安装三节点OpenStack Queens集群–第6部分

在控制器节点上配置Neutron

Neutron是一个OpenStack项目,该项目在由其他OpenStack服务(例如nova)管理的接口设备(例如vNIC)之间提供“网络连接即服务”。实施Neutron API。
使用Neutron的原因是:

  • 向云租户提供API,构建丰富的网络拓扑,并在云中配置高级网络策略。示例:创建多层Web应用程序拓扑
  • 启用引入高级网络功能的创新插件(开放源和封闭源)。示例:使用L2-in-L3隧道绕过VLAN限制,提供端到端QoS保证,并使用监视协议(例如NetFlow)。
  • 任何人都可以构建插入Openstack租户网络的高级网络服务(开放源代码和封闭源代码)。示例:LB-aaS,VPN-aaS,防火墙aaS,IDS-aaS(未实现),数据中心互连aaS。
  • Horizo​​ n GUI支持:
  • 创建/删除Neutron L2和L3网络和子网
  • 在特定的Neutron网络上启动VM。
  • API可扩展性框架,包括以下扩展:
  • 将中子L2网络映射到物理数据中心中特定VLAN的“提供商网络”

“让我们成就您所爱的美丽。”

让我们开始在控制器节点上安装Neutron。 第一步: 与往常一样,您需要像其他任何用户一样将Neutron用户添加到梯形失真

[[email protected] ~(keystone)]# openstack user create --domain default --project service --password neutron123 neutron +---------------------+----------------------------------+ | Field               | Value                            | +---------------------+----------------------------------+ | default_project_id  | d13375a7f48b4642abc74ad68d6ffe4b | | domain_id           | default                          | | enabled             | True                             | | id                  | a831dddd9179494b95de64881d3abf79 | | name                | neutron                          | | options             | {}                               | | password_expires_at | None                             | +---------------------+----------------------------------+

步骤2: 像以前一样将Neutron添加到管理员角色

[[email protected] ~(keystone)]# openstack role add --project service --user neutron admin

第三步: 让我们为中子服务添加一个条目。这与我们对其他服务所做的相同。

[[email protected] ~(keystone)]# openstack service create --name neutron --description "OpenStack Networking service" network  +-------------+----------------------------------+ | Field       | Value                            | +-------------+----------------------------------+ | description | OpenStack Networking service     | | enabled     | True                             | | id          | 14506b01a57049ff99eb51c4fb852ef5 | | name        | neutron                          | | type        | network                          | +-------------+----------------------------------+[[email protected] ~(keystone)]# export controller=192.168.122.130

步骤4: 添加中子公共,私有和管理端点

[[email protected] ~(keystone)]# openstack endpoint create --region RegionOne network public http://$controller:9696  +--------------+----------------------------------+ | Field        | Value                            | +--------------+----------------------------------+ | enabled      | True                             | | id           | a4fe0901a7894fbd9c6e330be6e34a6d | | interface    | public                           | | region       | RegionOne                        | | region_id    | RegionOne                        | | service_id   | 14506b01a57049ff99eb51c4fb852ef5 | | service_name | neutron                          | | service_type | network                          | | url          | http://192.168.122.130:9696        | +--------------+----------------------------------+
[[email protected] ~(keystone)]# openstack endpoint create --region RegionOne network internal http://$controller:9696 +--------------+----------------------------------+ | Field        | Value                            | +--------------+----------------------------------+ | enabled      | True                             | | id           | 84c6e17d4e274b92803f3ce22c68464c | | interface    | internal                         | | region       | RegionOne                        | | region_id    | RegionOne                        | | service_id   | 14506b01a57049ff99eb51c4fb852ef5 | | service_name | neutron                          | | service_type | network                          | | url          | http://192.168.122.130:9696        | +--------------+----------------------------------+
[[email protected] ~(keystone)]# openstack endpoint create --region RegionOne network admin http://$controller:9696  +--------------+----------------------------------+ | Field        | Value                            | +--------------+----------------------------------+ | enabled      | True                             | | id           | f889e50e5346473e894e0147577f3cfb | | interface    | admin                            | | region       | RegionOne                        | | region_id    | RegionOne                        | | service_id   | 14506b01a57049ff99eb51c4fb852ef5 | | service_name | neutron                          | | service_type | network                          | | url          | http://192.168.122.130:9696        | +--------------+----------------------------------+

步骤5: 可以想象,您需要向MariaDB添加中子数据库和用户

[[email protected] ~(keystone)]# mysql -u root -p Enter password:  Welcome to the MariaDB monitor.  Commands end with ; or g. Your MariaDB connection id is 1231 Server version: 10.1.20-MariaDB MariaDB Server Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others. Type 'help;' or 'h' for help. Type 'c' to clear the current input statement. MariaDB [(none)]> create database neutron_ml2; MariaDB [(none)]> grant all privileges on neutron_ml2.* to [email protected]'localhost' identified by 'neutron123'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> grant all privileges on neutron_ml2.* to [email protected]'%' identified by 'neutron123'; Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> flush privileges;  Query OK, 0 rows affected (0.00 sec) MariaDB [(none)]> exit; Bye

步骤6: 在控制器上安装Neutron服务器

[[email protected] ~(keystone)]# yum --enablerepo=centos-openstack-queens,epel -y install openstack-neutron openstack-neutron-ml2Determining fastest mirrors base: mirror.ucu.ac.ug centos-qemu-ev: mirror.ucu.ac.ug extras: mirror.ucu.ac.ug updates: mirror.ucu.ac.ug base                                                                                      | 3.6 kB  00:00:00      centos-ceph-luminous                                                                      | 2.9 kB  00:00:00      centos-openstack-queens                                                                   | 2.9 kB  00:00:00      centos-qemu-ev                                                                            | 2.9 kB  00:00:00      extras                                                                                    | 3.4 kB  00:00:00      updates                                                                                   | 3.4 kB  00:00:00      updates/7/x86_64/primary_db                                                               | 2.5 MB  00:00:02      Resolving Dependencies --> Running transaction check ---> Package openstack-neutron.noarch 1:12.0.5-1.el7 will be installed                                                                         

步骤7: 使用以下配置备份中子文件并创建新文件

[[email protected] ~(keystone)]#  mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak[[email protected] ~(keystone)]# vim /etc/neutron/neutron.conf#New File [DEFAULT] core_plugin = ml2 service_plugins = router auth_strategy = keystone state_path = /var/lib/neutron dhcp_agent_notification = True allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True# RabbitMQ connection info transport_url = rabbit://openstack:[email protected]# Keystone auth info [keystone_authtoken] www_authenticate_uri = http://192.168.122.130:5000 auth_url = http://192.168.122.130:5000 memcached_servers = 192.168.122.130:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron123# MariaDB connection info [database] connection = mysql+pymysql://neutron:[email protected]/neutron_ml2# Nova connection info [nova] auth_url = http://192.168.122.130:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = pepe123 [oslo_concurrency] lock_path = $state_path/tmp

步骤8: 编辑/etc/neutron/plugins/ml2/ml2_conf.ini并将以下内容添加到指定的行。

[[email protected] ~(keystone)]# vim /etc/neutron/plugins/ml2/ml2_conf.ini #line 22: uncomment and specify Nova API server nova_metadata_host = 192.168.122.130 #line 34: uncomment and specify any secret key you like. Remember this because we shall need it later metadata_proxy_shared_secret = pepe123 #line 260: uncomment and specify Memcache server memcache_servers = 192.168.122.130:11211

步骤9: 对以下文件执行相同的操作

[[email protected] ~(keystone)]# vim /etc/neutron/plugins/ml2/ml2_conf.ini  [ml2]  type_drivers = flat,vlan,gre,vxlan  tenant_network_types =  mechanism_drivers = openvswitch,l2population  extension_drivers = port_security

步骤10: 编辑Nova配置文件,并进行如下更新

[[email protected] ~(keystone)]# vim /etc/nova/nova.conf use_neutron = True linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver# add the following to the end : The Neutron auth info# the value of metadata_proxy_shared_secret is the same with the one in metadata_agent.ini[neutron] auth_url = http://192.168.122.130:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = neutron123 ##DO NOT FORGET THIS PASSWORD YOU SET IN NOVA SERVICE  service_metadata_proxy = True metadata_proxy_shared_secret = pepe123 ##SAME AS WE USED IN THE /etc/neutron/plugins/ml2/ml2_conf.ini FILE

步骤11: 将相关端口添加到防火墙

[[email protected] ~(keystone)]# firewall-cmd --add-port=9696/tcp --permanent  success [[email protected] ~(keystone)]# firewall-cmd --reload  success

步骤12: 启动Neutron服务器

[[email protected] ~(keystone)]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini [[email protected] ~(keystone)]# su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"            INFO  [alembic.runtime.migration] Context impl MySQLImpl. INFO  [alembic.runtime.migration] Will assume non-transactional DDL.   Running upgrade for neutron … INFO  [alembic.runtime.migration] Context impl MySQLImpl. INFO  [alembic.runtime.migration] Will assume non-transactional DDL. INFO  [alembic.runtime.migration] Running upgrade  -> kilo, kilo_initial INFO  [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225, nsxv_vdr_metadata.py INFO  [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151, neutrodb_ipam INFO  [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf, Initial operations in support of address scopes INFO  [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee, Flavor framework INFO  [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f, network_rbac INFO  [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773, quota_usage INFO  [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592, subnetpool hash INFO  [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7, add order to dnsnameservers INFO  [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79, address scope support in subnetpool INFO  [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051, qo [[email protected] ~(keystone)]# systemctl start neutron-server neutron-metadata-agent [[email protected] ~(keystone)]# systemctl enable neutron-server neutron-metadata-agent  [[email protected] ~(keystone)]# systemctl restart openstack-nova-api

再回去吧中子是控制节点。以下指南将在中子节点上安装neutron。

单击下面的链接转到此续集中的先前文章。

在CentOS 7第1部分上安装Openstack 3节点集群

安装三节点OpenStack Queens集群–第2部分

安装三节点OpenStack Queens集群–第3部分

安装三节点OpenStack Queens集群–第4部分

安装三节点OpenStack Queens集群–第5部分

该续集的第7部分在下面的链接中。

安装三节点OpenStack Queens集群–第7部分

Sidebar