安装 Python3.7:
yum -y groupinstall "Development tools" yum -y install zlib-devel bzip2-devel openssl-devel ncurses-devel sqlite-devel readline-devel tk-devel gdbm-devel db4-devel libpcap-devel xz-devel libffi-devel zlib1g-dev zlib* libffi-devel wget wget https://www.python.org/ftp/python/3.7.2/Python-3.7.2.tar.xz tar -xvJf Python-3.7.2.tar.xz mkdir /usr/local/python3 cd Python-3.7.2 ./configure --prefix=/usr/local/python3 --enable-optimizations --with-ssl make && make install ln -s /usr/local/python3/bin/python3 /usr/local/bin/python3 ln -s /usr/local/python3/bin/pip3 /usr/local/bin/pip3 python3 -V pip3 -V
安装 ovs和ovn:
yum install -y epel-release net-tools gcc gcc-c++ kernel-devel kernel-headers kernel.x86_64 numactl-devel.x86_64 numactl-libs.x86_64 libpcap.x86_64 libpcap-devel.x86_64 pciutils autoconf automake libtool git clone https://github.com/openvswitch/ovs.git git branch -a git checkout git checkout origin/branch-2.12 ./boot.sh ./configure make make install # 配置数据库 mkdir -p /usr/local/etc/openvswitch ovsdb-tool create /usr/local/etc/openvswitch/conf.db vswitchd/vswitch.ovsschema # 启动 ovsdb-server mkdir -p /usr/local/var/run/openvswitch mkdir -p /usr/local/var/log/openvswitch/ ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --private-key=db:Open_vSwitch,SSL,private_key --certificate=db:Open_vSwitch,SSL,certificate --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert --pidfile --detach --log-file ovs-vsctl --no-wait init ovs-vswitchd --pidfile --detach --log-file
# 启动 ovn_northd /usr/local/share/openvswitch/scripts/ovn-ctl start_northd
其他:
yum install -y python-networking-ovn
允许远程访问 osvdb-server:(将 0.0.0.0 替换成管理网络接口的IP,可以避免监听所有接口)
ovn-nbctl set-connection ptcp:6641:0.0.0.0 -- set connection . inactivity_probe=60000 ovn-sbctl set-connection ptcp:6642:0.0.0.0 -- set connection . inactivity_probe=60000
如果使用 vtep,则还需如下配置:
ovs-appctl -t ovsdb-server ovsdb-server/add-remote ptcp:6640:0.0.0.0
编辑配置文件 /etc/neutron/neutron.conf,添加或修改如下内容:
[DEFAULT] ... core_plugin = ml2 service_plugins = ovn-router # 其他配置
注:其他配置正常(https://docs.openstack.org/neutron/latest/install/controller-install-rdo.html)。
编辑配置文件 /etc/neutron/plugins/ml2/ml2_conf.ini:
[ml2] ... mechanism_drivers = ovn type_drivers = local,flat,vlan,geneve tenant_network_types = geneve extension_drivers = port_security overlay_ip_version = 4 [ml2_type_flat] flat_networks = PHYSICAL_NETWORK [ml2_type_geneve] vni_ranges = 1:65536 max_header_size = 38 [ml2_type_vlan] network_vlan_ranges = PHYSICAL_NETWORK:MIN_VLAN_ID:MAX_VLAN_ID [securitygroup] enable_security_group = true [ovn] ovn_nb_connection = tcp:IP_ADDRESS:6641 ovn_sb_connection = tcp:IP_ADDRESS:6642 ovn_l3_scheduler = OVN_L3_SCHEDULER
将 PHYSICAL_NETWORK 替换为物理网络名称(自己取即可),如, provider。
MIN_VXLAN_ID:MAX_VLAN_ID 定义了最小、最大可用的 vlan id,如,1001:2000。
将 IP_ADDRESS 替换为 controller 节点上运行 osvdb-server 服务的IP地址。
OVN_L3_SCHEDULER可选值:
Set ovn-cms-options with enable-chassis-as-gw in Open_vSwitch table’s external_ids column. Then if this chassis has proper bridge mappings, it will be selected for scheduling gateway routers.
ovs-vsctl set open . external-ids:ovn-cms-options=enable-chassis-as-gw
重新填充数据库:(DBPASS:数据库登录密码,NEUTRON_DBPASS:neutron服务连接数据库时使用的密码)
mysql -uroot -p$DBPASS <<EOF DROP DATABASE IF EXISTS neutron; CREATE DATABASE neutron; GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘localhost‘ IDENTIFIED BY ‘$NEUTRON_DBPASS‘; GRANT ALL PRIVILEGES ON neutron.* TO ‘neutron‘@‘%‘ IDENTIFIED BY ‘$NEUTRON_DBPASS‘; quit EOF su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
停止 linux-bridge 等服务(因为此处将 controller 节点也用作了 network 节点),并重新启动 neutron-server:
systemctl stop neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service systemctl disable neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service systemctl restart neutron-server.service
不再需要 DHCP 和 L3 功能。
使用 controller 节点上的 ovs 数据库:
systemctl start openvswitch ovs-vsctl set open . external-ids:ovn-remote=tcp:IP_ADDRESS:6642
将 IP_ADDRESS 替换为 controller 上运行 ovsdb-server 服务的 IP地址。
ovs-vsctl set open . external-ids:ovn-encap-type=geneve,vxlan
ovs-vsctl set open . external-ids:ovn-encap-ip=IP_ADDRESS
Replace IP_ADDRESS with the IP address of the overlay network interface on the compute node.
启动 ovn-controller:
/usr/local/share/openvswitch/scripts/ovn-ctl start_controller
# openstack network create net1 # openstack subnet create --subnet-range 172.0.0.0/24 --network net1 subnet1 # openstack port create --network net1 --fixed-ip subnet=subnet1,ip-address=172.0.0.10 port1 # ovn-nbctl show switch 00d310e3-1919-4dc8-a6d4-c9baaba1b006 (neutron-4c3d437a-f161-4c3e-9a57-606e9f80ed14) (aka net1) port 40e23569-fd75-40fb-ae07-ce93053a007b (aka port1) addresses: ["fa:16:3e:98:22:c7 172.0.0.10"]
https://docs.openstack.org/neutron/latest/install/ovn/manual_install.html
https://www.cnblogs.com/xiujin/p/11477419.html
https://www.cnblogs.com/gaozhengwei/p/7100140.html
原文:https://www.cnblogs.com/gzming/p/14261531.html