This is the 11th day of my participation in the Gwen Challenge in November. Check out the details: The last Gwen Challenge in 2021

The network service of the controller node is Neutron

Fusionsphere OpenStack Victoria Offline Installation and Deployment guide fusionsphere OpenStack Ussuri Offline installation and deployment Guide fusionsphere OpenStack Train Offline installation and deployment Guide fusionsphere OpenStack Train Offline installation and deployment Guide

Official reference link:

OpenStack installation guide: Install OpenStack Services

OpenStack Ussuri Installation Guides

Networking service Installation Guide

CSDN links:

9 Openstack- USSURi-Neutron Controller/Compute Node cluster deployment -centos8

7.1 Controller Node n/A Neutron network service component

1. Create neutron databases, service credentials, and API endpoints

1. Create the Neutron database and grant proper access rights

mysql -uroot -proot
Copy the code

CREATE DATABASE neutron;
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@The '%' IDENTIFIED BY 'neutron';
exit
Copy the code

2. Create the Neutron service credentials

(1) Create user neutron on keystone

cd
source admin-openrc.sh
openstack user create --domain default --password=neutron neutron
Copy the code

# or

cd
source admin-openrc.sh
openstack user create --domain default --password-prompt neutron
Copy the code

openstack user list
Copy the code

[root@controller ~]# cd
[root@controller ~]# source admin-openrc.sh
[root@controller ~]# openstack user create --domain default --password=neutron neutron
+---------------------+----------------------------------+
| Field               | Value                            |
+---------------------+----------------------------------+
| domain_id           | default                          |
| enabled             | True                             |
| id                  | ee4b390789184b1ea077d0d4f16b643f |
| name                | neutron                          |
| options             | {}                               |
| password_expires_at | None                             |
+---------------------+----------------------------------+
[root@controller ~]# openstack user list
+----------------------------------+-----------+
| ID                               | Name      |
+----------------------------------+-----------+
| 9e981db62a8c42368ab6b9d31f674534 | admin     |
| 61440f3ee54b407e86e16fdbd33ae3bc | glance    |
| 32e1de50af4d476a97475ac0e19f6591 | placement |
| c1cc3224eb5b4d2786ade306f569a354 | nova      |
| ee4b390789184b1ea077d0d4f16b643f | neutron   |
+----------------------------------+-----------+
[root@controller ~]#
Copy the code

(2) Grant neutron to the admin role and add it to the service project

openstack role add --project service --user neutron admin
Copy the code

(3) Create the Neutron service entity

openstack service create --name neutron --description "OpenStack Networking" network
openstack service list
Copy the code

[root@controller ~]# openstack role add --project service --user neutron admin
[root@controller ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | 0ec0d311f93b4d8e9db2292c2cfe3fcd |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+
[root@controller ~]# openstack service list
+----------------------------------+-----------+-----------+
| ID                               | Name      | Type      |
+----------------------------------+-----------+-----------+
| 0dc21bff96fa471aab0593c15c773a77 | keystone  | identity  |
| 0ec0d311f93b4d8e9db2292c2cfe3fcd | neutron   | network   |
| 9c487f96b6cf4770b765ae827a24ecf3 | nova      | compute   |
| e8f22c3df5154b0998d6a1a166c42344 | placement | placement |
| ecf843c619af4475b491ca85ec5873c3 | glance    | image     |
+----------------------------------+-----------+-----------+
[root@controller ~]#
Copy the code

3. Create an API endpoint for the Neutron service.

openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
openstack endpoint list

Copy the code

[root@controller ~]# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 785e5d53244348e78c6a5347ba5ffa9c |
| interface    | public                           |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 0ec0d311f93b4d8e9db2292c2cfe3fcd |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://controller:9696           |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| enabled      | True                             |
| id           | 3c746e2a3e054ef59daf86987b7eecab |
| interface    | internal                         |
| region       | RegionOne                        |
| region_id    | RegionOne                        |
| service_id   | 0ec0d311f93b4d8e9db2292c2cfe3fcd |
| service_name | neutron                          |
| service_type | network                          |
| url          | http://controller:9696           |
+--------------+----------------------------------+
[root@controller ~]# openstack endpoint create --region RegionOne network admin http://controller:9696+--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | e103384ffb52449ab9d7d751c8eb9f29 | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 0ec0d311f93b4d8e9db2292c2cfe3fcd | |  service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [root@controller ~]# openstack endpoint list+----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------- ---------+ | ID | Region | Service Name | Service Type | Enabled | Interface | URL | +----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------- ---------+ | 0185dcdefe5742dd91c94b411c3ae972 | RegionOne | glance | image | True | public | http://controller:9292 | | 26 ebb984fe214376960e2d6af1d0f7db | RegionOne | nova | compute | True | internal | http://controller:8774/v2.1 | | 2aea6c495e9c4ddc829ec19c35ae95a4 | RegionOne | placement | placement | True | internal | http://controller:8778 | | 3c746e2a3e054ef59daf86987b7eecab | RegionOne | neutron | network | True | internal | http://controller:9696 | | 45f532c92b8e43e58489d7244762074d | RegionOne | keystone | identity | True | public | http://controller:5000/v3/ | | 49 be584717ff4c91a47a10ad8608ee88 | RegionOne | nova | compute | True | admin | http://controller:8774/v2.1 | | 74b4810114d241d593b0c351f119ac44 | RegionOne | glance | image | True | admin | http://controller:9292 | | 785e5d53244348e78c6a5347ba5ffa9c | RegionOne | neutron | network | True | public | http://controller:9696 | | 7db879e2ab674124b1c256c740f32e11 | RegionOne | placement | placement | True | public | http://controller:8778 | | a5a629b20cb347c3a98b0f991cd6765b | RegionOne | keystone | identity | True | internal | http://controller:5000/v3/ | | A681d225ff184188a735d9168d43368a | RegionOne | nova | compute | True | public | http://controller:8774/v2.1 | | ae9a8c8f28b14b238aca197d8f924e92 | RegionOne | glance | image | True | internal | http://controller:9292 | | bea67b53815943358b49f88d11b847ad | RegionOne | keystone | identity | True | admin | http://controller:5000/v3/ | | c253bf39039146f4acdedcadabb43413 | RegionOne | placement | placement | True | admin | http://controller:8778 | | e103384ffb52449ab9d7d751c8eb9f29 | RegionOne | neutron | network | True | admin | http://controller:9696 | +----------------------------------+-----------+--------------+--------------+---------+-----------+-------------------- ---------+ [root@controller ~]#
Copy the code

2. Neutron software Installation and configuration

You can now plan your network name

Provider Network name provider Networks name: Provider network subnet1 Name: Provider networks subnet2 Name Provider Networks subnet2 name:

Self-service network name: self-service network subnet1 name self-service network subnet1 name: Self-service private network subnet2 name self-service networks subnet2 name:

Router name:

1. Install neutron software

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
Copy the code

2. Configure network option 1: Provider Networks

environment-networking-rdo

controller-install-option1-rdo

(1) Configure the Neutron component

/ etc/neutron neutron. Conf web services components configuration including the database, the authentication mechanism, message queues, topology change notification and plug-ins.

Backing up neutron Configuration

cd 
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
egrep -v "^$|^#" /etc/neutron/neutron.conf.bak >/etc/neutron/neutron.conf
Copy the code

To configure the Neutron configuration file, add the following fields

vim /etc/neutron/neutron.conf
Copy the code

[DEFAULT] core_plugin= ml2 service_plugins transport_url = rabbit://openstack:openstack@controller auth_strategy = keystone notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True [cors] [database] connection = mysql+pymysql://neutron:neutron@controller/neutron [keystone_authtoken] www_authenticate_uri = http://controller:5000 auth_url = http://controller:5000 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = neutron [neutron] [nova] auth_url = http://controller:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = nova [oslo_concurrency] lock_path = /var/lib/neutron/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit]  [oslo_middleware] [oslo_policy] [privsep] [ssl]Copy the code

egrep -v "^#|^$" /etc/neutron/neutron.conf
Copy the code

(2) Configure the modularity layer 2 (ML2) plug-in

/ etc/neutron/plugins/ml2 / ml2_conf ini ml2 plug-in using Linux bridge mechanism for instance layer 2 (bridge and exchange), a virtual network infrastructure.

cd 
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
egrep -v "^$|^#" /etc/neutron/plugins/ml2/ml2_conf.ini.bak >/etc/neutron/plugins/ml2/ml2_conf.ini

vim /etc/neutron/plugins/ml2/ml2_conf.ini
Copy the code

[DEFAULT]
[ml2]
type_drivers = flat,vlan
tenant_network_types = 
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[securitygroup]
enable_ipset = true
Copy the code

egrep -v "^#|^$" /etc/neutron/plugins/ml2/ml2_conf.ini
Copy the code

(3) Configure the Linux bridge agent

/ etc/neutron/plugins/ml2 / linuxbridge_agent ini Linux bridge agent for instance build layer 2 (bridge and exchange), virtual network infrastructure and deal with the security group.

cd cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak egrep -v "^$|^#"  /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak >/etc/neutron/plugins/ml2/linuxbridge_agent.ini vim /etc/neutron/plugins/ml2/linuxbridge_agent.iniCopy the code

[DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:ens34

[vxlan]
enable_vxlan = False

[securitygroup]
enable_security_group = True 
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
Copy the code

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
Copy the code

Load the br_netfilter kernel module. To enable network bridge support, normally the BR_netfilter kernel module needs to be loaded. See Centos7 network bridge kernel module configuration

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
Copy the code

(4) Configure the DHCP proxy

/etc/neutron/dhcp_agent.ini The DHCP agent provides DHCP services for virtual networks.

cd
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
egrep -v "^$|^#" /etc/neutron/dhcp_agent.ini.bak >/etc/neutron/dhcp_agent.ini
vim /etc/neutron/dhcp_agent.ini
Copy the code

[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True 
Copy the code

echo "Result of Configuration"
egrep -v # $| '(^ ^)' /etc/neutron/dhcp_agent.ini
Copy the code

After the installation is complete, proceed to the next step. Alternatively, return to the controller node and configure the /etc/neutron/metadata_agent.ini file. For details, see the link

Here we choose to enter the next step first, and: item 3 and 5, the two create network, the actual operation are adjusted, to the network configuration, the fifth step control node finally determine the installation of various services after startup.

4. Configure network option 2: Self-service networks

3. Create network option 1: Provider Networks

Configuration: docs.openstack.org/neutron/tra…

Create: docs.openstack.org/install-gui…

After the configuration is complete, you can log in to the Dashboard to create a network.

Launch an instance, official documentation of launch-instance-networks, blog: Launch an instance, Launch an instance

4. Configure network option 2: Self-service networks

Configuration: docs.openstack.org/neutron/tra… Create: docs.openstack.org/install-gui…

(1) Configure the Neutron component

The/etc/neutron neutron. Conf before creating the provider network has been configured, but self network also have specific configuration, the following logo from different places.

#add detail
openstack-config --set  /etc/neutron/neutron.conf DEFAULT service_plugins router
#add new
openstack-config --set  /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
Copy the code

(2) Configure the modularity layer 2 (ML2) plug-in

The/etc/neutron/plugins/ml2 / ml2_conf ini in the previously created when the provider network has been configured, but self network also have specific configuration, the following logo from different places.

[DEFAULT] [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = linuxbridge,l2population  extension_drivers = port_security [ml2_type_flat] flat_networks = provider [ml2_type_vxlan] vni_ranges = 1:1000 [securitygroup] enable_ipset = trueCopy the code

echo "Result of Configuration"
egrep -v "^#|^$" /etc/neutron/plugins/ml2/ml2_conf.ini
Copy the code

(3) Configure the Linux bridge agent

/ etc/neutron/plugins/ml2 / linuxbridge_agent ini Linux bridge agent for instance build layer 2 (bridge and exchange), virtual network infrastructure and deal with the security group. This has been configured before when creating the Provider network, but the Self network also has specific configurations, which are highlighted below.

[DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:ens34

[vxlan]
enable_vxlan = True
local_ip = 192.168.139.101
l2_population = true
[securitygroup]
enable_security_group = True 
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Copy the code

echo "Result of Configuration"
egrep -v # $| '(^ ^)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini
Copy the code

Load the br_netfilter kernel module. To enable network bridge support, normally the BR_netfilter kernel module needs to be loaded. See Centos7 network bridge kernel module configuration

echo net.bridge.bridge-nf-call-iptables = 1 >> /etc/sysctl.conf
echo net.bridge.bridge-nf-call-ip6tables = 1 >> /etc/sysctl.conf

cat /etc/sysctl.conf
sysctl -p
modprobe br_netfilter
ls /proc/sys/net/bridge
sysctl -p

sysctl net.bridge.bridge-nf-call-iptables
sysctl net.bridge.bridge-nf-call-ip6tables
Copy the code

(4) Configure layer 3 L3 agent

/etc/neutron/l3_agent.ini

cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
vim /etc/neutron/l3_agent.ini

---
[DEFAULT]
interface_driver = linuxbridge
---
Copy the code

(5) Configure the DHCP proxy

DHCP proxy provides DHCP services for virtual networks. /etc/neutron/dhcp_agent.ini Has been configured when you create the provider network. The configuration on the self network is the same as that on the provider network.

cd
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak

---
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
---

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/dhcp_agent.ini
Copy the code

5. Create network option 2: Self-service networks

Configuration: docs.openstack.org/neutron/tra… Create: docs.openstack.org/install-gui…

After the configuration is complete, you can log in to the Dashboard to create a network.

Configure the metadata proxy

Neutron-controller-install-rdo configure-the-metadata-agent /etc/neutron-metadata_agent. ini The metadata agent provides configuration information, such as instance credentials.

cp -a /etc/neutron/metadata_agent.ini{,.bak}

grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini


vim /etc/neutron/metadata_agent.ini

---
[DEFAULT]
nova_metadata_host = controller
metadata_proxy_shared_secret = neutron
---

echo "Result of Configuration"
egrep -v '(^$|^#)' /etc/neutron/metadata_agent.ini
Copy the code

Configure computing services for controller nodes to enable them to use network services

Configure the Compute Service to use the Networking service The controller node must install the Nova computing service to complete this step. /etc/nova/nova.conf

cd 
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak

---
[neutron]
#.
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
---

Copy the code

echo "Result of Configuration"
egrep -v # $| '(^ ^)' /etc/nova/nova.conf
Copy the code

Fifth, the control node is finally installed

1. Initialize the network plug-in

To create a soft connection for the network plug-in, the script plug-in to initialize the network will be used in /etc/neutron/plugin.ini, which needs to be provided by the ML2 plug-in

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
Copy the code

2. Populate the database

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
  --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
Copy the code

Finally, OK is printed.

3. Restart the Compute API service

systemctl restart openstack-nova-api.service
Copy the code

4. Enable the Neutron network service and enable startup

Neutron-server. service can be started successfully only after the database is populated.

systemctl start neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service
  
systemctl status neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service

systemctl enable neutron-server.service \
  neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
  neutron-metadata-agent.service

systemctl list-unit-files |grep neutron* |grep enabled

Copy the code

If option 2 is used when configuring network options (iv), layer 3 services should also be started again

systemctl start neutron-l3-agent.service
systemctl enable neutron-l3-agent.service
Copy the code

3. Create network option 1: Provider Networks

Configuration: docs.openstack.org/neutron/tra…

Create: docs.openstack.org/install-gui…

After the configuration is complete, you can log in to the Dashboard to create a network.

Launch an instance, official documentation of launch-instance-networks, blog: Launch an instance, Launch an instance

(1) Load environment variables

cd
source admin-openrc.sh
Copy the code

(2) Create a network: Provider

Create a virtual network named Providernet

openstack network create --share --external --provider-physical-network provider --provider-network-type flat providernet
#Check the network
openstack network list
Copy the code

Parameter Description:

Parameter Description: --share specifies that all projects can use the network, otherwise only the creator can use it. --external specifies the external network. --provider-physical-network provider specifies the provider of the physical network. In the following configuration file of Neutron, provider is a label. You can change it to another label, but the two values must be consistent. [ml2_type_flat] flat_networks = provider --provider-network-type flat Indicates that the created network type is flat, that is, the instance is connected to the network in the same network segment as the physical network, and no VLAN function is provided. Vm-network Indicates the network nameCopy the code

The older version of the command (which creates less stuff in this version) is available for reference

Neutron net-create --shared --provider: Physical_network [user-defined physical NIC name] --provider:network_type flat [created virtual network name] neutron net-create --shared --provider:physical_network provider --provider:network_type flat providernetCopy the code

(3) Check and confirm the network configuration

/etc/neutron/plugins/ml2/ml2_conf.ini

vim /etc/neutron/plugins/ml2/ml2_conf.ini
-----------------------------
[ml2_type_flat]
flat_networks = provider
-----------------------------
Copy the code

/etc/neutron/plugins/ml2/linuxbridge_agent.ini

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
-----------------------------
[linux_bridge]
physical_interface_mappings = provider:ens34
-----------------------------
Copy the code

(4) Create a subnet

Create the child network name providernet-subnet1 in the parent network providernet

Openstack subnet create --network providernet \ --allocation-pool start=192.168.2.220,end=192.168.2.230 \ --dns-nameserver 1.1.1.1 --gateway 192.168.2.1 \ --subnet-range 192.168.2.0/24 providernet-subnet1#Check the subnet
openstack subnet list
Copy the code

Parameter Description:

openstack subnet create --network provider \ --allocation-pool start=START_IP_ADDRESS,end=END_IP_ADDRESS \ --dns-nameserver DNS_RESOLVER --gateway PROVIDER_NETWORK_GATEWAY \ --subnet-range PROVIDER_NETWORK_CIDR provider --network Specifies the parent network --allocation-pool start=10.8.20.50,end=10.8.20.60 Specifies the start and end IP addresses of the subnet --dns-nameserver Specifies the DNS server --gateway --subnet-range Specifies the name of the vM-subnetwork subnetCopy the code

Multiple subnetworks can be created on the same parent network.

Openstack subnet create --network provider --no-dhcp --allocation-pool start=192.168.1.210,end=192.168.1.220 --dns-nameserver 4.4.4.4 --gateway 192.168.1.1 --subnet-range 192.168.1.0/24 provider-subnet01 openstack subnet create --network provider -- DHCP --subnet-range 192.168.2.0/24 provider-subnet02 openstack subnet listCopy the code

Into three. Launch an instance-create virtual networks. Into the first three

Or go ahead, step 4: Create network option two

5. Create network option 2: Self-service networks

Configuration: docs.openstack.org/neutron/tra… Create: docs.openstack.org/install-gui…

After the configuration is complete, you can log in to the Dashboard to create a network.

(1) Load environment variables

source admin-openrc.sh
Copy the code

(2) Create a network: selfService

openstack network create selfservicenet
Copy the code

(3) Check and confirm the network configuration

The/etc/neutron/plugins/ml2 / ml2_conf ini can consider at the time of installation neutron network service, the parameter configuration. Confirm the parameters as follows

vim /etc/neutron/plugins/ml2/ml2_conf.ini
---------------------------------------------------------
[ml2]
tenant_network_types = vxlan

[ml2_type_vxlan]
vni_ranges = 1:1000
---------------------------------------------------------
Copy the code

Openstack neutron-server.service fails to be started

Below is the/etc/neutron/plugins/ml2 / ml2_conf. An example of ini configuration:

#  cat /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security

[ml2_type_flat]
flat_networks = provider

[ml2_type_vxlan]
vni_ranges = 1:1000

[securitygroup]
enable_ipset = True
Copy the code

(4) Create a subnet

Create a subnetwork selfServicenet-subnet1 on the parent network selfServicenet

Openstack subnet create --network selfServicenet \ -- dnS-nameserver 8.8.4.4 --gateway 172.16.1.1 \ --subnet-range 172.16.1.0/24 selfservicenet - subnet1#Check the subnet
openstack subnet list
Copy the code

Parameter Description:

openstack subnet create --network selfservice \
  --dns-nameserver DNS_RESOLVER --gateway SELFSERVICE_NETWORK_GATEWAY \
  --subnet-range SELFSERVICE_NETWORK_CIDR selfservice
#Private network is recommended to use https://tools.ietf.org/html/rfc1918
#10.0.0.0-10.255.255.255 (10/8 prefix)
#172.16.0.0-172.31.255.255 (172.16/12 prefix)
#192.168.0.0-192.168.255.255 (192.168/16 prefix)
Copy the code

(5) Create router: router

Launch-instance-networks-selfservice After the configuration is complete, or select the dashboard to create a network. Some services need to be restarted before they can be successfully created. In this case, restart the server. The self-service network connects to the provider network using a virtual router that typically performs bidirectional NAT. Each router contains at least one interface on the self-service network and a gateway on the provider network. The provider network must include router: External allows self-service routers to use it to connect to external networks, such as the Internet. This admin or other privileged user must be included during network creation, this option or added later. In this case, the Router :external option is — External is set with parameters when creating the provider network.

#Loading environment variables
source admin-openrc.sh

#Creating a Router
#create
openstack router create router1

#Add the subnet of the self-service network as an interface on the router:
openstack router add subnet router1 selfservicenet-subnet1

#Set up a gateway on the router's provider network:
openstack router set router1 --external-gateway providernet

#Wait for 100 s

#Verify router
#Lists the network namespaces. You should see one QRouter namespace and two QDHCP namespaces
ip netns

#Lists the ports on the router to determine the gateway IP address on the provider's network:
openstack port list --router router1

#Ping this IP address from the controller node or any host on the physical provider's networkPing -c 4 192.168.2.220Copy the code

Into three. Launch an instance-create virtual networks.

Into the first three

Return after the installation is complete, the control node configured/etc/neutron/metadata_agent ini docs.openstack.org/neutron/tra…

6. The Neutron service has been installed on the controller node

After the Neutron service has been installed on the controller, you need to install the network service component on the compute node so that the compute node can connect to the openstack cluster. Open the next tutorial file and start configuring and installing network services for the compute node. [Also includes vendor network and private network]

Fusionsphere OpenStack Ussuri installation Series – 7.1 Controller Node -Neutron Network service component

The network service of the controller node is Neutron

1. Create neutron databases, service credentials, and API endpoints

2. Create the Neutron service credentials

3. Create an API endpoint for the Neutron service.

2. Neutron software Installation and configuration

1. Install neutron software

2. Configure network option 1: Provider Networks

environment-networking-rdo

(1) Configure the Neutron component

(2) Configure the modularity layer 2 (ML2) plug-in

(3) Configure the Linux bridge agent

(4) Configure the DHCP proxy

3. Create network option 1: Provider Networks

4. Configure network option 2: Self-service networks

(1) Configure the Neutron component

(2) Configure the modularity layer 2 (ML2) plug-in

(3) Configure the Linux bridge agent

(4) Configure layer 3 L3 agent

(5) Configure the DHCP proxy

5. Create network option 2: Self-service networks

Configure the metadata proxy

Configure computing services for controller nodes to enable them to use network services

Fifth, the control node is finally installed

1. Initialize the network plug-in

2. Populate the database

3. Restart the Compute API service

4. Enable the Neutron network service and enable startup

3. Create network option 1: Provider Networks

(1) Load environment variables

(2) Create a network: Provider

(3) Check and confirm the network configuration

(4) Create a subnet

5. Create network option 2: Self-service networks

(1) Load environment variables

(2) Create a network: selfService

(3) Check and confirm the network configuration

(4) Create a subnet

(5) Create router: router

6. The Neutron service has been installed on the controller node

Related Posts

Deploy K8S resources using helm

The most commonly used Linux commands

7 super practical MySQL statement writing methods, let colleagues eyes shine!