Openstack组件部署 — Networking service_Compute Node

前文列表

安装组件

yum install openstack-neutron openstack-neutron-linuxbridge ebtables ipset -y

配置通用组件

Networking 通用组件的配置包括认证机制、消息队列、插件。

编辑/etc/neutron/neutron.conf 文件
vim /etc/neutron/neutron.conf

在[database] 部分，注释所有connection 项，因为计算节点不直接访问数据库。
在 [DEFAULT] 和[oslo_messaging_rabbit]部分，配置RabbitMQ消息队列访问：

[DEFAULT]
rpc_backend = rabbit

[oslo_messaging_rabbit]
rabbit_host = controller.jmilk.com
rabbit_userid = openstack
rabbit_password = fanguiju

在[DEFAULT] 和[keystone_authtoken]部分，配置Keystone认证服务访问：

《UPDATE》2016/08/13

[DEFAULT]
auth_strategy = keystone

[keystone_authtoken]
auth_uri = http://controller.jmilk.com:5000
auth_url = http://controller.jmilk.com:35357
memcached_servers = controller.jmilk.com:11211
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = fanguiju

注：在 [keystone_authtoken] 中注释或者删除其他选项。

在 [oslo_concurrency] 部分，配置锁路径

[oslo_concurrency]
lock_path =/var/lib/neutron/tmp

在[DEFAULT]部分启用详细日志

[DEFAULT]
verbose = True

配置自服务网络选项

配置Linux 桥接代理

Linux桥接代理为实例创建包括私有网络的VXLAN隧道和处理安全组的layer-2（桥接/交换）虚拟网络设施。

编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件
vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini

在[linux_bridge] 部分，映射公共虚拟网络到公共物理网络接口：

《UPDATE》2016/08/13

[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME

将PUBLIC_INTERFACE_NAME 替换为物理公共网络接口(网卡)。
Example:

[linux_bridge]
physical_interface_mappings = provider:eth1

在[vxlan]部分，启用VXLAN覆盖网络，配置处理覆盖网络和启用layer-2 的物理网络接口的IP地址：

[vxlan]
enable_vxlan = True
local_ip = OVERLAY_INTERFACE_IP_ADDRESS
l2_population = True

Replace OVERLAY_INTERFACE_IP_ADDRESS with the IP address of the underlying physical network interface that handles overlay networks. The example architecture uses the management interface to tunnel traffic to the other nodes. Therefore, replace OVERLAY_INTERFACE_IP_ADDRESS with each node’s own management IP address.
Example:

[vxlan]
enable_vxlan = True
local_ip = 172.16.0.5
l2_population = True

在[agent]部分，启用ARP欺骗防护：

[agent]
prevent_arp_spoofing = True

在 [securitygroup]部分，启用安全组并配置 Linux 桥接 iptables 防火墙驱动：

[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

配置Nova使用网络

编辑/etc/nova/nova.conf文件
vim /etc/nova/nova.conf

在[neutron] 部分，配置访问参数：

[neutron]
url = http://controller.jmilk.com:9696
auth_url = http://controller.jmilk.com:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = fanguiju

完成安装

Step1. 重启nova-compute service

systemctl restart openstack-nova-compute.service

Step2. 启动Linux桥接代理并配置它开机自启动

systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

验证操作(Execute following commands on Controller Node)

Step1. 加载admin凭证获取权限来执行只有管理员能执行命令：

source admin-openrc

Step2. 列出加载的扩展，对neutron-server进程是否启动正常进行验证：

neutron ext-list

《UPDATE》2016/08/13

Step3. 列出代理以验证启动 neutron 代理是否成功：

[root@controller ~]# source admin-openrc 
[root@controller ~]# neutron ext-list
+---------------------------+-----------------------------------------------+| alias                     | name                                          |
+---------------------------+-----------------------------------------------+
| default-subnetpools       | Default Subnetpools                           |
| network-ip-availability   | Network IP Availability                       |
| network_availability_zone | Network Availability Zone                     |
| auto-allocated-topology   | Auto Allocated Topology Services              |
| ext-gw-mode               | Neutron L3 Configurable external gateway mode |
| binding                   | Port Binding                                  |
| agent                     | agent                                         |
| subnet_allocation         | Subnet Allocation                             |
| l3_agent_scheduler        | L3 Agent Scheduler                            |
| tag                       | Tag support                                   |
| external-net              | Neutron external network                      |
| net-mtu                   | Network MTU                                   |
| availability_zone         | Availability Zone                             |
| quotas                    | Quota management support                      |
| l3-ha                     | HA Router extension                           |
| provider                  | Provider Network                              |
| multi-provider            | Multi Provider Network                        |
| address-scope             | Address scope                                 |
| extraroute                | Neutron Extra Route                           |
| timestamp_core            | Time Stamp Fields addition for core resources |
| router                    | Neutron L3 Router                             |
| extra_dhcp_opt            | Neutron Extra DHCP opts                       |
| dns-integration           | DNS Integration                               |
| security-group            | security-group                                |
| dhcp_agent_scheduler      | DHCP Agent Scheduler                          |
| router_availability_zone  | Router Availability Zone                      |
| rbac-policies             | RBAC Policies                                 |
| standard-attr-description | standard-attr-description                     |
| port-security             | Port Security                                 |
| allowed-address-pairs     | Allowed Address Pairs                         |
| dvr                       | Distributed Virtual Router                    |
+---------------------------+-----------------------------------------------+
[root@controller ~]# neutron agent-list 
+--------------------------------------+--------------------+----------------------+-------------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host                 | availability_zone | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+----------------------+-------------------+-------+----------------+---------------------------+
| 0efbbdde-5aef-4efc-9b65-ec599c7f3786 | Linux bridge agent | compute1.jmilk.com   |                   | :-)   | True           | neutron-linuxbridge-agent |
| 54acdc63-0cd1-41a6-9761-2966e4730763 | L3 agent           | controller.jmilk.com | nova              | :-)   | True           | neutron-l3-agent          |
| 616b0ebd-b09f-4a0b-922a-59ace46d40e5 | DHCP agent         | controller.jmilk.com | nova              | :-)   | True           | neutron-dhcp-agent        |
| 80571b4a-7e8d-40f8-bcf4-9ec80566b01b | Metadata agent     | controller.jmilk.com |                   | :-)   | True           | neutron-metadata-agent    |
| 98b23b97-d53e-4a0b-8799-f262bbd6bdff | Linux bridge agent | controller.jmilk.com |                   | :-)   | True           | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+----------------------+-------------------+-------+----------------+---------------------------+

该输出应该显示在控制节点上有四个代理，在每个计算节点上有一个代理。

相关阅读：

抖音怎么玩「视频教程」一步步详解抖音

抖音怎么恢复播放量「视频教程」教你轻松上热门

作为普通人，我们如何用抖音赚取第一桶金

相关阅读:
企业nginx应用实例（功能拆分记录）
Squid代理服务器的安装与配置
 关于mysql主从架构master宕机后，请求转移问题解决办法
 记一次innobackupex备份恢复数据库过程
 elasticsearch6.6及其插件安装记录（较详细）
redis一主二从加哨兵
 nginx反向代理proxy_pass的问题
 spring程序打包war，直接通过-jar启动，并指定spring.profiles.active参数控制多环境配置
 Debian下配置防火墙iptables
内连接和外连接
原文地址：https://www.cnblogs.com/hzcya1995/p/13310812.html

Openstack组件部署 — Networking service_Compute Node

目录

前文列表

安装组件

配置通用组件

配置自服务网络选项

配置Linux 桥接代理

配置Nova使用网络

完成安装

验证操作(Execute following commands on Controller Node)