Directory
- Directory
- List of previous texts
- Installing components
- Configuring Common Components
- Configure Self-service network options
- Configuring the Linux bridging Agent
- Configure Nova to use the network
- Complete the installation
- Validation action execute following commands on Controller Node
List of previous texts
OpenStack Component Deployment-overview and pre-environment readiness
OpenStack Build Deployment-environment of Controller Node
OpenStack Component Deployment-keystone feature introduction and certification implementation process
OpenStack Component Deployment-keystone Install & Create Service entity and API endpoints
OpenStack Component Deployment-keystone (domain, projects, users, and roles)
OpenStack Component Implementation Principle-keystone authentication function
OpenStack Build Deployment-glance Install
OpenStack Component Implementation Principle-glance architecture (V1/V2)
OpenStack Component Deployment-nova overview
OpenStack component Deployment-nova_ Installing and configuring controller Node
OpenStack Component Deployment-nova_install and configure a compute node
OpenStack Component Implementation Principle-nova architecture
OpenStack Component Deployment-netwotking Service components Introduction and network basic concepts
OpenStack Component Deployment-networking Service_ Install and configure controller Node
Installing components
yum install openstack-neutron openstack-neutron-linuxbridge-y
Configuring Common Components
The configuration of the Networking generic components includes authentication mechanisms, message queues, plug-ins .
Edit /etc/neutron/neutron.conf
File
Vim/etc/neutron/neutron.conf
In the [database]
section, note all connection
items because the compute nodes do not directly access the database.
In the [DEFAULT]
and [oslo_messaging_rabbit]
section, configure RABBITMQ Message Queuing access:
[DEFAULT]rpc_backend = rabbit[oslo_messaging_rabbit]rabbit_host = controller.jmilk.comrabbit_userid = openstackrabbit_password = fanguiju
- In the
[DEFAULT]
and [keystone_authtoken]
section, configure Keystone Authentication Service access:
[DEFAULT]auth_strategy = Keystone [Keystone_authtoken]Auth_uri = http://controller.jmilk.com: Auth_url = http://controller.jmilk.com:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = Neutron password = fanguiju
Note : Note or remove other options in [Keystone_authtoken].
- In the
[oslo_concurrency]
section, configure the lock path
/var/lib/neutron/tmp
[DEFAULT]
enable verbose logging in the section
[DEFAULT]verbose = True
Configure the Self-service network option to configure the Linux bridging agent
The Linux bridging agent creates the Vxlan tunnel for the instance and the Layer-2 (Bridging/Exchange) virtual network infrastructure that handles the security group for the instances.
Edit /etc/neutron/plugins/ml2/linuxbridge_agent.ini
File
Vim/etc/neutron/plugins/ml2/linuxbridge_agent.ini
- In the
[linux_bridge]
section, map the public virtual network to the public physical network interface:
[linux_bridge]physical_interface_mappings = public:PUBLIC_INTERFACE_NAME
will be replaced with the PUBLIC_INTERFACE_NAME
Physical public network interface (NIC).
Example:
[linux_bridge]physical_interface_mappings = public:eth1
- in the
[vxlan]
section, enable Vxlan overlay network, configure IP addresses to handle the physical network interfaces that overwrite the network and enable Layer-2 :
[vxlan]enable_vxlan = Truelocal_ip = OVERLAY_INTERFACE_IP_ADDRESSl2_population = True
Replace with the OVERLAY_INTERFACE_IP_ADDRESS
IP address of the underlying physical network interface that handles overlay networks. The example architecture uses the management interface to tunnel traffic to the other nodes. Therefore, replace with each OVERLAY_INTERFACE_IP_ADDRESS
node ' s own management IP address.
Example:
[vxlan]enable_vxlan = Truelocal_ip = 192.168.1.108l2_population = True
- In the
[agent]
section, enable ARP spoofing protection:
[agent]prevent_arp_spoofing = True
- In the
[securitygroup]
section, enable the security group and configure the Linux bridging iptables firewall driver:
[securitygroup]enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
Configure Nova to use the network
Edit /etc/nova/nova.conf
File
Vim/etc/nova/nova.conf
- In the
[neutron]
section, configure the Access parameters:
[neutron] url = http://controller.jmilk.com:9696 Span class= "hljs-setting" >auth_url = http://controller.jmilk.com: 35357 auth_plugin = password project_domain_id = default user_domain_id = default region_name = regionone project_name = service username = neutron password = fanguiju
Complete the installation
Step1. Restart Nova-compute Service
systemctl restart openstack-nova-compute.service
Step2. Start the Linux bridging agent and configure it to boot from
systemctl enable neutron-linuxbridge-agent.servicesystemctl start neutron-linuxbridge-agent.service
Validation action (Execute following commands on Controller Node)
Step1. Load Admin Credentials Get permissions to perform only administrators can execute commands:
source admin-openrc
Step2. Lists the extensions that are loaded and neutron-server
verifies whether the process starts properly:
neutron ext-list
Step3. List the agents to verify that the boot neutron agent is successful:
neutron agent-list
The output should appear to have four agents on the control node and one agent on each compute node.
OpenStack Component Deployment-networking Service_compute Node