Water's Home

Just another Life Style

0%

Controller --- Neutron

Posted on Edited on In , ,

Create Neutron User

[root@controller ~]# source /root/admin-openrc
[root@controller ~]# openstack user create –domain default neutron –password password
[root@controller ~]# openstack role add –project service –user neutron admin

Create Neutron Service

[root@controller ~]# openstack service create –name neutron –description “OpenStack Networking” network

Create Endpoint

[root@controller ~]# openstack endpoint create –region RegionOne network public http://controller:9696
[root@controller ~]# openstack endpoint create –region RegionOne network internal http://controller:9696
[root@controller ~]# openstack endpoint create –region RegionOne network admin http://controller:9696

Install Neutron

[root@controller ~]# yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y

Configure Neutron

[root@controller ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT service_plugins router
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:password@controller
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes True
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken memcached_servers controller:11211
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf keystone_authtoken password password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:password@controller/neutron
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova auth_type password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova project_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova user_domain_name default
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova region_name RegionOne
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova project_name service
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova username nova
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf nova password password
[root@controller ~]# openstack-config –set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp

Configure ML2

[root@controller ~]# cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers linuxbridge,l2population
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 path_mtu 1500
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset True

Configure LinuxBridge Agent

[root@controller ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini DEFAULT debug false
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:enp0s3
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 10.2.2.61
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
[root@controller ~]# openstack-config –set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure L3 Agent

[root@controller ~]# cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT external_network_bridge
[root@controller ~]# openstack-config –set /etc/neutron/l3_agent.ini DEFAULT debug false

Configure DHCP Agent

[root@controller ~]# cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT verbose True
[root@controller ~]# openstack-config –set /etc/neutron/dhcp_agent.ini DEFAULT debug false

Configure Neutron For Nova Service

[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron url http://controller:9696
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron auth_url http://controller:35357
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron auth_plugin password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron project_domain_id default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron user_domain_id default
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron region_name RegionOne
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron project_name service
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron username neutron
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron password password
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron service_metadata_proxy True
[root@controller ~]# openstack-config –set /etc/nova/nova.conf neutron metadata_proxy_shared_secret password

Configure DHCP Option

[root@controller ~]# echo “dhcp-option-force=26,1450” >/etc/neutron/dnsmasq-neutron.conf

Configure Metadata Agent

[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_ip controller
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret password
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT metadata_workers 4
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT verbose True
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT debug false
[root@controller ~]# openstack-config –set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_protocol http

Configure Neutron For ML2

[root@controller ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Synchronize Database

[root@controller ~]# su -s /bin/sh -c “neutron-db-manage –config-file /etc/neutron/neutron.conf –config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head” neutron

Restart Nova Service

[root@controller ~]# systemctl restart openstack-nova-api.service
[root@controller ~]# systemctl status openstack-nova-api.service

Start Neutron L3 Service

[root@controller ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service

List Neutron Agent

[root@controller ~]# openstack network agent list