openstack安装笔记 Neutron(未完成)(六)
验证
在网络节点
防火墙配置
• 编辑 /etc/sysconfig/iptables 文件,将filter 中添加防火墙规则全部删掉.
• 重新启动防火墙 /etc/init.d/iptables restart
配置yum源
将epel-depends.repo icehouse.repo rabbitmq.repo rhel65.repo文件,拷贝到/etc/yum.repos.d/目录
导入KEY
• 添加eth1网卡,配置如下
cat /etc/sysconfig/network-scripts/ifcfg-eth1
------------------------
升级iproute和dnsmasq软件包
配置Open vSwitch
(新建一个默认的桥接设备)
切换到Controller节点,创建Neutron数据库,数据库名称为neutron
在keystone库 的service加了一条数据
endpoint表加了3条数据
配置neutron openvswitch agent
• 本次实验采用OpenVswitch做为plugin来提供网络服务,需要对plugin.ini文件进行关联和修改
ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini /etc/neutron/plugin.ini -f
keystone role-list keystone user-list keystone tenant-list keystone service-list keystone endpoint-list glance image-list cinder list
在网络节点
防火墙配置
• 编辑 /etc/sysconfig/iptables 文件,将filter 中添加防火墙规则全部删掉.
• 重新启动防火墙 /etc/init.d/iptables restart
配置yum源
将epel-depends.repo icehouse.repo rabbitmq.repo rhel65.repo文件,拷贝到/etc/yum.repos.d/目录
导入KEY
rpm --import http://172.16.21.233/epel-depends/RPM-GPG-KEY-EPEL-6 rpm --import http://172.16.21.233/rhel65/RPM-GPG-KEY-redhat-release rpm --import http://172.16.21.233/rabbitmq/rabbitmq-signing-key-public.asc rpm --import http://172.16.21.233/rdo-icehouse-b3/RPM-GPG-KEY-RDO-Icehouse
• 添加eth1网卡,配置如下
cat /etc/sysconfig/network-scripts/ifcfg-eth1
DEVICE=eth1 TYPE=Ethernet ONBOOT=yes NM_CONTROLLED=no BOOTPROTO=static
------------------------
升级iproute和dnsmasq软件包
yum install -y iproute dnsmasq dnsmasq-utils yum install openstack-neutron python-kombu python-amqplib python-pyudev python-stevedore openstack-utils openstack-neutron-openvswitch openvswitch -y
配置Open vSwitch
chkconfig openvswitch on service openvswitch start
(新建一个默认的桥接设备)
ovs-vsctl add-br br-int
切换到Controller节点,创建Neutron数据库,数据库名称为neutron
mysql -u root -popenstack CREATE DATABASE neutron; GRANT ALL ON neutron.* TO neutron @'%' IDENTIFIED BY 'neutron'; GRANT ALL ON neutron.* TO neutron @'localhost' IDENTIFIED BY 'neutron'; FLUSH PRIVILEGES;
keystone service-create --name neutron --type network --description "Neutron Networking Service" WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | Neutron Networking Service | | id | 97697ea9d10440d6bf8ebd0dc514fd86 | | name | neutron | | type | network | +-------------+----------------------------------+ [root@controller keystone(keystone_admin)]#
在keystone库 的service加了一条数据
keystone endpoint-create --service neutron --publicurl "http://192.168.1.231:9696" --adminurl "http://192.168.1.231:9696" --internalurl "http://192.168.1.231:9696" --region beijing WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | adminurl | http://192.168.1.231:9696 | | id | 477abe3dc54445869e9a9783a47d40b2 | | internalurl | http://192.168.1.231:9696 | | publicurl | http://192.168.1.231:9696 | | region | beijing | | service_id | 97697ea9d10440d6bf8ebd0dc514fd86 | +-------------+----------------------------------+ [root@controller keystone(keystone_admin)]#
endpoint表加了3条数据
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host 172.16.21.233 openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name admin openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user admin openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password openstack openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_kombu openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_host 172.16.21.233 openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin neutron.plugins.openvswitch.ovs_neutron_plugin.OVSNeutronPluginV2 openstack-config --set /etc/neutron/neutron.conf DEFAULT control_exchange neutron openstack-config --set /etc/neutron/neutron.conf database connection mysql://neutron:[email protected]/neutron openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
配置neutron openvswitch agent
• 本次实验采用OpenVswitch做为plugin来提供网络服务,需要对plugin.ini文件进行关联和修改
ln -s /etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini /etc/neutron/plugin.ini -f
openstack-config --set /etc/neutron/plugin.ini OVS tenant_network_type gre openstack-config --set /etc/neutron/plugin.ini OVS tunnel_id_ranges 1:1000 openstack-config --set /etc/neutron/plugin.ini OVS enable_tunneling True openstack-config --set /etc/neutron/plugin.ini OVS local_ip 172.16.21.231 openstack-config --set /etc/neutron/plugin.ini OVS integration_bridge br-int openstack-config --set /etc/neutron/plugin.ini OVS tunnel_bridge br-tun openstack-config --set /etc/neutron/plugin.ini SECURITYGROUP firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver