OpenStack Icehouse私有云实战部署(四)
Compute节点
配置内核网络参数
[root@compute ~]# vim /etc/sysctl.conf
net.ipv4.conf.all.rp_filter = 0
net.ipv4.conf.default.rp_filter = 0
[root@compute ~]# sysctl -p
安装所需软件包
[root@compute ~]# yum install openstack-neutron-ml2 openstack-neutron-openvswitch
配置连入keystone
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
> auth_strategy keystone
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> auth_uri http://controller:5000
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> auth_host controller
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> auth_protocol http
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> auth_port 35357
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> admin_tenant_name service
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> admin_user neutron
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
> admin_password neutron
配置其使用消息队列服务
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
> rpc_backend neutron.openstack.common.rpc.impl_qpid
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
> qpid_hostname controller
配置使用Modular Layer 2 (ML2)插件及相关服务
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
> core_plugin ml2
[root@compute ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
> service_plugins router
配置ML2插件
如下命令配置 ML2 插件,其中10.0.10.124为本节点用于“隧道接口”的地址
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
> type_drivers gre
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
> tenant_network_types gre
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
> mechanism_drivers openvswitch
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \
> tunnel_id_ranges 1:1000
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
> local_ip 10.0.10.124
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
> tunnel_type gre
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
> enable_tunneling True
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
> firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
[root@compute ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
> enable_security_group True
配置Open vSwitch服务
[root@compute ~]# service openvswitch start
[root@compute ~]# chkconfig openvswitch on
[root@compute ~]# ovs-vsctl add-br br-int
配置Compute使用Networking服务
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> network_api_class nova.network.neutronv2.api.API
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_url http://controller:9696
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_auth_strategy keystone
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_admin_tenant_name service
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_admin_username neutron
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_admin_password neutron
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> neutron_admin_auth_url http://controller:35357/v2.0
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> firewall_driver nova.virt.firewall.NoopFirewallDriver
[root@compute ~]# openstack-config --set /etc/nova/nova.conf DEFAULT \
> security_group_api neutron
配置并启动服务
[root@compute ~]# cd /etc/neutron/
[root@compute neutron]# ln -s plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
[root@compute ~]# cp /etc/init.d/neutron-openvswitch-agent /etc/init.d/neutron-openvswitch-agent.orig
[root@compute ~]# sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent
root@compute ~]# service openstack-nova-compute restart
Stopping openstack-nova-compute: [ OK ]
Starting openstack-nova-compute: [ OK ]
[root@compute ~]# service neutron-openvswitch-agent start
Starting neutron-openvswitch-agent: [ OK ]
[root@compute ~]# chkconfig neutron-openvswitch-agent on
创建外部网络
在 Contoller上执行如下命令
[root@controller ~]# . admin-openrc.sh
[root@controller ~]# neutron net-create ext-net --shared --router:external=True
Created a new network:
在外部网络中创建一个子网
[root@controller ~]# neutron subnet-create ext-net --name ext-subnet \
> --allocation-pool start=172.16.20.12,end=172.16.20.61 \
> --disable-dhcp --gateway 172.16.0.1 172.16.0.0/16
Created a new subnet:
Tenant network
tenant network为各instance之间提供了内部互访的通道,此机制用于实现各tenant 网络之间的隔离
[root@controller ~]# neutron net-create demo-net
Created a new network:
为demo-net网络创建一个子网
[root@controller ~]# neutron subnet-create demo-net --name demo-subnet \
> --gateway 192.168.22.1 192.168.22.0/24
Created a new subnet:
为demo net创建一个router,并将其附加至外部网络和demo net
[root@controller ~]# neutron router-create demo-router
Created a new router:
[root@controller ~]# neutron router-interface-add demo-router demo-subnet
Added interface 7a619ab8-91fd-4f55-be0c-94603afbfbcb to router demo-router.
[root@controller ~]# neutron router-gateway-set demo-router ext-net
Set gateway for router demo-router
dashboard
安装所需软件包
[root@controller ~]# yum install memcached python-memcached mod_wsgi openstack-dashboard
配置dashboard
[root@controller ~]# vim /etc/openstack-dashboard/local_settings
#配置使用本机上的memcached作为会话缓存
CACHES = {
'default': {
'BACKEND' : 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION' : '127.0.0.1:11211',
}
}
#配置访问权限
ALLOWED_HOSTS = ['*', 'localhost']
#指定controller节点
OPENSTACK_HOST = "controller"
#设置时区
TIME_ZONE = "Asia/Shanghai"
启动服务
[root@controller ~]# service memcached start
Starting memcached: [ OK ]
[root@controller ~]# service httpd start
Starting httpd: [ OK ]
[root@controller ~]# chkconfig memcached on
[root@controller ~]# chkconfig httpd on
测试
查看网络拓扑
未完待续!还有2个章节,请期待
OpenStack Icehouse私有云实战部署(五)
OpenStack Icehouse私有云实战部署(六)
腾讯云开发者
