Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Installing and Configuring Neutron (Provider-OVS)

There are many OpenStack network modes. The provider mode or self-service mode can be used. The deployment mode can be LinuxBridge or OVS. In actual deployment, you only need to select one mode from provider+LinuxBridge, provider+OVS, self-service+LinuxBridge and self-service+OVS.

Controller Node

Perform the following operations on the controller node of the provider-OVS network type.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-ml2 ebtables
  2. Edit the /etc/neutron/neutron.conf file.
    1. Open the file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Configure database access.
        1
2
        [database] 
connection = mysql+pymysql://neutron:PASSWORD@controller/neutron

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      2. Enable the ML2 plugin and disable other plugins.
        1
2
3
4
5
6
7
        [DEFAULT] 
core_plugin = ml2 
service_plugins = 
transport_url = rabbit://openstack:PASSWORD@controller 
auth_strategy = keystone 
notify_nova_on_port_status_changes = true 
notify_nova_on_port_data_changes = true
        • Leave service_plugins unspecified.
        • Replace PASSWORD with the password of the openstack user described in Installing RabbitMQ.
      3. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
        [keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      4. Configure parameters in the [nova] section.
        1
2
3
4
5
6
7
8
9
        [nova] 
auth_url = http://controller:5000 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
region_name = RegionOne 
project_name = service 
username = nova 
password = PASSWORD
        • By default, the configuration file does not contain this section. You need to add it.
        • Replace PASSWORD with the password of the nova user described in Creating the Nova Database.
      5. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
  3. Modify the ML2 plugin /etc/neutron/plugins/ml2/ml2_conf.ini.
    1. Open the file.
      vi /etc/neutron/plugins/ml2/ml2_conf.ini
    2. Press i to enter insert mode and add the following content to create [ml2], [ml2_type_flat], [ml2_type_vlan], and [securitygroup] and enable the flat and VLAN networks:
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
      [ml2] 
type_drivers = flat,vlan 
tenant_network_types = 
mechanism_drivers = openvswitch 
extension_drivers = port_security 
[ml2_type_flat] 
flat_networks = provider-arm,provider-x86 
[ml2_type_vlan] 
network_vlan_ranges = provider-arm,provider-x86 
[securitygroup] 
enable_ipset = true

      Leave tenant_network_types unspecified.

    1. Press Esc, type :wq!, and press Enter to save the file and exit.
  4. Modify the /etc/sysctl.conf file.
    1. Open the file.
      1
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content:
      1
2
3
      net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  5. Initialize the network.
    1
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
  6. Populate the database.
    1
2
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
  7. Enable the network service and configure it to start as the system boots.
    1
2
    systemctl enable neutron-server.service
systemctl start neutron-server.service

Network Nodes

Perform the following operations on the network nodes (x86-compute and arm-compute) of the provider-OVS network type.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables
  2. Modify the /etc/neutron/neutron.conf file to configure common components.
    1. Open the file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Configure RabbitMQ message queue access.
        1
2
        [DEFAULT] 
transport_url = rabbit://openstack:PASSWORD@controller

        Replace PASSWORD with the password of the openstack user set by the RabbitMQ service, which is described in Installing RabbitMQ.

      2. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
        [DEFAULT] 
auth_strategy = keystone 
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      3. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
  3. Configure the DHCP agent.
    1. Open the /etc/neutron/dhcp_agent.ini file.
      vi /etc/neutron/dhcp_agent.ini
    2. Press i to enter the insert mode and modify the file content based on the scenarios.
      • For the x86 network nodes, which are az-x86 nodes, add the following configuration:
        1
2
3
4
5
6
7
        [DEFAULT] 
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 
interface_driver = openvswitch 
enable_isolated_metadata = true 
force_metadata = true 
[AGENT] 
availability_zone = az-x86
      • For the Arm network nodes, which are az-arm nodes, add the following configuration:
        1
2
3
4
5
6
7
        [DEFAULT] 
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
interface_driver = openvswitch 
enable_isolated_metadata = true 
force_metadata = true 
[AGENT] 
availability_zone = az-arm
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
  4. Configure the metadata agent.
    1. Open the /etc/neutron/metadata_agent.ini file.
      vi /etc/neutron/metadata_agent.ini
    2. Press i to enter the insert mode, and configure the metadata host and shared key:
      1
2
3
      [DEFAULT] 
nova_metadata_host = controller 
metadata_proxy_shared_secret = PASSWORD

      Replace PASSWORD with the password of the user neutron described in section Creating the Neutron Database.

    1. Press Esc, type :wq!, and press Enter to save the file and exit.
  5. Modify the /etc/sysctl.conf file.
    1. Open the file.
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content:
      1
2
3
      net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  6. Enable the network service and configure it to start as the system boots.
    1
2
3
4
    systemctl enable neutron-openvswitch-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl start neutron-openvswitch-agent.service \
neutron-dhcp-agent.service neutron-metadata-agent.service

Compute Nodes

Perform the following operations on the compute nodes (x86-compute and arm-compute) of the provider-OVS network type. Because the network node and compute node are deployed on the same node, skip the repeated configurations if there are any.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-openvswitch ebtables ipset
  2. Configure common components.
    1. Open the /etc/neutron/neutron.conf file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Configure RabbitMQ message queue access.
        1
2
        [DEFAULT] 
transport_url = rabbit://openstack:PASSWORD@controller

        Replace PASSWORD with the password of the openstack user described in Installing RabbitMQ.

      2. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
        [DEFAULT] 
auth_strategy = keystone 
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      3. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  3. Configure the OpenStack agent.
    1. Open the /etc/neutron/plugins/ml2/openvswitch_agent.ini file.
      vi /etc/neutron/plugins/ml2/openvswitch_agent.ini
    2. Press i to enter the insert mode and add [linux_openvswitch], [vxlan], [ovs], and [securitygroup].
      • For the x86 compute nodes, which are az-x86 nodes, configure provider-x86:
        1
2
3
4
5
6
7
8
9
        [linux_openvswitch] 
physical_interface_mappings = provider-x86:enp64s0 
[vxlan] 
enable_vxlan = false 
[ovs] 
bridge_mappings = provider-x86:br-provider 
[securitygroup] 
enable_security_group=true 
firewall_driver = iptables_hybrid
      • For the Arm compute nodes, which are az-arm nodes, configure provider-arm:
        1
2
3
4
5
6
7
8
9
        [linux_openvswitch] 
physical_interface_mappings = provider-arm:enp64s0 
[vxlan] 
enable_vxlan = false 
[ovs] 
bridge_mappings = provider-arm:br-provider 
[securitygroup] 
enable_security_group=true 
firewall_driver = iptables_hybrid
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  4. Modify the /etc/sysctl.conf file.
    1. Open the file.
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content:
      1
2
3
      net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  5. Enable the OVS agent and configure it to start as the system boots.
    1
2
    systemctl enable neutron-openvswitch-agent.service
systemctl start neutron-openvswitch-agent.service
  6. Create an OVS provider.
    1
2
    ovs-vsctl add-br br-provider
ovs-vsctl add-port br-provider enp64s0