溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

發(fā)布時(shí)間:2020-07-21 12:31:05 來(lái)源:網(wǎng)絡(luò) 閱讀:1326 作者:ygj900629 欄目:云計(jì)算

第十部分?安裝網(wǎng)絡(luò)服務(wù)neutron


一、準(zhǔn)備工作

安裝網(wǎng)絡(luò)服務(wù)neutron之前,要先做好以下準(zhǔn)備工作

1、備份目前的vmware-workstation虛擬機(jī)

關(guān)閉2臺(tái)虛擬機(jī),在windows資源管理器中找到安裝vmware-workstation虛擬機(jī)的文件夾,備份一下這個(gè)文件夾。

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


2、備份好之后開啟2臺(tái)虛擬機(jī),將虛擬機(jī)的網(wǎng)卡eth2調(diào)整成混雜模式,控制節(jié)點(diǎn)和計(jì)算節(jié)點(diǎn)均執(zhí)行

yum install net-tools -y

ifconfig eth2 promisc

ifconfig

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

控制節(jié)點(diǎn)eth2網(wǎng)卡信息中有PROMISC字樣表示已經(jīng)啟用混雜模式。


OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

計(jì)算節(jié)點(diǎn)eth2網(wǎng)卡信息中有PROMISC字樣表示已經(jīng)啟用混雜模式。

將上述命令寫入到/etc/profile使下次重啟后也生效:

vim /etc/profile

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


3、重啟網(wǎng)絡(luò),確認(rèn)主機(jī)間的網(wǎng)絡(luò)通訊

systemctl?restart?network

ping?c1

ping 10.8.20.42

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


4、在控制節(jié)點(diǎn)確認(rèn)到目前為止所安裝的服務(wù)都正常運(yùn)行

. admin-openrc

檢查keystone

openstack token issue

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


檢查glance

openstack image list

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


檢查placement

placement-status upgrade check

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


檢查nova

openstack compute service list

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron


nova-status upgrade check

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron



二、在控制節(jié)點(diǎn)安裝網(wǎng)絡(luò)服務(wù)neutron

結(jié)合上一節(jié)所講的物理部署,控制節(jié)點(diǎn)主要安裝neutron的下面組件

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

由于下面使用的是二層網(wǎng)絡(luò)架構(gòu),所以不按照l(shuí)3三層網(wǎng)絡(luò)的相關(guān)組件。


下面在控制節(jié)點(diǎn)(ct)進(jìn)行操作安裝Neurton網(wǎng)絡(luò)服務(wù)

創(chuàng)建Neutron數(shù)據(jù)庫(kù)
mysql -u root -p
MariaDB [(none)] >?CREATE DATABASE neutron;

數(shù)據(jù)庫(kù)授權(quán)
MariaDB [(none)]>?GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]>?GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

創(chuàng)建neutron用戶
. admin-openrc
openstack user create --domain default --password NEUTRON_PASS neutron

向neutron用戶添加admin角色
openstack role add --project service --user neutron admin

創(chuàng)建neutron服務(wù)實(shí)體
openstack service create --name neutron --description "OpenStack Networking" network

創(chuàng)建neutron服務(wù)端點(diǎn)
openstack endpoint create --region RegionOne network public http://ct:9696
openstack endpoint create --region RegionOne network internal http://ct:9696
openstack endpoint create --region RegionOne network admin http://ct:9696

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

配置二層網(wǎng)絡(luò)(官方文檔為提供商網(wǎng)絡(luò))
1、安裝軟件包
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

openstack-neutron:neutron-server的包

openstack-neutron-ml2:ML2?plugin的包

openstack-neutron-linuxbridge:linux?bridge network?provider相關(guān)的包

ebtables:防火墻相關(guān)的包

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

2、修改?neutron?配置文件(共有5個(gè)配置文件需要修改)

(1)neutron?server的配置文件neutron.conf
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
grep -Ev '^$|#' /etc/neutron/neutron.conf.bak>/etc/neutron/neutron.conf
vim /etc/neutron/neutron.conf
[database](加1行)
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron

[DEFAULT](加6行)
core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:RABBIT_PASS@ct
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[keystone_authtoken](加9行)
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS

[nova]([nova]自己加,加8行)
auth_url = http://ct:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS

[oslo_concurrency](加1行)
lock_path = /var/lib/neutron/tmp

(2)ML2 plugin的配置文件ml2_conf.ini
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak>/etc/neutron/plugins/ml2/ml2_conf.ini
vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

(3)linux bridge?network?provider的配置文件linuxbridge_agent.ini
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eth2

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

注意上面的provder:eth2的寫法(官方文檔的坑點(diǎn)之一,其正確的寫法是控制節(jié)點(diǎn)及計(jì)算節(jié)點(diǎn)連接外部網(wǎng)絡(luò)的網(wǎng)卡eth2

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

從這段可以看出,INTERFACE_NAME指的是eth2,就是連接外部網(wǎng)絡(luò)的那塊網(wǎng)卡(provider?interface)。

(4)?系統(tǒng)配置文件sysctl.conf(官方文檔的坑點(diǎn)之一,它這里只是說(shuō)明要檢查而沒(méi)有寫如何配置
vim /etc/sysctl.conf
加入下面2行:
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1

modprobe br_netfilter
sysctl -p

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

(5)dhcp agent配置文件dhcp_agent.ini
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak> /etc/neutron/dhcp_agent.ini
vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

配置元數(shù)據(jù)代理,以便和nova通訊(可以參考上節(jié)所講的neutron和nova的交互部分)
vim /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = ct
metadata_proxy_shared_secret = METADATA_SECRET

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

修改nova的配置文件,也是為了和neutron進(jìn)行交互
vim /etc/nova/nova.conf
在原來(lái)的基礎(chǔ)上,再在[neutron]部分加入:
[neutron](共10行)
auth_url = http://ct:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
service_metadata_proxy = true
metadata_proxy_shared_secret = METADATA_SECRET

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

建立ml2的軟連接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

填充Neutron數(shù)據(jù)庫(kù)
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

重新啟動(dòng)nova-api服務(wù)
systemctl restart openstack-nova-api.service

啟動(dòng)neutron服務(wù)和配置開機(jī)啟動(dòng)
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

啟動(dòng)好之后,可以使用systemctl?status命令查看各個(gè)服務(wù)運(yùn)行的狀態(tài),使用netstat -tnlup查看是否有9696端口。
至此,控制節(jié)點(diǎn)上的neutron服務(wù)組件安裝完畢,下面切換到另外一臺(tái)虛擬機(jī),在計(jì)算節(jié)點(diǎn)上安裝neutron服務(wù)。

三、在計(jì)算節(jié)點(diǎn)安裝網(wǎng)絡(luò)服務(wù)neutron

結(jié)合上一節(jié)所講的物理部署,計(jì)算節(jié)點(diǎn)主要安裝neutron的下面組件

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

計(jì)算節(jié)點(diǎn)(c1)上進(jìn)行如下操作安裝網(wǎng)絡(luò)服務(wù)neutron(計(jì)算節(jié)點(diǎn))


安裝組件
yum install openstack-neutron-linuxbridge ebtables ipset -y

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

修改配置文件
(1)修改neutron主配置文件
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
grep -Ev '^$|#' /etc/neutron/neutron.conf.bak>/etc/neutron/neutron.conf
vim /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:RABBIT_PASS@ct
auth_strategy = keystone

[keystone_authtoken](共9行)
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

(2)配置Linux網(wǎng)橋代理
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak>/etc/neutron/plugins/ml2/linuxbridge_agent.ini
vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:eth2

[vxlan]
enable_vxlan = false

[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

(3)sysctl.conf
vim /etc/sysctl.conf
加入下面2行:
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1

modprobe br_netfilter
sysctl -p

修改nova配置文件
vim /etc/nova/nova.conf
[neutron]
auth_url = http://ct:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

重啟nova計(jì)算服務(wù)
systemctl restart openstack-nova-compute.service

啟動(dòng)neutron服務(wù)和設(shè)置開機(jī)自啟動(dòng)
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

至此,計(jì)算節(jié)點(diǎn)上面的neutron服務(wù)安裝完畢,下面切換到控制節(jié)點(diǎn),驗(yàn)證整個(gè)neutron的安裝。

驗(yàn)證整個(gè)neutron服務(wù)
控制節(jié)點(diǎn)(ct)執(zhí)行以下命令驗(yàn)證neutron服務(wù)
. admin-openrc
openstack extension list --network

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

openstack network agent list

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

一定要確保列表中有4條記錄,并且Alive狀態(tài)為笑臉:-),State為UP。

可以對(duì)照官方文檔來(lái)查看

OpenStack Train版雙節(jié)點(diǎn)安裝(十)安裝網(wǎng)絡(luò)服務(wù)neutron

向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI