반응형
code-name
-
keystone
-
glance
-
nova
- neutron
2019/08/16 - [IT/Openstack] - [Openstack-rocky] Ubuntu에 Openstack 설치 하기(1) - openstack PKG 설치
[Openstack-rocky] Ubuntu에 Openstack 설치 하기(1) - openstack PKG 설치
Centos/RHEL에 설치 하는 환경은 비슷하다 설치 환경 H/W : HP DL380G9 (2ea) OS : UBUNTU 18.04 LTS 최소 자원 Node CPU RAM Disk Nic controller 1 core 4GB 5GB 2 compute 1 core 2GB 10GB 2 ubuntu 18.04 네트..
louky0714.tistory.com
2019/08/16 - [IT/Openstack] - [Openstack-rocky] Ubuntu에 Openstack 설치 하기(2) - Keystone 설치
[Openstack-rocky] Ubuntu에 Openstack 설치 하기(2) - Keystone 설치
Openstack service PKG install code-name : openstack내 service pkg들은 각각의 code name으로 불리운다. keystone glance nova neutron 공통 환경 변수 controller_name="controller" controller_ip="10.168.0...
louky0714.tistory.com
2019/08/16 - [IT/Openstack] - [Openstack-rocky] Ubuntu에 Openstack 설치 하기(3) - Glance(image)설치
[Openstack-rocky] Ubuntu에 Openstack 설치 하기(3) - Glance(image)설치
Openstack service PKG install code-name keystone glance nova neutron 공통 환경 변수 controller_name="controller" controller_ip="10.168.0.101" DB_PW="maria.123" KEYSTONE_PW="keystone.123" GLANCE_PW="..
louky0714.tistory.com
2019/08/16 - [IT/Openstack] - [Openstack-rocky] Ubuntu에 Openstack 설치 하기(4) - nova(compute) 설치
[Openstack-rocky] Ubuntu에 Openstack 설치 하기(4) - nova(compute) 설치
code-name keystone glance nova neutron 공통 환경 변수 controller_name="controller" controller_ip="10.168.0.101" DB_PW="maria.123" KEYSTONE_PW="keystone.123" GLANCE_PW="glance.123" RABBIT_PW="rabbit...
louky0714.tistory.com
공통 환경 변수
|
controller_name="controller" DB_PW="maria.123" KEYSTONE_PW="keystone.123" GLANCE_PW="glance.123" RABBIT_PW="rabbit.123" NOVA_PW="nova.123" PLACEMENT_PW="placement.123" NEUTRON_PW="neutron.123" META_PW="meta.123" |
Neutron install (All node)
A. Controller node Install
A-1. neutron database생성
-DB 생성 전 확인
root@rocky-osc:~# mysql -uroot -pmaria.123 -e "show databases;"
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| nova |
| nova_api |
| nova_api_cell0 |
| nova_cell0 |
| performance_schema |
| placement |
+--------------------+-DB 생성
root@rocky-osc:~# mysql -uroot -pmaria.123 -e "CREATE DATABASE neutron;"-DB 생성 후 확인
root@rocky-osc:~# mysql -uroot -pmaria.123 -e "show databases;"
+--------------------+
| Database |
+--------------------+
| glance |
| information_schema |
| keystone |
| mysql |
| neutron |
| nova |
| nova_api |
| nova_api_cell0 |
| nova_cell0 |
| performance_schema |
| placement |
+--------------------+
A-2. neturon database권한 설정
root@rocky-osc:~# mysql -uroot -pmaria.123 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'neutron.123';"
root@rocky-osc:~# mysql -uroot -pmaria.123 -e "GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron.123';"
A-3. admin환경 변수 loading
root@rocky-osc:~# source /root/admin_openrc환경변수 설정 참고 => 2019/08/16 - [IT/Openstack] - [Openstack-rocky] Ubuntu에 Openstack 설치 하기(1) - openstack PKG 설치
A-4. openstack user neutron 생성
root@rocky-osc:~# openstack user create --domain default --password neutron.123 neutron
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | b07d469572084ebb8f8e9d75eccf5ed0 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
A-5. admin role에 neutron 추가
root@rocky-osc:~# openstack role add --project service --user neutron admin
A-6. neutron service 생성
root@rocky-osc:~# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 500b01c2937c4b60b7ac10a82044806a |
| name | neutron |
| type | network |
+-------------+----------------------------------+
A-7. neutron service endpoint 생성
root@rocky-osc:~# openstack endpoint create --region RegionOne network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 946045ef3a824c25b004805d3d401e84 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 500b01c2937c4b60b7ac10a82044806a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
root@rocky-osc:~# openstack endpoint create --region RegionOne network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 7cd7d37be6184a948114936610834350 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 500b01c2937c4b60b7ac10a82044806a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
root@rocky-osc:~# openstack endpoint create --region RegionOne network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 02ae98ebbad3421f9196215715fab503 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 500b01c2937c4b60b7ac10a82044806a |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
A-8. PKG Install
root@rocky-osc:~# apt install -y neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
A-9. Config 원본 백업
root@rocky-osc:~# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.orig
A-10. Config 수정
A-10-01. /etc/neutron/neutron.conf
root@rocky-osc:~#echo "[DEFAULT]
core_plugin = ml2
## provider settitng
#service_plugins =
## self-service setting
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:rabbit.123@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[cors]
[database]
#connection = sqlite:////var/lib/neutron/neutron.sqlite
connection = mysql+pymysql://neutron:neutron.123@controller/neutron
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron.123
[matchmaker_redis]
[nova]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova.123
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl]" > /etc/neutron/neutron.conf
A-10-02. /etc/neutron/plugins/ml2/ml2_conf.ini
root@rocky-osc:~#echo "[DEFAULT]
[l2pop]
[ml2]
## provider setting
#type_drivers = flat,vlan
#tenant_network_types =
#mechanism_drivers = linuxbridge
## self-service setting
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
## provider & self-service common
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
## self-service setting
vni_ranges = 1:1000
[securitygroup]
enable_ipset = true" > /etc/neutron/plugins/ml2/ml2_conf.ini
A-10-03. /etc/neutron/plugins/ml2/linuxbridge_agent.ini
root@rocky-osc:~# echo "[DEFAULT]
[agent]
[linux_bridge]
physical_interface_mappings = provider:eth2
[network_log]
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[vxlan]
## provider setting
#enable_vxlan = false
## self-service setting
enable_vxlan = true
local_ip = 10.168.0.101
## provider & self-service common
l2_population = true" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
A-10-04. /etc/neutron/dhcp_agent.ini
root@rocky-osc:~# echo "[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
[agent]
[ovs]
" > /etc/neutron/dhcp_agent.ini
A-10-05. /etc/neutron/l3_agent.ini
root@rocky-osc:~# echo "[DEFAULT]
interface_driver = linuxbridge
[agent]
[ovs]
" > /etc/neutron/l3_agent.ini
A-10-6. config 파일 퍼미션 변경
root@rocky-osc:~# chown root.neutron /etc/neutron/neutron.conf \
/etc/neutron/plugins/ml2/ml2_conf.ini \
/etc/neutron/plugins/ml2/linuxbridge_agent.ini \
/etc/neutron/dhcp_agent.ini \
/etc/neutron/l3_agent.ini
A-11. SystemKernel parameter 확인 및 변경
root@rocky-osc:~# sysctl -a | grep -E "net.bridge.bridge-nf-call-ip"
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
kernel 설정이 값이 1이 아닐 경우 설정
root@rocky-osc:~# echo " ### neutron parameter
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
root@rocky-osc:~# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
A-12. /etc/nova/nova.conf에 neutron config 설정
A-12-1. 기존 설정 백업
root@rocky-osc:~# cp -rpRf /etc/nova/nova.conf /etc/nova/nova.conf.bak
A-12-2. Neutron config 추가
root@rocky-osc:~# echo "[DEFAULT]
log_dir = /var/log/nova
lock_path = /var/lock/nova
state_path = /var/lib/nova
transport_url = rabbit://openstack:rabbit.123@controller
my_ip = 10.168.0.101
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
#connection = sqlite:////var/lib/nova/nova_api.sqlite
connection = mysql+pymysql://nova:nova.123@controller/nova_api
[barbican]
[cache]
[cells]
enable = False
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
#connection = sqlite:////var/lib/nova/nova.sqlite
connection = mysql+pymysql://nova:nova.123@controller/nova
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova.123
[libvirt]
[matchmaker_redis]
[metrics]
[mks]
[neutron]
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron.123
service_metadata_proxy = true
metadata_proxy_shared_secret = meta.123
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
os_region_name = openstack
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement.123
[placement_database]
connection = mysql+pymysql://placement:placement.123@controller/placement
[powervm]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
discover_hosts_in_cells_interval = 300
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = $my_ip
server_proxyclient_address = $my_ip
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm] > /etc/nova/nova.conf
A-12-3. /etc/nova/nova.conf 퍼미션 변경
root@rocky-osc:~# chown root.nova /etc/nova/nova.conf
A-13 neutron databases tabled 생성
- Table 생성 전
root@rocky-osc:~# mysql -uroot -pmaria.123 neutron -e "show tables;"
- Table 생성
root@rocky-osc:~# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> kilo
INFO [alembic.runtime.migration] Running upgrade kilo -> 354db87e3225
INFO [alembic.runtime.migration] Running upgrade 354db87e3225 -> 599c6a226151
INFO [alembic.runtime.migration] Running upgrade 599c6a226151 -> 52c5312f6baf
INFO [alembic.runtime.migration] Running upgrade 52c5312f6baf -> 313373c0ffee
INFO [alembic.runtime.migration] Running upgrade 313373c0ffee -> 8675309a5c4f
INFO [alembic.runtime.migration] Running upgrade 8675309a5c4f -> 45f955889773
INFO [alembic.runtime.migration] Running upgrade 45f955889773 -> 26c371498592
INFO [alembic.runtime.migration] Running upgrade 26c371498592 -> 1c844d1677f7
INFO [alembic.runtime.migration] Running upgrade 1c844d1677f7 -> 1b4c6e320f79
INFO [alembic.runtime.migration] Running upgrade 1b4c6e320f79 -> 48153cb5f051
INFO [alembic.runtime.migration] Running upgrade 48153cb5f051 -> 9859ac9c136
INFO [alembic.runtime.migration] Running upgrade 9859ac9c136 -> 34af2b5c5a59
INFO [alembic.runtime.migration] Running upgrade 34af2b5c5a59 -> 59cb5b6cf4d
INFO [alembic.runtime.migration] Running upgrade 59cb5b6cf4d -> 13cfb89f881a
INFO [alembic.runtime.migration] Running upgrade 13cfb89f881a -> 32e5974ada25
INFO [alembic.runtime.migration] Running upgrade 32e5974ada25 -> ec7fcfbf72ee
INFO [alembic.runtime.migration] Running upgrade ec7fcfbf72ee -> dce3ec7a25c9
INFO [alembic.runtime.migration] Running upgrade dce3ec7a25c9 -> c3a73f615e4
INFO [alembic.runtime.migration] Running upgrade c3a73f615e4 -> 659bf3d90664
INFO [alembic.runtime.migration] Running upgrade 659bf3d90664 -> 1df244e556f5
INFO [alembic.runtime.migration] Running upgrade 1df244e556f5 -> 19f26505c74f
INFO [alembic.runtime.migration] Running upgrade 19f26505c74f -> 15be73214821
INFO [alembic.runtime.migration] Running upgrade 15be73214821 -> b4caf27aae4
INFO [alembic.runtime.migration] Running upgrade b4caf27aae4 -> 15e43b934f81
INFO [alembic.runtime.migration] Running upgrade 15e43b934f81 -> 31ed664953e6
INFO [alembic.runtime.migration] Running upgrade 31ed664953e6 -> 2f9e956e7532
INFO [alembic.runtime.migration] Running upgrade 2f9e956e7532 -> 3894bccad37f
INFO [alembic.runtime.migration] Running upgrade 3894bccad37f -> 0e66c5227a8a
INFO [alembic.runtime.migration] Running upgrade 0e66c5227a8a -> 45f8dd33480b
INFO [alembic.runtime.migration] Running upgrade 45f8dd33480b -> 5abc0278ca73
INFO [alembic.runtime.migration] Running upgrade kilo -> 30018084ec99
INFO [alembic.runtime.migration] Running upgrade 30018084ec99 -> 4ffceebfada
INFO [alembic.runtime.migration] Running upgrade 4ffceebfada -> 5498d17be016
INFO [alembic.runtime.migration] Running upgrade 5498d17be016 -> 2a16083502f3
INFO [alembic.runtime.migration] Running upgrade 2a16083502f3 -> 2e5352a0ad4d
INFO [alembic.runtime.migration] Running upgrade 2e5352a0ad4d -> 11926bcfe72d
INFO [alembic.runtime.migration] Running upgrade 11926bcfe72d -> 4af11ca47297
INFO [alembic.runtime.migration] Running upgrade 4af11ca47297 -> 1b294093239c
INFO [alembic.runtime.migration] Running upgrade 1b294093239c -> 8a6d8bdae39
INFO [alembic.runtime.migration] Running upgrade 8a6d8bdae39 -> 2b4c2465d44b
INFO [alembic.runtime.migration] Running upgrade 2b4c2465d44b -> e3278ee65050
INFO [alembic.runtime.migration] Running upgrade e3278ee65050 -> c6c112992c9
INFO [alembic.runtime.migration] Running upgrade c6c112992c9 -> 5ffceebfada
INFO [alembic.runtime.migration] Running upgrade 5ffceebfada -> 4ffceebfcdc
INFO [alembic.runtime.migration] Running upgrade 4ffceebfcdc -> 7bbb25278f53
INFO [alembic.runtime.migration] Running upgrade 7bbb25278f53 -> 89ab9a816d70
INFO [alembic.runtime.migration] Running upgrade 5abc0278ca73 -> d3435b514502
INFO [alembic.runtime.migration] Running upgrade d3435b514502 -> 30107ab6a3ee
INFO [alembic.runtime.migration] Running upgrade 30107ab6a3ee -> c415aab1c048
INFO [alembic.runtime.migration] Running upgrade c415aab1c048 -> a963b38d82f4
INFO [alembic.runtime.migration] Running upgrade 89ab9a816d70 -> c879c5e1ee90
INFO [alembic.runtime.migration] Running upgrade c879c5e1ee90 -> 8fd3918ef6f4
INFO [alembic.runtime.migration] Running upgrade 8fd3918ef6f4 -> 4bcd4df1f426
INFO [alembic.runtime.migration] Running upgrade 4bcd4df1f426 -> b67e765a3524
INFO [alembic.runtime.migration] Running upgrade a963b38d82f4 -> 3d0e74aa7d37
INFO [alembic.runtime.migration] Running upgrade 3d0e74aa7d37 -> 030a959ceafa
INFO [alembic.runtime.migration] Running upgrade 030a959ceafa -> a5648cfeeadf
INFO [alembic.runtime.migration] Running upgrade a5648cfeeadf -> 0f5bef0f87d4
INFO [alembic.runtime.migration] Running upgrade 0f5bef0f87d4 -> 67daae611b6e
INFO [alembic.runtime.migration] Running upgrade 67daae611b6e -> 6b461a21bcfc
INFO [alembic.runtime.migration] Running upgrade 6b461a21bcfc -> 5cd92597d11d
INFO [alembic.runtime.migration] Running upgrade 5cd92597d11d -> 929c968efe70
INFO [alembic.runtime.migration] Running upgrade 929c968efe70 -> a9c43481023c
INFO [alembic.runtime.migration] Running upgrade a9c43481023c -> 804a3c76314c
INFO [alembic.runtime.migration] Running upgrade 804a3c76314c -> 2b42d90729da
INFO [alembic.runtime.migration] Running upgrade 2b42d90729da -> 62c781cb6192
INFO [alembic.runtime.migration] Running upgrade 62c781cb6192 -> c8c222d42aa9
INFO [alembic.runtime.migration] Running upgrade c8c222d42aa9 -> 349b6fd605a6
INFO [alembic.runtime.migration] Running upgrade 349b6fd605a6 -> 7d32f979895f
INFO [alembic.runtime.migration] Running upgrade 7d32f979895f -> 594422d373ee
INFO [alembic.runtime.migration] Running upgrade 594422d373ee -> 61663558142c
INFO [alembic.runtime.migration] Running upgrade 61663558142c -> 867d39095bf4, port forwarding
INFO [alembic.runtime.migration] Running upgrade b67e765a3524 -> a84ccf28f06a
INFO [alembic.runtime.migration] Running upgrade a84ccf28f06a -> 7d9d8eeec6ad
INFO [alembic.runtime.migration] Running upgrade 7d9d8eeec6ad -> a8b517cff8ab
INFO [alembic.runtime.migration] Running upgrade a8b517cff8ab -> 3b935b28e7a0
INFO [alembic.runtime.migration] Running upgrade 3b935b28e7a0 -> b12a3ef66e62
INFO [alembic.runtime.migration] Running upgrade b12a3ef66e62 -> 97c25b0d2353
INFO [alembic.runtime.migration] Running upgrade 97c25b0d2353 -> 2e0d7a8a1586
INFO [alembic.runtime.migration] Running upgrade 2e0d7a8a1586 -> 5c85685d616d
OK
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
Running upgrade for neutron-fwaas ...
INFO [alembic.runtime.migration] Context impl MySQLImpl.
INFO [alembic.runtime.migration] Will assume non-transactional DDL.
INFO [alembic.runtime.migration] Running upgrade -> start_neutron_fwaas, start neutron-fwaas chain
INFO [alembic.runtime.migration] Running upgrade start_neutron_fwaas -> 4202e3047e47, add_index_tenant_id
INFO [alembic.runtime.migration] Running upgrade 4202e3047e47 -> 540142f314f4, FWaaS router insertion
INFO [alembic.runtime.migration] Running upgrade 540142f314f4 -> 796c68dffbb, cisco_csr_fwaas
INFO [alembic.runtime.migration] Running upgrade 796c68dffbb -> kilo, kilo
INFO [alembic.runtime.migration] Running upgrade kilo -> c40fbb377ad, Initial Liberty no-op script.
INFO [alembic.runtime.migration] Running upgrade c40fbb377ad -> 4b47ea298795, add reject rule
INFO [alembic.runtime.migration] Running upgrade 4b47ea298795 -> d6a12e637e28, neutron-fwaas v2.0
INFO [alembic.runtime.migration] Running upgrade d6a12e637e28 -> 876782258a43, create_default_firewall_groups_table
INFO [alembic.runtime.migration] Running upgrade 876782258a43 -> f24e0d5e5bff, uniq_firewallgroupportassociation0port
INFO [alembic.runtime.migration] Running upgrade kilo -> 67c8e8d61d5, Initial Liberty no-op script.
INFO [alembic.runtime.migration] Running upgrade 67c8e8d61d5 -> 458aa42b14b, fw_table_alter script to make <name> column case sensitive
INFO [alembic.runtime.migration] Running upgrade 458aa42b14b -> f83a0b2964d0, rename tenant to project
INFO [alembic.runtime.migration] Running upgrade f83a0b2964d0 -> fd38cd995cc0, change shared attribute for firewall resource
OK
- Table 생성 확인
root@rocky-osc:~# mysql -uroot -pmaria.123 neutron -e "show tables;"
+-----------------------------------------+
| Tables_in_neutron |
+-----------------------------------------+
| address_scopes |
| agents |
| alembic_version |
| alembic_version_fwaas |
| allowedaddresspairs |
| arista_provisioned_nets |
| arista_provisioned_tenants |
| arista_provisioned_vms |
| auto_allocated_topologies |
| bgp_peers |
| bgp_speaker_dragent_bindings |
| bgp_speaker_network_bindings |
| bgp_speaker_peer_bindings |
| bgp_speakers |
| brocadenetworks |
| brocadeports |
| cisco_csr_identifier_map |
| cisco_firewall_associations |
| cisco_hosting_devices |
| cisco_ml2_apic_contracts |
| cisco_ml2_apic_host_links |
| cisco_ml2_apic_names |
| cisco_ml2_n1kv_network_bindings |
| cisco_ml2_n1kv_network_profiles |
| cisco_ml2_n1kv_policy_profiles |
| cisco_ml2_n1kv_port_bindings |
| cisco_ml2_n1kv_profile_bindings |
| cisco_ml2_n1kv_vlan_allocations |
| cisco_ml2_n1kv_vxlan_allocations |
| cisco_ml2_nexus_nve |
| cisco_ml2_nexusport_bindings |
| cisco_port_mappings |
| cisco_router_mappings |
| consistencyhashes |
| default_firewall_groups |
| default_security_group |
| dnsnameservers |
| dvr_host_macs |
| externalnetworks |
| extradhcpopts |
| firewall_group_port_associations_v2 |
| firewall_groups_v2 |
| firewall_policies |
| firewall_policies_v2 |
| firewall_policy_rule_associations_v2 |
| firewall_router_associations |
| firewall_rules |
| firewall_rules_v2 |
| firewalls |
| flavors |
| flavorserviceprofilebindings |
| floatingipdnses |
| floatingips |
| ha_router_agent_port_bindings |
| ha_router_networks |
| ha_router_vrid_allocations |
| healthmonitors |
| ikepolicies |
| ipallocationpools |
| ipallocations |
| ipamallocationpools |
| ipamallocations |
| ipamsubnets |
| ipsec_site_connections |
| ipsecpeercidrs |
| ipsecpolicies |
| logs |
| lsn |
| lsn_port |
| maclearningstates |
| members |
| meteringlabelrules |
| meteringlabels |
| ml2_brocadenetworks |
| ml2_brocadeports |
| ml2_distributed_port_bindings |
| ml2_flat_allocations |
| ml2_geneve_allocations |
| ml2_geneve_endpoints |
| ml2_gre_allocations |
| ml2_gre_endpoints |
| ml2_nexus_vxlan_allocations |
| ml2_nexus_vxlan_mcast_groups |
| ml2_port_binding_levels |
| ml2_port_bindings |
| ml2_ucsm_port_profiles |
| ml2_vlan_allocations |
| ml2_vxlan_allocations |
| ml2_vxlan_endpoints |
| multi_provider_networks |
| networkconnections |
| networkdhcpagentbindings |
| networkdnsdomains |
| networkgatewaydevicereferences |
| networkgatewaydevices |
| networkgateways |
| networkqueuemappings |
| networkrbacs |
| networks |
| networksecuritybindings |
| networksegments |
| neutron_nsx_network_mappings |
| neutron_nsx_port_mappings |
| neutron_nsx_router_mappings |
| neutron_nsx_security_group_mappings |
| nexthops |
| nsxv_edge_dhcp_static_bindings |
| nsxv_edge_vnic_bindings |
| nsxv_firewall_rule_bindings |
| nsxv_internal_edges |
| nsxv_internal_networks |
| nsxv_port_index_mappings |
| nsxv_port_vnic_mappings |
| nsxv_router_bindings |
| nsxv_router_ext_attributes |
| nsxv_rule_mappings |
| nsxv_security_group_section_mappings |
| nsxv_spoofguard_policy_network_mappings |
| nsxv_tz_network_bindings |
| nsxv_vdr_dhcp_bindings |
| nuage_net_partition_router_mapping |
| nuage_net_partitions |
| nuage_provider_net_bindings |
| nuage_subnet_l2dom_mapping |
| poolloadbalanceragentbindings |
| poolmonitorassociations |
| pools |
| poolstatisticss |
| portbindingports |
| portdataplanestatuses |
| portdnses |
| portforwardings |
| portqueuemappings |
| ports |
| portsecuritybindings |
| providerresourceassociations |
| provisioningblocks |
| qos_bandwidth_limit_rules |
| qos_dscp_marking_rules |
| qos_fip_policy_bindings |
| qos_minimum_bandwidth_rules |
| qos_network_policy_bindings |
| qos_policies |
| qos_policies_default |
| qos_port_policy_bindings |
| qospolicyrbacs |
| qosqueues |
| quotas |
| quotausages |
| reservations |
| resourcedeltas |
| router_extra_attributes |
| routerl3agentbindings |
| routerports |
| routerroutes |
| routerrules |
| routers |
| securitygroupportbindings |
| securitygrouprules |
| securitygroups |
| segmenthostmappings |
| serviceprofiles |
| sessionpersistences |
| standardattributes |
| subnet_service_types |
| subnetpoolprefixes |
| subnetpools |
| subnetroutes |
| subnets |
| subports |
| tags |
| trunks |
| tz_network_bindings |
| vcns_router_bindings |
| vips |
| vpnservices |
+-----------------------------------------+
A-14 neutron pkg daemon 재시작
root@rocky-osc:~# service nova-api restart
root@rocky-osc:~# service neutron-server restart
root@rocky-osc:~# service neutron-linuxbridge-agent restart
root@rocky-osc:~# service neutron-dhcp-agent restart
root@rocky-osc:~# service neutron-metadata-agent restart
## self-service 설정시
root@rocky-osc:~# service neutron-l3-agent restart
B. Compute node Install
B-1. PKG Install
root@rocky-nova01:~# apt install -y neutron-linuxbridge-agent
B-2. Config 원본 백업
root@rocky-nova01:~# mv /etc/neutron/neutron.conf /etc/neutron/neutron.conf.orig
root@rocky-nova01:~# mv /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.orig
B-3. Config 수정
B-3-1. /etc/neutron/neutron.conf
root@rocky-nova01:~# echo "[DEFAULT]
core_plugin = ml2
auth_strategy = keystone
transport_url = rabbit://openstack:rabbit.123@controller
[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf
[cors]
[database]
connection = sqlite:////var/lib/neutron/neutron.sqlite
[keystone_authtoken]
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron.123
[matchmaker_redis]
[nova]
[oslo_concurrency]
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[quotas]
[ssl] " > /etc/neutron/neutron.conf
B-3-1. /etc/neutron/plugins/ml2/linuxbridge_agent.ini
root@rocky-nova01:~# echo "[DEFAULT]
[agent]
[linux_bridge]
physical_interface_mappings = provider:eth2
[network_log]
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[vxlan]
## provider setting
#enable_vxlan = false
## Self-service setting
enable_vxlan = true
local_ip = 10.168.0.111
l2_population = true" > /etc/neutron/plugins/ml2/linuxbridge_agent.ini
B-4. /etc/nova/nova.conf에 neutron config 추가
B-4-1. /etc/nova/nova.conf 백업
root@rocky-nova01:~# mv /etc/nova/nova.conf /etc/nova/nova.conf.bak
B-4-2. /etc/nova/nova.conf 수정
root@rocky-nova01:~# echo "[DEFAULT]
log_dir = /var/log/nova
lock_path = /var/lock/nova
state_path = /var/lib/nova
transport_url = rabbit://openstack:rabbit.123@controller
my_ip = 10.168.0.111
use_neutron = true
firewall_driver = nova.virt.firewall.NoopFirewallDriver
[api]
auth_strategy = keystone
[api_database]
connection = sqlite:////var/lib/nova/nova_api.sqlite
[barbican]
[cache]
[cells]
enable = False
[cinder]
[compute]
[conductor]
[console]
[consoleauth]
[cors]
[database]
connection = sqlite:////var/lib/nova/nova.sqlite
[devices]
[ephemeral_storage_encryption]
[filter_scheduler]
[glance]
api_servers = http://controller:9292
[guestfs]
[healthcheck]
[hyperv]
[ironic]
[key_manager]
[keystone]
[keystone_authtoken]
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = nova
password = nova.123
[libvirt]
[matchmaker_redis]
[metrics]
[mks]
[neutron]
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron.123
[notifications]
[osapi_v21]
[oslo_concurrency]
lock_path = /var/lib/nova/tmp
[oslo_messaging_amqp]
[oslo_messaging_kafka]
[oslo_messaging_notifications]
[oslo_messaging_rabbit]
[oslo_messaging_zmq]
[oslo_middleware]
[oslo_policy]
[pci]
[placement]
os_region_name = openstack
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = placement.123
[placement_database]
[powervm]
[profiler]
[quota]
[rdp]
[remote_debug]
[scheduler]
[serial_console]
[service_user]
[spice]
[upgrade_levels]
[vault]
[vendordata_dynamic_auth]
[vmware]
[vnc]
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://${controller_ip}:6080/vnc_auto.html
[workarounds]
[wsgi]
[xenserver]
[xvp]
[zvm] " > /etc/nova/nova.conf
B-5. config 파일 퍼미션 변경
root@rocky-nova01:~# chown root.neutron /etc/neutron/neutron.conf /etc/neutron/plugins/ml2/linuxbridge_agent.ini
root@rocky-nova01:~# chown root.nova /etc/nova/nova.conf
B-6. SystemKernel parameter 확인 및 변경
root@rocky-nova01:~# sysctl -a | grep -E "net.bridge.bridge-nf-call-ip"
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
kernel 설정이 값이 1이 아닐 경우 설정
root@rocky-nova01:~# echo " ### neutron parameter
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1" >> /etc/sysctl.conf
root@rocky-nova01:~# sysctl -p
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
B-7. PKG daemon 재시작
root@rocky-nova01:~# service nova-compute restart
root@rocky-nova01:~# service neutron-linuxbridge-agent restart
C. neutron 설정 확인
C-1. 환경변수 loading
root@rocky-osc:~# source admin_openrc
C-2. 확인
root@rocky-osc:~# openstack network agent list
+--------------------------------------+--------------------+--------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+--------------+-------------------+-------+-------+---------------------------+
| 421491a0-9b0a-49cc-a0c6-7e29eb058cd0 | Linux bridge agent | rocky-osc | None | :-) | UP | neutron-linuxbridge-agent |
| 6b2c9e1c-96d7-443e-9e74-c13a296ff383 | Linux bridge agent | rocky-nova01 | None | :-) | UP | neutron-linuxbridge-agent |
| 6c300e91-48e7-4625-a2ab-7a8d3b9321b8 | DHCP agent | rocky-osc | nova | :-) | UP | neutron-dhcp-agent |
| 79c8261f-316e-499d-a5ea-b532c090d715 | Metadata agent | rocky-osc | None | :-) | UP | neutron-metadata-agent |
| c18c52a4-c1db-4149-baa7-1c3c3c3863c8 | L3 agent | rocky-osc | nova | :-) | UP | neutron-l3-agent |
+--------------------------------------+--------------------+--------------+-------------------+-------+-------+---------------------------+반응형
'IT > Openstack' 카테고리의 다른 글
| [Openstack - Train] Centos에 설치하기(1) - SQL Database Install (0) | 2019.10.31 |
|---|---|
| [Openstack - Train] Centos에 설치하기(1) - Repository 설정 (0) | 2019.10.31 |
| [Openstack-rocky] Ubuntu에 Openstack 설치 하기(4) - nova(compute) 설치 (0) | 2019.08.16 |
| [Openstack-rocky] Ubuntu에 Openstack 설치 하기(3) - Glance(image)설치 (0) | 2019.08.16 |
| [Openstack-rocky] Ubuntu에 Openstack 설치 하기(2) - Keystone 설치 (0) | 2019.08.16 |