Configure Openstack Neutron Networking on Compute node


How to Configure Openstack Neutron Networking on Compute Node?


This article shows you that how to Configure Neutron Openstack Networking Service and Install it on compute node.

In the previous posts, we explained you how to install and configure Openstack Neutron Networking service on controller node and also we have covered the below topics which also a main part of the whole Openstack Deployment.

Refer those links also to understand this topics from beginning.

1. Enable Repositories on node1 and node2
2. Install Openstack Liberty Packages on node1 and node2.
3. Install and Configure MariaDB(MySQL) Database on node1 and node2.
4. Install and Configure RabbitMQ Message service on node1.
5. Install and Configure keystone for Identity service on node1.
6. Install Glance for Image service on node1.
7. Install Nova Computing on node1 and node2.
8. Install Neutron Networking on node1 and node2.
8a. Install Openstack Neutron Component on Controller Node
8b. Install Openstack Neutron Component on Compute Node
9. Install Openstack Horizon for dashboard on node1

Lab Setup for this Openstack Deployment:
Server Names : node1 and node2.
OS :  CentOS 7.2 - 64 Bit
Enabled Internet connection.

Continue with the previous post, we will explain you how to configure Openstack Neutron networking components on compute node (node2).

Configure Openstack Neutron Networking on Compute node


Prerequisites:

  1. Installed Centos 7.1 – 64 Bit

  2. Make sure each hosts are reachable. I made an entries in hosts file only.
    192.168.2.1     controller-node1.learnitguide.net  controller-node1
    192.168.2.2     compute-node1.learnitguide.net  compute-node1

  3. Verify the internet connection, because we use public repo's to install these components.

  4. Take a backup or snapshot at different stages to restore in case of failure.

  5. Disable Selinux and Stop firewall to avoid issues during the installations (systemctl stop firewalld ; systemctl disable firewalld) or allow each component services on firewall after installations.

  6. Enabled Openstack Liberty Repositories.

  7. Installed Openstack Liberty Packages.

  8. Installed and Configured MariaDB(MySQL) Database.


ALSO WATCH THIS TUTORIAL VIDEO FREE ON OUR YOUTUBE CHANNEL - HOW TO CONFIGURE OPENSTACK NEUTRON NETWORKING SERVICE


Configure OpenStack Neutron networking service on Node2 (Compute node).

Install the required packages of Neutron Network component on compute node.

[root@node2 ~]# yum -y install openstack-neutron openstack-neutron-linuxbridge ebtables ipset

Configure the networking components.

Edit the /etc/neutron/neutron.conf file and make the below changes,

Comment out any connection options in the [database] section, because compute nodes do not directly access the database.

Configure RabbitMQ message queue access in the [DEFAULT] section and [oslo_messaging_rabbit] as below,

[DEFAULT]
rpc_backend = rabbit
auth_strategy = keystone
verbose = True

[oslo_messaging_rabbit]
rabbit_host = node1
rabbit_userid = openstack
rabbit_password = redhat

Replace 'node1' with your controller host name and replace 'openstack' and 'redhat' with the username and password you chose for the openstack account in RabbitMQ.

Configure Identity service access and Comment out or remove any other options in the [keystone_authtoken] section.

[keystone_authtoken]
auth_uri = https://node1:5000
auth_url = https://node1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = neutron

Replace 'node1' with your controller host name and replace 'neutron' with the username and password you chose for the neutron user in the Identity service.

Configure the lock path in the [oslo_concurrency] section,

[oslo_concurrency]
lock_path = /var/lib/neutron/tmp

Before configuring the neutron service, We must choose any one of the following network option to configure services specific to it.

Networking Option 1: Provider networks

Simplest possible architecture that only supports attaching instances to public (provider) networks. No self-service networks, routers, or floating IP addresses. Only the admin or other privileged user can manage provider networks.

Networking Option 2: Self-service networks

This is option 1 with layer-3 services that support attaching instances to self-service (private) networks. Additionally, floating IP addresses provide connectivity to instances using self-service networks from external networks such as the Internet.

We prefer to go with option 2, self service networks.

Configure the Linux bridge agent

The Linux bridge agent builds layer-2 (bridging and switching) virtual networking infrastructure for instances including VXLAN tunnels for private networks and handles security groups.

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file and make the following changes,

Map the public virtual network to the public physical network interface in the [linux_bridge] section,

[linux_bridge]
physical_interface_mappings = public:enp0s8

Replace 'enp0s8' with the name of the underlying physical public network interface.

Enable VXLAN overlay networks, configure the IP address of the physical network interface that handles overlay networks, and enable layer-2 population in the [vxlan] section,

[vxlan]
enable_vxlan = True
local_ip = 192.168.2.2
l2_population = True

Replace '192.168.2.2' with the IP address of the underlying physical network interface that handles overlay networks.

Enable ARP spoofing protection in the [agent] section,

[agent]
prevent_arp_spoofing = True

Enable security groups and configure the Linux bridge iptables firewall driver in the [securitygroup] section,

[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure Compute to use Networking

Edit the /etc/nova/nova.conf file and make the following changes:

Configure access parameters in the [neutron] section,

[neutron]
url = https://node1:9696
auth_url = https://node1:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron

Replace 'node1' with your controller host name and replace 'neutron' with the username and password you chose for the neutron user in the Identity service.

Restart the below Compute service to make the changes effect:

we have done the changes on compute service, so lets restart it.

[root@node2 ~]# systemctl restart openstack-nova-compute.service

Enable the services to start when the system boots.

[root@node2 ~]# systemctl enable neutron-linuxbridge-agent.service

Start the Linux bridge agent.

[root@node2 ~]# systemctl start neutron-linuxbridge-agent.service

Testing the configurations:

Source the admin credentials to gain access to admin-only CLI commands:

Load the admin-openrc.sh file which was created earlier to gain access to commands,

[root@node2 ~]# source admin-openrc.sh

List loaded extensions to verify successful launch of the neutron-server process:

[root@node2 ~]# neutron ext-list
+-----------------------+-----------------------------------------------+
| alias                 | name                                          |
+-----------------------+-----------------------------------------------+
| dns-integration       | DNS Integration                               |
| ext-gw-mode           | Neutron L3 Configurable external gateway mode |
| binding               | Port Binding                                  |
| agent                 | agent                                         |
| subnet_allocation     | Subnet Allocation                             |
| l3_agent_scheduler    | L3 Agent Scheduler                            |
| external-net          | Neutron external network                      |
| flavors               | Neutron Service Flavors                       |
| net-mtu               | Network MTU                                   |
| quotas                | Quota management support                      |
| l3-ha                 | HA Router extension                           |
| provider              | Provider Network                              |
| multi-provider        | Multi Provider Network                        |
| extraroute            | Neutron Extra Route                           |
| router                | Neutron L3 Router                             |
| extra_dhcp_opt        | Neutron Extra DHCP opts                       |
| security-group        | security-group                                |
| dhcp_agent_scheduler  | DHCP Agent Scheduler                          |
| rbac-policies         | RBAC Policies                                 |
| port-security         | Port Security                                 |
| allowed-address-pairs | Allowed Address Pairs                         |
| dvr                   | Distributed Virtual Router                    |
+-----------------------+-----------------------------------------------+

List agents to verify successful launch of the neutron agents:

[root@node2 ~]# neutron agent-list
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host       | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+
| 08905043-5010-4b87-bba5-aedb1956e27a | Linux bridge agent | node2   | :-)   | True           | neutron-linuxbridge-agent |
| 27eee952-a748-467b-bf71-941e89846a92 | Linux bridge agent | node1 | :-)   | True           | neutron-linuxbridge-agent |
| 830344ff-dc36-4956-84f4-067af667a0dc | L3 agent           | node1 | :-)   | True           | neutron-l3-agent          |
| dd3644c9-1a3a-435a-9282-eb306b4b0391 | DHCP agent         | node1 | :-)   | True           | neutron-dhcp-agent        |
| f49a4b81-afd6-4b3d-b923-66c8f0517099 | Metadata agent     | node1 | :-)   | True           | neutron-metadata-agent    |
+--------------------------------------+--------------------+------------+-------+----------------+---------------------------+

The above output would list you the agents running on the each nodes.

In the next post, we will explain you how to install and configure the Horizon Dashboard service to manage the Openstack Project.openstack 

Also download 100% free eBooks related to OpenStack Cloud.
1. A Brief Look at OpenStack
2. OpenStack Cloud Computing Cookbook
3. Concepts of Cloud Computing in simple terms how to configure openstack neutron 

Keep practicing and have fun. Leave your comments if any.

Support Us: Share with your friends and groups.

Stay connected with us on social networking sites, Thank you.

Post a Comment

0 Comments