openstack搭建配置

安装和配置网络节点
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

sysctl -p
yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch

vim /etc/neutron/neutron.conf
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = 192.168.5.1
rabbit_password = 666666
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True
[keystone_authtoken]
...
auth_uri = http://192.168.5.1:5000/v2.0
identity_uri = http://192.168.5.1:35357
admin_tenant_name = service
admin_user = neutron
admin_password = 666666

vim /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
...
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch

[ml2_type_flat]
...
flat_networks = external

[ml2_type_gre]
...
tunnel_id_ranges = 1:1000

[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

[ovs]
...
local_ip = 192.168.8.1
enable_tunneling = True
bridge_mappings = external:br-ex

[agent]
...
tunnel_types = gre

vim /etc/neutron/l3_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
verbose = True

vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dhcp_delete_namespaces = True
verbose = True

vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
...
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf

vim /etc/neutron/dnsmasq-neutron.conf
dhcp-option-force=26,1454

pkill dnsmasq

vim /etc/neutron/metadata_agent.ini

[DEFAULT]
...
auth_url = http://192.168.5.1:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = 666666
nova_metadata_ip = 192.168.5.1
metadata_proxy_shared_secret = METADATA_SECRET
verbose = True

在控制节点上操作
vim /etc/nova/nova.conf
[neutron]
...
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET

systemctl restart openstack-nova-api.service

在网络节点上操作
systemctl enable openvswitch.service
systemctl start openvswitch.service

ovs-vsctl add-br br-ex  ####http://blog.csdn.net/signmem/article/details/19419517
####http://www.aboutyun.com/thread-11777-1-1.html

ovs-vsctl add-port br-ex ext8
ethtool -K ext8 gro off

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service

systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-ovs-cleanup.service

systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service

在控制节点安装
source admin-openrc.sh

neutron agent-list

在计算节点上操作

vim /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

sysctl -p

yum -y install openstack-neutron-ml2 openstack-neutron-openvswitch

vim /etc/neutron/neutron.conf
 
在[database]注销connection
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = 192.168.5.1
rabbit_password = 666666
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True
[keystone_authtoken]
...
auth_uri = http://192.168.5.1:5000/v2.0
identity_uri = http://192.168.5.1:35357
admin_tenant_name = service
admin_user = neutron
admin_password = 666666

vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
...
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_gre]
...
tunnel_id_ranges = 1:1000

[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
...
local_ip = 192.168.5.2  ###计算节点ip
enable_tunneling = True

[agent]
...
tunnel_types = gre

systemctl enable openvswitch.service

systemctl start openvswitch.service

vim /etc/nova/nova.conf

[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[neutron]
...
url = http://192.168.5.1:9696
auth_strategy = keystone
admin_auth_url = http://192.168.5.1:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = 666666

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

cp /usr/lib/systemd/system/neutron-openvswitch-agent.service /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service

systemctl restart openstack-nova-compute.service

systemctl enable neutron-openvswitch-agent.service
systemctl restart neutron-openvswitch-agent.service

在控制节点上操作
source admin-openrc.sh
neutron agent-list

source admin-openrc.sh

neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat

neutron subnet-create ext-net --name ext-subnet --allocation-pool start=FLOATING_IP_START,end=FLOATING_IP_END --disable-dhcp --gateway EXTERNAL_NETWORK_GATEWAY EXTERNAL_NETWORK_CIDR

neutron subnet-create ext-net --name ext-subnet --allocation-pool start=172.16.1.100,end=172.16.1.200 --disable-dhcp --gateway 172.16.1.1 172.16.0.0/16

source demo-openrc.sh
neutron net-create demo-net
neutron subnet-create demo-net --name demo-subnet --gateway TENANT_NETWORK_GATEWAY TENANT_NETWORK_CIDR

neutron subnet-create demo-net --name demo-subnet --gateway 192.168.2.1 192.168.2.0/24

neutron router-create demo-router

neutron router-interface-add demo-router demo-subnet
Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router

neutron router-gateway-set demo-router ext-net
Set gateway for router demo-router

vim /etc/nova/nova.conf

[DEFAULT]
...
network_api_class = nova.network.api.API
security_group_api = nova

systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service

在计算节点操作
yum -y install openstack-nova-network openstack-nova-api

vim /etc/nova/nova.conf
[DEFAULT]
...
network_api_class = nova.network.api.API
security_group_api = nova
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager = nova.network.manager.FlatDHCPManager
network_size = 254
allow_same_net_traffic = False
multi_host = True
send_arp_for_ha = True
share_dhcp_address = True
force_dhcp_release = True
flat_network_bridge = br100
flat_interface = INTERFACE_NAME  ####
public_interface = INTERFACE_NAME  ####

systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl start openstack-nova-network.service openstack-nova-metadata-api.service

在控制节点上操作
source admin-openrc.sh
nova network-create demo-net --bridge br100 --multi-host T --fixed-range-v4 NETWORK_CIDR

nova network-create demo-net --bridge br100 --multi-host T --fixed-range-v4 203.0.113.24/29

nova net-list

添加仪表盘
在控制节点上操作
yum -y install openstack-dashboard httpd mod_wsgi memcached python-memcached

vim /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "192.168.5.1"
ALLOWED_HOSTS = ['*']
CACHES = {  
   'default': {
       'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
       'LOCATION': '127.0.0.1:11211',
   }
}
TIME_ZONE = "Asia/Shanghai"

setsebool -P httpd_can_network_connect on

chown -R apache:apache /usr/share/openstack-dashboard/static

systemctl enable httpd.service memcached.service
systemctl start httpd.service memcached.service

访问http://192.168.5.1/dashboard