enable_ipset = True
# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini [linux_bridge]
physical_interface_mappings = provider:enp2s0f1
注:enp2s0f1为第二块网卡设备
[vxlan]
enable_vxlan = True
local_ip = 101.101.101.81 l2_population = True
注:local_ip为第二个网卡所在网段
[securitygroup] ...
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
#vim /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver external_network_bridge =
# vim //etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = True
配置元数据代理
# vim /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_ip = Controller
metadata_proxy_shared_secret = METADATA_SECRET
注:METADATA_SECRET为自定义的字符密码,与下文nova.conf中metadata_proxy_shared_secret配置一致。
# vim /etc/nova/nova.conf
26
[neutron]
url = http://Controller:9696
auth_url = http://Controller:35357 auth_type = password
project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 123456
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET
结束安装
创建配置文件符号连接
# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
配置存取到数据库
#su -s /bin/sh -c \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head\
重启计算API服务
# systemctl restart openstack-nova-api.service
服务启动
# systemctl enable neutron-server.service \\
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \\ neutron-metadata-agent.service
#systemctl start neutron-server.service \\
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \\ neutron-metadata-agent.service
# systemctl enable neutron-l3-agent.service #systemctl start neutron-l3-agent.service
查看所有服务是否正常启动systemctl status *
27
计算节点上安装与配置
安装组件
#yum install openstack-neutron-linuxbridge ebtables ipset
配置通用组件
# vim /etc/neutron/neutron.conf
[DEFAULT]
rpc_backend = rabbit auth_strategy = keystone
[oslo_messaging_rabbit] rabbit_host = Controller rabbit_userid = openstack
rabbit_password = RABBIT_PASS
[keystone_authtoken]
auth_uri = http://Controller:5000 auth_url = http://Controller:35357
memcached_servers = Controller:11211 auth_type = password
project_domain_name = default user_domain_name = default project_name = service username = neutron password = 123456
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
同样方法配置其他节点,利用scp复制配置文件需要修改权限
将配置文件拷贝到其他计算节点,并在其他计算节点上修改文件拥有者权限 # scp /etc/neutron/neutron.conf root@computer02:/etc/neutron/ 切换到其他节点
# chown root:neutron /etc/neutron/neutron.conf
28
配置网络选项
# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:enp2s0f1
注:红色部分为PROVIDER_INTERFACE_NAME,应为本被计算节点物理网卡编号
[vxlan]
enable_vxlan = True
local_ip = 101.101.101.82 l2_population = True
注:local_ip为本计算节点IP
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
配置计算节点利用neutron # vim /etc/nova/nova.conf [neutron]
url = http://Controller:9696
auth_url = http://Controller:35357 auth_type = password
project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = 123456
结束安装
重启计算服务
# systemctl restart openstack-nova-compute.service
启动Linux桥接代理
# systemctl enable neutron-linuxbridge-agent.service #systemctl start neutron-linuxbridge-agent.service
29
验证操作
在管理节点上执行以下操作 $. admin-openrc $neutron ext-list
$ neutron agent-list
安装Ceph-deploy
给普通用户增加sudo权限
# echo \$ sudo chmod 0440 /etc/sudoers.d/inspur
30