OpenStack Ocata 安装（五）安装网络（Neutron）服务

17、安装网络（Neutron）服务

OpenStackNetworking（Neutron）允许您创建和附加由其他OpenStack服务到网络。插件可以实现，以适应不同的网络设备和软件，为OpenStack架构和部署提供灵活性。

 

Neutron下的子类组件：

neutron-server ：将API请求接受并路由到相应的OpenStack Networking插件以进行操作。

OpenStack Networking plug-ins and agents：插拔端口，创建网络或子网，并提供IP寻址。这些插件和代理因使用的供应商和技术而异特定的云。

Messaging queue ：大多数OpenStack网络安装用于在信息之间路由信息neutron-server和各种代理商。还充当数据库来存储特定插件的网络状态

加入OpenStack Networking主要与OpenStack Compute进行交互，为其提供网络和连接

实例。

本次实验使用的网络架构（请忽略图中IP地址）：

创建该服务的数据库和数据库管理账户

controller#

mysql -u root -p123

 

CREATE DATABASE neutron;

 

GRANT ALL PRIVILEGES ON neutron.* TO'neutron'@'localhost' \

IDENTIFIED BY 'neutron';

GRANT ALL PRIVILEGES ON neutron.* TO'neutron'@'%' \

IDENTIFIED BY 'neutron';

exit

 

创建nova用户、服务、API

controller#

openstack user create --domain default--password-prompt neutron

#此处需要输入密码

 

openstack role add --project service --userneutron admin

 

openstack service create --name neutron \

--description "OpenStackNetworking" network

 

openstack endpoint create --regionRegionOne \

network public http://controller:9696

 

openstack endpoint create --regionRegionOne \

network internal http://controller:9696

 

openstack endpoint create --regionRegionOne \

network admin http://controller:9696

 

 

配置neutron各个组件的配置文件（备份配置文件，删除配置文件里的所有数据，使用提供的配置）：

controller#

cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak

 

vi /etc/neutron/neutron.conf

 

[database]

connection =mysql+pymysql://neutron:neutron@controller/neutron

 

[DEFAULT]

core_plugin = ml2

service_plugins =

transport_url =rabbit://openstack:openstack@controller

auth_strategy = keystone

notify_nova_on_port_status_changes = true

notify_nova_on_port_data_changes = true

 

 

[keystone_authtoken]

auth_uri = http://controller:5000

auth_url = http://controller:35357

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = neutron

 

[nova]

auth_url = http://controller:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = nova

password = nova

 

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

 

 

 

cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak

 

vi /etc/neutron/plugins/ml2/ml2_conf.ini

 

[linux_bridge]

physical_interface_mappings =provider:ens33

 

[vxlan]

enable_vxlan = false

 

[securitygroup]

enable_security_group = true

firewall_driver =neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

 

 

 

cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak

 

vi/etc/neutron/dhcp_agent.ini

 

[DEFAULT]

interface_driver = linuxbridge

dhcp_driver =neutron.agent.linux.dhcp.Dnsmasq

enable_isolated_metadata = true

 

cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak

 

vi /etc/neutron/metadata_agent.ini

 

[DEFAULT]

nova_metadata_ip = controller

metadata_proxy_shared_secret = meta

 

 

修改nova配置（加上neutron的配置信息）：

controller#

vi /etc/nova/nova.conf

[neutron]

url = http://controller:9696

auth_url = http://controller:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

username = neutron

password = neutron

service_metadata_proxy = true

metadata_proxy_shared_secret = meta

 

 

网络服务初始化脚本期望指向/etc/neutron/plugin.ini的符号链接，指向ML2插件配置文件

controller#

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini/etc/neutron/plugin.ini

 

同步数据库

controller#

su -s /bin/sh -c "neutron-db-manage--config-file /etc/neutron/neutron.conf \

--config-file/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

 

 

开机自启动和启动服务

controller#

systemctl enable neutron-server.service \

neutron-linuxbridge-agent.serviceneutron-dhcp-agent.service \

neutron-metadata-agent.service

 

systemctl start neutron-server.service \

neutron-linuxbridge-agent.serviceneutron-dhcp-agent.service \

neutron-metadata-agent.service openstack-nova-api.service

 

 

18、安装计算节点上的网络服务

 

配置neutron各个组件的配置文件（备份配置文件，删除配置文件里的所有数据，使用提供的配置）：

compute#

cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak

 

vi /etc/neutron/neutron.conf

 

[DEFAULT]

transport_url =rabbit://openstack:openstack@controller

auth_strategy = keystone

 

[keystone_authtoken]

auth_uri = http://controller:5000

auth_url = http://controller:35357

memcached_servers = controller:11211

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = neutron

 

[oslo_concurrency]

lock_path = /var/lib/neutron/tmp

 

 

cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak

#绑定提供物理网络的设备

vi /etc/neutron/dhcp_agent.ini

[linux_bridge]

physical_interface_mappings = provider:ens33

 

[vxlan]

enable_vxlan = false

 

[securitygroup]

enable_security_group = true

firewall_driver =neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

 

 

修改nova配置（加上neutron的配置信息）：

compute#

vi /etc/nova/nova.conf

 

[neutron]

url = http://controller:9696

auth_url = http://controller:35357

auth_type = password

project_domain_name = default

user_domain_name = default

region_name = RegionOne

project_name = service

Networking service 63

Install Guide (Release Version: 15.0.0)

username = neutron

password = neutron

 

 

开机自启动和启动服务

compute#

systemctl enableneutron-linuxbridge-agent.service

 

systemctl restartneutron-linuxbridge-agent.service openstack-nova-compute.service

 

在控制节点上列出加载的扩展，以验证中子服务器进程的成功启动

controller#

openstack extension list --network

 

控制节点上查看网络详情

controller#

openstack network agent list

如图所示则成功，如有问题自行排错。