愿天下再无BUG 2020-01-19
1.创建neutron数据库
[ ~]# mysql -u root -p Enter password: Welcome to the MariaDB monitor. Commands end with ; or \g. Your MariaDB connection id is 918 Server version: 10.3.10-MariaDB MariaDB Server Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others. Type ‘help;‘ or ‘\h‘ for help. Type ‘\c‘ to clear the current input statement. MariaDB [(none)]> CREATE DATABASE neutron; Query OK, 1 row affected (0.000 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘localhost‘ IDENTIFIED BY ‘neutron‘; Query OK, 0 rows affected (0.002 sec) MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘%‘ IDENTIFIED BY ‘neutron‘; Query OK, 0 rows affected (0.001 sec) MariaDB [(none)]> flush privileges; Query OK, 0 rows affected (0.002 sec) MariaDB [(none)]> exit Bye
2.创建neutron用户
[ ~]# source admin-openrc [ ~]# openstack user create --domain default --password neutron neutron +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 68d8182c160541ae9fdb56713e9b574a | | name | neutron | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [ ~]# openstack role add --project service --user neutron admin
3.创建neutron服务实体
[ ~]# openstack service create --name neutron --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | a129aee0dabb4009aa33ea363018e0e2 | | name | neutron | | type | network | +-------------+----------------------------------+
4.创建neutron服务端点
[ ~]# openstack endpoint create --region RegionOne network public http://172.17.0.211:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | f90f3d3fd7df4233a86d642e8bda23be | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | a129aee0dabb4009aa33ea363018e0e2 | | service_name | neutron | | service_type | network | | url | http://172.17.0.211:9696 | +--------------+----------------------------------+ [ ~]# openstack endpoint create --region RegionOne network internal http://172.17.0.211:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 00cd9d0ef7114972b711bd6d38ddbf13 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | a129aee0dabb4009aa33ea363018e0e2 | | service_name | neutron | | service_type | network | | url | http://172.17.0.211:9696 | +--------------+----------------------------------+ [ ~]# openstack endpoint create --region RegionOne network admin http://172.17.0.211:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 19888270439349d1827721e766039d4d | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | a129aee0dabb4009aa33ea363018e0e2 | | service_name | neutron | | service_type | network | | url | http://172.17.0.211:9696 | +--------------+----------------------------------+ [ ~]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+ | 00cd9d0ef7114972b711bd6d38ddbf13 | RegionOne | neutron | network | True | internal | http://172.17.0.211:9696 | | 01cffb061b504a858a981b42a84bccda | RegionOne | keystone | identity | True | internal | http://172.17.0.211:5000/v3/ | | 0c9bc9e7e3894552ac01974cee3987a8 | RegionOne | nova | compute | True | public | http://172.17.0.211:8774/v2.1 | | 19888270439349d1827721e766039d4d | RegionOne | neutron | network | True | admin | http://172.17.0.211:9696 | | 1fa58250f60a421ab813e323e23a0bf5 | RegionOne | keystone | identity | True | public | http://172.17.0.211:5000/v3/ | | 302e5d855f1a44b6988ace8ac8a3e3e0 | RegionOne | glance | image | True | public | http://172.17.0.211:9292 | | 49ad4fe4648e4001a2b538d16cd0e921 | RegionOne | nova | compute | True | internal | http://172.17.0.211:8774/v2.1 | | 7d7ef7320561458abbfcc6c3d2f74cf3 | RegionOne | glance | image | True | internal | http://172.17.0.211:9292 | | b9054c39426d465092d417778b8c3892 | RegionOne | placement | placement | True | internal | http://172.17.0.211:8778 | | bf3753d3c53849b4a0c3bef478b04db9 | RegionOne | placement | placement | True | public | http://172.17.0.211:8778 | | c4c5f1c6ab244398af635227872d1de5 | RegionOne | keystone | identity | True | admin | http://172.17.0.211:5000/v3/ | | c7a953f1ec924833b45d96d9a12feb1c | RegionOne | nova | compute | True | admin | http://172.17.0.211:8774/v2.1 | | ea3d9db5442442d49c38ab087e452cdb | RegionOne | glance | image | True | admin | http://172.17.0.211:9292 | | eed020813445489a95620b2095722dab | RegionOne | placement | placement | True | admin | http://172.17.0.211:8778 | | f90f3d3fd7df4233a86d642e8bda23be | RegionOne | neutron | network | True | public | http://172.17.0.211:9696 | +----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------------------+
5.安装neutron相关软件包
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
6.修改配置文件
6.1.修改neutron.conf配置文件
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:/neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack: openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://172.17.0.211:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://172.17.0.211:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers 172.17.0.211:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron openstack-config --set /etc/neutron/neutron.conf nova auth_url http://172.17.0.211:5000 openstack-config --set /etc/neutron/neutron.conf nova auth_type password openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne openstack-config --set /etc/neutron/neutron.conf nova project_name service openstack-config --set /etc/neutron/neutron.conf nova username nova openstack-config --set /etc/neutron/neutron.conf nova password nova openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp grep ‘^[a-z]‘ /etc/neutron/neutron.conf
6.2.修改ml2_conf.ini配置文件
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true grep ‘^[a-z]‘ /etc/neutron/plugins/ml2/ml2_conf.ini
6.3.修改linuxbridge_agent.ini配置文件
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens192 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver grep ‘^[a-z]‘ /etc/neutron/plugins/ml2/linuxbridge_agent.ini
6.4.修改系统配置文件sysctl.conf
vi /etc/sysctl.conf ------------------------------------------------------ #最下面添加两行 net.bridge.bridge-nf-call-iptables = 1 net.bridge.bridge-nf-call-ip6tables = 1 ------------------------------------------------------ modprobe br_netfilter sysctl -p
6.5.修改dhcp_agent.ini配置文件
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true grep ‘^[a-z]‘ /etc/neutron/dhcp_agent.ini
6.6.配置元数据代理(为了和neutron进行交互)
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host 172.17.0.211 openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET grep ‘^[a-z]‘ /etc/neutron/metadata_agent.ini
6.7.修改nova配置文件(为了和neutron进行交互)
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak openstack-config --set /etc/nova/nova.conf neutron auth_url http://172.17.0.211:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password neutron openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET grep ‘^[a-z]‘ /etc/nova/nova.conf
7.建立ml2的软链接
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
8.填充neutron数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
9.重启nova-api服务
systemctl restart openstack-nova-api.service
10.启动neutron服务并设置开机启动
systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
11.查看neutron服务状态
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service netstat -tnlup