To do this section is advise finalized or have enviroment equal the section bellow:
OpenVSwitch Base
OpenStack/Base/Instalation_Base
Networking service (Neutron)
simplecontroller
First of all, create the Neutron database and set the password to enable the connection on this database with user neutron:
|
1
2 |
mysql -u root -e "CREATE DATABASE neutron"
mysql -u root -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS'; flush privileges"
|
Now create the Neutron service as well add the your endpoints:
|
1
2
3
4 |
openstack service create --name neutron --description "OpenStack Networking" network
openstack endpoint create --region EURegion network public http://simplecontroller:9696
openstack endpoint create --region EURegion network internal http://simplecontroller:9696
openstack endpoint create --region EURegion network admin http://simplecontroller:9696
|
Create the Neutron user also set the role admin on project service:
|
1
2 |
openstack user create --domain default --password NEUTRON_PASS neutron
openstack role add --project service --user neutron admin
|
Install the Neutron packges:
|
1 |
yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch -y
|
Set the database configurations created few steps above:
|
1 |
openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@simplecontroller/neutron
|
Set the RabbitMQ credentions also which server we will work:
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@simplecontroller
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT interface_driver openvswitch
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
|
Determine the OpenStack credentials on the Neutron configuration file:
|
1
2
3
4
5
6
7
8
9
10 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://simplecontroller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://simplecontroller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers simplecontroller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
|
Enable the communication between Neutron and Nova, it is also used by Designate:
|
1
2 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
|
Determine the OpenStack credentials for Nova service on the Neutron configuration file:
|
1
2
3
4
5
6
7
8 |
openstack-config --set /etc/neutron/neutron.conf nova auth_url http://simplecontroller:5000
openstack-config --set /etc/neutron/neutron.conf nova auth_type password
openstack-config --set /etc/neutron/neutron.conf nova project_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova user_domain_name default
openstack-config --set /etc/neutron/neutron.conf nova region_name EURegion
openstack-config --set /etc/neutron/neutron.conf nova project_name service
openstack-config --set /etc/neutron/neutron.conf nova username nova
openstack-config --set /etc/neutron/neutron.conf nova password NOVA_PASS
|
To manage external resources and with multi-thead and/or multi-process is necessary manage the lock where will determine who is doing what:
|
1 |
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
|
|
1 |
openstack-config --del /etc/neutron/plugins/ml2/ml2_conf.ini DEFAULT
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers flat,vlan,vxlan
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,l2population
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers port_security
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks provider_br-ex
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 8000:80000
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset true
|
|
1 |
openstack-config --del /etc/neutron/plugins/ml2/openvswitch_agent.ini DEFAULT
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings provider_br-ex:br-ex
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs enable_tunneling True
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.88.7
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs integration_bridge br-int
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent vxlan_udp_port 4789
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group True
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_ipset True
|
|
1 |
openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver openvswitch
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces True
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT force_metadata True
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata True
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_metadata_network True
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dnsmasq_config_file /etc/neutron/dnsmasq-neutron.conf
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT state_path /var/lib/neutron
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_broadcast_reply False
|
|
1 |
openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_delete_namespaces True
|
|
1 |
openstack-config --set /etc/neutron/dnsmasq-neutron.conf '' dhcp-option-force 26,1450
|
|
1 |
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host simplecontroller
|
|
1 |
openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET
|
The Neutron-server will look for this file, so create the link:
|
1 |
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
|
Sync the database, it means create all tables also populate with the minimum iformation required:
|
1 |
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
|
Confirm looking if the tables are created:
|
1 |
mysql -uroot neutron -e "show tables"
|
|
1
2
3
4
5
6
7
8
9
10 |
cat <<'EOF'> /etc/sysconfig/network-scripts/ifcfg-eth0
NAME=eth0
DEVICE=eth0
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
BOOTPROTO=none
HOTPLUG=no
EOF
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13 |
cat <<'EOF'> /etc/sysconfig/network-scripts/ifcfg-br-ex
NAME=br-ex
DEVICE=br-ex
IPADDR=192.168.88.7
PREFIX=24
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
HOTPLUG=no
ONBOOT=yes
GATEWAY=192.168.88.1
DNS1=192.168.88.1
EOF
|
|
1 |
ifdown eth0 ; ifup eth0
|
Enable and start the Neutron Server, OpenVSwitch, OVS Agent, DHCP Agent and MetaData Agent service:
|
1
2
3
4 |
systemctl enable neutron-server.service openvswitch.service \
neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service \
neutron-l3-agent.service
|
|
1
2
3
4 |
systemctl start neutron-server.service \
neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service \
neutron-l3-agent.service
|
|
1 |
openstack network agent list
|
|
1
2
3
4
5
6
7
8
9
10
11 |
openstack-config --set /etc/nova/nova.conf neutron url http://simplecontroller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://simplecontroller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name EURegion
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
|
|
1 |
systemctl restart openstack-nova-api.service
|
|
1 |
openstack compute service list
|
simplecompute
Install the Neutron packges:
|
1 |
yum install openstack-neutron-openvswitch openstack-neutron-ml2 -y
|
Set the RabbitMQ credentions also which server we will work:
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@simplecontroller
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
|
Determine the OpenStack credentials on the Neutron configuration file:
|
1
2
3
4
5
6
7
8
9 |
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://simplecontroller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://simplecontroller:5000
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers simplecontroller:11211
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
|
|
1 |
openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
|
|
1 |
openstack-config --del /etc/neutron/plugins/ml2/openvswitch_agent.ini DEFAULT
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs bridge_mappings provider_br-ex:br-ex
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs enable_tunneling True
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs local_ip 192.168.88.11
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini ovs integration_bridge br-int
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent tunnel_types vxlan
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini agent vxlan_udp_port 4789
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_security_group True
|
|
1 |
openstack-config --set /etc/neutron/plugins/ml2/openvswitch_agent.ini securitygroup enable_ipset True
|
|
1
2
3
4
5
6
7
8
9
10 |
cat <<'EOF'> /etc/sysconfig/network-scripts/ifcfg-eth0
NAME=eth0
DEVICE=eth0
ONBOOT=yes
DEVICETYPE=ovs
TYPE=OVSPort
OVS_BRIDGE=br-ex
BOOTPROTO=none
HOTPLUG=no
EOF
|
|
1
2
3
4
5
6
7
8
9
10
11
12
13 |
cat <<'EOF'> /etc/sysconfig/network-scripts/ifcfg-br-ex
NAME=br-ex
DEVICE=br-ex
IPADDR=192.168.88.11
PREFIX=24
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
HOTPLUG=no
ONBOOT=yes
GATEWAY=192.168.88.1
DNS1=192.168.88.1
EOF
|
|
1 |
ifdown eth0 ; ifup eth0
|
Enable and start the OpenVSwitch and OVS agent service:
|
1 |
systemctl enable openvswitch.service neutron-openvswitch-agent.service
|
|
1 |
systemctl start neutron-openvswitch-agent.service
|
|
1
2
3
4
5
6
7
8
9
10
11 |
openstack-config --set /etc/nova/nova.conf neutron url http://simplecontroller:9696
openstack-config --set /etc/nova/nova.conf neutron auth_url http://simplecontroller:5000
openstack-config --set /etc/nova/nova.conf neutron auth_type password
openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
openstack-config --set /etc/nova/nova.conf neutron region_name EURegion
openstack-config --set /etc/nova/nova.conf neutron project_name service
openstack-config --set /etc/nova/nova.conf neutron username neutron
openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET
|
|
1 |
systemctl restart openstack-nova-compute.service
|
simplecontroller
|
1 |
openstack compute service list
|
|
1 |
openstack network agent list
|
|
1
2 |
openstack network create --share --external --provider-physical-network provider_br-ex \
--provider-network-type flat ext-net-flat
|
|
1
2 |
openstack subnet create --network ext-net-flat --allocation-pool start=192.168.88.100,end=192.168.88.250 \
--dns-nameserver 8.8.8.8 --gateway 192.168.88.1 --subnet-range 192.168.88.0/24 ext-subnet-flat
|
|
1 |
openstack flavor create --ram 128 --disk 4 --swap 0 --vcpus 1 --public cirros-flavor
|
|
1
2
3
4 |
openstack --os-auth-url http://simplecontroller:5000/v3 \
--os-project-domain-name mydomain --os-user-domain-name mydomain \
--os-project-name myproject --os-username myuser --os-password \
myuser_pass image list
|
|
1
2
3
4 |
openstack --os-auth-url http://simplecontroller:5000/v3 \
--os-project-domain-name mydomain --os-user-domain-name mydomain \
--os-project-name myproject --os-username myuser --os-password\
myuser_pass flavor list
|
|
1
2
3
4 |
openstack --os-auth-url http://simplecontroller:5000/v3 \
--os-project-domain-name mydomain --os-user-domain-name mydomain \
--os-project-name myproject --os-username myuser --os-password \
myuser_pass network list
|
|
1
2
3
4 |
openstack --os-auth-url http://simplecontroller:5000/v3 \
--os-project-domain-name mydomain --os-user-domain-name mydomain \
--os-project-name myproject --os-username myuser --os-password myuser_pass \
server create --flavor cirros-flavor --image cirros --nic net-id=ext-net-flat myflatvm1
|
To make our live easy create this file:
|
1
2
3
4
5
6
7
8
9
10
11 |
cat <<'EOF'> myuser_openrc
export OS_USERNAME=myuser
export OS_PASSWORD=myuser_pass
export OS_PROJECT_NAME=myproject
export OS_USER_DOMAIN_NAME=mydomain
export OS_PROJECT_DOMAIN_NAME=mydomain
export OS_AUTH_URL=http://simplecontroller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_REGION_NAME=EURegion
export PS1='\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;31m\][\W]($OS_PROJECT_NAME-$OS_REGION_NAME)\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ '
EOF
|
|
1 |
source myuser_openrc
|
|
1 |
openstack network create mynet
|
|
1 |
openstack subnet create --network mynet --subnet-range 10.8.8.0/24 --allocation-pool start=10.8.8.10,end=10.8.8.200 mysubnet
|
|
1 |
openstack router create myrouter
|
|
1 |
openstack router add subnet myrouter mysubnet
|
|
1 |
openstack router set myrouter --external-gateway ext-net-flat
|
|
1 |
openstack server create --flavor cirros-flavor --image "cirros" --nic net-id=mynet myvxlanvm1
|
|
1 |
openstack server add volume myvxlanvm1 vol01
|
|
1 |
openstack server create --flavor cirros-flavor --volume volimg01 --nic net-id=mynet myvxlanvmFromvol1
|