第十四章 neutron组件安装3

1、在每个计算节点上安装neutron组件

# 开启计算节点的物理接口混杂模式，使得计算节点能接收多个vlan的数据
# 配置文件
vi /etc/sysctl.conf
# 修改如下
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0

# 生效操作
sysctl -p

# 为了让一个没有配置IP地址的接口起来，需要做些一些特殊设置
# 配置文件
vi /etc/systemd/network/enp1s0f2.network  # 新建
# 修改如下
[Match]
Name=enp1s0f2                             # 这里的enp1s0f2为实际规划的，并进行instance 通信的物理网卡名称
[Network]
LinkLocalAddressing=no
IPv6AcceptRA=no

systemctl restart systemd-networkd        # 重启networkd服务

apt -y install neutron-common neutron-plugin-ml2 neutron-linuxbridge-agent
# 配置文件
mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.org    # 备份官方
vi /etc/neutron/neutron.conf
# 修改如下
# create new
[DEFAULT]
debug = True                                                # 打开调试功能
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
allow_overlapping_ips = True
# RabbitMQ connection info
transport_url = rabbit://openstack:password@192.168.222.29

[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf

# Keystone auth info
[keystone_authtoken]
www_authenticate_uri = http://192.168.222.29:5000
auth_url = http://192.168.222.29:5000
memcached_servers = 192.168.222.29:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = servicepassword

[oslo_concurrency]
lock_path = $state_path/lock

# 修改权限
chmod 640 /etc/neutron/neutron.conf
chgrp neutron /etc/neutron/neutron.conf

# 配置文件
vi /etc/neutron/plugins/ml2/ml2_conf.ini
# 修改如下
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vlan              # vlan模式
mechanism_drivers = linuxbridge          # 暂时不用ovs，后面再加
extension_drivers = port_security

[ml2_type_vlan]
network_vlan_ranges = default:3001:4000     # line 261

# 配置文件
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
# 修改如下
[linux_bridge]
physical_interface_mappings = default:enp1s0f2  # line 183 ,此处的网卡关联就是关联instance network

[securitygroup]
enable_security_group = True           # line 218
firewall_driver = iptables
enable_ipset = True

[vxlan]
enable_vxlan = False                  # line 239

local_ip = 192.168.222.27             # line 271

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
systemctl restart nova-compute neutron-linuxbridge-agent
systemctl enable neutron-linuxbridge-agent       # 设置开机自启动