OpenStack架构----neutron组件(四)
更新:HHH   时间:2023-1-7


前言:

整个OpenStack是由控制节点,计算节点,网络节点,存储节点四大部分组成。本篇博文将详细讲解网络节点neutron组件部署过程,整体分为两部分:控制节点和计算节点都需要设置。

网络节点架构

网络节点仅包含Neutron服务

Neutron:负责管理私有网段与公有网段的通信,以及管理虚拟机网络之间的通信/拓扑,管理虚拟机之上的防火等等

网络节点包含三个网络端口

eth0:用于与控制节点进行通信

eth2:用于与除了控制节点之外的计算/存储节点之间的通信

eth3:用于外部的虚拟机与相应网络之间的通信

实验环境:


主  机系  统IP地址角  色
controllerCentOS7192.168.37.128keystone、nova、glanceneutron、ntp、mariadb、rabbitmq、memcached、etcd、apache、
computeCentOS7192.168.37.130nova、neutron、ntp
cinderCentOS7192.168.37.131cinder、ntp
实验过程:

++controller节点neutron网络配置++

1、创建nuetron数据库和授权

mysql -u root -p

create database neutron;

grant all privileges on neutron.* to 'neutron'@'localhost' identified by '123456';

grant all privileges on neutron.* TO 'neutron'@'%'identified by '123456';


2、创建用户neutron

source ~/admin-openrc

openstack user create --domain default --password-prompt neutron


3、把neutron用户添加到glance用户和项目中

openstack role add --project service --user neutron admin


4、创建neutron服务

openstack service create --name neutron   --description "OpenStack Networking" network


5、创建网络服务API端点

openstack endpoint create --region RegionOne network public http://controller:9696

openstack endpoint create --region RegionOne network internal http://controller:9696

openstack endpoint create --region RegionOne network admin http://controller:9696


6、yum安装neutron软件包

yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables


7、修改配置文件

vim  /etc/neutron/neutron.conf

[database]

//729

connection = mysql+pymysql://neutron:123456@controller/neutron


[DEFAULT]

//27

auth_strategy = keystone

//30

core_plugin = ml2             #插件ml2

//33 不写代表禁用其他插件

service_plugins =

//570

transport_url = rabbit://openstack:123456@controller

//98

notify_nova_on_port_status_changes = true     #nova端口状态通告

//102

notify_nova_on_port_data_changes = true      #端口数据通告


[keystone_authtoken]     #令牌注册信息

//847

auth_uri = http://controller:5000

auth_url = http://controller:35357

//898

memcached_servers = controller:11211

//1005

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = 123456


[nova]

//1085

auth_url = http://controller:35357

//1089

auth_type = password

//1127

project_domain_name = default

//1156

user_domain_name = default

//1069

region_name = RegionOne

//1135

project_name = service

//1163

username = nova

//1121

password = 123456


[oslo_concurrency]

//1179

lock_path = /var/lib/neutron/tmp


8、配置网络二层插件

vim /etc/neutron/plugins/ml2/ml2_conf.ini


[ml2]

//136

type_drivers = flat,vlan          #flat-桥接  vlan-局域网

//141   设置空是禁用本地网络

tenant_network_types =

//145

mechanism_drivers = linuxbridge

//150

extension_drivers = port_security


[ml2_type_flat]

//186

flat_networks = provider         #桥接网络类型


[securitygroup]

//263

enable_ipset = true            #安全组


9、配置Linux网桥

vim  /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[linux_bridge]

//157

physical_interface_mappings = provider:ens33


[vxlan]

//208

enable_vxlan = false


[securitygroup]

//193

enable_security_group = true             #开启安全组

//188

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver


10、配置DHCP

vim /etc/neutron/dhcp_agent.ini


//16

interface_driver = linuxbridge           #接口类型

//28

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

//37

enable_isolated_metadata = true


11、配置metadata

vim  /etc/neutron/metadata_agent.ini


[DEFAULT]

//22

nova_metadata_host = controller

//34

metadata_proxy_shared_secret = 123456


12、配置计算服务使用网络服务

vim /etc/nova/nova.conf        #在``[neutron]`` 部分,配置访问参数


[neutron]

//7613

url = http://controller:9696

//7689

auth_url = http://controller:35357

//7683

auth_type = password

//7710

project_domain_name = default

//7763

user_domain_name = default

//7757

region_name = RegionOne

//7704

project_name = service

//7730

username = neutron

//7739

password = 123456

//7652

service_metadata_proxy = true          #metadata代理开启

//7584

metadata_proxy_shared_secret = 123456     #代理的认证密钥


13、建立服务软连接

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini


14、同步数据库

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf   --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron


15、重启compute API服务,并开启相关服务

systemctl restart openstack-nova-api.service

systemctl enable neutron-server.service   

systemctl enable neutron-linuxbridge-agent.service 

systemctl enable neutron-dhcp-agent.service   

systemctl enable neutron-metadata-agent.service

systemctl restart neutron-server.service   

systemctl restart neutron-linuxbridge-agent.service 

systemctl restart neutron-dhcp-agent.service   

systemctl restart neutron-metadata-agent.service


++compute节点neutron网络配置++

1、yum安装neutron包

yum install -y openstack-neutron-linuxbridge ebtables ipset


2、配置公共组件

vim /etc/neutron/neutron.conf


[DEFAULT]

//27

auth_strategy = keystone

//570

transport_url = rabbit://openstack:123456@controller


[keystone_authtoken]

//847

auth_uri = http://controller:5000

auth_url = http://controller:35357

//898

memcached_servers = controller:11211

//1005

auth_type = password

project_domain_name = default

user_domain_name = default

project_name = service

username = neutron

password = 123456


[oslo_concurrency]

//1180

lock_path = /var/lib/neutron/tmp


3、配置Linux网桥

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini


[linux_bridge]

//157

physical_interface_mappings = provider:ens33


[vxlan]

//208

enable_vxlan = false


[securitygroup]

//193

enable_security_group = true

//188

firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver


4、配置计算节点网络服务

vim /etc/nova/nova.conf


[neutron]

//7534

url = http://controller:9696

//7610

auth_url = http://controller:35357

//7604

auth_type = password

//7631

project_domain_name = default

//7657

user_domain_name = default

//7678

region_name = RegionOne

//7625

project_name = service

//7651

username = neutron

//7660

password = 123456


5、开启相关服务

systemctl restart openstack-nova-compute.service


systemctl enable neutron-linuxbridge-agent.service

systemctl start neutron-linuxbridge-agent.service


到此为止,neutron组件已经安装完成,谢谢阅读!


返回云计算教程...