|
|
创建用户
9 l8 v9 N) V7 h& ^! a" P2 h* U! y* h( W9 W9 P
) E8 V. N$ ?% a: c
8 x( V% m1 ?8 S' k( N+ o
# openstack user create --domain default --project service --password Changeme_123 neutron 2 t; r# k9 _ ^9 R; h2 I
1 a6 s7 {# v( f& w: h9 O" t赋予neutron用户admin权限
3 D- Q- U8 B6 S- e" H
1 P2 a) N# T" x
2 F0 W0 z& t7 L) H8 g; w/ {/ V" _2 M* O( }
# openstack role add --project service --user neutron admin
0 z8 C" D9 F. \: m9 G6 M: A2 D# k5 K0 j ^9 @5 E& R9 t
创建服务! Z1 {% ^2 F0 {8 b+ A7 W; h! T/ ~1 G
' M% q7 ]$ A; e& P* w- b
+ `7 e9 ?6 j& B, {9 |5 ^6 g O- h
6 B- f% c" |" F# openstack service create --name neutron --description "OpenStack Networking service" network
0 @6 Z! K# E1 ~6 p) r8 j7 D0 B- e3 \$ f. n$ b8 J/ j1 a5 S. K7 ~ `
定义controller的管理网IP) m# O2 i" H, v6 X! w2 Z
# h: a$ U U/ Y% S7 b: P% j0 O: M
, `8 f8 E" T, L% T: U1 K/ i3 U' }
) ]* J8 ~% Z: P! ]" u1 M) P# export controller=172.16.8.501
) |8 \& w F+ L+ D" h8 H% \5 s, ^- T# e* K6 |
创建endpoint% Z" F' d' V7 n6 m
- J& J+ u/ s4 f4 U
^# Y& ?7 ]. b5 i
) X/ m4 o9 [5 n: L# openstack endpoint create --region RegionOne network public http://$controller:9696
3 x% o2 X" }* ]8 B7 s1 \! Y8 F0 N- S6 [/ I1 V9 \
1 n1 v3 h& g+ Z% n$ s
* G9 @6 }0 K0 z" ?7 W
# openstack endpoint create --region RegionOne network internal http://$controller:9696
( g+ F. e/ v0 ~7 c. J3 n: {$ a0 Q9 D" L/ k
7 N4 ]0 l7 G; }; d0 T
6 T0 E+ x G* j' _( m+ u# openstack endpoint create --region RegionOne network admin http://$controller:9696
. u/ r1 z' Y; z" K% L2 \. B7 b S% j% W0 [) y
创建数据库和用户+ l% o9 b2 ~: D# [3 ~: [1 i
. R, b( ^. w, ?
- N7 T, j1 }; V5 X
+ ~' {- O4 F( B& G( f; l, [# mysql -u root -pChangeme_123 6 K2 ^( v* L7 ~- d
MariaDB [(none)]> create database neutron;
4 p, s# z( F+ x2 H1 I0 kQuery OK, 1 row affected (0.00 sec)0 ]2 p6 e1 d1 f, ]0 x( `
MariaDB [(none)]> grant all privileges on neutron.* to neutron@'localhost' identified by 'Changeme_123';
) j0 Y8 I N( @! m* SQuery OK, 0 rows affected (0.00 sec)
( B& H# b. t) I2 cMariaDB [(none)]> grant all privileges on neutron.* to neutron@'%' identified by 'Changeme_123'; 2 U3 q0 H U% @1 j: A( w
Query OK, 0 rows affected (0.00 sec)
" E5 s7 n% U$ Q1 K6 O9 GMariaDB [(none)]> flush privileges; - }# l( Q, ]# P- _
Query OK, 0 rows affected (0.00 sec)
7 o( c% ?7 L1 q' [MariaDB [(none)]> exit 7 Q/ R1 x2 z) j- ~1 y/ l
Bye, F& L; ?( ~; @% |/ b
/ N3 _- _6 M/ C安装rpm包4 B+ J0 h6 f8 d( w% s7 Z, B0 w: W
6 a1 G4 l& V9 r
0 {4 V, ~1 B+ G% L
: V# p7 h9 U. `! {6 H2 ^# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch$ x- ~- s7 L% h0 _& m8 W1 W
, y1 V1 f: b! R! w; x5 E* z( A修改配置文件
|/ [5 R/ h' I( l/ K. L7 O3 u9 `. t% o
8 K1 @% f9 [; G0 S: J" V8 \
! V! j# m5 F6 ~3 f2 d# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org
( s9 l+ [& f" I2 P4 w9 p- H# vi /etc/neutron/neutron.conf2 R+ ~* p5 H! K0 y# \
[DEFAULT]
5 g# M+ M- H/ Z! |bind_host = 172.16.8.609 F+ J! E" c! @: ^+ o# q
bind_port = 9696
0 L% T3 {4 y y: K% Hl3_ha = True, w0 L3 ~* u& f5 ^* {9 L- F
max_l3_agents_per_router = 0. U, Z3 {/ P/ _8 L
min_l3_agents_per_router = 2
6 ]* b' I3 d# l) m! g8 Lcore_plugin = ml29 B% c6 l' L; a+ L: G- r9 _
service_plugins = router
. f# j$ F+ L* g& K# @# Mauth_strategy = keystone- N( V3 d* ^6 D# A! @7 @
state_path = /var/lib/neutron
4 N5 f5 ~9 [- _dhcp_agent_notification = True
7 R8 k1 Y# N: c. Callow_overlapping_ips = True, b/ r: v3 z% j6 V- ~
notify_nova_on_port_status_changes = True- v% I( l, k7 R. H8 N
notify_nova_on_port_data_changes = True* b1 q1 e/ D7 ^$ l
# RabbitMQ connection info
; T$ N4 n( Z2 q3 {, L+ @" h) }transport_url = rabbit://openstack:Changeme_123@172.16.8.50
# D' k$ ~4 {) I
8 n7 S! O3 g, x% o* d8 }# Keystone auth info
4 J. n" i3 b6 i; s% o0 e; d[keystone_authtoken]( c0 @0 F1 e9 Y2 g( v/ V9 I) l
auth_uri = http://172.16.8.50:5000
2 L/ _% }5 P# U. X( Iauth_url = http://172.16.8.50:353574 Q5 J/ b, w. Q
memcached_servers = node1:11211,node2:11211,node3:11211
5 Y9 [ R; s1 M0 s( m+ u9 aauth_type = password2 ?1 k" D) s) D) X, f& O, d% N/ S; K
project_domain_name = default
( _* D$ [% F6 h: L3 b! K8 @user_domain_name = default9 R8 k6 y, B) F& Y+ {2 K" Q
project_name = service- H, P- [8 M/ Y
username = neutron
7 g$ f/ w" _) _ o8 R3 G, ypassword = Changeme_123/ g3 [4 W4 p/ P/ R/ q1 w5 f
& }/ g# S- R0 _; @5 s; M
# MariaDB connection info
5 ~2 @) Z G- Z[database]
) {; r1 y1 H0 @5 Tconnection = mysql+pymysql://neutron:Changeme_123@172.16.8.50/neutron, B9 ]8 L8 g1 I. ^& M& M8 U- j
" }1 u3 K; r- i- ~
# Nova connection info
, {! s. m R1 {8 M U2 j1 ][nova]
, | M4 U& s3 \- Qauth_url = http://172.16.8.50:35357$ u2 v6 V7 M. g! j
auth_type = password
$ H$ a9 L+ t4 u1 U! H' F3 P( Gproject_domain_name = default! S2 g- O( Q$ d9 [
user_domain_name = default
8 R. W- r3 O& p8 ^; Lregion_name = RegionOne
7 }7 ?# E# T4 s' j8 @4 A5 | Q7 uproject_name = service
! [, V; Y; y0 h, Jusername = nova
# {' ~ h; w1 X! ?0 i fpassword = Changeme_123
& k7 P3 j2 d7 }! d8 J5 T3 M% S" I c3 }( d+ E
[oslo_concurrency]% H9 {4 @' P# u O, F' U
lock_path = $state_path/tmp
: u# v$ `# o1 R( n4 y( Q8 D' Z0 M# r
赋予权限
* b, k- p7 b- b+ ^# p* T/ c7 N% v" |" p7 ?$ I! ?9 p4 u9 u
( b/ |7 k+ \- w3 [% r6 \! T7 U, ?* k; [
# chmod 640 /etc/neutron/neutron.conf & `8 Q4 @' A. H% q6 G8 X
# chgrp neutron /etc/neutron/neutron.conf m# S8 t: P i/ M# X, a) A
# v+ q2 h p* ]' R& g2 y修改配置文件- D4 K, X' G1 |8 w; T
/ ]- a* j6 i$ O i
4 }7 b* p8 V! O* J0 F0 M1 G9 d9 C w/ ?7 r" Z0 y* P: E
# cp -a /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak$ ^/ b8 w) u+ H
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 172.16.8.60
6 m# k1 H, B3 _' Vopenstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret Changeme_123 ' |# q# `6 I* j& z
openstack-config --set /etc/neutron/metadata_agent.ini cache memcache_servers node1:11211,node2:11211,node3:11211# o/ U- z. i& E% d' b1 m h
$ `, F" Y- N c9 n8 O注意:修改节点的IP
D3 ?# ]2 ~& X$ h; ^/ [7 X! i3 v% k$ r) k1 G2 H5 d* g: t% m7 D% h
修改配置文件
/ W. S1 B' j/ c7 e) R* x& I$ P) G" r, w
# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak
& V. F: b6 |4 I L+ Fopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,gre,vxlan
% H& ?% A; g* o* iopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types) F4 N1 S* V4 u$ W( i
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population
; d5 V3 ], C8 h: }9 O3 h* Xopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security2 F( K$ ~) u$ @. x" Y
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver; w# K# J2 Z, L9 N7 N( J
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True 9 V) A O* m/ w& G, ~( T8 M# M
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True: K' N& G' |% ?2 Z2 W2 K
" u4 O- t( k& m; J; P
修改配置文件/etc/nova/nova.conf
q2 ]$ a, K6 i% A
7 D4 d' U- F% n2 S* `. i2 x/ A3 h3 \) K2 Y( p4 v7 o
, B- y1 b; b5 p
openstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True- K1 ?; _* \9 K; [3 O
openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
+ W# C2 j' o# W* ]. Copenstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
1 f! u2 u/ m5 d7 @7 Nopenstack-config --set /etc/nova/nova.conf neutron url http://172.16.8.50:9696# W& Q' ?% Q6 h
openstack-config --set /etc/nova/nova.conf neutron auth_url http://172.16.8.50:35357# J/ E( d) y, @3 t
openstack-config --set /etc/nova/nova.conf neutron auth_type password. z* D. t7 Z) X9 N/ h
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
1 T' O; T: n9 \; Xopenstack-config --set /etc/nova/nova.conf neutron user_domain_name default
; N/ L+ }: K$ Wopenstack-config --set /etc/nova/nova.conf neutron region_name RegionOne+ C1 G; R/ i, Q1 t, W+ O
openstack-config --set /etc/nova/nova.conf neutron project_name service' ?7 {5 ]- P9 H7 D' _+ n5 d
openstack-config --set /etc/nova/nova.conf neutron username neutron- p, Y5 ^) g$ N: b$ q: k
openstack-config --set /etc/nova/nova.conf neutron password Changeme_123
) q6 _" d) n; d" Xopenstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True9 B; V* s9 z8 g* P% A
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret Changeme_123* f6 u5 o6 Q& N+ S4 g6 J' s* F
' R( x% `6 |+ F, \1 } B4 E创建软连接
6 N! U, ?# a" l- ~( E# C& K \- _$ |/ b t' \6 u* s
5 h0 z8 J* |5 E8 v, N
0 u1 w6 f D0 N' n# c. R+ n0 f# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini * S$ y# C. O" o! C8 V b1 m
& g l2 b! R( x; ^
同步数据库
* C; v4 v' l2 J: ?
$ @' N Q- ?0 l4 X3 N& a5 B! z' Q3 G( T! I, B, V8 I4 W$ [
4 W- m5 @+ E7 t2 W% ?
# su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head" 6 ^' c: U7 D% A. n U
4 K6 R- t8 e9 I9 C1 g( F# t启动neutron服务6 S, l" S8 j+ s4 f
" C* d$ O1 C' M9 {8 x4 ]
9 _. B& D7 r5 {7 e3 x ~( k6 O/ T/ T# B& ~$ v) @2 W; L/ C( Q; q/ C
# systemctl start neutron-server neutron-metadata-agent 7 {5 d$ m4 o. a k/ k) W
) n6 z* w a! l" Y1 J
6 W& |& {7 B4 J$ y1 h3 M( i( h+ @
2 y, }! o! @& r# @& H
# systemctl enable neutron-server neutron-metadata-agent ( r( f# P* e7 R; Y0 ]: ]
' ]. S: D" k7 L8 p; C! U
重启openstack-nova-api ! u- W# E# X+ M) @& G) C; ?
/ L4 P, L |5 u
7 a$ B; E$ r) L$ Q$ Y. {
8 }# @' U; j* v, r! J# systemctl restart openstack-nova-api! W- ?' d- c \+ |1 c2 R5 z
' M8 Y9 M* Z4 D1 |( N, }
修改配置文件/etc/neutron/l3_agent.ini; d3 K* _9 g; y
t K, A1 y |+ r
6 l$ u) T5 D4 \& }2 r% E# x
5 ]$ Q* m9 i Q& _% c' y# cp -a /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak
/ K. ^1 V; l3 V: D- k) s+ I
& l* g. s6 a# T1 H6 f
* U. }0 k0 Q) k
* f3 u( B$ h! [0 F: e5 Q# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver* x: X% |8 s$ V
9 ]& k/ \% M* ], T
修改配置文件/etc/neutron/dhcp_agent.ini
# q0 h# j1 D4 e9 h4 ^, V0 m9 i6 Q* r$ ^3 E% B; C
' m- y' m- |& U7 P5 H" z& n" T4 A" D# |, v) F0 }
# cp -a /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak
7 B7 T7 T3 k V7 ]' c* C: Popenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver1 q9 j1 S- f* j9 g
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq7 D9 u! t8 C, S( O' `# B
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True( W$ K7 z2 N( g% H% R% b8 O
5 r% d& b2 E$ X7 X; C: j
启动服务. X7 g# `5 N% }# S, e' O) Y
" m6 ~$ R0 S8 Z7 b; `9 t% h% r
4 [1 T3 x8 m$ q! R( r8 [, H3 N, L
2 b' ~- K8 x4 Y2 z, k/ X# systemctl start openvswitch # q" P# S, A1 m5 h5 e! B
# systemctl enable openvswitch
! D. `8 | a9 O, O# s) `! t9 ]: n& [& B
创建网桥
8 f2 Y$ u5 F `; Q. b
: R1 g. r1 W1 ^) C! q0 U+ L5 V: E5 a* j2 D
7 b" e' m/ g) }9 i$ E( x
# ovs-vsctl add-br br-int + _0 k, m D) g6 C y
- r( ^9 Y1 X- \( N3 g4 y7 k3 l启动服务并设置开机启动; M+ g# v( @: u: [2 s
$ ~8 W7 D" z+ N* z3 g) [7 x
) C, Z9 ]' `/ }" x8 J9 L1 i3 L5 l( k6 q; ~" }
# for service in dhcp-agent l3-agent metadata-agent openvswitch-agent; do; H: d: F. H9 P) h
systemctl restart neutron-$service4 v6 j) m6 k( l# T& e
systemctl enable neutron-$service( M& o! B9 e: Y& R+ t
done ) ~4 c! q3 O; C- b5 C6 y& R! B
# J5 j; t$ S4 ^ j0 Z. v2 o |
|
发表于 2018-9-26 09:53:44