openstack 管理三十二 - rpm 方式部署 openstack [neutron]
2017-02-21 16:17
531 查看
作用
1 neutron 实现了 openstack 下的虚拟网络功能 2 能够实现路由与交换功能 3 能够具有 dhcp 分配 ip 至云主机
neutron 定义了整个 openstack 的网络模型, 当前测试使用了 flat (平面网络) 生产使用了 vlan
flat gre local vlan vxlan
neutron 在网络类型中支持下面的组件, 当前使用了 ovs 作为虚拟交换机
arista cisco nexus hyper-V agent L2 population linux bridge agent open vswitch agent tail-f NCS
软件安装
# yum install -y openstack-neutron.noarch openstack-neutron-ml2.noarch openstack-neutron-openvswitch.noarch
必须升级 iproute, 升级后, ip 命令能够具有 netns 参数, 否则在创建云主机时, 无法分配 ip (rhel7不需要)
# yum update iproute
neutron 连接 keystone
# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host 240.10.130.25 # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password neutron # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357 # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocal http # openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://240.10.130.25:5000/ # openstack-config --set /etc/neutron/neutron.conf agent root_helper sudo\ neutron-rootwrap\ /etc/neutron/rootwrap.conf # openstack-config --set /etc/neutron/neutron.conf agent report_interval 30
neutron 连接 rabbitmq
# openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_kombu # openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_host 240.10.130.25 # openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_port 5672 # openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_userid neutron # openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_password openstack
定义网络 plugin
选择 ml2 作为当前网络 plugin 核心, ovs 将会在以后弃用# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini # openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin neutron.plugins.ml2.plugin.Ml2Plugin # openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin # openstack-config --set /etc/neutron/plugin.ini ml2 type_drivers vxlan,flat # openstack-config --set /etc/neutron/plugin.ini ml2 tenant_network_types vxlan,flat # openstack-config --set /etc/neutron/plugin.ini ml2 mechanism_drivers openvswitch # openstack-config --set /etc/neutron/plugin.ini agent l2_population True
配置 ml2 plugin
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vxlan # openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan,flat # openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch # openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vxlan_group 239.1.1.1
neutron 连接 nova
定义连接 nova 方法, 不定义无法正常创建云主机# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True # openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_url http://240.10.130.30:8774/v2 # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_region_name RegionOne # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_username nova # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_tenant_id 5abe0972887645698adbdb94167f9be9 # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_password nova # openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_auth_url http://240.10.130.25:35357/v2.0 # openstack-config --set /etc/neutron/neutron.conf DEFAULT send_events_interval 2
neutron 连接数据库
# openstack-config --set /etc/neutron/neutron.conf database connection mysql://neutron:openstack@240.10.130.25:3306/neutron_ml2
初始化 neutron 数据库
# neutron-db-manage --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head
上述命令假如成功, 会出现类似下面的信息
INFO [alembic.migration] Running upgrade 538732fa21e1 -> 5ac1c354a051 INFO [alembic.migration] Running upgrade 5ac1c354a051 -> icehouse
启动 neutron
# service neutron-server restart
L3 agent 配置
# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT gateway_external_network_id # openstack-config --set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge # openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
桥接网络配置
/etc/sysconfig/network-scripts/ifcfg-eth0DEVICE=eth0 ONBOOT=yes HWADDR=48:46:FB:04:97:EC TYPE=OVSPort DEVICETYPE=ovs OVS_BRIDGE=br-ex
/etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge BOOTPROTO=static IPADDR=10.199.130.29 NETMASK=255.255.252.0 GATEWAY=10.199.128.1 ONBOOT=yes
重启网络可实现桥接网络
# service network restart
创建 OVS 桥接网络
# openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs network_vlan_ranges physnet1 # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs tunnel_type vxlan # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs bridge_mappings physnet1:br-ex # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs local_ip 10.199.130.29 # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs enable_tunneling True # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs integration_bridge br-int # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini ovs tunnel_bridge br-tun # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini agent tunnel_types vxlan # openstack-config --set /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini securitygroup firewall_driver \ # neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
服务启动
service neutron-l3-agent restart service neutron-openvswitch-agent restart
在 openstack 环境下创建网络
网络管理
创建 ext_net 网络, 指定使用平面网络类型
# source /root/keystonerc_admin # neutron net-create ext_net --provider:network_type flat --provider:physical_network physnet1 --router:external=True
创建子网 public_net, 指定网络, dhcp 分配池, dns 信息
# neutron subnet-create ext_net --name public_net --gateway 10.199.128.1 10.199.128.0/22 --allocation-pool start=10.199.131.200,end=10.199.131.220 --enable_dhcp=true --dns-nameserver 10.199.129.21
配置 dhcp agent 功能
# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT auth_strategy keystone # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT resync_interval 30 # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces True # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_metadata_network False # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_delete_namespaces False # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT root_helper sudo\ neutron-rootwrap\ /etc/neutron/rootwrap.conf # openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT state_path /var/lib/neutron # openstack-config --set /etc/neutron/dhcp_agent.ini keystone_authtoken auth_host 10.199.130.25 # openstack-config --set /etc/neutron/dhcp_agent.ini keystone_authtoken admin_tenant_name service # openstack-config --set /etc/neutron/dhcp_agent.ini keystone_authtoken admin_user neutron # openstack-config --set /etc/neutron/dhcp_agent.ini keystone_authtoken admin_password openstack
配置 metadata agent 验证信息
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_url http://240.10.130.25:35357/v2.0 # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_region RegionOne # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_tenant_name service # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_user neutron # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT admin_password neutron # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT debug False # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT auth_insecure False # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip 240.10.130.30 # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_port 8775 # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret 744ee65672684281 # openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_workers 0
假如 metadata 没有配置, 创建虚拟机期间将会遇见下面错误
ci-info: ++++++++++++++++++++++++++++Net device info++++++++++++++++++++++++++++ ci-info: +--------+-------+----------------+---------------+-------------------+ ci-info: | Device | Up | Address | Mask | Hw-Address | ci-info: +--------+-------+----------------+---------------+-------------------+ ci-info: | sit0 | False | . | . | . | ci-info: | lo | True | 127.0.0.1 | 255.0.0.0 | . | ci-info: | eth0 | True | 10.199.131.208 | 255.255.252.0 | fa:16:3e:0e:61:31 | ci-info: +--------+-------+----------------+---------------+-------------------+ ci-info: ++++++++++++++++++++++++++++++++Route info+++++++++++++++++++++++++++++++++ ci-info: +-------+--------------+--------------+---------------+-----------+-------+ ci-info: | Route | Destination | Gateway | Genmask | Interface | Flags | ci-info: +-------+--------------+--------------+---------------+-----------+-------+ ci-info: | 0 | 10.199.128.0 | 0.0.0.0 | 255.255.252.0 | eth0 | U | ci-info: | 1 | 169.254.0.0 | 0.0.0.0 | 255.255.0.0 | eth0 | U | ci-info: | 2 | 0.0.0.0 | 10.199.128.1 | 0.0.0.0 | eth0 | UG | ci-info: +-------+--------------+--------------+---------------+-----------+-------+ 2014-10-13 15:35:21,836 - url_helper.py[WARNING]: Calling 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [0/120s]: bad status code [500] 2014-10-13 15:35:22,846 - url_helper.py[WARNING]: Calling 'http://169.254.169.254/2009-04-04/meta-data/instance-id' failed [1/120s]: bad status code [500]
neutron 服务启动
# service messagebus restart
# service neutron-server restart# service neutron-dhcp-agent restart
# service neutron-l3-agent restart
# service neutron-metadata-agent restart
# service neutron-openvswitch-agent restart
相关文章推荐
- openstack 管理二十六 - rpm 方式部署 openstack [mariadb]
- openstack 管理三十三 - rpm 方式部署 openstack [compute]
- openstack 管理二十八 - rpm 方式部署 openstack [keystone]
- openstack 管理二十五 - rpm 方式部署 openstack(架构说明)
- openstack 管理二十九 - rpm 方式部署 openstack [glance]
- openstack 管理二十七 - rpm 方式部署 openstack [rabbitmq]
- openstack 管理三十 - rpm 方式部署 openstack [cinder]
- openstack 管理三十一 - rpm 方式部署 openstack [nova]
- OpenStack安装部署管理中常见问题解决方法(OpenStack-Lite-FAQ)
- OpenStack学习笔记————OpenStack安装部署管理中常见问题解决方
- OpenStack安装部署管理中常见问题解决方法(OpenStack-Lite-FAQ)
- OpenStack安装部署管理中常见问题解决方法(OpenStack-Lite-FAQ)
- OpenStack安装部署管理中常见问题解决方法
- OpenStack(Kilo版本)网络服务neutron的安装部署
- openstack neutron I版部署
- 基于OpenStack(IceHouse+neutron) 部署 CloudFounry v183
- Openstack 自动化部署puppet代码管理
- vmware vcenter 5.5 + OpenStack Neutron flat 网络部署
- OpenStack实施管理手册-第一章 部署准备