- 积分
- 16840
在线时间 小时
最后登录1970-1-1
|
马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。
您需要 登录 才可以下载或查看,没有账号?开始注册
x
一、控制节点配置" C7 t0 c! n/ i4 G8 a
在控制节点进行以下操作。
# w6 B: C2 J: y9 p5 e% ]
# W. N# p. R/ s% n& i" ~1 c" g1、配置数据库' m& c: J2 N6 r4 g
进入数据库控制台(密码123456):2 I. r' o# k4 O6 S h
! s# v ? I/ t5 d. mmysql -u root -p
2 w& z( x! {& [$ n5 E4 T9 j3 |* I# T% I1 L$ r" }5 n! N" A: O
( ^3 q8 ~5 Q1 {4 P
bash
5 x& l6 r7 M: Z创建数据库并授予权限,退出数据库:
: V/ b* h& w0 x" ?3 y+ [. G6 Z: h6 R
CREATE DATABASE neutron;
8 B1 e$ f# ^8 @# n! @GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
" X: A$ A% @' {$ N# p8 X0 \GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';$ ?+ H- V; d# B% n5 }2 _
. [% l9 W% f6 F1 g+ |; _. [; f, \ e7 \6 o
4 x- A1 L5 G8 f6 r6 X+ s5 A
: ]1 c. |5 q# y- e" m
, F0 M, a, `. |0 z- d
, h4 c* p$ B3 [, F
2、创建neutron用户$ a8 Q' I9 H. \' ~4 k& K
登录admin支行好:0 k* A% N* Q, x
2 d7 \! W ^" N0 R' U, `& l# @. admin-openrc
, s& ?; h* ?! t2 j
% v- }* r4 c/ i) I3 p* Hbash
~5 I5 N8 s" J& k9 \在domain:default创建用户neutron:
& X% i$ b0 v4 e5 {8 e$ V; {6 z5 v" I* c- Z; j
openstack user create --domain default --password-prompt neutron& I, b& v) N) t. D
0 ~: C( O: m& g. U
bash" @1 Y. S; S# a9 m7 U$ l
如下图:# m+ k! z5 [2 d2 a" ?% {& y
f; U- U$ a0 X+ ^) j/ U" h, A4 ~! ?
8 z( M% Z) f3 ~ d- Q2 t$ V
授予neutron服务admin权限:
5 G! j+ g- N. F6 `. S* k5 F2 f4 u+ [5 f6 a5 G: O
openstack role add --project service --user neutron admin( F% m5 N P0 p1 e+ I! m- d
& C; V! |- ~ Y4 |bash
: ]) g. V) L5 \1 w/ {, i& ~5 q0 P- C创建neutron服务入口:, ?. q2 r" Z2 O) ?; ?/ ^
& Y8 o9 H; _9 g
openstack service create --name neutron --description "OpenStack Networking" network1 y- U0 }- O: B
$ d2 |# Q$ U5 Abash
, Q1 o3 M9 l. r6 s3 ?, s如下图:
% ?4 ^8 G$ {! g F* C% i5 J6 S8 N) u, J2 l6 [
( G2 [' M% k: G7 Z! ?( D8 E
& k; c9 q2 l0 N1 C* D$ n4 G& {
创建网络服务API端点:$ i5 |/ N* c- W# L* R5 c4 p
% `/ \' S& s* Q# x" Nopenstack endpoint create --region RegionOne network public http://controller:9696) \* x! H. y; E1 ?' U0 m0 i
openstack endpoint create --region RegionOne network internal http://controller:9696
; N( W+ B! D7 M) ?* H! Iopenstack endpoint create --region RegionOne network admin http://controller:9696 Z' z5 y s# D' u0 A
AI构建项目; z) `6 E" x3 y, |5 x, O8 U
bash
4 Q/ ?9 \" p! d0 l" w! U) C$ w如下图:
# e1 T* x0 O5 r+ A
( l1 M4 s0 {! H$ F; K8 Z- G0 M1 J+ F' ?# T0 h! x
4 B9 {/ ^% `( \' e3 n3、配置selfservice网络, s$ g C" ^8 E. U- C4 y8 m4 V
安装neutron:" q$ C9 a5 @# z# \
& ^+ Q8 }5 \. d- i1 N/ oyum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
! G+ \+ O: E0 _# qAI构建项目; g0 h1 {, b& X( n1 t/ R+ N
bash
; A/ I2 }% S. Z8 X0 m备份/etc/neutron/neutron.conf,删除其注释:: o9 }- k0 b5 q( L0 c/ h. f
" O4 `# E' W- D8 rmv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source3 b7 v0 B8 \ @/ M3 F$ S$ I
cat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf
( j9 M3 b) u% ^: J( J! yAI构建项目
5 V& _# {; m1 q4 H3 J+ tbash
1 S4 y8 T x! h4 P编辑/etc/neutron/neutron.conf:
! ]3 r+ J% w+ E" c1 {! V9 D U( w( x- S+ P/ Z& a7 w8 \
[DEFAULT]! j2 d3 V _- Z b" |
# ...
8 ~# X# Y7 l; n/ z4 h& Acore_plugin = ml2: O6 \- n( ~* H) K! N7 p% O5 q
service_plugins = router
' J" \9 G9 c8 q/ G# L) ?3 I7 xallow_overlapping_ips = true
* p: p3 ?, P, ~9 C8 ?8 [: O+ Etransport_url = rabbit://openstack:123456@controller
% y9 T$ @4 v/ y; w+ gauth_strategy = keystone
4 W) s4 V/ |2 Vnotify_nova_on_port_status_changes = true
1 r0 v1 k, M, P) D- g/ pnotify_nova_on_port_data_changes = true
0 R P, V( u" S4 G+ }- f ) m" _' a6 \3 f, _! l- A
[database]2 U. z0 W! ?$ ` `6 D8 ?
# ...- e ^/ o* v% Y4 ~4 f
connection = mysql+pymysql://neutron:123456@controller/neutron. {% r' r; w+ V/ s$ I* l
0 Z5 T! {% ]' ?5 Y[keystone_authtoken]
; o9 {5 q9 p6 I' w" V/ u6 P, j# ...: ^& t u! R# |1 R
www_authenticate_uri = http://controller:5000
; t9 a! p& N/ ?4 R$ @auth_url = http://controller:5000
6 F: _7 u/ @& ymemcached_servers = controller:11211, s/ s) l8 o: c5 B/ p
auth_type = password
8 d1 ]+ ~7 g/ I5 j" }/ M5 s3 l) [project_domain_name = default
% h8 U, V2 L; U, Cuser_domain_name = default
/ j3 j9 M! P) p$ x' Rproject_name = service
' n: f. t5 U3 {( [! Rusername = neutron! j7 _$ ~+ E e% V; _" s) o' |
password = 123456/ `& W% F2 d% b% c
& D# ~+ y9 ]7 T/ O[nova]
+ O+ t4 M& s# C# ...3 z% w' w- O( U1 n" y: q& R
auth_url = http://controller:50004 t9 \2 D4 R8 x* R1 r3 I
auth_type = password
& W. `( L! l6 G- F( R, e7 c! W$ \ nproject_domain_name = default
; q0 x9 g* L3 h$ f3 M4 k3 h, H3 G2 K8 Guser_domain_name = default
& `# c4 f3 {# u+ C0 Z/ l/ cregion_name = RegionOne
! S, H1 ?. P! D3 B1 Kproject_name = service9 f% g; R" n T$ M
username = nova& o- X) _& K0 R6 f& @
password = 123456; v. j! m0 h$ ~# N( L! N
( L6 k0 S) Z) [[oslo_concurrency]( w0 ]( t% X) O: @. \
# ...! o# d( j2 @/ W Q5 A2 J9 k% {8 p/ R
lock_path = /var/lib/neutron/tmp
$ a% o# n( T5 r1 M4 \1 Z0 B( B , n1 w, N% Q3 d
AI构建项目
0 U/ L- G3 `/ sbash3 F1 w f8 N _2 h& |
4、配置ml2
: h0 O, C% s* G' O/ q 备份/etc/neutron/plugins/ml2/ml2_conf.ini,删除其注释:
& g, Y6 l" b+ v& M
) C) m; z" v2 |6 b. E! Pmv /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.source" r5 K' ~5 e; X9 F
cat /etc/neutron/plugins/ml2/ml2_conf.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/ml2_conf.ini, Z8 K- D3 }% v/ X
AI构建项目
1 ? v5 y! s) i! x% L0 d! Y( c& Mbash
' w0 J% s( h. |$ c# `对/etc/neutron/plugins/ml2/ml2_conf.ini进行以下配置:! K) E' I: B4 K
1 {8 C% D1 o& E+ B+ m i* T
[ml2]1 p* i; G9 A* e
# ...
6 ^9 P+ ]6 a3 \' L/ L; n; t, H5 U+ ^type_drivers = flat,vlan,vxlan% l6 J- s( G' r$ v' W
tenant_network_types = vxlan: k( @0 @! U3 J& n3 \$ M; K1 F3 o% o
mechanism_drivers = linuxbridge,l2population
k/ F8 ?* ~- r# J. |7 g8 v! Wextension_drivers = port_security
1 r9 _" L7 n' }1 n 9 _* M" S; t8 K# Q
[ml2_type_flat]
! S7 q6 `. j, T/ q6 u, W" w# ...* L8 ]! \9 B0 v/ V* Z
flat_networks = provider
' s% `: E* _7 [' r+ i9 Z
5 N; c" l& ?1 M8 A[ml2_type_vxlan]
& f" p- p1 _. b# ...
" w0 g6 l* p% T; N6 svni_ranges = 1:1000" q* C. n. a( x0 \: z
+ j% F, M% O! k2 S. b# c- x( q
[securitygroup]
& U9 ?' J9 y ~3 X o! N; c# ...
* M# q. }8 x/ c, penable_ipset = true
3 C( g- n6 J9 { G% x% AAI构建项目, \% w$ X8 a7 e: e, K% t
bash
! F8 r4 I; F- g* C* a$ Q5、配置linux网桥
4 p+ ~: T2 q$ [$ \: J, b# Q 备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:4 Y( q; ], n, }% w
% f. \$ K2 f+ A3 [5 ]- W- W3 r A
mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source. B1 u% O& b0 F& ^+ }3 c
cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
* S- S& d$ {% A$ {/ qAI构建项目
: w* N5 k9 \% n5 O5 V) J) Y+ u; P7 Dbash: i4 U) Z/ G' z) x7 M6 w; ~
对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):
- ~; L: ?6 g0 P9 c+ B7 _
; i* ^8 W; Q) T( U' T" k/ E9 @[linux_bridge]
. }( z# ?( n, ~1 cphysical_interface_mappings = provider:ens33# f7 ^7 I, ^0 j
1 { w# d+ ]8 V$ H0 y4 |[vxlan]
* i% B @) I- O4 Qenable_vxlan = true! x A" e- s! Z$ r. p' e! k
local_ip = 10.0.0.11& G) s0 f$ ]$ p3 c% k) N
l2_population = true9 C) k! I z# E1 z7 K8 t
) k2 d, ]/ R2 W, f9 _4 a[securitygroup], K# a' o! \+ } H5 S9 {
# ...0 A- C, i- M2 ~; H5 V
enable_security_group = true
6 I7 h: u9 n9 x& o6 ]: g/ Hfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver% }& ~( J! T, Q7 Q+ d+ c; _$ [
AI构建项目
8 a e" J2 }1 e @, Sbash
+ b. H6 ?0 @3 X0 W修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:8 U7 ^. P- L. D2 u* v0 R/ r
. {( Q1 r! v# g, c) R5 B/ G
net.bridge.bridge-nf-call-iptables = 1
4 M# E% d/ ?6 |$ G, P I" r" R2 tnet.bridge.bridge-nf-call-ip6tables = 12 ?+ j5 v2 p$ Q' F) N- O* L
AI构建项目
- e5 h0 H% p' i3 t, F$ J) ~( Wbash4 N$ \' Q; R! t- C0 e! b
如下图:
7 G+ h9 L$ I* X# E) V) I/ }" X; _! y' `: v0 U
6 A* ~+ f. h1 n: ?0 m2 F& g( ]
& }- S- m2 l9 C: N& g1 e( S( f% \* n添加网桥过滤器,并设置开机加载:* L8 i- u$ g" b5 q$ p# J+ l) X, t
+ H# s' C& F6 ^4 q( l% `# o
modprobe br_netfilter
Y# X- z( P5 z. esysctl -p" \0 _" U" `0 Q+ q
sed -i '$amodprobe br_netfilter' /etc/rc.local
+ A! s `( Y. b7 xAI构建项目2 ^- ], ]$ p& O
bash
# s- K+ h3 r) j' m& t3 b! ]8 U如下图: W" v3 w4 T* }6 c* b) w7 q
3 c+ r- y! L3 @. W# b3 K* e
( n) d* E# G) E# K0 K2 L0 c t5 `; S/ l5 t2 Q/ w
6、配置L3代理9 x$ P! D1 C6 r4 i8 f
编辑/etc/neutron/l3_agent.ini,添加以下内容:
+ A* ?7 g8 I* \4 Z' F: x' y8 T! z6 ~( ]( E, Q% m% g
[DEFAULT]% @, c) K% ?% [ v- T" x
# ...- l1 I7 N: i& Z& o" @7 v
interface_driver = linuxbridge
, [9 D3 i, T9 LAI构建项目
; q6 m/ W8 R7 m$ W) h% O) S) dbash1 R# S! ~3 i) F. l d8 m9 ?
如下图:
9 z6 c6 L+ X+ y7 }* ?+ W& h
) M6 l; E( n# E8 |: ^ x. o& W0 O( q$ E# G
& s# v0 r& _9 T
7、配置dhcp
# \5 M; \$ w8 N4 g8 {8 H$ Q编辑/etc/neutron/dhcp_agent.ini,添加以下内容:
* l/ M' M! }+ B: H6 F6 J% ^$ L- \+ a' R
[DEFAULT]
; I, ^7 g$ d8 A7 S& \4 F# ..." p7 G: t7 h1 l
interface_driver = linuxbridge7 W Q g+ X2 A
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq% l) ?7 @3 z3 D
enable_isolated_metadata = true# T) P' r Q5 v/ \& p% {& K! \; Y
AI构建项目5 H4 X9 O8 y: m& r: M8 k: Q' K" G5 \
bash& P7 p1 F# n V9 h
如下图:! Q9 U/ p- F/ n5 c4 P) S9 ?
5 Y2 Z( V+ ^/ ]( w w
4 e% |% B4 h% ]9 p+ x9 U) c0 S: u" X1 p. Q% E+ O6 ?: o a) A: Y
8、配置meta代理0 s" ]: R" O: ~
编辑/etc/neutron/metadata_agent.ini,进行以下配置:: q' w( w- T5 Y, n4 r+ i
* ~% b8 z5 t7 ~( I7 {" P
[DEFAULT]9 Q8 e; j7 {( p
# ...
0 e+ V: o6 H' q- C8 G! _nova_metadata_host = controller
( t3 j% q6 m' m( p7 x) X A* Imetadata_proxy_shared_secret = 123456( z/ r7 ^- `* g* |9 Y: {; I
AI构建项目7 k" }# y4 }" ]: i3 q
bash
. ]8 \) g6 N! [& n0 C4 R5 k如下图:8 p! {0 T8 j4 H
! e+ {4 a9 Q, J) o+ p1 Z0 s, c$ S7 x$ m f! h8 v
% X2 J4 Y q5 K* ~
9、配置nova使用neutron服务
) y$ ?+ ^6 B6 C- V0 s' @ q8 u* x1 T编辑/etc/nova/nova.conf,进行以下配置:7 G. D/ s( H3 v" \
: W7 [' H, R2 ~: ^: Q& k: l
[neutron]
- N) `" `# q* }$ R2 |8 a# ...+ H, F: v+ `. s' M" b# L4 n% E
auth_url = http://controller:5000: r; q' I9 E# o" g0 O$ ^) {8 z
auth_type = password, P9 T6 s+ n' l; T$ Y
project_domain_name = default! u8 R, G8 b! L* j# ?* S
user_domain_name = default, I' h! f4 _0 g1 r1 m5 h
region_name = RegionOne
0 ~& A; J5 _8 Dproject_name = service
6 f4 H' }5 C3 H) Uusername = neutron
# j6 G; W( D4 s" {) ^1 h% P0 ^2 L- h4 Gpassword = 123456+ F) `5 p# w7 k5 E1 G* `
service_metadata_proxy = true
6 @% _' j1 r6 v. d+ l8 kmetadata_proxy_shared_secret = 123456# O/ W9 k: v4 J) O
AI构建项目
D1 [! D E. C2 Sbash
/ K) w' g# y4 e: z8 \% l( Z如下图:- H6 ]/ t/ u& ~
9 H7 ?1 d5 T$ C& c. A
; J7 U- m" c1 H5 ]8 |6 T. I% O+ j, [* c; }2 N' ]2 a4 L
10、收尾
+ U4 ?! F1 P+ E创建软连接:
6 {+ N/ v$ |1 E* W8 v/ n* J0 W( D3 p6 y$ u/ X
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini; D9 D' D1 ?" V
AI构建项目2 O0 U. v% x/ r" @- Y
bash
! H. G7 q9 {( A% F+ a同步数据库:% ?& r3 a. b9 t2 V6 B: f! Y6 G" c
6 h/ H2 @+ B/ rsu -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
+ ]& H3 M3 H o: {" s- j) J+ H8 kAI构建项目0 a% q( e9 F# M+ F
bash! q& }/ E, K" M* H0 E" K
如下图:
/ C; y e) n; @+ n, K! {( m6 @) i9 h; B" l0 V3 K$ ?
- z8 N3 e4 G* }* U) y
( s& d' d$ ?# N3 D- M+ d% U$ z重启nova-api:
" o, }/ P- |8 N) a T' u
0 g* r" S$ K3 G3 xsystemctl restart openstack-nova-api.service
% `" S3 K2 S% @( x; w( S) Z6 m2 c$ NAI构建项目
2 h5 W$ \$ B0 _1 x- ]bash/ J0 L9 N% p2 e0 u. M
设置开机自启,并启动服务:- q* ^1 U+ l5 }2 O& g9 {* U
4 L+ C. F: Z( `% A. u9 Xsystemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service2 {/ Y- U3 [: k
systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
; X! w2 E+ X% B; esystemctl enable neutron-l3-agent.service
* F, k5 B) j3 m) n n$ C2 n4 ysystemctl start neutron-l3-agent.service
/ ~9 W8 B8 Q a) p5 Q1 ^AI构建项目2 t8 n3 }8 F5 O8 Z
bash) w' F- k3 v( C5 V! ~; n3 @4 H
二、计算节点配置7 d8 P& E2 a- I) D) A+ r- u
在计算节点完成以下操作。
! I4 k! Q% V' X, N6 D) C# m* Q
& P. J. f& m, i4 |# ?5 D; u# Y1、安装包
) A3 G8 q8 n0 T# I2 V; g [6 C安装包:
6 P }3 j) I* J# [- U
& e" w# ? D$ Y( Hyum install openstack-neutron-linuxbridge ebtables ipset -y
9 W. [. n1 r# ~AI构建项目
! @% w/ E1 A; w/ r+ Z8 b6 Fbash
0 `( l& d7 L" K) p2 b% n 备份/etc/neutron/neutron.conf,删除其注释:
$ ]4 B7 `" ^/ r% z& y1 `- M B) }) U E# K2 `
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.source
8 {) V1 E G! N' O5 i% Qcat /etc/neutron/neutron.conf.source | grep -Ev "^#|^$" > /etc/neutron/neutron.conf
, ]# a x( K' h3 MAI构建项目. y1 Y- r d) ]; i
bash# E( P+ {! l# E2 e3 u
编辑/etc/neutron/neutron.conf,进行如下配置:
" ^0 W! v2 z+ R% N+ }2 F
9 d8 \) N: f; O% t4 Y9 h[DEFAULT]
5 d: n) X# Z6 E! q6 w# Z# ...
+ l- p& m9 a: c2 ftransport_url = rabbit://openstack:123456@controller4 {/ j4 y& I4 D
auth_strategy = keystone9 b. @2 R% B+ @0 C1 q9 X# j
& f$ P# S6 w' K" Q& }3 R
[keystone_authtoken]
' o0 ]1 i) K5 H) q; @) B# ...
8 N0 b g& [7 D. e, l8 uwww_authenticate_uri = http://controller:5000
: D; ?0 H; b. f2 p6 n0 h% y( Uauth_url = http://controller:5000
7 N: g/ n |$ Vmemcached_servers = controller:11211
2 V5 k# G, B8 W9 A iauth_type = password
/ q' q' w. r8 [' Z& p- ~2 z- }* Rproject_domain_name = default# `: D; I/ s: m/ H/ Y
user_domain_name = default
8 g( f8 T5 r3 q3 m; q) q/ Uproject_name = service
9 ~, o$ a9 H! @* n E# jusername = neutron
2 P: E& u, z- X# w2 \* `password = 123456
' J( `7 V1 g3 F d8 b5 }' S& V ) N1 n1 J0 D) m$ ], `4 {* ?, A
[oslo_concurrency]/ A5 u1 J7 @: [5 O2 k- B
# .... ?+ o7 `2 a3 J* {$ r% H
lock_path = /var/lib/neutron/tmp: F) j3 R0 @% Y/ q" k
AI构建项目
# Y& l0 `# @/ O; t: Hbash
' i# b w0 P( B# W8 U2、配置linux网桥& S! C) I: V: v/ Y5 z
备份/etc/neutron/plugins/ml2/linuxbridge_agent.ini,删除其注释:
! |. a: {; Y9 U+ g2 v! N
, ^, {6 v4 U" Q+ ^0 _mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source
: u- B5 N/ S2 k! @5 E' o$ Kcat /etc/neutron/plugins/ml2/linuxbridge_agent.ini.source | grep -Ev "^#|^$" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
: r1 V# i7 W y& t8 W$ RAI构建项目
- X$ F! ?9 x# k$ w+ h% g/ U/ g! Ybash
- s) e; }" ]% l: \2 U5 ^3 H) O1 @对/etc/neutron/plugins/ml2/linuxbridge_agent.ini进行以下配置(physical_interface_mappings 的ens33是网卡号):
) S0 L# O( [7 g3 [+ h$ l& G( p! U, j: K" t9 p3 i/ _( l7 F0 I/ A
[linux_bridge]
' P3 }0 n; Z0 I8 }+ R" f5 Nphysical_interface_mappings = provider:ens330 d% Y! q# R& H$ l
; J3 B) y( z$ V* O* _2 v! P[vxlan]) Z! \, e; e5 E Q
enable_vxlan = true
& S" i V/ ^" flocal_ip = 10.0.0.31/ O- C$ f% \! ~0 W& w
l2_population = true
6 X/ O) Z* l* f8 R / ]: j% ] ?; k6 D5 ~0 p
[securitygroup]
8 t) W: h4 L g# ...' Q4 d: ^2 Y5 Y2 a2 d+ h
enable_security_group = true
- W: F# F" K* p$ J1 p0 Z% Nfirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver2 U# A0 f8 u4 W6 Z4 G" M) p7 h
AI构建项目
, T+ u/ l4 u- U+ A5 q$ v# jbash: `/ a: l( g3 t" V, Z1 E! C
修改 /etc/sysctl.conf,保证系统支持网桥过滤器,添加以下内容:4 ^2 d' }+ _& A0 X
( g; Z. T6 l: ^! P
net.bridge.bridge-nf-call-iptables = 1
: i8 y V, x* @net.bridge.bridge-nf-call-ip6tables = 1
% t/ e6 u3 j) T' r% `: VAI构建项目# [7 }0 ] @, {' F0 b
bash; t2 E$ j# G2 [0 |) I4 l
如下图:, b3 l. F1 t6 S4 Z
: Y/ B# q- _# f( K6 |
: P7 n- e* f4 @0 U
3 l; y- g/ S+ `& l6 p: u 添加网桥过滤器,并设置开机加载:/ `1 `0 \4 o+ B! o- _0 e( a# e
* F+ u0 V/ |* s9 W, \5 D
modprobe br_netfilter
9 e+ N3 ?8 \, b/ fsysctl -p8 Z; Q" v5 o, t! b: b+ z* u
sed -i '$amodprobe br_netfilter' /etc/rc.local2 J2 ?, {/ j1 F8 x! H
AI构建项目
- r" z0 a9 a6 Xbash$ Z: q% L1 n& A. N4 k( u
如下图:* C8 t- r+ o/ I0 J, }7 t2 X
" E/ z/ I& h# l- {
3 a8 |; x x4 c/ W' _3 K8 p' p6 _$ R1 X
3、配置nova使用neutron服务6 b: @# v+ B5 n. l0 o
编辑/etc/nova/nova.conf,进行以下配置:2 @3 I" `1 j l
; U5 k5 _) n. s4 c7 \[neutron]
, K" d7 B3 a% S2 @/ z) A# ...+ K. a$ S% O* Y$ q& g- q5 E0 d
auth_url = http://controller:5000
' q0 B3 R+ b/ Yauth_type = password
. _7 z! q% [ }4 Wproject_domain_name = default
" |; o$ O ?* N) M$ Iuser_domain_name = default1 B1 H* y1 M8 i/ t
region_name = RegionOne" v- D- g2 n4 Q6 x9 |
project_name = service
2 G: O) W" y1 Y" l% t. ~, cusername = neutron
- a2 U( C' K1 s) Wpassword = 123456
7 y4 Y5 u! r" @' }AI构建项目
: k# ]2 g5 S9 x, N& f* A7 ? vbash
# R, T; h1 N1 X3 Y如下图:: p2 I: J t! c
& W, O' p5 S7 Y u0 d7 E3 X
9 W/ g4 [% v! i) @- f+ s' e: W& S1 f; Y) j: M
4、收尾: Z2 ?/ J4 r8 ~4 g2 K+ h3 F2 L
重启计算服务:0 K% V0 S l r5 Z% d/ E6 w
* ^5 K" G, h6 N4 j p6 k* Q% dsystemctl restart openstack-nova-compute.service
; \- P& f7 \6 \$ B/ r$ b. tAI构建项目
3 |& f4 _: n8 O; Xbash" S2 F- g) y% w5 S* c! A: O z+ L
设置网桥开机自启,并启动服务:2 D2 j. M+ f) |% \
2 w3 M) k* Q0 v# Y$ x; I, osystemctl enable neutron-linuxbridge-agent.service7 j( m2 Y5 N3 B; y$ z
systemctl start neutron-linuxbridge-agent.service
4 h4 z8 C" E0 g( K2 b+ V$ K! a. kAI构建项目& J _( C7 x' H, f; ~6 c* O [
bash% o, B+ z0 O/ A* k' N1 z
三、验证
b4 {7 s' b6 _& u在控制节点使用如下命令验证:
4 {5 z: P& Q2 C
- `4 O: a9 n4 V6 z& dopenstack network agent list
, H4 V- R) n8 u1 v |
|
/4 
窥视卡
雷达卡
发表于 2025-12-18 11:08:33
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
