M6 e6 E. z+ y* |* O* `
notify_nova_on_port_status_changes = true: K& l- h* I( I7 N, E7 ` r4 a6 j
notify_nova_on_port_data_changes = true
, h! D, A: H0 c! R
8 q( s) g T! Z: {: H[database]
1 g3 m7 j0 |4 x! V3 [: w# ...% X+ e# A2 L( B
connection = mysql+pymysql://neutron:123456@controller/neutron$ h. p( ?% p2 W9 F0 W! x2 X$ ^
1 V# {3 }; Z/ B4 F. @8 {6 w! e% _[keystone_authtoken]
( o0 a' f+ o) B% j+ J# ...
' Y. l& Y+ S$ T& {$ m4 Bwww_authenticate_uri = http://controller:5000. {/ h- G% t7 y& i$ S( n
auth_url = http://controller:5000
( Y* @4 z* E* h8 @memcached_servers = controller:11211" H N' w3 C1 a H; {" X2 d
auth_type = password
& z* `) W% V5 J+ d9 A% ], q% vproject_domain_name = default8 ?9 m p" F- g* C& [/ F) C6 o8 n
user_domain_name = default
# d2 G% c/ v8 k. [/ r7 Dproject_name = service w' o+ [1 z7 V* Q; W: P+ C) W
username = neutron
' U1 ` a' E9 P0 Bpassword = 123456
# q5 }: q3 s# x* @" }& b + ? A. e! S- `9 s( s. G
[nova]
3 `& ~+ Q4 J6 g) X8 r4 ?# ...- |- r3 I2 a# R2 M
auth_url = http://controller:5000- ?+ x- U7 Y8 F* s
auth_type = password
/ N- ]6 d9 X) ~" }. N" x/ fproject_domain_name = default; ~! A9 u' b* L' M4 y& m
user_domain_name = default* a8 r. j4 x4 n5 M# C$ Z% ]
region_name = RegionOne
! t; O# b8 \' ^$ ?project_name = service
0 S/ Y* y# c: F% ]3 jusername = nova
' F2 U6 N7 `# j, [password = 123456* |, Y- L; q. l8 w! n: \8 |1 @7 a
- }( p, H, n7 h, R[oslo_concurrency]9 F! p7 X) {1 g! h' o' W
# ...2 @# g, A9 L2 G/ v0 A+ j
lock_path = /var/lib/neutron/tmp
% Z2 n# D; T8 U+ { $ {0 F# W- G/ J) a
AI构建项目2 U C; X! J0 O( h- m
bash
1 I0 U6 P8 V' s5 P; g) @4、配置ml2
$ y5 X; W; o# {2 [, a7 k 备份/etc/neutron/plugins/ml2/ml2_conf.ini,删除其注释:2 Q1 G. V$ w7 v0 V3 O
. J1 v' s- |/ s' ]' H/ q8 y+ H
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.source
& ]/ h/ L! G7 p7 icat /etc/neutron/plugins/ml2/ml2_conf.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/ml2_conf.ini, g3 T. j& o" z; v+ J' l3 F
AI构建项目
" G8 m2 Z/ p; j, e3 F( O8 Obash
$ ?" o5 J' M# W9 z' Y: \3 F对/etc/neutron/plugins/ml2/ml2_conf.ini进行以下配置:
1 Y" I0 Y1 F7 x( O0 e2 b( X) I/ z0 u* r* Y' c) I6 X
[ml2]
2 q. P0 p3 C4 `+ W& p4 w# ...
, q8 j8 H$ E W+ Y4 jtype_drivers = flat,vlan,vxlan
) d' F4 L0 W% e5 ^! v+ ~% ltenant_network_types = vxlan$ n5 k9 I; q" } Y) t
mechanism_drivers = linuxbridge,l2population- B V) X/ _% r0 _1 Z: ?1 A
extension_drivers = port_security) P7 b+ r3 U, q, d, X- T
( V. I4 Q/ H, ]) a1 p# N0 A
[ml2_type_flat]
/ I& l0 s1 y+ N+ h- Q# ...1 Q3 i4 l a, X$ x
flat_networks = provider! W( z7 I+ U8 D4 B6 o) g
; D K9 t1 w/ X* `+ j[ml2_type_vxlan]1 T) w3 H, q; ]$ C2 y4 ?0 h8 o
# ...( G* q5 R6 {; a# `" s, o$ i& J* ~$ D! c
vni_ranges = 1:1000
; {1 \! L* S, B5 C9 \ & {- l: L2 f* b6 r% u# v; U/ F
[securitygroup]* Q, K5 s- ^( C+ M4 Q
# ...! O9 l7 H& i# i) O3 Q
enable_ipset = true' v1 M# `3 d% ?9 \& Q0 C' G
AI构建项目
" Q+ X$ T2 R v! }bash- z7 f- X, Y7 U( H9 k7 o1 Z3 x
5、配置linux网桥
5 h/ `$ H$ _- F0 P' ?9 \- r# f. d 备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:2 w, c2 k1 {$ E: X' p5 G8 ]
/ q/ a: s8 w& g5 J/ S6 A6 Y# Vmv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source
6 P0 W- l9 v* d# b2 Acat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini5 @4 n: }' h4 B# v" t7 z2 S
AI构建项目
! y" O+ V! l B+ {bash
: U" u @: n$ _" i对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):0 i' e" C) _6 g! ?, B* V8 t
* _0 U0 ~. X% J2 {* d8 {$ L% {
[linux_bridge]/ Q% ]) @ z8 E1 r: C; Q
physical_interface_mappings = provider:ens33& ^0 D0 `7 f( m/ x9 E
6 z3 _7 T6 K* k' g* v& Y. O, @3 m! C[vxlan]
2 q& H- x0 b' m" V' E. Q; ?5 henable_vxlan = true
! s) X2 W3 Z6 f0 ?- j* Plocal_ip = 10.0.0.11- h$ s7 z% c5 X) n1 Z
l2_population = true
& z. X* C! }& r8 n7 x8 R( U
# X+ C) n# D) S: l[securitygroup]+ G9 D" @% F; l5 p% E
# ...7 T1 t" `- N! c
enable_security_group = true* ?( Y% L, v9 V& h
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver1 ^9 e! X% R7 }1 v5 P3 D! l
AI构建项目9 H5 s4 }) g% k7 t1 Z
bash9 b4 P' p( k( ]- }: l1 `: \
修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:
: t! i; a F7 z+ u3 }+ T
( l4 ^: |) Z( X8 U! Fnet.bridge.bridge-nf-call-iptables = 1
" l* {" H) U7 v( J4 L% J/ `net.bridge.bridge-nf-call-ip6tables = 1
. o" d7 s1 j" k8 u, gAI构建项目7 f' q0 S S7 E6 a; e/ n
bash
% Q# T6 W$ o- F3 ?; f+ b/ X如下图:# K0 ~- L0 A# f7 s! v
4 T& ]' r2 e. {2 Q9 j$ @8 _& @
- A V! u% _ Q; v4 A4 x7 j
8 ]# Y5 J: C( q' v @添加网桥过滤器,并设置开机加载:1 u0 a, d$ J7 U9 k9 [7 q
1 e7 ~6 q/ ^$ [! D# ?$ t0 V( J
modprobe br_netfilter
9 X$ |$ X! ]( s8 Q( A4 ^9 csysctl -p
# O8 p' @" A3 |sed -i '$amodprobe br_netfilter' /etc/rc.local( F7 \2 E6 B& F8 T
AI构建项目
: y! C5 I9 U% R: l. l5 Ubash( N* ~6 v8 l: \, t7 l
如下图:: E$ k) w, S/ Q$ z6 A2 r
# d9 R9 E8 t, e- E6 O: l, f+ S" \1 f- ]! ^7 Z7 c8 x3 @* E
4 {2 w$ F+ P7 D. g/ K6、配置L3代理
4 Q" L2 E2 w. T8 H编辑/etc/neutron/l3_agent.ini,添加以下内容:0 T% h9 b4 {+ W- v, R
2 P ?! X) S) c! E[DEFAULT]
* O8 Z0 A. K4 d2 f# b& |# ...9 U: ?6 {7 r B
interface_driver = linuxbridge& P4 A$ x9 H2 Q: l
AI构建项目
' [* m+ B0 K& Cbash
2 [2 r! Z- A; N. g/ u0 g n如下图:
$ X6 K) @+ p8 G7 j; H! @2 _8 M3 Q. D/ T/ Y: I8 i
0 H; Q! d* V5 ?- ~9 `) q
& e5 L) g( f: K1 b: c/ o
7、配置dhcp# n# a G7 h( w# o* \" R
编辑/etc/neutron/dhcp_agent.ini,添加以下内容:7 F0 s" O w, Z$ Z8 m
$ j0 x9 }4 F2 k: J" Z
[DEFAULT]
* t9 l; s9 ^0 Y# ...
3 t1 y) I1 _4 F; w: P7 z8 G' W# ~interface_driver = linuxbridge5 @- z( a3 j5 B' `( d
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq% U: H; }( A' j! T; Y7 q. B0 B
enable_isolated_metadata = true
$ Q! h* ~" J; z Q7 Q/ QAI构建项目
9 n4 ]$ E4 b, k6 U$ Bbash& a5 ?4 L* Z% X2 U
如下图:
7 m9 q2 O' |1 W+ W9 Q+ l3 m
0 z) I0 ]% \6 V; v
& S5 Z8 b1 j3 X# @% U* d$ b8 `6 F P, B7 V1 G* M# m) i
8、配置meta代理
5 X7 n/ t- c! C编辑/etc/neutron/metadata_agent.ini,进行以下配置: c) ~: D2 }* D+ M3 n
; {) w# K% U/ V1 h& x6 u
[DEFAULT]
7 e% P- i' {& c4 Z( ^, d, ?% W# ...
( W$ a* D, Y, R9 A. i0 U/ x* nnova_metadata_host = controller7 i0 w" a `, c( v1 ~
metadata_proxy_shared_secret = 123456. \- C! }2 E% m% y$ B
AI构建项目 @' ^" Z2 e3 [: G- ]) s% v5 |
bash4 a# L' x4 F3 ]8 ~2 ~2 v
如下图:) I6 V' w Y+ r
' f! w \) O( `% v$ I2 R
/ u/ c6 H d- S. j
; x7 q, M6 h, J* H* P' N; s! i
9、配置nova使用neutron服务
; L7 a: n: ?5 J- b/ h8 L4 c编辑/etc/nova/nova.conf,进行以下配置:; c0 F6 M# E: K5 W2 N5 `" c# C
' ]6 o! g; v/ {0 b4 {[neutron]
. n9 g: T; K, d# ...: |- L. o. L: L4 A2 j( v
auth_url = http://controller:5000; K$ T% L' @! l; u+ \
auth_type = password
$ |' W3 l) \7 l, oproject_domain_name = default, v( w' A! f. x" @4 o
user_domain_name = default& b P2 a* |, I: v/ q3 X
region_name = RegionOne5 \7 O, t. p# k; h) h. T
project_name = service% k. m# P% s6 |7 H) T
username = neutron
4 }: M, r: q( f; h/ ]password = 123456% A+ z( p6 \8 k* w$ A9 a
service_metadata_proxy = true- T% Z9 Q6 {9 \4 u. N; g) F" M6 m! W
metadata_proxy_shared_secret = 1234566 o0 |2 x6 ]( D1 @4 q! L) S
AI构建项目, h' F G% T4 K. U8 Q* h0 @
bash
4 Q$ C6 n- ], e% C7 p. A! m9 {如下图: O7 Q+ k8 u# x1 A$ i
7 ]1 b0 J6 D8 c* n, F5 h
2 c! X: y) k b" E% Q- u, X5 T8 q: Q/ Y+ B: J
10、收尾0 `: J, h& w" } |# o
创建软连接:4 I- ^& d, Z; a+ k
/ f) q y0 e* X$ E! v/ p# B# a
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini' P, h. U5 L( u+ {6 ~
AI构建项目9 z. t: N' a6 D6 d3 z$ E
bash! ~% {$ `, u# Y$ c. T% I: v$ o; N
同步数据库:7 e" \1 X+ P+ R# Z) ]
% c% s' K4 n4 X" osu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron) x) j1 s' X* d, e0 e
AI构建项目
, V6 ]( u. x' Z6 K& H+ qbash. C3 `- ~! ^; C8 o5 G4 r0 M
如下图:7 N5 H' {+ X& y9 [( |
& m+ C# D1 Z+ k- n& F; j9 H. c
* ]+ l3 p1 ~8 [2 | l4 X. m0 a$ }, Z# P7 R2 r7 k
重启nova-api:
: {+ a4 [; Y5 W6 Q
) i$ p1 i: t. `1 g4 o. ~6 C& {systemctl restart openstack-nova-api.service
' k$ V3 j& T! dAI构建项目
* Y& g/ F- T& t% J% d1 Abash# K+ j! M3 M4 t
设置开机自启,并启动服务:5 ]7 s/ }- K2 n! v& w2 j
9 I! V' J/ [) A# Dsystemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service" q; v1 Z5 ^: @& n8 p2 U
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service' D; L1 V7 a: S7 [
systemctl enable neutron-l3-agent.service2 n6 C6 X5 [; J! D( E
systemctl start neutron-l3-agent.service8 X8 [0 C+ I% m
AI构建项目
/ v2 r* t- _7 x4 D- b6 |bash6 i; G% [; n; ^
二、计算节点配置
" E3 M Z3 H7 B2 y" t; k, b2 H. M* T在计算节点完成以下操作。8 y) q' X* L. X$ F6 s- k- ~+ `0 t
" ^1 E6 `1 [* l- P6 J3 \ J
1、安装包
- c) E8 }6 {8 Z: q; o安装包:& R$ ~, ?$ p5 c7 X& p6 @
+ s4 f6 b; p- b* ]% N0 ryum install openstack-neutron-linuxbridge ebtables ipset -y- \1 a3 e3 x4 p. ^6 y6 F
AI构建项目: |1 D S. E6 M, U4 }1 ?
bash; E: R! ~8 p, Q
备份/etc/neutron/neutron.conf,删除其注释:
. f% c& u. w, h
6 ^8 k0 V' O5 [' [- a; Xmv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source* E3 [& o' P5 k" g( ?
cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf! ~6 D/ ?! `6 E) y
AI构建项目6 {* | h! `5 d! o
bash$ y# J! R# |. ]' a
编辑/etc/neutron/neutron.conf,进行如下配置:
8 ~8 N" O r% P& F; T$ a0 s: H4 C' t! z: b
[DEFAULT]
Z* d* i: \) A1 q# ...% f3 u1 [2 I" t& s, z b$ J
transport_url = rabbit://openstack:123456@controller
/ n9 x7 D# x3 Y& w; M# L L/ iauth_strategy = keystone
9 {7 Y. D) N4 |6 d% s) H! S7 q' y, g$ M ' {' k" I- _* I9 R- w6 L h
[keystone_authtoken]
& P+ g+ I+ g3 O& ~: G4 r6 n# ...* k; W* }9 [6 S- f0 x! t4 s; U* H
www_authenticate_uri = http://controller:50007 l7 i0 Y: \* D8 k
auth_url = http://controller:5000* {6 p& H1 ? `5 u R
memcached_servers = controller:112114 C' W9 Y& B! J
auth_type = password
' q+ s) ?1 j7 ]project_domain_name = default5 S2 M! }( M/ G# B4 h# U
user_domain_name = default
% s) `! U& Y- m3 W V9 iproject_name = service
. g$ R H6 F+ o; y& M) g& Susername = neutron+ T" n8 [. @1 O, b' I$ G6 c& M6 |* D5 v
password = 123456) X) ^2 W( F8 c9 [- E! [- o
K, e: q: d; t2 t5 W
[oslo_concurrency]
+ z/ {' g7 s: n8 R7 {' U0 x: [# ...
! A5 \" q; ~; S# B8 R7 K6 `lock_path = /var/lib/neutron/tmp
# n4 r/ n- M9 {( M1 Y# o; }- F8 BAI构建项目
4 k# Z( M, S8 l Cbash
& K& I) @( N% ?3 {& W2、配置linux网桥
1 J/ d; |0 b% `, z. ]& B2 w; O 备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:
+ Z% t7 \$ A! [ f c
* E" N2 i M% q/ o( F1 Fmv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source
: [1 e: ?$ W6 F7 H9 `8 p# ~cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini$ Y: {- ~, {4 G" u" W
AI构建项目3 P& r: S: l$ u, S' d+ e, X
bash2 U( c$ \6 e" G& C0 |
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):
6 E1 _2 \. {- n3 c8 d" t# D) h0 T4 I: I4 y
[linux_bridge]. J, C; V5 G, e2 P
physical_interface_mappings = provider:ens33/ b& L! {: t! r3 K( p8 I
e' O" R5 Y+ F. x[vxlan]7 T: y; d5 g7 X1 o5 Z, A
enable_vxlan = true# F# l1 t& e6 D( ]0 Q3 I: N& S3 h/ H) ^
local_ip = 10.0.0.31, D% o) O" M) `) m0 M! r4 [% u
l2_population = true
, ^2 r+ _: @& T. }' x& `. w7 h ' M- e4 T! b- U/ O
[securitygroup]
4 `1 B0 V) m- r3 f# D2 Y" g# ...2 F9 c, O+ y9 V
enable_security_group = true
5 [ c8 V$ ?6 k1 U: I: Z: dfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
p N+ E- s9 ?AI构建项目
" i7 ^6 t& a2 K, E5 o4 a7 [$ E+ Rbash
& H0 ^3 w0 t( }4 n修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:
6 X$ N: x; J0 a3 y, r9 m7 m' m% u* K/ U) q4 X2 f
net.bridge.bridge-nf-call-iptables = 1; v3 e$ z% }, n/ d; ?
net.bridge.bridge-nf-call-ip6tables = 1* b3 W" c" e/ {- b9 Y) E% S
AI构建项目
2 M2 V# ~. k. E# c9 K. |5 G( nbash/ F, P' b7 B- G1 C9 R6 w1 M& j
如下图:
; f. T3 W! d! x, t# p) a4 i% l) X
5 A1 ?6 j4 x! Y, {2 f% g% w2 k6 |: \* m1 I& X3 Y/ b: h) V
$ T# n7 n/ T$ }. S4 Y5 y* L5 w
添加网桥过滤器,并设置开机加载:
4 V& t1 ` o2 W9 n
+ |/ F6 F3 z# m, Bmodprobe br_netfilter
6 r8 X; a! b+ P" w8 s- W7 k9 Msysctl -p/ [ v! ~) o3 b$ Q7 d
sed -i '$amodprobe br_netfilter' /etc/rc.local
& R2 F: M1 x# u( s1 I0 Q1 f# oAI构建项目
2 b8 K6 d3 x: d, X& f6 L3 Bbash
" \/ U' F2 f0 w$ b) e如下图:1 Y4 u, A7 Y' G% v5 s- `3 ]
8 `) v4 s% ^' Y# H( o, D. J0 \! b8 w5 W5 V
+ P9 ]1 Y" F4 k! q: M3、配置nova使用neutron服务3 \& n& u+ ^7 R% o, s
编辑/etc/nova/nova.conf,进行以下配置:+ g* Q1 C% p V( A7 t
7 z3 i: C$ J) G: D: \% Y* c* E
[neutron]2 z; V6 Z }$ l$ j
# ...* @' K& @ Y1 R- {- V0 S
auth_url = http://controller:5000$ D. a6 e {4 f1 b, t6 J$ l
auth_type = password
7 V- s7 y3 W2 S- z8 @- U0 @3 Dproject_domain_name = default
5 B a5 u. l4 @& H1 ^user_domain_name = default
0 c( k1 h3 d. nregion_name = RegionOne d5 _4 ]5 A: Q3 h
project_name = service m- `0 v1 [' V P) _
username = neutron
! t5 o* F6 J. a2 [" Q8 h! M6 rpassword = 1234567 p) {5 h; I: g9 w4 |2 ]( W
AI构建项目" r% V; f; t0 W; m6 A/ Y
bash
0 |) I$ c: Q0 I( y0 e如下图:
l, e3 U( h5 J7 g( g. i" P6 d. p O, R, \# {3 z/ R* P, d2 e
' h/ F" v2 r; p4 c' ?
" r& I/ [: r7 h U$ B
4、收尾/ Y: H4 _) B* f: }
重启计算服务:! E7 f# J2 I7 S5 k
7 \8 L1 I$ B% B0 I; N+ Qsystemctl restart openstack-nova-compute.service% _! G8 i% d* F% I' p2 I& E
AI构建项目
- B3 f2 U, @1 z1 ?8 L, xbash
. G3 e- @: c! o7 `/ I9 ~设置网桥开机自启,并启动服务:. k! p5 i* y. s9 l9 T+ `
/ _! |+ I" ^1 w8 a
systemctl enable neutron-linuxbridge-agent.service
" S) O J. J. f. Wsystemctl start neutron-linuxbridge-agent.service1 F; F/ @, x2 p. z$ x7 E& Y
AI构建项目 u+ q5 K% S4 u
bash2 N& P6 `& }. v
三、验证
8 p* }( X9 _' }. n, l在控制节点使用如下命令验证:( [9 D# r% K9 T$ Y
$ [- H; }3 Z2 l
openstack network agent list1 @1 ~" }& q! M/ b, y, y6 R$ O
|
|
/4 
窥视卡
雷达卡
发表于 2025-12-18 11:08:33
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
