私有云 Openstack Ocata版安装(一)Controller部署:https://www.dwhd.org/20180213_234933.html
私有云 Openstack Ocata版安装(二)glance组件的安装和配置:https://www.dwhd.org/20180213_234933.html
私有云 Openstack Ocata版安装(三)nova组件的安装和配置:https://www.dwhd.org/20180214_163005.html
私有云 Openstack Ocata版安装(四)安装并配置计算节点:https://www.dwhd.org/20180214_220255.html
一:集群信息简介
| 节点名 | 网卡IP | 网络和网关 | 运行业务 | 配置 | 系统 |
| Openstack Controller | 192.168.200.101 172.18.100.1 172.28.100.1 |
192.168.200/24 192.168.200.2 172.18.0.0/16 172.18.0.1 172.28.0.0/16 172.28.0.1 |
MySQL、RabbitMQ、Memcached、Keystone、Glance、Nova、Neutron | 4c8g100G | CentOS 7.4.1708 |
| Openstack Computer | 192.168.200.102 172.18.100.2 172.28.100.2 |
192.168.200/24 192.168.200.2 172.18.0.0/16 172.18.0.1 172.28.0.0/16 172.28.0.1 |
Nova-Compute、Neutron | 4c8g100G | CentOS 7.4.1708 |
| Openstack Network | 192.168.200.103 172.18.100.3 172.28.100.3 |
192.168.200/24 192.168.200.2 172.18.0.0/16 172.18.0.1 172.28.0.0/16 172.28.0.1 |
4c4g40G | CentOS 7.4.1708 |
OpenStack 网络服务(neutron),管理所有网络方面的内容。包括虚拟网络基础架构(VNI)和接入层方面的物理网络基础架构(PNI)。
二:在控制节点上安装和配置(以下内容在控制节点上执行)
(1)先决条件
在配置 Openstack Networking(neutron) service 之前,必须创建数据库,服务凭据和 API 端点。
1. 创建数据库,并完成下列步骤:
A. 使用数据库命令行客户端,以 root 身份登录数据库服务器。
[[email protected]_168_200_101 ~]# mysql -uroot -pYmY0N2RiOTk4NTc1ZDM1ZWUz
B. 创建 neutron 数据库
MariaDB [(none)]> CREATE DATABASE IF NOT EXISTS neutron DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci;
C. 创建数据库用户 neutron,并授予数据库用户 neutron 访问
neutron 数据库的权限。
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'YjAyMGU4NjgwMDRi'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'controller' IDENTIFIED BY 'YjAyMGU4NjgwMDRi'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'YjAyMGU4NjgwMDRi';
替换 NEUTRON_DBPASS 为一个合适的密码。
D. 退出数据库
2. 执行 admin 凭据脚本,以便以 admin 身份执行后续命令:
[[email protected]_168_200_101 ~]# . admin-openrc
3. 创建服务凭据,并完成下列步骤:
A. 创建 neutron 用户:
[[email protected]_168_200_101 ~]# openstack user create --domain default --password-prompt neutron User Password: Repeat User Password: +---------------------+----------------------------------+ | Field | Value | +---------------------+----------------------------------+ | domain_id | default | | enabled | True | | id | 3755a6ab28d14e66b696780f8bed45cc | | name | neutron | | options | {} | | password_expires_at | None | +---------------------+----------------------------------+ [[email protected]_168_200_101 ~]#
B. 添加 admin 角色到 neutron 用户和 service 项目
[[email protected]_168_200_101 ~]# openstack role add --project service --user neutron admin [[email protected]_168_200_101 ~]#
C. 创建 neutron 服务实体:
[[email protected]_168_200_101 ~]# openstack service create --name neutron --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | 1e869e87a5e7459a9d85f5f223c88890 | | name | neutron | | type | network | +-------------+----------------------------------+ [[email protected]_168_200_101 ~]#
4. 创建网络服务的 API 端点:
[[email protected]_168_200_101 ~]# openstack endpoint create --region RegionOne network public http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | a8eb145c1d724c168eb46328e1ee618e | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | 1e869e87a5e7459a9d85f5f223c88890 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [[email protected]_168_200_101 ~]# openstack endpoint create --region RegionOne network internal http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | f9838290581b4942b2908bbd37b65b6a | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | 1e869e87a5e7459a9d85f5f223c88890 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [[email protected]_168_200_101 ~]# openstack endpoint create --region RegionOne network admin http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | f92ad28d79f348e7ae7e8f196017f60d | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | 1e869e87a5e7459a9d85f5f223c88890 | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ [[email protected]_168_200_101 ~]#
(2)安装并配置服务组件
1. 安装组件
[[email protected]_168_200_101 ~]# yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables ipset
2. 编辑/etc/neutron/neutron.conf 文件并完成下列操作:
A. 在[database]小节,配置数据库访问信息:
[database] # ... connection = mysql+pymysql://neutron:[email protected]/neutron
B. 在[DEFAULT]小节,启用二层模块(ML2)插件,路由服务和重叠地址功能:
[DEFAULT] # ... core_plugin = ml2 service_plugins = router allow_overlapping_ips = true
C. 在[DEFAULT]小节,配置 RabbitMQ 消息队列访问信息:
[DEFAULT] # ... transport_url = rabbit://openstack:[email protected]
D. 在[DEFAULT]和[keystone_authtoken]小节,配置身份服务访问信息:
[DEFAULT] # ... auth_strategy = keystone
[keystone_authtoken] # ... auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = lookback
E. 在[DEFAULT]和[nova]小节,配置当网络拓扑发生改变时向计算服务发送网络通知。
[DEFAULT] # ... notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true
[nova] # ... auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = lookback
F. 在[oslo_concurrency]小节,配置锁路径:
[oslo_concurrency] # ... lock_path = /var/lib/neutron/tmp
我的配置样例
[[email protected]_168_200_101 ~]# grep -Ev '^(#|$)' /etc/neutron/neutron.conf [DEFAULT] core_plugin = ml2 service_plugins = router allow_overlapping_ips = true transport_url = rabbit://openstack:[email protected] auth_strategy = keystone notify_nova_on_port_status_changes = true notify_nova_on_port_data_changes = true [agent] [cors] [database] connection = mysql+pymysql://neutron:[email protected]/neutron [keystone_authtoken] auth_uri = http://controller:5000 auth_url = http://controller:35357 memcached_servers = controller:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = lookback [matchmaker_redis] [nova] auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = lookback [oslo_concurrency] lock_path = /var/lib/neutron/tmp [oslo_messaging_amqp] [oslo_messaging_kafka] [oslo_messaging_notifications] [oslo_messaging_rabbit] [oslo_messaging_zmq] [oslo_middleware] [oslo_policy] [quotas] [ssl] [[email protected]_168_200_101 ~]#
3.配置二层(ML2)模块插件
ML2 插件使用 Linux bridge 机制为云主机建立二层虚拟网络基础。
1. 编辑/etc/neutron/plugins/ml2/ml2_conf.ini 文件并完成下列操作:
A. 在[ml2]小节,启用 flat,VLAN 和 VXLAN 网络:
[ml2] # ... type_drivers = flat,vlan,vxlan
B. 在[ml2]小节,启用 VXLAN 为用户自定义网络:
[ml2] # ... tenant_network_types = vxlan
C. 在[ml2]小节,启用 Linux bridge 和 layer-2 population 机制:
[ml2] # ... mechanism_drivers = linuxbridge,l2population
D. 在[ml2]小节,启用端口安全扩展驱动:
[ml2] # ... extension_drivers = port_security
E. 在[ml2_type_flat]小节,配置 provider 虚拟网络使用 flat 网络:
[ml2_type_flat] # ... flat_networks = provider
F. 在[ml2_type_vxlan]小节,配置自定义 VXLAN 网络的 id 范围:
[ml2_type_vxlan] # ... vni_ranges = 1:1000
G. 在[securitygroup]小节,启用 ipset 增强安全组的工作效率:
[securitygroup] # ... enable_ipset = true
我的配置样例
[[email protected]_168_200_101 ~]# grep -Ev '^(#|$)' /etc/neutron/plugins/ml2/ml2_conf.ini [DEFAULT] [l2pop] [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = linuxbridge,l2population extension_drivers = port_security [ml2_type_flat] flat_networks = provider [ml2_type_geneve] [ml2_type_gre] [ml2_type_vlan] [ml2_type_vxlan] vni_ranges = 1:1000 [securitygroup] enable_ipset = true [[email protected]_168_200_101 ~]#
4. 配置 Linux bridge agent
Linux bridge agent 为云主机和处理安全组建立二层虚拟网络基础。
1. 编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini 文件并完成下列操作:
A. 在[linux_bridge]小节,映射 provider 虚拟网络到 provider 物理网络接口:
[linux_bridge] physical_interface_mappings = provider: eth1
替换 PROVIDER_INTERFACE_NAME 为 provider 物理网络接口的名字。
B. 在[vxlan]小节,启用 VXLAN 覆盖网络,配置处理覆盖网络物理网络接口的 IP 地址。启用 layer-2 population:
[vxlan] enable_vxlan = true local_ip = OVERLAY_INTERFACE_IP_ADDRESS l2_population = true
替换 OVERLAY_INTERFACE_IP_ADDRESS 为管理节点管理接口的IP地址。
C. 在[securitygroup]小节,启用安全组并配置 Linux bridge
iptables 防火墙驱动: [securitygroup] # ... enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
我的配置样例
[[email protected]_168_200_101 ~]# grep -Ev '^(#|$)' /etc/neutron/plugins/ml2/linuxbridge_agent.ini [DEFAULT] [agent] [linux_bridge] physical_interface_mappings = provider: eth1 [securitygroup] enable_security_group = true firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver [vxlan] enable_vxlan = true local_ip = 192.168.200.101 l2_population = true [[email protected]_168_200_101 ~]#
5.配置三层代理
Layer-3 (L3) agent 为自定义虚拟网络提供路由和 NAT 服务。
1. 编辑/etc/neutron/l3_agent.ini 文件并完成下列操作:
在[DEFAULT]小节,配置 Linux bridge 接口驱动和外部网络网桥:
[DEFAULT] # ... interface_driver = linuxbridge
我的配置样例
[[email protected]_168_200_101 ~]# grep -Ev '^(#|$)' /etc/neutron/l3_agent.ini [DEFAULT] interface_driver = linuxbridge [agent] [ovs] [[email protected]_168_200_101 ~]#
6.配置 DHCP 代理
DHCP 代理为虚拟网络提供 DHCP 服务。
1. 编辑/etc/neutron/dhcp_agent.ini 文件并完成下列操作:
在[DEFAULT]小节,配置 Linux bridge 接口驱动,Dnsmasq DHCP 驱动并启用 isolated metadata,以便云主机可以通过 provider 网络访问元数据:
[DEFAULT] # ... interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true
我的配置样例
[[email protected]_168_200_101 ~]# grep -Ev '^(#|$)' /etc/neutron/dhcp_agent.ini [DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true [agent] [ovs] [[email protected]_168_200_101 ~]#
7.配置元数据代理
metadata agent(元数据代理)提供配置信息,例如云主机的凭据。
1. 编辑/etc/neutron/metadata_agent.ini 文件并完成下列操作:
在[DEFAULT]小节,配置元数据主机和共享秘钥:
[DEFAULT] # ... nova_metadata_ip = controller metadata_proxy_shared_secret = MDkxNjZiNWIwMzg3
8.配置计算服务使用 neutron 网络
1. 编辑/etc/nova/nova.conf 文件并完成下列操作:
在[neutron]小节,配置访问参数,启用元数据代理,并配置共享秘钥:
[neutron] # ... url = http://controller:9696 auth_url = http://controller:35357 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = lookback service_metadata_proxy = true metadata_proxy_shared_secret = MDkxNjZiNWIwMzg3
替换 NEUTRON_PASS 为身份服务中 neutron 用户的密码。替换 METADATA_SECRET 为/etc/neutron/metadata_agent.ini 文件中相同的密码。
9.完成安装
1. 网络服务初始化脚本/etc/neutron/plugin.ini 实际上是一个链接文件,它指向 ML2 插件的配置文件/etc/neutron/plugins/ml2/ml2_conf.ini,如果该链接文件不存在,则需要使用下面的命令创建:
[[email protected]_168_200_101 ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini [[email protected]_168_200_101 ~]# ls -lh /etc/neutron/plugin.ini lrwxrwxrwx 1 root root 37 2月 15 01:01 /etc/neutron/plugin.ini -> /etc/neutron/plugins/ml2/ml2_conf.ini [[email protected]_168_200_101 ~]#
2. 初始化数据库
[[email protected]_168_200_101 ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. 正在对 neutron 运行 upgrade... INFO [alembic.runtime.migration] Context impl MySQLImpl. INFO [alembic.runtime.migration] Will assume non-transactional DDL. INFO [alembic.runtime.migration] Running upgrade -> kilo, kilo_initial INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225, nsxv_vdr_metadata.py INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151, neutrodb_ipam INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf, Initial operations in support of address scopes INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee, Flavor framework INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f, network_rbac INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773, quota_usage INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592, subnetpool hash INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7, add order to dnsnameservers INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79, address scope support in subnetpool INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051, qos db changes INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136, quota_reservations INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59, Add dns_name to Port INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d, Add availability zone INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a, add is_default to subnetpool INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25, Add standard attribute table INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee, Add network availability zone INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9, Add router availability zone INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4, Add ip_version to AddressScope INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664, Add tables and attributes to support external DNS integration INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5, add_unique_ha_router_agent_port_bindings INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f, Auto Allocated Topology - aka Get-Me-A-Network INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821, add dynamic routing model data INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4, add_bgp_dragent_model_data INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81, rbac_qos_policy INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6, Add resource_versions row to agent table INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532, tag support INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f, add_timestamp_to_base_resources INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a, Add desc to standard attr table INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b, qos dscp db addition INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73, Add support for VLAN trunking INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502, Add device_id index to Port INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee, provisioning_blocks.py INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048, add revisions table INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4, add dns name to portdnses INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99, Initial no-op Liberty contract rule. INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada, network_rbac INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016, Drop legacy OVS and LB plugin tables INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3, Metaplugin removal INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d, Add missing foreign keys INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d, add geneve ml2 type driver INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297, Drop cisco monolithic tables INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c, Drop embrane plugin table INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39, standardattributes migration INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b, DVR sheduling refactoring INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050, Drop NEC plugin tables INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9, rbac_qos_policy INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada, network_rbac_external INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc, standard_desc INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53, device_owner_ha_replicate_int INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70, Rename ml2_network_segments table INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90, Add segment_id to subnet INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4, Add segment_host_mapping table. INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426, Rename ml2_dvr_port_bindings INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524, Remove mtu column from networks. INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37, Add flavor_id to Router INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa, uniq_routerports0port_id INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf, Add support for Subnet Service Types INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4, add_qos_minimum_bandwidth_rules INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e, add standardattr to qos policies INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc, uniq_floatingips0floating_network_id0fixed_port_id0fixed_ip_addr INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d, Add ip_allocation to port INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70, add_pk_version_table INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c, extend_pk_with_host_and_add_status_to_ml2_port_binding INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c, Add data_plane_status to Port INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da, qos add direction to bw_limit_rule table INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192, add is default to qos policies INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9, logging api INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6, Add dns_domain to portdnses INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f, add mtu for networks INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a, migrate dns name from port INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad, rename tenant to project INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab, Add routerport bindings for L3 HA INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0, migrate to pluggable ipam INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62, add standardattr to qos policies INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353, Add Name and Description to the networksegments table INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586, Add binding index to RouterL3AgentBinding INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d, Remove availability ranges. 确定 [[email protected]_168_200_101 ~]#
查看数据库是否初始化成功:
[[email protected]_168_200_101 ~]# mysql -uroot -pYmY0N2RiOTk4NTc1ZDM1ZWUz neutron -e "show tables" +-----------------------------------------+ | Tables_in_neutron | +-----------------------------------------+ | address_scopes | | agents | | alembic_version | | allowedaddresspairs | | arista_provisioned_nets | | arista_provisioned_tenants | | arista_provisioned_vms | | auto_allocated_topologies | | bgp_peers | | bgp_speaker_dragent_bindings | | bgp_speaker_network_bindings | | bgp_speaker_peer_bindings | | bgp_speakers | | brocadenetworks | | brocadeports | | cisco_csr_identifier_map | | cisco_hosting_devices | | cisco_ml2_apic_contracts | | cisco_ml2_apic_host_links | | cisco_ml2_apic_names | | cisco_ml2_n1kv_network_bindings | | cisco_ml2_n1kv_network_profiles | | cisco_ml2_n1kv_policy_profiles | | cisco_ml2_n1kv_port_bindings | | cisco_ml2_n1kv_profile_bindings | | cisco_ml2_n1kv_vlan_allocations | | cisco_ml2_n1kv_vxlan_allocations | | cisco_ml2_nexus_nve | | cisco_ml2_nexusport_bindings | | cisco_port_mappings | | cisco_router_mappings | | consistencyhashes | | default_security_group | | dnsnameservers | | dvr_host_macs | | externalnetworks | | extradhcpopts | | firewall_policies | | firewall_rules | | firewalls | | flavors | | flavorserviceprofilebindings | | floatingipdnses | | floatingips | | ha_router_agent_port_bindings | | ha_router_networks | | ha_router_vrid_allocations | | healthmonitors | | ikepolicies | | ipallocationpools | | ipallocations | | ipamallocationpools | | ipamallocations | | ipamsubnets | | ipsec_site_connections | | ipsecpeercidrs | | ipsecpolicies | | logs | | lsn | | lsn_port | | maclearningstates | | members | | meteringlabelrules | | meteringlabels | | ml2_brocadenetworks | | ml2_brocadeports | | ml2_distributed_port_bindings | | ml2_flat_allocations | | ml2_geneve_allocations | | ml2_geneve_endpoints | | ml2_gre_allocations | | ml2_gre_endpoints | | ml2_nexus_vxlan_allocations | | ml2_nexus_vxlan_mcast_groups | | ml2_port_binding_levels | | ml2_port_bindings | | ml2_ucsm_port_profiles | | ml2_vlan_allocations | | ml2_vxlan_allocations | | ml2_vxlan_endpoints | | multi_provider_networks | | networkconnections | | networkdhcpagentbindings | | networkdnsdomains | | networkgatewaydevicereferences | | networkgatewaydevices | | networkgateways | | networkqueuemappings | | networkrbacs | | networks | | networksecuritybindings | | networksegments | | neutron_nsx_network_mappings | | neutron_nsx_port_mappings | | neutron_nsx_router_mappings | | neutron_nsx_security_group_mappings | | nexthops | | nsxv_edge_dhcp_static_bindings | | nsxv_edge_vnic_bindings | | nsxv_firewall_rule_bindings | | nsxv_internal_edges | | nsxv_internal_networks | | nsxv_port_index_mappings | | nsxv_port_vnic_mappings | | nsxv_router_bindings | | nsxv_router_ext_attributes | | nsxv_rule_mappings | | nsxv_security_group_section_mappings | | nsxv_spoofguard_policy_network_mappings | | nsxv_tz_network_bindings | | nsxv_vdr_dhcp_bindings | | nuage_net_partition_router_mapping | | nuage_net_partitions | | nuage_provider_net_bindings | | nuage_subnet_l2dom_mapping | | poolloadbalanceragentbindings | | poolmonitorassociations | | pools | | poolstatisticss | | portbindingports | | portdataplanestatuses | | portdnses | | portqueuemappings | | ports | | portsecuritybindings | | providerresourceassociations | | provisioningblocks | | qos_bandwidth_limit_rules | | qos_dscp_marking_rules | | qos_minimum_bandwidth_rules | | qos_network_policy_bindings | | qos_policies | | qos_policies_default | | qos_port_policy_bindings | | qospolicyrbacs | | qosqueues | | quotas | | quotausages | | reservations | | resourcedeltas | | router_extra_attributes | | routerl3agentbindings | | routerports | | routerroutes | | routerrules | | routers | | securitygroupportbindings | | securitygrouprules | | securitygroups | | segmenthostmappings | | serviceprofiles | | sessionpersistences | | standardattributes | | subnet_service_types | | subnetpoolprefixes | | subnetpools | | subnetroutes | | subnets | | subports | | tags | | trunks | | tz_network_bindings | | vcns_router_bindings | | vips | | vpnservices | +-----------------------------------------+ [[email protected]_168_200_101 ~]#
3. 重启计算的 API 服务
[[email protected]_168_200_101 ~]# systemctl restart openstack-nova-api.service [[email protected]_168_200_101 ~]# systemctl status openstack-nova-api.service ● openstack-nova-api.service - OpenStack Nova API Server Loaded: loaded (/usr/lib/systemd/system/openstack-nova-api.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:06:11 CST; 7s ago Main PID: 65164 (nova-api) CGroup: /system.slice/openstack-nova-api.service ├─65164 /usr/bin/python2 /usr/bin/nova-api ├─65174 /usr/bin/python2 /usr/bin/nova-api ├─65175 /usr/bin/python2 /usr/bin/nova-api ├─65176 /usr/bin/python2 /usr/bin/nova-api ├─65177 /usr/bin/python2 /usr/bin/nova-api ├─65178 /usr/bin/python2 /usr/bin/nova-api ├─65179 /usr/bin/python2 /usr/bin/nova-api ├─65180 /usr/bin/python2 /usr/bin/nova-api └─65181 /usr/bin/python2 /usr/bin/nova-api 2月 15 01:06:06 controller systemd[1]: Starting OpenStack Nova API Server... 2月 15 01:06:11 controller systemd[1]: Started OpenStack Nova API Server. [[email protected]_168_200_101 ~]#
4. 启动网络服务并配置开机自动运行:
[[email protected]_168_200_101 ~]# systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service \ neutron-dhcp-agent.service \ neutron-metadata-agent.service \ neutron-l3-agent.service Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service. Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service to /usr/lib/systemd/system/neutron-l3-agent.service. [[email protected]_168_200_101 ~]#
[[email protected]_168_200_101 ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service [[email protected]_168_200_101 ~]# systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service ● neutron-server.service - OpenStack Neutron Server Loaded: loaded (/usr/lib/systemd/system/neutron-server.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:11:19 CST; 10s ago Main PID: 65489 (neutron-server) CGroup: /system.slice/neutron-server.service ├─65489 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65587 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65588 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65589 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65590 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65591 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... ├─65592 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... └─65593 /usr/bin/python2 /usr/bin/neutron-server --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/server --config-file /etc/neutron/neutron.conf --config-file /et... 2月 15 01:11:11 controller systemd[1]: Starting OpenStack Neutron Server... 2月 15 01:11:12 controller neutron-server[65489]: Guru meditation now registers SIGUSR1 and SIGUSR2 by default for backward compatibility. SIGUSR1 will no longer be registered in a future relea...rate reports. 2月 15 01:11:19 controller systemd[1]: Started OpenStack Neutron Server. ● neutron-linuxbridge-agent.service - OpenStack Neutron Linux Bridge Agent Loaded: loaded (/usr/lib/systemd/system/neutron-linuxbridge-agent.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:11:11 CST; 18s ago Process: 65490 ExecStartPre=/usr/bin/neutron-enable-bridge-firewall.sh (code=exited, status=0/SUCCESS) Main PID: 65499 (neutron-linuxbr) CGroup: /system.slice/neutron-linuxbridge-agent.service ├─65499 /usr/bin/python2 /usr/bin/neutron-linuxbridge-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/linuxb... ├─65561 sudo neutron-rootwrap-daemon /etc/neutron/rootwrap.conf └─65562 /usr/bin/python2 /usr/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf 2月 15 01:11:11 controller systemd[1]: Starting OpenStack Neutron Linux Bridge Agent... 2月 15 01:11:11 controller neutron-enable-bridge-firewall.sh[65490]: net.bridge.bridge-nf-call-iptables = 1 2月 15 01:11:11 controller systemd[1]: Started OpenStack Neutron Linux Bridge Agent. 2月 15 01:11:12 controller neutron-linuxbridge-agent[65499]: Guru meditation now registers SIGUSR1 and SIGUSR2 by default for backward compatibility. SIGUSR1 will no longer be registered in a fu...ate reports. 2月 15 01:11:17 controller sudo[65561]: neutron : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/bin/neutron-rootwrap-daemon /etc/neutron/rootwrap.conf ● neutron-dhcp-agent.service - OpenStack Neutron DHCP Agent Loaded: loaded (/usr/lib/systemd/system/neutron-dhcp-agent.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:11:11 CST; 18s ago Main PID: 65491 (neutron-dhcp-ag) CGroup: /system.slice/neutron-dhcp-agent.service └─65491 /usr/bin/python2 /usr/bin/neutron-dhcp-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/dhcp_agent.ini --config-d... 2月 15 01:11:11 controller systemd[1]: Started OpenStack Neutron DHCP Agent. 2月 15 01:11:11 controller systemd[1]: Starting OpenStack Neutron DHCP Agent... 2月 15 01:11:12 controller neutron-dhcp-agent[65491]: Guru meditation now registers SIGUSR1 and SIGUSR2 by default for backward compatibility. SIGUSR1 will no longer be registered in a future r...rate reports. ● neutron-metadata-agent.service - OpenStack Neutron Metadata Agent Loaded: loaded (/usr/lib/systemd/system/neutron-metadata-agent.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:11:11 CST; 18s ago Main PID: 65492 (neutron-metadat) CGroup: /system.slice/neutron-metadata-agent.service ├─65492 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --... ├─65555 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --... └─65556 /usr/bin/python2 /usr/bin/neutron-metadata-agent --config-file /usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/metadata_agent.ini --... 2月 15 01:11:11 controller systemd[1]: Started OpenStack Neutron Metadata Agent. 2月 15 01:11:11 controller systemd[1]: Starting OpenStack Neutron Metadata Agent... 2月 15 01:11:12 controller neutron-metadata-agent[65492]: Guru meditation now registers SIGUSR1 and SIGUSR2 by default for backward compatibility. SIGUSR1 will no longer be registered in a futu...rate reports. ● neutron-l3-agent.service - OpenStack Neutron Layer 3 Agent Loaded: loaded (/usr/lib/systemd/system/neutron-l3-agent.service; enabled; vendor preset: disabled) Active: active (running) since 四 2018-02-15 01:11:11 CST; 18s ago Main PID: 65494 (neutron-l3-agen) CGroup: /system.slice/neutron-l3-agent.service └─65494 /usr/bin/python2 /usr/bin/neutron-l3-agent --config-file /usr/share/neutron/neutron-dist.conf --config-dir /usr/share/neutron/l3_agent --config-file /etc/neutron/neutron.conf --config-dir ... 2月 15 01:11:11 controller systemd[1]: Started OpenStack Neutron Layer 3 Agent. 2月 15 01:11:11 controller systemd[1]: Starting OpenStack Neutron Layer 3 Agent... 2月 15 01:11:12 controller neutron-l3-agent[65494]: Guru meditation now registers SIGUSR1 and SIGUSR2 by default for backward compatibility. SIGUSR1 will no longer be registered in a future rel...rate reports. Hint: Some lines were ellipsized, use -l to show in full. [[email protected]_168_200_101 ~]#
您可以选择一种方式赞助本站
支付宝扫一扫赞助
微信钱包扫描赞助
赏