添加网络组件

 安装和配置控制器节点

 创建数据库

mysql -uroot -ptoyo123CREATE DATABASE neutron;GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \  IDENTIFIED BY 'toyo123';GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \  IDENTIFIED BY 'toyo123';exit

 

创建服务凭据

source admin-openrc.shkeystone user-create --name neutron --pass Abcd1234keystone user-role-add --user neutron --tenant service --role adminkeystone service-create --name neutron --type network \  --description "OpenStack Networking"keystone endpoint-create \  --service-id $(keystone service-list | awk '/ network / {print $2}') \  --publicurl http://controller:9696 \  --adminurl http://controller:9696 \  --internalurl http://controller:9696 \  --region regionOne

 

安装网络组件

yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient which

 

查询service id下面编辑配置文件会用到

source admin-openrc.shkeystone tenant-get service

 

编辑/etc/neutron/neutron.conf文件

mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bakvim /etc/neutron/neutron.conf [database]connection = mysql://neutron:toyo123@controller/neutron[DEFAULT]rpc_backend = rabbitrabbit_host = controllerrabbit_password = Abcd1234auth_strategy = keystonecore_plugin = ml2service_plugins = routerallow_overlapping_ips = Truenotify_nova_on_port_status_changes = Truenotify_nova_on_port_data_changes = Truenova_url = http://controller:8774/v2nova_admin_auth_url = http://controller:35357/v2.0nova_region_name = regionOnenova_admin_username = novanova_admin_tenant_id = 89bc1f42c0194ef4b1ff2dfea07caf2fnova_admin_password = Abcd1234verbose = True[keystone_authtoken]auth_uri = http://controller:5000/v2.0identity_uri = http://controller:35357admin_tenant_name = serviceadmin_user = neutronadmin_password = Abcd1234[neutron]url = http://controller:9696auth_strategy = keystoneadmin_auth_url = http://controller:35357/v2.0admin_tenant_name = serviceadmin_username = neutronadmin_password = Abcd1234

 

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini文件

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bakvim /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,gretenant_network_types = gremechanism_drivers = openvswitch[ml2_type_gre]tunnel_id_ranges = 1:1000[securitygroup]enable_security_group = Trueenable_ipset = Truefirewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

 

编辑/etc/nova/nova.conf

vim /etc/nova/nova.conf[DEFAULT]network_api_class = nova.network.neutronv2.api.APIsecurity_group_api = neutronlinuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriverfirewall_driver = nova.virt.firewall.NoopFirewallDriver[neutron]url = http://controller:9696auth_strategy = keystoneadmin_auth_url = http://controller:35357/v2.0admin_tenant_name = serviceadmin_username = neutronadmin_password = Abcd1234

 

完成安装

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inisu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade juno" neutronsystemctl restart openstack-nova-api.service openstack-nova-scheduler.service \  openstack-nova-conductor.servicesystemctl enable neutron-server.servicesystemctl restart neutron-server.service

 

验证

source admin-openrc.shneutron ext-list

 

安装和配置网络节点

配置内核网络参数

vim /etc/sysctl.confnet.ipv4.ip_forward=1net.ipv4.conf.all.rp_filter=0net.ipv4.conf.default.rp_filter=0 sysctl -p

 

安装网络组件

yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch

 

编辑/etc/neutron/neutron.conf

mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf_bakvim /etc/neutron/neutron.conf[DEFAULT]rpc_backend = rabbitrabbit_host = controllerrabbit_password = Abcd1234auth_strategy = keystonecore_plugin = ml2service_plugins = routerallow_overlapping_ips = Trueverbose = True[keystone_authtoken]auth_uri = http://controller:5000/v2.0identity_uri = http://controller:35357admin_tenant_name = serviceadmin_user = neutronadmin_password = Abcd1234

 

编辑 /etc/neutron/plugins/ml2/ml2_conf.ini

 

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bakvim /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,gretenant_network_types = gremechanism_drivers = openvswitch[ml2_type_flat]flat_networks = external[ml2_type_gre]tunnel_id_ranges = 1:1000[securitygroup]enable_security_group = Trueenable_ipset = Truefirewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver[ovs]local_ip = 192.168.116.8enable_tunneling = Truebridge_mappings = external:br-ex[agent]tunnel_types = gre

 

编辑/etc/neutron/l3_agent.ini

mv  /etc/neutron/l3_agent.ini  /etc/neutron/l3_agent.ini_bakvim /etc/neutron/l3_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.OVSInterfaceDriveruse_namespaces = Trueexternal_network_bridge = br-exrouter_delete_namespaces = Trueverbose = True

 

编辑/etc/neutron/dhcp_agent.ini

mv  /etc/neutron/dhcp_agent.ini  /etc/neutron/dhcp_agent.ini_bakvim /etc/neutron/dhcp_agent.ini[DEFAULT]interface_driver = neutron.agent.linux.interface.OVSInterfaceDriverdhcp_driver = neutron.agent.linux.dhcp.Dnsmasquse_namespaces = Truedhcp_delete_namespaces = Trueverbose = Truednsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf

 

创建/etc/neutron/dnsmasq-neutron.conf并关掉dnsmasq进程

vim /etc/neutron/dnsmasq-neutron.confdhcp-option-force=26,1454pkill dnsmasq

 

编辑/etc/neutron/metadata_agent.ini

mv /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini_bakvim /etc/neutron/metadata_agent.ini[DEFAULT]auth_url = http://controller:5000/v2.0auth_region = regionOneadmin_tenant_name = serviceadmin_user = neutronadmin_password = Abcd1234nova_metadata_ip = controllermetadata_proxy_shared_secret = METADATA_SECRETverbose = True

 

编辑/etc/nova/nova.conf

 

mv /etc/nova/nova.conf /etc/nova/nova.conf_bakvim /etc/nova/nova.conf[neutron]service_metadata_proxy = Truemetadata_proxy_shared_secret = Abcd1234

重启nova-api服务

systemctl restart openstack-nova-api.service

　

配置开放的vSwitch（OVS）服务

systemctl enable openvswitch.servicesystemctl start openvswitch.serviceovs-vsctl del-br br-ex && ovs-vsctl add-br br-ex && ovs-vsctl add-port br-ex eth0 && reboot

　　

创建ifcfg-br-ex

vim /etc/sysconfig/network-scripts/ifcfg-br-exDEVICE=br-exDEVICETYPE=ovsTYPE=OVSBridgeONBOOT=yesOVSBOOTPROTO=noneIPADDR=192.168.116.8PREFIX=24DEFROUTE=yesGATEWAY=192.168.116.1DNS1="114.114.114.114"

 

 

编辑/etc/sysconfig/network-scripts/ifcfg-eth0

vim /etc/sysconfig/network-scripts/ifcfg-eth0 TYPE="Ethernet"BOOTPROTO="none"DEFROUTE="yes"NAME="eth0"UUID="0e9ff19f-53db-4e78-ab16-a271ff92bd2b"DEVICE="eth0"ONBOOT="yes"

 

停止Gro并重启network服务

ethtool -K eth0 gro off && service network restart

 

创建ml2_conf.ini重定向并启动服务与设置开机自启动

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inicp /usr/lib/systemd/system/neutron-openvswitch-agent.service \  /usr/lib/systemd/system/neutron-openvswitch-agent.service.origsed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \  /usr/lib/systemd/system/neutron-openvswitch-agent.servicesystemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service \  neutron-dhcp-agent.service neutron-metadata-agent.service \  neutron-ovs-cleanup.servicesystemctl restart neutron-openvswitch-agent.service neutron-l3-agent.service \  neutron-dhcp-agent.service neutron-metadata-agent.service \neutron-ovs-cleanup.service

 

验证

source admin-openrc.shneutron agent-list

 

 

配置计算机节点网络

  编辑/etc/sysctl.conf

vim /etc/sysctl.conf net.ipv4.conf.all.rp_filter=0 net.ipv4.conf.default.rp_filter=0 sysctl -p

 

 安装网络组件

yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch

 

 

编辑/etc/neutron/neutron.conf

mv  /etc/neutron/neutron.conf  /etc/neutron/neutron.conf_bakvim  /etc/neutron/neutron.conf[DEFAULT]rpc_backend = rabbitrabbit_host = controllerrabbit_password = Abcd1234auth_strategy = keystonecore_plugin = ml2service_plugins = routerallow_overlapping_ips = Trueverbose = True[keystone_authtoken]auth_uri = http://controller:5000/v2.0identity_uri = http://controller:35357admin_tenant_name = serviceadmin_user = neutronadmin_password = Abcd1234

 

编辑/etc/neutron/plugins/ml2/ml2_conf.ini

mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini_bakvim /etc/neutron/plugins/ml2/ml2_conf.ini[ml2]type_drivers = flat,gretenant_network_types = gremechanism_drivers = openvswitch[ml2_type_gre]tunnel_id_ranges = 1:1000[securitygroup]enable_security_group = Trueenable_ipset = Truefirewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver[ovs]local_ip = 192.168.116.10enable_tunneling = True[agent]tunnel_types = gre

 

启动OVS服务并将其配置为开机自启动

systemctl enable openvswitch.servicesystemctl restart openvswitch.service

 

编辑/etc/nova/nova.conf

vim /etc/nova/nova.conf[DEFAULT]network_api_class = nova.network.neutronv2.api.APIsecurity_group_api = neutronlinuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriverfirewall_driver = nova.virt.firewall.NoopFirewallDriver[neutron]url = http://controller:9696auth_strategy = keystoneadmin_auth_url = http://controller:35357/v2.0admin_tenant_name = serviceadmin_username = neutronadmin_password = Abcd1234

 

完成安装

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.inicp /usr/lib/systemd/system/neutron-openvswitch-agent.service \  /usr/lib/systemd/system/neutron-openvswitch-agent.service.origsed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' \  /usr/lib/systemd/system/neutron-openvswitch-agent.servicesystemctl restart openstack-nova-compute.servicesystemctl enable neutron-openvswitch-agent.servicesystemctl restart neutron-openvswitch-agent.service

 

验证

source admin-openrc.shneutron agent-list

 

创建外部网络

source admin-openrc.shneutron net-create ext-net --router:external True \  --provider:physical_network external --provider:network_type flatneutron subnet-create ext-net --name ext-subnet \  --allocation-pool start=192.168.116.240,end=192.168.116.250 \  --disable-dhcp --gateway 192.168.116.1 192.168.116.0/24

 

创建租户网

source demo-openrc.shneutron net-create lan-netneutron subnet-create lan-net --name lan-subnet \  --gateway 192.168.101.1 192.168.101.0/24neutron router-create lan-routerneutron router-interface-add lan-router lan-subnetneutron router-gateway-set lan-router ext-net

 

创建路由器以便租户网可以连接外部

验证

ping 192.168.116.150

 

做了上面的ovs就不要做下面的传统网络

 

配置控制器节点

  配置传统网络

            编辑/etc/nova/nova.conf 重启服务

vim /etc/nova/nova.conf[DEFAULT]network_api_class = nova.network.api.APIsecurity_group_api = novasystemctl restart openstack-nova-api.service openstack-nova-scheduler.service \openstack-nova-conductor.service

 

配置计算机节点

     安装网络组件

yum install -y openstack-nova-network openstack-nova-api

 

编辑 /etc/nova/nova.conf 

vim /etc/nova/nova.conf [DEFAULT]network_api_class = nova.network.api.APIsecurity_group_api = novafirewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDrivernetwork_manager = nova.network.manager.FlatDHCPManagernetwork_size = 254allow_same_net_traffic = Falsemulti_host = Truesend_arp_for_ha = Trueshare_dhcp_address = Trueforce_dhcp_release = Trueflat_network_bridge = eth0flat_interface = eth0public_interface = eth0

 

启动服务并配置为开机自启动

systemctl enable openstack-nova-network.service openstack-nova-metadata-api.servicesystemctl restart openstack-nova-network.service openstack-nova-metadata-api.service

 

 

创建初始网络（192.168.116.25/29根据当前外网计算得出的这里的外网是指云主机获取到的ip可直接访问外网,生产环境中可将这里配置为从运营商那里获取到的ip段）

source admin-openrc.shnova network-create demo-net --bridge eth0 --multi-host T \  --fixed-range-v4 192.168.116.25/29

 

验证

nova net-list