Documentation
Rate This Document
Findability
Accuracy
Completeness
Readability
SubmitClose

Installing and Configuring Neutron (Self Service-OVS)

There are many OpenStack network modes. The provider mode or self-service mode can be used. The deployment mode can be LinuxBridge or OVS. In actual deployment, you only need to select one mode from provider+LinuxBridge, provider+OVS, self-service+LinuxBridge and self-service+OVS.

Controller Node

Perform the following operations on the controller node of the self service-OVS network type.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-ml2 ebtables
  2. Modify the /etc/neutron/neutron.conf file.
    1. Open the file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Configure database access.
        1
2
        [database] 
connection = mysql+pymysql://neutron:PASSWORD@controller/neutron

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      2. Enable the ML2 plugin and disable other plugins.
        1
2
3
4
5
6
7
8
        [DEFAULT] 
core_plugin = ml2 
service_plugins = router 
transport_url = rabbit://openstack:PASSWORD@controller 
auth_strategy = keystone 
notify_nova_on_port_status_changes = true 
notify_nova_on_port_data_changes = true 
allow_overlapping_ips = true

        Replace PASSWORD with the password of the openstack user described in Installing RabbitMQ.

      3. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
        [keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      4. Configure parameters in the [nova] section.
        1
2
3
4
5
6
7
8
9
        [nova] 
auth_url = http://controller:5000 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
region_name = RegionOne 
project_name = service 
username = nova 
password = PASSWORD
        • By default, the configuration file does not contain this section. You need to add it.
        • Replace PASSWORD with the password of the nova user described in Creating the Nova Database.
      5. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
  3. Modify the ML2 plugin /etc/neutron/plugins/ml2/ml2_conf.ini.
    1. Open the file.
      vi /etc/neutron/plugins/ml2/ml2_conf.ini
    2. Press i to enter the insert mode and add the following content to create [ml2], [ml2_type_flat], [ml2_type_vlan], and [securitygroup] and enable the flat, VLAN and VXLAN networks:
       1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
      [ml2] 
type_drivers = flat,vlan,vxlan 
tenant_network_types = vxlan 
mechanism_drivers = openvswitch,l2population 
extension_drivers = port_security 
[ml2_type_flat] 
flat_networks = provider-arm,provider-x86 
[ml2_type_vlan] 
network_vlan_ranges = provider-arm,provider-x86  
[ml2_type_vxlan] 
vni_ranges = 1:1000
[securitygroup] 
enable_ipset = true
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
  4. Modify the /etc/sysctl.conf file.
    1. Open the file.
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content to the file:
      1
2
3
      net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  5. Initialize the network.
    1
    ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
  6. Populate the database.
    1
2
    su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
  7. Enable the network service and configure it to start as the system boots.
    1
2
    systemctl enable neutron-server.service
systemctl start neutron-server.service

Network Nodes

Perform the following operations on the network nodes (x86-compute and arm-compute) of the self service-OVS network type.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables
  2. Configure common components.
    1. Open the /etc/neutron/neutron.conf file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Use RabbitMQ as the connection information of the message queue.
        1
2
        [DEFAULT] 
transport_url = rabbit://openstack:PASSWORD@controller

        Replace PASSWORD with the password of the openstack user described in Installing RabbitMQ.

      2. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
        [DEFAULT] 
auth_strategy = keystone 
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      3. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  3. Configure the DHCP agent.
    1. Open the /etc/neutron/dhcp_agent.ini file.
      vi /etc/neutron/dhcp_agent.ini
    2. Press i to enter the insert mode and add the following content:
      • For the x86 network nodes, which are az-x86 nodes, add the following configuration, save it, and exit:
        1
2
3
4
5
6
7
        [DEFAULT]
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 
enable_isolated_metadata = true 
interface_driver = openvswitch 
force_metadata = true
[AGENT] 
availability_zone = az-x86
      • For the Arm network nodes, which are az-arm nodes, add the following configuration, save it, and exit:
        1
2
3
4
5
6
7
        [DEFAULT]
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 
enable_isolated_metadata = true 
interface_driver = openvswitch 
force_metadata = true
[AGENT] 
availability_zone = az-arm
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  4. Configure the metadata agent.
    1. Open the /etc/neutron/metadata_agent.ini file.
      vi /etc/neutron/metadata_agent.ini
    2. Press i to enter the insert mode, and configure the metadata host and shared key:
      1
2
3
      [DEFAULT] 
nova_metadata_host = controller 
metadata_proxy_shared_secret = PASSWORD

      Replace PASSWORD with the password of the user neutron described in section Creating the Neutron Database.

    1. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  5. Configure the L3 agent.
    1. Open the /etc/neutron/l3_agent.ini file.
      vi /etc/neutron/l3_agent.ini
    2. Press i to enter the insert mode and perform the following configurations.
      • For the x86 network nodes, which are az-x86 nodes, add the following configuration:
        1
2
3
4
        [DEFAULT]
interface_driver = openvswitch
[AGENT] 
availability_zone = az-x86
      • For the Arm network nodes, which are az-arm nodes, add the following configuration:
        1
2
3
4
        [DEFAULT]
interface_driver = openvswitch
[AGENT] 
availability_zone = az-arm
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  6. Modify the /etc/sysctl.conf file.
    1. Open the /etc/sysctl.conf file.
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content to the file:
      1
2
3
      net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  7. Enable the network service and configure it to start as the system boots.
    1
2
3
4
    systemctl enable neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service
systemctl start neutron-openvswitch-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service

Compute Nodes

Perform the following operations on the compute nodes (x86-compute and arm-compute) of the self service-OVS network type. Because the network node and compute node are deployed on the same node, skip the repeated configurations if there are any.

  1. Install components.
    1
    yum -y install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables ipset libibverbs
  2. Configure common components.
    1. Open the /etc/neutron/neutron.conf file.
      vi /etc/neutron/neutron.conf
    2. Press i to enter the insert mode and perform the following configurations.
      1. Configure RabbitMQ message queue access.
        1
2
        [DEFAULT] 
transport_url = rabbit://openstack:PASSWORD@controller

        Replace PASSWORD with the password of the openstack user described in Installing RabbitMQ.

      2. Configure Identity service access.
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
        [DEFAULT] 
auth_strategy = keystone 
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = PASSWORD

        Replace PASSWORD with the password of the neutron user described in Creating the Neutron Database.

      3. Configure the lock path.
        1
2
        [oslo_concurrency] 
lock_path = /var/lib/neutron/tmp
    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  3. Configure the OpenStack agent.
    1. Open the /etc/neutron/plugins/ml2/openvswitch_agent.ini file.
      vi /etc/neutron/plugins/ml2/openvswitch_agent.ini
    2. Press i to enter the insert mode and add [linux_openvswitch], [vxlan], [ovs], and [securitygroup].
      • For the x86 compute nodes, which are az-x86 nodes, configure provider-x86:
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
        [linux_openvswitch] 
physical_interface_mappings = provider-x86:enp64s0 
[agent] 
tunnel_types = vxlan 
l2_population = true 
[ovs] 
bridge_mappings = provider-x86:br-provider 
local_ip = 192.168.100.121 
[securitygroup] 
enable_security_group = true 
firewall_driver = iptables_hybrid
      • For the Arm compute nodes, which are az-arm nodes, configure provider-arm:
         1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
        [linux_openvswitch] 
physical_interface_mappings = provider-arm:enp64s0 
[agent] 
tunnel_types = vxlan 
l2_population = true 
[ovs] 
bridge_mappings = provider-arm:br-provider 
local_ip = 192.168.100.121 
[securitygroup] 
enable_security_group = true 
firewall_driver = iptables_hybrid

      In this example, the provider network uses the enp64s0 network port. Set the network port based on actual requirements. The physical NIC is configured for the service network, not for the management network. See Cluster Environment.

    3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
  1. Modify the /etc/sysctl.conf file.
    1. Open the /etc/sysctl.conf file.
      vi /etc/sysctl.conf
    2. Press i to enter the insert mode and add the following content to the file:
      1
2
3
      net.ipv4.ip_forward=1
net.ipv4.conf.all.rp_filter=0
net.ipv4.conf.default.rp_filter=0
    3. Press Esc, type :wq!, and press Enter to save the file and exit.
    4. Make the configuration take effect.
      1
      sysctl -p
  2. Enable the OVS agent and configure it to start as the system boots.
    1
2
    systemctl enable neutron-openvswitch-agent.service
systemctl start neutron-openvswitch-agent.service
  3. Create an OVS provider.
    1
2
    ovs-vsctl add-br br-provider
ovs-vsctl add-port br-provider enp64s0