ocata openvswtich

N27_Danry Linux干货

 

一、Controller配置
1、安装软件

# yum –enablerepo=centos-openstack-ocata,epel -y install openstack-neutron openstack-neutron-ml2

2、修改配置文件/etc/neutron/neutron.conf

[DEFAULT]
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
dhcp_agent_notification = True
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
transport_url = rabbit://openstack:password@172.16.100.10
[keystone_authtoken]
auth_uri = http://172.16.100.10:5000
auth_url = http://172.16.100.10:35357
memcached_servers = 172.16.100.10:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = servicepassword
[database]
connection = mysql+pymysql://neutron:password@172.16.100.10/neutron
[nova]
auth_url = http://172.16.100.10:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = servicepassword
[oslo_concurrency]
lock_path = $state_path/tmp

3、修改权限

# chmod 640 /etc/neutron/neutron.conf
# chgrp neutron /etc/neutron/neutron.conf

 

4、修改配置文件/etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types =
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
#注释以下几行
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_ipset = True

5、修改/etc/nova/nova.conf

[DEFAULT]
use_neutron = True
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[neutron]
url = http://172.16.100.10:9696
auth_url = http://172.16.100.10:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = servicepassword

6、创建链接

# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

 

7、同步数据库

# su -s /bin/bash neutron -c “neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugin.ini upgrade head”

 

8、重启服务

# systemctl start neutron-server
# systemctl enable neutron-server
# systemctl restart openstack-nova-api

 

二、网络节点配置
1、安装软件

# yum –enablerepo=centos-openstack-ocata,epel -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch

 

2、修改配置文件/etc/neutron/neutron.conf

[DEFAULT]
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
allow_overlapping_ips = True
transport_url = rabbit://openstack:password@172.16.100.10
[keystone_authtoken]
auth_uri = http://172.16.100.10:5000
auth_url = http://172.16.100.10:35357
memcached_servers = 172.16.100.10:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = servicepassword
[oslo_concurrency]
lock_path = $state_path/lock

 

2、修改权限

# chmod 640 /etc/neutron/neutron.conf
# chgrp neutron /etc/neutron/neutron.conf

1
2

3、修改配置文件/etc/neutron/l3_agent.ini

# line 17: add
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
# line 100: add ( it’s OK with no value (set later if need) )
external_network_bridge =

 

4、修改配置文件/etc/neutron/dhcp_agent.ini

# line 17: add
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
# line 32: uncomment
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
# line 41: uncomment and change
enable_isolated_metadata = True
5、修改配置文件/etc/neutron/metadata_agent.ini
# line 22: uncomment and specify Nova API server
nova_metadata_ip = 172.16.100.10
# line 34: uncomment and specify any secret key you like
metadata_proxy_shared_secret = metadata_secret

 

6、修改配置文件/etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types =
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
# line 247: uncomment and add
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# end line: uncomment
enable_ipset = True

 

7、创建链接

# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

 

8、重启服务

# systemctl start openvswitch
# systemctl enable openvswitch

 

9、创建网桥

# ovs-vsctl add-br br-int

 

10、重启服务

# for service in dhcp-agent l3-agent metadata-agent openvswitch-agent; do
systemctl start neutron-$service
systemctl enable neutron-$service
done

 

三、计算节点配置
1、安装软件

# yum –enablerepo=centos-openstack-ocata,epel -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch

 

2、修改配置文件/etc/neutron/neutron.conf

[DEFAULT]
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
allow_overlapping_ips = True
transport_url = rabbit://openstack:password@172.16.100.10

[keystone_authtoken]
auth_uri = http://172.16.100.10:5000
auth_url = http://172.16.100.10:35357
memcached_servers = 172.16.100.10:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = servicepassword

[oslo_concurrency]
lock_path = $state_path/lock

 

3、修改权限

# chmod 640 /etc/neutron/neutron.conf
# chgrp neutron /etc/neutron/neutron.conf

 

4、修改/etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,gre,vxlan
tenant_network_types =
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
# line 247: uncomment and add
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# end line: uncomment
enable_ipset = True

 

5、修改/etc/nova/nova.conf

[DEFAULT]
use_neutron = True
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
vif_plugging_is_fatal = True
vif_plugging_timeout = 300

[neutron]
url = http://172.16.100.10:9696
auth_url = http://172.16.100.10:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = servicepassword
service_metadata_proxy = True
metadata_proxy_shared_secret = metadata_secret

 

6、创建软连接

# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

1

7、启动服务

# systemctl start openvswitch
# systemctl enable openvswitch

 

8、创建网桥

# ovs-vsctl add-br br-int

 

9、重启服务并设置开机启动

# systemctl restart openstack-nova-compute
# systemctl start neutron-openvswitch-agent
# systemctl enable neutron-openvswitch-agent

 

作者:【吴业亮】云计算开发工程师

本文来自投稿,不代表Linux运维部落立场,如若转载,请注明出处:http://www.178linux.com/91211

(0)
N27_DanryN27_Danry
0
上一篇 2018-01-22 14:15
下一篇 2018-01-22 14:51

相关推荐

  • Bash Shell之数组简介

    Bash Shell之数组简介   一、数组基本概念   数组是内存中的存储空间,连续的多个存储单元;bash中只支持一维数组,支持稀疏格式 ,参数个数没有限制。 二、数组基本语法格式   1、声明一个数组          declare…

    Linux干货 2015-05-11

  • 密钥和公钥

    安全协议和搭建CA

    Linux干货 2018-01-09

  • rpm程序包管理器

    linux程序包管理器: 协作用户管理应用程序:安装、升级、查询、校验、卸载等 软件程序包生成过程:     源代码——》目标二进制格式–》组织成为一个或有限几个包文件     源代码:程序员写好的纯文本文档格式的代码     …

    Linux干货 2016-08-19

  • M20-1 8月5日 文本查看工具以及文本处理工

    一、文本查看工具:  cat,tac,rev cat用法:cat [option]..[FILE]..   cat选项:    -E:显示行结束符$    -n:对显示出的每一行进行编号    -A:显示所有控制符    -b:非空行编号   &nb…

    Linux干货 2016-08-08

  • OpenSSL

    加密和解密技术 本章内容: 安全机制 对称加密 不对称加密 散列算法 PKI和CA 相关知识: 1)传输层协议:        TCP(面向连接),UDP(面向无连接),SCTP(流控协议) 2)port(端口):传输层协议都会提供端口,        端口(port)是标记进程…

    Linux干货 2016-09-29

  • bash功能特性三 命令的引用、展开和补全

    一、bash的补全功能     1、命令补全     根据内建命令或外部命令的查找方式,查找以用户指定的字符串开头的命令,如果用户指定的开头字符串能惟一标识某命令,则tab键可以补全此命令,否则,则两次tab链可显示所有以指定字符串开头的命令。   &nbsp…

    Linux干货 2015-04-15
电话咨询
在线咨询