本操作在计算节点上完成
安装neutron软件包
使用OVS作为虚拟交换机
root@compute:~# apt -y install neutron-common neutron-plugin-ml2 neutron-openvswitch-agent
修改neutron配置文件
由于官方配置文件修改较为麻烦,这里直接创建一个新的配置文件
root@compute:~# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org
root@compute:~# vi /etc/neutron/neutron.conf
# 添加以下内容,保存退出
[DEFAULT]
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
allow_overlapping_ips = True
transport_url = rabbit://openstack:root@controller
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[keystone_authtoken]
auth_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = root
[oslo_concurrency]
lock_path = $state_path/tmp
因为配置文件是新建的,这里把权限加回去
root@compute:~# chmod 640 /etc/neutron/neutron.conf
root@compute:~# chgrp neutron /etc/neutron/neutron.conf
修改二层插件配置
root@compute:~# vi /etc/neutron/plugins/ml2/ml2_conf.ini
# 第129行:添加相应设置(tenant_network_types设置暂时留空,之后会设置)
[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types =
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
# 第262行:去掉注释并添加firewall_driver
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# 最后一行:取消注释
enable_ipset = True
修改nova配置文件
root@compute:~# vi /etc/nova/nova.conf
# 把以下设置添加到[DEFAULT]栏目里
use_neutron = True
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
vif_plugging_is_fatal = True
vif_plugging_timeout = 300
# 在配置文件最后添加新的栏目并填写以下设置,元数据代理共享密码要跟之前设置的一样
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = root
service_metadata_proxy = True
metadata_proxy_shared_secret = metadata_secret
创建链接文件、重启服务
创建链接文件
root@compute:~# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
重启服务
root@compute:~# systemctl enable openvswitch-switch neutron-openvswitch-agent
Synchronizing state of openvswitch-switch.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable openvswitch-switch
Synchronizing state of neutron-openvswitch-agent.service with SysV init with /lib/systemd/systemd-sysv-install...
Executing /lib/systemd/systemd-sysv-install enable neutron-openvswitch-agent
root@compute:~# systemctl restart nova-compute openvswitch-switch neutron-openvswitch-agent