OpenStack集群部署—Neutron计算节点

# 在全部计算节点安装neutro-linuxbridge服务，以compute01节点为例
[root@compute01 ~]# yum install openstack-neutron-linuxbridge ebtables ipset -y

# 在全部计算节点操作，以computer01节点为例；
# 注意”bind_host”参数，根据节点修改；
# 注意neutron.conf文件的权限：root:neutron
[root@compute01 ~]# cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
[root@compute01 ~]# egrep -v "^$|^#" /etc/neutron/neutron.conf
[DEFAULT]
state_path = /var/lib/neutron
bind_host = 本机ip地址
auth_strategy = keystone
# 前端采用haproxy时，服务连接rabbitmq会出现连接超时重连的情况，可通过各服务与rabbitmq的日志查看；
# transport_url = rabbit://openstack:rabbitmq_pass@controller:5673
# rabbitmq本身具备集群机制，官方文档建议直接连接rabbitmq集群；但采用此方式时服务启动有时会报错，原因不明；如果没有此现象，强烈建议连接rabbitmq直接对接集群而非通过前端haproxy
transport_url=rabbit://openstack:rabbitmq_pass@controller01:5672,controller02:5672
[agent]
[cors]
[database]
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller01:11211,controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron_pass
[matchmaker_redis]
[nova]
[oslo_concurrency]
lock_path = $state_path/lock
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl]

# 在全部计算节点操作，以compute01节点为例；
# linuxbridge_agent.ini文件的权限：root:neutron
[root@compute01 ~]# cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak 

[root@compute01 ~]# egrep -v "^$|^#" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
##修改下面的几个配置
[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME
[vxlan]
enable_vxlan = false
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# bridge：是否允许桥接；
# 如果“sysctl -p”加载不成功，报” No such file or directory”错误，需要加载内核模块“br_netfilter”；
# 命令“modinfo br_netfilter”查看内核模块信息；
# 命令“modprobe br_netfilter”加载内核模块
[root@compute01 ~]# echo "# bridge" >> /etc/sysctl.conf
[root@compute01 ~]# echo "net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
[root@compute01 ~]# echo "net.bridge.bridge-nf-call-ip6tables = 1" >> /etc/sysctl.conf
[root@compute01 ~]# sysctl -p

# 在全部计算节点操作，以compute01节点为例；
# 配置只涉及nova.conf的”[neutron]”字段
[root@compute ~]# vim /etc/nova/nova.conf
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

# nova.conf文件已变更，首先需要重启全部计算节点的nova服务
[root@compute01 ~]# systemctl restart openstack-nova-compute.service

# 开机启动
[root@compute01 ~]# systemctl enable neutron-linuxbridge-agent.service

# 启动
[root@compute01 ~]# systemctl restart neutron-linuxbridge-agent.service

# 任意控制节点（或具备客户端的节点）操作
[root@controller01 ~]# . admin-openrc

# 查看neutron相关的agent;
# 或：openstack network agent list --agent-type linux-bridge
[root@controller01 ~]# openstack network agent list