部署neutron-compute
https://docs.openstack.org/neutron/train/install/compute-install-rdo.html #node节点部署neutron参考
https://docs.openstack.org/neutron/train/install/compute-install-option1-rdo.html #node提供者网络参考
1、yum install openstack-neutron-linuxbridge ebtables ipset
2、vim /etc/neutron/neutron.conf
[DEFAULT] #neutron的server端与agent端通讯也是通过rabbitmq进行通讯的
transport_url = rabbit://openstack:openstack123@openstack-vip.linux.local
auth_strategy = keystone #通过keystone做认证
[keystone_authtoken] #指定keystone认证信息
www_authenticate_uri = http://openstack-vip.linux.local:5000
auth_url = http://openstack-vip.linux.local:5000
memcached_servers = openstack-vip.linux.local:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[oslo_concurrency] #配置锁路径
lock_path = /var/lib/neutron/tmp
#配置提供者网络
3、官方拷贝完整的 linuxbridge_agent.ini 文件,
https://docs.openstack.org/newton/config-reference/networking/samples/linuxbridge_agent.ini.html
4、vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:eth0
#直接告诉node节点external网络绑定在当前node节点哪个物理网卡上即可,不需要node节点配置网络名称,node节点只需要接收controller节点指令即可;controller节点上配置的external网络名称是针对整个openstack环境生效的,所以指定external网络绑定在当前node节点的eth0物理网卡上(也可能是bind0或br0)
[vxlan]
enable_vxlan = false #桥接网络不划分子网;自服务才开启
[securitygroup]
enable_security_group = true #开启安全组
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
#指定安全组驱动文件
5、vim /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1 #允许虚拟机的数据通过物理机出去
net.bridge.bridge-nf-call-ip6tables = 1
6、vim /etc/nova/nova.conf #编辑node节点上的nova配置文件
[neutron] #告诉compute节点的nova服务需要到neutron获取地址
auth_url = http://openstack-vip.linux.local:5000 #通过keystone认证后,找到neutron
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
7、systemctl restart openstack-nova-compute.service
8、systemctl restart neutron-linuxbridge-agent.service
9、systemctl enable neutron-linuxbridge-agent.service
10、vim nova-compute-restart.sh
#!/bin/bash
systemctl restart openstack-nova-compute.service
11、vim neutron-compute-restart.sh
#!/bin/bash
systemctl restart neutron-linuxbridge-agent.service
12、tail -f /var/log/neutron/*.log /var/log/nova/*.log
#node节点的日志中不能有任何的报错;nova服务启动后会收集宿主机的可用资源,如cpu、内存等,收集好后会汇报给placement,让nova创建虚拟机的时候进行虚拟机的调度并且还会统计支持的虚拟化的具体类型
13、bash neutron-restart.sh nova-restart.sh #controller端重启nova和neutron
14、tail -f /var/log/neutron/*.log /var/log/nova/*.log #查看controller端日志,不能有任何报错
15、sysctl -p #neutron服务启动后,模块就会把挂载,这样就可以让内核参数生效
验证
https://docs.openstack.org/neutron/train/install/verify-option1.html #验证参考
#controller端进行测试:
1、. admin-openrc.sh
2、openstack network agent list #验证网络客户端;状态必须是UP
3、nova service-list #验证nova状态,必须都是UP