Skip to content

Home Lab

Notes from my learning sessions

Menu
Menu

Openstack Xena on Ubuntu 20.04 – Neutron

Posted on December 19, 2021April 17, 2022 by sandeep

[  Previous: Nova (5/9)  ]            [ 6/9 : Neutron  ]             [  Next: Home Lab (7/9)  ]

Create DB for neutron services. Execute the following in MySQL prompt

create database neutron_ml2; 
grant all privileges on neutron_ml2.* to neutron@'localhost' identified by 'password'; 
grant all privileges on neutron_ml2.* to neutron@'%' identified by 'password'; 
flush privileges; 
exit 

Create a neutron user account with a password of your choice.

openstack user create --domain default --project service --password password neutron

Add admin role

openstack role add --project service --user neutron admin 

Create ‘neutron’ service entity

openstack service create --name neutron --description "OpenStack Networking Service" network

Create public, internal, and admin endpoints for neutron service

openstack endpoint create --region RegionOne network public http://10.0.3.1:9696 
openstack endpoint create --region RegionOne network internal http://10.0.3.1:9696 
openstack endpoint create --region RegionOne network admin http://10.0.3.1:9696

Install packages related to neutron services

apt -y install neutron-server neutron-plugin-ml2 neutron-linuxbridge-agent neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent python3-neutronclient

Update the configuration file /etc/neutron/neutron.conf.  You may consider taking a backup of the installed configuration file and creating a new one with the following contents.

[DEFAULT]
core_plugin = ml2
service_plugins = router
auth_strategy = keystone
state_path = /var/lib/neutron
dhcp_agent_notification = True
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
transport_url = rabbit://openstack:password@10.0.3.1:5672/

[agent]
root_helper = sudo /usr/bin/neutron-rootwrap /etc/neutron/rootwrap.conf

[keystone_authtoken]
www_authenticate_uri = http://10.0.3.1:5000
auth_url = http://10.0.3.1:5000
memcached_servers = 10.0.3.1:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = password

# MariaDB connection info
[database]
connection = mysql+pymysql://neutron:password@10.0.3.1/neutron_ml2

# Nova connection info
[nova]
auth_url = http://10.0.3.1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = password

[oslo_concurrency]
lock_path = $state_path/tmp
If you had created a new file update the access rights

chmod 640 /etc/neutron/neutron.conf
chgrp neutron /etc/neutron/neutron.conf

Update /etc/neutron/metadata_agent.ini

[DEFAULT]
nova_metadata_host = 10.0.3.1
metadata_proxy_shared_secret = secret

[cache]
memcache_servers = 10.0.3.1:11211

Update /etc/neutron/plugins/ml2/linuxbridge_agent.ini

[securitygroup]
enable_security_group = True
firewall_driver = iptables
enable_ipset = True

[vxlan]
local_ip = 10.0.3.1
enable_vxlan = true

[agent]
prevent_arp_spoofing = True

[linux_bridge]
physical_interface_mappings = physnet:eno2

Update L3 agent configuration /etc/neutron/l3_agent.ini

[DEFAULT]
interface_driver = linuxbridge

Update DHCP agent configuration /etc/neutron/dhcp_agent.ini

[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
dnsmasq_config_file = /etc/neutron/dnsmasq-neutron.conf

Create /etc/neutron/dnsmasq-neutron.conf with following contents

dhcp-option-force=26,1450

Update the access rights for the created configuration file

chmod 640 /etc/neutron/dnsmasq-neutron.conf
chgrp neutron /etc/neutron/dnsmasq-neutron.conf

Update ML2 configurations /etc/neutron/plugins/ml2/ml2_conf.ini

[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge
extension_drivers = port_security

[ml2_type_flat]
flat_networks = physnet

[ml2_type_vxlan]
vni_ranges = 1:1000

Update existing nova configuration file amend [DEFAULT] section, add [neutron] section

[DEFAULT]
use_neutron = True
vif_plugging_is_fatal = True
vif_plugging_timeout = 300

[neutron]
auth_url = http://10.0.3.1:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = password
service_metadata_proxy = True
metadata_proxy_shared_secret = metadata_secret

Create a soft line to ml2_conf.ini file (neutron plugin)

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini 

Populate neutron DB

su -s /bin/bash neutron -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugin.ini upgrade head"

Restart and, enable (start on server boot), neutron services

systemctl restart neutron-server neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent neutron-linuxbridge-agent
systemctl enable neutron-server neutron-l3-agent neutron-dhcp-agent neutron-metadata-agent neutron-linuxbridge-agent

Wait for all network agents to be up – You can check using the following command.  You should get to see 4 entries, if not wait for some time.

openstack network agent list
+--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+
| ID                                   | Agent Type     | Host       | Availability Zone | Alive | State | Binary                 |
+--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+
| 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent | controller | None              | :-)   | UP    | neutron-metadata-agent |
| b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent     | controller | nova              | :-)   | UP    | neutron-dhcp-agent     |
+--------------------------------------+----------------+------------+-------------------+-------+-------+------------------------+

I had checked the logs in /var/log/neutron/*.log and figure out that I had made a mistake of updating the wrong interface mapping – had used eth1 instead of eno2 (cut and paste error) – After fixing the same and restarting the neutron services

openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host       | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent     | controller | None              | :-)   | UP    | neutron-metadata-agent    |
| b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent         | controller | nova              | :-)   | UP    | neutron-dhcp-agent        |
| eb9f03fd-74a8-48a5-a6d9-f80a36349968 | Linux bridge agent | controller | None              | :-)   | UP    | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

I had to create an empty file and update rights – only after which the L3 agent was listed.

touch /etc/neutron/fwaas_driver.ini 
chmod 640 /etc/neutron/fwaas_driver.ini
chgrp neutron /etc/neutron/fwaas_driver.ini
openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host       | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 1f165a10-d060-476c-b09f-d5e8bd6d95bb | Metadata agent     | controller | None              | :- )  | UP    | neutron-metadata-agent    |
| b4de602d-d6e7-406e-b573-0dc50970c191 | DHCP agent         | controller | nova              | :-)   | UP    | neutron-dhcp-agent        |
| dba6e49f-c7ab-4bca-881d-d8b40ca45d44 | L3 agent           | controller | nova              | :-)   | UP    | neutron-l3-agent          |
| eb9f03fd-74a8-48a5-a6d9-f80a36349968 | Linux bridge agent | controller | None              | :-)   | UP    | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

Restart nova services (we have updated the configurations)

systemctl restart nova-api nova-compute

[  Previous: Nova (5/9)  ]            [ 6/9 : Neutron  ]             [  Next: Home Lab (7/9)  ]

Recent Posts

  • Openstack Xena on Ubuntu 20.04 – Cinder
  • Preparing custom Debian 11 MATE image
  • Setup Ubuntu 20.04 repository mirror server
  • Preparing custom Debian 11 server cloud image
  • Complile Linux Kernel (on Debian 11)
  • Openstack Xena – Test Home Lab
  • Openstack Xena on Ubuntu 20.04 – Horizon
  • Openstack Xena on Ubuntu 20.04 -Home Lab
  • Openstack Xena on Ubuntu 20.04 – Neutron
  • Openstack Xena on Ubuntu 20.04 – Nova

Archives

  • April 2022
  • March 2022
  • February 2022
  • December 2021
  • October 2021
  • September 2021
  • October 2020
  • February 2020
  • January 2020
  • December 2019
© 2023 Home Lab | Powered by Minimalist Blog WordPress Theme