本文主要是介绍OpenStack Victoria版——7.2计算节点-Neutron网络服务组件,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
7.2计算节点-Neutron网络服务组件
更多步骤:OpenStack Victoria版安装部署系列教程
OpenStack部署系列文章
OpenStack Victoria版 安装部署系列教程
OpenStack Ussuri版 离线安装部署系列教程(全)
OpenStack Train版 离线安装部署系列教程(全)
文章目录
- 一、安装相关软件
- 二、配置公共组件
- 三、配置网络选项
- 1.配置网络选项一:Provider networks
- (1)配置Linux网桥代理
- 2.配置网络选项二:Self-service networks
- 四、计算节点:为Nova配置网络服务
- 五、计算节点:Neutron安装确认
- 0.(可选)添加sudoer权限
- 1.重新启动计算服务
- 2.启动Linux网桥代理,并配置开机自启
- 六、安装完成
一、安装相关软件
yum install -y openstack-neutron-linuxbridge ebtables ipset openstack-neutron openstack-neutron-ml2
二、配置公共组件
公有网络和私有网络配置任意选择一种即可,但要与控制节点保持一致,这里仍然是两种网络都配置。
网络公共组件配置包括身份验证机制,消息队列和插件。
/etc/neutron/neutron.conf
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
egrep -v "^$|^#" /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
crudini --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:111111@controller/neutron
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:111111@controller
crudini --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password 111111
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmpecho "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/neutron.conf
三、配置网络选项
选择与控制器节点选择的相同网络选项,在该节点配置相应的网络选项。
1.配置网络选项一:Provider networks
(1)配置Linux网桥代理
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
Linux网桥代理为实例构建第2层(桥接和交换)虚拟网络基础结构并处理安全组。
cd
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
egrep -v "^$|^#" /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens34
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriverecho "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
注:第一个选项physical_interface_mappings选项要配置计算节点自身的网卡名称provider:ens34
加载br_netfilter内核模块。要启用网络桥接器支持,通常br_netfilter内核模块需要加载。配置参考链接
echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf
cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
2.配置网络选项二:Self-service networks
/etc/neutron/plugins/ml2/linuxbridge_agent.ini
Linux网桥代理为实例构建第2层(桥接和交换)虚拟网络基础结构并处理安全组。
cd
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bakegrep -v "^$|^#" /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini
- 计算节点1
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens34
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.0.0.31
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
此处注意egrep可能会影响配置出错。
- 计算节点2
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens34
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.0.0.32
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
此处注意egrep可能会影响配置出错。
计算节点都执行下面命令,加载br_netfilter内核模块。要启用网络桥接器支持,通常br_netfilter内核模块需要加载。
modprobe br_netfilter
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
四、计算节点:为Nova配置网络服务
编辑vim /etc/nova/nova.conf文件,在该[neutron]部分中,配置访问参数
crudini --set /etc/nova/nova.conf neutron auth_url http://controller:5000
crudini --set /etc/nova/nova.conf neutron url http://controller:9696
crudini --set /etc/nova/nova.conf neutron auth_type password
crudini --set /etc/nova/nova.conf neutron project_domain_name default
crudini --set /etc/nova/nova.conf neutron user_domain_name default
crudini --set /etc/nova/nova.conf neutron region_name RegionOne
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password 111111
egrep -v '(^$|^#)' /etc/nova/nova.conf
五、计算节点:Neutron安装确认
0.(可选)添加sudoer权限
修改vim /etc/neutron/neutron.conf文件,修改以下内容
[privsep]
user = neutron
helper_command = sudo privsep-helper
修改vim /etc/sudoers.d/neutron文件,添加以下内容后强制保存退出wq!。
neutron ALL = (root) NOPASSWD: ALL
1.重新启动计算服务
systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service
2.启动Linux网桥代理,并配置开机自启
systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service
q
systemctl restart neutron-linuxbridge-agent.service
systemctl enable neutron-linuxbridge-agent.service
systemctl list-unit-files |grep neutron* |grep enabled
systemctl status neutron-linuxbridge-agent.service
q
六、安装完成
至此,计算节点的网络配置完成,转回到控制节点进行验证操作,进行整个Neutron网络服务的最终验证。
这篇关于OpenStack Victoria版——7.2计算节点-Neutron网络服务组件的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
