控制节点

Before you configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API endpoint.

一、创建neutron数据库并授权

1.登陆数据库

mysql -u root -p

2.创建数据库并授权

CREATE DATABASE neutron;

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \

  IDENTIFIED BY 'NEUTRON_DBPASS';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \

  IDENTIFIED BY 'NEUTRON_DBPASS';

Replace NEUTRON_DBPASS with a suitable password.

Source the admin credentials to gain access to admin-only CLI commands:

source admin-openrc.sh

3.To create the service credentials, complete these steps:

Create the neutron user:

openstack user create --password-prompt neutron

Add the admin role to the neutron user:

openstack role add --project service --user neutron admin

Create the neutron service entity:

openstack service create --name neutron \

  --description "OpenStack Networking" network

Create the Networking service API endpoint:

openstack endpoint create \

  --publicurl http://controller:9696 \

  --adminurl http://controller:9696 \

  --internalurl http://controller:9696 \

  --region RegionOne \

  network

To install the Networking components

yum install openstack-neutron openstack-neutron-ml2 python-neutronclient which

To configure the Networking server component

The Networking server component configuration includes the database, authentication mechanism, message queue, topology change notifications, and plug-in.

Edit the /etc/neutron/neutron.conf file and complete the following actions:

In the [database] section, configure database access:

[database]

...

connection = mysql://neutron:NEUTRON_DBPASS@controller/neutron

Replace NEUTRON_DBPASS with the password you chose for the database.

In the [DEFAULT] and [oslo_messaging_rabbit] sections, configure RabbitMQ message queue access:

[DEFAULT]

...

rpc_backend = rabbit

[oslo_messaging_rabbit]

...

rabbit_host = controller

rabbit_userid = openstack

rabbit_password = RABBIT_PASS

Replace RABBIT_PASS with the password you chose for the openstack account in RabbitMQ.

In the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:

[DEFAULT]

...

auth_strategy = keystone

[keystone_authtoken]

...

auth_uri = http://controller:5000

auth_url = http://controller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

project_name = service

username = neutron

password = NEUTRON_PASS

Replace NEUTRON_PASS with the password you chose for the neutron user in the Identity service.

注意:Comment out or remove any other options in the [keystone_authtoken] section.

In the [DEFAULT] section, enable the Modular Layer 2 (ML2) plug-in, router service, and overlapping IP addresses:

[DEFAULT]

...

core_plugin = ml2

service_plugins = router

allow_overlapping_ips = True

In the [DEFAULT] and [nova] sections, configure Networking to notify Compute of network topology changes:

[DEFAULT]

...

notify_nova_on_port_status_changes = True

notify_nova_on_port_data_changes = True

nova_url = http://controller:8774/v2

[nova]

...

auth_url = http://controller:35357

auth_plugin = password

project_domain_id = default

user_domain_id = default

region_name = RegionOne

project_name = service

username = nova

password = NOVA_PASS

Replace NOVA_PASS with the password you chose for the nova user in the Identity service.

(Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:

[DEFAULT]

...

verbose = True

To configure the Modular Layer 2 (ML2) plug-in

The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances. However, the controller node does not need the OVS components because it does not handle instance network traffic.

Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file and complete the following actions:

In the [ml2] section, enable the flat, VLAN, generic routing encapsulation (GRE), and virtual extensible LAN (VXLAN) network type drivers, GRE tenant networks, and the OVS mechanism driver:

[ml2]

...

type_drivers = flat,vlan,gre,vxlan

tenant_network_types = gre

mechanism_drivers = openvswitch

注意:Once you configure the ML2 plug-in, changing values in the type_drivers option can lead to database inconsistency.

In the [ml2_type_gre] section, configure the tunnel identifier (id) range:

[ml2_type_gre]

...

tunnel_id_ranges = :

In the [securitygroup] section, enable security groups, enable ipset, and configure the OVS iptables firewall driver:

[securitygroup]

...

enable_security_group = True

enable_ipset = True

firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

To configure Compute to use Networking

By default, distribution packages configure Compute to use legacy networking. You must reconfigure Compute to manage networks through Networking.

Edit the /etc/nova/nova.conf file on the controller node and complete the following actions:

In the [DEFAULT] section, configure the APIs and drivers:

[DEFAULT]

...

network_api_class = nova.network.neutronv2.api.API

security_group_api = neutron

linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver

firewall_driver = nova.virt.firewall.NoopFirewallDriver

In the [neutron] section, configure access parameters:

[neutron]

...

url = http://controller:9696

auth_strategy = keystone

admin_auth_url = http://controller:35357/v2.0

admin_tenant_name = service

admin_username = neutron

admin_password = NEUTRON_PASS

Replace NEUTRON_PASS with the password you chose for the neutron user in the Identity service.

To finalize installation

1.The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If this symbolic link does not exist, create it using the following command:

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

2.Populate the database:

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \

  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

注意:Database population occurs later for Networking because the script requires complete server and plug-in configuration files.

3.Restart the Compute services:

systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \

  openstack-nova-conductor.service

4.Start the Networking service and configure it to start when the system boots:

systemctl enable neutron-server.service

systemctl start neutron-server.service

Verify operation

注意:Perform these commands on the controller node.

1.Source the admin credentials to gain access to admin-only CLI commands:

source admin-openrc.sh

2.List loaded extensions to verify successful launch of the neutron-server process:

neutron ext-list

Openstack(Kilo)安装系列之neutron(九)的更多相关文章

  1. Openstack(Kilo)安装系列之Keystone(三)

    安装配置 Before you configure the OpenStack Identity service, you must create a database and an administ ...

  2. Openstack(Kilo)安装系列之glance(六)

    安装配置 Before you install and configure the Image service, you must create a database, service credent ...

  3. Openstack(Kilo)安装系列之环境准备(二)

    控制节点.网络节点.计算节点: 一.配置源 1.配置EPEL源 yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-rel ...

  4. Openstack(Kilo)安装系列之环境准备(一)

    本文采用VMware虚拟环境,使用CentOS 7.1作为openstack的基础环境. 一.基础平台 1.一台装有VMware的windows系统(可联网) 2.CentOS 7.1 64bit镜像 ...

  5. Openstack(Kilo)安装系列之nova(八)

    计算节点 To install and configure the Compute hypervisor components 1.Install the packages: yum install ...

  6. Openstack(Kilo)安装系列之nova(七)

    控制节点 Before you install and configure the Compute service, you must create a database, service crede ...

  7. Openstack(Kilo)安装系列之Keystone(五)

    Create OpenStack client environment scripts To create the scripts Create client environment scripts ...

  8. Openstack(Kilo)安装系列之Keystone(四)

    创建租间.用户.角色 一.To configure prerequisites 1.Configure the authentication token: export OS_TOKEN=ADMIN_ ...

  9. [译] OpenStack Kilo 版本中 Neutron 的新变化

    OpenStack Kilo 版本,OpenStack 这个开源项目的第11个版本,已经于2015年4月正式发布了.现在是个合适的时间来看看这个版本中Neutron到底发生了哪些变化了,以及引入了哪些 ...

随机推荐

  1. 解复用-mpeg2

    http://blog.csdn.net/yipie/article/details/7612226 数字高清晰度电视(High Definition Television)简称HDTV,是继黑白电视 ...

  2. vue - utils.js

    exports:导出功能函数或变量 module.exports:默认导出{} ------------------------------------------------------------ ...

  3. Android BaseAdapter和ViewHolder 优化 解决ListView的item抢焦点问题和item错乱问题

    首先赞下hyman大神 曾经仅仅是简单的重写个BaseAdapter,将getView方法保持抽象.而ViewHolder没有抽象过. .. ViewHolder (用了一个集合+泛型管理存取view ...

  4. mysql 创建函数或者存储过程,定义变量报错

    报错的原因是因为在过程或者函数中存在分隔符 分号(:),而mysql中默认分隔符也是 :,这就导致存储过程分开了 在存储过程外面包一层 delimiter //   code  //就行了

  5. mysql处理大数据合并的另一种方法

    在做项目的时候我碰到了一个这样的场景,有两张表,数据都在300W左右,现在要求在生产环境中合并这两张表为一张表,本来想用sql语句insert into select来实现,后来发现这样操作速度很慢, ...

  6. Tomcat、Websphere和Jboss类加载机制

    http://blog.csdn.net/lshxy320/article/details/6448972 2       Tomcat 类加载机制 Tomcat Server 在启动的时候将构造一个 ...

  7. iOS 键盘自适应(IQKeyboardManager)使用小结

    IQKeyboardManager Github地址 经常在开发一个应用程序,我们遇到了一个问题,iPhone的键盘上滑覆盖的UITextField / UITextView.IQKeyboardMa ...

  8. asp.net生成视图时报错 未引用System.Runtime, Version...

    这是没有添加程序集引用 在程序集中添加一条引用 <compilation debug="true" targetFramework="4.5.1"> ...

  9. 函数参数中“x++”造成的运算无效测试

    可能以前书上都有说过,当时没在意 只有在实际项目中才会遇到因这个问题导致的Bug 2017/2/26日补充:实际上比较通用的做法是 ++tmp1,这样也可以做到自增 ; ); Console.Writ ...

  10. [elk]elasticsearch5.0及head插件安装

    ElasticSearch2.3/2.4升级到ElasticSearch5.0 参考文档(排名不分先后)https://www.elastic.co/guide/en/elasticsearch/re ...