- 积分
- 16840
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
一、控制节点配置* d0 G! B4 ?8 |
在控制节点进行以下操作。4 e: Y- ~/ Z/ e& K' ^
5 V: s( D. b" F! |6 v V: i. f* V1、配置数据库4 P/ M$ M* P8 {
进入数据库控制台(密码123456):& p, M& X5 \6 ^ g7 C! n
% v; u/ D5 |6 N
mysql -u root -p
5 l. P6 E m6 \
7 z, F; |4 s# E% M9 x O
' \2 l2 U1 n. Y, T5 abash3 }! |! Y3 ^# s7 f* Z( U! ^/ W6 k
创建数据库并授予权限,退出数据库:
4 U1 t+ n, P, |" t3 R( `
0 M) A0 M2 w$ J9 uCREATE DATABASE neutron;
% U, c4 U7 s6 n+ lGRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';* t- B) T% l" R/ ]
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';$ u0 ~/ o* f+ ]; A* E y
! H+ O6 b7 A- F
2 P$ X3 G$ M. z7 E; |& @
, k3 G( {; _" F% r5 Z' b% t) u" W" S- n, C0 e( M
- V) p1 w% c3 ]3 t" \, }: K* m- [( z1 p- z4 p- W, V5 T# q
2、创建neutron用户) j- B6 V2 ]- n( O9 i
登录admin支行好:6 j. I: _5 D* S/ Y( C( u# |/ o
1 \$ L$ P* X5 a) D7 C* A! N* m
. admin-openrc
; u i& R. y% s! i3 i) S8 F5 s# F$ P$ x4 M, f$ }- k! T+ |2 I. W1 Y
bash3 E# t/ D. s5 I/ ~8 F, n
在domain:default创建用户neutron:8 H! P X7 j! p6 R
8 c" z8 e6 w2 E; m7 P0 @# popenstack user create --domain default --password-prompt neutron$ p9 |$ |" Q& l0 {$ A3 Q
) M* u! E! J- f6 ~3 T! c; r2 F
bash
: Q3 `" ?# D4 Q: M* E7 C7 V9 @ {如下图:
! c' ~: p) m x, [1 }- r$ G! F- z) h7 H! s7 e" n6 B6 I
7 v7 M: g! e2 K8 C( O6 P
- E8 |! |, M8 M U授予neutron服务admin权限:
6 j% U7 g' R7 y; G# i3 ~2 L! ^5 l
( W% U5 g5 r, Ropenstack role add --project service --user neutron admin! F( u4 D9 m, q/ Z
) J+ q+ F/ X' {, s$ d( [3 k
bash2 Q$ O0 G( ]; r- r$ i: k1 e
创建neutron服务入口:: f# V7 o6 z+ J, ]: R
' S- u# D) z' O' z9 S6 x9 w/ @openstack service create --name neutron --description "OpenStack Networking" network9 \7 V2 f$ b& P6 ~1 |, b8 L2 Q
* ]/ x; y. t0 d2 }$ V: kbash
! Y5 R& Q: B9 T# A- j如下图:# O( c! H# h- o) j$ | h$ D* T
$ z/ ]1 @- I3 U7 N3 A2 T. n6 M) w
+ f' [2 s$ G! O; H
# P4 n4 S) R8 D9 ~
创建网络服务API端点:# o5 r& }3 L* h) e- S. |
' ]: y! W4 ]! ?
openstack endpoint create --region RegionOne network public http://controller:9696) g6 Q! p: L4 c- l! w4 ~
openstack endpoint create --region RegionOne network internal http://controller:9696
: a1 i, k7 d& Wopenstack endpoint create --region RegionOne network admin http://controller:9696, m3 _* k1 F8 w/ e" e
AI构建项目
$ g6 |. M4 u1 sbash" S# _% G& p( W* @ q. p1 f) }
如下图:
$ D# q' Y4 Q1 p0 Z! o% f
7 w8 ]. X4 M- v w! f7 Z! O
' r1 K( r/ F# k0 L8 J3 D- g% c2 R" ?5 d E1 B9 Y
3、配置selfservice网络 S- w- |. O% Y* U* [0 F
安装neutron:4 X2 B, o- u# ~, ?7 Y' x# B
9 A- O: b% B+ U, P3 I2 @8 p
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
- e3 ^! E+ T$ K, iAI构建项目
- `# U0 P7 F1 Q* u2 @bash0 @' a8 m, Q: z9 T, p9 [- ?, X* f
备份/etc/neutron/neutron.conf,删除其注释:
3 D: j; X% C8 s2 p( O ^6 w' e* H) z! t4 `# H& x5 O
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source+ j% K, W2 {' h7 y* p- G: `5 ]
cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf; n7 @9 R# ?* F3 s4 R
AI构建项目
4 ^! d( F8 J; m# gbash) W, t- O2 B4 l& _) P# R
编辑/etc/neutron/neutron.conf:; `! W, P3 P3 d+ u( p, A Y1 ?
% v# K* b$ z N[DEFAULT], Y3 c' P ^! A; C" z
# ...
; }# _, F; R% x& K& S5 ccore_plugin = ml2- C, z" @& f3 u/ T- \7 o B; H
service_plugins = router; [" r0 `4 ]! Y4 Z5 }% l+ j$ i5 M Z
allow_overlapping_ips = true0 @: V7 ?! [7 K
transport_url = rabbit://openstack:123456@controller
7 L9 H9 l( ?- [auth_strategy = keystone
. U9 g( [; R$ ^& b6 D* knotify_nova_on_port_status_changes = true
, t8 h. a3 ~' M' S0 lnotify_nova_on_port_data_changes = true
/ A8 l# `/ ?) x3 p: s% t
1 r" G. U% ^! |% _* q8 M; \0 L[database]
& s! K% j# M* L+ r' M6 C# ...
; q1 Q* Q4 R' tconnection = mysql+pymysql://neutron:123456@controller/neutron# n9 `' R& [; d4 _- l! w) p6 p* r
& i" C- b# ?: t8 A, k- j6 C) V
[keystone_authtoken]
0 b. {* o( s6 w1 Q# ...$ @8 _& f9 K& o' N
www_authenticate_uri = http://controller:5000
0 b1 O. E* U5 d; |# Aauth_url = http://controller:5000
% n) R- Y& _2 W; N2 ^memcached_servers = controller:11211
# o" }$ w. Z; d1 R4 H' dauth_type = password V" ^7 Z5 C$ s% C( n
project_domain_name = default
4 q* ~( N8 g+ Z9 w$ \2 Ruser_domain_name = default
2 }5 i% C0 [, C+ H( tproject_name = service3 r' j0 X2 t' r% |
username = neutron9 Q; \; {/ e1 L3 ?
password = 1234567 W1 T3 h* Z% _9 c( y& J+ C" s
9 f7 E$ f# w+ @* E) q[nova]
; }: u! ~/ _, v$ Z6 x4 T/ I, h" T) c# ...; X3 O# |. m. {0 Z
auth_url = http://controller:50002 k# G! W; @* p. |$ @
auth_type = password- x! W9 v1 Z- w& r; ?2 f9 a
project_domain_name = default
1 V; ^& [. \( ?: K4 {& ^# Ouser_domain_name = default0 ]+ _' H, Y5 j) H1 {1 L: c1 |
region_name = RegionOne. A' [: p: B7 D; Q' `+ c
project_name = service, e! A+ S1 x u) K$ n- T
username = nova* p# {1 W4 t. R5 e6 D
password = 123456
* w' e6 k7 C1 {! ^4 B! p 3 R# z- s8 P+ @6 s
[oslo_concurrency]
% ~1 ?) b2 e5 V l2 x% A* K# ...
) E' q' x c' x& L0 Vlock_path = /var/lib/neutron/tmp
: [1 ]# v+ H7 v( r: F3 X+ r ; @7 T# R9 e4 W* q+ e* y! L. R
AI构建项目
% K6 q5 O4 s# u3 }" h* G& c& cbash
/ V2 }6 i. g" M6 M/ [6 U4、配置ml2
$ J9 ~1 ]5 G ? b1 s 备份/etc/neutron/plugins/ml2/ml2_conf.ini,删除其注释:
2 C0 v( X+ y: {- f; e" T1 M/ L: L" S0 B- @
mv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.source) }8 C$ d* h$ j2 }+ S3 Z; k
cat /etc/neutron/plugins/ml2/ml2_conf.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/ml2_conf.ini$ q( K% N& Q# v5 _9 x% G, l9 ^8 E
AI构建项目
0 G. q7 s. g; v" d2 ?bash( e# U( y L. n9 F& |. U B
对/etc/neutron/plugins/ml2/ml2_conf.ini进行以下配置: i5 F/ B$ y% R8 |; G V; ~
$ q/ F X! u4 D) g
[ml2]
7 _, H: ^5 C7 f, p$ J+ M# ...1 C; }( |2 h) d' B8 \
type_drivers = flat,vlan,vxlan' A5 O+ w% t6 ?0 O3 X7 T0 |
tenant_network_types = vxlan0 S; [% g! i* Y) \' F+ D
mechanism_drivers = linuxbridge,l2population
4 ]5 K/ { H7 i1 v j: iextension_drivers = port_security6 P1 q& j9 z# B# K9 X2 G+ j& H
# s% N( a3 Y6 |+ b: d0 v[ml2_type_flat]( l2 w0 |+ X3 O3 ~2 ]& W7 O
# ...
+ o- |5 g/ [! p2 m: lflat_networks = provider
4 g' u2 W n# q) J6 W* C 7 c$ v. I5 Z" i3 H
[ml2_type_vxlan]
, S" t9 P' R6 D/ Z: O$ {# ...$ A! G. {5 n% P) x
vni_ranges = 1:1000
9 G9 |+ ]5 Q5 |& K$ ]! M & {# s' `5 I! y. w/ J' b) M. K
[securitygroup]" p6 ]4 d- L1 F* |1 N
# ..." C, n6 p5 |3 R Z% n
enable_ipset = true8 b6 I. M* Y$ a8 d$ ?
AI构建项目; ]. E) M$ e4 B& j" e: v9 n1 A
bash
7 d( a3 p) H% g& F. Y, i U5、配置linux网桥
% B+ y' U6 v$ _( @: Z 备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:! w; j( e# r. K( Z
' s2 V# n# V+ ]3 \+ ]3 nmv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source7 p P0 i) t6 y7 _- E/ N9 w
cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
! ?# o. J5 {3 {8 g( G) R% aAI构建项目
. O5 s: \* U# R' @$ d( dbash) N0 j; g2 o3 b! @( J+ y \
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):
8 l1 ~* d. w8 [0 B2 {
! Q. D4 Y. s! t: U! W[linux_bridge]
' k0 d7 u: l, x# Ophysical_interface_mappings = provider:ens33: {/ b8 Y1 H0 \! S* k
' j* C. o2 p @' }1 x+ N6 K[vxlan]
* j( j( Z5 r# m! senable_vxlan = true
7 f, g# V& p+ e/ Y% |+ _' glocal_ip = 10.0.0.11
% V" g0 E( B2 F( O6 E9 bl2_population = true7 G P- K+ Y" f/ B9 K. X1 ]0 P* P
: ~8 [) C$ V9 y, y9 a$ a
[securitygroup]9 {8 f! p6 L$ m# S& G4 V( a' S
# ...
9 _2 C: W: x, p4 O7 D& x$ Q4 Denable_security_group = true8 { `( f3 {! z2 _' C
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
% ^ g2 Y) }: h. J2 I' S% U3 l* AAI构建项目; }4 ^* Q$ N0 x- B$ f
bash: Z+ u( K* q0 d% ~! t3 C. [/ E8 }' w! r
修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:% A# e! h* H P2 _% L# c- u
5 g7 S2 Y, y; L1 k7 \
net.bridge.bridge-nf-call-iptables = 1/ A6 E1 \8 d3 f# d! r% C
net.bridge.bridge-nf-call-ip6tables = 1# l( `9 p3 q3 L: a! N+ d) t/ M% S
AI构建项目# ]. [9 m( T) R! Y$ z) w
bash% j1 `; N& T' J- v& }& E
如下图:
% I2 Y5 O' X- g1 h5 l1 _+ O; q# C9 c9 S& o
) U& f' T% v* i2 ]
5 x9 T! p" t5 y( r$ Z, Q' M+ s添加网桥过滤器,并设置开机加载:
" \3 `! ^7 A. x v# }2 @* x6 |
) X' ^* Z' {( x8 k- n" e/ Rmodprobe br_netfilter% \1 j7 M* y1 L0 o+ F, X7 P
sysctl -p
L/ ]' o, _. f8 j4 Esed -i '$amodprobe br_netfilter' /etc/rc.local
& ^5 [' ~' f& Q& jAI构建项目2 _' a* j2 T+ z4 E3 [# F
bash% f# s' z0 D; b5 j$ l" w
如下图:
! ?/ a& [) m$ C+ i* r r+ F- }8 m
\* Y3 Y3 k0 z o; }4 @0 f
" R* D1 p4 f- ^. s {3 @% X( l/ c+ Q
6、配置L3代理
0 F- f) ?% e( J# I' m! ^- n编辑/etc/neutron/l3_agent.ini,添加以下内容:% j8 m/ q1 L' n- y
# g- i: O$ A# W( n, {& d- k. T
[DEFAULT]7 q4 h* g, d; i3 [9 s/ B7 P
# ...) H- j& S& ]! z6 q$ V1 ?
interface_driver = linuxbridge
7 T5 C5 e9 w# N& v7 }% x5 Q2 NAI构建项目# { s# t9 [2 n) G
bash! J! C9 F- r( ^' i& A+ e; d! A1 X
如下图:
- h e U3 h C( P3 U" w0 C. D4 I. x: M9 L9 o! d& C
3 g& g, R9 {8 A% {2 c9 ?7 O
$ w# T* e7 t1 ^0 A7、配置dhcp
, u& F: j( ]' h' ~编辑/etc/neutron/dhcp_agent.ini,添加以下内容:. x( x! i+ k3 R: X1 z
; d8 Y$ h- E$ u3 t/ \( t[DEFAULT]
6 n2 M, c: c2 x5 |; v: _( D9 Q& ~# ...2 C( J8 a o% T: k& R3 o0 x
interface_driver = linuxbridge0 @2 ]% A6 N5 }, U4 a, n
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq6 Z) N2 s; Z! J! D" M: J. `
enable_isolated_metadata = true
1 k+ `8 t4 Y9 q4 lAI构建项目
+ i( M) V9 Q4 ~6 d9 Y- pbash
! y8 ]0 w+ T; W3 S如下图:* e6 O" O0 ?3 N( d
" C. J+ k# j, X% C7 O
) X, W4 c5 J$ y( L% ]
& Z) J9 d+ C8 Q- k8 Z8、配置meta代理% E, {% E0 I- ~% P& ~
编辑/etc/neutron/metadata_agent.ini,进行以下配置:! {9 h; S: m0 N* x! J2 t
) R2 g" }) v+ @7 q; }[DEFAULT]& p0 f/ T" G) P- [; k' p3 U
# ...
$ k2 @5 J0 ^" }+ enova_metadata_host = controller% }6 \1 }9 ~- Z2 `( g' i; D
metadata_proxy_shared_secret = 123456# z$ u1 `* j; b( u& I5 C
AI构建项目3 N" \5 \( Q0 l
bash
% |; @, X* W$ o4 C8 ?如下图:7 s+ e* o0 w3 u- V' }! V
2 ]7 D0 c$ [. o# N6 o
& o) k' g2 {2 S2 _9 ^) f# p2 P7 B! K/ E* j9 {9 Z+ q9 m
9、配置nova使用neutron服务7 S+ F7 \; ^% D7 d- I. M2 Q+ C
编辑/etc/nova/nova.conf,进行以下配置:
. S8 ~% b* J# B+ l$ O- J4 i
7 c1 M5 V6 }5 t3 G7 X[neutron]
9 f0 h3 J7 n0 g5 J& L. s& n* l# ...
& C, |! _0 ~* T6 fauth_url = http://controller:5000
1 X1 r, X2 {8 N- ~: B+ F" e1 `- Vauth_type = password+ [) P/ c( K- z0 x/ t* r' d' N0 X
project_domain_name = default
" i' Z: H, ^" F* L( T& Z7 Kuser_domain_name = default: l& c7 {& m3 t9 m
region_name = RegionOne; U5 t" j( U6 k( y' \5 z G' D
project_name = service5 {% D# o6 w, C# U& P6 ^
username = neutron8 y7 h9 @ Y5 n- k9 I
password = 123456& x" X% F6 V/ d
service_metadata_proxy = true0 i" c" [! d$ N1 }, v
metadata_proxy_shared_secret = 123456
1 T5 W: h) ]( n0 C4 Y5 LAI构建项目. j3 ^, r4 C2 S- s
bash. h/ P5 r u3 u! E2 |9 B" ?
如下图:
6 f' K* q+ V3 K. f @/ K; b6 d
l5 \+ [% c% i. M1 n
0 m0 x: i& ^- Y2 e0 n7 H2 B, s! j4 I7 X# \
10、收尾2 V" L }" M2 H% t
创建软连接:7 I0 D, p& j. g
8 F7 J: }( r3 J, o
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini% {5 A6 F$ y, @5 s6 Y
AI构建项目
/ l6 [! Q- f. q, c8 Bbash
# p9 X, ~ Y6 y7 u+ b同步数据库:
1 r6 V5 ?4 Y/ ^1 `
1 Z. A# w3 m: T" Isu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron# R B2 @9 p6 S. P
AI构建项目7 I( k& M2 m% P+ ]9 c
bash3 }/ p4 w4 x- ]( U
如下图:& Y z% S5 I7 @, Y0 u
3 v% x# N( O+ a% Z! l% `, N
; l, _2 I0 B- F% g! q
7 T. O' O4 T( s1 f5 P
重启nova-api:
. _3 J& r! w- R' [1 J2 }2 K
0 x" w5 Y- E6 A; Lsystemctl restart openstack-nova-api.service4 Q# U2 P* `/ p( t
AI构建项目6 t1 U7 |5 ]4 D
bash
: q/ n' w- {2 x' X* w, ~设置开机自启,并启动服务: s ]! F- g% |, n1 p# n
* M) R T0 P: a) A, R7 |2 L$ Csystemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
& k: [: H, R2 t' E, A+ n; L3 H$ qsystemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
0 A9 q% c4 K# lsystemctl enable neutron-l3-agent.service4 ?" U6 B& n6 z! {9 O
systemctl start neutron-l3-agent.service4 ?3 f6 D5 ?: V; |" z
AI构建项目
( f6 E, X- G6 r ^bash
" P5 X/ ]$ C- h: m- _1 k( ^9 a" j二、计算节点配置
5 K! P0 v% p' Z' Z+ s9 O' t9 R在计算节点完成以下操作。8 _" ~0 b3 O* |+ M3 V) d
# X# ^) C9 {# l8 l2 x$ Q' U
1、安装包* D% A0 Z5 w. k& n
安装包:
; i% W* y( a- j6 d! B+ \ E
3 G% W4 |! o0 [( h O% x0 ^( Jyum install openstack-neutron-linuxbridge ebtables ipset -y: n% a. }2 k& k& ^
AI构建项目7 z6 B9 W$ i* I5 O* t {& ~
bash
0 {4 j; @: k8 e; S& _4 u4 ]: K" r5 F 备份/etc/neutron/neutron.conf,删除其注释:
6 {4 A' z- ]3 r( \- v( S; g
% r, r2 j8 Y6 I6 }mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source
3 P0 J% K! p# C) e' \cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf
* r. @# _5 E/ V: O. J7 v) P6 n, KAI构建项目; q: l# R6 Z7 J& y/ d) A" b
bash
' g# U* p6 t+ u& I编辑/etc/neutron/neutron.conf,进行如下配置:
5 F! @6 r( d( ?. s$ Z- [$ o `2 ?8 a4 m& d3 N6 L
[DEFAULT]
% m U+ Z. Z/ P# ...
: e7 S8 d/ m! mtransport_url = rabbit://openstack:123456@controller
6 O- H9 m. c7 `5 @: Mauth_strategy = keystone+ Z' n5 B/ R* a/ l6 A
8 [( {" ]0 Y2 Q7 A% a: s! K[keystone_authtoken]
, J: d6 h; T* k! q5 `# ...
r0 H, \ w' L8 ^www_authenticate_uri = http://controller:5000
1 S9 ]: a: V/ v. kauth_url = http://controller:5000 }$ b$ V$ B& d) u$ w8 @
memcached_servers = controller:11211
+ C" B T: ~5 }! ~3 u( |auth_type = password
. S# ]# Y) t2 H/ d5 y0 e! E6 a. fproject_domain_name = default8 P* A. ^( S- n
user_domain_name = default
. j+ K7 d2 _1 x( h9 a6 fproject_name = service
" A) @1 t4 Y- J6 l$ ]3 g0 g$ tusername = neutron( h7 \7 D* J9 _; Q; @8 J
password = 123456
: @5 b0 ^" _" w* E 3 a! P" e& _) P- k; K- P& e4 ?
[oslo_concurrency]
u& `# d$ j3 Q) d# G6 _# ...$ Z- d' Y/ X1 Q; ?
lock_path = /var/lib/neutron/tmp
, I6 @5 X' o$ ^' s; T" K/ ^0 EAI构建项目
5 m( j, `: P$ Z; @1 Obash
$ g/ P$ }8 i. ?, b1 q" i. `2、配置linux网桥1 G! L( P! N# j- ?" I
备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:
: I0 c- e0 l8 T7 b, _- Y
- q9 q; K, V5 t b' L. O' `9 f pmv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source& I# W; t3 R- ^. k
cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
; u& s: m1 N3 h5 _& i9 A6 ?AI构建项目
) N2 X& `2 `% j* C0 \; E, nbash8 Y) F- Z7 Q, G. o9 E# Q1 ]
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):8 u. @ |6 J# u+ k* O6 z( T
2 k h* h$ v$ t% l* @6 P
[linux_bridge]
% Q, T. j) t* jphysical_interface_mappings = provider:ens33/ [* ?0 I* A" I D0 h$ E
: U, n4 L9 K& @: ~9 z
[vxlan]8 e3 I2 T ]2 t7 \4 B1 Q, [ T7 j
enable_vxlan = true! w/ B9 _1 `/ n' \' y
local_ip = 10.0.0.31( i; V a+ _# h. ]* O
l2_population = true3 j% r) C1 W! [' K/ `5 `5 I
- K! J" Y2 U. l
[securitygroup]* G- n! j* E8 o
# ...! s. C$ A( V( ~, d
enable_security_group = true
" l* y( c; u! W7 Sfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver& }# w. ?0 t8 k
AI构建项目
$ T3 R: P$ p3 p7 }! h9 W( cbash
) {: J$ w* h4 G1 z& f1 a修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:
$ r7 ^& ~: X7 A( i
3 I; x. J0 q- x" Knet.bridge.bridge-nf-call-iptables = 1
7 x, i' C" b8 S2 d7 o& B# \9 h" Wnet.bridge.bridge-nf-call-ip6tables = 1# y/ `% z) J& I& G
AI构建项目( v: y8 S/ \+ X4 f( d" T# m% @
bash
5 Q$ z: b) G; N" I8 n- _) ]6 z$ E$ C如下图:
7 y" t0 e1 ]; M1 r* X* [1 [" c% P, J$ [! L# S* ]6 N+ h
* I) ?! o+ _+ |" r4 Z4 X
, |/ b; q7 ~' y
添加网桥过滤器,并设置开机加载:# P1 j; n! Y% w2 j( f8 p- c2 I
( {$ B9 _3 D0 e2 A( mmodprobe br_netfilter
, S) Y* |- E/ [: W% l5 c9 ?- h1 Ysysctl -p! e1 i# ?- ]: v/ r
sed -i '$amodprobe br_netfilter' /etc/rc.local7 [* E# G2 B. R. }
AI构建项目) G& [, }1 c( S$ _ ~
bash& M+ c6 G: e- K7 e' b
如下图:
# m. _# N% S- X: i+ `0 Q4 l* Q$ D" I* F, A6 M
4 ~$ N: y- k7 i1 z0 v( R
- I3 E3 ]* h( W6 r- l6 o
3、配置nova使用neutron服务4 j- K' s! e) I3 |
编辑/etc/nova/nova.conf,进行以下配置:& ~ S2 {- X+ i9 m: B
& G5 W" T/ T5 e$ ? I; x, l[neutron]3 a1 c( J: O- k0 }
# ...- l& D9 L5 E" E& H6 V0 p8 f
auth_url = http://controller:5000
, Q- C n+ @& gauth_type = password
# H4 b# x+ [; V/ ]8 Jproject_domain_name = default
" a/ n' Q5 O# H4 M# v1 Q2 M& zuser_domain_name = default
# j% J6 z- s1 f, S; S' ]region_name = RegionOne Z) m2 g/ Y* I5 N, l- Z
project_name = service5 n. }1 [# j9 Y- r& `' J( A
username = neutron
, u0 m4 s/ E' O4 @password = 123456
& t5 ~% L+ W5 M8 y" VAI构建项目
) h7 ?% ]- |" y/ s* `8 i" r, Fbash
' O3 u8 ?8 p8 g: S. p如下图:
4 c5 t/ ^4 m" {% W5 [4 @( S8 G# c) R0 w m
- H1 B0 F/ v7 Q: g* Y4 E4 j) q
) A: F4 q+ S4 E; O& v7 K4、收尾1 c' o) S \$ @, q u% A( e
重启计算服务:
7 {& D w e% N8 ?; n! T; O- r: {' l% b" }
systemctl restart openstack-nova-compute.service
5 m1 o3 a: D, NAI构建项目3 a% r/ j [, E/ I
bash
0 @0 t8 F; E, D& l设置网桥开机自启,并启动服务:
! z# e5 [! m9 o8 n4 g y
% G! Q2 B( @% [# b: i; ~systemctl enable neutron-linuxbridge-agent.service
. y& T" H9 h$ V9 Psystemctl start neutron-linuxbridge-agent.service8 U4 u! q5 ~" r+ E. R
AI构建项目) }; b0 A8 [. S5 [, j5 ` ^; L ^
bash4 r$ A ^' X9 `1 K1 Z
三、验证
- u" O; ?5 N2 ^8 [, c4 L在控制节点使用如下命令验证:
9 ?* f* v0 }1 r! m9 N. E! `1 n* J+ h' E* t5 Q
openstack network agent list
. g, p+ W* v1 ~5 P& F# b* l |
|
/4 
窥视卡
雷达卡
发表于 2025-12-18 11:08:33
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
