一 安装Neutron相关包
[root@controller0 ~]# yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient
二 在keystone中创建 Neutron 相应的用户和服务
[root@controller0 ~]# keystone user-create --name neutron --pass neutron --email neutron@example.com
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | neutron@example.com |
| enabled | True |
| id | 7da0f9ac20b744968ff8a3e5fa569c40 |
| name | neutron |
| username | neutron |
+----------+----------------------------------+
[root@controller0 ~]# keystone user-role-add --user neutron --tenant service --role admin
[root@controller0 ~]# keystone service-create --name neutron --type network --description "OpenStack Networking"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | fdfcdafb90854f36bb669779f2c9c464 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
[root@controller0 ~]# keystone endpoint-create \
> --service-id $(keystone service-list | awk '/ network / {print $2}') \
> --publicurl http://controller0:9696 \
> --adminurl http://controller0:9696 \
> --internalurl http://controller0:9696
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| adminurl | http://controller0:9696 |
| id | f6e7b82b85684ca6bf683643e6895c03 |
| internalurl | http://controller0:9696 |
| publicurl | http://controller0:9696 |
| region | regionOne |
| service_id | fdfcdafb90854f36bb669779f2c9c464 |
+-------------+----------------------------------+
三 Neutron数据库配置
[root@controller0 ~]# mysql -uroot -popenstack -e "CREATE DATABASE neutron;"
[root@controller0 ~]# mysql -uroot -popenstack -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'openstack';"
[root@controller0 ~]# mysql -uroot -popenstack -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'openstack';"
[root@controller0 ~]# mysql -uroot -popenstack -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'controller0' IDENTIFIED BY 'openstack';"
四 配置MySQL
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf database connection mysql://neutron:openstack@controller0/neutron
五 配置Neutron Keystone 认证
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystonest controller0
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password neutron[root@contrtp://controller0:5000config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri ht
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host controller0
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name service
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password neutron
六 配置Neutron qpid
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend neutron.openstack.common.rpc.impl_qpid
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT qpid_hostname controller0
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes True
l http://controller0:8774/v2[root@controller0 ~]
# openstack-config --set /etc/neutron/neutron.conf DEta_changes Trueva_on_port_da
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_url http://controller0:8774/v2
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_username nova
tron.conf DEFAULT nova_admin_password nova
openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_auth_url http://controller0:35357/v2.0[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_tenant(keystone tenant-list | awk '/ service / { print $2 }')
/usr/lib64/python2.6/site-packages/Crypto/Util/number.py:57: PowmInsecureWarning: Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.
_warn("Not using mpz_powm_sec. You should rebuild using libgmp >= 5 to avoid timing attack vulnerability.", PowmInsecureWarning)
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_password nova
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT nova_admin_auth_url http://controller0:35357/v2.0
七 配置Neutron ml2 plugin 用openvswitch
[root@controller0 ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[root@controller0 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True[root@controller0 ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types gre
[root@controller0 ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch
[root@controller0 ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges 1:1000
[root@controller0 ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[root@controller0 ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_security_group True
八 配置nova 使用Neutron 作为network 服务
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT network_api_class nova.network.neutronv2.api.API
egy keystone
openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password neutron
openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://controller0:35357/v2.0
openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron[root@controller0 ~]# opr0:9696-config --set /etc/nova/nova.conf DEFAULT neutron_url http://controlle
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT neutron_auth_strategy keystone
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_tenant_name service
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_username neutron
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_password neutron
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT neutron_admin_auth_url http://controller0:35357/v2.0
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@controller0 ~]# openstack-config --set /etc/nova/nova.conf DEFAULT security_group_api neutron
九 重启nova controller 上的服务
[root@controller0 ~]# service openstack-nova-api restart
Stopping openstack-nova-api: [ OK ]
Starting openstack-nova-api: [ OK ]
[root@controller0 ~]# service openstack-nova-scheduler restart
Stopping openstack-nova-scheduler: [ OK ]
Starting openstack-nova-scheduler: [ OK ]
[root@controller0 ~]# service openstack-nova-conductor restart
Stopping openstack-nova-conductor: [ OK ]
Starting openstack-nova-conductor: [ OK ]
十 启动Neutron server
[root@controller0 ~]# service neutron-server start
Starting neutron: [ OK ]
[root@controller0 ~]# chkconfig neutron-server on
十一 查看数据库的表是否创建成功与相关检查
[root@controller0 ~]# mysql -uroot -p
Enter password:
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 19
Server version: 5.1.73 Source distribution
Copyright (c) 2000, 2013, Oracle and/or its affiliates. All rights reserved.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> use neutron;
Reading table information for completion of table and column names
You can turn off this feature to get a quicker startup with -A
Database changed
mysql> show tables;
+---------------------------+
| Tables_in_neutron |
+---------------------------+
| agents |
| allowedaddresspairs |
| dnsnameservers |
| externalnetworks |
| extradhcpopts |
| floatingips |
| ipallocationpools |
| ipallocations |
| ipavailabilityranges |
| ml2_gre_allocations |
| ml2_gre_endpoints |
| ml2_network_segments |
| ml2_port_bindings |
| networkdhcpagentbindings |
| networks |
| ports |
| quotas |
| routerl3agentbindings |
| routerroutes |
| routers |
| securitygroupportbindings |
| securitygrouprules |
| securitygroups |
| subnetroutes |
| subnets |
+---------------------------+
25 rows in set (0.00 sec)
mysql>
[root@controller0 ~]# neutron agent-list
[root@controller0 ~]# tail -f /var/log/neutron/server.log
2018-03-03 13:49:15.141 2985 INFO neutron.wsgi [-] (2985) accepted ('10.20.0.10', 55498)
2018-03-03 13:49:15.162 2985 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): controller0
2018-03-03 13:49:15.258 2985 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): controller0
2018-03-03 13:49:15.302 2985 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): controller0
2018-03-03 13:49:15.306 2985 INFO keystoneclient.middleware.auth_token [-] Auth Token confirmed use of v2.0 apis
2018-03-03 13:49:15.307 2985 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): controller0
2018-03-03 13:49:15.313 2985 INFO urllib3.connectionpool [-] Starting new HTTP connection (1): controller0
2018-03-03 13:49:15.410 2985 INFO neutron.wsgi [req-613ca02c-19e6-4f4b-80a9-096f23bdf734 None] 10.20.0.10 - - [03/Mar/2018 13:49:15] "GET /v2.0/agents.json HTTP/1.1" 200 203 0.267156