OpenStack Networking le permite crear o adjuntar un dispositivo de interfaz a las redes, esta guía lo ayuda a configurar Neutron (Redes) en el entorno OpenStack. Neutron administra todas las cosas relacionadas con la red que se requieren para la infraestructura de red virtual, proporciona las redes, subredes y abstracciones de objetos de enrutador.
Instalar y configurar el nodo del controlador:
Antes de configurar el servicio Neutron, debemos crear una base de datos, un servicio y un punto final de API.
Inicie sesión como raíz en el servidor MySQL.
# mysql -u root -p
Create the neutron database.
CREATE DATABASE neutron;
Otorgue un permiso adecuado a la base de datos de neutrones.
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password';
Reemplace "contraseña" con una contraseña adecuada. Salga de MySQL.
Cargue su credencial de administrador desde la secuencia de comandos del entorno.
# source admin-openrc.sh
Cree el usuario neutron para crear credenciales de servicio.
# openstack user create --password-prompt neutron User Password: Repeat User Password: +----------+----------------------------------+ | Field | Value | +----------+----------------------------------+ | email | None | | enabled | True | | id | ac5ee3286887450d911b82d4e263e1c9 | | name | neutron | | username | neutron | +----------+----------------------------------+
Agregue el rol de administrador al usuario neutron.
# openstack role add --project service --user neutron admin +-------+----------------------------------+ | Field | Value | +-------+----------------------------------+ | id | 33af4f957aa34cc79451c23bf014af6f | | name | admin | +-------+----------------------------------+
Cree la entidad de servicio de neutrones.
# openstack service create --name neutron --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | 95237876259e44d9a1a926577b786875 | | name | neutron | | type | network | +-------------+----------------------------------+
Cree el punto final de la API del servicio de neutrones.
# openstack endpoint create \ --publicurl http://controller:9696 \ --adminurl http://controller:9696 \ --internalurl http://controller:9696 \ --region RegionOne \ network +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | adminurl | http://controller:9696 | | id | ed46eb46c27e4f2b9a58ff574f43d0cb | | internalurl | http://controller:9696 | | publicurl | http://controller:9696 | | region | RegionOne | | service_id | 95237876259e44d9a1a926577b786875 | | service_name | neutron | | service_type | network | +--------------+----------------------------------+
Instalar y configurar los componentes de red en el nodo del controlador:
# apt-get install neutron-server neutron-plugin-ml2 python-neutronclient
Edite /etc/neutron/neutron.conf.
# nano /etc/neutron/neutron.conf
Modifique la configuración a continuación y asegúrese de colocar entradas en las secciones adecuadas.
[DEFAULT] ... verbose = True rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True nova_url = http://controller:8774/v2 [oslo_messaging_rabbit] ... rabbit_host = controller rabbit_userid = openstack rabbit_password = password ## Replace "password" with the password you chose for the openstack account in RabbitMQ [database] ... connection = mysql://neutron:password@controller/neutron ## Replace "password" with the password you chose for neutron database [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = password ## Replace "password" with the password you chose for neutron user in the identity service. [nova] ... auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default region_name = RegionOne project_name = service username = nova password = password ## Replace "password" with the password you chose for nova user in the identity service.
Configurar complemento de capa modular 2 (ML2):
Edite el archivo /etc/neutron/plugins/ml2/ml2_conf.ini
# nano /etc/neutron/plugins/ml2/ml2_conf.ini
Modifica las siguientes estrofas.
[ml2] ... type_drivers = flat,vlan,gre,vxlan tenant_network_types = gre mechanism_drivers = openvswitch [ml2_type_gre] ... tunnel_id_ranges = 1:1000 [securitygroup] ... enable_security_group = True enable_ipset = True firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
Configure el cómputo para usar Redes, edite /etc/nova/nova.conf en el nodo del controlador.
# nano /etc/nova/nova.conf
Modifique la configuración a continuación y asegúrese de colocar entradas en las secciones adecuadas.
[DEFAULT] ... network_api_class = nova.network.neutronv2.api.API security_group_api = neutron linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron] url = http://controller:9696 auth_strategy = keystone admin_auth_url = http://controller:35357/v2.0 admin_tenant_name = service admin_username = neutron admin_password = password ## Replace "password" with the password you chose for neutron user in the identity service
Nota:si no tiene una sección en particular, cree y coloque estrofas en ella.
Rellene la base de datos de neutrones.
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
Reinicie el servicio de cómputo y redes en el nodo del controlador.
# service nova-api restart # service neutron-server restart
Verifíquelo enumerando las extensiones cargadas.
# neutron ext-list +-----------------------+-----------------------------------------------+ | alias | name | +-----------------------+-----------------------------------------------+ | security-group | security-group | | l3_agent_scheduler | L3 Agent Scheduler | | net-mtu | Network MTU | | ext-gw-mode | Neutron L3 Configurable external gateway mode | | binding | Port Binding | | provider | Provider Network | | agent | agent | | quotas | Quota management support | | subnet_allocation | Subnet Allocation | | dhcp_agent_scheduler | DHCP Agent Scheduler | | l3-ha | HA Router extension | | multi-provider | Multi Provider Network | | external-net | Neutron external network | | router | Neutron L3 Router | | allowed-address-pairs | Allowed Address Pairs | | extraroute | Neutron Extra Route | | extra_dhcp_opt | Neutron Extra DHCP opts | | dvr | Distributed Virtual Router | +-----------------------+-----------------------------------------------+
Lo siguiente es instalar y configurar el nodo de red.