zoukankan      html  css  js  c++  java

  • openstack部署之neutron

    简介

       本次部署neutron组件,neutron组件主要管理openstack网络。分别部署neutron和controller neutron节点,与上一篇博客部署nova类似,controller和compute节点同样分别部署到两台设备上。

    部署controller neutron

    创建数据库

      与其他组件一样,首先需要创建neutron需要的数据库,操作如下:

    $ mysql -u root -p

      创建neutron数据库

    MariaDB [(none)] CREATE DATABASE neutron;

      授权数据库

    MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' 
  IDENTIFIED BY 'neutron';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' 
  IDENTIFIED BY 'neutron';

    组件部署

      设置环境变量

    [root@localhost ~]# source admin-openstack.sh
    • 创建neutron user
    $ openstack user create --domain default --password-prompt neutron

User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | fdb0f541e28141719b6a43c8944bf1fb |
| name                | neutron                          |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
    • 为neutron用户设置admin角色和项目
    $ openstack role add --project service --user neutron admin
    • 注册服务
    $ openstack service create --name neutron --description "OpenStack Networking" network

+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | f71529314dab4a4d8eca427e701d209e |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+
    • 注册endpoints
    $ openstack endpoint create --region RegionOne network public http://192.168.46.130:9696

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 85d80a6d02fc4b7683f611d7fc1493a3 |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.46.130:9696       |
+--------------+----------------------------------+

$ openstack endpoint create --region RegionOne network internal http://192.168.46.130:9696

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 09753b537ac74422a68d2d791cf3714f |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.46.130:9696       |
+--------------+----------------------------------+

$ openstack endpoint create --region RegionOne network admin http://192.168.46.130:9696

+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 1ee14289c9374dffb5db92a5c112fc4e |
| interface    | admin                            |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://192.168.46.130:9696       |
+--------------+----------------------------------+

    配置Provider networks

      安装包

    # yum install openstack-neutron openstack-neutron-ml2 
  openstack-neutron-linuxbridge ebtables

    修改配置文件

      编辑/etc/neutron/neutron.conf文件

    • 配置database
    [database]
# ...
connection = mysql+pymysql://neutron:neutron@192.168.46.130/neutron
    • ml2配置
    [DEFAULT]
# ...
core_plugin = ml2
service_plugins =
    • 配置RabbitMQ
    [DEFAULT]
# ...
transport_url = rabbit://openstack:openstack@192.168.46.130
    • 配置keystone
    [DEFAULT]
# ...
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://192.168.46.130:5000
auth_url = http://192.168.46.130:35357
memcached_servers = 192.168.46.130:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
    • 配置网络以通知计算网络拓扑的变化
    [DEFAULT]
# ...
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true

[nova]
auth_url = http://192.168.46.130:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
    • 配置锁文件路径
    [oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp

    配置ML2插件

      编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件

    • 开启VALN和flat
    [ml2]
# ...
type_drivers = local,flat,vlan,gre,vxlan,geneve   //配置文件里已有,直接打开注释
    • 关闭self-service networks
    [ml2]
# ...
tenant_network_types =
    • 开启linux bridge mechanism
    [ml2]
# ...
mechanism_drivers = linuxbridge
    • 启用端口安全扩展驱动程序
    [ml2]
# ...
extension_drivers = port_security
    • 配置provider虚拟网络
    [ml2_type_flat]
# ...
flat_networks = provider
    • 开启安全组规则
    [securitygroup]
# ...
enable_ipset = true

    配置Linux bridge agent

      编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件

    • 配置物理网卡映射
    [linux_bridge]
physical_interface_mappings = provider:ens33   //根据自己的网卡名称填写
    • 关闭vxlan
    [vxlan]
enable_vxlan = false
    • 开启安全组和配置防火墙驱动
    [securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

    配置DHCP agent

      编辑/etc/neutron/dhcp_agent.ini文件

    • 修改如下配置
    [DEFAULT]
# ...
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

    配置metadata agent

      编辑/etc/neutron/metadata_agent.ini

    • 配置共享密钥
    [DEFAULT]
# ...
nova_metadata_host = 192.168.46.130
metadata_proxy_shared_secret = openstack

    配置计算服务

    • 在nova中增加neutron配置
    [neutron]
url = http://192.168.46.130:9696
auth_url = http://192.168.46.130:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = openstack

    最后的配置

    • 创建软连接,网络服务默认使用此软连接查找插件
    # ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    • 同步数据库
    # su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf 
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
    • 重启nova-api服务
    # systemctl restart openstack-nova-api.service
    • 设置服务自启动
    # systemctl enable neutron-server.service 
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
  neutron-metadata-agent.service
# systemctl start neutron-server.service 
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
  neutron-metadata-agent.service

    部署neutron compute node

      安装包

    # yum install openstack-neutron-linuxbridge ebtables ipset

      编辑配置文件 /etc/neutron/neutron.conf

      因为compute node不直接连接database,所以在此不用设置database,这是与controller node的差异

    •  配置RabbitMQ
    [DEFAULT]
# ...
transport_url = rabbit://openstack:openstack@192.168.46.130
    • 配置keystone
    [DEFAULT]
# ...
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://192.168.46.130:5000
auth_url = http://192.168.46.130:35357
memcached_servers = 192.168.46.130:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
    •  配置锁文件路径
    [oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp

    配置Provider networks

    配置Linux bridge agent

      编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件

    • 物理网卡映射
    [linux_bridge]
physical_interface_mappings = provider:ens33
    • 开启vxlan
    [vxlan]
enable_vxlan = false
    • 开启安全组
    [securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

    配置计算服务

    • 在nova中增加neutron配置
    [neutron]
url = http://192.168.46.130:9696
auth_url = http://192.168.46.130:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron

     最后的配置

    •  重启nova-compute服务
    # systemctl restart openstack-nova-compute.service
    •  启动linux bridge agent和配置自动启动
    # systemctl enable neutron-linuxbridge-agent.service
# systemctl start neutron-linuxbridge-agent.service  

    验证服务

      以上配置都完成后,在controller查看服务状态,可以看到有一个Host为node2,这个就是刚才配置的neutron compute node,所有服务状态都应该为UP

    [root@localhost ~]# openstack network agent list
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host                  | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+
| 2045a739-8a8d-4ad8-8208-cc14142dbb7f | DHCP agent         | localhost.localdomain | nova              | :-)   | UP    | neutron-dhcp-agent        |
| 3a4ac60e-4998-4448-9832-9a90f0011201 | Linux bridge agent | node2                 | None              | :-)   | UP    | neutron-linuxbridge-agent |
| 810203db-2365-4440-952d-bea1365ed17e | Linux bridge agent | localhost.localdomain | None              | :-)   | UP    | neutron-linuxbridge-agent |
| 9b39f669-dde2-4028-b9c4-5f665a31ceac | Metadata agent     | localhost.localdomain | None              | :-)   | UP    | neutron-metadata-agent    |
+--------------------------------------+--------------------+-----------------------+-------------------+-------+-------+---------------------------+

    问题总结

    1、在所有配置完成后一直不出现neutron compute node,并且查看所有日志都没有报错,经过检查发现,我的controller主机和compute主机使用的hostname都是localhost.localdomain,两台主机的hostname不能一样,虽然以上的所有配置里都是使用的两台设备的IP地址,但是主机名称可能服务底层也使用到了,以下操作修改compute node的设备hostname为node2

    • 修改/etc/hosts文件
    127.0.0.1  node2
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
192.168.46.130 localhost.localdomain   #配置通过hostname连接192.168.46.130,同样192.168.46.130设备上也该配置
  • 相关阅读:
    face-morpher过程函数分析
    python,在路径中引用变量的方法
    【django学习】request.POST与request.POST.get两者主要区别
    微信小程序wx.uploadFile的两个坑
    python PIL/cv2/base64相互转换
    OpenCV-Python cv2.imdecode()和cv2.imencode() 图片解码和编码
    cv2.imread()
    详解Ubuntu Server下启动/停止/重启MySQL数据库的三种方式(ubuntu 16.04)
    python使用post请求发送图片并接受图片
    前端 img标签显示 base64格式的 图片
  • 原文地址:https://www.cnblogs.com/baihl/p/10852815.html
Copyright © 2011-2022 走看看