上一章介绍了独立的nova计算节点的安装方法,本章分享openstack的网络服务neutron的安装配制方法
------------------- 完美的分割线 ---------------------
6.0.Neutron概述
OpenStack Networking(neutron),允许创建、插入接口设备,这些设备由其他的OpenStack服务管理。插件式的实现可以容纳不同的网络设备和软件,为OpenStack架构与部署提供了灵活性。
它包含下列组件:
neutron-server 接收和路由API请求到合适的OpenStack网络插件,以达到预想的目的。 OpenStack网络插件和代理 插拔端口,创建网络和子网,以及提供IP地址,这些插件和代理依赖于供应商和技术而不同,OpenStack网络基于插件和代理为Cisco 虚拟和物理交换机、NEC OpenFlow产品,Open vSwitch,Linux bridging以及VMware NSX 产品穿线搭桥。 常见的代理L3(3层),DHCP(动态主机IP地址),以及插件代理。 消息队列 大多数的OpenStack Networking安装都会用到,用于在neutron-server和各种各样的代理进程间路由信息。也为某些特定的插件扮演数据库的角色,以存储网络状态 OpenStack网络主要和OpenStack计算交互,以提供网络连接到它的实例。
6.1.主机网络配置及测试
# 参考文章:Install and configure controller node
https://docs.openstack.org/neutron/rocky/install/install-rdo.html
1)控制节点配置
vim /etc/hosts ---------------------------------------- 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.81 openstack01.zuiyoujie.com controller 192.168.1.82 openstack02.zuiyoujie.com compute02 block02 object02 ----------------------------------------
2)计算节点配置
vim /etc/hosts ---------------------------------------- 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.81 openstack01.zuiyoujie.com controller 192.168.1.82 openstack02.zuiyoujie.com compute02 block02 object02 ----------------------------------------
3)块存储节点配置
vim /etc/hosts ---------------------------------------- 127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4 ::1 localhost localhost.localdomain localhost6 localhost6.localdomain6 192.168.1.81 openstack01.zuiyoujie.com controller 192.168.1.82 openstack02.zuiyoujie.com compute02 block02 object02 ----------------------------------------
# 以上节点的hosts文件配置相同,其他类型节点也照此配置即可
4)检测各节点到控制节点和公网的联通性
# 控制节点
ping -c 4 www.baidu.com ping -c 4 compute02 ping -c 4 block02
# 计算节点
ping -c 4 www.baidu.com
ping -c 4 controller
# ......
6.2.在keystone数据库中注册neutron相关服务
1)创建neutron数据库,授予合适的访问权限
mysql -p123456 ----------------------------------- CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron'; exit -----------------------------------
2)在keystone上创建neutron用户
cd /server/tools source keystone-admin-pass.sh openstack user create --domain default --password=neutron neutron openstack user list
# 实例演示:
[root@openstack01 tools]# openstack user create --domain default --password=neutron neutron +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | dd35b7396aa94342a01c807aaa707d21 | | name | neutron | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [root@openstack01 tools]# openstack user list +----------------------------------+-----------+ | ID | Name | +----------------------------------+-----------+ | 26f88ba142d04735936d09caa7c76284 | placement | | 82a27e65ca644a5eadcd54ff44e5e05b | glance | | cbb2b3830a8f44bc837230bca27ae563 | myuser | | cc55913a3da44a38939cdc7a2ec764cc | nova | | dd35b7396aa94342a01c807aaa707d21 | neutron | | e5dbfc8b394c41679fd5ce229cdd6ed3 | admin | +----------------------------------+-----------+
# ok
3)将neutron添加到service项目并授予admin角色
# 以下命令无输出
openstack role add --project service --user neutron admin
4)创建neutron服务实体
openstack service create --name neutron --description "OpenStack Networking" network openstack service list
# 实例演示:
[root@openstack01 tools]# openstack service create --name neutron --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | 90b5d791df5e4634848c00ba35390865 | | name | neutron | | type | network | +-------------+----------------------------------+ [root@openstack01 tools]# openstack service list +----------------------------------+-----------+-----------+ | ID | Name | Type | +----------------------------------+-----------+-----------+ | 63c882889b204d81a9867f9b7c0ba7aa | keystone | identity | | 6c31f22e259b460fa0168ac206265c30 | glance | image | | 854ca66666c64e2fbeff1e9c5cc1c4df | nova | compute | | 90b5d791df5e4634848c00ba35390865 | neutron | network | | a79d818312b34c4c8879d7dbbd41a78c | placement | placement | +----------------------------------+-----------+-----------+
# ok
5)创建neutron网络服务的API端点(endpoint)
openstack endpoint create --region RegionOne network public http://controller:9696 openstack endpoint create --region RegionOne network internal http://controller:9696 openstack endpoint create --region RegionOne network admin http://controller:9696 openstack endpoint list
# 实例演示:
[root@openstack01 tools]# openstack endpoint create --region RegionOne network public http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | ed17939d7623456bb203bb7197fc16c4 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 90b5d791df5e4634848c00ba35390865 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint create --region RegionOne network internal http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 1cba9e89dc91422390a5b987dbeffdb6 | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 90b5d791df5e4634848c00ba35390865 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint create --region RegionOne network admin http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 2bcda9f77cdb4c06be6f35a3c3312e3d | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 90b5d791df5e4634848c00ba35390865 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [root@openstack01 tools]# openstack endpoint list +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+ | 022711a6476648bda1446ecb7668f315 | RegionOne | placement | placement | True | public | http://controller:8778 | | 1291aa2f71104ce69f9b05905fbc2c8a | RegionOne | placement | placement | True | admin | http://controller:8778 | | 1cba9e89dc91422390a5b987dbeffdb6 | RegionOne | neutron | network | True | internal | http://controller:9696 | | 2bcda9f77cdb4c06be6f35a3c3312e3d | RegionOne | neutron | network | True | admin | http://controller:9696 | | 3f293d128470468683d5f82a66301232 | RegionOne | placement | placement | True | internal | http://controller:8778 | | 43960ef2a79a45d49bfd22a2dbf4c2ce | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 | | 7129fffdb2614227aca641b10635efdf | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 | | 7226f8f9c7164214b815821b77ae3ce6 | RegionOne | glance | image | True | admin | http://controller:9292 | | 756084d018c948039d2ae55b13fc7d4a | RegionOne | glance | image | True | internal | http://controller:9292 | | 7f0461c745b340ef83372059782d22ee | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 | | b8dabe6c548e435eb2b1f7efe3b23236 | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ | | eb72eb6ea51842feb67ba5849beea48c | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ | | ed17939d7623456bb203bb7197fc16c4 | RegionOne | neutron | network | True | public | http://controller:9696 | | f13c44af4e8d45d5b0229ea870f2c24f | RegionOne | glance | image | True | public | http://controller:9292 | | f172f6159ad34fbd8e10e0d42828d8cd | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ | +----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
# ok
6.3.在控制节点安装neutron网络组件
# 关于neutron的网络提供了两种方式:
https://docs.openstack.org/neutron/rocky/install/controller-install-option1-rdo.html
以下为第一种Networking Option 1: Provider networks
1)安装neutron软件包
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
2)快速配置/etc/neutron/neutron.conf
openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:neutron@controller/neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2 openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True openstack-config --set /etc/neutron/neutron.conf nova auth_url http://controller:5000 openstack-config --set /etc/neutron/neutron.conf nova auth_type password openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default openstack-config --set /etc/neutron/neutron.conf nova region_name RegionOne openstack-config --set /etc/neutron/neutron.conf nova project_name service openstack-config --set /etc/neutron/neutron.conf nova username nova openstack-config --set /etc/neutron/neutron.conf nova password nova openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/neutron.conf ----------------------------------- [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/neutron/neutron.conf [DEFAULT] core_plugin = ml2 service_plugins = transport_url = rabbit://openstack:openstack@controller auth_strategy = keystone notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True [agent] [cors] [database] connection = mysql+pymysql://neutron:neutron@controller/neutron [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron [matchmaker_redis] [nova] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = nova [oslo_concurrency] lock_path = /var/lib/neutron/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [quotas] [ssl] ----------------------------------
3)快速配置/etc/neutron/plugins/ml2/ml2_conf.ini
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/ml2_conf.ini -------------------------------------------- [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/ml2_conf.ini [DEFAULT] [l2pop] [ml2] type_drivers = flat,vlan tenant_network_types = mechanism_drivers = linuxbridge extension_drivers = port_security [ml2_type_flat] flat_networks = provider [ml2_type_geneve] [ml2_type_gre] [ml2_type_vlan] [ml2_type_vxlan] [securitygroup] enable_ipset = True --------------------------------------------
4)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eno16777736 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan False openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini -------------------------------------------- [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini [DEFAULT] [agent] [linux_bridge] physical_interface_mappings = provider:eno16777736 [network_log] [securitygroup] enable_security_group = True firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver [vxlan] enable_vxlan = False --------------------------------------------
# 以下参数在启动neutron-linuxbridge-agent.service的时候会自动设置为1
sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
5)快速配置/etc/neutron/dhcp_agent.ini
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini ---------------------------------------- [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini [DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = True [agent] [ovs] ----------------------------------------
# 至此,方式1的配置文件修改完毕
6)快速配置/etc/neutron/metadata_agent.ini
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host controller
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret neutron
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini --------------------------------- [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini [DEFAULT] nova_metadata_host = controller metadata_proxy_shared_secret = neutron [agent] [cache] ---------------------------------
# metadata_proxy_shared_secret选项是元数据代理,需要设置一个合适的密码这里设置为neutron
7)配置计算服务使用网络服务
# 快速配置/etc/nova/nova.conf,将neutron添加到计算节点中
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696 openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password neutron openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret neutron
# 查看生效的配置
egrep -v '(^$|^#)' /etc/nova/nova.conf ------------------------------------ [root@openstack01 tools]# egrep -v '(^$|^#)' /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata my_ip = 192.168.1.81 use_neutron = true firewall_driver = nova.virt.firewall.NoopFirewallDriver transport_url = rabbit://openstack:openstack@controller [api] auth_strategy = keystone [api_database] connection = mysql+pymysql://nova:nova@controller/nova_api [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [database] connection = mysql+pymysql://nova:nova@controller/nova [devices] [ephemeral_storage_encryption] [filter_scheduler] [glance] api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = nova [libvirt] [matchmaker_redis] [metrics] [mks] [neutron] url = http://controller:9696 auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = neutron service_metadata_proxy = true metadata_proxy_shared_secret = neutron [notifications] [osapi_v21] [oslo_concurrency] lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = placement [placement_database] connection = mysql+pymysql://placement:placement@controller/placement [powervm] [profiler] [quota] [rdp] [remote_debug] [scheduler] discover_hosts_in_cells_interval = 300 [serial_console] [service_user] [spice] [upgrade_levels] [vault] [vendordata_dynamic_auth] [vmware] [vnc] enabled = true server_listen = $my_ip server_proxyclient_address = $my_ip [workarounds] [wsgi] [xenserver] [xvp] [zvm] ------------------------------------
8)初始化安装网络插件
# 创建网络插件的链接,初始化网络的脚本插件会用到/etc/neutron/plugin.ini,需要使用ML2的插件进行提供
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
9)同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
# 实例演示:
[root@openstack01 tools]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. 正在对 neutron 运行 upgrade... INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> kilo INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225 INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151 INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773 INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592 INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7 INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79 INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051 INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136 INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59 INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25 INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9 INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4 INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664 INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5 INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821 INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4 INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81 INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6 INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532 INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73 INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502 INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048 INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4 INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99 INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016 INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3 INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297 INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39 INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050 INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9 INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53 INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70 INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90 INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4 INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426 INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524 INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37 INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4 INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70 INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192 INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9 INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6 INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee INFO [alembic.runtime.migration] Running upgrade 594422d373ee -> 61663558142c INFO [alembic.runtime.migration] Running upgrade 61663558142c -> 867d39095bf4, port forwarding INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0 INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62 INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353 INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586 INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d 确定 [root@openstack01 tools]#
# ok
10)重启nova_api服务
systemctl restart openstack-nova-api.service
11)启动neutron服务并设置开机启动
# 需要启动4个服务
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service systemctl list-unit-files |grep neutron* |grep enabled
# 如果是使用的方式2安装的neutron还需要执行以下命令(本教程暂略)
# systemctl enable neutron-l3-agent.service # systemctl start neutron-l3-agent.service
# 实例演示:
[root@openstack01 tools]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service [root@openstack01 tools]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service ● neutron-server.service - OpenStack Neutron Server Loaded: loaded (/usr/lib/systemd/system/neutron-server.service; disabled; vendor preset: disabled) Active: active (running) since 一 2018-10-29 21:37:59 CST; 5s ago Main PID: 2231 (neutron-server) CGroup: /system.slice/neutron-server.service ├─2231 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron... ├─2317 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron... ├─2318 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron... ├─2319 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron... └─2320 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron... 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Neutron Server... 10月 29 21:37:59 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Neutron Server. ● neutron-linuxbridge-agent.service - OpenStack Neutron Linux Bridge Agent Loaded: loaded (/usr/lib/systemd/system/neutron-linuxbridge-agent.service; disabled; vendor preset: disabled) Active: active (running) since 一 2018-10-29 21:36:43 CST; 1min 21s ago Process: 2232 ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh (code=exited, status=0/SUCCESS) Main PID: 2248 (neutron-linuxbr) CGroup: /system.slice/neutron-linuxbridge-agent.service ├─2248 /usr/bin/python2 /usr/bin/neutron-linuxbridge-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neu... ├─2301 sudo neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-f... ├─2304 /usr/bin/python2 /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/ne... └─2309 /usr/bin/python2 /bin/privsep-helper --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml... 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Neutron Linux Bridge Agent... 10月 29 21:36:43 openstack01.zuiyoujie.com neutron-enable-bridge-firewall.sh[2232]: net.bridge.bridge-nf-call-iptables = 1 10月 29 21:36:43 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Neutron Linux Bridge Agent. 10月 29 21:37:31 openstack01.zuiyoujie.com sudo[2301]: neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/neutron-rootwrap /etc/neutron/rootwrap.conf privsep-helper --config-f... ● neutron-dhcp-agent.service - OpenStack Neutron DHCP Agent Loaded: loaded (/usr/lib/systemd/system/neutron-dhcp-agent.service; disabled; vendor preset: disabled) Active: active (running) since 一 2018-10-29 21:36:42 CST; 1min 22s ago Main PID: 2233 (neutron-dhcp-ag) CGroup: /system.slice/neutron-dhcp-agent.service └─2233 /usr/bin/python2 /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dh... 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Neutron DHCP Agent. 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Neutron DHCP Agent... ● neutron-metadata-agent.service - OpenStack Neutron Metadata Agent Loaded: loaded (/usr/lib/systemd/system/neutron-metadata-agent.service; disabled; vendor preset: disabled) Active: active (running) since 一 2018-10-29 21:36:42 CST; 1min 22s ago Main PID: 2234 (neutron-metadat) CGroup: /system.slice/neutron-metadata-agent.service └─2234 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutro... 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Started OpenStack Neutron Metadata Agent. 10月 29 21:36:42 openstack01.zuiyoujie.com systemd[1]: Starting OpenStack Neutron Metadata Agent... Hint: Some lines were ellipsized, use -l to show in full. [root@openstack01 tools]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service. [root@openstack01 tools]# systemctl list-unit-files |grep neutron* |grep enabled neutron-dhcp-agent.service enabled neutron-linuxbridge-agent.service enabled neutron-metadata-agent.service enabled neutron-server.service enabled
# 至此,控制端的neutron网络服务就安装完成,之后需要在计算节点安装网络服务组件,使计算节点可以连接到openstack集群
6.4.在计算节点安装neutron网络组件
# Install and configure compute node
https://docs.openstack.org/neutron/rocky/install/compute-install-rdo.html
1)安装neutron组件
yum install openstack-neutron-linuxbridge ebtables ipset -y
2)快速配置/etc/neutron/neutron.conf
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:openstack@controller openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://controller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:5000 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password neutron openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/neutron.conf ----------------------------------------------- [root@openstack02 ~]# egrep -v '(^$|^#)' /etc/neutron/neutron.conf [DEFAULT] transport_url = rabbit://openstack:openstack@controller auth_strategy = keystone [agent] [cors] [database] [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron [matchmaker_redis] [nova] [oslo_concurrency] lock_path = /var/lib/neutron/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [quotas] [ssl] -----------------------------------------------
3)快速配置/etc/neutron/plugins/ml2/linuxbridge_agent.ini
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:ens33 openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# 注意:第一个选项physical_interface_mappings选项要配置计算节点自身的网卡名称provider:ens33
# 查看生效的配置
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini ------------------------------------- [root@openstack02 ~]# egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini [DEFAULT] [agent] [linux_bridge] physical_interface_mappings = provider:ens33 [network_log] [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver [vxlan] enable_vxlan = false -------------------------------------
4)配置nova计算服务与neutron网络服务协同工作
# 快速配置/etc/nova/nova.conf
openstack-config --set /etc/nova/nova.conf neutron url http://controller:9696 openstack-config --set /etc/nova/nova.conf neutron auth_url http://controller:5000 openstack-config --set /etc/nova/nova.conf neutron auth_type password openstack-config --set /etc/nova/nova.conf neutron project_domain_name default openstack-config --set /etc/nova/nova.conf neutron user_domain_name default openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne openstack-config --set /etc/nova/nova.conf neutron project_name service openstack-config --set /etc/nova/nova.conf neutron username neutron openstack-config --set /etc/nova/nova.conf neutron password neutron
# 查看生效的配置
egrep -v '(^$|^#)' /etc/nova/nova.conf ------------------------------------ [root@openstack02 ~]# egrep -v '(^$|^#)' /etc/nova/nova.conf [DEFAULT] enabled_apis = osapi_compute,metadata transport_url = rabbit://openstack:openstack@controller my_ip = 192.168.1.82 use_neutron = True firewall_driver = nova.virt.firewall.NoopFirewallDriver log_date_format=%Y-%m-%d %H:%M:%S log_file=nova-compute.log log_dir=/var/log/nova [api] auth_strategy = keystone [api_database] [barbican] [cache] [cells] [cinder] [compute] [conductor] [console] [consoleauth] [cors] [database] [devices] [ephemeral_storage_encryption] [filter_scheduler] [glance] api_servers = http://controller:9292 [guestfs] [healthcheck] [hyperv] [ironic] [key_manager] [keystone] [keystone_authtoken] auth_url = http://controller:5000/v3 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = nova password = nova [libvirt] virt_type = qemu [matchmaker_redis] [metrics] [mks] [neutron] url = http://controller:9696 auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = neutron [notifications] [osapi_v21] [oslo_concurrency] lock_path = /var/lib/nova/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [pci] [placement] region_name = RegionOne project_domain_name = Default project_name = service auth_type = password user_domain_name = Default auth_url = http://controller:5000/v3 username = placement password = placement [placement_database] [powervm] [profiler] [quota] [rdp] [remote_debug] [scheduler] [serial_console] [service_user] [spice] [upgrade_levels] [vault] [vendordata_dynamic_auth] [vmware] [vnc] enabled = True server_listen = 0.0.0.0 server_proxyclient_address = 192.168.1.82 novncproxy_base_url = http://controller:6080/vnc_auto.html [workarounds] [wsgi] [xenserver] [xvp] [zvm] ------------------------------------
5)重启计算节点
systemctl restart openstack-nova-compute.service
systemctl status openstack-nova-compute.service
6)启动neutron网络组件,并配置开机自启动
# 需要启动1个服务,网桥代理
systemctl restart neutron-linuxbridge-agent.service systemctl status neutron-linuxbridge-agent.service systemctl enable neutron-linuxbridge-agent.service systemctl list-unit-files |grep neutron* |grep enabled
# 实例演示:
[root@openstack02 ~]# systemctl restart neutron-linuxbridge-agent.service [root@openstack02 ~]# systemctl status neutron-linuxbridge-agent.service ● neutron-linuxbridge-agent.service - OpenStack Neutron Linux Bridge Agent Loaded: loaded (/usr/lib/systemd/system/neutron-linuxbridge-agent.service; disabled; vendor preset: disabled) Active: active (running) since 一 2018-10-29 21:57:32 CST; 44ms ago Process: 3076 ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh (code=exited, status=0/SUCCESS) Main PID: 3083 (neutron-linuxbr) Tasks: 1 CGroup: /system.slice/neutron-linuxbridge-agent.service └─3083 /usr/bin/python2 /usr/bin/neutron-linuxbridge-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neu... 10月 29 21:57:32 openstack02.zuiyoujie.com systemd[1]: Starting OpenStack Neutron Linux Bridge Agent... 10月 29 21:57:32 openstack02.zuiyoujie.com neutron-enable-bridge-firewall.sh[3076]: net.bridge.bridge-nf-call-iptables = 1 10月 29 21:57:32 openstack02.zuiyoujie.com neutron-enable-bridge-firewall.sh[3076]: net.bridge.bridge-nf-call-ip6tables = 1 10月 29 21:57:32 openstack02.zuiyoujie.com systemd[1]: Started OpenStack Neutron Linux Bridge Agent. [root@openstack02 ~]# systemctl enable neutron-linuxbridge-agent.service Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service. [root@openstack02 ~]# systemctl list-unit-files |grep neutron* |grep enabled neutron-linuxbridge-agent.service enabled
# 至此,计算节点的网络配置完成,转回到控制节点进行验证操作
6.5.在控制节点检查确认neutron服务安装成功
# Verify operation
https://docs.openstack.org/neutron/rocky/install/verify.html
# 以下命令在控制节点执行
1)获取管理权限
cd /server/tools source keystone-admin-pass.sh
2)列表查看加载的网络插件
openstack extension list --network
# 实例演示:
[root@openstack01 tools]# openstack extension list --network +-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+ | Name | Alias | Description | +-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+ | Default Subnetpools | default-subnetpools | Provides ability to mark and use a subnetpool as the default. | | Network IP Availability | network-ip-availability | Provides IP availability data for each network and subnet. | | Network Availability Zone | network_availability_zone | Availability zone support for network. | | Network MTU (writable) | net-mtu-writable | Provides a writable MTU attribute for a network resource. | | Port Binding | binding | Expose port bindings of a virtual port to external application | | agent | agent | The agent management extension. | | Subnet Allocation | subnet_allocation | Enables allocation of subnets from a subnet pool | | DHCP Agent Scheduler | dhcp_agent_scheduler | Schedule networks among dhcp agents | | Neutron external network | external-net | Adds external network attribute to network resource. | | Neutron Service Flavors | flavors | Flavor specification for Neutron advanced services. | | Network MTU | net-mtu | Provides MTU attribute for a network resource. | | Availability Zone | availability_zone | The availability zone extension. | | Quota management support | quotas | Expose functions for quotas management per tenant | | Tag support for resources with standard attribute: subnet, trunk, router, network, policy, subnetpool, port, security_group, floatingip | standard-attr-tag | Enables to set tag on resources with standard attribute. | | Availability Zone Filter Extension | availability_zone_filter | Add filter parameters to AvailabilityZone resource | | If-Match constraints based on revision_number | revision-if-match | Extension indicating that If-Match based on revision_number is supported. | | Filter parameters validation | filter-validation | Provides validation on filter parameters. | | Multi Provider Network | multi-provider | Expose mapping of virtual networks to multiple physical networks | | Quota details management support | quota_details | Expose functions for quotas usage statistics per project | | Address scope | address-scope | Address scopes extension. | | Empty String Filtering Extension | empty-string-filtering | Allow filtering by attributes with empty string value | | Subnet service types | subnet-service-types | Provides ability to set the subnet service_types field | | Neutron Port MAC address regenerate | port-mac-address-regenerate | Network port MAC address regenerate | | Resource timestamps | standard-attr-timestamp | Adds created_at and updated_at fields to all Neutron resources that have Neutron standard attributes. | | Provider Network | provider | Expose mapping of virtual networks to physical networks | | Neutron Service Type Management | service-type | API for retrieving service providers for Neutron advanced services | | Neutron Extra DHCP options | extra_dhcp_opt | Extra options configuration for DHCP. For example PXE boot options to DHCP clients can be specified (e.g. tftp-server, server-ip-address, bootfile-name) | | Port filtering on security groups | port-security-groups-filtering | Provides security groups filtering when listing ports | | Resource revision numbers | standard-attr-revisions | This extension will display the revision number of neutron resources. | | Pagination support | pagination | Extension that indicates that pagination is enabled. | | Sorting support | sorting | Extension that indicates that sorting is enabled. | | security-group | security-group | The security groups extension. | | RBAC Policies | rbac-policies | Allows creation and modification of policies that control tenant access to resources. | | standard-attr-description | standard-attr-description | Extension to add descriptions to standard attributes | | IP address substring filtering | ip-substring-filtering | Provides IP address substring filtering when listing ports | | Port Security | port-security | Provides port security | | Allowed Address Pairs | allowed-address-pairs | Provides allowed address pairs | | project_id field enabled | project-id | Extension that indicates that project_id field is enabled. | | Port Bindings Extended | binding-extended | Expose port bindings of a virtual port to external application | +-----------------------------------------------------------------------------------------------------------------------------------------+--------------------------------+----------------------------------------------------------------------------------------------------------------------------------------------------------+
# 或者使用另一种方法:显示简版信息
[root@openstack01 tools]# neutron ext-list neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead. +--------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+ | alias | name | +--------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+ | default-subnetpools | Default Subnetpools | | network-ip-availability | Network IP Availability | | network_availability_zone | Network Availability Zone | | net-mtu-writable | Network MTU (writable) | | binding | Port Binding | | agent | agent | | subnet_allocation | Subnet Allocation | | dhcp_agent_scheduler | DHCP Agent Scheduler | | external-net | Neutron external network | | flavors | Neutron Service Flavors | | net-mtu | Network MTU | | availability_zone | Availability Zone | | quotas | Quota management support | | standard-attr-tag | Tag support for resources with standard attribute: subnet, trunk, router, network, policy, subnetpool, port, security_group, floatingip | | availability_zone_filter | Availability Zone Filter Extension | | revision-if-match | If-Match constraints based on revision_number | | filter-validation | Filter parameters validation | | multi-provider | Multi Provider Network | | quota_details | Quota details management support | | address-scope | Address scope | | empty-string-filtering | Empty String Filtering Extension | | subnet-service-types | Subnet service types | | port-mac-address-regenerate | Neutron Port MAC address regenerate | | standard-attr-timestamp | Resource timestamps | | provider | Provider Network | | service-type | Neutron Service Type Management | | extra_dhcp_opt | Neutron Extra DHCP options | | port-security-groups-filtering | Port filtering on security groups | | standard-attr-revisions | Resource revision numbers | | pagination | Pagination support | | sorting | Sorting support | | security-group | security-group | | rbac-policies | RBAC Policies | | standard-attr-description | standard-attr-description | | ip-substring-filtering | IP address substring filtering | | port-security | Port Security | | allowed-address-pairs | Allowed Address Pairs | | project-id | project_id field enabled | | binding-extended | Port Bindings Extended | +--------------------------------+-----------------------------------------------------------------------------------------------------------------------------------------+
3)查看网络代理列表
openstack network agent list
# 实例演示:
[root@openstack01 tools]# openstack network agent list +--------------------------------------+--------------------+---------------------------+-------------------+-------+-------+---------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+--------------------+---------------------------+-------------------+-------+-------+---------------------------+ | 53c6db96-25a5-4f38-aa3c-d5abdd3ad66a | DHCP agent | openstack01.zuiyoujie.com | nova | :-) | UP | neutron-dhcp-agent | | 5c9509c5-71dd-42a6-b682-0ba1b9d24c12 | Linux bridge agent | openstack01.zuiyoujie.com | None | :-) | UP | neutron-linuxbridge-agent | | bdd41869-cf75-447b-8857-f3e133f08883 | Linux bridge agent | openstack02.zuiyoujie.com | None | :-) | UP | neutron-linuxbridge-agent | | e9935776-ca0b-4422-a5bc-350e285a0a24 | Metadata agent | openstack01.zuiyoujie.com | None | :-) | UP | neutron-metadata-agent | +--------------------------------------+--------------------+---------------------------+-------------------+-------+-------+---------------------------+
# 正常情况下:控制节点有3个服务,计算节点有1个服务,如果不是,需要检查计算节点配置:网卡名称,IP地址,端口,密码等要素
======== 完毕,呵呵呵呵 =========