compute1(计算节点):
[root@compute1 ~]# yum install openstack-neutron openstack-neutron-linuxbridge ebtables ipset -y
配置Networking通用组件,Networking 通用组件的配置包括认证机制、消息队列和插件。
[root@compute1 ]# grep "^[a-z]" -B 1 /etc/neutron/neutron.conf
[DEFAULT]
rpc_backend = rabbit #配置RabbitMQ消息队列访问
auth_strategy = keystone #配置认证服务访问 在 [keystone_authtoken] 中注释或者删除其他选项。
verbose = True
[keystone_authtoken] #配置认证服务访问
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = 123456
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp #配置锁路径
[oslo_messaging_rabbit] # #配置RabbitMQ消息队列访问
rabbit_host = controlle
rabbit_userid = openstack
rabbit_password = 123456
配置Linux 桥接代理
[root@compute1 ]# grep "^[a-z]" -B 1 /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = public:eth0 #映射公共虚拟网络到公共物理网络接口
[vxlan] #启用VXLAN覆盖网络,配置处理覆盖网络和启用layer-2 的物理网络接口的IP地址
enable_vxlan = True
local_ip = 192.168.1.102
l2_population = True
[agent]
prevent_arp_spoofing = True #启用ARP欺骗防护
[securitygroup] #启用安全组并配置 Linux 桥接 iptables 防火墙驱动
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[root@compute1 ~]#systemctl restart openstack-nova-compute.service # 重启计算服务
[root@compute1 ~]#systemctl enable neutron-linuxbridge-agent.service #启动Linux桥接代理并配置它开机自启动
[root@compute1 ~]#systemctl start neutron-linuxbridge-agent.service
