e8653f28de
The nova [neutron]/url config option was deprecated in Queens [1] and is being removed in Train [2]. The neutron install guide sections about configuring compute to work with neutron were still using the url option so this change removes them. There are a few things to note here: 1. The url option functionality is replaced with the endpoint_override option from keystoneauth1 but we don't really want users using that unless there is a real need. One of the main reasons for moving the nova configuration to use keystoneauth1 was so that the network service endpoint can be looked up via KSA dynamically based on the configurable interfaces (public, internal, private) and service types authority so the endpoint URL will just be pulled from the service catalog. That means not having to hard-code the endpoint URL in nova config which makes deployment and config management simpler. As such, the url option removed in the install guide here is not replaced with the endpoint_override option. 2. Following on #1, the install guide portion about the nova/neutron config is updated with a link back to the nova config guide for the full set of options in case an operator needs to tweak the config, e.g. to set valid_interfaces or endpoint_override because the KSA defaults don't work for their deployment. 3. With the old url option, if region_name was not specified, nova would default to 'RegionOne'. That is not the case if not using the url option so we leave the region_one config in the install guide example, otherwise region_name would default to None. [1] I41724a612a5f3eabd504f3eaa9d2f9d141ca3f69 [2] I6c068a84c4c0bd88f088f9328d7897bfc1f843f1 Change-Id: I30445edeb8509330571db28c7d61dd63886e9e61 Closes-Bug: #1840930
167 lines
3.9 KiB
ReStructuredText
167 lines
3.9 KiB
ReStructuredText
Install and configure compute node
|
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
|
|
|
The compute node handles connectivity and security groups for instances.
|
|
|
|
|
|
|
|
Install the components
|
|
----------------------
|
|
|
|
.. todo:
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1334626
|
|
|
|
.. code-block:: console
|
|
|
|
# yum install openstack-neutron-linuxbridge ebtables ipset
|
|
|
|
.. end
|
|
|
|
|
|
|
|
Configure the common component
|
|
------------------------------
|
|
|
|
The Networking common component configuration includes the
|
|
authentication mechanism, message queue, and plug-in.
|
|
|
|
.. include:: shared/note_configuration_vary_by_distribution.rst
|
|
|
|
* Edit the ``/etc/neutron/neutron.conf`` file and complete the following
|
|
actions:
|
|
|
|
* In the ``[database]`` section, comment out any ``connection`` options
|
|
because compute nodes do not directly access the database.
|
|
|
|
* In the ``[DEFAULT]`` section, configure ``RabbitMQ``
|
|
message queue access:
|
|
|
|
.. path /etc/neutron/neutron.conf
|
|
.. code-block:: ini
|
|
|
|
[DEFAULT]
|
|
# ...
|
|
transport_url = rabbit://openstack:RABBIT_PASS@controller
|
|
|
|
.. end
|
|
|
|
Replace ``RABBIT_PASS`` with the password you chose for the ``openstack``
|
|
account in RabbitMQ.
|
|
|
|
* In the ``[DEFAULT]`` and ``[keystone_authtoken]`` sections, configure
|
|
Identity service access:
|
|
|
|
.. path /etc/neutron/neutron.conf
|
|
.. code-block:: ini
|
|
|
|
[DEFAULT]
|
|
# ...
|
|
auth_strategy = keystone
|
|
|
|
[keystone_authtoken]
|
|
# ...
|
|
www_authenticate_uri = http://controller:5000
|
|
auth_url = http://controller:5000
|
|
memcached_servers = controller:11211
|
|
auth_type = password
|
|
project_domain_name = default
|
|
user_domain_name = default
|
|
project_name = service
|
|
username = neutron
|
|
password = NEUTRON_PASS
|
|
|
|
.. end
|
|
|
|
Replace ``NEUTRON_PASS`` with the password you chose for the ``neutron``
|
|
user in the Identity service.
|
|
|
|
.. note::
|
|
|
|
Comment out or remove any other options in the
|
|
``[keystone_authtoken]`` section.
|
|
|
|
|
|
* In the ``[oslo_concurrency]`` section, configure the lock path:
|
|
|
|
.. path /etc/neutron/neutron.conf
|
|
.. code-block:: ini
|
|
|
|
[oslo_concurrency]
|
|
# ...
|
|
lock_path = /var/lib/neutron/tmp
|
|
|
|
.. end
|
|
|
|
|
|
|
|
Configure networking options
|
|
----------------------------
|
|
|
|
Choose the same networking option that you chose for the controller node to
|
|
configure services specific to it. Afterwards, return here and proceed to
|
|
:ref:`neutron-compute-compute-rdo`.
|
|
|
|
.. toctree::
|
|
:maxdepth: 1
|
|
|
|
compute-install-option1-rdo.rst
|
|
compute-install-option2-rdo.rst
|
|
|
|
.. _neutron-compute-compute-rdo:
|
|
|
|
Configure the Compute service to use the Networking service
|
|
-----------------------------------------------------------
|
|
|
|
* Edit the ``/etc/nova/nova.conf`` file and complete the following actions:
|
|
|
|
* In the ``[neutron]`` section, configure access parameters:
|
|
|
|
.. path /etc/nova/nova.conf
|
|
.. code-block:: ini
|
|
|
|
[neutron]
|
|
# ...
|
|
auth_url = http://controller:5000
|
|
auth_type = password
|
|
project_domain_name = default
|
|
user_domain_name = default
|
|
region_name = RegionOne
|
|
project_name = service
|
|
username = neutron
|
|
password = NEUTRON_PASS
|
|
|
|
.. end
|
|
|
|
Replace ``NEUTRON_PASS`` with the password you chose for the ``neutron``
|
|
user in the Identity service.
|
|
|
|
See the :nova-doc:`compute service configuration guide <configuration/config.html#neutron>`
|
|
for the full set of options including overriding the service catalog
|
|
endpoint URL if necessary.
|
|
|
|
Finalize installation
|
|
---------------------
|
|
|
|
|
|
#. Restart the Compute service:
|
|
|
|
.. code-block:: console
|
|
|
|
# systemctl restart openstack-nova-compute.service
|
|
|
|
.. end
|
|
|
|
#. Start the Linux bridge agent and configure it to start when the
|
|
system boots:
|
|
|
|
.. code-block:: console
|
|
|
|
# systemctl enable neutron-linuxbridge-agent.service
|
|
# systemctl start neutron-linuxbridge-agent.service
|
|
|
|
.. end
|
|
|
|
|
|
|