VScaler: CIX Compute Node OpenStack Installation - Neutron

From Define Wiki
Jump to navigation Jump to search

Neutron Networking Services

  • 10_vscaler-computenode-neutron.sh
#!/bin/bash

# System prep notes
# - selinux disabled
# - firewalld disabled 
# - headnode /etc/hosts added entry for headnode, make sure the name 'controller' resolves the headnode also[root@head ~]# vi /etc/hosts
#   [root@head ~]# ping -c 1 controller
#   PING head.ohpc.keele.net (10.10.10.1) 56(84) bytes of data.
#   64 bytes from head.ohpc.keele.net (10.10.10.1): icmp_seq=1 ttl=64 time=0.082 ms
# - enable ntpd on compute nodes; systemctl enable  ntpd ; systemctl start  ntpd

# setup the installer enn vars
. vscaler-env.sh

# setup neutron on compute node 
yum -y install openstack-neutron openstack-neutron-linuxbridge ebtables ipset

crudini --set /etc/neutron/neutron.conf DEFAULT rpc_backend rabbit
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_host controller
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_userid openstack
crudini --set /etc/neutron/neutron.conf oslo_messaging_rabbit rabbit_password $RABBIT_PASS
crudini --set /etc/neutron/neutron.conf DEFAULT auth_strategy keystone
crudini --del /etc/neutron/neutron.conf keystone_authtoken
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_uri http://controller:5000
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_url http://controller:35357
crudini --set /etc/neutron/neutron.conf keystone_authtoken auth_plugin password
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_domain_id default
crudini --set /etc/neutron/neutron.conf keystone_authtoken user_domain_id default
crudini --set /etc/neutron/neutron.conf keystone_authtoken project_name service
crudini --set /etc/neutron/neutron.conf keystone_authtoken username neutron
crudini --set /etc/neutron/neutron.conf keystone_authtoken password $NEUTRON_PASS
crudini --set /etc/neutron/neutron.conf oslo_concurrency lock_path /var/lib/neutron/tmp
crudini --set /etc/neutron/neutron.conf DEFAULT verbose True

#crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings public:eno1
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan True
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan local_ip $MY_VXLAN_IP
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan l2_population True
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini agent prevent_arp_spoofing True
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group True
crudini --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

crudini --set /etc/nova/nova.conf neutron url http://controller:9696
crudini --set /etc/nova/nova.conf neutron auth_url http://controller:35357
crudini --set /etc/nova/nova.conf neutron auth_plugin password
crudini --set /etc/nova/nova.conf neutron project_domain_id default
crudini --set /etc/nova/nova.conf neutron user_domain_id default
crudini --set /etc/nova/nova.conf neutron region_name RegionOne
crudini --set /etc/nova/nova.conf neutron project_name service
crudini --set /etc/nova/nova.conf neutron username neutron
crudini --set /etc/nova/nova.conf neutron password $NEUTRON_PASS

# for networking to work 
sysctl -w "net.ipv4.ip_forward=1"
sysctl -w "net.ipv4.conf.default.rp_filter=0"
sysctl -w "net.ipv4.conf.all.rp_filter=0"
sysctl -w "net.bridge.bridge-nf-call-iptables=1"
sysctl -w "net.bridge.bridge-nf-call-ip6tables=1"
sysctl -p

systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service
systemctl start neutron-linuxbridge-agent.service

Problems

sysctl -w net.bridge.xxx errors

  • The last two sysctl -w commands resulted in the following errors:
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-iptables: No such file or directory
sysctl: cannot stat /proc/sys/net/bridge/bridge-nf-call-ip6tables: No such file or directory
  • Previous installation of vScaler didn't do this, however it seems to be because the bridge module wasn't loaded.
  • modprobe to load the module
[root@node01 ~]# modprobe bridge
[root@node01 ~]# lsmod | grep bridge
bridge                119562  0 
stp                    12976  1 bridge
llc                    14552  2 stp,bridge

Neutron File Permissions

  • As with the network node, for unknown reasons after initial installation and configuration, various neutron related files and directories end up with random permissions.
  • Reset these with the following:
chown root:neutron /etc/neutron/{dhcp_agent.ini,l3_agent.ini,metadata_agent.ini,neutron.conf,policy.json}
chown root:neutron /etc/neutron/plugins/ml2/linuxbridge_agent.ini
chown root:neutron /usr/share/neutron/{api-paste.ini,neutron-dist.conf}
chown -R neutron:neutron /var/log/neutron/
Retrieved from "http://wiki.define-technology.com/mediawiki-1.35.0/index.php?title=VScaler:_CIX_Compute_Node_OpenStack_Installation_-_Neutron&oldid=15431"