搭建Openstack集群

 安装Neutron

Neutron代表着中子星,Openstack中负责网络配置。

Controller上创建MySQL帐户,这一个系列跑下来,你应该了解流程了。

CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY password;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password';

创建用户,创建服务,拿到id,创建endpoint

#keystone user-create --name=neutron --pass=password --email=neutron@example.com
#keystone user-role-add --user=neutron --tenant=service --role=admin
#keystone service-create --name=neutron --type=network --description="OpenStack Networking Service"
#拿到ID #
#keystone endpoint-create --service-id the_service_id_above --publicurl http://controller:9696 --adminurl http://controller:9696 --internalurl http://controller:9696

切换到Network主机

#apt-get install neutron-server neutron-dhcp-agent neutron-plugin-openvswitch-agent neutron-l3-agent

设置sysctl.conf文件中的网络配置

vi /etc/sysctl.conf

 net.ipv4.ip_forward=1
 net.ipv4.conf.all.rp_filter=0
 net.ipv4.conf.default.rp_filter=0

内核配置生效,重起网络服务

#sysctl -p
#service network restart

修改Neutron配置,vi /etc/neutron/neutron.conf

[DEFAULT]
 auth_strategy = keystone
 rabbit_host = controller
 rabbit_userid = guest
 rabbit_password = password
 core_plugin = neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2
[keystone_authtoken]
 auth_host = controller
 auth_port = 35357
 auth_protocol = http
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password

 [database]
 connection = mysql://neutron:password@controller/neutron

vi /etc/neutron/api-paste.ini

[filter:authtoken]
 paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
 auth_host = controller
 auth_uri = http://controller:5000
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password

安装虚拟交换机,创建虚端口

#apt-get install neutron-plugin-openvswitch-agent openvswitch-switch openvswitch-datapath-dkms openvswitch-datapath-source
#service openvswitch-switch restart
#ovs-vsctl add-br br-int
#ovs-vsctl add-br br-ex
#ovs-vsctl add-port br-ex eth2

配置eth2为网桥模式, vi /etc/network/interfaces,增加

auto eth2
 iface eth2 inet static
 up ifconfig $IFACE 0.0.0.0 up
 up ip link set $IFACE promisc on
 down ip link set $IFACE promisc off
 down ifconfig $IFACE down

 auto br-ex
 iface br-ex inet static
 address 10.0.0.3
 netmask 255.255.255.0

修改/etc/neutron/l3_agent.ini 和/etc/neutron/dhcp_agent.ini

 interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True

修改 /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini

[ovs]
 tenant_network_type = gre
 tunnel_id_ranges = 1:1000
 enable_tunneling = True
 integration_bridge = br-int
 tunnel_bridge = br-tun
 local_ip = 10.0.0.3
[securitygroup] 
 ;启用防火墙
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

启用DHCP plugin,对于虚拟机集群而言,DHCP管理是必须的!

vi /etc/neutron/dhcp_agent.ini

dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq

切换到Controller

编辑/etc/nova/nova.conf,在[DEFAULT]  Lable下增加两行

[DEFAULT]
......
neutron_metadata_proxy_shared_secret = password
service_neutron_metadata_proxy = true

回到Network主机

编辑/etc/neutron/metadata_agent.ini ,在[DEFAULT]  Lable下增加

[DEFAULT]
 auth_url = http://controller:5000/v2.0
 auth_region = regionOne
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password
 nova_metadata_ip = controller
 metadata_proxy_shared_secret = password

重起网络服务

#service neutron-server restart
 #service neutron-dhcp-agent restart
 #service neutron-l3-agent restart
 #service neutron-metadata-agent restart
 #service openvswitch-switch restart
 #service neutron-plugin-openvswitch-agent restart

切换到Compute主机

同样编辑sysctl

#echo "net.ipv4.conf.all.rp_filter=0" >> /etc/sysctl.conf
#echo "net.ipv4.conf.default.rp_filter=0" >> /etc/sysctl.conf

# sysctl -p

安装虚拟交换机

#apt-get install neutron-plugin-openvswitch-agent openvswitch-switch \
#openvswitch-datapath-dkms openvswitch-datapath-source
#service openvswitch-switch restart

将br-int作为桥接

#ovs-vsctl add-br br-int

编辑/etc/neutron/neutron.conf,在[DEFAULT] lable下增加

core_plugin = neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2

配置虚拟交换机,编辑/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini

[ovs]
tenant_network_type = gre
tunnel_id_ranges = 1:1000
enable_tunneling = True
integration_bridge = br-int
tunnel_bridge = br-tun
local_ip = 192.168.20.3

[securitygroup]
 firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

配置Neutron,编辑/etc/neutron/neutron.conf

[DEFAULT]
auth_host = controller
admin_tenant_name = service
admin_user = neutron
admin_password = password
auth_url = http://controller:35357/v2.0
auth_strategy = keystone
rpc_backend = neutron.openstack.common.rpc.impl_kombu
rabbit_host = controller
rabbit_port = 5672
rabbit_userid = guest
rabbit_password = password

[database]
connection = mysql://neutron:password@controller/neutron

编辑/etc/neutron/api-paste.ini

[filter:authtoken]
 paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
 auth_host = controller
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password

修改/etc/nova/nova.conf

 network_api_class=nova.network.neutronv2.api.API
 neutron_url=http://controller:9696
 neutron_auth_strategy=keystone
 neutron_admin_tenant_name=service
 neutron_admin_username=neutron
 neutron_admin_password=password
 neutron_admin_auth_url=http://controller:35357/v2.0
 linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
 firewall_driver=nova.virt.firewall.NoopFirewallDriver
 security_group_api=neutron

重起服务,生效配置

#service nova-compute restart
#service openvswitch-switch restart
#service neutron-plugin-openvswitch-agent restart

切换到Controller主机

安装Neutron-server

#apt-get install neutron-server

修改/etc/neutron/neutron.conf的配置

[DEFAULT]
auth_host = controller
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password
 auth_url = http://controller:35357/v2.0
 auth_strategy = keystone
 rpc_backend = neutron.openstack.common.rpc.impl_kombu
 rabbit_host = controller
 rabbit_port = 5672
 rabbit_password = password
 core_plugin = neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2

[database]
 connection = mysql://neutron:password@controller/neutron

修改/etc/neutron/apipaste.ini

[filter:authtoken]
 paste.filter_factory = keystoneclient.middleware.auth_token:filter_factory
 admin_tenant_name = service
 admin_user = neutron
 admin_password = password

安装虚拟交换机

#apt-get install neutron-plugin-openvswitch

配置虚拟交换机,编辑/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini

[ovs]
 tenant_network_type = gre
 tunnel_id_ranges = 1:1000
 enable_tunneling = True
 firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

编辑Nova的配置/etc/nova/nova.conf

network_api_class=nova.network.neutronv2.api.API
 neutron_url=http://controller:9696
 neutron_auth_strategy=keystone
 neutron_admin_tenant_name=service
 neutron_admin_username=neutron
 neutron_admin_password=password
 neutron_admin_auth_url=http://controller:35357/v2.0
 linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
 firewall_driver=neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
 security_group_api=neutron

重起Neutron

#service neutron-server restart

发表评论

电子邮件地址不会被公开。 必填项已用*标注

请补全下列算式: *

此站点使用Akismet来减少垃圾评论。了解我们如何处理您的评论数据