[ Previous: Nova (5/9) ] [ 6/9 : Neutron ] [ Next: Home Lab (7/9) ]
Create DB for neutron services. Execute the following in MySQL prompt
create database neutron_ml2; grant all privileges on neutron_ml2.* to neutron@'localhost' identified by 'password'; grant all privileges on neutron_ml2.* to neutron@'%' identified by 'password'; flush privileges; exit
Create a neutron user account with a password of your choice.
openstack user create --domain default --project service --password password neutron
Add admin role
openstack role add --project service --user neutron admin
Create ‘neutron’ service entity
openstack service create --name neutron --description "OpenStack Networking Service" network
Create public, internal, and admin endpoints for neutron service
openstack endpoint create --region RegionOne network public http://10.0.3.1:9696 openstack endpoint create --region RegionOne network internal http://10.0.3.1:9696 openstack endpoint create --region RegionOne network admin http://10.0.3.1:9696
Install packages related to neutron services
apt -y install neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent python3-neutronclient
Update the configuration file /etc/neutron/neutron.conf. You may consider taking a backup of the installed configuration file and creating a new one with the following contents.
[DEFAULT] core_plugin = ml2 service_plugins = router auth_strategy = keystone state_path = /var/lib/neutron dhcp_agent_notification = True allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True transport_url = rabbit://openstack:password@10.0.3.1:5672/ [agent] root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf [keystone_authtoken] www_authenticate_uri = http://10.0.3.1:5000 auth_url = http://10.0.3.1:5000 memcached_servers = 10.0.3.1:11211 auth_type = password project_domain_name = default user_domain_name = default project_name = service username = neutron password = password # MariaDB connection info [database] connection = mysql+pymysql://neutron:password@10.0.3.1/neutron_ml2 # Nova connection info [nova] auth_url = http://10.0.3.1:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = nova password = password [oslo_concurrency] lock_path = $state_path/tmp
If you had created a new file update the access rights chmod 640 /etc/neutron/neutron.conf chgrp neutron /etc/neutron/neutron.conf
Update /etc/neutron/metadata_agent.ini
[DEFAULT] nova_metadata_host = 10.0.3.1 metadata_proxy_shared_secret = secret [cache] memcache_servers = 10.0.3.1:11211
Update /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[securitygroup] enable_security_group = True firewall_driver = iptables enable_ipset = True [vxlan] local_ip = 10.0.3.1 enable_vxlan = true [agent] prevent_arp_spoofing = True [linux_bridge] physical_interface_mappings = physnet:eno2
Update L3 agent configuration /etc/neutron/l3_agent.ini
[DEFAULT] interface_driver = linuxbridge
Update DHCP agent configuration /etc/neutron/dhcp_agent.ini
[DEFAULT] interface_driver = linuxbridge dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq enable_isolated_metadata = true dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf
Create /etc/neutron/dnsmasq-neutron.conf with following contents
dhcp-option-force=26,1450
Update the access rights for the created configuration file
chmod 640 /etc/neutron/dnsmasq-neutron.conf chgrp neutron /etc/neutron/dnsmasq-neutron.conf
Update ML2 configurations /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2] type_drivers = flat,vlan,vxlan tenant_network_types = vxlan mechanism_drivers = linuxbridge extension_drivers = port_security [ml2_type_flat] flat_networks = physnet [ml2_type_vxlan] vni_ranges = 1:1000
Update existing nova configuration file amend [DEFAULT] section, add [neutron] section
[DEFAULT] use_neutron = True vif_plugging_is_fatal = True vif_plugging_timeout = 300 [neutron] auth_url = http://10.0.3.1:5000 auth_type = password project_domain_name = default user_domain_name = default region_name = RegionOne project_name = service username = neutron password = password service_metadata_proxy = True metadata_proxy_shared_secret = metadata_secret
Create a soft line to ml2_conf.ini file (neutron plugin)
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
Populate neutron DB
su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"
Restart and, enable (start on server boot), neutron services
systemctl restart neutron-server neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent neutron-linuxbridge-agent systemctl enable neutron-server neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent neutron-linuxbridge-agent
Wait for all network agents to be up – You can check using the following command. You should get to see 4 entries, if not wait for some time.
openstack network agent list +--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+ | 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent | | b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent | +--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+
I had checked the logs in /var/log/neutron/*.log and figure out that I had made a mistake of updating the wrong interface mapping – had used eth1 instead of eno2 (cut and paste error) – After fixing the same and restarting the neutron services
openstack network agent list +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | ID | Agent Type | Host | Availability Zone | Alive | State | Binary | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+ | 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent | | b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent | | eb9f03fd-74a8-48a5-a6d9-f80a36349968 | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent | +--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
I had to create an empty file and update rights – only after which the L3 agent was listed.
touch /etc/neutron/fwaas_driver.ini chmod 640 /etc/neutron/fwaas_driver.ini chgrp neutron /etc/neutron/fwaas_driver.ini
openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent | controller | None | :- ) | UP | neutron-metadata-agent |
| b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| dba6e49f-c7ab-4bca-881d-d8b40ca45d44 | L3 agent | controller | nova | :-) | UP | neutron-l3-agent |
| eb9f03fd-74a8-48a5-a6d9-f80a36349968 | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
Restart nova services (we have updated the configurations)
systemctl restart nova-api nova-compute
[ Previous: Nova (5/9) ] [ 6/9 : Neutron ] [ Next: Home Lab (7/9) ]