Networking service
Prerequisites
To create the database, complete these steps:
Use the databaseaccess client to connect to the database server as the root user:
mysql -u root -p
Create the neutron database:
mysql> CREATE DATABASE neutron;
Grant properaccess to the neutron database,replacing NEUTRON_DBPASS with a suitablepassword:
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'NEUTRON_DBPASS';
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'NEUTRON_DBPASS';
To create the service credentials, completethese steps:
Create the neutron user:
openstack user create --domain default --password-prompt neutron
密码:neutron
Add the admin role to the neutron user:
openstack role add --project service --user neutron admin
Create the neutron service entity:
$ openstack service create --name neutron \
--description "OpenStack Networking" network
Create the Networking service API endpoints:
openstack endpoint create --region RegionOne \
network public http://controller:9696
openstack endpoint create --region RegionOne \
network internal http://controller:9696
openstack endpoint create --region RegionOne \
network admin http://controller:9696
Configure themetadata agent
Networking Option 2: Self-servicenetworks
yum install openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables
Configure the server component
Edit the /etc/neutron/neutron.conf file andcomplete the following actions:
In the [database] section,configure database access:
[database]
...
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
In the [DEFAULT] section, enablethe Modular Layer 2 (ML2) plug-in, router service, and overlapping IPaddresses:
[DEFAULT]
...
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
In the [DEFAULT] section,configure RabbitMQ message queueaccess:
[DEFAULT]
...
transport_url = rabbit://openstack:RABBIT_PASS@controller
In the [DEFAULT] and [keystone_authtoken] sections,configure Identity service access:
[DEFAULT]
...
auth_strategy = keystone
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
In the [DEFAULT] and [nova] sections,configure Networking to notify Compute of network topology changes:
[DEFAULT]
...
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[nova]
...
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS
In the [oslo_concurrency] section,configure the lock path:
[oslo_concurrency]
...
lock_path = /var/lib/neutron/tmp
Configure the Modular Layer 2 (ML2) plug-in
Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file andcomplete the following actions:
In the [ml2] section, enableflat, VLAN, and VXLAN networks:
[ml2]
...
type_drivers = flat,vlan,vxlan
In the [ml2] section, enableVXLAN self-service networks:
[ml2]
...
tenant_network_types = vxlan
In the [ml2] section, enablethe Linux bridge and layer-2 population mechanisms:
[ml2]
...
mechanism_drivers = linuxbridge,l2population
In the [ml2] section, enablethe port security extension driver:
[ml2]
...
extension_drivers = port_security
In the [ml2_type_flat] section,configure the provider virtual network as a flat network:
[ml2_type_flat]
...
flat_networks = provider
In the [ml2_type_vxlan] section,configure the VXLAN network identifier range for self-service networks:
[ml2_type_vxlan]
...
vni_ranges = 1:1000
In the [securitygroup] section, enable ipset to increaseefficiency of security group rules:
[securitygroup]
...
enable_ipset = True
Configure the Linux bridgeagent
Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file andcomplete the following actions:
In the [linux_bridge] section, map theprovider virtual network to the provider physical network interface:
[linux_bridge]
physical_interface_mappings=provider:eno33554984
In the [vxlan] section, enableVXLAN overlay networks, configure the IP address of the physical networkinterface that handles overlay networks, and enable layer-2 population:
[vxlan]
enable_vxlan=True
local_ip=192.168.174.222
l2_population=True
In the [securitygroup] section, enablesecurity groups and configure the Linux bridge iptables firewall driver:
[securitygroup]
...
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
Configure the layer-3agent
Edit the /etc/neutron/l3_agent.ini file andcomplete the following actions:
In the [DEFAULT] section,configure the Linux bridge interface driver and external network bridge:
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
external_network_bridge =
Configure the DHCP agent
Edit the /etc/neutron/dhcp_agent.ini file and complete the followingactions:
In the [DEFAULT] section, configure the Linuxbridge interface driver, Dnsmasq DHCP driver, and enable isolated metadata soinstances on provider networks can access metadata over the network:
· [DEFAULT]
· ...
· interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
· dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
· enable_isolated_metadata = True
Install the components
yum install openstack-neutron-linuxbridgeebtables ipset
Configure the common component
Edit the /etc/neutron/neutron.conf file and complete the followingactions:
In the [database] section, comment out any connection options because compute nodes donot directly access the database.
In the [DEFAULT] section, configure RabbitMQ message queue access:
· [DEFAULT]
· ...
· transport_url = rabbit://openstack:RABBIT_PASS@controller
In the [DEFAULT] and [keystone_authtoken] sections, configure Identity service access:
[DEFAULT]
...
auth_strategy = keystone
[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
In the [oslo_concurrency] section, configure the lock path:
[oslo_concurrency]
...
lock_path = /var/lib/neutron/tmp
Configure networking options
ConfigureCompute to use Networking
Edit the /etc/nova/nova.conf file and complete the followingactions:
In the [neutron] section, configure accessparameters:
· [neutron]
· ...
· url = http://controller:9696
· auth_url = http://controller:35357
· auth_type = password
· project_domain_name = default
· user_domain_name = default
· region_name = RegionOne
· project_name = service
· username = neutron
· password = NEUTRON_PASS
Finalize installation
Restart the Compute service:
systemctl restartopenstack-nova-compute.service
Start the Linux bridge agent andconfigure it to start when the system boots:
# systemctl enable neutron-linuxbridge-agent.service
# systemctl start neutron-linuxbridge-agent.service
The Networkingservice initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If thissymbolic link does not exist, create it using the following command:
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini/etc/neutron/plugin.ini
Populate thedatabase:
su -s /bin/sh -c "neutron-db-manage --config-file/etc/neutron/neutron.conf \
--config-file/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
Restart theCompute API service:
systemctl restart openstack-nova-api.service
Start the Networking services andconfigure them to start when the system boots.
For both networking options:
# systemctl enable neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
# systemctl start neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service
For networking option 2, also enable and start the layer-3service:
# systemctl enable neutron-l3-agent.service
# systemctl start neutron-l3-agent.service
验证网络配置:
the dashboard on the controller node
yum install openstack-dashboard
1. Edit the /etc/openstack-dashboard/local_settings file and complete the followingactions:
Configure the dashboard to useOpenStack services on the controller node:
· OPENSTACK_HOST="controller"
Allow all hoststo access the dashboard:
· ALLOWED_HOSTS=['*', ]
Configure the memcached session storageservice:
· SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
·
· CACHES = {
· 'default': {
· 'BACKEND':'django.core.cache.backends.memcached.MemcachedCache',
· 'LOCATION':'controller:11211',
· }
· }
Enable theIdentity API version 3:
· OPENSTACK_KEYSTONE_URL="http://%s:5000/v3" % OPENSTACK_HOST
Enable supportfor domains:
· OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT=True
Configure APIversions:
· OPENSTACK_API_VERSIONS = {
· "identity": 3,
· "p_w_picpath": 2,
· "volume": 2,
· }
Configure default as the defaultdomain for users that you create via the dashboard:
· OPENSTACK_KEYSTONE_DEFAULT_DOMAIN="default"
Configure user as the defaultrole for users that you create via the dashboard:
· OPENSTACK_KEYSTONE_DEFAULT_ROLE="user"
If you chosenetworking option 1, disable support for layer-3 networking services:
· OPENSTACK_NEUTRON_NETWORK = {
· ...
· 'enable_router': False,
· 'enable_quotas': False,
· 'enable_distributed_router':False,
· 'enable_ha_router': False,
· 'enable_lb': False,
· 'enable_firewall': False,
· 'enable_vpn': False,
· 'enable_fip_topology_check':False,
· }
Optionally,configure the time zone:
· TIME_ZONE="TIME_ZONE"
Finalize installation
systemctl restart httpd.servicememcached.service
OK,安装完成可以使用啦
刚开始进入的时候先创建网络
网络创建完毕后创建云主机类型
Ok可以创建虚拟机啦
由于做的比较简单当下一步到网络的时候就可以直接点击创建云主机啦
OK大功告成。
附上官方文档地址:centos7,linux系统可自行选择。
http://docs.openstack.org/newton/install-guide-rdo/horizon-install.html
