在 controller节点、network节点、compute节点部署
安装neutron-server
root@controller:~# apt-get install neutron-server neutron-plugin-ml2 python-neutronclient
配置neutron-server
/etc/neutron/neutron.conf:
[DEFAULT] router_distributed = False rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True nova_url = http://controller:8774/v2 [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = neutron [database] connection = mysql://neutron:neutron@controller/neutron [nova] auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default region_name = RegionOne project_name = service username = nova password = nova [oslo_messaging_rabbit] rabbit_host = controller rabbit_userid = openstack rabbit_password = openstack
/etc/neutron/plugins/ml2/ml2_conf.ini:
[ml2] type_drivers = flat,vlan,gre,vxlan tenant_network_types = flat mechanism_drivers = linuxbridge [ml2_type_flat] flat_networks = external [securitygroup] enable_security_group = True enable_ipset = True [linux_bridge] physical_interface_mappings = external:eth1
nova需要添加配置,/etc/nova/nova.conf:
#添加配置 [DEFAULT] security_group_api = neutron linuxnet_interface_driver = nova.network.linux_net.NeutronLinuxBridgeInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron] url = http://controller:9696 auth_strategy = keystone admin_auth_url = http://controller:35357/v2.0 admin_tenant_name = service admin_username = neutron admin_password = neutron
初始化数据库:
root@controller:~# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
重启服务:
root@controller:~# service nova-api restart root@controller:~# service neutron-server restart
安装neutron-network
network节点环境配置:
root@network:~# vi /etc/sysctl.conf net.ipv4.ip_forward=1 net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 #如果有报错 root@network:~# vi /etc/modules br_netfilter #添加 root@network:~# modprobe br_netfilter root@network:~# sysctl -p
安装neutron
root@controller:~# apt-get install neutron-plugin-ml2 neutron-plugin-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent -y
配置neutron-network
/etc/neutron/neutron.conf:
#在 [database] 部分,注释掉connection选项,网络不直接访问数据库 [DEFAULT] router_distributed = False rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router allow_overlapping_ips = True [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = neutron [oslo_messaging_rabbit] rabbit_host = controller rabbit_password = openstack rabbit_userid = openstack
/etc/neutron/plugins/ml2/ml2_conf.ini:
[ml2] type_drivers = flat,vlan,gre,vxlan tenant_network_types = flat mechanism_drivers = linuxbridge [ml2_type_flat] flat_networks = external [securitygroup] enable_security_group = True enable_ipset = True [linux_bridge] physical_interface_mappings = external:eth1
/etc/neutron/dhcp_agent.ini:
[DEFAULT] interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq use_namespaces = True dhcp_delete_namespaces = True debug = True dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf enable_isolated_metadata = True enable_metadata_network = True
/etc/neutron/metadata_agent.ini:
[DEFAULT] auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_region = RegionOne auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = neutron nova_metadata_ip = controller metadata_proxy_shared_secret = METADATA_SECRET
controller节点的/etc/nova/nova.conf追加配置,并重启nova-api服务:
[neutron] service_metadata_proxy = True metadata_proxy_shared_secret = METADATA_SECRET
重启network节点相关服务:
root@network:~# /etc/init.d/neutron-neutron-dhcp-agent restart root@network:~# /etc/init.d/neutron-metadata-agent restart root@network:~# /etc/init.d/neutron-plugin-linuxbridge-agent restart
安装neutron-compute
compute节点环境配置:
root@compute1:~# vi /etc/sysctl.conf net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 net.bridge.bridge-nf-call-iptables=1 net.bridge.bridge-nf-call-ip6tables=1 #如果有报错 root@compute1:~# vi /etc/modules br_netfilter #添加 root@compute1:~# modprobe br_netfilter root@compute1:~# sysctl -p
安装neutron:
root@compute1:~# apt-get install neutron-plugin-ml2 neutron-plugin-linuxbridge-agent
配置neutron-compute
/etc/neutron/neutron.conf:
[DEFAULT] rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router allow_overlapping_ips = True core_plugin = ml2 [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = neutron [oslo_messaging_rabbit] rabbit_host = controller rabbit_userid = openstack rabbit_password = openstack
/etc/neutron/plugins/ml2/ml2_conf.ini:
[ml2] type_drivers = flat,vlan,gre,vxlan tenant_network_types = flat mechanism_drivers = linuxbridge [ml2_type_flat] flat_networks = external [securitygroup] enable_security_group = True enable_ipset = True [linux_bridge] physical_interface_mappings = external:eth1
重启服务:
root@compute1:~# service nova-compute restart root@compute1:~# /etc/init.d/neutron-plugin-linuxbridge-agent restart
验证
在controller节点验证:
root@controller:~# neutron agent-list +--------------------------------------+--------------------+----------+-------+----------------+---------------------------+ | id | agent_type | host | alive | admin_state_up | binary | +--------------------------------------+--------------------+----------+-------+----------------+---------------------------+ | 2127166d-8618-42ee-9735-0e62a9f43b21 | Linux bridge agent | network | :-) | True | neutron-linuxbridge-agent | | 28fd5729-3c7b-4674-9f99-9c679ad94a83 | Linux bridge agent | compute1 | :-) | True | neutron-linuxbridge-agent | | a38e7e96-787c-49b5-a4e2-28c84051d084 | Metadata agent | network | :-) | True | neutron-metadata-agent | | b24fbd40-66d4-4266-af26-5a969ec40068 | DHCP agent | network | :-) | True | neutron-dhcp-agent | +--------------------------------------+--------------------+----------+-------+----------------+---------------------------+