控制节点

Before you configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API endpoint.

一、创建neutron数据库并授权

1.登陆数据库

mysql -u root -p

2.创建数据库并授权

CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'NEUTRON_DBPASS';

Replace NEUTRON_DBPASS with a suitable password.

Source the admin credentials to gain access to admin-only CLI commands:

source admin-openrc.sh

3.To create the service credentials, complete these steps:

Create the neutron user:

openstack user create --password-prompt neutron

Add the admin role to the neutron user:

openstack role add --project service --user neutron admin

Create the neutron service entity:

openstack service create --name neutron \
--description "OpenStack Networking" network

Create the Networking service API endpoint:

openstack endpoint create \
--publicurl http://controller:9696 \
--adminurl http://controller:9696 \
--internalurl http://controller:9696 \
--region RegionOne \
network

To install the Networking components

yum install openstack-neutron openstack-neutron-ml2 python-neutronclient which

To configure the Networking server component

The Networking server component configuration includes the database, authentication mechanism, message queue, topology change notifications, and plug-in.

Edit the /etc/neutron/neutron.conf file and complete the following actions:

In the [database] section, configure database access:

[database]
...
connection = mysql://neutron:NEUTRON_DBPASS@controller/neutron

Replace NEUTRON_DBPASS with the password you chose for the database.

In the [DEFAULT] and [oslo_messaging_rabbit] sections, configure RabbitMQ message queue access:

[DEFAULT]
...
rpc_backend = rabbit [oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS

Replace RABBIT_PASS with the password you chose for the openstack account in RabbitMQ.

In the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:

[DEFAULT]
...
auth_strategy = keystone [keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = NEUTRON_PASS

Replace NEUTRON_PASS with the password you chose for the neutron user in the Identity service.

注意:Comment out or remove any other options in the [keystone_authtoken] section.

In the [DEFAULT] section, enable the Modular Layer 2 (ML2) plug-in, router service, and overlapping IP addresses:

[DEFAULT]
...
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True

In the [DEFAULT] and [nova] sections, configure Networking to notify Compute of network topology changes:

[DEFAULT]
...
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controller:8774/v2 [nova]
...
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS

Replace NOVA_PASS with the password you chose for the nova user in the Identity service.

(Optional) To assist with troubleshooting, enable verbose logging in the [DEFAULT] section:

[DEFAULT]
...
verbose = True

To configure the Modular Layer 2 (ML2) plug-in

The ML2 plug-in uses the Open vSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances. However, the controller node does not need the OVS components because it does not handle instance network traffic.

Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file and complete the following actions:

In the [ml2] section, enable the flat, VLAN, generic routing encapsulation (GRE), and virtual extensible LAN (VXLAN) network type drivers, GRE tenant networks, and the OVS mechanism driver:

[ml2]
...
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch

注意:Once you configure the ML2 plug-in, changing values in the type_drivers option can lead to database inconsistency.

In the [ml2_type_gre] section, configure the tunnel identifier (id) range:

[ml2_type_gre]
...
tunnel_id_ranges = :

In the [securitygroup] section, enable security groups, enable ipset, and configure the OVS iptables firewall driver:

[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

To configure Compute to use Networking

By default, distribution packages configure Compute to use legacy networking. You must reconfigure Compute to manage networks through Networking.

Edit the /etc/nova/nova.conf file on the controller node and complete the following actions:

In the [DEFAULT] section, configure the APIs and drivers:

[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver

In the [neutron] section, configure access parameters:

[neutron]
...
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = NEUTRON_PASS

Replace NEUTRON_PASS with the password you chose for the neutron user in the Identity service.

To finalize installation

1.The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If this symbolic link does not exist, create it using the following command:

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

2.Populate the database:

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

注意:Database population occurs later for Networking because the script requires complete server and plug-in configuration files.

3.Restart the Compute services:

systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \
openstack-nova-conductor.service

4.Start the Networking service and configure it to start when the system boots:

systemctl enable neutron-server.service
systemctl start neutron-server.service

Verify operation

注意:Perform these commands on the controller node.

1.Source the admin credentials to gain access to admin-only CLI commands:

source admin-openrc.sh

2.List loaded extensions to verify successful launch of the neutron-server process:

neutron ext-list

Openstack(Kilo)安装系列之neutron(九)的更多相关文章

  1. Openstack(Kilo)安装系列之Keystone(三)

    安装配置 Before you configure the OpenStack Identity service, you must create a database and an administ ...

  2. Openstack(Kilo)安装系列之glance(六)

    安装配置 Before you install and configure the Image service, you must create a database, service credent ...

  3. Openstack(Kilo)安装系列之环境准备(二)

    控制节点.网络节点.计算节点: 一.配置源 1.配置EPEL源 yum install http://dl.fedoraproject.org/pub/epel/7/x86_64/e/epel-rel ...

  4. Openstack(Kilo)安装系列之环境准备(一)

    本文采用VMware虚拟环境,使用CentOS 7.1作为openstack的基础环境. 一.基础平台 1.一台装有VMware的windows系统(可联网) 2.CentOS 7.1 64bit镜像 ...

  5. Openstack(Kilo)安装系列之nova(八)

    计算节点 To install and configure the Compute hypervisor components 1.Install the packages: yum install ...

  6. Openstack(Kilo)安装系列之nova(七)

    控制节点 Before you install and configure the Compute service, you must create a database, service crede ...

  7. Openstack(Kilo)安装系列之Keystone(五)

    Create OpenStack client environment scripts To create the scripts Create client environment scripts ...

  8. Openstack(Kilo)安装系列之Keystone(四)

    创建租间.用户.角色 一.To configure prerequisites 1.Configure the authentication token: export OS_TOKEN=ADMIN_ ...

  9. [译] OpenStack Kilo 版本中 Neutron 的新变化

    OpenStack Kilo 版本,OpenStack 这个开源项目的第11个版本,已经于2015年4月正式发布了.现在是个合适的时间来看看这个版本中Neutron到底发生了哪些变化了,以及引入了哪些 ...

随机推荐

  1. 病毒木马查杀实战第015篇:U盘病毒之脱壳研究

    前言 因为我们的终于目标是编写出针对于这次的U盘病毒的专杀工具.而通过上次的分析我们知道,病毒有可能在不同的计算机中会以不同的名称进行显示.假设真是如此,那么就有必要在此分析出病毒的命名规律等特征,然 ...

  2. C#计算时间间隔的方法小结

    初始化两个时间变量用于演示实例. DateTime dt1 = new DateTime(2013, 10, 13, 19, 15, 50); DateTime dt2 = new DateTime( ...

  3. struts2+jquery验证注冊用户是否存在

    注冊界面 register.jsp <%@ page language="java" contentType="text/html; charset=UTF-8&q ...

  4. 在进程中执行新代码 execl、execle、execlp、execv、execve和execvp函数

    摘要:本文主要讲述怎样在进程中执行新代码,以及exec系列函数的基本用法. 在进程中执行新代码 用函数fork创建子进程后,假设希望在当前子进程中运行新的程序,能够调用exec函数运行还有一个程序.当 ...

  5. 【Windows】免费图片提取文字的方法

    今天意外的看到一个可以提取图片中文字的网站,自己试了下,提取效果还不错 网址为: https://zhcn.109876543210.com/ 现在有图片如下 我想从中提取的文字 1.打开网址,上传图 ...

  6. php抽象类和接口的异同【转】

    1. 相同点: (1)      两者都是抽象类,都不能实例化. (2)      interface 实现类及 abstract class 的子类都必须要实现已经声明的抽象方法. 2. 不同点: ...

  7. 效仿盖茨:PPstream创始人的心路历程

    http://www.jianglb.com/2007/08/15/about-ppstream.html “P2P网络视频软件的目标是成为网民肚子里的蛔虫.”PPstream总裁徐伟峰自信地说道.他 ...

  8. excel合并单元格

    最简单的: =A1&B1&C1 在C14单元格中输入公式:=CONCATENATE(A14,"@",B14,".com"),确认后,即可将A14 ...

  9. 【ASP.NET MVC系列】详解View

    本篇文章内容属于ASP.NET MVC系列视图篇,主要讲解View,大致内容如下: 1.Views文件夹讲解 2.View种类 3.Razor语法 4.对视图的基本操作 一   Views文件夹 (一 ...

  10. Spring学习笔记(四)-- Spring事务全面分析

    通过本系列的文章对Spring的介绍,我们对Spring的使用和两个核心功能IOC.AOP已经有了初步的了解,结合我个人工作的情况,因为项目是金融系 统.那对事务的控制是不可缺少的.而且是很严格的控制 ...