安装和配置网络节点
vim /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
sysctl -p
yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch
vim /etc/neutron/neutron.conf
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = 192.168.5.1
rabbit_password = 666666
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True
[keystone_authtoken]
...
auth_uri = http://192.168.5.1:5000/v2.0
identity_uri = http://192.168.5.1:35357
admin_tenant_name = service
admin_user = neutron
admin_password = 666666
vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
...
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_flat]
...
flat_networks = external
[ml2_type_gre]
...
tunnel_id_ranges = 1:1000
[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
...
local_ip = 192.168.8.1
enable_tunneling = True
bridge_mappings = external:br-ex
[agent]
...
tunnel_types = gre
vim /etc/neutron/l3_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
use_namespaces = True
external_network_bridge = br-ex
router_delete_namespaces = True
verbose = True
vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
...
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
use_namespaces = True
dhcp_delete_namespaces = True
verbose = True
vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
...
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
vim /etc/neutron/dnsmasq-neutron.conf
dhcp-option-force=26,1454
pkill dnsmasq
vim /etc/neutron/metadata_agent.ini
[DEFAULT]
...
auth_url = http://192.168.5.1:5000/v2.0
auth_region = regionOne
admin_tenant_name = service
admin_user = neutron
admin_password = 666666
nova_metadata_ip = 192.168.5.1
metadata_proxy_shared_secret = METADATA_SECRET
verbose = True
在控制节点上操作
vim /etc/nova/nova.conf
[neutron]
...
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET
systemctl restart openstack-nova-api.service
在网络节点上操作
systemctl enable openvswitch.service
systemctl start openvswitch.service
ovs-vsctl add-br br-ex ####http://blog.csdn.net/signmem/article/details/19419517
####http://www.aboutyun.com/thread-11777-1-1.html
ovs-vsctl add-port br-ex ext8
ethtool -K ext8 gro off
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl enable neutron-openvswitch-agent.service neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-ovs-cleanup.service
systemctl start neutron-openvswitch-agent.service neutron-l3-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
在控制节点安装
source admin-openrc.sh
neutron agent-list
在计算节点上操作
vim /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
sysctl -p
yum -y install openstack-neutron-ml2 openstack-neutron-openvswitch
vim /etc/neutron/neutron.conf
在[database]注销connection
[DEFAULT]
...
rpc_backend = rabbit
rabbit_host = 192.168.5.1
rabbit_password = 666666
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
verbose = True
[keystone_authtoken]
...
auth_uri = http://192.168.5.1:5000/v2.0
identity_uri = http://192.168.5.1:35357
admin_tenant_name = service
admin_user = neutron
admin_password = 666666
vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
...
type_drivers = flat,gre
tenant_network_types = gre
mechanism_drivers = openvswitch
[ml2_type_gre]
...
tunnel_id_ranges = 1:1000
[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[ovs]
...
local_ip = 192.168.5.2 ###计算节点ip
enable_tunneling = True
[agent]
...
tunnel_types = gre
systemctl enable openvswitch.service
systemctl start openvswitch.service
vim /etc/nova/nova.conf
[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[neutron]
...
url = http://192.168.5.1:9696
auth_strategy = keystone
admin_auth_url = http://192.168.5.1:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = 666666
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
cp /usr/lib/systemd/system/neutron-openvswitch-agent.service /usr/lib/systemd/system/neutron-openvswitch-agent.service.orig
sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /usr/lib/systemd/system/neutron-openvswitch-agent.service
systemctl restart openstack-nova-compute.service
systemctl enable neutron-openvswitch-agent.service
systemctl restart neutron-openvswitch-agent.service
在控制节点上操作
source admin-openrc.sh
neutron agent-list
source admin-openrc.sh
neutron net-create ext-net --router:external True --provider:physical_network external --provider:network_type flat
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=FLOATING_IP_START,end=FLOATING_IP_END --disable-dhcp --gateway EXTERNAL_NETWORK_GATEWAY EXTERNAL_NETWORK_CIDR
neutron subnet-create ext-net --name ext-subnet --allocation-pool start=172.16.1.100,end=172.16.1.200 --disable-dhcp --gateway 172.16.1.1 172.16.0.0/16
source demo-openrc.sh
neutron net-create demo-net
neutron subnet-create demo-net --name demo-subnet --gateway TENANT_NETWORK_GATEWAY TENANT_NETWORK_CIDR
neutron subnet-create demo-net --name demo-subnet --gateway 192.168.2.1 192.168.2.0/24
neutron router-create demo-router
neutron router-interface-add demo-router demo-subnet
Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router
neutron router-gateway-set demo-router ext-net
Set gateway for router demo-router
vim /etc/nova/nova.conf
[DEFAULT]
...
network_api_class = nova.network.api.API
security_group_api = nova
systemctl restart openstack-nova-api.service openstack-nova-scheduler.service openstack-nova-conductor.service
在计算节点操作
yum -y install openstack-nova-network openstack-nova-api
vim /etc/nova/nova.conf
[DEFAULT]
...
network_api_class = nova.network.api.API
security_group_api = nova
firewall_driver = nova.virt.libvirt.firewall.IptablesFirewallDriver
network_manager = nova.network.manager.FlatDHCPManager
network_size = 254
allow_same_net_traffic = False
multi_host = True
send_arp_for_ha = True
share_dhcp_address = True
force_dhcp_release = True
flat_network_bridge = br100
flat_interface = INTERFACE_NAME ####
public_interface = INTERFACE_NAME ####
systemctl enable openstack-nova-network.service openstack-nova-metadata-api.service
systemctl start openstack-nova-network.service openstack-nova-metadata-api.service
在控制节点上操作
source admin-openrc.sh
nova network-create demo-net --bridge br100 --multi-host T --fixed-range-v4 NETWORK_CIDR
nova network-create demo-net --bridge br100 --multi-host T --fixed-range-v4 203.0.113.24/29
nova net-list
添加仪表盘
在控制节点上操作
yum -y install openstack-dashboard httpd mod_wsgi memcached python-memcached
vim /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "192.168.5.1"
ALLOWED_HOSTS = ['*']
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': '127.0.0.1:11211',
}
}
TIME_ZONE = "Asia/Shanghai"
setsebool -P httpd_can_network_connect on
chown -R apache:apache /usr/share/openstack-dashboard/static
systemctl enable httpd.service memcached.service
systemctl start httpd.service memcached.service