内容简介:紧接着OpenStack Networking(neutron)允许用户创建和连接接口设备,这些设备由其他OpenStack服务管理并连入网络。可以实现插件以适应不同的网络设备和软件,为OpenStack架构和部署提供灵活性。它包括以下组件:
紧接着 《Ubuntu16手动安装OpenStack——nova篇》 ,本文我们来安装neutron,主要参考 Networking service 、 Install and configure for Ubuntu 和 OpenStack Queens : Configure Neutron 。
neutron简介
OpenStack Networking(neutron)允许用户创建和连接接口设备,这些设备由其他OpenStack服务管理并连入网络。可以实现插件以适应不同的网络设备和软件,为OpenStack架构和部署提供灵活性。
它包括以下组件:
neutron-server
接受API请求,并将请求通过路由找到适当的OpenStack Networking插件以进行操作。
OpenStack Networking plug-ins and agents
插拔端口,创建网络或子网,并提供IP寻址。这些插件和代理程序因特定云中使用的供应商和技术而异。OpenStack Networking附带了很多插件和代理,可以用于思科虚拟和物理交换机,NEC OpenFlow产品,Open vSwitch,Linux桥接和VMware NSX产品。
公共代理是L3(第3层),DHCP(动态主机IP寻址)和插件代理。
Messaging queue
大多数OpenStack Networking安装使用messaging queue,在neutron-server和各种代理之间传递信息。还用于存储特定插件的网络状态,算是一个数据库。
OpenStack Networking主要与OpenStack Compute交互,为其实例提供网络和连接。
更多信息请参考 Networking (neutron) concepts 。
主机网络
在每个节点上安装操作系统后,必须配置网络接口。官方建议禁用任何自动网络管理工具,并手动编辑配置文件。有关如何配置网络的详细信息,请参阅 文档 。
出于管理目的,所有节点都需要Internet访问,例如程序包安装,安全更新,域名系统(DNS)和网络时间协议(NTP)。在大多数情况下,节点应通过管理网络接口获得Internet访问。为了突出网络分离的重要性,示例体系结构使用专用地址空间用于管理网络,并假设物理网络基础结构通过网络地址转换(NAT)或其他方法提供Internet访问。
在provider网络架构中,所有实例都直接连接到provider网络。在私网体系结构中,实例可以连接到一个私网或多个私网。私网可以完全属于OpenStack,不接入外网;也可以通过provider网络接入外部网络。
控制节点
root用户
为了避免权限问题,建议切换到root用户进行操作(否则要加很多sudo)。
sudo -i
数据库
1、登录数据库
mysql -uroot -p
,密码为openstack。
2、创建neutron数据库
CREATE DATABASE neutron;
3、授权
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'openstack'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'openstack';
4、退出数据库
exit;
证书和端点
1、使admin环境生效
. admin-openrc
2、创建neutron用户
openstack user create --domain default --password-prompt neutron
根据提示设置密码为openstack。
3、添加admin角色给neutron用户
openstack role add --project service --user neutron admin
4、创建neutron服务实体
openstack service create --name neutron --description "OpenStack Networking" network
5、创建网络服务端点
openstack endpoint create --region RegionOne network public http://controller:9696 openstack endpoint create --region RegionOne network internal http://controller:9696 openstack endpoint create --region RegionOne network admin http://controller:9696
安装配置
1、安装相关组件
apt-get -y install neutron-server neutron-plugin-ml2 neutron-plugin-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent python-neutronclient
2、备份neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
3、 vim /etc/neutron/neutron.conf
,新建neutron.conf内容为:
[DEFAULT] core_plugin = ml2 service_plugins = router auth_strategy = keystone state_path = /var/lib/neutron dhcp_agent_notification = True allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True # RabbitMQ connection info transport_url = rabbit://openstack:openstack@controller [agent] root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf # Keystone auth info [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = openstack # MariaDB connection info [database] connection = mysql+pymysql://neutron:openstack@controller/neutron # Nova connection info [nova] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = openstack [oslo_concurrency] lock_path = $state_path/tmp
4、更改权限
chmod 640 /etc/neutron/neutron.conf
chgrp neutron /etc/neutron/neutron.conf
5、 vi /etc/neutron/l3_agent.ini
,如下修改:
# line 17: add interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
6、 vi /etc/neutron/dhcp_agent.ini
,如下修改:
# line 17: add interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver # line 28: uncomment dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq # line 37: uncomment and change enable_isolated_metadata = true
7、 vi /etc/neutron/metadata_agent.ini
,如下修改:
# line 22: uncomment and specify Nova API server nova_metadata_host = controller # line 34: uncomment and specify any secret key you like metadata_proxy_shared_secret = openstack # line 260: uncomment and specify Memcache Server memcache_servers = controller:11211
8、 vi /etc/neutron/plugins/ml2/ml2_conf.ini
,如下修改:
# line 129: add ( it's OK with no value for "tenant_network_types" (set later if need) ) [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = mechanism_drivers = linuxbridge,l2population extension_drivers = port_security # line 262: uncomment and add enable_security_group = True firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver # end line: uncomment enable_ipset = True
9、 vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
,如下修改:
# line 235: add own IP address local_ip = 192.168.56.110
10、 vi /etc/nova/nova.conf
,如下修改:
# add follows into [DEFAULT] section use_neutron = True linuxnet_interface_driver = nova.network.linux_net.LinuxBridgeInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver vif_plugging_is_fatal = True vif_plugging_timeout = 300 # add follows to the end : Neutron auth info # the value of metadata_proxy_shared_secret is the same with the one in metadata_agent.ini [neutron] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = openstack service_metadata_proxy = True metadata_proxy_shared_secret = openstack
完成安装
1、创建链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
2、生成数据库表结构
su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"
3、重启网络服务并设置开机启动
for service in server l3-agent dhcp-agent metadata-agent linuxbridge-agent; do systemctl restart neutron-$service systemctl enable neutron-$service done
4、重启nova
systemctl restart nova-api
5、查看网络agent
openstack network agent list
如上图,看到4个agent,都在controller节点上。
计算节点
主要参考 OpenStack Queens : Configure Neutron 。
root用户
为了避免权限问题,建议切换到root用户进行操作(否则要加很多sudo)。
sudo -i
安装配置
1、安装组件
apt-get -y install neutron-common neutron-plugin-ml2 neutron-plugin-linuxbridge-agent
2、备份neutron.conf
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
3、 vim /etc/neutron/neutron.conf
,新建neutron.conf如下:
[DEFAULT] core_plugin = ml2 service_plugins = router auth_strategy = keystone state_path = /var/lib/neutron allow_overlapping_ips = True # RabbitMQ connection info transport_url = rabbit://openstack:openstack@controller [agent] root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf # Keystone auth info [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = openstack [oslo_concurrency] lock_path = $state_path/lock
4、修改权限
chmod 640 /etc/neutron/neutron.conf
chgrp neutron /etc/neutron/neutron.conf
5、 vi /etc/neutron/plugins/ml2/ml2_conf.ini
,如下修改:
# line 129: add ( it's OK with no value for "tenant_network_types" (set later if need) ) [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = mechanism_drivers = linuxbridge,l2population extension_drivers = port_security # line 262: uncomment and add enable_security_group = True firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver # end line: uncomment enable_ipset = True
6、 vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
,如下修改:
# line 235: add own Ip address local_ip = 192.168.56.111
7、 vi /etc/nova/nova.conf
,如下修改:
# add follows into [DEFAULT] section use_neutron = True linuxnet_interface_driver = nova.network.linux_net.LinuxBridgeInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver vif_plugging_is_fatal = True vif_plugging_timeout = 300 # add follows to the end: Neutron auth info # the value of metadata_proxy_shared_secret is the same with the one in metadata_agent.ini [neutron] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = openstack service_metadata_proxy = True metadata_proxy_shared_secret = openstack
8、创建链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
9、重启网络服务
systemctl restart nova-compute neutron-linuxbridge-agent
10、设置开启自启动
systemctl enable neutron-linuxbridge-agent
验证操作
在控制节点执行以下命令。
1、使admin环境生效
. admin-openrc
2、查看agents
openstack network agent list
如上图,此时就能看到5个agent,其中4个在controller节点,1个在compute节点。
以上就是本文的全部内容,希望本文的内容对大家的学习或者工作能带来一定的帮助,也希望大家多多支持 码农网
猜你喜欢:- 越狱手记:手动编译安装 Electra
- Ubuntu16手动安装OpenStack——修改镜像
- Ubuntu16手动安装OpenStack——horizon篇
- Ubuntu16手动安装OpenStack——nova篇
- Ubuntu16手动安装OpenStack——glance篇
- rock64手动安装nextcloud并恢复数据
本站部分资源来源于网络,本站转载出于传递更多信息之目的,版权归原作者或者来源机构所有,如转载稿涉及版权问题,请联系我们。