本文最后更新于48 天前,其中的信息可能已经过时,如有错误请发送邮件到2639131093@qq.com
注意
1.本教程为openstack 搭建平台victoria 版,虚拟机为centos stream 8
2.本教程设计内容非常多,很复杂,但也很有技巧,请注意每一步,我说可以更改的地方可以更改,其余建议和我一样
3.内容板块大体包括:基础环境设置, keystone组建安装,glance组建安装,placement组建安装,nova组建安装,neutron组建安装,dashboard组建安装
4.密码约定:本文所有和数据库及消息队列相关的密码统一设定 rootroot,openstack 组件用户密码统一设定 redhat
5.学习此章节,你需要了解的知识:数据库sql中dcl用户管理的知识,linux基础命令,openstack基础命令
6.官方网址:
OpenStack Docs: Install and configure controller node
7.环境配置:
环境用到 2台 虚拟机,单网卡,并为其配置 静态 IP 及 DNS
| 主机名 | ip | 网关 | DNS | cpu/内存 | 磁盘 | 角色 | 备注 |
| controller | 192.168.100.128 | 192.168.100.2 | 114.114.114.114 | 4c/6g | 100g | 控制节点 | 开启虚拟化引擎 |
| compute | 192.168.100.129 | 192.168.100.2 | 114.114.114.114 | 4c/6g | 100g | 计算节点 | 开启虚拟化引擎 |
控制节点
建库及授权
[root@controller ~(admin)]$ source keystonerc_admin
[root@controller ~(admin)]$ mysql -uroot -prootroot
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 104
Server version: 10.3.28-MariaDB MariaDB Server
Copyright (c) 2000, 2018, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
MariaDB [(none)]> create database neutron;
Query OK, 1 row affected (0.000 sec)
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'localhost' identified by 'rootroot'
-> ;
Query OK, 0 rows affected (0.006 sec)
MariaDB [(none)]> grant all privileges on neutron.* to 'neutron'@'%' identified by 'rootroot';
Query OK, 0 rows affected (0.001 sec)
MariaDB [(none)]> show databases;
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| neutron |
| nova |
| nova_api |
| nova_cell0 |
| performance_schema |
| placement |
+--------------------+
10 rows in set (0.001 sec)
创建用户及关联角色
[root@controller ~(admin)]$ openstack user create --domain default --password-prompt neutron
User Password: ## redhat
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | aa11f2ae54f3443193d454bf49c64037 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~(admin)]$ openstack role add --project service --user neutron admin
[root@controller ~(admin)]$ openstack role assignment list --user neutron
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| Role | User | Group | Project | Domain | System | Inherited |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
| 35eb6220a4b14503b1672de9f0ffcae9 | aa11f2ae54f3443193d454bf49c64037 | | 578eca45e7e549858c97314e3f2ec1e3 | | | False |
+----------------------------------+----------------------------------+-------+----------------------------------+--------+--------+-----------+
[root@controller ~(admin)]$ openstack user list
+----------------------------------+-----------+
| ID | Name |
+----------------------------------+-----------+
| cda7fc3c6ff74289b8f40e149d397710 | admin |
| 9688822b0dcd41929430ab48335fceb2 | myuser |
| 2c401bee20a245ac88cf4629ed4ee440 | glance |
| 3e66c60b57354be89ac3d5e85fb2f485 | placement |
| 0c39c2efcb144276b82ac8fb249655b2 | nova |
| aa11f2ae54f3443193d454bf49c64037 | neutron |
+----------------------------------+-----------+
创建服务及注册API
应该是16个
[root@controller ~(admin)]$ openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 9688ea07b16a4f909352edc646485cb1 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 75f6308dc2f64017a93678b3e1ab55a8 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9688ea07b16a4f909352edc646485cb1 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 29f8e63e955f4665be02d1d6cf2bf699 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9688ea07b16a4f909352edc646485cb1 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 3192fcc291544c4780073fa0f9eaa1c4 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 9688ea07b16a4f909352edc646485cb1 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
[root@controller ~(admin)]$ openstack endpoint list
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| ID | Region | Service Name | Service Type | Enabled | Interface | URL |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
| 0347ebc573814319b61f2b061d12a76d | RegionOne | glance | image | True | internal | http://controller:9292 |
| 29f8e63e955f4665be02d1d6cf2bf699 | RegionOne | neutron | network | True | internal | http://controller:9696 |
| 3192fcc291544c4780073fa0f9eaa1c4 | RegionOne | neutron | network | True | admin | http://controller:9696 |
| 5b07ad93e892406da4bac5dd0338e3cf | RegionOne | placement | placement | True | internal | http://controller:8778 |
| 6395f0c625274f4b90e9137f38e93882 | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ |
| 75f6308dc2f64017a93678b3e1ab55a8 | RegionOne | neutron | network | True | public | http://controller:9696 |
| 810eab1198cc44dc8a2f4de04d227da4 | RegionOne | glance | image | True | admin | http://controller:9292 |
| 861dc3b20d324e4892e506058c2c7b1f | RegionOne | glance | image | True | public | http://controller:9292 |
| a0056090bca448f48158baec90bba5f3 | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 |
| a57a74e92f0143e4b13f6211f03a6c3d | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 |
| af379dafc84344b190a0b9bd0a08aa67 | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 |
| ca45bbfeef81436688974a8d04e75d88 | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ |
| dc77bcd015344f4c9406495cba143841 | RegionOne | placement | placement | True | admin | http://controller:8778 |
| deb57dd079d1434b8ba2560d13aa8757 | RegionOne | placement | placement | True | public | http://controller:8778 |
| ff9d2f5be3c54026a27d8661b68460b9 | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ |
+----------------------------------+-----------+--------------+--------------+---------+-----------+-----------------------------+
安装neutron包
太多啦
[root@controller ~(admin)]$ yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables -y
已升级:
iptables-1.8.5-11.el8.x86_64 iptables-ebtables-1.8.5-11.el8.x86_64 iptables-libs-1.8.5-11.el8.x86_64
已安装:
conntrack-tools-1.4.4-11.el8.x86_64 dibbler-client-1.0.1-10.el8.x86_64 dnsmasq-utils-2.79-33.el8.x86_64
haproxy-1.8.27-5.el8.x86_64 keepalived-2.1.5-9.el8.x86_64 libnetfilter_cthelper-1.0.0-15.el8.x86_64
libnetfilter_cttimeout-1.0.0-11.el8.x86_64 libnetfilter_queue-1.0.4-3.el8.x86_64 libunwind-1.4.0-5.el8s.x86_64
lm_sensors-libs-3.4.0-23.20180522git70f7e08.el8.x86_64 net-snmp-agent-libs-1:5.8-26.el8.x86_64 openpgm-5.2.122-21.el8.x86_64
openstack-neutron-1:17.4.1-1.el8.noarch openstack-neutron-common-1:17.4.1-1.el8.noarch openstack-neutron-linuxbridge-1:17.4.1-1.el8.noarch
openstack-neutron-ml2-1:17.4.1-1.el8.noarch python3-beautifulsoup4-4.9.3-1.el8s.noarch python3-designateclient-4.1.0-2.el8.noarch
python3-gevent-1.2.2-4.el8.x86_64 python3-logutils-0.3.5-11.el8s.noarch python3-neutron-1:17.4.1-1.el8.noarch
python3-neutron-lib-2.6.2-1.el8.noarch python3-os-ken-1.2.1-1.el8.noarch python3-os-xenapi-0.3.4-1.el8.noarch
python3-pecan-1.3.3-2.el8s.noarch python3-setproctitle-1.1.10-16.el8.x86_64 python3-soupsieve-2.1.0-1.el8s.noarch
python3-tinyrpc-1.0.3-1.el8.noarch python3-waitress-1.4.4-1.el8s.noarch python3-webtest-2.0.35-3.el8s.noarch
python3-zmq-19.0.0-3.el8.x86_64 radvd-2.17-15.el8.x86_64 zeromq-4.3.2-1.el8.x86_64
编辑配置文件
编辑 neutron 配置文件
[database] ## 270
connection = mysql+pymysql://neutron:rootroot@controller/neutron
[DEFAULT]
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:rootroot@controller ##第一行
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default ##370
project_name = service
username = neutron
password = redhat
[nova]
auth_url = http://controller:5000
auth_type = password ##自己编写
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = redhat
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp ##550
编辑 ml2 配置文件
[root@controller ~(admin)]$ vim /etc/neutron/plugins/ml2/ml2_conf.ini
##以下内容是都没有的,添加进去
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_vxlan]
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true
配置 Linux 网桥代理
[root@controller ~(admin)]$ vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
##依旧全部没有,添加到末尾
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.128 ##控制节点ip
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver启用网桥支持
[root@controller ~(admin)]$ modprobe br_netfilter
[root@controller ~(admin)]$ sysctl net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 1
[root@controller ~(admin)]$ sysctl net.bridge.bridge-nf-call-ip6tables
net.bridge.bridge-nf-call-ip6tables = 1
[root@controller ~(admin)]$
配置三层代理
[root@controller ~(admin)]$ vim /etc/neutron/l3_agent.ini
##编辑以下内容
[DEFAULT]
interface_driver = linuxbridge配置DHCP代理
[root@controller ~(admin)]$ vim /etc/neutron/dhcp_agent.ini
##这个就在最上面
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true配置元数据代理
[root@controller ~(admin)]$ vim /etc/neutron/metadata_agent.ini
##依旧最上面
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = rootroot配置计算服务
[root@controller ~(admin)]$ vim /etc/nova/nova.conf
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = redhat
service_metadata_proxy = true ##3510左右
metadata_proxy_shared_secret = rootroot初始化数据库
[root@controller ~(admin)]$ ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@controller ~(admin)]$ su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
正在对 neutron 运行 upgrade...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> kilo
INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225
INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151
INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf
INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee
INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f
INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773
INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592
INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7
INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79
INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051
INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136
INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59
INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d
INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a
INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25
INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee
INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9
INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4
INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664
INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5
INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f
INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821
INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4
INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81
INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6
INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532
INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f
INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a
INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b
INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73
INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99
INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada
INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016
INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3
INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d
INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d
INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297
INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c
INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39
INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b
INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050
INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9
INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada
INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc
INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53
INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70
INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90
INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4
INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426
INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524
INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502
INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee
INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048
INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4
INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a
INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad
INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37
INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa
INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf
INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4
INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e
INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc
INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d
INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70
INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c
INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c
INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da
INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192
INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9
INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6
INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f
INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee
INFO [alembic.runtime.migration] Running upgrade 594422d373ee -> 61663558142c
INFO [alembic.runtime.migration] Running upgrade 61663558142c -> 867d39095bf4, port forwarding
INFO [alembic.runtime.migration] Running upgrade 867d39095bf4 -> d72db3e25539, modify uniq port forwarding
INFO [alembic.runtime.migration] Running upgrade d72db3e25539 -> cada2437bf41
INFO [alembic.runtime.migration] Running upgrade cada2437bf41 -> 195176fb410d, router gateway IP QoS
INFO [alembic.runtime.migration] Running upgrade 195176fb410d -> fb0167bd9639
INFO [alembic.runtime.migration] Running upgrade fb0167bd9639 -> 0ff9e3881597
INFO [alembic.runtime.migration] Running upgrade 0ff9e3881597 -> 9bfad3f1e780
INFO [alembic.runtime.migration] Running upgrade 9bfad3f1e780 -> 63fd95af7dcd
INFO [alembic.runtime.migration] Running upgrade 63fd95af7dcd -> c613d0b82681
INFO [alembic.runtime.migration] Running upgrade c613d0b82681 -> c3e9d13c4367
INFO [alembic.runtime.migration] Running upgrade c3e9d13c4367 -> 86274d77933e
INFO [alembic.runtime.migration] Running upgrade 86274d77933e -> f4b9654dd40c
INFO [alembic.runtime.migration] Running upgrade f4b9654dd40c -> a010322604bc
INFO [alembic.runtime.migration] Running upgrade a010322604bc -> 263d454a9655
INFO [alembic.runtime.migration] Running upgrade 263d454a9655 -> Ibac91d24da2
INFO [alembic.runtime.migration] Running upgrade Ibac91d24da2 -> 2217c4222de6
INFO [alembic.runtime.migration] Running upgrade 2217c4222de6 -> 18a7e90ae768
INFO [alembic.runtime.migration] Running upgrade 18a7e90ae768 -> e4e236b0e1ff
INFO [alembic.runtime.migration] Running upgrade e4e236b0e1ff -> e88badaa9591
INFO [alembic.runtime.migration] Running upgrade e88badaa9591 -> d8bdf05313f4
INFO [alembic.runtime.migration] Running upgrade d8bdf05313f4 -> dfe425060830
INFO [alembic.runtime.migration] Running upgrade dfe425060830 -> fd6107509ccd
INFO [alembic.runtime.migration] Running upgrade fd6107509ccd -> 1ea5dab0897a
INFO [alembic.runtime.migration] Running upgrade 1ea5dab0897a -> 49d8622c5221
INFO [alembic.runtime.migration] Running upgrade 49d8622c5221 -> I38991de2b4
INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab
INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0
INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d
确定
启动服务
[root@controller ~(admin)]$ systemctl restart openstack-nova-api.service
[root@controller ~(admin)]$ systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller ~(admin)]$ systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-server.service → /usr/lib/systemd/system/neutron-server.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service → /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service → /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service → /usr/lib/systemd/system/neutron-metadata-agent.service.
[root@controller ~(admin)]$ systemctl start neutron-l3-agent.service
[root@controller ~(admin)]$ systemctl enable neutron-l3-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service → /usr/lib/systemd/system/neutron-l3-agent.service.
计算节点
安装neutron包
[root@compute ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y
已升级:
iptables-1.8.5-11.el8.x86_64 iptables-ebtables-1.8.5-11.el8.x86_64
iptables-libs-1.8.5-11.el8.x86_64 iptables-services-1.8.5-11.el8.x86_64
已安装:
libunwind-1.4.0-5.el8s.x86_64
openpgm-5.2.122-21.el8.x86_64
openstack-neutron-common-1:17.4.1-1.el8.noarch
openstack-neutron-linuxbridge-1:17.4.1-1.el8.noarch
python3-beautifulsoup4-4.9.3-1.el8s.noarch
python3-designateclient-4.1.0-2.el8.noarch
python3-gevent-1.2.2-4.el8.x86_64
python3-httplib2-0.10.3-4.el8.noarch
python3-logutils-0.3.5-11.el8s.noarch
python3-neutron-1:17.4.1-1.el8.noarch
python3-neutron-lib-2.6.2-1.el8.noarch
python3-os-ken-1.2.1-1.el8.noarch
python3-os-xenapi-0.3.4-1.el8.noarch
python3-osprofiler-3.4.0-2.el8.noarch
python3-pecan-1.3.3-2.el8s.noarch
python3-setproctitle-1.1.10-16.el8.x86_64
python3-soupsieve-2.1.0-1.el8s.noarch
python3-tinyrpc-1.0.3-1.el8.noarch
python3-waitress-1.4.4-1.el8s.noarch
python3-webtest-2.0.35-3.el8s.noarch
python3-werkzeug-1.0.1-3.el8.noarch
python3-zmq-19.0.0-3.el8.x86_64
zeromq-4.3.2-1.el8.x86_64
编辑 neutron 配置文件
[DEFAULT]
transport_url = rabbit://openstack:rootroot@controller
auth_strategy = keystone ##第一行
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default ##370左右
project_name = service
username = neutron
password = redhat
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp ##540左右
配置 Linux 网桥代理
[root@compute ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
##直接末尾添加全部
[linux_bridge]
physical_interface_mappings = provider:ens160
[vxlan]
enable_vxlan = true
local_ip = 192.168.100.129 ##compute节点ip
l2_population = true
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver启用网桥支持
[root@compute ~]# modprobe br_netfilter
[root@compute ~]# sysctl net.bridge.bridge-nf-call-iptables
net.bridge.bridge-nf-call-iptables = 1
[root@compute ~]# sysctl net.bridge.bridge-nf-call-ip6tables
net.bridge.bridge-nf-call-ip6tables = 1
配置计算服务
[root@compute ~]# vim /etc/nova/nova.conf
*** 找到对应标签并编辑以下内容 ***
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default ##3510行
region_name = RegionOne
project_name = service
username = neutron
password = redhat启动服务
[root@compute ~]# systemctl restart openstack-nova-compute.service
[root@compute ~]# systemctl start neutron-linuxbridge-agent.service
[root@compute ~]# systemctl enable neutron-linuxbridge-agent.service
Created symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service → /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
回到计算节点查看状态
[root@controller ~(admin)]$ openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 50142428-588b-415f-b416-79015532f5f3 | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
| ab696ed4-e450-4d81-9c51-e153342ff423 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent |
| b6ed2be0-564c-4e14-b159-c3daaa9147e4 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| d5ce26f6-c0e1-4503-95cc-132ef731d2d0 | Linux bridge agent | compute | None | :-) | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
