Shulou(Shulou.com)06/02 Report--

Foreword:

The whole OpenStack is composed of four parts: control node, computing node, network node and storage node. This blog will explain in detail the deployment process of neutron components of network nodes, which is divided into two parts: control nodes and computing nodes need to be set up.

Network node architecture

Network nodes contain only Neutron services

Neutron: responsible for managing the communication between private and public network segments, managing the communication / topology between virtual machine networks, managing fire prevention on virtual machines, etc.

The network node contains three network ports

Eth0: used to communicate with control nodes

Eth2: for communication with compute / storage nodes other than control nodes

Eth3: for communication between external virtual machines and the corresponding network

Experimental environment:

Host system IP address corner color controllerCentOS7192.168.37.128keystone, nova, glance, neutron, ntp, mariadb, rabbitmq, memcached, etcd, apache, computeCentOS7192.168.37.130nova, neutron, ntpcinderCentOS7192.168.37.131cinder, ntp experimental process:

+ + controller node neutron network configuration + +

1. Create nuetron database and authorization

Mysql-u root-p

Create database neutron

Grant all privileges on neutron.* to 'neutron'@'localhost' identified by' 123456'

Grant all privileges on neutron.* TO 'neutron'@'%'identified by' 123456'

2. Create a user neutron

Source ~ / admin-openrc

Openstack user create-domain default-password-prompt neutron

3. Add neutron users to glance users and projects

Openstack role add-project service-user neutron admin

4. Create a neutron service

Openstack service create-name neutron-description "OpenStack Networking" network

5. Create a network service API endpoint

Openstack endpoint create-- region RegionOne network public http://controller:9696

Openstack endpoint create-- region RegionOne network internal http://controller:9696

Openstack endpoint create-- region RegionOne network admin http://controller:9696

6. Yum install neutron software package

Yum install-y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

7. Modify the configuration file

Vim / etc/neutron/neutron.conf

[database]

/ / 729

Connection = mysql+pymysql://neutron:123456@controller/neutron

[DEFAULT]

/ / 27

Auth_strategy = keystone

/ / 30

Core_plugin = ml2 # plug-in ml2

/ / 33 not writing means disabling other plug-ins

Service_plugins =

/ / 570

Transport_url = rabbit://openstack:123456@controller

/ / 98

Notify_nova_on_port_status_changes = true # nova Port status advertisement

/ / 102

Notify_nova_on_port_data_changes = true # Port data advertisement

[keystone_authtoken] # token registration information

/ / 847

Auth_uri = http://controller:5000

Auth_url = http://controller:35357

/ / 898

Memcached_servers = controller:11211

/ / 1005

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = neutron

Password = 123456

[nova]

/ / 1085

Auth_url = http://controller:35357

/ / 1089

Auth_type = password

/ / 1127

Project_domain_name = default

/ / 1156

User_domain_name = default

/ / 1069

Region_name = RegionOne

/ / 1135

Project_name = service

/ / 1163

Username = nova

/ / 1121

Password = 123456

[oslo_concurrency]

/ / 1179

Lock_path = / var/lib/neutron/tmp

8. Configure the network layer 2 plug-in

Vim / etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]

/ / 136

Type_drivers = flat,vlan # flat- bridging vlan- LAN

/ / 141 set null to disable the local network

Tenant_network_types =

/ / 145

Mechanism_drivers = linuxbridge

/ / 150

Extension_drivers = port_security

[ml2_type_flat]

/ / 186

Flat_networks = provider # bridging network type

[securitygroup]

/ / 263

Enable_ipset = true # Security Group

9. Configure the Linux bridge

Vim / etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

/ / 157

Physical_interface_mappings = provider:ens33

[vxlan]

/ / 208

Enable_vxlan = false

[securitygroup]

/ / 193

Enable_security_group = true # Open the security group

/ / 188

Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

10. Configure DHCP

Vim / etc/neutron/dhcp_agent.ini

/ / 16

Interface_driver = linuxbridge # interface type

/ / 28

Dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

/ / 37

Enable_isolated_metadata = true

11. Configure metadata

Vim / etc/neutron/metadata_agent.ini

[DEFAULT]

/ / 22

Nova_metadata_host = controller

/ / 34

Metadata_proxy_shared_secret = 123456

12. Configure computing services to use network services

Vim / etc/nova/nova.conf # configure access parameters in the ``[neutron]`` section

[neutron]

/ / 7613

Url = http://controller:9696

/ / 7689

Auth_url = http://controller:35357

/ / 7683

Auth_type = password

/ / 7710

Project_domain_name = default

/ / 7763

User_domain_name = default

/ / 7757

Region_name = RegionOne

/ / 7704

Project_name = service

/ / 7730

Username = neutron

/ / 7739

Password = 123456

/ / 7652

Service_metadata_proxy = true # metadata proxy enabled

/ / 7584

Metadata_proxy_shared_secret = 123456 # authentication key of the agent

13. Establish a service soft connection

Ln-s / etc/neutron/plugins/ml2/ml2_conf.ini / etc/neutron/plugin.ini

14. Synchronize database

Su-s / bin/sh-c "neutron-db-manage-- config-file / etc/neutron/neutron.conf-- config-file / etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

15. Restart the compute API service and start the related services

Systemctl restart openstack-nova-api.service

Systemctl enable neutron-server.service

Systemctl enable neutron-linuxbridge-agent.service

Systemctl enable neutron-dhcp-agent.service

Systemctl enable neutron-metadata-agent.service

Systemctl restart neutron-server.service

Systemctl restart neutron-linuxbridge-agent.service

Systemctl restart neutron-dhcp-agent.service

Systemctl restart neutron-metadata-agent.service

+ + compute node neutron network configuration + +

1. Install the yum package

Yum install-y openstack-neutron-linuxbridge ebtables ipset

2. Configure common components

Vim / etc/neutron/neutron.conf

[DEFAULT]

/ / 27

Auth_strategy = keystone

/ / 570

Transport_url = rabbit://openstack:123456@controller

[keystone_authtoken]

/ / 847

Auth_uri = http://controller:5000

Auth_url = http://controller:35357

/ / 898

Memcached_servers = controller:11211

/ / 1005

Auth_type = password

Project_domain_name = default

User_domain_name = default

Project_name = service

Username = neutron

Password = 123456

[oslo_concurrency]

/ / 1180

Lock_path = / var/lib/neutron/tmp

3. Configure the Linux bridge

Vim / etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

/ / 157

Physical_interface_mappings = provider:ens33

[vxlan]

/ / 208

Enable_vxlan = false

[securitygroup]

/ / 193

Enable_security_group = true

/ / 188

Firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

4. Configure compute node network service

Vim / etc/nova/nova.conf

[neutron]

/ / 7534

Url = http://controller:9696

/ / 7610

Auth_url = http://controller:35357

/ / 7604

Auth_type = password

/ / 7631

Project_domain_name = default

/ / 7657

User_domain_name = default

/ / 7678

Region_name = RegionOne

/ / 7625

Project_name = service

/ / 7651

Username = neutron

/ / 7660

Password = 123456

5. Start related services

Systemctl restart openstack-nova-compute.service

Systemctl enable neutron-linuxbridge-agent.service

Systemctl start neutron-linuxbridge-agent.service

So far, the neutron component has been installed, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.