OpenStack: Installing neutron and provider network

Last Update:2016-09-07 Source: Internet

Author: User

Tags openvswitch

Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more ＞

1. Installation
(1) Install Networking Services on a dedicated network node
# apt-get Install Neutron-server neutron-dhcp-agent neutron-plugin-openvswitch-agent
No need for L3agent
Delete SQLite
Rm-f/var/lib/neutron/neutron.sqlite

Edit/etc/sysctl.conf, Enable packet forwarding and disable packet destination filtering
Net.ipv4.ip_forward=1
Net.ipv4.conf.all.rp_filter=0
Net.ipv4.conf.default.rp_filter=0

Reload
# sysctl-p
# Service Networking Restart
If not, then
#/etc/init.d/networking Restart
2. Create db
Create database neutron;
Grant all privileges the neutron.* to ' neutron ' @ '% ' identified by ' OpenStack ';
Grant all privileges the neutron.* to ' neutron ' @ ' localhost ' identified by ' OpenStack ';

3. Create user, role
# Keystone User-create--name=neutron--pass=openstack
# Keystone User-role-add--user=neutron--tenant=service--role=admin

4. Configuration:
(1) Configuration/etc/neutron/neutron.conf:
[DEFAULT]
Core_plugin = Neutron.plugins.openvswitch.ovs_neutron_plugin. OVSNeutronPluginV2
Auth_strategy=keystone
Control_exchange = Neutron
Rabbit_host = Controller
Rabbit_userid = Guest
Rabbit_password = OpenStack
Notification_driver = Neutron.openstack.common.notifier.rabbit_notifier

[Database]
Connection = Mysql://neutron:[email Protected]/neutron

[Keystone_authtoken]
Auth_uri = http://controller:35357
Auth_host = Controller
Auth_port = 35357
Auth_protocol = http
Admin_tenant_name = Service
Admin_user = Neutron
Admin_password = OpenStack

(2) Configuration/etc/neutron/api-paste.ini:
[Filter:authtoken]
Paste.filter_factory = Keystoneclient.middleware.auth_token:filter_factory
Auth_uri = http://controller:35357
Auth_host = Controller
Auth_port = 35357
Admin_tenant_name = Service
Admin_user = Neutron
Admin_password = OpenStack

Warning: Warning
Keystoneclient.middleware.auth_token:You must configure Auth_uri to the public identity endpoint. Otherwise, clients might not being able to authenticate against an admin endpoint.

(3) Configuration/etc/neutron/dhcp_agent.ini
Dhcp_driver = NEUTRON.AGENT.LINUX.DHCP.DNSMASQ

(4) Configure/etc/nova/nova.conf, turn back to Nova
[DEFAULT]
Neutron_metadata_proxy_shared_secret = OpenStack
Service_neutron_metadata_proxy = True

Network_api_class=nova.network.neutronv2.api.api

Neutron_admin_username=neutron
Neutron_admin_password=openstack
neutron_admin_auth_url=http://controller:35357/v2.0/
Neutron_auth_strategy=keystone
Neutron_admin_tenant_name=service
neutron_url=http://controller:9696/

Reboot required:
# Service Nova-api Restart

(5) Configuration/etc/neutron/metadata_agent.ini
[DEFAULT]
Auth_url = http://controller:35357/v2.0
Auth_region = Regionone
Admin_tenant_name = Service
Admin_user = Neutron
Admin_password = OpenStack
NOVA_METADATA_IP = Controller
Metadata_proxy_shared_secret = OpenStack

5. Registration Service, endpoint:
# Keystone Service-create \
--name=neutron--type=network \
--description= "OpenStack Networking Service"

# Keystone Endpoint-create \
--service-id 455075d2fb9540ac864c345109c291cf \
--publicurl http://controller:9696 \
--adminurl http://controller:9696 \
--internalurl http://controller:9696

-------------------------------------------------------------------
> Install neutron on network node
0. Installing OvS
Know 3 kinds of interface
Mgmi_interface: Management interface, use ETH1, general to close
Data_interface: Data interface, using eth1
External_interface: External interface, using eth0, if there are multiple ISPs, are bound to the INTERFACE.
(1) Installation
# Apt-get Install Neutron-plugin-openvswitch-agent
# Ovs-vsctl ADD-BR Br-int
Br-int is required for the OvS connection VM, and Br-ex is not needed in the flat network, depending on the network topology.

(2) Configuration/etc/neutron/dhcp_agent.ini
[DEFAULT]
Enable_isolated_metadata = True
Interface_driver = Neutron.agent.linux.interface.OVSInterfaceDriver
Use_namespaces = False
Which use_namespaces according to the need to set, if it is flat should not be necessary?
Restart required
# Service Neutron-dhcp-agent Restart

(3) Configure/etc/neutron/neutron.conf, set OvS
Core_plugin = Neutron.plugins.openvswitch.ovs_neutron_plugin. OVSNeutronPluginV2

(4) Configure/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini, set Firewall_driver
[Securitygroup]
# Firewall driver for realizing Neutron security group function.
Firewall_driver = Neutron.agent.linux.iptables_firewall. Ovshybridiptablesfirewalldriver

[OvS]
Tenant_network_type = None
enable_tunneling = False
Network_vlan_ranges = Physnet0, Physnet1
Bridge_mappings = Physnet0:br-eth0, physnet1:br-eth1
You need to create

(5) Restart
# Service Openvswitch-switch Restart (only reboot once after installation, cannot restart)
# Service Neutron-plugin-openvswitch-agent Restart
-------------------------------------------------------------------

8. Restart the neutron service.
Service Neutron-server Restart
Service Neutron-dhcp-agent Restart
Service Neutron-metadata-agent Restart
Service Neutron-plugin-openvswitch-agent Restart

======================================
Configure the network:

(1) Execute the following OvS command
# Ovs-vsctl ADD-BR Br-eth0
# ovs-vsctl Add-port br-eth0 eth0
# Ovs-vsctl ADD-BR br-eth1
# ovs-vsctl Add-port br-eth1 eth1

(2) Configuration interfaces
[Email protected]:~$ cat/etc/network/interfaces
# This file describes the network interfaces available on your system
# and how to activate them. For more information, see Interfaces (5).

# The Loopback network interface
Auto Lo
Iface Lo inet Loopback

Auto Eth0
Iface eth0 inet Manual
Up ifconfig eth0 0.0.0.0 promisc up
Down ifconfig eth0 down

Auto Br-eth0
Iface Br-eth0 inet Static
Address 192.168.2.3
Netmask 255.255.255.0
Gateway 192.168.2.2
Dns-nameservers 192.168.2.2

Auto Eth1
Iface eth1 inet Manual
Up ifconfig eth1 0.0.0.0 promisc up
Down Ifconfig eth1 down

Auto Br-eth1
Iface br-eth1 inet Static
Address 10.0.0.3
NETMASTK 255.255.255.0

Once you declare bridge_ports eth0, you can no longer declare iface eth0, or Linux boot will report a network error.
-----------------------------------------------
Close Gro
Ethtool-k eth0
Ethtool-k eth0 Gro off
Ethtool-k eth1
Ethtool-k eth1 Gro off
------------------------------------------------

OpenStack: Installing neutron and provider network

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

Sales Support

1 on 1 presale consultation

Chat Contact Sales
After-Sales Support

24/7 Technical Support 6 Free Tickets per Quarter Faster Response

Open a Ticket
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

Learn More