Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Conferences
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
Production Ready OpenStack - Recipes for Successful Environments

You're reading from   Production Ready OpenStack - Recipes for Successful Environments Production Ready OpenStack - Recipes for Successful Environments

Arrow left icon
Product type Paperback
Published in Oct 2015
Publisher Packt
ISBN-13 9781783986903
Length 210 pages
Edition 1st Edition
Arrow right icon
Author (1):
Arrow left icon
Arthur Berezin Arthur Berezin
Author Profile Icon Arthur Berezin
Arthur Berezin
Arrow right icon
View More author details
Toc

Table of Contents (11) Chapters Close

Preface 1. Introduction to OpenStack and its Deployment Using Packages FREE CHAPTER 2. Deploying OpenStack Using Staypuft OpenStack Installer 3. Deploying Highly Available OpenStack 4. Keystone Identity Service 5. Glance Image Service 6. Cinder Block Storage Service 7. Neutron Networking Service 8. Nova-Compute Service 9. Horizon Dashboard Service Index

Configuring Neutron network node

After we have configured Neutron-server on the controller node, we can proceed and configure the network server that is responsible for routing and connecting the OpenStack environment to the public network.

How to do it...

Neutron network node runs the networking services layer 2 management agent, DHCP service, L3 management agent, and metadata services agent. We will install and configure Neutron network node services to use the ML2 plugin.

Run the following commands on Neutron network node!

  1. Enable IP forwarding and reverse path filtering, edit /etc/sysctl.conf to contain the following:
    net.ipv4.ip_forward=1
    net.ipv4.conf.all.rp_filter=0
    net.ipv4.conf.default.rp_filter=0
    

    and apply the new settings:

    [root@nnn ~]# sysctl -p
    
  2. Then install the needed packages:
    [root@nnn ~]# yum install openstack-neutron openstack-neutron-ml2   openstack-neutron-openvswitch
    

Configure message broker

Configure Neutron to use RabbitMQ message broker of the controller:

Note

Remember to change 10.10.0.1 to your controller management IP.

[root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
[root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT rabbit_host 10.10.0.1

Configure Neutron service

  1. Configure Neutron to use Keystone as an authentication strategy:
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT \  auth_strategy keystone
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_host controller
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_protocol http
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken auth_port 35357
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_tenant_name services
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_user neutron
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf keystone_authtoken admin_password password
    
  2. Configure Neutron to use the ML2 Neutron plugin:
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT core_plugin ml2
    [root@nnn ~]# openstack-config --set /etc/neutron/neutron.conf DEFAULT service_plugins router
    
  3. Configure Layer 3 agent that provides routing services for instances:
    [root@nnn ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
    [root@nnn ~]# openstack-config --set /etc/neutron/l3_agent.ini DEFAULT use_namespaces True
    
  4. Configure the DHCP agent, which provides DHCP services for instances:
    [root@nnn ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
    [root@nnn ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT dhcp_driver neutron.agent.linux.dhcp.Dnsmasq
    [root@nnn ~]# openstack-config --set /etc/neutron/dhcp_agent.ini DEFAULT use_namespaces True
    
  5. Configure instances Metadata service:
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \auth_url http://controller:5000/v2.0
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \auth_region regionOne
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \admin_tenant_name services
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \admin_user neutron
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \admin_password password
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \nova_metadata_ip controller
    [root@nnn ~]# openstack-config --set /etc/neutron/metadata_agent.ini DEFAULT \metadata_proxy_shared_secret SHARED_SECRET
    
  6. Configure the ML2 plugin to use GRE tunneling segregation:
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \type_drivers gre
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \tenant_network_types gre
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 \mechanism_drivers openvswitch
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_gre \tunnel_id_ranges 1:1000
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \local_ip 10.20.0.2
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \tunnel_type gre
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ovs \enable_tunneling True
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \firewall_driver neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
    [root@nnn ~]# openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini securitygroup \enable_security_group True
    
  7. Create bridges for Neutron layer 2 and Neutron layer 3 agents. First, start the Open vSwitch service:
    [root@nnn ~]# systemctl start openvswitch
    [root@nnn ~]# systemctl enable openvswitch
    
  8. Create a bridge for instances' inner-commutation:
    [root@nnn ~]# ovs-vsctl add-br br-int
    
  9. Create a bridge that the instance will use for communication with public networks:
    [root@nnn ~]# ovs-vsctl add-br br-ex
    
  10. Bind the external bridge with the NIC used for external communication:
    [root@nnn ~]# ovs-vsctl add-port br-ex eth2
    
  11. Create symbolic link for ML2 Neutron plugin:
    [root@nnn ~]# ln -s plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
    

Start and enable service

  1. At this point, we can start and enable L2 Open vSwitch agent, L3 agent, HDCP agent, and metadata agent services:
    [root@nnn ~]# systemctl start neutron-openvswitch-agent
    [root@nnn ~]# systemctl start neutron-l3-agent
    [root@nnn ~]# systemctl start neutron-dhcp-agent
    [root@nnn ~]# systemctl start neutron-metadata-agent
    [root@nnn ~]# systemctl enable neutron-openvswitch-agent
    [root@nnn ~]# systemctl enable neutron-l3-agent
    [root@nnn ~]# systemctl enable neutron-dhcp-agent
    [root@nnn ~]# systemctl enable neutron-metadata-agent
    
  2. This concludes configuring Neutron network node. Now we can configure the Nova-Compute nodes to use Neutron networking.
You have been reading a chapter from
Production Ready OpenStack - Recipes for Successful Environments
Published in: Oct 2015
Publisher: Packt
ISBN-13: 9781783986903
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image