Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Controller Node:
- eth0: ens160 - dung ra mang luc cai dat: 192.168.77.201/24
- eth1: ens192 - management: 172.16.0.10/16
- eth2: ens224
- eth3: ens256 - (Khong dat truoc) external neutron: 192.168.77.205/24
- Compute Node:
- eth0: ens160 - dung ra mang luc cai dat: 192.168.77.202/24
- eth1: ens192 - management: 172.16.0.20/16
- eth2: ens224 - (khong dat truoc) Tenant Neutron: 10.10.0.0/24 - 10.10.0.202/24
- eth3: not available
- Network Node:
- eth0: ens160 - dung ra mang (provider): 192.168.77.203/24
- eth1: ens192 - management: 172.16.0.30/16
- eth2: ens224 - (khong dat truoc) Tenant Neutron: 10.10.0.0/24 - 10.10.0.201/24
- eth3: ens256 - (khong dat truoc) external neutron: br-ex 192.168.77.206/24
- Storage Node:
- eth0: ens160 - dung ra mang luc cai dat: 192.168.77.204/24
- eth1: ens192 - management: 172.16.0.40/16
- eth2: not available
- eth3: not available
- Network Node:
- sudo ifconfig ens224 down
- sudo ifconfig ens224 0.0.0.0 up
- sudo ip link set ens224 promisc on
- sudo ifconfig ens256 down
- sudo ifconfig ens256 0.0.0.0 up
- sudo ip link set ens256 promisc on
- apt install vlan bridge-utils dnsmasq-base dnsmasq-utils ipset python-mysqldb -y
- apt install openvswitch-switch openvswitch-common -y
- service openvswitch-switch start
- apt install neutron-dhcp-agent neutron-l3-agent neutron-openvswitch-agent neutron-plugin-ml2 -y
- ovs-vsctl add-br br-tun
- ovs-vsctl add-port br-tun ens224
- ovs-vsctl add-br br-provider
- ovs-vsctl add-port br-provider ens256
- ifconfig br-tun 10.10.0.201 netmask 255.255.255.0
- ifconfig br-provider 192.168.77.206 netmask 255.255.255.0
- nano /etc/sysctl.conf:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.rp_filter=0
- net.ipv4.conf.default.rp_filter=0
- sysctl -p
- nano /etc/neutron/neutron.conf
- [DEFAULT]
- verbose = True
- debug = True
- # Plugin
- core_plugin = ml2
- service_plugins = router
- allow_overlapping_ips = True
- # auth
- auth_strategy = keystone
- transport_url = rabbit://openstack:nomoresecret@controller
- [agent]
- root_helper = sudo
- [keystone_authtoken]
- auth_uri = http://controller:5000
- auth_url = http://controller:35357
- memcached_servers = controller:11211
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- project_name = service
- username = neutron
- password = nomoresecret
- [database]
- connection = mysql+pymysql://neutron:nomoresecret@controller/neutron
- nano /etc/neutron/l3_agent.ini
- [DEFAULT]
- interface_driver = openvswitch
- external_network_bridge =
- nano /etc/neutron/dhcp_agent.ini
- [DEFAULT]
- interface_driver = openvswitch
- dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
- enable_isolated_metadata = true
- force_metadata = True
- dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
- nano /etc/neutron/dnsmasq-neutron.conf
- # To allow tunneling bytes to be appended
- dhcp-option-force=26,1400
- nano /etc/neutron/metadata_agent.ini
- [DEFAULT]
- nova_metadata_ip = controller
- metadata_proxy_shared_secret = nomoresecret
- nano /etc/neutron/plugins/ml2/ml2_conf.ini
- [ml2]
- type_drivers = gre,vxlan,flat
- tenant_network_types = vxlan
- mechanism_drivers = openvswitch,l2population
- [ml2_type_gre]
- tunnel_id_ranges = 1:1000
- [ml2_type_vxlan]
- vxlan_group =
- vni_ranges = 1:1000
- nano /etc/neutron/plugins/ml2/openvswitch_agent.ini
- [agent]
- tunnel_types = vxlan
- l2_population = True
- [ovs]
- local_ip = 10.10.0.201
- bridge_mappings = provider:br-provider
- [securitygroup]
- firewall_driver = iptables_hybrid
- enable_security_group = True
- service neutron-openvswitch-agent restart
- service neutron-dhcp-agent restart
- service neutron-l3-agent restart
- service neutron-metadata-agent restart
- Controller Node:
- apt install neutron-server neutron-plugin-ml2 -y
- nano /etc/neutron/neutron.conf
- [DEFAULT]
- # Plugin
- core_plugin = ml2
- service_plugins = router
- allow_overlapping_ips = True
- # auth
- auth_strategy = keystone
- transport_url = rabbit://openstack:nomoresecret@controller
- notify_nova_on_port_status_changes = true
- notify_nova_on_port_data_changes = true
- [nova]
- auth_url = http://controller:35357
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- region_name = RegionOne
- project_name = service
- username = nova
- password = nomoresecret
- [keystone_authtoken]
- auth_uri = http://controller:5000
- auth_url = http://controller:35357
- memcached_servers = controller:11211
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- project_name = service
- username = neutron
- password = nomoresecret
- [database]
- connection = mysql+pymysql://neutron:nomoresecret@controller/neutron
- nano /etc/nova/nova.conf
- [neutron]
- url = http://controller:9696
- auth_url = http://controller:35357
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- region_name = RegionOne
- project_name = service
- username = neutron
- password = nomoresecret
- service_metadata_proxy = true
- metadata_proxy_shared_secret = nomoresecret
- nano /etc/neutron/plugins/ml2/ml2_conf.ini
- [ml2]
- type_drivers = gre,vxlan,flat
- tenant_network_types = vxlan
- mechanism_drivers = openvswitch,l2population
- [ml2_type_gre]
- tunnel_id_ranges = 1:1000
- [ml2_type_vxlan]
- vxlan_group =
- vni_ranges = 1:1000
- [securitygroup]
- firewall_driver = iptables_hybrid
- enable_security_group = True
- su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
- service nova-api restart
- service neutron-server restart
- Compute Node:
- apt install neutron-openvswitch-agent -y
- sudo ifconfig ens224 down
- sudo ifconfig ens224 0.0.0.0 up
- sudo ip link set ens224 promisc on
- ovs-vsctl add-br br-tun
- ovs-vsctl add-port br-tun ens224
- ifconfig br-tun 10.10.0.202 netmask 255.255.255.0
- nano /etc/sysctl.conf:
- net.ipv4.ip_forward=1
- net.ipv4.conf.all.rp_filter=0
- net.ipv4.conf.default.rp_filter=0
- sysctl -p
- nano /etc/neutron/neutron.conf
- [database] section, comment out any connection options because compute nodes do not directly access the database.
- [DEFAULT]
- transport_url = rabbit://openstack:nomoresecret@controller
- auth_strategy = keystone
- [keystone_authtoken]
- auth_uri = http://controller:5000
- auth_url = http://controller:35357
- memcached_servers = controller:11211
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- project_name = service
- username = neutron
- password = nomoresecret
- nano /etc/neutron/plugins/ml2/openvswitch_agent.ini
- [ovs]
- local_ip = 10.10.0.202
- [agent]
- tunnel_types = vxlan
- l2_population = True
- [securitygroup]
- firewall_driver = iptables_hybrid
- enable_security_group = True
- nano /etc/nova/nova.conf
- [neutron]
- url = http://controller:9696
- auth_url = http://controller:35357
- auth_type = password
- project_domain_name = default
- user_domain_name = default
- region_name = RegionOne
- project_name = service
- username = neutron
- password = nomoresecret
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement