Openstack installation : Networking service – Neutron (On Compute Node)

Content from “openstack.org”, listed here with minor/no changes – just noting down what I did – online notes.

The compute node handles connectivity and security groups for instances. Install the components

apt install --assume-yes neutron-linuxbridge-agent

The Networking common component configuration includes the authentication mechanism, message queue, and plug-in.

Edit the /etc/neutron/neutron.conf file and complete the following actions:

In the [database] section, comment out any connection options because compute nodes do not directly access the database.

In [oslo_concurrency] section :

[oslo_concurrency]
...
lock_path = /var/log/neutron/tmp

In the [DEFAULT] section, configure RabbitMQ message queue access and authentication strategy

[DEFAULT]
...
transport_url = rabbit://openstack:{password}@controller
...
auth_strategy = keystone

Configure authentication config. Comment out or remove any other options in the [keystone_authtoken] section.

[keystone_authtoken]
...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = {password}

Configure the Linux bridge agent, builds layer-2 (bridging and switching) virtual networking infrastructure for instances and handles security groups.

Note : eno2 is the network interface I had planned for provider networks

Edit the /etc/neutron/plugins/ml2/linuxbridge_agent.ini file and complete the following actions:

In the [linux_bridge] section, map the provider virtual network to the provider physical network interface:

[linux_bridge]
...
physical_interface_mappings = provider:eno2

In the [vxlan] section, enable VXLAN overlay networks, configure the IP address of the physical network interface that handles overlay networks, and enable layer-2 population:

[vxlan]
...
enable_vxlan = true
local_ip = 10.0.0.41
l2_population = true

In the [securitygroup] section, enable security groups and configure the Linux bridge iptables firewall driver:

[securitygroup]
...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

Configure the Compute service to use the Networking service

Edit the /etc/nova/nova.conf file and in the [neutron] section, configure access parameters:

[neutron]
...
url = http://controller:9696
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = {password}

Finalize installation. Restart the Compute service:

service nova-compute restart

Restart the Linux bridge agent:

service neutron-linuxbridge-agent restart

Verify neutron installation : List agents to verify successful launch of the neutron agents:

$ openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 3fe3723d-cdd8-4b38-906c-0faf433a5f1e | L3 agent | controller | nova | 🙂 | UP | neutron-l3-agent |
| 47e059c2-1d18-4b64-8af9-c6c6d36048d9 | Linux bridge agent | icompute | None | 🙂 | UP | neutron-linuxbridge-agent |
| 5cf3c2e9-a714-4446-9d39-e87b300c1cbf | Metadata agent | controller | None | 🙂 | UP | neutron-metadata-agent |
| a9222b67-0f4a-4271-acfe-e234f161f570 | Linux bridge agent | controller | None | 🙂 | UP | neutron-linuxbridge-agent |
| c5f4e10b-67a5-4ee0-92ae-a4463ee5b582 | Linux bridge agent | acompute | None | 🙂 | UP | neutron-linuxbridge-agent |
| ca5e5486-9d8e-4063-b683-adedb9cc1b9d | DHCP agent | controller | nova | 🙂 | UP | neutron-dhcp-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

The output should indicate four agents on the controller node and one agent on each compute node.

About sandeep

Passionate about sharing information on "how to".
This entry was posted in Installation / How To, Notes and tagged , , , , , , , , . Bookmark the permalink.