Installing Neutron

Neutron provides network connection function for other service components, such as Nova computing service components. Neutron also provides APIs for users and supports devices and technologies from multiple network providers. Install Neutron on the controller and compute nodes. The operations for installing Neutron on the controller node are different from those on the compute node.

Creating a Neutron Database on the Controller Node

Create a Neutron database.
1. Log in to the database as the root user.
```
mysql -u root -p 
```
2. In the database, create a Neutron database and grant permissions.
```
CREATE DATABASE neutron; 
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS'; 
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS'; 
```
  Replace NEUTRON_DBPASS with the password of the Neutron database user as required. The password cannot contain the characters including #@$ and can contain the special characters including &=-_.+!*()
3. Exit the database.
```
exit
```

Create a Neutron service credential.

source ~/.admin-openrc 
openstack user create --domain default --password-prompt neutron 
openstack role add --project service --user neutron admin 
openstack service create --name neutron --description "OpenStack Networking" network

The password cannot contain the characters including #@$ and can contain the special characters including &=-_.+!*()

Create Neutron API endpoints.

openstack endpoint create --region RegionOne network public http://controller:9696 
openstack endpoint create --region RegionOne network internal http://controller:9696 
openstack endpoint create --region RegionOne network admin http://controller:9696

Installing and Configuring Neutron on the Controller Node (Self-Service OVS for Example)

Perform the following operations on the self-service OVS controller node.

Install the components.

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch openstack-neutron-metering-agent ebtables

Modify the /etc/neutron/neutron.conf configuration file.

Open the file.
```
vi /etc/neutron/neutron.conf
```

Press i to enter the insert mode and add the following content:

#a. Configure database access.
[database] 
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
 
#b. Enable the ML2 plugin and disable other plugins.
[DEFAULT] 
core_plugin = ml2 
service_plugins = router,metering,qos,placement,trunk,segments 
transport_url = rabbit://openstack:RABBIT_PASSWORD@controller
auth_strategy = keystone 
notify_nova_on_port_status_changes = true 
notify_nova_on_port_data_changes = true 
 
#c. Configure identity access.
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = NEUTRON_PASSWORD
 
#d. Configure parameters of the [nova] section. The configuration file does not contain the parameters of [nova] by default. You need to add it.
[nova] 
auth_url = http://controller:5000 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
region_name = RegionOne 
project_name = service 
username = nova 
password = NOVA_PASSWORD
 
#e. Configure the lock path.
[oslo_concurrency] 
lock_path = /var/lib/neutron/tmp 
 
#f. Configure placement. The configuration file does not contain parameters of the [placement] section by default. You need to add it.
[placement] 
region_name = RegionOne 
project_domain_name = Default 
project_name = service 
auth_type = password 
user_domain_name = Default 
auth_url = http://controller:5000/v3 
username = placement 
password = PLACEMENT_PASSWORD

The username and password fields in the [nova] section are configured based on the Nova information after Nova is installed. Or, you can preset a Nova password here and install and configure Nova later. Ensure that the Nova user name and password configured during Nova installation are consistent with those preset in the configuration file.

Replace NEUTRON_DBPASS with the Neutron database password, NEUTRON_PASSWORD with the Neutron user password, and PLACEMENT_PASSWORD with the Placement user password.

Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.

Modify the ML2 plugin /etc/neutron/plugins/ml2/ml2_conf.ini.

Open the file.

vi /etc/neutron/plugins/ml2/ml2_conf.ini

Press i to enter the insert mode and add the following content:

# Enable the Flat, VLAN, and VXLAN networks.
# You need to add [ml2], [ml2_type_flat], [ml2_type_vlan], and [ml2_type_vxlan].
[ml2] 
type_drivers = flat,vlan,vxlan 
tenant_network_types = flat,vlan,vxlan 
mechanism_drivers = openvswitch 
extension_drivers = port_security,qos 
 
[ml2_type_flat] 
flat_networks = provider 
 
[ml2_type_vlan] 
network_vlan_ranges = provider 
 
[ml2_type_vxlan] 
vni_ranges = 1:1000

Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.

Modify the /etc/neutron/plugins/ml2/openvswitch_agent.ini file to configure OVS.
1. Open the file.
```
vi /etc/neutron/plugins/ml2/openvswitch_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[securitygroup]   
enable_ipset = true
enable_security_group = true 
firewall_driver = openvswitch 

[agent] 
tunnel_types = vxlan 
extensions  = qos

[ovs] 
bridge_mappings = provider:br-ex 
tunnel_bridge = br-tun 
local_ip = 192.168.16.2
resource_provider_bandwidths = br-ex:10000000:10000000 
```
  The 192.168.16.0 subnet is used for communication of OpenStack service traffic. 192.168.16.2 indicates the service traffic communication IP address of the current node. Replace it with the actual one.
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the DHCP configuration file /etc/neutron/dhcp_agent.ini.
1. Open the file.
```
vi /etc/neutron/dhcp_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[DEFAULT] 
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq 
enable_isolated_metadata = true 
force_metadata = true 
interface_driver = openvswitch
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the L3 agent configuration file /etc/neutron/l3_agent.ini.
1. Open the file.
```
vi /etc/neutron/l3_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[DEFAULT] 
interface_driver = openvswitch
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the metadata agent configuration file /etc/neutron/metadata_agent.ini.
1. Open the file.
```
vi /etc/neutron/metadata_agent.ini
```
2. Press i to enter the insert mode and modify the following content:
```
[DEFAULT]  
nova_metadata_host = 192.168.14.2
metadata_proxy_shared_secret = NEUTRON_PASSWORD
```
  192.168.14.2 is the management IP address of the controller node. Replace it with the actual one.
  
  NEUTRON_PASSWORD indicates the Neutron user password. Replace it with the actual password.
1. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the system configuration file /etc/sysctl.conf.
1. Open the file.
```
vi /etc/sysctl.conf
```
2. Press i to enter the insert mode and modify the following content:
```
net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
4. Make the configuration take effect.
```
sysctl -p
```

Initialize the network.

ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini

Populate the database.

su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Enable the network service and configure it to start upon system startup.

systemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-metadata-agent.service neutron-dhcp-agent.service neutron-l3-agent.service neutron-metering-agent.service  
systemctl start neutron-server.service neutron-openvswitch-agent.service neutron-metadata-agent.service neutron-dhcp-agent.service neutron-l3-agent.service neutron-metering-agent.service

Add an OVS bridge.
```
ovs-vsctl add-br br-ex
```
Check the service running status.
1. Check the service status.
```
systemctl status neutron-openvswitch-agent
```
2. Check whether the logs are normal.
```
vi /var/log/neutron/openvswitch-agent.log
```

Installing and Configuring Neutron on the Compute Node (Self-Service OVS for Example)

Install the components.

yum install openstack-neutron openstack-neutron-ml2 openstack-neutron-openvswitch ebtables

Modify the /etc/neutron/neutron.conf file to configure the Neutron component.

Open the file.
```
vi /etc/neutron/neutron.conf
```

Press i to enter the insert mode and add the following content:

#a. Configure RabbitMQ message queue access.
[DEFAULT] 
transport_url = rabbit://openstack:RABBIT_PASSWORD@controller
auth_strategy = keystone 
 
#b. Configure the identity access service.
[keystone_authtoken] 
www_authenticate_uri = http://controller:5000 
auth_url = http://controller:5000 
memcached_servers = controller:11211 
auth_type = password 
project_domain_name = default 
user_domain_name = default 
project_name = service 
username = neutron 
password = NEUTRON_PASSWORD 
 
#c. Configure the lock path.
[oslo_concurrency] 
lock_path = /var/lib/neutron/tmp

Replace RABBIT_PASSWORD with the password of the OpenStack user in RabbitMQ, and replace NEUTRON_PASSWORD with the password of the Neutron user.

Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.

Configure the metadata agent and modify the /etc/neutron/metadata_agent.ini file.
1. Open the file.
```
vi /etc/neutron/metadata_agent.ini
```
2. Press i to enter the insert mode, and add the following content to configure the metadata host and shared key:
```
[DEFAULT] 
nova_metadata_host = controller 
metadata_proxy_shared_secret = NEUTRON_PASSWORD
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the DHCP configuration file /etc/neutron/dhcp_agent.ini.
1. Open the file.
```
vi /etc/neutron/dhcp_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[DEFAULT] 
enable_isolated_metadata = true 
force_metadata = true 
interface_driver = openvswitch
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the /etc/neutron/l3_agent.ini file to configure the L3 agent.
1. Open the file.
```
vi /etc/neutron/l3_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[DEFAULT] 
interface_driver = openvswitch
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the /etc/neutron/plugins/ml2/openvswitch_agent.ini file to configure the Open vSwitch agent.
1. Open the file.
```
vi /etc/neutron/plugins/ml2/openvswitch_agent.ini
```
2. Press i to enter the insert mode and add the following content:
```
[securitygroup] 
enable_ipset = true 
enable_security_group = true 
firewall_driver = openvswitch 

[agent] 
tunnel_types = vxlan 
extensions = qos 
 
[ovs] 
local_ip = 192.168.16.4 
```
  The 192.168.16.0/24 subnet is used for communication of OpenStack service traffic. 192.168.16.4 indicates the service plane IP address of the current node. Replace it with the actual IP address.
1. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
Modify the system configuration file /etc/sysctl.conf.
1. Open the file.
```
vi /etc/sysctl.conf
```
2. Press i to enter the insert mode and modify the following content:
```
net.ipv4.ip_forward=1 
net.ipv4.conf.all.rp_filter=0 
net.ipv4.conf.default.rp_filter=0
```
3. Press Esc to exit the insert mode. Type :wq! and press Enter to save the file and exit.
4. Make the configuration take effect.
```
sysctl -p
```

Enable the network service and configure it to start upon system startup.

systemctl enable neutron-openvswitch-agent.service neutron-metadata-agent.service neutron-dhcp-agent.service neutron-l3-agent.service 
systemctl start neutron-openvswitch-agent.service neutron-metadata-agent.service neutron-dhcp-agent.service neutron-l3-agent.service

You can start other services on the compute node as required.

Check the running status of the compute node.
```
systemctl status neutron-openvswitch-agent
```

Verifying Neutron

Run the following commands on the controller node to verify Neutron:

source ~/.admin-openrc 
openstack network agent list

Parent topic: Deployment and Verification