• Openstack neutron 网络服务 (七)


    引用: https://docs.openstack.org/ocata/zh_CN/install-guide-rdo/common/get-started-networking.html

    neutron 控制端:

    # 创建数据库和账号:
    mysql -u root -p 
    
    CREATE DATABASE neutron;
    GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';
    flush privileges;
    
    # 控制端
    # 获得 admin 凭证来获取只有管理员能执行的命令的访问权限:
    source admin.sh
    
    # 创建neutron 用户:
    [root@cont-1 ~]# openstack user create --domain default --password-prompt neutron
    User Password:
    Repeat User Password:
    +---------------------+----------------------------------+
    | Field               | Value                            |
    +---------------------+----------------------------------+
    | domain_id           | 317ace63cb8f4562af682ca6c7bdf955 |
    | enabled             | True                             |
    | id                  | e34c8caecb124b97b70dea07ab009a0c |
    | name                | neutron                          |
    | options             | {}                               |
    | password_expires_at | None                             |
    +---------------------+----------------------------------+
    
    # 添加``admin`` 角色到``neutron`` 用户:
    openstack role add --project service --user neutron admin
    
    # 创建``neutron``服务实体:
    openstack service create --name neutron --description "OpenStack Networking" network
    [root@cont-1 ~]# openstack service create --name neutron --description "OpenStack Networking" network
    +-------------+----------------------------------+
    | Field       | Value                            |
    +-------------+----------------------------------+
    | description | OpenStack Networking             |
    | enabled     | True                             |
    | id          | 0d175e4553b244c3a12d61fa5c677645 |
    | name        | neutron                          |
    | type        | network                          |
    +-------------+----------------------------------+
    
    # 创建网络服务API端点:
    openstack endpoint create --region RegionOne network public http://openstack-linux36-vip.magedu.net:9696
    openstack endpoint create --region RegionOne network internal http://openstack-linux36-vip.magedu.net:9696
    openstack endpoint create --region RegionOne network admin http://openstack-linux36-vip.magedu.net:9696
    
    [root@cont-1 ~]# openstack endpoint create --region RegionOne network public http://openstack-linux36-vip.magedu.net:9696
     network admin http://openstack-linux36-vip.magedu.net:9696
    +--------------+----------------------------------------------+
    | Field        | Value                                        |
    +--------------+----------------------------------------------+
    | enabled      | True                                         |
    | id           | 2682780c75b44021b6d33fc7b34369f1             |
    | interface    | public                                       |
    | region       | RegionOne                                    |
    | region_id    | RegionOne                                    |
    | service_id   | 0d175e4553b244c3a12d61fa5c677645             |
    | service_name | neutron                                      |
    | service_type | network                                      |
    | url          | http://openstack-linux36-vip.magedu.net:9696 |
    +--------------+----------------------------------------------+
    [root@cont-1 ~]# openstack endpoint create --region RegionOne network internal http://openstack-linux36-vip.magedu.net:9696
    +--------------+----------------------------------------------+
    | Field        | Value                                        |
    +--------------+----------------------------------------------+
    | enabled      | True                                         |
    | id           | db1cd6cfe56a4f098a0df038ec1bac1b             |
    | interface    | internal                                     |
    | region       | RegionOne                                    |
    | region_id    | RegionOne                                    |
    | service_id   | 0d175e4553b244c3a12d61fa5c677645             |
    | service_name | neutron                                      |
    | service_type | network                                      |
    | url          | http://openstack-linux36-vip.magedu.net:9696 |
    +--------------+----------------------------------------------+
    [root@cont-1 ~]# openstack endpoint create --region RegionOne network admin http://openstack-linux36-vip.magedu.net:9696
    +--------------+----------------------------------------------+
    | Field        | Value                                        |
    +--------------+----------------------------------------------+
    | enabled      | True                                         |
    | id           | cd20aa74b3d541c89b8e7909c93d891b             |
    | interface    | admin                                        |
    | region       | RegionOne                                    |
    | region_id    | RegionOne                                    |
    | service_id   | 0d175e4553b244c3a12d61fa5c677645             |
    | service_name | neutron                                      |
    | service_type | network                                      |
    | url          | http://openstack-linux36-vip.magedu.net:9696 |
    +--------------+----------------------------------------------+
    [root@cont-1 ~]# openstack endpoint list
    +----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------------------------+
    | ID                               | Region    | Service Name | Service Type | Enabled | Interface | URL                                               |
    +----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------------------------+
    | 01fcaa8287674f80afc2034f2a019016 | RegionOne | glance       | image        | True    | internal  | http://openstack-linux36-vip.magedu.net:9292      |
    | 09b6f2906f864125ae2c0c2721beeb4e | RegionOne | nova         | compute      | True    | internal  | http://openstack-linux36-vip.magedu.net:8774/v2.1 |
    | 14a2b9a8f27a40668e7efab09e422f94 | RegionOne | placement    | placement    | True    | public    | http://openstack-linux36-vip.magedu.net:8778      |
    | 2682780c75b44021b6d33fc7b34369f1 | RegionOne | neutron      | network      | True    | public    | http://openstack-linux36-vip.magedu.net:9696      |
    | 2700c899c78f4503961ad21fed01960b | RegionOne | glance       | image        | True    | admin     | http://openstack-linux36-vip.magedu.net:9292      |
    | 64d7113f699c414bb4ba419f24caf3c6 | RegionOne | nova         | compute      | True    | public    | http://openstack-linux36-vip.magedu.net:8774/v2.1 |
    | 65605d57632a4c8ba0521b20f28bbcc2 | RegionOne | keystone     | identity     | True    | public    | http://openstack-linux36-vip.magedu.net:5000/v3   |
    | 77700950759c4dd8a11c5471ce03b34d | RegionOne | placement    | placement    | True    | internal  | http://openstack-linux36-vip.magedu.net:8778      |
    | 858dee6eafb54902826175be76954094 | RegionOne | keystone     | identity     | True    | admin     | http://openstack-linux36-vip.magedu.net:35357/v3  |
    | b1c38d9b331043f0a625507514edb824 | RegionOne | glance       | image        | True    | public    | http://openstack-linux36-vip.magedu.net:9292      |
    | cd20aa74b3d541c89b8e7909c93d891b | RegionOne | neutron      | network      | True    | admin     | http://openstack-linux36-vip.magedu.net:9696      |
    | db1cd6cfe56a4f098a0df038ec1bac1b | RegionOne | neutron      | network      | True    | internal  | http://openstack-linux36-vip.magedu.net:9696      |
    | ec3647ea42f347008d7e35b52324d995 | RegionOne | keystone     | identity     | True    | internal  | http://openstack-linux36-vip.magedu.net:5000/v3   |
    | f231546406754b5797f24e44b588629b | RegionOne | placement    | placement    | True    | admin     | http://openstack-linux36-vip.magedu.net:8778      |
    | f650c9a98b6a437994b6ba698b30213c | RegionOne | nova         | compute      | True    | admin     | http://openstack-linux36-vip.magedu.net:8774/v2.1 |
    +----------------------------------+-----------+--------------+--------------+---------+-----------+---------------------------------------------------+
    
    # 网络类型:
      1  提供者网络
      2  
      
    #  网络选项1:  提供者网络(在controller 节点安装和配置网络组件)
    1  安装组件:
       yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
    
    2  配置数据库选项:
       编辑``/etc/neutron/neutron.conf`` 文件并完成如下操作,在 [database] 部分,配置数据库访问:
    
        [database]
        # ...
        connection = mysql+pymysql://neutron:123456@openstack-linux36-vip.magedu.net/neutron
        connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
        *** 使用你设置的数据库密码替换 NEUTRON_DBPASS 。
    
    3 在``[DEFAULT]``部分,启用ML2插件并禁用其他插件:
        core_plugin = ml2
        service_plugins =
    
    4  在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限:
        transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
        *** 用你在RabbitMQ中为``openstack``选择的密码替换 “RABBIT_PASS”。
    
    5  在 “[DEFAULT]” 和 “[keystone_authtoken]” 部分,配置认证服务访问:
        # ...
        auth_strategy = keystone
        
        [keystone_authtoken]
        # ...
        auth_uri = http://openstack-linux36-vip.magedu.net:5000
        auth_url = http://openstack-linux36-vip.magedu.net:35357
        memcached_servers = openstack-linux36-vip.magedu.net:11211
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        project_name = service
        username = neutron
        password = 123456
       *** 将 NEUTRON_PASS 替换为你在认证服务中为 neutron 用户选择的密码。
    
    
    6  在``[DEFAULT]``和``[nova]``部分,配置网络服务来通知计算节点的网络拓扑变化:
        [DEFAULT]
        # ...
        notify_nova_on_port_status_changes = true
        notify_nova_on_port_data_changes = true
        
        [nova]
        auth_url = http://openstack-linux36-vip.magedu.net:35357
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        region_name = RegionOne
        project_name = service
        username = nova
        password = 123456
    
       *** 使用你在身份认证服务中设置的``nova`` 用户的密码替换``NOVA_PASS``。
    
    7  在 [oslo_concurrency] 部分,配置锁路径:
       lock_path = /var/lib/neutron/tmp
       
       ############################################################################################
       [root@cont-1 ~]# grep -vE "^#|^$" /etc/neutron/neutron.conf
        [DEFAULT]
        core_plugin = ml2
        service_plugins =
        transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
        auth_strategy = keystone
        notify_nova_on_port_status_changes = true
        notify_nova_on_port_data_changes = true
        [agent]
        
        [cors.subdomain]
        [database]
        connection = mysql+pymysql://neutron:123456@openstack-linux36-vip.magedu.net/neutron
        [keystone_authtoken]
        auth_uri = http://openstack-linux36-vip.magedu.net:5000
        auth_url = http://openstack-linux36-vip.magedu.net:35357
        memcached_servers = openstack-linux36-vip.magedu.net:11211
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        project_name = service
        username = neutron
        password = 123456
        [matchmaker_redis]
        [nova]
        auth_url = http://openstack-linux36-vip.magedu.net:35357
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        region_name = RegionOne
        project_name = service
        username = nova
        password = 123456
        [oslo_concurrency]
        lock_path = /var/lib/neutron/tmp
        [oslo_messaging_amqp]
        ############################################################################################
    
    
    # 配置 Modular Layer 2 (ML2) 插件(ML2插件使用Linuxbridge机制来为实例创建layer-2虚拟网络基础设施):
    # 编辑``/etc/neutron/plugins/ml2/ml2_conf.ini``文件并完成以下操作:
      1 在``[ml2]``部分,启用flat和VLAN网络:
      vim /etc/neutron/plugins/ml2/ml2_conf.ini
        [ml2]
        # ...
        type_drivers = flat,vlan
        
      2 在``[ml2]``部分,禁用私有网络(不让用户自行创建私有网络):
        [ml2]
        # ...
        tenant_network_types =
     
      3 在``[ml2]``部分,启用Linuxbridge机制:
        [ml2]
        # ...
        mechanism_drivers = linuxbridge
    
      4 在``[ml2]`` 部分,启用端口安全扩展驱动:
        [ml2]
        extension_drivers = port_security
        
      5 在``[ml2_type_flat]``部分,配置公共虚拟网络为flat网络:
        [ml2_type_flat]
        # ...
        #flat_networks = provider
         flat_networks = bridge
        
      6 在 ``[securitygroup]``部分,启用 ipset 增加安全组的方便性:
        [securitygroup]
        # ...
        enable_ipset = true
     ############################################################################################
        [root@cont-1 ~]# grep -vE "^#|^$" /etc/neutron/plugins/ml2/ml2_conf.ini
        [DEFAULT]
        [ml2]
        type_drivers = flat,vlan
        mechanism_drivers = linuxbridge
        tenant_network_types =
        extension_drivers = port_security
        [ml2_type_flat]
        flat_networks = linux36                   # 命名网络 后面会用到
        [ml2_type_geneve]
        [ml2_type_gre]
        [ml2_type_vlan]
        [ml2_type_vxlan]
        [securitygroup]
        enable_ipset = true
    
     ############################################################################################
    
    # Linuxbridge代理为实例建立layer-2虚拟网络并且处理安全组规则。
    # 编辑``/etc/neutron/plugins/ml2/linuxbridge_agent.ini``文件并且完成以下操作:
      1  在``[linux_bridge]``部分,将公共虚拟网络和公共物理网络接口对应起来:
        [linux_bridge]
        physical_interface_mappings = linux36:eth0        # 此处第一个是上面 ml2_config.ini -> flat_network = linux36 冒号后面是桥接的网卡名
    
      2  在``[vxlan]``部分,禁止VXLAN覆盖网络:
        [vxlan]
        enable_vxlan = false
    
      3 在 ``[securitygroup]``部分,启用安全组并配置 Linux 桥接 iptables 防火墙驱动:
        [securitygroup]
        # ...
        enable_security_group = true
        firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    
    [root@cont-1 neutron]# grep -vE '^$|^#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
    [DEFAULT]
    [agent]
    [linux_bridge]
    physical_interface_mappings = linux36:eth0
    [securitygroup]
    enable_security_group = true
    firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    [vxlan]
    enable_vxlan = false
    
     ############################################################################################
    
    # 编辑``/etc/neutron/dhcp_agent.ini``文件并完成下面的操作:
      1 在``[DEFAULT]``部分,配置Linuxbridge驱动接口,DHCP驱动并启用隔离元数据,这样在公共网络上的实例就可以通过网络来访问元数据
        vim /etc/neutron/dhcp_agent.ini
        [DEFAULT]
        interface_driver = linuxbridge
        dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
        enable_isolated_metadata = true
    
       
     ##############################至此  提供者网络 (bridge) 配置完成 返回网络配置 继续配置元数据代理#################################################
     
    #  配置元数据代理:
       1 编辑``/etc/neutron/metadata_agent.ini``文件并完成以下操作:
        [DEFAULT]
        # ...
        nova_metadata_ip = openstack-linux36-vip.magedu.net                            # 控制端地址  或者 是控制端的域名
        metadata_proxy_shared_secret = 20190620                                 # 密码自定义 一般选择年月日
    
     
     # 配置计算服务来使用网络服务:
       1 编辑``/etc/nova/nova.conf``文件并完成以下操作:
         在``[neutron]``部分,配置访问参数,启用元数据代理并设置密码:
        [neutron]
        url = http://openstack-linux36-vip.magedu.net:9696
        auth_url = http://openstack-linux36-vip.magedu.net:35357
        auth_type = password
        project_domain_name = default
        user_domain_name = default
        region_name = RegionOne
        project_name = service
        username = neutron
        password = 123456
        service_metadata_proxy = true
        metadata_proxy_shared_secret = 20190620
        
        [DEFAULT]
        use_neutron = True
        
        
        ***  完整/etc/nova/nova.conf  在文章末尾
        
    
    #########################################################################################################
    
    
     # 完成安装
      1 网络服务初始化脚本需要一个超链接 /etc/neutron/plugin.ini``指向ML2插件配置文件/etc/neutron/plugins/ml2/ml2_conf.ini``。如果超链接不存在,使用下面的命令创建它:
         ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
     
      2  同步数据库:
      su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf 
      --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
      
        INFO  [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab, Add routerport bindings for L3 HA
        INFO  [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0, migrate to pluggable ipam
        INFO  [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62, add standardattr to qos policies
        INFO  [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353, Add Name and Description to the networksegments table
        INFO  [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586, Add binding index to RouterL3AgentBinding
        INFO  [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d, Remove availability ranges.
          OK
          
      
      ***  如果有显示权限问题 请及时修改(参考下面的):
       [root@cont-1 ~]# ll -al /etc/neutron/
        total 136
        drwxr-xr-x   4 root root      181 May 27 18:48 .
        drwxr-xr-x. 88 root root     8192 May 26 18:51 ..
        drwxr-xr-x  11 root root      260 May 26 18:51 conf.d
        -rw-r-----   1 root neutron  9282 May 27 18:25 dhcp_agent.ini
        -rw-r-----   1 root neutron 12221 Feb 22  2017 l3_agent.ini
        -rw-r-----   1 root neutron 10711 May 27 18:35 metadata_agent.ini
        -rw-r-----   1 root neutron 73501 May 27 14:12 neutron.conf
        lrwxrwxrwx   1 root root       37 May 27 18:41 plugin.ini -> /etc/neutron/plugins/ml2/ml2_conf.ini
        drwxr-xr-x   3 root root       17 May 26 18:51 plugins
        -rw-r-----   1 root neutron 10148 Feb 22  2017 policy.json
        -rw-r--r--   1 root root     1195 Feb 22  2017 rootwrap.conf
        
     ############################################################################################
     
       3  重启计算API 服务:
          systemctl restart openstack-nova-api.service
     
       4  当系统启动时,启动 Networking 服务并配置它启动。
          对于两种网络选项:
          
        # systemctl enable neutron-server.service 
          neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
          neutron-metadata-agent.service
        # systemctl restart neutron-server.service 
          neutron-linuxbridge-agent.service neutron-dhcp-agent.service 
          neutron-metadata-agent.service
        
    

    安装和配置计算节点

    yum install openstack-neutron-linuxbridge ebtables ipset
    
    # 编辑``/etc/neutron/neutron.conf`` 文件并完成如下操作:
    # 在``[database]`` 部分,注释所有``connection`` 项,因为计算节点不直接访问数据库。
    # 在``[DEFAULT]``部分,配置``RabbitMQ``消息队列访问权限
    vim /etc/neutron/neutron.conf
    [DEFAULT]
    transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
    auth_strategy = keystone
    
    [keystone_authtoken]
    # ...
    auth_uri = http://openstack-linux36-vip.magedu.net:5000
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    memcached_servers = openstack-linux36-vip.magedu.net:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = neutron
    password = 123456
    
    
    [oslo_concurrency]
    # ...
    lock_path = /var/lib/neutron/tmp
    
    #########################################################################
    [DEFAULT]
    transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
    auth_strategy = keystone
    [agent]
    [cors]
    [cors.subdomain]
    [database]
    [keystone_authtoken]
    auth_uri = http://openstack-linux36-vip.magedu.net:5000
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    memcached_servers = openstack-linux36-vip.magedu.net:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = neutron
    password = 123456
    [matchmaker_redis]
    [nova]
    [oslo_concurrency]
    lock_path = /var/lib/neutron/tmp
    [oslo_messaging_amqp]
    [oslo_messaging_kafka]
    [oslo_messaging_notifications]
    [oslo_messaging_rabbit]
    [oslo_messaging_zmq]
    [oslo_middleware]
    [oslo_policy]
    [qos]
    [quotas]
    [ssl]
    
    #########################################################################
    
    ## 提供者网络 :
    vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
    
    [linux_bridge]
    physical_interface_mappings = linux36:eth0
    
    [vxlan]
    enable_vxlan = false
    
    [securitygroup]
    enable_security_group = true
    firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
    
    
    ## 配置计算服务来使用网络服务
    # 编辑``/etc/nova/nova.conf``文件并完成下面的操作:
    # 在``[neutron]`` 部分,配置访问参数:
    
    vim /etc/nova/nova.conf
    [neutron]
    url = http://openstack-linux36-vip.magedu.net:9696
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    region_name = RegionOne
    project_name = service
    username = neutron
    password = 123456
    
    
    ### 重启服务:
    systemctl restart openstack-nova-compute.service
    
    ### 启动Linuxbridge代理并配置它开机自启动:
    systemctl enable neutron-linuxbridge-agent.service
    systemctl start neutron-linuxbridge-agent.service
    
    
    # 在HAproxy转发的机器上配置转发:
    listen  openstack_dashboard_port_9696
     bind 0.0.0.0:9696
     mode tcp
     log global
     server 10.10.5.138 10.10.5.138:9696 check inter 3000 fall 2 rise 5
    
    # 重启即可:
    /etc/init.d/haproxy restart 
    
    

    验证操作

    # 在控制节点上执行这些命令。
    # 获得 admin 凭证来获取只有管理员能执行的命令的访问权限:
    source admin.sh
    openstack extension list --network
    
    # 执行结果:
    [root@cont-1 neutron]# openstack extension list --network
    +-------------------------------------------------------------+---------------------------+-------------------------------------------------------------------------------------------------+
    | Name                                                        | Alias                     | Description                                                                                     |
    +-------------------------------------------------------------+---------------------------+-------------------------------------------------------------------------------------------------+
    | Default Subnetpools                                         | default-subnetpools       | Provides ability to mark and use a subnetpool as the default                                    |
    | Availability Zone                                           | availability_zone         | The availability zone extension.                                                                |
    | Network Availability Zone                                   | network_availability_zone | Availability zone support for network.                                                          |
    | Port Binding                                                | binding                   | Expose port bindings of a virtual port to external application                                  |
    | agent                                                       | agent                     | The agent management extension.                                                                 |
    | Subnet Allocation                                           | subnet_allocation         | Enables allocation of subnets from a subnet pool                                                |
    | DHCP Agent Scheduler                                        | dhcp_agent_scheduler      | Schedule networks among dhcp agents                                                             |
    | Tag support                                                 | tag                       | Enables to set tag on resources.                                                                |
    | Neutron external network                                    | external-net              | Adds external network attribute to network resource.                                            |
    | Neutron Service Flavors                                     | flavors                   | Flavor specification for Neutron advanced services                                              |
    | Network MTU                                                 | net-mtu                   | Provides MTU attribute for a network resource.                                                  |
    | Network IP Availability                                     | network-ip-availability   | Provides IP availability data for each network and subnet.                                      |
    | Quota management support                                    | quotas                    | Expose functions for quotas management per tenant                                               |
    | Provider Network                                            | provider                  | Expose mapping of virtual networks to physical networks                                         |
    | Multi Provider Network                                      | multi-provider            | Expose mapping of virtual networks to multiple physical networks                                |
    | Address scope                                               | address-scope             | Address scopes extension.                                                                       |
    | Subnet service types                                        | subnet-service-types      | Provides ability to set the subnet service_types field                                          |
    | Resource timestamps                                         | standard-attr-timestamp   | Adds created_at and updated_at fields to all Neutron resources that have Neutron standard       |
    |                                                             |                           | attributes.                                                                                     |
    | Neutron Service Type Management                             | service-type              | API for retrieving service providers for Neutron advanced services                              |
    | Tag support for resources: subnet, subnetpool, port, router | tag-ext                   | Extends tag support to more L2 and L3 resources.                                                |
    | Neutron Extra DHCP opts                                     | extra_dhcp_opt            | Extra options configuration for DHCP. For example PXE boot options to DHCP clients can be       |
    |                                                             |                           | specified (e.g. tftp-server, server-ip-address, bootfile-name)                                  |
    | Resource revision numbers                                   | standard-attr-revisions   | This extension will display the revision number of neutron resources.                           |
    | Pagination support                                          | pagination                | Extension that indicates that pagination is enabled.                                            |
    | Sorting support                                             | sorting                   | Extension that indicates that sorting is enabled.                                               |
    | security-group                                              | security-group            | The security groups extension.                                                                  |
    | RBAC Policies                                               | rbac-policies             | Allows creation and modification of policies that control tenant access to resources.           |
    | standard-attr-description                                   | standard-attr-description | Extension to add descriptions to standard attributes                                            |
    | Port Security                                               | port-security             | Provides port security                                                                          |
    | Allowed Address Pairs                                       | allowed-address-pairs     | Provides allowed address pairs                                                                  |
    | project_id field enabled                                    | project-id                | Extension that indicates that project_id field is enabled.                                      |
    +-------------------------------------------------------------+---------------------------+-------------------------------------------------------------------------------------------------
    
    
    ## 具体排错:
    tail -f -n 100 /var/log/neutro/*
    tail -f -n 100 /var/log/nova/*
    ***可以忽略 warning 但是绝对不能出现 ERROR.
    

    控制端 nova.conf 服务:

    [root@cont-1 neutron]# grep -vE "^$|^#" /etc/nova/nova.conf 
    [DEFAULT]
    my_ip = 10.10.5.138
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
    transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
    manager=nova.conductor.manager.ConductorManager
    enabled_apis=osapi_compute,metadata
    [api]
    auth_strategy=keystone
    [api_database]
    connection = mysql+pymysql://nova:123456@openstack-linux36-vip.magedu.net/nova_api
    [barbican]
    [cache]
    [cells]
    [cinder]
    [cloudpipe]
    [conductor]
    [console]
    [consoleauth]
    [cors]
    [cors.subdomain]
    [crypto]
    [database]
    connection = mysql+pymysql://nova:123456@openstack-linux36-vip.magedu.net/nova
    [ephemeral_storage_encryption]
    [filter_scheduler]
    [glance]
    api_servers = http://openstack-linux36-vip.magedu.net:9292
    [guestfs]
    [healthcheck]
    [hyperv]
    [image_file_url]
    [ironic]
    [key_manager]
    [keystone_authtoken]
    auth_uri = http://openstack-linux36-vip.magedu.net:5000
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    memcached_servers = openstack-linux36-vip.magedu.net:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = 123456
    [libvirt]
    [matchmaker_redis]
    [metrics]
    [mks]
    [neutron]
    url = http://openstack-linux36-vip.magedu.net:9696
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    region_name = RegionOne
    project_name = service
    username = neutron
    password = 123456
    service_metadata_proxy = true
    metadata_proxy_shared_secret = 20190620
    [notifications]
    [osapi_v21]
    [oslo_concurrency]
    lock_path=/var/lib/nova/tmp
    [oslo_messaging_amqp]
    [oslo_messaging_kafka]
    [oslo_messaging_notifications]
    [oslo_messaging_rabbit]
    [oslo_messaging_zmq]
    [oslo_middleware]
    [oslo_policy]
    [pci]
    [placement]
    os_region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://openstack-linux36-vip.magedu.net:35357/v3
    username = placement
    password = 123456
    [placement_database]
    [quota]
    [rdp]
    [remote_debug]
    [scheduler]
    [serial_console]
    [service_user]
    [spice]
    [ssl]
    [trusted_computing]
    [upgrade_levels]
    [vendordata_dynamic_auth]
    [vmware]
    [vnc]
    [vnc]
    enabled = true
    vncserver_listen =  $my_ip
    vncserver_proxyclient_address =  $my_ip
    [workarounds]
    [wsgi]
    [xenserver]
    [xvp]
    
    

    计算节点nova.conf:

    grep -vE "^$|^#" /etc/nova/nova.conf  
    [DEFAULT]
    enabled_apis = osapi_compute,metadata
    transport_url = rabbit://openstack:123456@openstack-linux36-vip.magedu.net
    use_neutron = True
    firewall_driver = nova.virt.firewall.NoopFirewallDriver
    [api]
    auth_strategy = keystone
    [api_database]
    [barbican]
    [cache]
    [cells]
    [cinder]
    [cloudpipe]
    [conductor]
    [console]
    [consoleauth]
    [cors]
    [cors.subdomain]
    [crypto]
    [database]
    [ephemeral_storage_encryption]
    [filter_scheduler]
    [glance]
    api_servers = http://openstack-linux36-vip.magedu.net:9292
    [guestfs]
    [healthcheck]
    [hyperv]
    [image_file_url]
    [ironic]
    [key_manager]
    [keystone_authtoken]
    auth_uri = http://openstack-linux36-vip.magedu.net:5000
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    memcached_servers = openstack-linux36-vip.magedu.net:11211
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    project_name = service
    username = nova
    password = 123456
    [libvirt]
    virt_type=qemu
    [matchmaker_redis]
    [metrics]
    [mks]
    [neutron]
    url = http://openstack-linux36-vip.magedu.net:9696
    auth_url = http://openstack-linux36-vip.magedu.net:35357
    auth_type = password
    project_domain_name = default
    user_domain_name = default
    region_name = RegionOne
    project_name = service
    username = neutron
    password = 123456
    [notifications]
    [osapi_v21]
    [oslo_concurrency]
    lock_path=/var/lib/nova/tmp
    [oslo_messaging_amqp]
    [oslo_messaging_kafka]
    [oslo_messaging_notifications]
    [oslo_messaging_rabbit]
    [oslo_messaging_zmq]
    [oslo_middleware]
    [oslo_policy]
    [pci]
    [placement]
    os_region_name = RegionOne
    project_domain_name = Default
    project_name = service
    auth_type = password
    user_domain_name = Default
    auth_url = http://openstack-linux36-vip.magedu.net:35357/v3
    username = placement
    password = 123456
    [placement_database]
    [quota]
    [rdp]
    [remote_debug]
    [scheduler]
    [serial_console]
    [service_user]
    [spice]
    [ssl]
    [trusted_computing]
    [upgrade_levels]
    [vendordata_dynamic_auth]
    [vmware]
    [vnc]
    enabled = True
    vncserver_listen = 0.0.0.0
    vncserver_proxyclient_address = 10.10.5.135
    novncproxy_base_url = http://openstack-linux36-vip.magedu.net:6080/vnc_auto.html
    [workarounds]
    [wsgi]
    [xenserver]
    [xvp]
    
  • 相关阅读:
    ajax发送cookies
    关于几个入口
    关于.net的概念
    codeproject
    Chrome extension
    modern web application
    JavaScript类型转换
    js方法在iframe父子窗口
    javascript book
    MVC Controller
  • 原文地址:https://www.cnblogs.com/zhenxing06/p/13025357.html
Copyright © 2020-2023  润新知