OpenStackrocky版安裝步驟參考官網(wǎng)步驟

1、OpenStackrocky 版安裝步驟，參考官步驟Centos建議最低配置：控制節(jié)點：1個處理器，4 GB內(nèi)存和5 GB存儲計算節(jié)點：1個處理器，2 GB內(nèi)存和10 GB存儲，環(huán)境準(zhǔn)備：以下區(qū)分?jǐn)?shù)據(jù)庫密碼和openstack戶密碼，可替換密碼 描述RABBIT_PASS RabbitMQ戶openstack的密碼123456 數(shù)據(jù)庫root的密碼KEYSTONE_DBPASS keystone的數(shù)據(jù)庫密碼GLANCE_DBPASS glance的數(shù)據(jù)庫密碼NOVA_DBPASS nova的數(shù)據(jù)庫密碼PLACEMENT_DBPASS placement的數(shù)據(jù)庫密碼NEUTRON_DBPASS

2、neutron的數(shù)據(jù)庫密碼DASH_DBPASS DASH的數(shù)據(jù)庫密碼CINDER_DBPASS cinder的數(shù)據(jù)庫密碼ADMIN_PASS admin戶密碼myuser_PASS myuser戶密碼GLANCE_PASS glance戶的密碼NOVA_PASS nova戶的密碼PLACEMENT_PASS placement戶的密碼NEUTRON_PASS neutron戶的密碼METADATA_SECRET 元數(shù)據(jù)代理的密碼CINDER_PASS cinder戶的密碼1.1絡(luò)環(huán)境1.1.1控制節(jié)點配置第個接作為管理接：IP地址：1絡(luò)掩碼：默認(rèn)關(guān)：提供程序接使特殊配置，但未分配IP地址。將

3、第個接配置為提供程序接：替換INTERFACE_NAME為實際的接名稱。例如， eth1或ens224。vi /etc/sysconfig/network-scripts/ifcfg-INTERFACE_NAMEDEVICE=INTERFACE_NAMETYPE=EthernetONBOOT=“yes”BOOTPROTO=“none”將控制節(jié)點的主機(jī)名設(shè)置為controller。hostnamectlset-hostname controllervi /etc/hosts 件增加以下內(nèi)容：#controller1 controller#compute1 compute#block1 block

4、11.1.2計算節(jié)點配置第個接作為管理接：IP地址：1絡(luò)掩碼：默認(rèn)關(guān)：提供程序接使特殊配置，但未分配IP地址。將第個接配置為提供程序接：替換INTERFACE_NAME為實際的接名稱。例如， eth1vi /etc/sysconfig/network-scripts/ifcfg-INTERFACE_NAMETYPE=EthernetNAME=INTERFACE_NAMEDEVICE=INTERFACE_NAMEONBOOT=yesBOOTPROTO=noneIPADDR=1PREFIX=24GATEWAY=將計算節(jié)點的主機(jī)名設(shè)置為compute。 hostnamectl set-hostnam

5、e computevi /etc/hosts 件增加以下內(nèi)容：#controller1 controller#compute1 compute#block1 block1.1.3塊存儲節(jié)點（可選）如果要部署塊存儲服務(wù)，請配置個額外的存儲節(jié)點配置IP地址IP地址： 1絡(luò)掩碼:默認(rèn)關(guān)： 同上編輯/etc/hosts件1.2 NTP絡(luò)時間協(xié)議1.2.1控制節(jié)點安裝chrony服務(wù)yum -y install chrony編輯修改配置件，替換NTP_SERVER為合適的更準(zhǔn)確NTP服務(wù)器的主機(jī)名或IP地址（）（）vi /etc/chrony.confserver NTP_SERVER iburstal

6、low /24配置開機(jī)動運(yùn)chrony，并重啟服務(wù)systemctl enable chronyd.servicesystemctl start chronyd.service1.2.2其他節(jié)點yum -y install chrony修改配置件vi /etc/chronyserver controller iburst注釋掉pooloffline iburst配置開機(jī)動運(yùn)chrony，并重啟服務(wù)systemctl enable chronyd.servicesystemctl start chronyd.service1.2.3驗證在控制節(jié)點上運(yùn)此命令：chronyc sources210

7、Number of sources = 1MS Name/IP address Stratum Poll Reach LastRx Last sample* 2 6 177 46 +17us -23us +/- 68ms在所有其他節(jié)點上運(yùn)相同的命令：chronyc sources210 Number of sources = 1MS Name/IP address Stratum Poll Reach LastRx Last sample* controller 3 9 377 421 +15us -87us +/- 15msCentOS extras默認(rèn)包含存儲庫，因此只需安裝軟件包即可啟O

8、penStack存儲庫yum -y install centos-release-openstack-rocky升級所有節(jié)點上的包：yum -y upgrade安裝OpenStack客戶端：yum -y install python-openstackclientCentOS SELinux。安裝openstack-selinuxOpenStackselinuxfirewalld）yum -y install openstack-selinux筆者這沒有安裝openstack-selinux，直接關(guān)閉了所有節(jié)點的selinux和firewalld#systemctl disable firew

9、alldvim /etc/sysconfig/selinuxeSELINUX=disabled建議重啟所有節(jié)點以適以上配置#reboot1.4安裝SQL數(shù)據(jù)庫（控制節(jié)點）yum -y install mariadb mariadb-server python2-PyMySQL創(chuàng)建和編輯/etc/f.d/f （這個件本不存在）vi /etc/f.d/fmysqldbind-address = 1 (控制節(jié)點ip)default-storage-engine = innodbinnodb_file_per_table = onmax_connections = 4096collation-serv

10、er = utf8_general_cicharacter-set-server = utf8啟動數(shù)據(jù)庫服務(wù)并配置開機(jī)啟動systemctl enable mariadb.servicesystemctl start mariadb.service運(yùn)mysql_secure_installation 腳本來保護(hù)數(shù)據(jù)庫服務(wù)mysql_secure_installation也可以輸以下命令動配置數(shù)據(jù)庫密碼為123456echo -e “nYn123456n123456nYnnnYnYn” | mysql_secure_installation1.5消息隊列（控制節(jié)點）yum -y install

11、rabbitmq-server啟動消息隊列服務(wù)并將其配置為開機(jī)啟動：systemctl enable rabbitmq-server.servicesystemctl start rabbitmq-server.service1.6 memcached 緩存yum -y install memcached python-memcached修改配置件（更改現(xiàn)有 OPTIONS=-l ,:1）vi /etc/sysconfig/memcachedOPTIONS=-l ,:1,controller啟動Memcached服務(wù)并將其配置為開機(jī)啟動：systemctl enable memcached.s

12、ervicesystemctl start memcached.service，安裝openstack服務(wù)1，keystone 認(rèn)證服務(wù)（控制節(jié)點）1.1在安裝和配置keystone之前，必須先創(chuàng)建keystone數(shù)據(jù)庫mysql-u root -pMariaDB (none) CREATE DATABASE keystone;對keystone數(shù)據(jù)庫配置的適當(dāng)訪問權(quán)限（替換KEYSTONE_DBPASS為合適的密碼）MariaDB (none) GRANT ALL PRIVILEGES ON keystone.* TO keystonelocalhost IDENTIFIED BYKEYST

13、ONE_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON keystone.* TO keystone% IDENTIFIED BYKEYSTONE_DBPASS;退出數(shù)據(jù)庫訪問客戶端exit安裝軟件包yum -y install openstack-keystone httpd mod_wsgi修改keystone配置件（替換KEYSTONE_DBPASS為合適的密碼）vi /etc/keystone/keystone.confdatabaseconnection = mysql+pymysql:/keystone:KEYSTONE_DBPASSco

14、ntroller/keystone#注釋掉或刪除connection該database部分中的任何其他選項tokenprovider = fernet填充數(shù)據(jù)庫：su -s /bin/sh -c “keystone-manage db_sync” keystone建議進(jìn)keystone數(shù)據(jù)庫查看是否成功成表初始化Fernet密鑰存儲庫：keystone-manage fernet_setup -keystone-user keystone -keystone-group keystonekeystone-manage credential_setup -keystone-user keysto

15、ne -keystone-group keystone1.2配置Apache HTTP服務(wù)器（控制節(jié)點）vi /etc/httpd/conf/httpd.confServerName controller:80創(chuàng)建/usr/share/keystone/wsgi-keystone.conf件的鏈接：ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/啟動Apache HTTP服務(wù)并將其配置為開機(jī)啟動：systemctl enable httpd.servicesystemctl start httpd.service1.

16、3創(chuàng)建openstack域，項，（控制節(jié)點）（雖然之前引導(dǎo)時keystone-manage bootstrap步驟中已存在“默認(rèn)”域，但創(chuàng)建新域的正式法是）（#openstack domain create -description “An Example Domain” example ）創(chuàng)建service 項：openstack project create -domain default -description “Service Project” service-+| Field | Value |-+| description | Service Project | domain_i

17、d | default | enabled | True | id | 24ac7f19cd944f4cba1d77469b2a73ed | is_domain | False | name | service | parent_id | default | tags | |-+建議：常規(guī)（管理員）任務(wù)應(yīng)該使特權(quán)項和戶。例如以下創(chuàng)建myproject項和myuser戶。創(chuàng)建myproject項：（在為此項創(chuàng)建其他戶時，請勿重復(fù)此步驟。）openstack project create -domain default -description “Demo Project” myproject-+

18、| Field | Value |-+| description | Demo Project | domain_id | default | enabled | True | id | 231ad6e7ebba47d6a1e57e1cc07ae446 | is_domain | False | name | myproject | parent_id | default | tags | |-+創(chuàng)建myuser戶：（myuser_PASS，密碼可設(shè)置）openstack user create -domain default -password-prompt myuserUser Passw

19、ord:Repeat User Password:-+| Field | Value |-+| domain_id | default | enabled | True | id | aeda23aa78f44e859900e22c24817832 | name | myuser | options | | password_expires_at | None |-+創(chuàng)建myrole：openstack role create myrole-+| Field | Value |-+| domain_id | None | id | 997ce8d05fc143ac97d83fdfb599855

20、2 | name | myrole |-+將戶myuser以myrole的添加到myproject項openstack role add -project myproject -user myuser myrole1.4驗證取消設(shè)置的變量OS_AUTH_URL和OS_PASSWORD：unset OS_AUTH_URL OS_PASSWORDPassword:-+| Field | Value |-+| expires | 2016-02-12T20:14:07.056119Z | id | gAAAAABWvi7_B8kKQD9wdXac8MoZiQldmjEO643d-e_j-XXq9Am

21、IegIbA7UHGPv | | atnN21qtOMjCFWX7BReJEQnVOAj3nclRQgAYRsfSU_MrsuWb4EDtnjU7HEpoBb4 | | o6ozsA_NmFWEpLeKy0uNn_WeKbAhYygrsmQGA49dclHVnz-OMVLiyM9ws | project_id | 343d245e850143a096806dfaefa9afdc | user_id | ac3377633149401296f6c0d92d79dc16 |-+作為myuser戶，請求份驗證令牌：（密碼設(shè)置myuser_PASS）請求份驗證令牌：openstack token is

22、sue-+| Field | Value |-+| expires | 2016-02-12T20:44:35.659723Z | id | gAAAAABWvjYj-Zjfg8WXFaQnUd1DMYTBVrKw4h3fIagi5NoEmh21U72SrRv2trl| | JWFYhLi2_uPR31Igf6A8mH2Rw9kv_bxNo1jbLNPLGzW_u5FC7InFqx0yYtTwa1e | | eq2b0f6-18KZyQhs7F3teAta143kJEWuNEYET-y7u29y0be1_64KYkM7E | project_id | 343d245e850143a096806

23、dfaefa9afdc | user_id | ac3377633149401296f6c0d92d79dc16 |-+2.安裝glance鏡像服務(wù)2.1安裝和配置映像服務(wù)之前，必須創(chuàng)建數(shù)據(jù)庫mysql-u root -pMariaDB (none) CREATE DATABASE glance;對glance數(shù)據(jù)庫配置的適當(dāng)訪問權(quán)限 （替換GLANCE_DBPASS為合適的密碼）MariaDB (none) GRANT ALL PRIVILEGES ON glance.* TO glancelocalhost IDENTIFIED BY GLANCE_DBPASS;MariaDB (none

24、) GRANT ALL PRIVILEGES ON glance.* TO glance% IDENTIFIED BY GLANCE_DBPASS;退出數(shù)據(jù)庫訪問客戶端exit2.2創(chuàng)建glance戶：（戶密碼GLANCE_PASS）openstack user create -domain default -password-prompt glanceUser Password:Repeat User Password:-+| Field | Value |-+| domain_id | default | enabled | True | id | 3f4e777c4062483ab8d9

25、edd7dff829df | name | glance | options | | password_expires_at | None |-+將glance戶以admin的添加到service項openstack role add -project service -user glance admin創(chuàng)建glance服務(wù)實體：openstack service create -name glance -description “OpenStack Image” image-+| Field | Value |-+| description | OpenStack Image | enabl

26、ed | True | id | 8c2c7f1b9b5049ea9e63757b5533e6d2 | name | glance | type | image |-+2.3安裝和修改配置件yum -y install openstack-glance修改api配置件（注意GLANCE_DBPASS和GLANCE_PASS的區(qū)別）vi /etc/glance/glance-api.confdatabaseconnection = mysql+pymysql:/glance:GLANCE_DBPASScontroller/glancepaste_deployflavor = keystonegl

27、ance_storestores = file,httpdefault_store = filefilesystem_store_datadir = /var/lib/glance/images/修改registry配置（在openstack S版被移除，注意GLANCE_DBPASS和GLANCE_PASS的區(qū)別）vi /etc/glance/glance-registry.confdatabaseconnection = mysql+pymysql:/glance:GLANCE_DBPASScontroller/glancepaste_deployflavor = keystone填充gl

28、ance數(shù)據(jù)庫（忽略此輸出中的任何提將被棄的消息）su -s /bin/sh -c “glance-manage db_sync” glance建議進(jìn)glance數(shù)據(jù)庫查看是否成功成表啟動glance服務(wù)并將其配置為開機(jī)啟動systemctl enable openstack-glance-api.service openstack-glance-registry.servicesystemctl start openstack-glance-api.service openstack-glance-registry.service3.安裝nova計算服務(wù)3.1在安裝和配置nova服務(wù)之前，必

29、須創(chuàng)建數(shù)據(jù)庫mysql-u root -p創(chuàng)建nova_api，nova，nova_cell0，和placement數(shù)據(jù)庫：MariaDB (none) CREATE DATABASE nova_api;MariaDB (none) CREATE DATABASE nova;MariaDB (none) CREATE DATABASE nova_cell0;MariaDB (none) CREATE DATABASE placement;對數(shù)據(jù)庫配置的適當(dāng)訪問權(quán)限（注意此處為NOVA_DBPASS和PLACEMENT_DBPASS，可以設(shè)置）MariaDB (none) GRANT ALL P

30、RIVILEGES ON nova_api.* TO novalocalhost IDENTIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON nova_api.* TO nova% IDENTIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON nova.* TO novalocalhost IDENTIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON nova.* TO nova% IDEN

31、TIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON nova_cell0.* TO novalocalhost IDENTIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON nova_cell0.* TO nova% IDENTIFIED BY NOVA_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON placement.* TO placementlocalhost IDENTIFIED BYPLACEMENT_

32、DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON placement.* TO placement% IDENTIFIED BYPLACEMENT_DBPASS;退出數(shù)據(jù)庫訪問客戶端。exit3.2創(chuàng)建nova服務(wù)，控制節(jié)點配置設(shè)置環(huán)境變量. admin-openrc創(chuàng)建nova戶：（NOVA_PASS，可設(shè)置）openstack user create -domain default -password-prompt novaUser Password:Repeat User Password:-+| Field | Value |-+| domai

33、n_id | default | enabled | True | id | 8a7dbf5279404537b1c7b86c033620fe | name | nova | options | | password_expires_at | None |-+將nova戶以admin的添加到service項openstack role add -project service -user nova admin創(chuàng)建nova服務(wù)實體：openstack service create -name nova -description “OpenStack Compute” compute-+| Fie

34、ld | Value |-+| description | OpenStack Compute | enabled | True | id | 060d59eac51b4594815603d75a00aba2 | name | nova | type | compute |-+創(chuàng)建Placement戶（PLACEMENT_PASS）openstack user create -domain default -password-prompt placementUser Password:Repeat User Password:-+| Field | Value |-+| domain_id |

35、 default | enabled | True | id | fa742015a6494a949f67629884fc7ec8 | name | placement | options | | password_expires_at | None |-+將Placement戶以admin的添加到service項openstack role add -project service -user placement admin在服務(wù)錄中創(chuàng)建Placement API：openstack service create -name placement -description “Placement

36、 API” placement-+| Field | Value |-+| description | Placement API| enabled | True | id | 2d1a27022e6e4185b86adac4444c495f | name | placement | type | placement |-+3.3 控制節(jié)點安裝nova并修改配置件3.3.1安裝yum -y install openstack-nova-api openstack-nova-conductor openstack-nova-console openstack-nova-novncproxyope

37、nstack-nova-scheduler openstack-nova-placement-api3.3.2編輯/etc/nova/nova.conf （注意NOVA_DBPASS，PLACEMENT_DBPASS和NOVA_PASS，PLACEMENT_PASS的區(qū)別）vi /etc/nova/nova.confDEFAULTenabled_apis = osapi_compute,metadata #僅啟計算和元數(shù)據(jù)APItransport_url = rabbit:/openstack:RABBIT_PASScontroller #RabbitMQ消息隊列訪問my_ip = 1 #控制

38、節(jié)點的管理接IP地址use_neutron = true #啟對絡(luò)服務(wù)的持firewall_driver = nova.virt.firewall.NoopFirewallDriver #使nova防墻驅(qū)動程序禁Compute防墻驅(qū)動 程序api_databaseconnection = mysql+pymysql:/nova:NOVA_DBPASScontroller/nova_apidatabaseconnection = mysql+pymysql:/nova:NOVA_DBPASScontroller/novaplacement_databaseconnection = mysql+p

39、ymysql:/placement:PLACEMENT_DBPASScontroller/placementapiauth_strategy = keystonevncenabled = trueserver_listen = $my_ipserver_proxyclient_address = $my_iposlo_concurrencylock_path = /var/lib/nova/tmp3.3.3在配置件中添加以下內(nèi)容以啟對Placement API的訪問vi /etc/httpd/conf.d/00-nova-placement-api.conf重啟httpd服務(wù)systemctl

40、 restart httpd3.3.4填充數(shù)據(jù)庫：su -s /bin/sh -c “nova-manage api_db sync” novasu -s /bin/sh -c “nova-manage cell_v2 map_cell0” novasu -s /bin/sh -c “nova-manage cell_v2 create_cell -name=cell1 -verbose” novasu -s /bin/sh -c “nova-manage db sync” nova驗證nova cell0和cell1是否正確注冊：su -s /bin/sh -c “nova-manage c

41、ell_v2 list_cells” nova-+| Name | UUID | Transport URL | Database Connection | Disabled |-+| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql:/nova:controller/nova_cell0 | False | cell1 | 40aa6629-45c3-4b2d-953a-3e627733380e | rabbit:/openstack:controller |mysql+pymysql:/nova:*c

42、ontroller/nova | False |-+3.3.5重啟并使服務(wù)開機(jī)運(yùn)systemctl enable openstack-nova-api.service openstack-nova-consoleauth openstack-nova-scheduler.service openstack-nova-conductor.service openstack-nova-novncproxy.servicesystemctl start openstack-nova-api.service openstack-nova-consoleauth openstack-nova-sched

43、uler.service openstack-nova-conductor.service openstack-nova-novncproxy.service3.4配置計算節(jié)點3.4.1安裝yum -y install openstack-nova-compute3.4.2 修改配置件vi /etc/nova/nova.confDEFAULTenabled_apis = osapi_compute,metadatatransport_url = rabbit:/openstack:RABBIT_PASScontrollermy_ip = 1 #計算節(jié)點上管理絡(luò)接的IP地址use_neutron

44、 = truefirewall_driver = nova.virt.firewall.NoopFirewallDriverapiauth_strategy = keystoneoslo_concurrencylock_path = /var/lib/nova/tmp確定計算節(jié)點是否持硬件加速，如果輸出結(jié)果為0，則不持，需要修改nova配置件egrep -c (vmx|svm) /proc/cpuinfo0vi /etc/nova/nova.conflibvirtvirt_type = qemu3.4.3啟動nova-compute服務(wù)及其依賴，并將它們配置為開機(jī)動啟動：#systemctl

45、enable libvirtd.service openstack-nova-compute.service#systemctl start libvirtd.service openstack-nova-compute.service3.5將計算節(jié)點添加到單元數(shù)據(jù)庫在控制節(jié)點上運(yùn)以下命令. admin-openrc確認(rèn)數(shù)據(jù)庫中是否存在計算主機(jī)：openstack compute service list -service nova-compute-+| ID | Binary | Host | Zone | Status | State | Updated At |-+| 10 | nova

46、-compute | compute | nova | enabled | up | 2019-04-25T07:42:12.000000 |-+發(fā)現(xiàn)計算節(jié)點su -s /bin/sh -c “nova-manage cell_v2 discover_hosts -verbose” novaFound 2 cell mappings.Skipping cell0 since it does not contain hosts.Getting computes from cell cell1: 40aa6629-45c3-4b2d-953a-3e627733380eChecking host m

47、apping for compute host localhost.localdomain: 8cca78f7-7a00-4594-95af-d8835b7aceafCreating host mapping for compute host localhost.localdomain: 8cca78f7-7a00-4594-95af-d8835b7aceafFound 1 unmapped computes in cell: 40aa6629-45c3-4b2d-953a-3e627733380e注意項：discover_hosts_in_cells_interval = 3004.絡(luò)服務(wù)管

48、理段為/24，關(guān) （管理絡(luò)）provider（注意名稱）段為在/24，關(guān) （物理絡(luò)）4.1配置控制節(jié)點4.1.1在安裝和配置nova服務(wù)之前，必須創(chuàng)建數(shù)據(jù)庫mysql-u root -pMariaDB (none) CREATE DATABASE neutron;對數(shù)據(jù)庫neutron賦予適當(dāng)訪問權(quán)限MariaDB (none) GRANT ALL PRIVILEGES ON neutron.* TO neutronlocalhost IDENTIFIED BYNEUTRON_DBPASS;MariaDB (none) GRANT ALL PRIVILEGES ON neutron.* TO

49、neutron% IDENTIFIED BY NEUTRON_DBPASS;退出數(shù)據(jù)庫訪問客戶端exit4.1.2 創(chuàng)建戶，服務(wù)實體和api端點. admin-openrc創(chuàng)建neutron戶： （NEUTRON_PASS）openstack user create -domain default -password-prompt neutronUser Password:Repeat User Password:-+| Field | Value |-+| domain_id | default | enabled | True | id | f2ba17f839c44f32ad4d12cb

50、42d92368 | name | neutron | options | | password_expires_at | None |-+將戶neutron以admin的添加到service項openstack role add -project service -user neutron admin創(chuàng)建neutron服務(wù)實體：openstack service create -name neutron -description “OpenStack Networking” network-+| Field | Value |-+| description | OpenStack Netwo

51、rking | enabled | True | id | 4b31d3a4bd1945f6b250e066f65d9d3f | name | neutron | type | network |-+創(chuàng)建絡(luò)服務(wù)API端點：4.1.3配置絡(luò)選項安裝組件yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables配置服務(wù)組件vi /etc/neutron/neutron.confdatabaseconnection = mysql+pymysql:/neutron:NEUT

52、RON_DBPASScontroller/neutron#注釋掉或刪除connection該database部分中的任何其他選項DEFAULTcore_plugin = ml2 #啟模塊化層（ML2）插件service_plugins = router #路由器服務(wù)allow_overlapping_ips = True #允許重疊的IP地址transport_url = rabbit:/openstack:RABBIT_PASScontrollerauth_strategy = keystonenotify_nova_on_port_status_changes = true #通知計算節(jié)點

53、絡(luò)狀態(tài)的更改notify_nova_on_port_data_changes = trueoslo_concurrencylock_path = /var/lib/neutron/tmp配置模塊化層（ML2）插件vi /etc/neutron/plugins/ml2/ml2_conf.iniml2type_drivers = flat,vlan,vxlan #啟flat，VLAN和VXLAN絡(luò)tenant_network_types = vxlanmechanism_drivers = linuxbridge,l2population #啟Linux橋和層填充機(jī)制extension_drive

54、rs = port_security #啟端安全性擴(kuò)展驅(qū)動程序ml2_type_flatflat_networks = provider #注意此處配置為provider，建外部絡(luò)時，名稱應(yīng)為providerml2_type_vxlanvni_ranges = 1:1000 #配置VXLAN絡(luò)標(biāo)識符范圍securitygroupenable_ipset = true #啟ipset以提安全組規(guī)則的效率配置Linux橋代理vi /etc/neutron/plugins/ml2/linuxbridge_agent.inilinux_bridgephysical_interface_mappings

55、 = provider:PROVIDER_INTERFACE_NAME#注意provider的名稱統(tǒng)，PROVIDER_INTERFACE_NAME為控制節(jié)點物理絡(luò)的接地址，私有絡(luò)的卡ipvxlanenable_vxlan = truelocal_ip = OVERLAY_INTERFACE_IP_ADDRESS #替換OVERLAY_INTERFACE_IP_ADDRESS為控制節(jié)點的管理IP地址，也可以理解為能與外部通信的ip，1l2_population = truesecuritygroupenable_security_group = truefirewall_driver = ne

56、utron.agent.linux.iptables_firewall.IptablesFirewallDriver配置第3層代理vi /etc/neutron/l3_agent.iniDEFAULTinterface_driver = linuxbridge配置DHCP代理vi /etc/neutron/dhcp_agent.iniDEFAULTinterface_driver = linuxbridgedhcp_driver = neutron.agent.linux.dhcp.Dnsmasqenable_isolated_metadata = true配置元數(shù)據(jù)代理vi /etc/neu

57、tron/metadata_agent.iniDEFAULTnova_metadata_host = controllermetadata_proxy_shared_secret = METADATA_SECRET絡(luò)服務(wù)初始化腳本需要個/etc/neutron/plugin.ini指向ML2插件配置件的鏈接 /etc/neutron/plugins/ml2/ml2_conf.ini。如果此鏈接不存在，請創(chuàng)建它：ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini填充數(shù)據(jù)庫：su -s /bin/sh -c “ne

58、utron-db-manage -config-file /etc/neutron/neutron.conf -config-file/etc/neutron/plugins/ml2/ml2_conf.ini upgrade head” neutron重新啟動nova-api服務(wù)：systemctl restart openstack-nova-api.service啟動絡(luò)服務(wù)并將其配置為開機(jī)啟動systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service

59、 neutron-metadata-agent.servicesystemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service啟并開機(jī)啟動3層服務(wù)systemctl enable neutron-l3-agent.servicesystemctl start neutron-l3-agent.service4.2配置計算節(jié)點4.2.1 安裝yum -y install openstack-neutro

60、n-linuxbridge ebtables ipset4.2.2 修改配置件vi /etc/neutron/neutron.conf#database部分中，注釋掉任何connection選項，因為計算節(jié)點不直接訪問數(shù)據(jù)庫。DEFAULTtransport_url = rabbit:/openstack:RABBIT_PASScontrolleroslo_concurrencylock_path = /var/lib/neutron/tmp配置linuxbridge_agentvi /etc/neutron/plugins/ml2/linuxbridge_agent.inilinux_bri