一、测试环境
二、查询当前openstack的网络类型
三、neutron的配置(controller节点)
1. 关闭Linuxbridge服务
2. 重建neutron数据库
3. 安装openvswitch软件包
4. 配置ML2 插件
5. 配置ML3 插件
6. 配置openvswitch_agent
7. 配置dhcp
8. 初始化neutron数据库
9. 启动openswitch服务
四、neutron的配置(compute节点)
1. 关闭Linuxbridge服务
2. 安装openvswitch软件包
3. 配置openvswitch_agent
4. 启动openswitch服务
五、控制节点执行以下操作
1. 查询网络的类型是否为OVS
2. 删除之前留下的Linuxbridge网桥信息
3. 添加br-ex网桥
4. 查看ovs的状态
六、dashboard界面正常创建网络
1. 创建完成如下图
2. 创建云主机访问百度测试
基于这个篇博客的环境来进行配置:OpenStack Stein版部署
[root@controller ~]# openstack network agent list +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | 3adf1be0-6bb2-4407-97a8-4650c853c37a | Linux bridge agent | compute | None | :-) | UP | neutron-linuxbridge-agent | | 608949e5-f0de-451e-9c58-d43d47901ed8 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent | | 8bbbd0b9-80ee-49d7-936c-2d357847c0a6 | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent | | b237a133-3ecd-485a-8270-dd5708a175cd | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent | | e98685f1-f6f3-499a-89f1-5b215cbe0a8d | L3 agent | controller | nova | :-) | UP | neutron-l3-agent | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
原来的配置不动,只需要修改如下几个文件里面的内容即可
[root@controller ~]# systemctl stop neutron-linuxbridge-agent.service [root@controller ~]# systemctl disable neutron-linuxbridge-agent.service Removed symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service.
MariaDB [(none)]> DROP DATABASE neutron; MariaDB [(none)]> CREATE DATABASE neutron; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000'; MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';
3. 安装openvswitch软件包
[root@controller ~]# yum install openstack-neutron-openvswitch -y
修改如下内容即可 [root@controller ~]# vi /etc/neutron/plugins/ml2/ml2_conf.ini [ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = openvswitch,l2population extension_drivers = port_security [ml2_type_flat] flat_networks = provider [securitygroup] enable_ipset = true [ml2_type_vxlan] vni_ranges = 1:1000 [ml2_type_vlan] network_vlan_ranges = default:3001:4000
[root@controller ~]# vi /etc/neutron/l3_agent.ini [DEFAULT] verbose = true interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver external_network_bridge = br-ex
[root@controller ~]# vi /etc/neutron/plugins/ml2/openvswitch_agent.ini [ovs] tunnel_bridge = br-tun local_ip = 192.168.100.10 #隧道IP地址即管理网卡IP地址 integration_bridge = br-int tenant_network_type = vxlan tunnel_type = vxlan tunnel_id_ranges = 1:1000 enable_tunneling = true bridge_mappings = provider:br-ex prevent_arp_spoofing = true [agent] tunnel_types = vxlan l2_population = true [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = true
[root@controller ~]# vi /etc/neutron/dhcp_agent.ini [DEFAULT] interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true
[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
[root@controller ~]# systemctl restart neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service [root@controller ~]# systemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@compute ~]# systemctl stop neutron-linuxbridge-agent.service [root@compute ~]# systemctl disable neutron-linuxbridge-agent.service
[root@controller ~]# yum install openstack-neutron-openvswitch -y
[root@compute ~]# vi /etc/neutron/plugins/ml2/openvswitch_agent.ini [ovs] tunnel_bridge = br-tun local_ip = 192.168.100.20 #隧道IP地址 管理网卡IP地址 integration_bridge = br-int tenant_network_type = vxlan tunnel_type = vxlan tunnel_id_ranges = 1:1000 enable_tunneling = true [agent] tunnel_types = vxlan l2_population = true [securitygroup] firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver enable_security_group = true
[root@compute ~]# systemctl start neutron-openvswitch-agent.service [root@compute ~]# systemctl enable neutron-openvswitch-agent.service
[root@controller ~]# openstack network agent list +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | 1e651e34-d239-43fb-8af7-553411afe406 | Open vSwitch agent | compute | None | :-) | UP | neutron-openvswitch-agent | | 2f8e4601-47ae-4ce6-8c8f-9ed7b3fe648c | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent | | 41e68b12-2003-4534-97a4-107bb0390cb7 | Linux bridge agent | compute | None | XXX | UP | neutron-linuxbridge-agent | | 825f9141-08bd-47f7-8cc5-7eeee9cbb522 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent | | a6bf0bf8-508e-4bb0-9540-2c41c00b83bd | Open vSwitch agent | controller | None | :-) | UP | neutron-openvswitch-agent | | f62de0be-8a0a-4037-b3b7-01070c10c885 | L3 agent | controller | nova | :-) | UP | neutron-l3-agent | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
不操作这一步添加br-ex会报错
先使用 brctl delif 网桥名称 绑定网卡的名称 这条命令解除网卡的绑定 brctl delif brq59014ca7-b8 ens34 然后down掉对应的网桥 在进行删除即可 [root@controller ~]# ifconfig brq59014ca7-b8 down [root@controller ~]# ifconfig brqdb369f01-a7 down [root@controller ~]# ifconfig vxlan-1 down [root@controller ~]# brctl show 查看网桥信息 bridge name bridge id STP enabled interfaces brq59014ca7-b8 8000.000000000000 no brqdb369f01-a7 8000.000000000000 no [root@controller ~]# brctl delbr brq59014ca7-b8 [root@controller ~]# brctl delbr brqdb369f01-a7 [root@controller ~]# brctl show bridge name bridge id STP enabled interfaces
[root@controller ~]# ovs-vsctl add-br br-ex [root@controller ~]# ovs-vsctl add-port br-ex ens34 然后重启以下控制节点和计算节点的网络服务即可
br-ex 上网用的主要连接外部网卡
br-tun 隧道网卡,建立隧道的
br-int 确保云主机可以上网的br-tun这里会显示隧道的IP地址
[root@controller ~]# ovs-vsctl show [root@controller ~]# ovs-vsctl show 8f6d9ea5-4be3-409e-af6e-e9c2b1783dfe Manager "ptcp:6640:127.0.0.1" is_connected: true Bridge br-ex Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure Port "ens34" Interface "ens34" Port br-ex Interface br-ex type: internal Port phy-br-ex Interface phy-br-ex type: patch options: {peer=int-br-ex} Bridge br-tun Controller "tcp:127.0.0.1:6633" is_connected: true fail_mode: secure Port "vxlan-c0a86414" Interface "vxlan-c0a86414" type: vxlan options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.100.10", out_key=flow, remote_ip="192.168.100.20"} Port patch-int Interface patch-int type: patch options: {peer=patch-tun} Port br-tun Interface br-tun type: internal
摘自: https://blog.csdn.net/qq_45631844/article/details/120822263