|
|
创建用户
- n0 E' l- L" M8 q- M/ f U D/ F9 E
( @& J& X- g: P
; W8 H$ Q$ ~8 |3 r" }/ _/ B' m
# openstack user create --domain default --project service --password Changeme_123 neutron 4 r. S; }$ \1 O9 O( y# @: j
* q% R4 Z: r' u( E: }赋予neutron用户admin权限
- L1 G: L) U/ g' s+ n' {' P5 V* ?6 ~2 h9 z0 [" ?! c8 V2 u
; W- Q- w3 U _9 }
% m! V) l$ V4 L- P# openstack role add --project service --user neutron admin4 a8 d/ t) b( g! K+ L. g1 n3 E
) K1 U2 N+ P, h# Y创建服务
8 H/ g3 K0 ^% B5 y. h- J
/ Z+ N$ E B( D+ |( y& V. g
7 B9 E; T6 g6 t! J7 o: N0 z- p, H# I" V& v W
# openstack service create --name neutron --description "OpenStack Networking service" network
- i) r/ W) I. g. |8 A# f! a' n( {/ `0 o7 r
定义controller的管理网IP8 |8 b& |/ @) Q D( Z
9 z( _' o9 r9 |, W. K1 a) r+ c/ T+ T5 E3 L% s3 a$ {' J8 n
& C% s, a. k5 L0 O; M- ~# export controller=172.16.8.501
8 {# T1 D4 x5 v# r$ u( v* d+ e9 e
0 O/ M! ~$ J X2 K7 r8 y创建endpoint
- K) x2 a! G0 V% X3 u9 p
8 P1 m: v! t5 t+ S$ o q' @' }( a; T$ `" A9 p; R4 b
8 G0 t; e! K# X$ [9 ]; _- c
# openstack endpoint create --region RegionOne network public http://$controller:9696 5 N0 U' s9 E; N+ g
5 i" |% s3 A, `# n. E" [' T8 @' c/ K( f% s; A( F
& T5 ]$ @ w8 h5 \8 F# openstack endpoint create --region RegionOne network internal http://$controller:9696
( n. U! o9 c3 T3 C7 V6 [! A
2 W& V+ F: X) [9 b9 o d
/ R. ^/ X. b4 W( a7 [2 n8 _2 V+ K$ \* t% w1 V
# openstack endpoint create --region RegionOne network admin http://$controller:9696 4 F3 c2 B( D5 ?4 H" p8 g3 ?2 d" _8 a
% V' o/ ]& K! l* A9 T
创建数据库和用户1 W$ l# ^; ^% k: O1 n" i7 e7 ^- D2 v
& v; `# m" E8 \: H7 {/ o5 U1 {, P$ G# F% L
& y: Y* M4 P4 [" I/ p
# mysql -u root -pChangeme_123
- x% I d+ m J$ ~MariaDB [(none)]> create database neutron; K; b& i P1 @% m" v F, e b
Query OK, 1 row affected (0.00 sec)
. Z5 ~) [! u2 v. {# O% Q1 cMariaDB [(none)]> grant all privileges on neutron.* to neutron@'localhost' identified by 'Changeme_123'; + [: a/ O6 I# H1 l( _5 c, ?
Query OK, 0 rows affected (0.00 sec)9 X% ~; h1 ~8 ^7 ]" X/ x
MariaDB [(none)]> grant all privileges on neutron.* to neutron@'%' identified by 'Changeme_123'; ) U ~: r9 n: x/ E5 X4 T" ]
Query OK, 0 rows affected (0.00 sec)
4 s0 X; e. E, w. WMariaDB [(none)]> flush privileges;
5 z4 x# C2 s, I8 ?* J# IQuery OK, 0 rows affected (0.00 sec)* t) ]3 j, h# U% M) V
MariaDB [(none)]> exit # B& b8 a: p- C: C! ~. G
Bye, D' \5 L$ d ~+ i( ^9 M& R& O
$ u$ g: a8 Q* P8 Y安装rpm包+ q: r7 _9 g) g9 q
' Z2 T6 Z! ?9 |. n' E$ ~- D2 t9 g
1 R1 A. f/ ]( [& u$ c" k( g" l3 Q) X4 D% |1 ?
# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
. ]9 s- C" h6 I7 u# \) F% k5 n+ T+ Z+ U* m9 W
修改配置文件
: E$ Y6 Y, S7 G* ]8 i4 U+ [' h1 p: r* e8 A6 ?8 ?7 o5 \
& S( t/ O! I# G' a
2 R3 l- U3 W/ P# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org
) ?; x1 f5 Z+ Z8 V% V# D' a# vi /etc/neutron/neutron.conf
- d8 n( }& H8 `8 L; B[DEFAULT]5 A. A/ T0 {. S, J5 x' _
bind_host = 172.16.8.606 z% ^; M6 o7 m/ p9 ?! r! J: N
bind_port = 96965 Q9 I9 d6 v9 d$ ?: ` E
l3_ha = True; j- M8 L+ M& z9 H* {' E" a
max_l3_agents_per_router = 0 b% W+ g& K6 l. n, u% X. I
min_l3_agents_per_router = 2
a2 ^2 K9 F+ ycore_plugin = ml2/ `. G, c2 y! D/ W: x# s: X$ _& X
service_plugins = router' ?; b+ ?( n v1 o0 d7 P6 y' C5 b/ Y
auth_strategy = keystone
8 V4 c, c& T0 \8 N3 |' zstate_path = /var/lib/neutron
" u0 x: \- H3 ~ i! h# }5 fdhcp_agent_notification = True( e u* B( o4 t; k9 C' y2 }! e
allow_overlapping_ips = True6 M9 P) m* r5 a& p' E/ h
notify_nova_on_port_status_changes = True) x$ l, W" Y; c3 n$ ^( V! j
notify_nova_on_port_data_changes = True
2 j0 g( T% M: C( p) y% F6 i6 J# RabbitMQ connection info( Y/ w& j) H' ?' Y& D6 N
transport_url = rabbit://openstack:Changeme_123@172.16.8.501 `9 a2 C, c$ F: `
, R0 N. {) B& H1 [! g2 j# Keystone auth info
& ~- @6 P9 p+ c& L4 ]$ ?. }4 g[keystone_authtoken]- ~) [& Y% d2 ]* L
auth_uri = http://172.16.8.50:5000
/ H( N M- t6 C" W- V" [auth_url = http://172.16.8.50:35357" W# P% K1 S8 a0 t2 C
memcached_servers = node1:11211,node2:11211,node3:112110 l- k+ S' w' s
auth_type = password
F0 {8 m5 p$ D$ R, wproject_domain_name = default
1 T- c- _* k( ]; l% ]# _user_domain_name = default0 o+ D" z% R, A1 Y8 ^0 V: ~' \
project_name = service
) U% f% f& x# d, h: \username = neutron$ B" }* P: U& |
password = Changeme_1231 R6 w% e1 ^5 f' e+ C* E" B
3 H" g* T- \/ L9 P
# MariaDB connection info, P' J% N4 a1 k/ P# n
[database]
) K1 F+ I1 q0 K+ Bconnection = mysql+pymysql://neutron:Changeme_123@172.16.8.50/neutron
: i/ p3 ~7 f$ k! D) u% a0 ~7 d7 c* t( Q# ?; g
# Nova connection info( _- X/ e2 p# U3 M
[nova]
* ] @/ P6 b d9 E; h! iauth_url = http://172.16.8.50:35357# t7 c) `( m/ Y5 m0 f
auth_type = password
6 y2 h: M# u- w( Mproject_domain_name = default' }$ u' Z2 N# I
user_domain_name = default7 a3 q5 L8 o- k7 F, r5 r
region_name = RegionOne$ }4 ~7 S' M' x5 A" j7 ?& }/ B( {
project_name = service
) T' s+ x3 S" ~; Z' Tusername = nova9 |2 f. W+ L7 d& w! q5 ? r5 A
password = Changeme_123& S; K- } j- Q1 |: n( K
; a# d% b* ?% b5 ~' }9 |[oslo_concurrency]
0 l4 z* j% E4 r5 q4 b# Llock_path = $state_path/tmp
- O9 [" r% E$ a) T" u5 @1 m
* H, ~2 w" u" J$ i, j; w* R赋予权限
; D) @$ S6 _; d j5 ]4 X9 g
" t' }! x& ] m* N6 P* \4 c0 A g: V; t# i
2 Z& F5 @' W* f3 q* S! t4 K! g4 Q
# chmod 640 /etc/neutron/neutron.conf 0 E2 u9 w# A4 [. y' R
# chgrp neutron /etc/neutron/neutron.conf - x/ c+ F/ I% i) j- F. I
* k" c# V4 L, N: V: l& F; [1 B
修改配置文件
# k/ O2 _$ C) Z0 g; z1 r& q; `/ |8 x8 W4 G O0 g* m; V0 {) o
|, F: C9 F8 G0 l6 [6 B6 f
. b' Y+ N/ b# Y, t) O# cp -a /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak
% U9 ] C: y- [* z$ |openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 172.16.8.60
' a: n [( v; Y5 ~* kopenstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret Changeme_123
: d1 a1 m) n2 K* T8 x9 Y1 }2 Fopenstack-config --set /etc/neutron/metadata_agent.ini cache memcache_servers node1:11211,node2:11211,node3:11211
" u) l. h7 M. @( d9 [ q
; n9 _0 q0 @$ K4 E' x# u; Y1 N注意:修改节点的IP
2 e( D% i. B9 R& G6 |" C) Q
9 n4 F! f. e; z( m. ]& k9 s+ `修改配置文件% R! Y) ~. N7 d$ @" u7 o, N5 Y% c
3 y8 y# U; t. p
# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak# a4 I7 x( f# Y8 Z
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,gre,vxlan
: _" w$ ?+ p% L' K. \6 ~, I0 \6 {openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types4 |5 Y! m d( @, c+ P% N+ }. q
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population - s9 I7 S7 y9 ^- I
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security7 \3 |+ [9 c- q# S6 |5 s3 M
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver- G2 k. `( e! r2 y; w
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
6 \$ L8 ]2 r* N9 V a5 a$ |openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
2 U' r! ~+ R8 Q( \" b7 V3 Z r- L; C) g2 d" e4 }3 n' T7 {
修改配置文件/etc/nova/nova.conf6 j: N A# A2 S* C+ R# [5 t
1 Y' z$ e! I; h& V4 @+ Q e0 q( Y' O9 ^3 s" Q' c
( J9 B F& N2 m6 @ w- ?7 H, Z
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True# A. r2 ?* l( k# n5 {
openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
! t" }* @. J% {3 @: o$ J- ^( `openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
$ F# g- X K' @( [4 |) f. c( Hopenstack-config --set /etc/nova/nova.conf neutron url http://172.16.8.50:9696
. V* o, z! W! h+ q. b; popenstack-config --set /etc/nova/nova.conf neutron auth_url http://172.16.8.50:35357
/ C: Q! m, G; d; H% q1 Jopenstack-config --set /etc/nova/nova.conf neutron auth_type password
, i2 b6 Q5 H; k( Q' `openstack-config --set /etc/nova/nova.conf neutron project_domain_name default ! l4 [4 X) E' K% E; F1 r
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default8 z1 Z7 u( y6 B: k, t
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
; v& ~ L, r5 a- p M& d4 xopenstack-config --set /etc/nova/nova.conf neutron project_name service4 H" Z! {8 W! \5 c* y
openstack-config --set /etc/nova/nova.conf neutron username neutron
1 z* X0 C, D1 ^7 U, H3 ?: sopenstack-config --set /etc/nova/nova.conf neutron password Changeme_1232 W; E3 T% z! d$ x' q
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
5 _7 \! v3 }: F* }/ W1 C4 W2 u- J Zopenstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret Changeme_123
/ O) q6 u6 P8 t" R. C) ?& _: Y+ M2 {( _! U; h3 Z3 w6 k+ ^
创建软连接
( i, P6 B6 c: K. L$ f" G( {
$ _# W* ` S2 Y) M. L* F/ Z. t S4 L8 l9 `9 N8 F
[7 J* F. E8 d! F! f) h! c. M- j# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini 4 B) ~1 ~2 n9 w- H) X- j" j
[ p5 D" ^8 |) k+ L K5 v+ g0 e同步数据库5 W& _ Z) k. j/ Y
) m( D! q( q( Z( U7 `9 G
$ O% f* H1 @% S5 N a& Z/ W
% U. B; Q y; c$ z6 r0 [; M# su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head" * W: `+ O& d! l Z" n f+ c
3 `" i8 A8 i3 \$ H0 N启动neutron服务
% L. _9 n# h7 A' X" R& _: j
( K1 \" @$ V) m- w' l
' T2 J9 V- K- r* N4 u$ c
9 ]! B: F/ a |% }, r9 d: k# systemctl start neutron-server neutron-metadata-agent 3 Y$ }, ?( c9 N$ ]% i
% I5 A9 ?) n# ~$ m( k
6 }" c4 q1 n5 E8 r, [; E) Y. ~
+ H p7 ?9 t' A1 }% S* O# systemctl enable neutron-server neutron-metadata-agent / ^, {/ w$ E4 N$ n6 i5 [
. j0 u5 }9 R1 u/ Y( _. S" O
重启openstack-nova-api 6 w' W/ N4 T6 V+ J
: {% S7 ?) c% S7 L, ?
" x2 k6 Y0 D+ S4 P7 O4 u3 f0 J
) m' D* S( L/ X8 D! h# systemctl restart openstack-nova-api
7 |6 U5 [0 _- P5 z# \" L P: V
3 I/ S- _1 k9 D3 q* X% U& [修改配置文件/etc/neutron/l3_agent.ini6 q3 F( ?' {" b8 T& i/ @
# r& I: K( y% r3 [5 q" x; i0 }2 ~4 z
$ K; \" O. Q. p, ]) d! S5 {" x* G& _( ~
# cp -a /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak
" n0 e& t* H1 Q7 ]
- }, a( v4 Q7 r' D3 R: a
6 {8 j" W4 \" G# y
$ `" M0 X& b+ J$ V7 `# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver6 W- X- S( C1 \& A! r+ m
4 H. N! ~' \+ w" p4 w修改配置文件/etc/neutron/dhcp_agent.ini
4 A1 a3 D3 i8 f7 q
+ {- K) w5 h9 c1 c% L+ Q6 G8 W. [ ~" J
6 }# x7 q6 q# r- a9 |1 P5 c; A
# cp -a /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak
8 |$ Y9 K" \: K, W8 s$ A. m+ l7 Jopenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
( P2 Q# Y/ w6 _0 C H( Hopenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
. m& x5 m) U- ?/ G4 f2 nopenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
, o7 M' I+ P* |4 j
+ [) h! W0 M4 P启动服务8 }) G* \. T% [7 R# x* H
) C: m7 c" V4 |% l- Z
h; k" ]& ~$ s/ I- k
1 M$ o# ?* O+ e) O0 [, m# systemctl start openvswitch
5 _ e, A8 ]5 l. ?4 O' C8 a) Z# systemctl enable openvswitch * }1 T, E4 w8 ?. {# F
" O2 }' l/ i) G; I Y" {0 v- [
创建网桥 {' a9 f$ [+ R' C3 u
' v# M1 S: q5 r; A7 V$ D
: H4 h7 @. K& ~% r
j5 L( Q% }4 r" i' S" l8 |# ovs-vsctl add-br br-int 1 d. o/ u; b; R( d" }) z9 A
: b: G, Q4 h1 Z! h( S0 _
启动服务并设置开机启动
6 K( t9 |' V8 @% t a- T: p% Q) J* J# \2 |! k# \7 K0 p
k9 Y5 _+ R! @. ~+ n# D
& R6 R. O/ q7 p, `6 j! g# for service in dhcp-agent l3-agent metadata-agent openvswitch-agent; do
' k! S; Z& |$ G" Zsystemctl restart neutron-$service
7 v( f* l. e. ]3 g9 dsystemctl enable neutron-$service. w$ N* u( z) f- ?
done
7 W6 u$ x4 D( T- Q' d0 A: o1 L
2 v) j5 d3 S, P' x! R |
|
发表于 2018-9-26 09:53:44