溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶服務(wù)條款》

OpenStack架構(gòu)----neutron組件(四)

發(fā)布時(shí)間:2020-07-26 10:27:04 來(lái)源:網(wǎng)絡(luò) 閱讀:1676 作者:藍(lán)月CC 欄目:云計(jì)算

前言:

整個(gè)OpenStack是由控制節(jié)點(diǎn),計(jì)算節(jié)點(diǎn),網(wǎng)絡(luò)節(jié)點(diǎn),存儲(chǔ)節(jié)點(diǎn)四大部分組成。本篇博文將詳細(xì)講解網(wǎng)絡(luò)節(jié)點(diǎn)neutron組件部署過(guò)程,整體分為兩部分:控制節(jié)點(diǎn)和計(jì)算節(jié)點(diǎn)都需要設(shè)置。

網(wǎng)絡(luò)節(jié)點(diǎn)架構(gòu)

網(wǎng)絡(luò)節(jié)點(diǎn)僅包含Neutron服務(wù)

Neutron:負(fù)責(zé)管理私有網(wǎng)段與公有網(wǎng)段的通信,以及管理虛擬機(jī)網(wǎng)絡(luò)之間的通信/拓?fù)?,管理虛擬機(jī)之上的防火等等

網(wǎng)絡(luò)節(jié)點(diǎn)包含三個(gè)網(wǎng)絡(luò)端口

eth0:用于與控制節(jié)點(diǎn)進(jìn)行通信

eth2:用于與除了控制節(jié)點(diǎn)之外的計(jì)算/存儲(chǔ)節(jié)點(diǎn)之間的通信

eth3:用于外部的虛擬機(jī)與相應(yīng)網(wǎng)絡(luò)之間的通信

實(shí)驗(yàn)環(huán)境:


主  機(jī)系  統(tǒng)IP地址角  色
controllerCentOS7192.168.37.128keystone、nova、glance、neutron、ntp、mariadb、rabbitmq、memcached、etcd、apache、
computeCentOS7192.168.37.130nova、neutron、ntp
cinderCentOS7192.168.37.131cinder、ntp
實(shí)驗(yàn)過(guò)程:

++controller節(jié)點(diǎn)neutron網(wǎng)絡(luò)配置++

1、創(chuàng)建nuetron數(shù)據(jù)庫(kù)和授權(quán)

mysql -u root -p

create database neutron;

grant all privileges on neutron.* to 'neutron'@'localhost' identified by '123456';

grant all privileges on neutron.* TO 'neutron'@'%'identified by '123456';


2、創(chuàng)建用戶neutron

source ~/admin-openrc

openstack user create --domain default --password-prompt neutron


OpenStack架構(gòu)----neutron組件(四)

3、把neutron用戶添加到glance用戶和項(xiàng)目中

openstack role add --project service --user neutron admin


4、創(chuàng)建neutron服務(wù)

openstack service create --name neutron   --description "OpenStack Networking" network


OpenStack架構(gòu)----neutron組件(四)

5、創(chuàng)建網(wǎng)絡(luò)服務(wù)API端點(diǎn)

openstack endpoint create --region RegionOne network public http://controller:9696

openstack endpoint create --region RegionOne network internal http://controller:9696

openstack endpoint create --region RegionOne network admin http://controller:9696


6、yum安裝neutron軟件包

yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables


7、修改配置文件

vim  /etc/neutron/neutron.conf

[database]

//729

connection = mysql+pymysql://neutron:123456@controller/neutron


[DEFAULT]

//27

auth_strategy = keystone

//30

core_plugin = ml2             #插件ml2

//33 不寫代表禁用其他插件

service_plugins =

//570

transport_url = rabbit://openstack:123456@controller

//98

notify_nova_on_port_status_changes = true     #nova端口狀態(tài)通告

//102

notify_nova_on_port_data_changes = true      #端口數(shù)據(jù)通告


[keystone_authtoken]     #令牌注冊(cè)信息

//847

auth_uri = http://controller:5000

auth_url = http://controller:35357

//898

memcached_servers = controller:11211

//1005

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = 123456


[nova]

//1085

auth_url = http://controller:35357

//1089

auth_type = password

//1127

project_domain_name = default

//1156

user_domain_name = default

//1069

region_name = RegionOne

//1135

project_name = service

//1163

username = nova

//1121

password = 123456


[oslo_concurrency]

//1179

lock_path = /var/lib/neutron/tmp


8、配置網(wǎng)絡(luò)二層插件

vim /etc/neutron/plugins/ml2/ml2_conf.ini


[ml2]

//136

type_drivers = flat,vlan          #flat-橋接  vlan-局域網(wǎng)

//141   設(shè)置空是禁用本地網(wǎng)絡(luò)

tenant_network_types =

//145

mechanism_drivers = linuxbridge

//150

extension_drivers = port_security


[ml2_type_flat]

//186

flat_networks = provider         #橋接網(wǎng)絡(luò)類型


[securitygroup]

//263

enable_ipset = true            #安全組


9、配置Linux網(wǎng)橋

vim  /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

//157

physical_interface_mappings = provider:ens33


[vxlan]

//208

enable_vxlan = false


[securitygroup]

//193

enable_security_group = true             #開(kāi)啟安全組

//188

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver


10、配置DHCP

vim /etc/neutron/dhcp_agent.ini


//16

interface_driver = linuxbridge           #接口類型

//28

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

//37

enable_isolated_metadata = true


11、配置metadata

vim  /etc/neutron/metadata_agent.ini


[DEFAULT]

//22

nova_metadata_host = controller

//34

metadata_proxy_shared_secret = 123456


12、配置計(jì)算服務(wù)使用網(wǎng)絡(luò)服務(wù)

vim /etc/nova/nova.conf        #在``[neutron]`` 部分,配置訪問(wèn)參數(shù)


[neutron]

//7613

url = http://controller:9696

//7689

auth_url = http://controller:35357

//7683

auth_type = password

//7710

project_domain_name = default

//7763

user_domain_name = default

//7757

region_name = RegionOne

//7704

project_name = service

//7730

username = neutron

//7739

password = 123456

//7652

service_metadata_proxy = true          #metadata代理開(kāi)啟

//7584

metadata_proxy_shared_secret = 123456     #代理的認(rèn)證密鑰


13、建立服務(wù)軟連接

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini


14、同步數(shù)據(jù)庫(kù)

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf   --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron


15、重啟compute API服務(wù),并開(kāi)啟相關(guān)服務(wù)

systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service   

systemctl enable neutron-linuxbridge-agent.service 

systemctl enable neutron-dhcp-agent.service   

systemctl enable neutron-metadata-agent.service

systemctl restart neutron-server.service   

systemctl restart neutron-linuxbridge-agent.service 

systemctl restart neutron-dhcp-agent.service   

systemctl restart neutron-metadata-agent.service


++compute節(jié)點(diǎn)neutron網(wǎng)絡(luò)配置++

1、yum安裝neutron包

yum install -y openstack-neutron-linuxbridge ebtables ipset


2、配置公共組件

vim /etc/neutron/neutron.conf


[DEFAULT]

//27

auth_strategy = keystone

//570

transport_url = rabbit://openstack:123456@controller


[keystone_authtoken]

//847

auth_uri = http://controller:5000

auth_url = http://controller:35357

//898

memcached_servers = controller:11211

//1005

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = 123456


[oslo_concurrency]

//1180

lock_path = /var/lib/neutron/tmp


3、配置Linux網(wǎng)橋

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini


[linux_bridge]

//157

physical_interface_mappings = provider:ens33


[vxlan]

//208

enable_vxlan = false


[securitygroup]

//193

enable_security_group = true

//188

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver


4、配置計(jì)算節(jié)點(diǎn)網(wǎng)絡(luò)服務(wù)

vim /etc/nova/nova.conf


[neutron]

//7534

url = http://controller:9696

//7610

auth_url = http://controller:35357

//7604

auth_type = password

//7631

project_domain_name = default

//7657

user_domain_name = default

//7678

region_name = RegionOne

//7625

project_name = service

//7651

username = neutron

//7660

password = 123456


5、開(kāi)啟相關(guān)服務(wù)

systemctl restart openstack-nova-compute.service


systemctl enable neutron-linuxbridge-agent.service

systemctl start neutron-linuxbridge-agent.service


到此為止,neutron組件已經(jīng)安裝完成,謝謝閱讀!


向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI