导航：首页 > 服务器 >

OpenStack stein安装（七）neutron on controller

发表于：2024-11-11 作者：千家信息网编辑

千家信息网最后更新 2024年11月11日， OpenStack网络(neutron)允许您创建并将其他OpenStack服务管理的接口设备附加到网络上。可以实现插件来适应不同的网络设备和软件，从而为OpenStack体系结构和部署提供灵活性

千家信息网最后更新 2024年11月11日OpenStack stein安装（七）neutron on controller

OpenStack网络(neutron)允许您创建并将其他OpenStack服务管理的接口设备附加到网络上。可以实现插件来适应不同的网络设备和软件，从而为OpenStack体系结构和部署提供灵活性。
它包括以下组成部分:

neutron-server
接受API请求并将其路由到适当的OpenStack网络插件以执行操作。
OpenStack Networking plug-ins and agents
插件式的网络端口，创建网络或子网，并提供IP地址。这些插件和代理的差异取决于特定云中使用的供应商和技术。OpenStack网络附带了用于Cisco虚拟和物理交换机、NEC OpenFlow产品、Open vSwitch、Linux桥接和VMware NSX产品的插件和代理。
常见的代理包括L3 (layer 3)、DHCP(动态主机IP寻址)和插件代理。
Messaging queue
大多数OpenStack网络安装都使用它在neutron-server和各种代理之间路由信息。还充当数据库，存储特定插件的网络状态。
Prerequisites
Before you configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API endpoints.
1. To create the database, complete these steps:
```
○ Use the database access client to connect to the database server as the root user:$ mysql -u root -p root123○ Create the neutron database:MariaDB [keystone]> CREATE DATABASE neutron;○ Grant proper access to the neutron database, replacing NEUTRON_DBPASS with a suitable password:MariaDB [keystone]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron123';
```
2. Source the admin credentials to gain access to admin-only CLI commands:
```
$ . admin-openrc
```
3. To create the service credentials, complete these steps:
```
○ Create the neutron user:$ openstack user create --domain default --password-prompt neutronUser Password:neutron123Repeat User Password:neutron123+---------------------+----------------------------------+| Field               | Value                            |+---------------------+----------------------------------+| domain_id           | default                          || enabled             | True                             || id                  | fdb0f541e28141719b6a43c8944bf1fb || name                | neutron                          || options             | {}                               || password_expires_at | None                             |+---------------------+----------------------------------+○ Add the admin role to the neutron user:$ openstack role add --project service --user neutron admin Note: This command provides no output.○ Create the neutron service entity:$ openstack service create --name neutron --description "OpenStack Networking" network+-------------+----------------------------------+| Field       | Value                            |+-------------+----------------------------------+| description | OpenStack Networking             || enabled     | True                             || id          | f71529314dab4a4d8eca427e701d209e || name        | neutron                          || type        | network                          |+-------------+----------------------------------+
```
4. Create the Networking service API endpoints:
```
#openstack endpoint create --region RegionOne network public http://stack.flex.net:9696+--------------+----------------------------------+| Field        | Value                            |+--------------+----------------------------------+| enabled      | True                             || id           | 85d80a6d02fc4b7683f611d7fc1493a3 || interface    | public                           || region       | RegionOne                        || region_id    | RegionOne                        || service_id   | f71529314dab4a4d8eca427e701d209e || service_name | neutron                          || service_type | network                          || url          | http://stack.flex.net:9696           |+--------------+----------------------------------+
```
#openstack endpoint create --region RegionOne network internal http://stack.flex.net:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 09753b537ac74422a68d2d791cf3714f |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron |
| service_type | network |
| url | http://stack.flex.net:9696 |
+--------------+----------------------------------+
#openstack endpoint create --region RegionOne network admin http://stack.flex.net:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1ee14289c9374dffb5db92a5c112fc4e |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | f71529314dab4a4d8eca427e701d209e |
| service_name | neutron |
| service_type | network |
| url | http://stack.flex.net:9696 |
+--------------+----------------------------------+
```
#### Configure networking options
```
可以使用选项1和选项2表示的两种体系结构中的一种部署网络服务。
选项1部署了最简单的体系结构，它只支持将实例附加到provider(external)网络。没有self-service(private)网络、路由器或浮动IP地址。只有管理员或其他特权用户才能管理provider网络。
选项2支持将实例附加到自助服务网络的3层服务来增强选项1。demo或其他无特权用户可以管理自助服务网络，包括在自助服务网络和提供者网络之间提供连接的路由器。此外，浮动IP地址使用来自外部网络(如Internet)的自助服务网络提供到实例的连接。
自服务网络通常使用overlay网络。overlay网络协议如vxlan包括额外的头部信息，这些头文件增加了开销，减少了有效负载或用户数据可用的空间。在不了解虚拟网络基础设施的情况下，实例尝试使用默认的1500字节以太网最大传输单元(MTU)发送数据包。网络服务通过DHCP自动向实例提供正确的MTU值。但是，有些云镜像不使用DHCP或忽略DHCP MTU选项，需要使用元数据或脚本进行配置。
选择下列网络选项中的一个，或两个全选，参看下面的两个章节。并返回这里再向下继续配置
○ Networking Option 1: Provider networks
○ Networking Option 2: Self-service networks

Configure the metadata agent

The metadata agent provides configuration information such as credentials to instances.
Edit the /etc/neutron/metadata_agent.ini file and complete the following actions:

    ○ In the [DEFAULT] section, configure the metadata host and shared secret:        [DEFAULT]        # ...        nova_metadata_host = stack.flex.net        metadata_proxy_shared_secret = 1234         Replace METADATA_SECRET with a suitable secret for the metadata proxy.

Configure the Compute service to use the Networking service

Note: The Nova compute service must be installed to complete this step.
Edit the /etc/nova/nova.conf file and perform the following actions:

    ○ In the [neutron] section, configure access parameters, enable the metadata proxy, and configure the secret:        [neutron]        # ...        url = http://stack.flex.net:9696        auth_url = http://stack.flex.net:5000        auth_type = password        project_domain_name = default        user_domain_name = default        region_name = RegionOne        project_name = service        username = neutron        password = neutron123        service_metadata_proxy = true        metadata_proxy_shared_secret = 1234

Finalize installation

The Networking service initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration file, /etc/neutron/plugins/ml2/ml2_conf.ini. If this symbolic link does not exist, create it using the following command:
```
# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
```

Populate the database:

# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron注意：由于脚本需要完整的服务器和插件配置文件，数据库填充将在稍后用于网络。

Restart the Compute API service:

# systemctl restart openstack-nova-api.service

Start the Networking services and configure them to start when the system boots.

For both networking options:    # systemctl enable neutron-server.service \      neutron-linuxbridge-agent.service neutron-dhcp-agent.service \      neutron-metadata-agent.service    # systemctl start neutron-server.service \      neutron-linuxbridge-agent.service neutron-dhcp-agent.service \      neutron-metadata-agent.serviceFor networking option 2, also enable and start the layer-3 service:    # systemctl enable neutron-l3-agent.service    # systemctl start neutron-l3-agent.service

很赞哦！