OpenStack---T version-neutron component deployment process

Create the database neutron and authorize it

Create the database neutron and authorize it

[root@ct ~]# mysql -u root -p
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> flush privileges;
MariaDB [(none)]> exit

Create a neutron user for authentication in keystone

[root@ct ~]# openstack user create --domain default --password NEUTRON_PASS neutron

$[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-tNTHF9Ok-1614062793944) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222220657005.png)]$

Add the neutron user to the service project with administrator rights

[root@ct ~]# openstack role add --project service --user neutron admin

Create a network service, the service type is network

[root@ct ~]# openstack service create --name neutron --description "OpenStack Networking" network

$[External link image transfer failed. The source site may have an anti-hotlinking mechanism. It is recommended to save the image and upload it directly (img-W7avr1Ka-1614062793945) (C:\Users\Zhu Junjie\AppData\Roaming\Typora\typora-user-images\ image-20210222220800609.png)]$

Register the API to the neutron service, associate the port with the neutron service, that is, add an endpoint

[root@ct ~]# openstack endpoint create --region RegionOne network public http://ct:9696
[root@ct ~]# openstack endpoint create --region RegionOne network internal http://ct:9696	
[root@ct ~]# openstack endpoint create --region RegionOne network admin http://ct:9696

Insert picture description here

Install provider network (bridging)
The ebtables package is used to manage iptables rules

[root@ct ~]# yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables conntrack-tools

Change the main configuration file

#修改主配置文件neutron.conf
[root@ct ~]# cp -a /etc/neutron/neutron.conf{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf database connection mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf DEFAULT allow_overlapping_ips true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_status_changes true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT notify_nova_on_port_data_changes true
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
[root@ct ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  auth_url http://ct:5000
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  auth_type password
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  project_domain_name default
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  user_domain_name default
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  region_name RegionOne
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  project_name service
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  username nova
[root@ct ~]# openstack-config --set  /etc/neutron/neutron.conf nova  password NOVA_PASS

#查看配置文件
[root@ct ~]# cat /etc/neutron/neutron.conf
[root@ct neutron]# cat neutron.conf
[DEFAULT]
core_plugin = ml2						#启用二层网络插件
service_plugins = router					#启用三层网络插件
allow_overlapping_ips = true
transport_url = rabbit://openstack:RABBIT_PASS@ct		#配置rabbitmq连接
auth_strategy = keystone					#认证的方式:keystone
notify_nova_on_port_status_changes = true			#当网络接口发生变化时，通知给计算节点	
notify_nova_on_port_data_changes = true			#当端口数据发生变化，通知计算节点
[cors]
[database]						#配置数据库连接
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@ct/neutron
[keystone_authtoken]					#配置keystone认证信息
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
[oslo_concurrency]						#配置锁路径
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]
[nova]							#neutron需要给nova返回数据
auth_url = http://ct:5000					#到keystone认证nova
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova						#通过nova的用户名和密码到keystone验证nova的token
password = NOVA_PASS

Modify the ML2 plugin configuration file ml2_conf.ini

#修改参数
[root@ct ~]# cp -a /etc/neutron/plugins/ml2/ml2_conf.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/ml2_conf.ini.bak > /etc/neutron/plugins/ml2/ml2_conf.ini
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers  flat,vlan,vxlan
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers  linuxbridge,l2population
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 extension_drivers  port_security
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks  provider
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:1000
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup enable_ipset  true

[root@ct ~]# cat /etc/neutron/plugins/ml2/ml2_conf.ini
#查看配置文件
[DEFAULT]
[ml2]
type_drivers = flat,vlan,vxlan				#配置驱动类型；单一扁平网络(桥接)和vlan；让二层网络支持桥接，支持基于vlan做子网划分
tenant_network_types = vxlan				#租户网络类型(vxlan）
mechanism_drivers = linuxbridge,l2population		#启用Linuxbridge和l2机制，(l2population机制是为了简化网络通信拓扑，减少网络广播)：
extension_drivers = port_security			#启用端口安全扩展驱动程序，基于iptables实现访问控制；但配置了扩展安全组会导致一些端口限制，造成一些服务无法启动 

[ml2_type_flat]
flat_networks = provider				#配置公共虚拟网络为flat网络

[ml2_type_vxlan]
vni_ranges = 1:1000				#为私有网络配置VXLAN网络识别的网络范围

[securitygroup]
enable_ipset = true					#启用 ipset 增加安全组的方便性

Modify the linux bridge network provider configuration file

#Linux网桥
[root@ct ~]# cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:eth1		
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.100.10		
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
[root@ct ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true
[root@ct ~]# openstack-config --set / securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

#查看配置文件
[root@ct ~]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]

[linux_bridge]
physical_interface_mappings = provider:eth1			#指定上个文件中的桥接网络名称，与eth0物理网卡做关联，后期给虚拟机分配external网络，就可以通过eth0上外网；物理网卡有可能是bind0、br0等

[vxlan]							#启用VXLAN覆盖网络，配置覆盖网络的物理网络接口的IP地址，启用layer－2 population
enable_vxlan = true						#允许用户创建自定义网络(3层网络)
local_ip = 192.168.100.11
l2_population = true

[securitygroup]						#启用安全组并配置 Linux 桥接 iptables 防火墙驱动
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Modify kernel parameters

[root@ct ~]# echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf
[root@ct ~]# echo 'echnet.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf
[root@ct ~]# modprobe br_netfilter	#表示向内核加入参数
[root@ct ~]# sysctl -p
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1

Configure Linuxbridge interface driver and external network bridge

[root@ct ~]# grep -Ev '^$|#' /etc/neutron/l3_agent.ini.bak > /etc/neutron/l3_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver linuxbridge
[root@ct ~]# cat /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge

Modify the dhcp_agent configuration file

[root@ct ~]# cp -a /etc/neutron/dhcp_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/dhcp_agent.ini.bak > /etc/neutron/dhcp_agent.ini 
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver linuxbridge
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
[root@ct ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT enable_isolated_metadata true

Modify the content of the dhcp_agent configuration file

[root@ct ~]# cat /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge	    #指定默认接口驱动为linux网桥
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq	#指定DHCP驱动
enable_isolated_metadata = true			#开启iso元数据

Configure metadata proxy, general configuration used to configure bridging and self-service networks

[root@ct ~]# cp -a /etc/neutron/metadata_agent.ini{,.bak}
[root@ct ~]# grep -Ev '^$|#' /etc/neutron/metadata_agent.ini.bak > /etc/neutron/metadata_agent.ini
[root@ct ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT nova_metadata_host ct
[root@ct ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT metadata_proxy_shared_secret METADATA_SECRET

Configuration file content

[root@ct ~]# cat /etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_host = ct
metadata_proxy_shared_secret = METADATA_SECRET
[cache]

Modify the nova configuration file for neutron interaction

#修改CT配置文件
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron url http://ct:9696
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron auth_type password
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron service_metadata_proxy true
[root@ct ~]# openstack-config --set /etc/nova/nova.conf neutron metadata_proxy_shared_secret METADATA_SECRET

Create ML2 plug-in file symbolic link
The network service initialization script requires /etc/neutron/plugin.ini to point to the symbolic link of the ML2 plug-in configuration file

[root@ct ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Initialize the database

[root@ct ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Restart the compute node nova-api service

[root@ct ~]# systemctl restart openstack-nova-api.service

Start the neutron service, set the boot to start automatically

[root@ct ~]# systemctl enable neutron-server.service \
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
> neutron-metadata-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-server.service to /usr/lib/systemd/system/neutron-server.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service to /usr/lib/systemd/system/neutron-linuxbridge-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-dhcp-agent.service to /usr/lib/systemd/system/neutron-dhcp-agent.service.
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-metadata-agent.service to /usr/lib/systemd/system/neutron-metadata-agent.service.
[root@ct ~]# systemctl start neutron-server.service \
> neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
> neutron-metadata-agent.service
[root@ct ~]# netstat -anutp |grep 9696
tcp        0      0 0.0.0.0:9696            0.0.0.0:*               LISTEN      65221/server.log

Because the third layer L3 network service is configured, the third layer service needs to be started

[root@ct ~]# systemctl enable neutron-l3-agent.service
Created symlink from /etc/systemd/system/multi-user.target.wants/neutron-l3-agent.service to /usr/lib/systemd/system/neutron-l3-agent.service.
[root@ct ~]# systemctl restart neutron-l3-agent.service

##c1 Node operation

[root@c1 ~]# yum -y install openstack-neutron-linuxbridge ebtables ipset conntrack-tools
#ipset：iptables的扩展，允许匹配规则的集合而不仅仅是一个IP

Modify the neutron.conf file

【修改配置文件（C1、C2)】
[root@c1 ~]# cp -a /etc/neutron/neutron.conf{,.bak}
[root@c1 ~]# grep -Ev '^$|#' /etc/neutron/neutron.conf.bak > /etc/neutron/neutron.conf
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT transport_url rabbit://openstack:RABBIT_PASS@ct
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken www_authenticate_uri http://ct:5000
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://ct:5000
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken memcached_servers ct:11211
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_type password
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_domain_name default
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken user_domain_name default
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken project_name service
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken username neutron
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken password NEUTRON_PASS
[root@c1 ~]# openstack-config --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp


【查看配置文件】

[root@c1 ~]# cat /etc/neutron/neutron.conf

[DEFAULT]					#neutron的server端与agent端通讯也是通过rabbitmq进行通讯的
transport_url = rabbit://openstack:RABBIT_PASS@ct
auth_strategy = keystone				#认证策略：keystone
[cors]
[database]

[keystone_authtoken]				#指定keystone认证的信息
www_authenticate_uri = http://ct:5000
auth_url = http://ct:5000
memcached_servers = ct:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS

[oslo_concurrency]					#配置锁路径（管理线程库）
lock_path = /var/lib/neutron/tmp

[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_middleware]
[oslo_policy]
[privsep]
[ssl]

Configure Linux bridge agent

【修改C1、C2 Linuxbridge网桥配置文件】
[root@c1 ~]# cp -a /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.bak}
[root@c1 ~]# grep -Ev '^$|#' /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings  provider:eth0
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan  true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip 192.168.100.20
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group  true
[root@c1 ~]# openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver  neutron.agent.linux.iptables_firewall.IptablesFirewallDriver


[root@c1 ml2]# cat linuxbridge_agent.ini
[DEFAULT]
[linux_bridge]
physical_interface_mappings = provider:eth0
● 直接将node节点external网络绑定在当前节点的指定的物理网卡，不需要node节点配置网络名称，node节点只需要接收controller节点指令即可；controller节点上配置的external网络名称是针对整个openstack环境生效的，所以指定external网络绑定在当前node节点的eth0物理网卡上(也可能是bind0或br0)

[vxlan]
enable_vxlan = true							#开启Vxlan网络
local_ip = 192.168.100.20
l2_population = true						#L2 Population 是用来提高 VXLAN 网络扩展能力的组件

[securitygroup]
enable_security_group = true						#开启安全组
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver	#指定安全组驱动文件

Modify the kernel

[root@c1 ~]# echo 'net.bridge.bridge-nf-call-iptables=1' >> /etc/sysctl.conf   #允许虚拟机的数据通过物理机出去
[root@c1 ~]# echo 'net.bridge.bridge-nf-call-ip6tables=1' >> /etc/sysctl.conf
[root@c1 ~]# modprobe br_netfilter   #modprobe：用于向内核中加载模块或者从内核中移除模块。modprobe -r 表示移除
[root@c1 ~]# sysctl -p
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1

Modify the nova.conf configuration file

[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron auth_url http://ct:5000
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron auth_type password
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron project_domain_name default
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron user_domain_name default
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron region_name RegionOne
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron project_name service
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron username neutron
[root@c1 ~]# openstack-config --set /etc/nova/nova.conf neutron password NEUTRON_PASS


查看修改内容
[root@c1 ~]# cat /etc/nova/nova.conf
[neutron]
auth_url = http://ct:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS

##Verify service component ct node

[root@ct ~]# openstack extension list --network
[root@ct ~]# openstack network agent list

Insert picture description here

C2 node deploys neutron service (same as C1 node)

#summary

All three nodes need to be configured with a neutron network. The following is the deployment idea:

Configure the user, authentication, and endpoint of the neutron component

Set the provider network (here is the bridge mode)

① Configure Layer 2 network

② Configure the bridge (plug-in)

③ Optimize the kernel

④ Configure the bridge interface to connect with the outside

⑤ Modify DHCP configuration (modify configuration file, proxy)

⑥ Configure the configuration of the bridge and internal components (modify the configuration file, proxy)

Set the configuration of neutron and nova interconnection

Certificate service component ct node

[root@ct ~]# openstack extension list --network
[root@ct ~]# openstack network agent list

[External link image is being transferred...(img-Lvfzyorw-1614062793948)]

[External link image is being transferred...(img-Z64vlr75-1614062793949)]

C2 node deploys neutron service (same as C1 node)

#summary

All three nodes need to be configured with a neutron network. The following is the deployment idea:

Configure the user, authentication, and endpoint of the neutron component

Set the provider network (here is the bridge mode)

① Configure Layer 2 network

② Configure the bridge (plug-in)

③ Optimize the kernel

④ Configure the bridge interface to connect with the outside

⑤ Modify DHCP configuration (modify configuration file, proxy)

⑥ Configure the configuration of the bridge and internal components (modify the configuration file, proxy)

Set the configuration of neutron and nova interconnection

The C1 and C2 nodes have the same configuration

OpenStack---T version-neutron component deployment process

OpenStack---T version-neutron component deployment process

Create the database neutron and authorize it

Guess you like