OpenStack RDO 部署流程 - 2（ML2 + VxLAN）

OpenStack RDO 部署流程 - 2（ML2 + VxLAN）

1. 安裝和配置Neutron ML2 框架

(1) 安裝在控制節點上（運行Neutron-server的節點）

service neutron-server stop

yum install openstack-neutron-ml2 python-pyudev -y

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini -f

(2) 配置ML2參數

crudini --set /etc/neutron/neutron.conf DEFAULT core_plugin neutron.plugins.ml2.plugin.Ml2Plugin

# 啓用L3路由服務，這裏還可以在後面增加LBaaS、VPNaaS、FWaaS插件，插件間用逗號分隔即可。

crudini --set /etc/neutron/neutron.conf DEFAULT service_plugins neutron.services.l3_router.l3_router_plugin.L3RouterPlugin

# 啓動Mechanism插件，默認啓用了OpenvSwitch，LinuxBridge和L2Population。

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 mechanism_drivers openvswitch,linuxbridge,l2population

# 啓動Type插件，目前默認支持local、flat、vlan、gre、vxlan。

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 type_drivers local,flat,vlan,gre,vxlan

# 租戶網絡類型，這邊我們選擇vxlan

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vxlan

# 數據庫配置，可直接參考/etc/neutron/neutron.conf

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini database sql_connection mysql://neutron:<password>@<host>/neutron_ml2

# 防火牆驅動

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

# 給每類Type插件，定義參數

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vlan network_vlan_ranges <same range syntax as openvswitch>

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_flat flat_networks <list of physical_networks or *>

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre tunnel_id_ranges <list of ranges>

# 這裏我們爲vxlan配置vni範圍，在1:10000。

crudini --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vxlan vni_ranges 1:10000

(3) 數據庫初始化

mysql -e "drop database if exists neutron_ml2;"

mysql -e "create database neutron_ml2 character setutf8;"

mysql -e "grant all on neutron_ml2.* to 'neutron'@'%';"

neutron-db-manage --config-file/usr/share/neutron/neutron-dist.conf --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head

service neutron-server start

(4) 在網絡節點和計算節點上配置

/etc/neutron/plugins/openvswitch/ovs_neutron_plugin.ini:

[ovs]

tunnel_id_ranges=1:10000

tenant_network_type=vxlan

enable_tunneling=True

tunnel_type = vxlan

[agent]

tunnel_types = vxlan

l2_population = True

service neutron-openvswitch-agent restart

(5) 配置IPtables策略，開放vxlan端口

/etc/sysconfig/iptables:

-A INPUT -p udp --dport 4789 -j ACCEPT