1.在控制节点安装网络节点Neutron,安装数据库Neutron,并设置访问权限的设置

    1. mysql -u root -p123456
    2. MariaDB [(none)]> CREATE DATABASE neutron;
    3. MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '123456';
    4. MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '123456';
    5. (weizhixing)
    6. MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'openstackpro01' IDENTIFIED BY '123456';

    2.创建Neutron的服务凭证

    1. [root@openstackpro01 ~]# openstack user create --domain default --password-prompt neutron
    2. [root@openstackpro01 ~]# openstack role add --project service --user neutron admin
    3. [root@openstackpro01 ~]# openstack service create --name neutron --description "OpenStack Networking" network

    结果:截图

    3.创建Neutron服务的API端点

    1. 创建服务凭证
    2. [root@openstackpro01 ~]# openstack user create --domain default --password-prompt neutron
    3. [root@openstackpro01 ~]# openstack role add --project service --user neutron admin
    4. [root@openstackpro01 ~]# openstack service create --name neutron --description "OpenStack Networking" network
    6. [root@openstackpro01 ~]# openstack endpoint create --region RegionOne network public http://192.168.253.130:9696
    7. [root@openstackpro01 ~]# openstack endpoint create --region RegionOne network internal http://192.168.253.130:9696
    8. [root@openstackpro01 ~]# openstack endpoint create --region RegionOne network admin http://192.168.253.130:9696

    结果:
    image.png

    4.配置网络选项
    根据要部署的虚拟网络类型配置网络选项(Provider networksSelf-service networks)由于Self-service networks也支持Provider networks,所以安装Self-service networks
    yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables

    5.编辑/etc/neutron/neutron.conf文件进行Neutron的相关配置

    1. [database]
    2. connection=mysql+pymysql://neutron:123456@192.168.253.130/neutron
    3. [DEFAULT]
    4. core_plugin=ml2
    5. service_plugins=router
    6. allow_overlapping_ips=true
    7. transport_url=rabbit://openstack:123456@192.168.253.130
    8. auth_strategy=keystone
    9. notify_nova_on_port_status_changes=true
    10. notify_nova_on_port_data_changes=true
    12. [keystone_authtoken]
    13. auth_uri=http://192.168.253.130:5000
    14. auth_url=http://192.168.253.130:5000
    15. memcached_servers=192.168.253.130:11211
    16. auth_type=password
    17. project_domain_name=default
    18. user_domain_name=default
    19. project_name=service
    20. username=neutron
    21. password=123456
    22. [nova]
    23. # ...
    24. auth_url=http://192.168.253.130:5000
    25. auth_type=password
    26. project_domain_name=default
    27. user_domain_name=default
    28. region_name=RegionOne
    29. project_name=service
    30. username=nova
    31. password=123456
    32. [oslo_concurrency]
    33. lock_path = /var/lib/neutron/tmp

    6.Configure the Modular Layer 2 (ML2) plug-in 编辑/etc/neutron/plugins/ml2/ml2_conf.ini文件

    1. [ml2]
    2. type_drivers=flat,vlan,vxlan
    3. tenant_network_types=vxlan
    4. mechanism_drivers=linuxbridge,l2population
    5. extension_drivers=port_security
    6. [ml2_type_flat]
    7. flat_networks=provider
    8. [ml2_type_vxlan]
    9. vni_ranges=1:1000
    10. [securitygroup]
    11. enable_ipset=true

    7.Configure the Linux bridge agent 编辑文件
    /etc/neutron/plugins/ml2/linuxbridge_agent.ini

    1. [linux_bridge]
    2. physical_interface_mappings=provider:PROVIDER_INTERFACE_NAME(待配)
    3. [vxlan]
    4. enable_vxlan=true
    5. local_ip=192.168.253.130
    6. l2_population=true
    7. [securitygroup]
    8. enable_security_group=true
    9. firewall_driver=neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

    8.Configure the layer-3 agent Edit the /etc/neutron/l3_agent.ini file

    1. [DEFAULT]
    2. interface_driver = linuxbridge

    9.Configure the DHCP agent Edit the /etc/neutron/dhcp_agent.ini file

    1. [DEFAULT]
    2. interface_driver = linuxbridge
    3. dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
    4. enable_isolated_metadata = true

    10.Configure the metadata agent Edit the /etc/neutron/metadata_agent.ini file

    1. [DEFAULT]
    2. nova_metadata_host=192.168.253.130
    3. metadata_proxy_shared_secret = METADATA_SECRET

    11.nova.conf文件配置neutron节点

    1. [neutron]
    2. url = http://192.168.253.130:9696
    3. auth_url = http://192.168.253.130:35357
    4. auth_type = password
    5. project_domain_name=default
    6. user_domain_name=default
    7. region_name=RegionOne
    8. project_name=service
    9. username=neutron
    10. password=123456
    11. service_metadata_proxy=true
    12. metadata_proxy_shared_secret=METADATA_SECRET

    12.对网络服务进行软链接

    1. [root@openstackpro01 ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    2. [root@openstackpro01 ~]# neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head

    image.png

    13.配置相关API服务

    1. [root@openstackpro01 ~]# systemctl restart openstack-nova-api.service
    2. [root@openstackpro01 ~]# systemctl enable neutron-server.service
    3. [root@openstackpro01 ~]# systemctl start neutron-server.service
    4. [root@openstackpro01 ~]# systemctl enable neutron-linuxbridge-agent.service
    5. [root@openstackpro01 ~]# systemctl start neutron-linuxbridge-agent.service
    6. [root@openstackpro01 ~]# systemctl enable neutron-dhcp-agent.service
    7. [root@openstackpro01 ~]# systemctl start  neutron-dhcp-agent.service
    8. [root@openstackpro01 ~]# systemctl enable neutron-metadata-agent.service
    9. [root@openstackpro01 ~]# systemctl start  neutron-metadata-agent.service
    10. [root@openstackpro01 ~]# systemctl enable neutron-l3-agent.service
    11. [root@openstackpro01 ~]# systemctl start neutron-l3-agent.service