- 积分
- 16841
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
一、控制节点配置
& |/ E w0 N1 f& R8 S在控制节点进行以下操作。
$ R- }5 j" f, _# {& u' q
9 Q2 r% C3 w. K9 _" B8 Z1 p1、配置数据库+ n# p# \4 K2 v- d2 b! Z; g
进入数据库控制台(密码123456):
$ A& V2 a. S$ l# X+ k
* ]# [ i- B2 C \0 s3 Vmysql -u root -p
7 Y0 r& x' M% m3 E" r1 I" I' w5 j0 z X* ]
. d/ S4 f1 h3 x- e+ W8 Y
bash
" k3 s2 t- h* O. ?6 E( B N创建数据库并授予权限,退出数据库:
. ]/ x3 @: x/ W0 S+ i# T' m, t1 E# P0 u
CREATE DATABASE neutron;
( j4 W8 t; ]* S L4 d- kGRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';3 ^" p3 l- a% k) [! K7 z, R
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';2 H! @2 z# Y% [% J) G- B
+ P: d( e/ x: a; @5 m+ W. c
5 A* U( ?2 C, K, u! W* w8 Z
: H# ~$ p3 M# j" v4 ^, T( c. \- \
: ~/ X" q0 h9 \$ u
" D2 U/ o; u5 V. j' [$ X$ U/ ~ A" D1 m1 n
2、创建neutron用户
( V( T5 ^6 k4 Y0 f7 N" F' [登录admin支行好:
& A7 b% a, `- q+ B6 p7 O6 ?3 f; u/ C( W0 O
. admin-openrc) y6 L) a. D6 y; n1 d
9 u) `% o2 j' r3 |/ n: x
bash
- u* z3 E& E4 m9 ^在domain:default创建用户neutron:5 ^0 E2 P" Q( v& D0 b
6 Q2 } P' e( |% _0 K6 ?" ~openstack user create --domain default --password-prompt neutron
6 O/ J1 F) U' n4 G1 E
6 _1 W$ k4 g) V, X e: x+ Nbash0 P$ {1 _0 g }7 W
如下图:9 S% K2 E; m: F3 |% {
, r/ ] }9 n6 F* i# s
, I0 S0 G+ R7 V5 t* ^, J& c7 U$ o
9 J' N8 q- N) H' V3 ~授予neutron服务admin权限:
4 p! G7 K$ y/ s' I# }0 q& [! I3 g! c3 w7 u
openstack role add --project service --user neutron admin( }8 Y) N/ c* ~( ]
$ j+ ?2 L7 A) t% I- |6 t+ hbash6 H+ i' @9 ]( O1 Z5 k1 Q
创建neutron服务入口:$ G! ^8 @6 s6 v v4 V
& F4 }! o$ i8 ]1 Y: Z; Q7 z, Y6 dopenstack service create --name neutron --description "OpenStack Networking" network/ H6 [# Y. N: d5 o0 l) [, T4 o
# ^8 }6 K) ?; C3 E# Q8 p' ~bash
: u% C# X g9 p如下图:5 @' j" ]5 W/ l3 h
+ q Y% W) O' f, i' W% }
( p! ?& K6 `% t4 V- k7 s- E
$ s6 i+ {: ~- a2 N3 @" J1 _创建网络服务API端点:
6 [8 y2 i0 O: S: }: k4 U9 Z3 F' w1 e L1 S7 X3 {
openstack endpoint create --region RegionOne network public http://controller:96964 r' D) z* Z( J3 `
openstack endpoint create --region RegionOne network internal http://controller:9696$ ~) m5 T4 {. X4 w( N' y; t7 m
openstack endpoint create --region RegionOne network admin http://controller:9696
; K" x5 e& ]! m2 q# k8 G8 kAI构建项目8 F" p7 e# P# D( x3 y% t& D
bash# k+ N0 N7 `8 `0 j& t
如下图:& r: \! I) u6 Q
8 ~) D Y, ]8 N7 s2 [5 m+ P* o
" w) X" C- B: \
9 h- `/ z' G7 ^5 p" A3、配置selfservice网络
1 ~% i9 c! `, U C3 i( r安装neutron:
) Z+ h( n/ C$ u: z4 O, R! ~
9 b+ h0 p; g: P* x! m) K9 n$ ^: Tyum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y; _1 H6 W( `% z/ r! m7 u6 V, T( i
AI构建项目/ p' k) X) x- z; o$ t" ^
bash" N4 X% m8 Z* w2 O* |* ^. z
备份/etc/neutron/neutron.conf,删除其注释:
/ j; X: S" ]2 Z3 R: Y! ]6 V) I/ n
% i8 L3 V$ x% P! g! g+ Jmv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source- O% C& C/ ]" _! |1 R
cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf, @7 o6 U$ V8 g; r* K5 Q( p
AI构建项目) l+ j8 p1 m2 h6 \# o, r
bash
3 i) c% V" Z n! x编辑/etc/neutron/neutron.conf:7 b: S. n. x4 \
0 l! s8 W2 ^7 ^0 S[DEFAULT]0 P/ }2 Y) t( F$ N# Y
# ...
" I+ g j) ]& Zcore_plugin = ml20 ]+ T Y$ X* }9 W! `! ]
service_plugins = router
0 E' Q0 N! Q6 f1 D2 b. gallow_overlapping_ips = true
" p$ H5 C' ~, y; G5 e5 F( x9 Wtransport_url = rabbit://openstack:123456@controller* f' v/ j2 C3 `" e& v# z
auth_strategy = keystone; a& }6 U7 ` n) F# `; q) p: d
notify_nova_on_port_status_changes = true
8 S. K; \5 e( k+ c/ hnotify_nova_on_port_data_changes = true$ H7 W4 ~; |- w3 M* g0 G9 V
3 _3 c6 l4 y" q" Y% b) c[database]: C' S/ `) L" f2 Q. a
# ..., T' f% N& m: j$ z3 r* G0 B' x
connection = mysql+pymysql://neutron:123456@controller/neutron
5 F; }8 ^" l. S, P, j- |' `
6 b0 c5 b' c+ |; F7 X) s[keystone_authtoken]. B6 l9 q; W" W: c# r% Q
# ...
. m$ F/ f1 a/ d$ }6 p$ Dwww_authenticate_uri = http://controller:50004 o; w& s+ _9 o4 h+ [/ q" t
auth_url = http://controller:50000 H- D+ B; A6 G% K G
memcached_servers = controller:112118 Y$ a }, t b1 D6 H% c
auth_type = password
: Q S! l" u3 _0 p+ Jproject_domain_name = default. O3 i& P- r* A) x( g g
user_domain_name = default
) w6 \' E. Y: { M$ b) g" vproject_name = service2 t' e$ Q8 w- P' X. J7 U
username = neutron
& \8 M, r: G7 ?/ Lpassword = 123456
; H8 z6 ^5 K- E+ W" g( }
* s) I# E, x2 O' \[nova]
{) |5 X- y+ X# ...1 @ ], `, l: Y, T& W
auth_url = http://controller:5000
1 Z1 b q& M' H: p$ R$ [auth_type = password4 N0 R2 W% e: ~5 e8 K5 }* R: J
project_domain_name = default
V1 b Q m$ W* o. U" ? V" G) O- Iuser_domain_name = default
$ M3 p/ ]/ D$ ?0 I2 y& e2 Jregion_name = RegionOne
# [5 U* I1 }8 C$ S dproject_name = service
% K% E. q- O6 V. G1 N0 B1 }8 G2 X4 |username = nova5 I7 p, c v4 o* ?' f1 x
password = 123456! y4 u& q- q" Y8 A( [
9 S) d& t7 F$ {7 `
[oslo_concurrency]
/ y# Z$ o! n$ t* P# ...
1 z9 P* m; T# mlock_path = /var/lib/neutron/tmp
( _2 n2 J0 i7 U % r% [" A |" F, [4 o) v
AI构建项目
! \, B6 Y7 x$ U1 t% l; ~% J6 Jbash
/ W: P- t1 p9 i* O! n' h/ K4、配置ml2
9 g4 V5 i. R2 C d1 N$ Q; p- I 备份/etc/neutron/plugins/ml2/ml2_conf.ini,删除其注释:
6 d( j* ]8 ?4 E! ~$ h+ h( _: p9 R3 \
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.source
4 x( X R1 G d1 Lcat /etc/neutron/plugins/ml2/ml2_conf.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/ml2_conf.ini
$ j' d/ a' x0 a+ b3 lAI构建项目4 u: w# t0 S- h6 v# ~6 Z3 v
bash
/ ]& m* v# a! z' d# P对/etc/neutron/plugins/ml2/ml2_conf.ini进行以下配置:/ A. | J) K. }. T( T# a
' V8 e. ?& Z2 ]; S) Y1 Q7 U# H[ml2]2 Q) h3 ^1 {4 y* k S/ x8 x
# ...
3 `0 L4 D: q4 u; \7 btype_drivers = flat,vlan,vxlan
2 E( h/ Z Y+ k; ztenant_network_types = vxlan$ `( o2 C; \+ J
mechanism_drivers = linuxbridge,l2population
% x3 \# ?% J0 [( `extension_drivers = port_security
& L. y+ R, L" a/ w$ k0 h7 S( U- I
+ ~% f, e3 }4 Y- T9 ?[ml2_type_flat]# g& g0 h7 a3 ?. ^1 r: }" ~ V$ _& e
# ...
" o4 \8 s& E3 \flat_networks = provider
1 z) ~+ `( W, \
: p) X" S" {- {, a[ml2_type_vxlan]
% B; G, X7 C* b4 L( ^7 i8 C& j# ...
: b; w1 O$ H* N' U: e( i" g7 N) ^ [vni_ranges = 1:1000$ U3 E& C' l8 Z$ y
% o$ `+ G$ T" z9 {; j7 t[securitygroup]
- c0 m. _. w7 G! H0 C8 h9 J% G# ...
3 F3 y% ~: Q! Tenable_ipset = true& a: f% q& b! C
AI构建项目
2 B% Z1 ]$ {( {* M L) qbash0 X2 Q/ Z' s( _. z8 i, Y0 h
5、配置linux网桥0 M. F4 B$ U, w2 g Q8 L4 `. s
备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:
0 r7 i% [1 G: A- k* D# [* |) X) K% m# n: {1 ]/ Z8 F, P
mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source- q4 J. X0 N1 M* n9 G
cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
5 i, s/ f6 H" m9 e* ZAI构建项目5 K5 B: v6 q1 X9 X2 V+ \
bash3 D+ ]8 M( [& B: |8 d5 T
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):
8 w Q3 t6 M# P
. w3 a/ U* @5 X% O+ X. F# x[linux_bridge]
% f$ x6 K/ V% g! g4 e# x: mphysical_interface_mappings = provider:ens33) V% O" c1 i1 }" u" n8 |( Z
7 p2 F* J6 ^+ _6 v# _- [[vxlan]
4 N+ f/ o& X2 h: c/ v/ n* benable_vxlan = true
" N8 s" I2 @/ Wlocal_ip = 10.0.0.11
9 O+ [- g' o" ^5 v! J2 s& z8 Hl2_population = true- A; a; s( `4 ~/ A9 P9 f2 W
; w+ K2 x& T2 M9 }5 o
[securitygroup]
& B4 D) p- Z6 U# ...
' s- m! G3 A1 u$ M c! l6 G% E: l7 Cenable_security_group = true
3 W! ]$ y+ F$ `, ?1 j- cfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
& h: Q9 T, [9 DAI构建项目
' ]* [! b/ C m; Bbash
8 q: [! b; L% z7 v; s$ l" {修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:' C( W m- H" c& L6 ^( H9 }, d Y
/ k, y" M$ { W! z" Y7 A
net.bridge.bridge-nf-call-iptables = 19 c0 g' S: F$ a* ]$ n
net.bridge.bridge-nf-call-ip6tables = 1/ j4 E- M: G! O( d7 |6 t3 ?. U
AI构建项目( R3 B4 h4 E- ?& A" K2 Y
bash* H; {5 ~! V C W7 J% U
如下图:
6 m) M1 w2 s& P: _ C8 h/ }( f6 D( G$ g( o; x' v g* N; C
! c5 E* V0 @8 t# }6 }$ g! E
$ M% U# `# l% e1 u4 q添加网桥过滤器,并设置开机加载:* B" P! ?: E, _ ~
" z/ m8 z$ [7 q/ F+ Zmodprobe br_netfilter- E6 a( S+ D: c U+ n# G1 b r
sysctl -p" A2 m4 E2 S7 \; A6 \. M
sed -i '$amodprobe br_netfilter' /etc/rc.local# _3 i0 y; ^- m G5 Y2 N1 x/ j3 }' y
AI构建项目2 k: j/ ]0 F* F) q* @0 U- `
bash% k+ l( j4 t7 m+ D
如下图:/ Y# H- O; D' B! ^" t
4 P; @; E1 P) ?! w
+ N6 E4 T% n8 B9 l! `
# D C/ l# r3 L9 l8 H9 E6、配置L3代理( o0 @# d; j) J2 H% a* Z- e% [
编辑/etc/neutron/l3_agent.ini,添加以下内容:
# T0 [2 }5 V6 H. _6 o$ G8 t- @" L' r! t
[DEFAULT]
' R/ x7 C6 N" r; t: l2 O3 s i# ...5 l- z2 o; X, I
interface_driver = linuxbridge
, }% N- h. s; KAI构建项目
. i v) H6 D7 u. F4 {6 Ubash6 k2 E, H! A8 j. |+ w$ i! E
如下图:
( H( S: r: Y; O2 [& n, `/ U2 q3 h: R
# O4 z8 T( \! s3 I5 M
& I7 O! t1 |5 K5 l
7、配置dhcp. [+ L { N+ ]$ G7 T" K$ ]9 G# q M
编辑/etc/neutron/dhcp_agent.ini,添加以下内容:- @" h1 l2 a* `; J" F1 v
6 t$ I1 ?9 l5 e/ M L
[DEFAULT]3 S- j% p; s: |0 C$ C- F5 j
# ...0 R# O7 k9 E l
interface_driver = linuxbridge8 p x$ |' [9 m1 i
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq& Y# }6 Y8 d1 V
enable_isolated_metadata = true
+ y2 C3 d" G" h0 wAI构建项目
8 p' r& n) M) H/ d( \bash
2 W; g3 c, W5 }! b如下图:; n( ~0 |9 P7 W' }+ Y2 ?! E
6 m+ N2 A3 u- _2 F; S0 [- x$ w
7 u7 y4 e% ^* a$ d+ E
" f: g9 n( f+ u, [ K8、配置meta代理
) [! _' x9 ?. f' s/ j R编辑/etc/neutron/metadata_agent.ini,进行以下配置:1 m# j+ g' J. {( @' k! P
. @/ ?5 N4 m* B; f% z0 z
[DEFAULT]
/ K" p' R% @5 j$ t* E$ C# ...9 ?5 Y: {: |( d) Z, b3 C* |( y( k, ]
nova_metadata_host = controller
8 Q# E4 g0 q6 N* F( J" `, Y% `metadata_proxy_shared_secret = 123456
# x) y8 z; D9 `/ w8 F& B. ~1 aAI构建项目0 u& ~& x1 v$ _! I& h
bash; P$ z, a" v7 f8 P+ n
如下图:
W2 p6 E& a U" b' V( R; c0 J6 Y- I! ^5 H8 I
- B5 ~5 e- l6 R9 ]7 \9 C! k9 h5 s; V6 k# |
9、配置nova使用neutron服务6 B2 V: O/ L1 a* z5 p
编辑/etc/nova/nova.conf,进行以下配置:! D, K4 R& r8 S( |, Y- A! f% g
9 p/ L; a/ u. |( A6 L( g[neutron]
D9 ?# ?) ^ _1 x3 e3 y# ...' m7 n- H: X- K9 t/ s! J
auth_url = http://controller:5000
0 B4 L) I* R! N7 S6 cauth_type = password' w* [$ [' @# i. @& ]+ h
project_domain_name = default
$ C; [# C" ]# ]: C7 `6 euser_domain_name = default1 T o7 Y, y, ?0 `
region_name = RegionOne/ t8 U0 c& f5 F( \; ^% B$ g, |
project_name = service
/ ^! y/ E$ C \username = neutron
, d# F" n$ U4 t% G5 r2 Wpassword = 1234561 E, d7 M3 [$ W/ a' O2 c
service_metadata_proxy = true: M8 l |: v" i$ p1 ~
metadata_proxy_shared_secret = 1234564 y% O: K/ t0 y+ d5 }' [5 D
AI构建项目
3 b- o$ ]/ x$ g7 v- Y; R8 {2 o; cbash$ t4 E* w# m- p/ r" I( k
如下图:4 H+ g, _, Y" o
/ B. k. |. Q2 j* W+ f! m% B* L. {1 _
/ H$ r; k. A; w5 q" `
% [ h% D7 \0 x+ d4 U/ v8 g10、收尾1 v, A+ U1 ^) D# y8 W1 C
创建软连接:( s! P0 u) [. @3 ~! Q! ]1 \
+ y# R: Q6 H& _3 ]
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini. z6 q9 t& T; ^ U
AI构建项目
3 b; x4 ]2 s* u6 p7 O& bbash
+ o( Y' g4 k4 L3 _/ Z同步数据库:. g8 |( T* b/ X4 [0 z
8 c6 r8 i& \4 F' c% H, {$ l" t8 [- }su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
; {% D: X, H2 F" ~AI构建项目
/ K. R: f9 e8 f5 w, P8 bbash
& A3 R8 B$ N5 \. O, J如下图:
# \7 H O6 O5 b
$ z# a' e3 E! p. V% ]
/ _9 A6 m* S2 f. o) {+ O; f j* H: Z# a+ ~& @
重启nova-api:( W% D0 B# O/ Z& t- r4 U! J( O
9 F6 M! B1 r2 K' S k9 Q' b1 k( \4 isystemctl restart openstack-nova-api.service( o7 L0 x" ~) r' h1 x1 @) f
AI构建项目
2 Y. n& c( Y7 b$ Q$ O+ [6 qbash& |" b/ ?$ s# w
设置开机自启,并启动服务:# `7 b, V1 ~+ v' k6 o5 p" o! j0 q
( f8 A9 n/ U" s ~9 {, G+ j- _systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
% A9 Y d2 R* tsystemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service' }3 ^. J% |6 f4 }- x( M
systemctl enable neutron-l3-agent.service
# ]$ \* j% B: P! hsystemctl start neutron-l3-agent.service4 G3 O3 K* V7 U/ s h
AI构建项目( g) U {7 C9 l: _5 }* Q0 V
bash, F. J" S; ^+ W2 V1 a4 G
二、计算节点配置
' r% g* B; z9 K在计算节点完成以下操作。
+ z$ X7 V& s' B6 t0 a1 \. Z
8 c( I1 s9 Y; t3 v6 C# C+ N8 U$ l. g9 Q1、安装包
. D ?$ V6 p2 o5 h$ P/ v, g# R1 E安装包:. z( W% W1 m, q; K
/ ~- y- {7 ?2 s- T# `' O( z" oyum install openstack-neutron-linuxbridge ebtables ipset -y
* ~, y( g. h+ M' k& uAI构建项目
4 ?- x* N# T! N4 F. l6 y; C) pbash
: J5 b) N0 H4 I9 s6 z. X 备份/etc/neutron/neutron.conf,删除其注释:( v3 N. B# e+ j" q+ w' o, y! @3 p2 U
2 U9 j& M) j. I% O, {mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source
$ H/ L+ i4 H. E" e- ucat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf
@" E* z0 U1 A8 h4 ?AI构建项目# }/ \ d7 C, I: g" L0 b$ [' R' d* K
bash
: x5 j' v$ G7 q- R+ U/ u; d$ c编辑/etc/neutron/neutron.conf,进行如下配置:6 L4 K2 L8 w6 A$ L% M* t) Y
G& ?. a! T+ O# v9 v" W$ P; v; x2 ^
[DEFAULT]3 c3 N3 T l+ ^, v7 P
# ...
, N/ ?- v" A) x, k" f- k1 stransport_url = rabbit://openstack:123456@controller
# R2 ^( ]6 G6 D/ R; @auth_strategy = keystone
* Z5 d* ?7 D# w' G. _ 8 E7 |; m2 C# F$ V0 ^1 [' [
[keystone_authtoken]
4 P0 u0 \# {6 ?, H0 @6 V# ...
- J- G9 @$ g3 P3 |www_authenticate_uri = http://controller:5000
3 a% p9 Q! e/ G6 @2 vauth_url = http://controller:5000
; j- v; P5 n* m" i- J, Q8 omemcached_servers = controller:11211# s6 W c( E6 }2 Y8 }
auth_type = password. P$ d5 ^# Q% }7 N' M8 ~
project_domain_name = default) n0 w" l8 j- A, j3 H7 P% M: @
user_domain_name = default7 Z) k, d: o1 T% f
project_name = service! O+ e% h5 L9 T+ { G8 m, n
username = neutron
; z$ d" |2 S# m$ `8 spassword = 1234567 t6 J6 J- B2 g& {4 D1 Z
: }5 Z8 W9 f# j8 l2 |[oslo_concurrency]
; O! E a! u9 ~# h- C# ...
2 E5 r4 \: i. k& _2 plock_path = /var/lib/neutron/tmp# B( a8 S; R: C
AI构建项目
4 @; d2 Q( U' R% vbash
+ H4 d3 Y( E2 ]) Q0 [4 L' r2、配置linux网桥
6 ]8 P: t N8 W& ^& u 备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:
# @1 q- P. O3 O3 `$ |% J1 m4 \7 i! h! Y6 p" l: h* q) X( y
mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source
, ~ T5 U4 D9 ~. i* C: ?# C6 Y U' ?cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
- U8 O: G- P7 m5 F: B) G& n# sAI构建项目1 M3 p7 `, W( }; w& d# v% F
bash" |6 R, C1 s* P# n
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):- F: w+ ?& z' W: T5 h! c
" g* Y& z/ w$ s; U* k0 i: I V. l
[linux_bridge]" Q1 j" H1 |1 s' n
physical_interface_mappings = provider:ens33
- {& b3 }9 \5 e4 y& i' ?: O0 g3 ?
* \. i1 z" g5 Q4 a% _ i' f[vxlan]
, ^' x( y* b, l2 C ]enable_vxlan = true, I$ }1 T( D% Z; f/ f R
local_ip = 10.0.0.31
' Z: f- F) J- q' N# E' rl2_population = true
6 V9 @: s# F) a9 n$ C7 s- u9 a 1 y; i% H+ G# O8 j
[securitygroup]
9 ]: r" _* V9 X% M& _9 e; o# ...
% n: F9 M% Y) d) Q* y4 genable_security_group = true
, F; h2 ? R- o) `) Vfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver9 V. g, Y$ q2 l% B( c4 b7 C }- q
AI构建项目
1 Z% q" J* |& `3 v( Wbash8 ^. W! U( P2 u- o3 E
修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:
+ m4 k4 ?# W: ` u
# M5 V, N8 z1 F+ T& Xnet.bridge.bridge-nf-call-iptables = 1
8 w- Z2 O: |' j7 @2 f8 _net.bridge.bridge-nf-call-ip6tables = 1% f, H [ c( x4 f
AI构建项目
: U/ \: H+ d0 ^2 r. S* \" [7 @bash
1 }* @1 o: P1 F如下图:: r5 J$ |7 B; R: `5 q
& Y% e8 v6 Y6 m( s% X9 i4 \7 O; X7 Z2 X. |6 f& Q
" S% N! l) C3 j; F$ j! s/ \8 e! p
添加网桥过滤器,并设置开机加载:
. e% Y8 V# P* m, S7 G& K: k
5 U/ I4 u: O4 ]* H$ S( hmodprobe br_netfilter
; z1 U+ v) ^0 W+ O% ^! csysctl -p7 j) m% F8 k) i: q/ m
sed -i '$amodprobe br_netfilter' /etc/rc.local- [8 H* [& t- q" W5 A
AI构建项目
2 b7 s1 y, \% ]% H6 ^9 [: i6 dbash
( X" m+ M/ u$ e) M如下图:8 V; t8 Y2 D$ m; T. F" \8 v) w
* C: {- l A1 Z+ T. k' ^
4 y) E1 c0 H! A- ?; t5 y! o/ t% ^; j& _1 V. ?
3、配置nova使用neutron服务
& {4 y1 a, \% G8 { 编辑/etc/nova/nova.conf,进行以下配置:# E, }0 f, ^8 j# C/ j- C
4 P! d# t$ p4 L( u( ^) r
[neutron]8 A2 R% `- k# k) A; z' R
# ...7 C# r Z$ T" h, y% `6 c+ h5 k
auth_url = http://controller:5000* L" w* ~: i6 A) c+ x
auth_type = password
7 ~5 v7 M) X, A6 o0 `. u& `; Iproject_domain_name = default
7 u# j& V/ b. h2 luser_domain_name = default
. D. c! `7 s7 I& Z1 @+ }# P' k# A; Vregion_name = RegionOne
$ _ _* n. d: B9 z, L; `( wproject_name = service$ v% H) [1 s) z
username = neutron4 O+ X6 ^+ A' `% A0 i7 E2 j: n
password = 123456+ p9 Y. w9 K) c2 v( U
AI构建项目
4 S- E+ H5 t6 T7 ~/ ?4 i1 C ?# Dbash$ X" p, y9 N. u. {3 ?
如下图:
2 I. L/ c4 [" a$ r6 c
6 f! n) @2 n( m8 M- D/ n, h$ P1 {6 X; d% D
- o* L# i. E! J5 g, W5 G0 _4 a/ A
4、收尾; Q6 {. t0 @- {
重启计算服务:
, y" Z2 q( q9 J3 P3 R# F: `8 i4 e5 j, Y8 y6 [) r
systemctl restart openstack-nova-compute.service# h) g. ?3 J& P2 x/ V) x/ G0 \
AI构建项目
8 c! s& i: [) x6 k5 _/ {- `bash5 F: l8 \ E" ^6 |& F3 H
设置网桥开机自启,并启动服务:. [5 M9 k% e9 r) z' b& i
( g! v5 v( P* ` |3 B& r
systemctl enable neutron-linuxbridge-agent.service
4 P6 K6 F( M j+ osystemctl start neutron-linuxbridge-agent.service; z" ?$ o# j( w! z' V
AI构建项目) Q- w; O+ t6 ~: C
bash# I2 E, r$ K* q& I. Y6 g( D) m5 u
三、验证
k8 o' B. Y4 O% D; R9 q3 W在控制节点使用如下命令验证:
( f$ a# F' X) m' d/ S5 Y S: a1 ?# q4 D2 Q! ~) |& W8 i1 U
openstack network agent list* l# ]8 t9 e k- x- L. S; U
|
|
/4 
|返回首页|Archiver|小黑屋|易陆发现技术论坛
( 蜀ICP备2026014127号-1 )
窥视卡
雷达卡
发表于 2025-12-18 11:08:33
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜