df389de459
* Updates relevant sections for openSUSE-*/SLES* * Adds some work-arounds for potential deadends. * Updates package and service names. Change-Id: I85c1678d04737bc11915e3f3b1d9653abad1adaa Implements: blueprint installguide-liberty
13 KiB
Install and configure controller node
Prerequisites
Before you configure the OpenStack Networking (neutron) service, you must create a database, service credentials, and API endpoints.
To create the database, complete these steps:
Use the database access client to connect to the database server as the
rootuser:$ mysql -u root -pCreate the
neutrondatabase:CREATE DATABASE neutron;Grant proper access to the
neutrondatabase, replacingNEUTRON_DBPASSwith a suitable password:GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \ IDENTIFIED BY 'NEUTRON_DBPASS'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \ IDENTIFIED BY 'NEUTRON_DBPASS';Exit the database access client.
Source the
admincredentials to gain access to admin-only CLI commands:$ source admin-openrc.shTo create the service credentials, complete these steps:
Create the
neutronuser:$ openstack user create --domain default --password-prompt neutron User Password: Repeat User Password: +-----------+----------------------------------+ | Field | Value | +-----------+----------------------------------+ | domain_id | default | | enabled | True | | id | b20a6692f77b4258926881bf831eb683 | | name | neutron | +-----------+----------------------------------+Add the
adminrole to theneutronuser:$ openstack role add --project service --user neutron adminNote
This command provides no output.
Create the
neutronservice entity:$ openstack service create --name neutron \ --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | f71529314dab4a4d8eca427e701d209e | | name | neutron | | type | network | +-------------+----------------------------------+
Create the Networking service API endpoints:
$ openstack endpoint create --region RegionOne \ network public http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 85d80a6d02fc4b7683f611d7fc1493a3 | | interface | public | | region | RegionOne | | region_id | RegionOne | | service_id | f71529314dab4a4d8eca427e701d209e | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ network internal http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 09753b537ac74422a68d2d791cf3714f | | interface | internal | | region | RegionOne | | region_id | RegionOne | | service_id | f71529314dab4a4d8eca427e701d209e | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+ $ openstack endpoint create --region RegionOne \ network admin http://controller:9696 +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | enabled | True | | id | 1ee14289c9374dffb5db92a5c112fc4e | | interface | admin | | region | RegionOne | | region_id | RegionOne | | service_id | f71529314dab4a4d8eca427e701d209e | | service_name | neutron | | service_type | network | | url | http://controller:9696 | +--------------+----------------------------------+
Configure networking options
Choose one of the following networking options to configure services specific to it.
Note
Option 2 augments option 1 with the layer-3 (routing) service and enables self-service (private) networks. If you want to use public (provider) and private (self-service) networks, choose option 2.
neutron-controller-install-option1.rst neutron-controller-install-option2.rst
Configure the metadata agent
The metadata agent <Metadata agent> provides
configuration information such as credentials to instances.
- Edit the
/etc/neutron/metadata_agent.inifile and complete the following actions:In the
[DEFAULT]section, configure access parameters:[DEFAULT] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_region = RegionOne auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = NEUTRON_PASSReplace
NEUTRON_PASSwith the password you chose for theneutronuser in the Identity service.In the
[DEFAULT]section, configure the metadata host:[DEFAULT] ... nova_metadata_ip = controllerIn the
[DEFAULT]section, configure the metadata proxy shared secret:[DEFAULT] ... metadata_proxy_shared_secret = METADATA_SECRETReplace
METADATA_SECRETwith a suitable secret for the metadata proxy.(Optional) To assist with troubleshooting, enable verbose logging in the
[DEFAULT]section:[DEFAULT] ... verbose = True
Configure Compute to use Networking
- Edit the
/etc/nova/nova.conffile and perform the following actions:In the
[neutron]section, configure access parameters, enable the metadata proxy, and configure the secret:[neutron] ... url = http://controller:9696 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default region_name = RegionOne project_name = service username = neutron password = NEUTRON_PASS service_metadata_proxy = True metadata_proxy_shared_secret = METADATA_SECRETReplace
NEUTRON_PASSwith the password you chose for theneutronuser in the Identity service.Replace
METADATA_SECRETwith the secret you chose for the metadata proxy.
Finalize installation
rdo
The Networking service initialization scripts expect a symbolic link
/etc/neutron/plugin.inipointing to the ML2 plug-in configuration file,/etc/neutron/plugins/ml2/ml2_conf.ini. If this symbolic link does not exist, create it using the following command:# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.iniDue to a packaging issue, the Linux bridge agent initialization script explicitly looks for the Linux bridge plug-in configuration file rather than the agent configuration file. Run the following commands to resolve this issue:
# cp /usr/lib/systemd/system/neutron-linuxbridge-agent.service \ /usr/lib/systemd/system/neutron-linuxbridge-agent.service.orig # sed -i 's,openvswitch/linuxbridge_neutron_plugin.ini,ml2/linuxbridge_agent.ini,g' \ /usr/lib/systemd/system/neutron-linuxbridge-agent.serviceNote
Future upgrades of the
neutron-linuxbridge-agentpackage may overwrite this modification.Populate the database:
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutronNote
Database population occurs later for Networking because the script requires complete server and plug-in configuration files.
Restart the Compute services:
# systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \ openstack-nova-conductor.serviceStart the Networking services and configure them to start when the system boots.
For both networking options:
# systemctl enable neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.service # systemctl start neutron-server.service \ neutron-linuxbridge-agent.service neutron-dhcp-agent.service \ neutron-metadata-agent.serviceFor networking option 2, also enable and start the layer-3 service:
# systemctl enable neutron-l3-agent.service # systemctl start neutron-l3-agent.service
obs
The Networking service initialization scripts expect the variable
NEUTRON_PLUGIN_CONFin the/etc/sysconfig/neutronfile to reference the ML2 plug-in configuration file. Edit the/etc/sysconfig/neutronfile and add the following:NEUTRON_PLUGIN_CONF="/etc/neutron/plugins/ml2/ml2_conf.ini"Restart the Compute services:
# systemctl restart openstack-nova-api.service openstack-nova-scheduler.service \ openstack-nova-conductor.serviceStart the Networking services and configure them to start when the system boots.
For both networking options:
# systemctl enable openstack-neutron.service \ openstack-neutron-linuxbridge-agent.service \ openstack-neutron-dhcp-agent.service \ openstack-neutron-metadata-agent.service # systemctl start openstack-neutron.service \ openstack-neutron-linuxbridge-agent.service \ openstack-neutron-dhcp-agent.service \ openstack-neutron-metadata-agent.serviceFor networking option 2, also enable and start the layer-3 service:
# systemctl enable openstack-neutron-l3-agent.service # systemctl start openstack-neutron-l3-agent.service
ubuntu
Populate the database:
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \ --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutronNote
Database population occurs later for Networking because the script requires complete server and plug-in configuration files.
Restart the nova-api service:
# service nova-api restartRestart the Networking services.
For both networking options:
# service neutron-server restart # service neutron-plugin-linuxbridge-agent restart # service neutron-dhcp-agent restart # service neutron-metadata-agent restartFor networking option 2, also restart the layer-3 service:
# service neutron-l3-agent restart