1 您需要了解
- 本篇为手工搭建第
6篇,进行OpenStack Neutron组件安装 - 操作系统版本
CentOS Stream 8,最小化安装,可参考下方相关文章G003完成系统安装,步骤一致 - 安装源您可访问 CentOS官网 / 阿里永久镜像站 / 华为永久镜像站 或其他镜像站进行下载
- 环境用到
2台虚拟机,单网卡,并为其配置静态 IP及DNS,具体规划请参考第 2 章环境规划 - 从
Ussuri版本开始,需要使用CentOS 8或RHEL 8,截至发稿前,Stream 8 版本支持的最高版本为yoga - 文中用到的本地源文件,如有需要请站内私信获取,手工搭建流程参考官方安装指南
- 密码约定:本文所有和数据库及消息队列相关的密码统一设定
rootroot,openstack 组件用户密码统一设定redhat - 为有更好的浏览体验,您可以点击文章左上方
目录按钮来显示文章整体目录结构
- 相关文章
- G003-OS-LIN-RHEL-01 红帽 8.4 安装
- G033-OP-COA-OPEN-04 CentOS Stream 8 通过 Packstack 安装开源 OpenStack(V版)
- G041-OP-COA-OPEN-05 CentOS Stream 8 手工搭建 OpenStack V 版(01基础环境设置)
- G042-OP-COA-OPEN-06 CentOS Stream 8 手工搭建 OpenStack V 版(02 Keystone)
- G043-OP-COA-OPEN-07 CentOS Stream 8 手工搭建 OpenStack V 版(03 Glance)
- G044-OP-COA-OPEN-08 CentOS Stream 8 手工搭建 OpenStack V 版(04 Placement)
- G045-OP-COA-OPEN-09 CentOS Stream 8 手工搭建 OpenStack V 版(05 Nova)
2 环境规划
计算节点必须开启虚拟化引擎 Intel VT-x 或 AMD-V。虚拟机配置可根据实际情况进行调整。
| 主机名 | IP | 网关/DNS | CPU/内存 | 磁盘 | 角色 | 备注 |
|---|---|---|---|---|---|---|
| controller | 192.168.100.167 | 192.168.100.2 | 4c16g | 100g | 控制/网络 | / |
| compute | 192.168.100.168 | 192.168.100.2 | 4c16g | 100g | 计算节点 | 必须开启虚拟化引擎 |
3 控制节点
官方链接:https://docs.openstack.org/neutron/victoria/install/controller-install-rdo.html#prerequisites
3.1 建库及授权
[root@controller ~]# source keystonerc_admin
[root@controller ~(admin)]$ mysql -uroot -prootroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 32
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'rootroot';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'rootroot';
Query OK, 0 rows affected (0.000 sec)
MariaDB [(none)]> exit
Bye
3.2 创建用户及关联角色
[root@controller ~(admin)]$ openstack user create --domain default --password-prompt neutron
User Password: *** 输入密码 redhat ***
Repeat User Password: *** 输入密码 redhat ***
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 5bbbfe5a418f4f3ab168404fbbf20fae |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~(admin)]$ openstack role add --project service --user neutron admin
[root@controller ~(admin)]$ openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| 03679f60d2da431080d0ecf9d095c99a | admin |
| ce938b103d8d4062a4aaf6820b21828e | myuser |
| 05b165e480ac401ab476c6f3670e77bf | glance |
| dcc835a9394c4adfa654d18089963d4c | placement |
| 8a2e97c43da8409391204422634a1354 | nova |
| 5bbbfe5a418f4f3ab168404fbbf20fae | neutron |
+----------------------------------+-----------+
3.3 创建服务及注册API
[root@controller ~(admin)]$ openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 63d8b0785c704811b2f2e673bce49971 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1615308bec16455dad7030d8cbefd7ff |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 63d8b0785c704811b2f2e673bce49971 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 048dbc1d6de6461eb92ec88f2eadb301 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 63d8b0785c704811b2f2e673bce49971 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 5c0c7b2f4b3a4a0ea246fb3f28198ff1 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 63d8b0785c704811b2f2e673bce49971 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| 048dbc1d6de6461eb92ec88f2eadb301 | RegionOne | neutron | network | True | internal | http://controller:9696 |
| 0c513a35ad7245c983c40acda80db882 | RegionOne | glance | image | True | admin | http://controller:9292 |
| 1615308bec16455dad7030d8cbefd7ff | RegionOne | neutron | network | True | public | http://controller:9696 |
| 239e1ed04690449f9440d281aefca9f6 | RegionOne | glance | image | True | internal | http://controller:9292 |
| 24527053adf04893b84f72e4054976e1 | RegionOne | placement | placement | True | admin | http://controller:8778 |
| 35fa1a3cbc564734af00ecc82faf15d9 | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 |
| 37f59fc3da0743ef85f282e3828b270e | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 |
| 5c0c7b2f4b3a4a0ea246fb3f28198ff1 | RegionOne | neutron | network | True | admin | http://controller:9696 |
| 672d0fd0435d4c6e8687a07763c1a36b | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ |
| 84f4c26a119f4a96a421d5dbe7121bb2 | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ |
| 96c0989c97b04d86beb59aa075d2d403 | RegionOne | placement | placement | True | public | http://controller:8778 |
| 9cbcced7c9854cc58ac2d4a7fe4f0c52 | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ |
| 9e4f7f90257441cc8ba6132e94fcee04 | RegionOne | placement | placement | True | internal | http://controller:8778 |
| e027747203f8439f81b83647b8916488 | RegionOne | glance | image | True | public | http://controller:9292 |
| e09eb05f588f40d3860195905f62130a | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
3.4 安装包
[root@controller ~(admin)]$ yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
*** 输出信息节选 ***
Last metadata expiration check: 1 day, 0:10:26 ago on Wed 09 Aug 2023 03:11:39 PM CST.
Package iptables-ebtables-1.8.4-24.el8.x86_64 is already installed.
Dependencies resolved.
=====================================================================================================================================
Package Architecture Version Repository Size
=====================================================================================================================================
Installing:
openstack-neutron noarch 1:17.4.1-1.el8 centos-openstack-victoria 27 k
openstack-neutron-linuxbridge noarch 1:17.4.1-1.el8 centos-openstack-victoria 17 k
openstack-neutron-ml2 noarch 1:17.4.1-1.el8 centos-openstack-victoria 16 k
Installing dependencies:
......
python3-os-ken-1.2.1-1.el8.noarch python3-os-xenapi-0.3.4-1.el8.noarch
python3-pecan-1.3.3-2.el8s.noarch python3-setproctitle-1.1.10-16.el8.x86_64
python3-tinyrpc-1.0.3-1.el8.noarch python3-waitress-1.4.4-1.el8s.noarch
python3-webtest-2.0.35-3.el8s.noarch python3-zmq-19.0.0-3.el8.x86_64
radvd-2.17-15.el8.x86_64 zeromq-4.3.2-1.el8.x86_64
Complete!
3.5 编辑配置文件
3.5.1 编辑 neutron 配置文件
[root@controller ~(admin)]$ vim /etc/neutron/neutron.conf
*** 找到对应标签并编辑以下内容 ***
[database]
connection = mysql+pymysql://neutron:rootroot@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:rootroot@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = redhat
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = redhat
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
3.5.2 编辑 ml2 配置文件
[root@controller ~(admin)]$ vim /etc/neutron/plugins/ml2/ml2_conf.ini
*** 编辑以下内容 ***
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
3.5.3 配置 Linux 网桥代理
[root@controller ~(admin)]$ vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.167
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
3.5.4 启用网桥支持
[root@controller ~(admin)]$ modprobe br_netfilter
[root@controller ~(admin)]$ sysctl net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 1
[root@controller ~(admin)]$ sysctl net.bridge.bridge-nf-call-ip6tables
net.bridge.bridge-nf-call-ip6tables = 1
3.5.5 配置三层代理
[root@controller ~(admin)]$ vim /etc/neutron/l3_agent.ini
*** 编辑以下内容 ***
[DEFAULT]
interface_driver = linuxbridge
3.5.6 配置 DHCP 代理
[root@controller ~(admin)]$ vim /etc/neutron/dhcp_agent.ini
*** 编辑以下内容 ***
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
3.5.7 配置元数据代理
[root@controller ~(admin)]$ vim /etc/neutron/metadata_agent.ini
*** 编辑以下内容 ***
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = rootroot
3.5.8 配置计算服务
[root@controller ~(admin)]$ vim /etc/nova/nova.conf
*** 找到对应标签编辑以下内容 ***
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
service_metadata_proxy = true
metadata_proxy_shared_secret = rootroot
3.6 初始化数据库
[root@controller ~(admin)]$ ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@controller ~(admin)]$ su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> kilo
INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225
INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151
INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf
INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee
INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f
INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773
INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592
INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7
INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79
INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051
INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136
INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59
INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d
INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a
INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25
INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee
INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9
INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4
INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664
INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5
INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f
INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821
INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4
INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81
INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6
INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532
INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f
INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a
INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b
INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73
INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99
INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada
INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016
INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3
INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d
INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d
INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297
INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c
INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39
INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b
INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050
INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9
INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada
INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc
INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53
INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70
INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90
INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4
INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426
INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524
INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502
INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee
INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048
INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4
INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a
INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad
INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37
INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa
INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf
INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4
INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e
INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc
INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d
INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70
INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c
INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c
INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da
INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192
INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9
INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6
INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f
INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee
INFO [alembic.runtime.migration] Running upgrade 594422d373ee -> 61663558142c
INFO [alembic.runtime.migration] Running upgrade 61663558142c -> 867d39095bf4, port forwarding
INFO [alembic.runtime.migration] Running upgrade 867d39095bf4 -> d72db3e25539, modify uniq port forwarding
INFO [alembic.runtime.migration] Running upgrade d72db3e25539 -> cada2437bf41
INFO [alembic.runtime.migration] Running upgrade cada2437bf41 -> 195176fb410d, router gateway IP QoS
INFO [alembic.runtime.migration] Running upgrade 195176fb410d -> fb0167bd9639
INFO [alembic.runtime.migration] Running upgrade fb0167bd9639 -> 0ff9e3881597
INFO [alembic.runtime.migration] Running upgrade 0ff9e3881597 -> 9bfad3f1e780
INFO [alembic.runtime.migration] Running upgrade 9bfad3f1e780 -> 63fd95af7dcd
INFO [alembic.runtime.migration] Running upgrade 63fd95af7dcd -> c613d0b82681
INFO [alembic.runtime.migration] Running upgrade c613d0b82681 -> c3e9d13c4367
INFO [alembic.runtime.migration] Running upgrade c3e9d13c4367 -> 86274d77933e
INFO [alembic.runtime.migration] Running upgrade 86274d77933e -> f4b9654dd40c
INFO [alembic.runtime.migration] Running upgrade f4b9654dd40c -> a010322604bc
INFO [alembic.runtime.migration] Running upgrade a010322604bc -> 263d454a9655
INFO [alembic.runtime.migration] Running upgrade 263d454a9655 -> Ibac91d24da2
INFO [alembic.runtime.migration] Running upgrade Ibac91d24da2 -> 2217c4222de6
INFO [alembic.runtime.migration] Running upgrade 2217c4222de6 -> 18a7e90ae768
INFO [alembic.runtime.migration] Running upgrade 18a7e90ae768 -> e4e236b0e1ff
INFO [alembic.runtime.migration] Running upgrade e4e236b0e1ff -> e88badaa9591
INFO [alembic.runtime.migration] Running upgrade e88badaa9591 -> d8bdf05313f4
INFO [alembic.runtime.migration] Running upgrade d8bdf05313f4 -> dfe425060830
INFO [alembic.runtime.migration] Running upgrade dfe425060830 -> fd6107509ccd
INFO [alembic.runtime.migration] Running upgrade fd6107509ccd -> 1ea5dab0897a
INFO [alembic.runtime.migration] Running upgrade 1ea5dab0897a -> 49d8622c5221
INFO [alembic.runtime.migration] Running upgrade 49d8622c5221 -> I38991de2b4
INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab
INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0
INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d
OK
3.7 启动服务
[root@controller ~(admin)]$ systemctl restart openstack-nova-api.service
[root@controller ~(admin)]$ systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-server.service → /usr/lib/systemd/system/neutron-server.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service → /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service → /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service → /usr/lib/systemd/system/neutron-metadata-agent.service.
[root@controller ~(admin)]$ systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller ~(admin)]$ systemctl enable neutron-l3-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service → /usr/lib/systemd/system/neutron-l3-agent.service.
[root@controller ~(admin)]$ systemctl start neutron-l3-agent.service
4 计算节点
官方链接:https://docs.openstack.org/neutron/victoria/install/compute-install-rdo.html
4.1 安装包
[root@compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y
*** 输出信息节选 ***
Last metadata expiration check: 1:03:53 ago on Thu 10 Aug 2023 03:32:14 PM CST.
Package iptables-ebtables-1.8.4-24.el8.x86_64 is already installed.
Package ipset-7.1-1.el8.x86_64 is already installed.
Dependencies resolved.
=====================================================================================================================================
Package Architecture Version Repository Size
=====================================================================================================================================
Installing:
openstack-neutron-linuxbridge noarch 1:17.4.1-1.el8 centos-openstack-victoria 17 k
Installing dependencies:
......
Installed:
libunwind-1.4.0-5.el8s.x86_64 openpgm-5.2.122-21.el8.x86_64
openstack-neutron-common-1:17.4.1-1.el8.noarch openstack-neutron-linuxbridge-1:17.4.1-1.el8.noarch
python3-designateclient-4.1.0-2.el8.noarch python3-gevent-1.2.2-4.el8.x86_64
python3-httplib2-0.10.3-4.el8.noarch python3-logutils-0.3.5-11.el8s.noarch
python3-neutron-1:17.4.1-1.el8.noarch python3-neutron-lib-2.6.2-1.el8.noarch
python3-os-ken-1.2.1-1.el8.noarch python3-os-xenapi-0.3.4-1.el8.noarch
python3-osprofiler-3.4.0-2.el8.noarch python3-pecan-1.3.3-2.el8s.noarch
python3-setproctitle-1.1.10-16.el8.x86_64 python3-tinyrpc-1.0.3-1.el8.noarch
python3-waitress-1.4.4-1.el8s.noarch python3-webtest-2.0.35-3.el8s.noarch
python3-werkzeug-1.0.1-3.el8.noarch python3-zmq-19.0.0-3.el8.x86_64
zeromq-4.3.2-1.el8.x86_64
Complete!
4.2 编辑 neutron 配置文件
[root@compute ~]# vim /etc/neutron/neutron.conf
[DEFAULT]
transport_url = rabbit://openstack:rootroot@controller
auth_strategy = keystone
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = redhat
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
4.3 配置 Linux 网桥代理
[root@compute ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.168
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
4.4 启用网桥支持
[root@compute ~]# modprobe br_netfilter
[root@compute ~]# sysctl net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 1
[root@compute ~]# sysctl net.bridge.bridge-nf-call-ip6tables
net.bridge.bridge-nf-call-ip6tables = 1
4.5 配置计算服务
[root@compute ~]# vim /etc/nova/nova.conf
*** 找到对应标签并编辑以下内容 ***
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
5 启动服务并测试
[root@compute ~]# systemctl restart openstack-nova-compute.service
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service → /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
*** 切换到控制节点查看服务状态 ***
[root@controller ~(admin)]$ openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 11513ee1-9436-448c-859b-c53979a3c0a3 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| a10c2778-0a10-4683-8f87-6e62f79cc50d | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
| a3c56473-ef82-41b1-8843-aeadfdc56a2a | Linux bridge agent | compute | None | :-) | UP | neutron-linuxbridge-agent |
| ad313d4f-bf25-4e46-8724-8f90865667d5 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
- END
