Openstack Liberty Lab第6部分:配置Neutron网络服务

在已安装Keystone / Glance / Nova API的控制节点上安装Neutron服务器。在这种情况下,控制节点将运行所有开放式堆栈服务。在编写本部分之前,我介绍了以下部分:

Openstack Liberty Lab第1部分:网络设置和所有先决条件

Openstack Liberty Lab第2部分:安装Openstack软件包

Openstack Liberty Lab第3部分:配置Keystone ID服务

Openstack Liberty Lab第4部分:配置Glance映像服务

Openstack Liberty Lab第5部分:配置Nova计算服务

要运行Neutron服务器,请按照下列步骤操作:

  1. 使用MariaDB为Neutron配置数据库
[[email protected] ~]# mysql -u root -p 
Enter password: 
Welcome to the MariaDB monitor. Commands end with ; or g.
Your MariaDB connection id is 61
Server version: 5.5.44-MariaDB MariaDB Server Copyright (c) 2000, 2015, Oracle, MariaDB Corporation Ab and others. 
Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. 
MariaDB [(none)]> create database neutron; 
Query OK, 1 row affected (0.00 sec) 
MariaDB [(none)]> grant all privileges on neutron.* to [email protected]'localhost' identified by 'moonstack';
Query OK, 0 rows affected (0.00 sec) 
MariaDB [(none)]> grant all privileges on neutron.* to [email protected]'%' identified by 'moonstack'; 
Query OK, 0 rows affected (0.00 sec) 
MariaDB [(none)]> flush privileges; 
Query OK, 0 rows affected (0.00 sec) 
MariaDB [(none)]> exit
Bye
  1. 添加Neutron用户,分配管理员角色,添加端点
  • 添加中子用户
[[email protected] ~]# openstack user create --domain default --project service --password moonstack neutron 
+--------------------+----------------------------------+
| Field              | Value                         |
+--------------------+----------------------------------+
| default_project_id | 9c3ec09f5e08442eb211612f99cd22ad |
| domain_id             | default |
| enabled                 | True |
| id                          | f90899de1b014d0395d5fbd5334f06e7 |
| name                     | neutron |
+--------------------+----------------------------------+
[[email protected] ~]# openstack role add --project service --user neutron admin 
[[email protected] ~]#
  • 添加服务条目。
 [[email protected] ~]# openstack service create --name neutron --description "OpenStack Networking service" network 
+--------------------+------------------------------------------------------------------+
| Field             | Value                                                         |
+-------------------+------------------------------------------------------------------+
| description | OpenStack Networking service            |
| enabled      | True                                                        |
| id                | 808a8785807d4b8fafaaac947852654d |
| name         | neutron                                                    |
| type           | network                                                   |
+-----------------+------------------------------------------------------------------+
[[email protected] ~]#
  • 添加一个端点。
[[email protected] ~]# export controller=192.168.1.60 
[[email protected] ~]# openstack endpoint create --region RegionOne network admin http://$controller:9696
+--------------+-----------------------------------------------------------------------+
| Field        | Value                                                                 |
+--------------+-----------------------------------------------------------------------+
| enabled    | True                                                                |
| id              | 737cb6ac59af4514908079b3d6e2de               |
| interface  | admin                                                             |
| region       | RegionOne                                                    |
| region_id    | RegionOne                                                   |
| service_id   | 808a8785807d4b8fafaaac947852654d      |
| service_name | neutron                                                    |
| service_type | network                                                     |
| url          | http://192.168.1.60:9696                                  |
+--------------+-------------------------------------------------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne network public http://$controller:9696 
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id                | 3a7627983be94e4090061144187fcd7b |
| interface    | public                           |
| region       | RegionOne                        |
| region_id   | RegionOne                        |
| service_id   | 808a8785807d4b8fafaaac947852654d |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.1.60:9696         |
+--------------+----------------------------------+
[[email protected] ~]# openstack endpoint create --region RegionOne network internal http://$controller:9696 
+--------------+------------------------------------------------------+
| Field        | Value                                             |
+--------------+------------------------------------------------------+
| enabled      | True                                            |
| id           | cb7e7803ff874f87838382ff228d1aea |
| interface    | internal                                       |
| region       | RegionOne                                    |
| region_id    | RegionOne                                    |
| service_id   | 808a8785807d4b8fafaaac947852654d |
| service_name | neutron                                    |
| service_type | network                                     |
| url          | http://192.168.1.60:9696                |
+--------------+-------------------------------------------------------+
  1. 配置Neutron服务器。

编辑/etc/neutron/neutron.conf文件并执行以下操作:

  • 默认部分
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT  dhcp_agent_notification True 
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips  True
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_url http://192.168.1.60:8774/v2
[[email protected] ~]#
  • 数据库部分
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf database connection mysql://neutron:[email protected]/neutron
  • keystone_authtoken部分
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://192.168.1.60:5000
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://192.168.1.60:35357
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_plugin password
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_id default
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_id default
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password moonstack
  • 新星节
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_url http://192.168.1.60:35357
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova auth_plugin password
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova project_domain_id default
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova user_domain_id default
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova project_name service
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova username nova
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf nova password moonstack
  • oslo_messaging_rabbit部分
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host 192.168.1.60
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_port   5672
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid guest
[[email protected] ~]# openstack-config --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password moonstack
  1. 配置模块化第2层(ML2)插件

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini 创建一个文件并执行以下操作: [ml2] 本部分启用平面,VLAN和VXLAN网络。

  • [ml2] 横断面
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types flat
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
[[email protected] ~]#
  • ml2_type_flat
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks public
[[email protected] ~]#
  • 安全组部分
 [[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  True
  1. 配置Linux Bridge代理
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings public:eth1
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
[[email protected] ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
  1. 设置第3层代理
[[email protected] ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[[email protected] ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
  1. DHCP代理
[[email protected] ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[[email protected] ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
[[email protected] ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
  1. 配置元数据代理
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_uri http://192.168.1.60:5000
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_url http://192.168.1.60:35357  
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_region RegionOne  
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_plugin password  
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT project_domain_id  default
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT user_domain_id default
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT project_name  service 
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT username  neutron
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT password  moonstack
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip  192.168.1.60 
[[email protected] ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret moonstack
  1. 配置计算以使用网络
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron url http://192.168.1.60:9696 
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://192.168.1.60:35357 
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron auth_plugin password
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_id  default
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_id  default
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service 
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron 
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron password moonstack
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy  True
[[email protected] ~]# openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret  moonstack
  1. 网络服务初始化脚本需要符号链接 /etc/neutron/plugin.ini 指向ML2插件配置文件 /etc/neutron/plugins/ml2/ml2_conf.ini..如果此符号链接不存在,请使用以下命令创建它:
[[email protected] ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
  1. 在数据库中输入数据。
[[email protected] ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
  1. 启动网络服务,并将其配置为在系统启动时启动。对于两个网络选项:
[[email protected] ~]# systemctl enable neutron-server.service   neutron-linuxbridge-agent.service neutron-dhcp-agent.service   neutron-metadata-agent.service
  • 开始:
[[email protected] ~]# systemctl start neutron-server.service   neutron-linuxbridge-agent.service neutron-dhcp-agent.service   neutron-metadata-agent.service
  • 检查状态:
[[email protected] ~]# systemctl status  neutron-server.service   neutron-linuxbridge-agent.service neutron-dhcp-agent.service   neutron-metadata-agent.service
● neutron-server.service - OpenStack Neutron Server
   Loaded: loaded (/usr/lib/systemd/system/neutron-server.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-03-29 00:19:10 EAT; 8min ago
 Main PID: 3255 (neutron-server)
   CGroup: /system.slice/neutron-server.service
           ├─3255 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...
           ├─3316 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...
           ├─3317 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...
           ├─3318 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...
           ├─3319 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...
           └─3320 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neut...

Mar 29 00:19:07 controller systemd[1]: Starting OpenStack Neutron Server...
Mar 29 00:19:08 controller neutron-server[3255]: No handlers could be found for logger "neutro...a"
Mar 29 00:19:10 controller systemd[1]: Started OpenStack Neutron Server.
Mar 29 00:19:15 controller systemd[1]: Started OpenStack Neutron Server.
Mar 29 00:27:30 controller systemd[1]: Started OpenStack Neutron Server.

● neutron-linuxbridge-agent.service - OpenStack Neutron Linux Bridge Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-linuxbridge-agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-03-29 00:19:07 EAT; 8min ago
 Main PID: 3256 (neutron-linuxbr)
   CGroup: /system.slice/neutron-linuxbridge-agent.service
           ├─3256 /usr/bin/python2 /usr/bin/neutron-linuxbridge-agent --config-file /usr/share/n...
           ├─3295 sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf
           └─3297 /usr/bin/python2 /usr/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf

Mar 29 00:19:07 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent.
Mar 29 00:19:07 controller systemd[1]: Starting OpenStack Neutron Linux Bridge Agent...
Mar 29 00:19:08 controller neutron-linuxbridge-agent[3256]: No handlers could be found for logg..."
Mar 29 00:19:08 controller sudo[3295]:  neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/...onf
Mar 29 00:19:15 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent.
Mar 29 00:19:58 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent.
Mar 29 00:23:33 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent.
Mar 29 00:27:30 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent.

● neutron-dhcp-agent.service - OpenStack Neutron DHCP Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-dhcp-agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-03-29 00:19:07 EAT; 8min ago
 Main PID: 3257 (neutron-dhcp-ag)
   CGroup: /system.slice/neutron-dhcp-agent.service
           └─3257 /usr/bin/python2 /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/...

Mar 29 00:19:07 controller systemd[1]: Started OpenStack Neutron DHCP Agent.
Mar 29 00:19:07 controller systemd[1]: Starting OpenStack Neutron DHCP Agent...
Mar 29 00:19:08 controller neutron-dhcp-agent[3257]: No handlers could be found for logger "os...g"
Mar 29 00:19:15 controller systemd[1]: Started OpenStack Neutron DHCP Agent.
Mar 29 00:27:30 controller systemd[1]: Started OpenStack Neutron DHCP Agent.

● neutron-metadata-agent.service - OpenStack Neutron Metadata Agent
   Loaded: loaded (/usr/lib/systemd/system/neutron-metadata-agent.service; enabled; vendor preset: disabled)
   Active: active (running) since Tue 2016-03-29 00:19:07 EAT; 8min ago
 Main PID: 3258 (neutron-metadat)
   CGroup: /system.slice/neutron-metadata-agent.service
           ├─3258 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neut...
           ├─3294 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neut...
           └─3296 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neut...

Mar 29 00:19:07 controller systemd[1]: Started OpenStack Neutron Metadata Agent.
Mar 29 00:19:07 controller systemd[1]: Starting OpenStack Neutron Metadata Agent...
Mar 29 00:19:08 controller neutron-metadata-agent[3258]: No handlers could be found for logger...g"
Mar 29 00:19:15 controller systemd[1]: Started OpenStack Neutron Metadata Agent.
Mar 29 00:27:30 controller systemd[1]: Started OpenStack Neutron Metadata Agent.
Hint: Some lines were ellipsized, use -l to show in full.
[[email protected] ~]#
  1. 列出已加载的扩展,以验证中子服务器进程已成功启动。
  • 创建环境变量加载文件
[[email protected] ~]# vim ~/admin-rc

添加以下内容并更改OS_AUTH_URL和OS_PASSWORD。

export OS_PROJECT_DOMAIN_ID=default
export OS_USER_DOMAIN_ID=default
export OS_PROJECT_NAME=admin
export OS_TENANT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=moonstack
export OS_AUTH_URL=http://192.168.1.60:35357/v3
export OS_IDENTITY_API_VERSION=3

更改权限以获取文件

[[email protected] ~]# chmod 600 ~/admin-rc
[[email protected] ~]# source ~/admin-rc
[[email protected] ~]# echo "source ~/admin-rc " >> ~/.bash_profile

下一个:

[[email protected] ~]# neutron ext-list

  1. 创建一个平面网络。
[[email protected] ~]# neutron net-create public --shared --provider:physical_network public --provider:network_type flat
  1. 创建子网:
[[email protected] ~]# neutron subnet-create public 192.168.1.0/24 --name public   --allocation-pool start=192.168.1.2,end=192.168.1.9

在本指南中,您创建了一个扁平网络。如果您在家庭或办公室网络中配置了VLAN,则可以创建一个VLAN网络。上一教程:

Openstack Liberty Lab第5部分:配置Nova计算服务

下一个教程:

Openstack Liberty Lab第7部分:配置Horizo​​n仪表板服务

Sidebar