|
|
创建用户7 s3 |2 @5 e8 T8 t
+ I. f# P5 M. V1 h
K! B! N' g4 S
- \; w+ O }( i8 ]# openstack user create --domain default --project service --password Changeme_123 neutron 2 w( E1 J, @) v. t! _( [
. X6 `% o8 q; c/ d4 m* u
赋予neutron用户admin权限
1 J3 |6 G7 U+ L) t: o: C1 v: E% x2 |# M
0 P+ X) e2 N% H& j8 v# W; J3 o; ^2 ?: ^
# openstack role add --project service --user neutron admin
# ~2 O# V3 q5 R, B
' m% T! X9 X; d( M创建服务1 j# C3 o* T/ H' o& M
3 Q! V6 n3 ]. ~" i1 S
0 L) f, x4 B6 i2 O* q8 ]
$ l9 Y u, B) f' {2 x9 G+ ^% u& @
# openstack service create --name neutron --description "OpenStack Networking service" network ) F( H& e2 J" |) C0 X" w
+ w9 w! N9 ?$ n8 r定义controller的管理网IP
/ [$ D! ~4 d* u! M& u# x2 J0 P$ c$ [2 C, @0 o
6 Z( m2 Z" G" K$ ^2 E' C6 [
4 Y w! u: }% N: a( f# O8 E0 V# export controller=172.16.8.5013 j- b! U! N% D3 f% g1 Q- A
" X3 y+ A( O' G$ s, Q" C0 |" k
创建endpoint
6 [, K/ `$ g- d' m3 ^; O9 ^" B) _- X' F6 v
1 b ?: @! ^8 x
9 W, y0 }$ [/ b" B4 @. J
# openstack endpoint create --region RegionOne network public http://$controller:9696 1 v1 C# L( m [& r: \. O
, Z# A- ^1 t8 m2 z/ P5 z3 b! h8 R
( K$ n) @/ @- { _0 n1 Y2 s: l, p, G
# openstack endpoint create --region RegionOne network internal http://$controller:9696
! g/ E* P7 e l, E f1 c' x* }
' H+ d J& c6 p+ z
( m. j; p* e+ D3 H A4 Z- r3 `; R! b) U: W4 X+ I7 P; N* i
# openstack endpoint create --region RegionOne network admin http://$controller:9696 9 s; K. L& M& @% ]- @
' E6 g- f1 R# y/ g( a! i- o4 n创建数据库和用户! M/ I: V% d+ i3 w/ K
% B# Y3 ?% A. R
& V1 M% O% K+ C6 T+ H& T, S H8 m7 g( e+ e6 a; D
# mysql -u root -pChangeme_123
; n4 Q* C# E/ c1 R) p/ u/ ]9 @" rMariaDB [(none)]> create database neutron; ) j, L! ^" z7 v1 b1 J+ r3 P! Q x2 v
Query OK, 1 row affected (0.00 sec)6 Z6 ?! r* S) h8 z
MariaDB [(none)]> grant all privileges on neutron.* to neutron@'localhost' identified by 'Changeme_123';
9 e$ q' E) {4 F7 n: sQuery OK, 0 rows affected (0.00 sec)
* Z( l. }& I z5 uMariaDB [(none)]> grant all privileges on neutron.* to neutron@'%' identified by 'Changeme_123'; 1 r/ n/ T. k! ]5 N+ Q) B" L. ?3 x
Query OK, 0 rows affected (0.00 sec)
( Y2 U, I/ x2 F3 hMariaDB [(none)]> flush privileges;
, j2 k/ z9 O- t2 G8 B! CQuery OK, 0 rows affected (0.00 sec)) i6 j8 X4 Z+ w& Y% q% s2 z
MariaDB [(none)]> exit
) S& D# m8 i" j' @" u/ r; k2 nBye! v+ V |" |% f) O. g, Y
4 K% L- [+ Y g$ O4 l
安装rpm包: N7 h" C2 Q& t4 p
, G' P2 S2 U2 W1 z& M- c
5 J+ }6 ?( V1 s; ^
7 r: R% ~7 W# F* K) k, O0 Y( x& G# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch' d l# j% k8 Q t
, m x' _5 J+ B2 @2 j
修改配置文件* q) s: d/ m: N. j3 y
1 x e8 u' O' S% r7 r; L1 q
- V9 \5 n( v+ C
' U& M% t* ^3 s; ^) u! W- {3 o# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org
4 O' x5 a9 C" L/ p# vi /etc/neutron/neutron.conf
0 \2 f* U Q! `, I' f1 |2 a. y[DEFAULT]
! P9 n x t" R: u: r' ~5 Obind_host = 172.16.8.60
! Z5 f. N8 k( K; \# E# O# C \2 fbind_port = 9696
6 i5 o/ }6 [: f$ `' \/ x: bl3_ha = True& ^- E0 g2 o& g( }- k- o; ]/ j2 T7 q
max_l3_agents_per_router = 0
+ g2 G& o& w3 O, [. x8 smin_l3_agents_per_router = 2
$ Z- ]; k, g" Y; |# _. I" O" {core_plugin = ml2
* Q$ B" k$ V% }service_plugins = router1 i( i* a/ b$ [6 V, r6 r
auth_strategy = keystone: X! w) ]; B4 c* f* u/ g
state_path = /var/lib/neutron
) I' x7 |4 a; ^- X: odhcp_agent_notification = True) g8 K6 ~6 e& D, s/ t6 ~9 G2 _; ]
allow_overlapping_ips = True4 v% B* \, ~) x
notify_nova_on_port_status_changes = True. j) @' ~! x Y; J* P
notify_nova_on_port_data_changes = True* `: s; S# ~, o) N1 R3 T2 q" y3 T
# RabbitMQ connection info7 J! p2 D5 E# o) f/ p- p1 n
transport_url = rabbit://openstack:Changeme_123@172.16.8.50
9 N/ w! ~9 U/ U6 \; B& Z7 h
L5 A7 U8 G! |% w3 y5 K# Keystone auth info
! T3 `& d3 W, Q! E8 @$ l[keystone_authtoken]: {+ N0 k% U* Q3 W% f1 p
auth_uri = http://172.16.8.50:50001 |$ B* d# V7 W- C
auth_url = http://172.16.8.50:35357" u% E# _6 f1 j1 j% m. u0 A9 l
memcached_servers = node1:11211,node2:11211,node3:11211
% i! D8 M3 G0 R4 S% vauth_type = password' Z2 z: C1 _6 ~9 Y* I
project_domain_name = default
( |0 H- c; ]; d6 ^: G) i9 @; Muser_domain_name = default
/ X: N' Y. H% a0 r8 Uproject_name = service/ ^ x8 V( O8 r- I! j# i8 H
username = neutron0 S9 c# G. g/ S* b. @+ g# ?
password = Changeme_1238 p1 Y- ?6 R) V
2 @' b e0 y, \$ G7 f# MariaDB connection info8 ?' j9 a8 c+ W' f
[database]0 C" I" ]: z9 q# n% {
connection = mysql+pymysql://neutron:Changeme_123@172.16.8.50/neutron
# m% b8 Q" a% d, M+ c; E
- S, i U. \& h$ w0 u6 c4 l/ D- k# Nova connection info
9 A0 D% K3 y" d( b! p- g; w+ L[nova]) x0 r/ W0 X8 z( i6 A& }' Z
auth_url = http://172.16.8.50:35357
: }% k7 y# A. ]5 A% g( e3 yauth_type = password/ g% l, n [1 I! U$ t( J; @% }
project_domain_name = default
O2 |) ?& ~1 q' M! j1 uuser_domain_name = default
! X$ b5 [1 f6 T$ n0 ] Uregion_name = RegionOne
+ d$ _2 T# v. ~1 k3 w- _1 b% s' eproject_name = service, c. |& k9 |9 O) ~1 e" E# @
username = nova
; o3 x. V8 S6 |% u2 y+ p, @: r% lpassword = Changeme_123
5 H Y: ?* U, ~( P: Q( S% r* v6 }1 @; O
[oslo_concurrency]# A2 u& b& H! M: m8 Q1 e
lock_path = $state_path/tmp
3 n) N# ^8 c! v' w6 A" x+ B; O$ O9 n" @5 I( R( \, E
赋予权限
! G( B: A1 \& @9 m7 B/ @2 r
. W% g* ?' p; }1 z* s& L1 `4 f7 S3 K/ z5 M# C( d8 w, b
: c- q% u9 Z' {: K' y' i" U# chmod 640 /etc/neutron/neutron.conf : f. f J# j+ w( Q( f0 k
# chgrp neutron /etc/neutron/neutron.conf 8 t! j& i& n( O& k1 t+ b' \% [
7 j2 i$ O; G% q/ R f: K修改配置文件
5 I3 g1 Y6 ~) @; o# r4 i) l u9 | C7 \( t7 q1 h7 q
2 s( m9 k+ W! P4 q( ` B- ?7 F+ E( |/ o' o9 v1 H
# cp -a /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bak9 s' ]6 R, E- G+ j7 d- u% J% O
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 172.16.8.608 Y$ t7 t' o0 z4 s7 n) k
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret Changeme_123
% P1 V5 x( T3 h8 i2 C5 |$ n% Sopenstack-config --set /etc/neutron/metadata_agent.ini cache memcache_servers node1:11211,node2:11211,node3:11211% k4 @( }& D u8 d2 r# f
! w! e2 f( V" S" R
注意:修改节点的IP4 j' B. H: W/ g& b0 Z
; l- Y$ @5 ]# ?" h
修改配置文件9 [3 w0 I8 [6 h: ]7 O
9 g: x R! ]0 [ i( m6 H
# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bak- R7 w* {* {! l( i7 d; |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,gre,vxlan
; H8 n6 t$ f2 f" Wopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types
# A9 e q8 T2 |. uopenstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population : [6 ?2 p" T7 k% y v3 b, M3 d" n
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security" F6 n$ @; L% y( R& @4 q* ^
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver* R; v# w6 A* n
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True % d# D. O6 a4 D9 r4 u' ?# G/ p
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True4 _) e, }* q, p+ D; |
$ T8 D4 V, N. [修改配置文件/etc/nova/nova.conf
$ f5 B" Q1 @+ W$ H
8 _- o ^ d+ V' Z, C7 i3 K
& \! `8 v* l7 G5 y; |" E- J' g9 b
7 Y6 |6 ~/ l( E5 y1 B0 Wopenstack-config --set /etc/nova/nova.conf DEFAULT use_neutron True* g4 x( x7 ?2 M1 [
openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver+ ?/ ], \6 k8 ^/ h) l8 Y2 |
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
- N: H) A B) y p; P3 Zopenstack-config --set /etc/nova/nova.conf neutron url http://172.16.8.50:9696; v6 P0 c+ T2 n4 b* Y
openstack-config --set /etc/nova/nova.conf neutron auth_url http://172.16.8.50:353571 R' g: d6 w W7 I y) d4 u
openstack-config --set /etc/nova/nova.conf neutron auth_type password' O* f6 ?0 _! G& b, |( C
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
& C6 {9 E5 }7 F6 \openstack-config --set /etc/nova/nova.conf neutron user_domain_name default) b+ y i4 z0 b6 x
openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne0 u0 E0 {8 X, I, E7 x
openstack-config --set /etc/nova/nova.conf neutron project_name service8 r% v. |& f7 z9 ?+ _5 o
openstack-config --set /etc/nova/nova.conf neutron username neutron
4 ^. Z- C$ i2 k5 B# Qopenstack-config --set /etc/nova/nova.conf neutron password Changeme_123* Y, R9 s3 P# P. N3 ?; B
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy True
0 @3 ~* K9 L, dopenstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret Changeme_123
; g; S( I* q9 o
& h( n3 n+ g& ]- o2 z7 P3 o5 O创建软连接$ Q9 \; r0 |0 c/ H
q! B" {; e x3 h8 L; Z+ F
6 p5 e9 e5 y4 J8 J, I: ]
, u( h3 R/ x7 K5 _! C( y, U# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
) s. v4 U" s# P) F0 c
. G% D0 F! o: y# s3 X- C4 {- h1 |同步数据库
" v) |' ~7 A& d! Q+ ^9 x2 I! ?5 D' h: E
* h: u% c; O* J& }: {0 H* r+ O' {# k. u
: I% ? D) [6 R: s6 V$ N
# su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"
' Q$ @; h, U, z; y6 {: b# s9 i
9 Y4 I J$ t- K6 G启动neutron服务
4 M* x7 [9 m* W9 L
# G8 [4 }$ Q! K1 s# e, O) k) F) ^3 j$ n9 Q4 W" ~. {
: b7 n) H( `2 x# ]2 {+ I' D2 N
# systemctl start neutron-server neutron-metadata-agent 6 \/ B4 o; i! k! r
8 l2 c: D9 Y" g7 @; W
' L! H R6 C, J F+ O+ g
, W" Z) |) {3 e s2 Q" E# systemctl enable neutron-server neutron-metadata-agent
& O) {& L2 `0 w/ C
2 J) C+ M' U( x% y `8 h3 b5 y重启openstack-nova-api
! g# t' C& l8 x7 S: c5 @) Q: T* {, E7 u/ J, G; j
# b* C# c* J# k+ q0 g
. W$ |$ }. s& H
# systemctl restart openstack-nova-api# _" q# q1 _7 M* k4 L$ B* [ r# q
' m2 p# G1 A8 g2 h+ J! G: W修改配置文件/etc/neutron/l3_agent.ini
! _5 S% W [! B1 k3 M; \ J
( i5 j: @! d5 O" O8 ~: K2 Z: a. n$ _# j2 O# F q9 g! b$ p; n
& `0 Q. _& {; @( L# cp -a /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini_bak. {, p# s/ p: ^ y7 z" c! Z$ G
5 S4 K+ h8 A1 w3 p" z) K' P2 Y$ z( \! P5 x3 a2 L0 [* X8 N4 G' v
$ S7 g1 l& I9 R7 D% J7 j- S
# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver* H/ ~& y! Z# E2 p! F5 B3 f
" X- M4 \1 b* D' E! o; N: r修改配置文件/etc/neutron/dhcp_agent.ini
; _* D( f/ s" [" U# b
7 w. o! e# [% h+ M* u9 g) O: l+ N1 F- v0 F: M
+ [/ k e+ k* M) p2 ~# cp -a /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini_bak; p& q0 ~' f) S
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver. X7 W! f# d- g7 r
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
% v' ?; s c: e4 D0 R0 qopenstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True) K9 ~" b3 b, X# e& W& F
7 J) t0 c4 w; t% i; a% g启动服务
7 D8 D" i5 R# ~" c
4 X% e G) w2 u2 u% e5 F
% J" g& |; K( O4 L m3 E% X' s9 G9 B/ `' Z. k- U/ c
# systemctl start openvswitch " k, O$ X% y6 t- A' x
# systemctl enable openvswitch ; q7 W' h2 _3 ~, Y8 d
2 R. l/ r( o# Q* v2 l0 R& d& F创建网桥
% r8 U! R4 K" P$ w. v2 D7 [9 h& m. s0 ^. T+ R
q. l. K& j7 ?0 ^! \4 L% c2 h& ~' y
# ovs-vsctl add-br br-int % M$ I B9 w& T) x
. A/ c: W& g) [) Q% I8 s启动服务并设置开机启动
" ]/ K) j$ w2 @# x) a" A' Y3 F" X3 p% \! h5 g
" u8 O' B E$ m4 s- [* y) [* W a
6 h+ b T7 H3 r t$ A# for service in dhcp-agent l3-agent metadata-agent openvswitch-agent; do) H0 B$ z r& _1 w+ F e: L0 u
systemctl restart neutron-$service
. x# }$ l4 F/ [8 N' g Z$ n+ W2 dsystemctl enable neutron-$service9 I. a2 H3 B$ {) U! Q6 m- ]! }
done
" \$ |) r/ U1 J7 ? E% K" Q9 G7 g
|
|
发表于 2018-9-26 09:53:44