Advertisement
tuanklnew

configure

May 18th, 2017
135
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 7.17 KB | None | 0 0
  1. Controller Node:
  2. eth0: ens160 - dung ra mang luc cai dat: 192.168.77.201/24
  3. eth1: ens192 - management: 172.16.0.10/16
  4. eth2: ens224
  5. eth3: ens256 - (Khong dat truoc) external neutron: 192.168.77.205/24
  6.  
  7. Compute Node:
  8. eth0: ens160 - dung ra mang luc cai dat: 192.168.77.202/24
  9. eth1: ens192 - management: 172.16.0.20/16
  10. eth2: ens224 - (khong dat truoc) Tenant Neutron: 10.10.0.0/24 - 10.10.0.202/24
  11. eth3: not available
  12.  
  13. Network Node:
  14. eth0: ens160 - dung ra mang (provider): 192.168.77.203/24
  15. eth1: ens192 - management: 172.16.0.30/16
  16. eth2: ens224 - (khong dat truoc) Tenant Neutron: 10.10.0.0/24 - 10.10.0.201/24
  17. eth3: ens256 - (khong dat truoc) external neutron: br-ex 192.168.77.206/24
  18.  
  19. Storage Node:
  20. eth0: ens160 - dung ra mang luc cai dat: 192.168.77.204/24
  21. eth1: ens192 - management: 172.16.0.40/16
  22. eth2: not available
  23. eth3: not available
  24.  
  25. Network Node:
  26. sudo ifconfig ens224 down
  27. sudo ifconfig ens224 0.0.0.0 up
  28. sudo ip link set ens224 promisc on
  29.  
  30. sudo ifconfig ens256 down
  31. sudo ifconfig ens256 0.0.0.0 up
  32. sudo ip link set ens256 promisc on
  33.  
  34. apt install vlan bridge-utils dnsmasq-base dnsmasq-utils ipset python-mysqldb -y
  35. apt install openvswitch-switch openvswitch-common -y
  36. service openvswitch-switch start
  37. apt install neutron-dhcp-agent neutron-l3-agent neutron-openvswitch-agent neutron-plugin-ml2 -y
  38.  
  39. ovs-vsctl add-br br-tun
  40. ovs-vsctl add-port br-tun ens224
  41. ovs-vsctl add-br br-provider
  42. ovs-vsctl add-port br-provider ens256
  43.  
  44. ifconfig br-tun 10.10.0.201 netmask 255.255.255.0
  45. ifconfig br-provider 192.168.77.206 netmask 255.255.255.0
  46.  
  47. nano /etc/sysctl.conf:
  48. net.ipv4.ip_forward=1
  49. net.ipv4.conf.all.rp_filter=0
  50. net.ipv4.conf.default.rp_filter=0
  51.  
  52. sysctl -p
  53. nano /etc/neutron/neutron.conf
  54. [DEFAULT]
  55. verbose = True
  56. debug = True
  57.  
  58. # Plugin
  59. core_plugin = ml2
  60. service_plugins = router
  61. allow_overlapping_ips = True
  62.  
  63. # auth
  64. auth_strategy = keystone
  65.  
  66. transport_url = rabbit://openstack:nomoresecret@controller
  67.  
  68. [agent]
  69. root_helper = sudo
  70.  
  71. [keystone_authtoken]
  72. auth_uri = http://controller:5000
  73. auth_url = http://controller:35357
  74. memcached_servers = controller:11211
  75. auth_type = password
  76. project_domain_name = default
  77. user_domain_name = default
  78. project_name = service
  79. username = neutron
  80. password = nomoresecret
  81.  
  82. [database]
  83. connection = mysql+pymysql://neutron:nomoresecret@controller/neutron
  84.  
  85. nano /etc/neutron/l3_agent.ini
  86. [DEFAULT]
  87. interface_driver = openvswitch
  88. external_network_bridge =
  89.  
  90. nano /etc/neutron/dhcp_agent.ini
  91. [DEFAULT]
  92. interface_driver = openvswitch
  93. dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
  94. enable_isolated_metadata = true
  95. force_metadata = True
  96. dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
  97.  
  98. nano /etc/neutron/dnsmasq-neutron.conf
  99. # To allow tunneling bytes to be appended
  100. dhcp-option-force=26,1400
  101.  
  102. nano /etc/neutron/metadata_agent.ini
  103. [DEFAULT]
  104. nova_metadata_ip = controller
  105. metadata_proxy_shared_secret = nomoresecret
  106.  
  107. nano /etc/neutron/plugins/ml2/ml2_conf.ini
  108. [ml2]
  109. type_drivers = gre,vxlan,flat
  110. tenant_network_types = vxlan
  111. mechanism_drivers = openvswitch,l2population
  112.  
  113. [ml2_type_gre]
  114. tunnel_id_ranges = 1:1000
  115.  
  116. [ml2_type_vxlan]
  117. vxlan_group =
  118. vni_ranges = 1:1000
  119.  
  120. nano /etc/neutron/plugins/ml2/openvswitch_agent.ini
  121. [agent]
  122. tunnel_types = vxlan
  123. l2_population = True
  124.  
  125. [ovs]
  126. local_ip = 10.10.0.201
  127. bridge_mappings = provider:br-provider
  128.  
  129. [securitygroup]
  130. firewall_driver = iptables_hybrid
  131. enable_security_group = True
  132.  
  133. service neutron-openvswitch-agent restart
  134. service neutron-dhcp-agent restart
  135. service neutron-l3-agent restart
  136. service neutron-metadata-agent restart
  137.  
  138. Controller Node:
  139.  
  140. apt install neutron-server neutron-plugin-ml2 -y
  141.  
  142. nano /etc/neutron/neutron.conf
  143. [DEFAULT]
  144. # Plugin
  145. core_plugin = ml2
  146. service_plugins = router
  147. allow_overlapping_ips = True
  148.  
  149. # auth
  150. auth_strategy = keystone
  151.  
  152. transport_url = rabbit://openstack:nomoresecret@controller
  153.  
  154. notify_nova_on_port_status_changes = true
  155. notify_nova_on_port_data_changes = true
  156.  
  157. [nova]
  158. auth_url = http://controller:35357
  159. auth_type = password
  160. project_domain_name = default
  161. user_domain_name = default
  162. region_name = RegionOne
  163. project_name = service
  164. username = nova
  165. password = nomoresecret
  166.  
  167. [keystone_authtoken]
  168. auth_uri = http://controller:5000
  169. auth_url = http://controller:35357
  170. memcached_servers = controller:11211
  171. auth_type = password
  172. project_domain_name = default
  173. user_domain_name = default
  174. project_name = service
  175. username = neutron
  176. password = nomoresecret
  177.  
  178. [database]
  179. connection = mysql+pymysql://neutron:nomoresecret@controller/neutron
  180.  
  181. nano /etc/nova/nova.conf
  182. [neutron]
  183. url = http://controller:9696
  184. auth_url = http://controller:35357
  185. auth_type = password
  186. project_domain_name = default
  187. user_domain_name = default
  188. region_name = RegionOne
  189. project_name = service
  190. username = neutron
  191. password = nomoresecret
  192. service_metadata_proxy = true
  193. metadata_proxy_shared_secret = nomoresecret
  194.  
  195. nano /etc/neutron/plugins/ml2/ml2_conf.ini
  196. [ml2]
  197. type_drivers = gre,vxlan,flat
  198. tenant_network_types = vxlan
  199. mechanism_drivers = openvswitch,l2population
  200.  
  201. [ml2_type_gre]
  202. tunnel_id_ranges = 1:1000
  203.  
  204. [ml2_type_vxlan]
  205. vxlan_group =
  206. vni_ranges = 1:1000
  207.  
  208. [securitygroup]
  209. firewall_driver = iptables_hybrid
  210. enable_security_group = True
  211.  
  212.  
  213. su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
  214.  
  215. service nova-api restart
  216. service neutron-server restart
  217.  
  218.  
  219. Compute Node:
  220. apt install neutron-openvswitch-agent -y
  221.  
  222. sudo ifconfig ens224 down
  223. sudo ifconfig ens224 0.0.0.0 up
  224. sudo ip link set ens224 promisc on
  225.  
  226. ovs-vsctl add-br br-tun
  227. ovs-vsctl add-port br-tun ens224
  228.  
  229. ifconfig br-tun 10.10.0.202 netmask 255.255.255.0
  230.  
  231. nano /etc/sysctl.conf:
  232. net.ipv4.ip_forward=1
  233. net.ipv4.conf.all.rp_filter=0
  234. net.ipv4.conf.default.rp_filter=0
  235.  
  236. sysctl -p
  237.  
  238. nano /etc/neutron/neutron.conf
  239. [database] section, comment out any connection options because compute nodes do not directly access the database.
  240.  
  241. [DEFAULT]
  242. transport_url = rabbit://openstack:nomoresecret@controller
  243.  
  244. auth_strategy = keystone
  245.  
  246. [keystone_authtoken]
  247. auth_uri = http://controller:5000
  248. auth_url = http://controller:35357
  249. memcached_servers = controller:11211
  250. auth_type = password
  251. project_domain_name = default
  252. user_domain_name = default
  253. project_name = service
  254. username = neutron
  255. password = nomoresecret
  256.  
  257.  
  258. nano /etc/neutron/plugins/ml2/openvswitch_agent.ini
  259. [ovs]
  260. local_ip = 10.10.0.202
  261.  
  262. [agent]
  263. tunnel_types = vxlan
  264. l2_population = True
  265.  
  266. [securitygroup]
  267. firewall_driver = iptables_hybrid
  268. enable_security_group = True
  269.  
  270.  
  271. nano /etc/nova/nova.conf
  272. [neutron]
  273. url = http://controller:9696
  274. auth_url = http://controller:35357
  275. auth_type = password
  276. project_domain_name = default
  277. user_domain_name = default
  278. region_name = RegionOne
  279. project_name = service
  280. username = neutron
  281. password = nomoresecret
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement