Kolla多节点环境安装OVN

安装OVN组件

控制节点

### 安装ovn-northd
# wget https://copr.fedorainfracloud.org/coprs/leifmadsen/ovs-master/repo/epel-7/leifmadsen-ovs-master-epel-7.repo -O /etc/yum.repos.d/ovs.repo
# yum install openvswitch-ovn-central openvswitch-ovn-host -y
# docker rm -f neutron_metadata_agent neutron_dhcp_agent neutron_openvswitch_agent openvswitch_vswitchd openvswitch_db

# cp /var/lib/docker/volumes/openvswitch_db/_data/conf.db /etc/openvswitch/
### 第一次启动会报错，删掉/etc/openvswitch/下面的backup数据库即可
# systemctl start ovn-controller
# systemctl enable ovn-controller
# systemctl start ovn-northd
# systemctl enable ovn-northd
# ovs-vsctl set open . external-ids:ovn-remote=tcp:92.0.0.11:6642
# ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan
# ovs-vsctl set open . external-ids:ovn-encap-ip=92.0.0.11
# ovs-vsctl set open . external-ids:ovn-bridge-mappings=physnet1:br-ex
# systemctl restart ovsdb-server
# systemctl restart ovn-controller
# systemctl restart ovn-northd

# ovs-vsctl del-br br-tun
# ovs-vsctl del-port br-int patch-tun
# ovs-vsctl del-controller br-int
# ovs-vsctl del-controller br-ex
# ovs-vsctl set bridge br-int protocols=[]

# vim /etc/kolla/neutron-server/ml2_conf.ini
[ml2]
mechanism_drivers = ovn
type_drivers = local,flat,vlan,geneve
tenant_network_types = geneve
extension_drivers = port_security
overlay_ip_version = 4

[ml2_type_geneve]
vni_ranges = 1:65536
max_header_size = 38

[securitygroup]
enable_security_group = true

[ovn]
ovn_nb_connection = tcp:92.0.0.11:6641
ovn_sb_connection = tcp:92.0.0.11:6642
ovn_l3_mode = False
ovn_l3_scheduler = chance
ovn_native_dhcp = True
neutron_sync_mode = repair

### 我的neutron_server镜像自己build的删除了neutron用户
# docker exec -it neutron_server yum install -y python-networking-ovn
# docker restart neutron_server

# vim /etc/kolla/neutron-l3-agent/l3_agent.ini
external_network_bridge = br-ex
# docker restart neutron_l3_agent

### 可以重启下nova服务，不过我为了简单就直接重启机器
# reboot

计算节点

### 安装ovn-controller
# wget https://copr.fedorainfracloud.org/coprs/leifmadsen/ovs-master/repo/epel-7/leifmadsen-ovs-master-epel-7.repo -O /etc/yum.repos.d/ovs.repo
# yum install openvswitch-ovn-host -y
# docker rm -f neutron_openvswitch_agent openvswitch_vswitchd openvswitch_db

# cp /var/lib/docker/volumes/openvswitch_db/_data/conf.db /etc/openvswitch/
### 第一次启动会报错，删掉/etc/openvswitch/下面的backup数据库即可
# systemctl start ovn-controller
# systemctl enable ovn-controller
# ovs-vsctl set open . external-ids:ovn-remote=tcp:92.0.0.11:6642
# ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan
# ovs-vsctl set open . external-ids:ovn-encap-ip=92.0.0.12
# systemctl restart ovn-controller

# ovs-vsctl del-br br-tun
# ovs-vsctl del-port br-int patch-tun
# ovs-vsctl del-controller br-int
# ovs-vsctl del-controller br-ex
# ovs-vsctl set bridge br-int protocols=[]

### 可以重启下nova服务，不过我为了简单就直接重启机器
# reboot

扩展知识

OVS所有服务都使用/usr/share/openvswitch/scripts/ovs-ctl脚本启动

问题处理

ovsdb-server启动异常，绑定端口失败

# systemctl status ovsdb-server
Jun 08 09:43:42 localhost ovsdb-server[723]: ovs|00972|socket_util|ERR|6640:92.0.0.12: bind: Permission denied

### 解决办法就是关闭selinux
# vim /etc/selinux/config
SELINUX=disabled