['나는 한다 Openstack 설치를' 시리즈 6편]매뉴얼대로 Centos에 openstack icehouse 설치하기, neutron 설치하기
이번에는 networking service인 neutron을 설치하도록 하겠습니다.
controller node 설정하기
1. neutron 데이터베이스 만들기
# mysql -u root -p
mysql> CREATE DATABASE neutron;
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY '<비밀번호>';
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY '<비밀번호>';
mysql> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'controller' \
IDENTIFIED BY '<비밀번호>';
mysql> exit
2. 인증 서비스 만들기
- neutron user 만들기
# keystone user-create --name neutron --pass <비밀번호> --email <email주소> - neutron user 연결하기
# keystone user-role-add --user neutron --tenant service --role admin - neutron service 만들기
# keystone service-create --name neutron --type network --description "OpenStack Networking" - 서비스 끝점 만들기
# keystone endpoint-create \
--service-id $(keystone service-list | awk '/ network / {print $2}') \
--publicurl http://192.168.137.201:9696 \
--adminurl http://192.168.137.201:9696 \
--internalurl http://192.168.137.201:9696
3. networking components 설치하기
# yum install -y openstack-neutron openstack-neutron-ml2 python-neutronclient
4. 데이터베이스를 사용하기 위해 networking 설정하기
# openstack-config --set /etc/neutron/neutron.conf database connection \
mysql://neutron:<비밀번호>@controller/neutron
5. 인증 서비스를 사용하기 위해 networking 설정하기
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
auth_strategy keystone
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_uri http://192.168.137.201:5000
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_host controller
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_protocol http
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_port 35357
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_tenant_name service
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_user neutron
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_password <비밀번호>
6. qpid 사용을 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
qpid_hostname controller
7. 네트워크 변경 시 compute node에 알리기 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
notify_nova_on_port_status_changes True
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
notify_nova_on_port_data_changes True
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
nova_url http://192.168.137.201:8774/v2
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
nova_admin_username nova
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
nova_admin_tenant_id $(keystone tenant-list | awk '/ service / { print $2 }')
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
nova_admin_password <nova비밀번호>
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
nova_admin_auth_url http://192.168.137.201:35357/v2.0
8. ML2 플러그인 사용을 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin ml2
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins router
9. ML2 플러그인 설정하기
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
type_drivers gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
tenant_network_types gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
mechanism_drivers openvswitch
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \
tunnel_id_ranges 1:1000
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
enable_security_group True
10. networking 사용을 위한 compute 설정
# openstack-config --set /etc/nova/nova.conf DEFAULT \
network_api_class nova.network.neutronv2.api.API
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_url http://192.168.137.201:9696
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_auth_strategy keystone
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_tenant_name service
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_username neutron
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_password <neutron비밀번호>
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_auth_url http://192.168.137.201:35357/v2.0
# openstack-config --set /etc/nova/nova.conf DEFAULT \
linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
# openstack-config --set /etc/nova/nova.conf DEFAULT \
firewall_driver nova.virt.firewall.NoopFirewallDriver
# openstack-config --set /etc/nova/nova.conf DEFAULT \
security_group_api neutron
11. ML2 심볼릭 링크 만들기
# ln -s plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
12. compute 서비스 재시작하기
# service openstack-nova-api restart
# service openstack-nova-scheduler restart
# service openstack-nova-conductor restart
13. neutron 서비스 시작하기
# service neutron-server start
# chkconfig neutron-server on
network node 설정하기
1. /etc/sysctl.conf 편집하기
#vi /etc/sysctl.conf
net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
# sysctl -p
2. networking components 설치하기
# yum install -y openstack-neutron openstack-neutron-ml2 \
openstack-neutron-openvswitch
3. 인증 서비스 사용을 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
auth_strategy keystone
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_uri http://192.168.137.201:5000
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_host controller
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_protocol http
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_port 35357
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_tenant_name service
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_user neutron
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_password <neutron비밀번호>
4. qpid를 사용하기 위한 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
qpid_hostname controller
5. ML2 플러그인을 위한 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
core_plugin ml2
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
service_plugins router
# vi /etc/neutron/neutron.conf
verbose = True 추가
# vi /etc/neutron/neutron.conf
verbose = True 추가
6. Layer-3(L3) 에이전트 설정하기
# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT \
interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT \
use_namespaces True
# vi /etc/neutron/l3_agent.ini
verbose = True 추가
verbose = True 추가
7. DHCP 에이전트 설정하기
# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT \
interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT \
dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT \
use_namespaces True
# vi /etc/neutron/l3_agent.ini
verbose = True 추가
verbose = True 추가
GRE 프로토콜 방식으로 DHCP하기
# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT \
dnsmasq_config_file /etc/neutron/dnsmasq-neutron.conf
# vi /etc/neutron/dnsmasq-neutron.conf
dhcp-option-force=26,1454 추가
#killall dnsmasq
8. metadata 에이전트 설정하기
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
auth_url http://192.168.137.201:5000/v2.0
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
auth_region regionOne
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
admin_tenant_name service
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
admin_user neutron
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
admin_password <neutron비밀번호>
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
nova_metadata_ip controller
# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \
metadata_proxy_shared_secret <metadata비밀번호(아무거나)>
# vi /etc/neutron/metadata_agent.ini
verbose = True
# vi /etc/neutron/metadata_agent.ini
verbose = True
9. controller node에서 compute 설정하기
# openstack-config --set /etc/nova/nova.conf DEFAULT \
service_neutron_metadata_proxy true
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_metadata_proxy_shared_secret <위에서 입력한 비밀번호>
# service openstack-nova-api restart
10. ML2 플러그인 설정하기
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
type_drivers gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
tenant_network_types gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
mechanism_drivers openvswitch
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \
tunnel_id_ranges 1:1000
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
local_ip <network node의 tunnel 인터페이스 IP>
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
tunnel_type gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
enable_tunneling True
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
enable_security_group True
11. open vswitch 서비스 설정하기
- OVS 서비스 시작 및 등록
# service openvswitch start
# chkconfig openvswitch on - bridge 등록하기
# ovs-vsctl add-br br-ex - bridge 인터페이스 등록하기
# ovs-vsctl add-port br-ex <외부 네트워크 이더넷 카드 이름(초반에 만들어 놓은 이더넷)>
12. 설치 마무리하기
# ln -s plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
# cp /etc/init.d/neutron-openvswitch-agent /etc/init.d/neutron-openvswitch-agent.orig
# sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent
# service neutron-openvswitch-agent start
# service neutron-l3-agent start
# service neutron-dhcp-agent start
# service neutron-metadata-agent start
# chkconfig neutron-openvswitch-agent on
# chkconfig neutron-l3-agent on
# chkconfig neutron-dhcp-agent on
# chkconfig neutron-metadata-agent on
compute node에서 설정하기
1. /etc/sysctl.conf 편집하기
#vi /etc/sysctl.conf
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
#sysctl -p
2. networking 패키지 설치
# yum install -y openstack-neutron-ml2 openstack-neutron-openvswitch
3. 인증 서비스 사용을 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
auth_strategy keystone
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_uri http://192.168.137.201:5000
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_host controller
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_protocol http
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
auth_port 35357
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_tenant_name service
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_user neutron
# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken \
admin_password <neutron비밀번호>
4. qpid 사용을 위한 networking 설정
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
rpc_backend neutron.openstack.common.rpc.impl_qpid
# openstack-config --set /etc/neutron/neutron.conf DEFAULT \
qpid_hostname controller
5. ML2 플러그인 설정하기
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
type_drivers gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
tenant_network_types gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \
mechanism_drivers openvswitch
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \
tunnel_id_ranges 1:1000
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
local_ip <compute node tunnel network IP 주소>
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
tunnel_type gre
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \
enable_tunneling True
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \
enable_security_group True
6. OVS 설정하기
# service openvswitch start
# chkconfig openvswitch on
# ovs-vsctl add-br br-int
7. networking 사용을 위한 compute 설정
# openstack-config --set /etc/nova/nova.conf DEFAULT \
network_api_class nova.network.neutronv2.api.API
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_url http://192.168.137.201:9696
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_auth_strategy keystone
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_tenant_name service
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_username neutron
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_password <neutron 비밀번호>
# openstack-config --set /etc/nova/nova.conf DEFAULT \
neutron_admin_auth_url http://192.168.137.201:35357/v2.0
# openstack-config --set /etc/nova/nova.conf DEFAULT \
linuxnet_interface_driver nova.network.linux_net.LinuxOVSInterfaceDriver
# openstack-config --set /etc/nova/nova.conf DEFAULT \
firewall_driver nova.virt.firewall.NoopFirewallDriver
# openstack-config --set /etc/nova/nova.conf DEFAULT \
security_group_api neutron
8. 설치 마무리하기
# ln -s plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
# cp /etc/init.d/neutron-openvswitch-agent /etc/init.d/neutron-openvswitch-agent.orig
# sed -i 's,plugins/openvswitch/ovs_neutron_plugin.ini,plugin.ini,g' /etc/init.d/neutron-openvswitch-agent
# service openstack-nova-compute restart
# service neutron-openvswitch-agent start
# chkconfig neutron-openvswitch-agent on
openstack 설치 시리즈 1편
openstack 설치 시리즈 2편
openstack 설치 시리즈 3편
openstack 설치 시리즈 4편
openstack 설치 시리즈 5편
openstack 설치 시리즈 6편
openstack 설치 시리즈 7편
openstack 설치 시리즈 8편
openstack 설치 시리즈 1편
openstack 설치 시리즈 2편
openstack 설치 시리즈 3편
openstack 설치 시리즈 4편
openstack 설치 시리즈 5편
openstack 설치 시리즈 6편
openstack 설치 시리즈 7편
openstack 설치 시리즈 8편
댓글 없음:
댓글 쓰기