Openstack (Kilo) Installation series neutron (ix)

Control node

Before configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API Endpoint.

First, create the neutron database and authorize

1. Logging into the database

Mysql-u root-p

2. Create a database and authorize

CREATE DATABASENeutron;GRANT  All Privileges  onNeutron.*  to 'Neutron'@'localhost'identified by 'Neutron_dbpass';GRANT  All Privileges  onNeutron.*  to 'Neutron'@'%'identified by 'Neutron_dbpass';

Replace NEUTRON_DBPASS with a suitable password.

Source the admin credentials to gain access to admin-only CLI commands:

SOURCE ADMIN-OPENRC. SH

3.To Create the service credentials, complete these steps:

Create the neutron User:

OpenStack User Create--password-prompt Neutron

ADD the admin role to the neutron User:

OpenStack role Add--project service--user Neutron admin

Create the neutron service entity:

OpenStack Service Create--name neutron   "openstack Networking" Network

Create the Networking service API endpoint:

OpenStack Endpoint Create    --publicurl http://controller:9696 \  --adminurl http://controller:9696 \  --internalurl http://controller:9696 \  --Regionregionone   Network

To install the Networking components

Yum Install which

To configure the Networking server component

The Networking server component configuration includes the database, authentication mechanism, message queue, Topology Cha Nge notifications, and plug-in.

Edit the file and complete the /etc/neutron/neutron.conf following actions:

[database]in the section, configure database access:

= MySQL://neutron:[email Protected]/neutron

Replace NEUTRON_DBPASS with the password your chose for the database.

[DEFAULT] [oslo_messaging_rabbit] in the and sections, configure RabbitMQ message queue access:

= = = = Rabbit_pass

Replace RABBIT_PASS with the password your chose for the account in openstack RabbitMQ.

[DEFAULT] [keystone_authtoken] in the and sections, configure Identity service access:

== http://controller:5000auth_url = http://controller:35357auth_ Plugin == = = == Neutron_pass

Replace NEUTRON_PASS with the password your chose for the neutron user in the Identity service.

Note: Comment out or remove any other options in the section [keystone_authtoken] .

[DEFAULT]in the section, enable the Modular Layer 2 (ML2) plug-in, router service, and overlapping IP addresses:

== = True

[DEFAULT] [nova] in the and sections, configure Networking to notify Compute of network topology changes:

 [default]...notify_nova_on_port_status_changes  =  truenotify_nova_on_port_data_changes  = Truenova_url  = Http:// controller:8774/ V2   [Nova]...auth_url  = Http:// Span style= "color: #008000;" >controller:35357  auth_plugin = passwordproject_domain_id  = defaultuser_domain_id  = Defaultregion_name  =  Regiononeproject_name  = serviceusername  = Novapassword  = Nova_pass 

Replace with the password your chose for the user in the NOVA_PASS nova Identity service.

(Optional) To assist with troubleshooting, enable verbose logging in the section [DEFAULT] :

= True

To configure the Modular Layer 2 (ML2) plug-in

The ML2 plug-in uses the Open VSwitch (OVS) mechanism (agent) to build the virtual networking framework for instances. However, the controller node does not need the OVS components because it does not handle instance network traffic.

Edit the file and complete the /etc/neutron/plugins/ml2/ml2_conf.ini following actions:

In [ml2] the section, enable the flat, VLAN, Generic Routing Encapsulation (GRE), and virtual extensible LAN (VXLAN) netwo RK type drivers, GRE tenant networks, and the OVS mechanism driver:

= == Openvswitch

Note: Once Configure the ML2 plug-in, changing values in the type_drivers option can leads to database inconsistency.

[ml2_type_gre]in the section, configure the tunnel identifier (ID) range:

1:

In [securitygroup] the section, enable security groups, enable Ipset, and configure the OVS iptables firewall driver:

= = =neutron.agent.linux.iptables_firewall. Ovshybridiptablesfirewalldriver

To configure Compute to use Networking

By default, the distribution packages configure Compute to use legacy networking. You must reconfigure Compute to manage networks through Networking.

Edit the file on the controller node and complete the /etc/nova/nova.conf following actions:

[DEFAULT]in the section, configure the APIs and drivers:

= = = = Nova.virt.firewall.NoopFirewallDriver

[neutron]in the section, configure Access parameters:

= http://controller:9696auth_strategy == http://controller:35357/v2.0 admin_tenant_name == = Neutron_pass

Replace NEUTRON_PASS with the password your chose for the neutron user in the Identity service.

To finalize Installation

1.The Networking Service Initialization scripts expect a symbolic link /etc/neutron/plugin.ini pointing to the ML2 plug-in configuration fil E, /etc/neutron/plugins/ml2/ml2_conf.ini . If This symbolic link does not exist, create it using the following command:

LN -s/etc/neutron/plugins/ml2/ml2_conf.ini/etc/neutron/plugin.ini

2.Populate the database:

su -s/bin/sh"neutron-db-manage--config-file/etc/neutron/neutron.conf \  - -config-filehead"  neutron

Note: Database population occurs later for Networking because the script requires complete server and plug-in configuration F Iles.

3.Restart The Compute services:

Systemctl Restart Openstack-nova-api.service openstack-nova-scheduler.service   OpenStack- Nova-conductor.service

4.Start The Networking service and configure it to Start when the system boots:

Systemctl Enable neutron-server.servicesystemctl start neutron-server.service

Verify operation

Note: Perform These commands on the controller node.

1.Source the admin credentials to gain access to admin-only CLI commands:

SOURCE ADMIN-OPENRC. SH

2.List loaded extensions to verify successful launch of the neutron-server process:

Neutron ext-list

Openstack (Kilo) Installation series neutron (ix)