OpenStack Networking allows you to create or attach interface device to networks, this guide helps you to configure Neutron (Networking) on OpenStack environment. Neutron manages all networking related things that are required for Virtual Networking Infrastructure, it provides the networks, subnets, and router object abstractions.
Install and configure controller node:
Before we configure Neutron service, we must create a database, service, and API endpoint.
Login as the root into MySQL server.
# mysql -u root -p
Create the neutron database.
CREATE DATABASE neutron;
Grant a proper permission to the neutron database.
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'password'; GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password';
Replace “password” with a suitable password. Exit from MySQL.
Load your admin credential from the environment script.
# source admin-openrc.sh
Create the neutron user for creating service credentials.
# openstack user create --password-prompt neutron User Password: Repeat User Password: +----------+----------------------------------+ | Field | Value | +----------+----------------------------------+ | email | None | | enabled | True | | id | ac5ee3286887450d911b82d4e263e1c9 | | name | neutron | | username | neutron | +----------+----------------------------------+
Add the admin role to the neutron user.
# openstack role add --project service --user neutron admin +-------+----------------------------------+ | Field | Value | +-------+----------------------------------+ | id | 33af4f957aa34cc79451c23bf014af6f | | name | admin | +-------+----------------------------------+
Create the neutron service entity.
# openstack service create --name neutron --description "OpenStack Networking" network +-------------+----------------------------------+ | Field | Value | +-------------+----------------------------------+ | description | OpenStack Networking | | enabled | True | | id | 95237876259e44d9a1a926577b786875 | | name | neutron | | type | network | +-------------+----------------------------------+
Create the neutron service API endpoint.
# openstack endpoint create \ --publicurl http://controller:9696 \ --adminurl http://controller:9696 \ --internalurl http://controller:9696 \ --region RegionOne \ network +--------------+----------------------------------+ | Field | Value | +--------------+----------------------------------+ | adminurl | http://controller:9696 | | id | ed46eb46c27e4f2b9a58ff574f43d0cb | | internalurl | http://controller:9696 | | publicurl | http://controller:9696 | | region | RegionOne | | service_id | 95237876259e44d9a1a926577b786875 | | service_name | neutron | | service_type | network | +--------------+----------------------------------+
Install and configure Networking components on the controller node:
# apt-get install neutron-server neutron-plugin-ml2 python-neutronclient
Edit the /etc/neutron/neutron.conf.
# nano /etc/neutron/neutron.conf
Modify the below settings and make sure to place a entries in the proper sections.
[DEFAULT] ... verbose = True rpc_backend = rabbit auth_strategy = keystone core_plugin = ml2 service_plugins = router allow_overlapping_ips = True notify_nova_on_port_status_changes = True notify_nova_on_port_data_changes = True nova_url = http://controller:8774/v2 [oslo_messaging_rabbit] ... rabbit_host = controller rabbit_userid = openstack rabbit_password = password ## Replace "password" with the password you chose for the openstack account in RabbitMQ [database] ... connection = mysql://neutron:password@controller/neutron ## Replace "password" with the password you chose for neutron database [keystone_authtoken] ... auth_uri = http://controller:5000 auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default project_name = service username = neutron password = password ## Replace "password" with the password you chose for neutron user in the identity service. [nova] ... auth_url = http://controller:35357 auth_plugin = password project_domain_id = default user_domain_id = default region_name = RegionOne project_name = service username = nova password = password ## Replace "password" with the password you chose for nova user in the identity service.
Configure Modular Layer 2 (ML2) plugin:
Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file
# nano /etc/neutron/plugins/ml2/ml2_conf.ini
Modify the following stanzas.
[ml2] ... type_drivers = flat,vlan,gre,vxlan tenant_network_types = gre mechanism_drivers = openvswitch [ml2_type_gre] ... tunnel_id_ranges = 1:1000 [securitygroup] ... enable_security_group = True enable_ipset = True firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
Configure compute to use Networking, edit /etc/nova/nova.conf on the controller node.
# nano /etc/nova/nova.conf
Modify the below settings and make sure to place a entries in the proper sections.
[DEFAULT] ... network_api_class = nova.network.neutronv2.api.API security_group_api = neutron linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver firewall_driver = nova.virt.firewall.NoopFirewallDriver [neutron] url = http://controller:9696 auth_strategy = keystone admin_auth_url = http://controller:35357/v2.0 admin_tenant_name = service admin_username = neutron admin_password = password ## Replace "password" with the password you chose for neutron user in the identity service
Note: If you do not have a particular section, create and place stanzas onto it.
Populate the neutron database.
# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
Restart compute and networking service on controller node.
# service nova-api restart # service neutron-server restart
Verify it by listing loaded extensions.
# neutron ext-list +-----------------------+-----------------------------------------------+ | alias | name | +-----------------------+-----------------------------------------------+ | security-group | security-group | | l3_agent_scheduler | L3 Agent Scheduler | | net-mtu | Network MTU | | ext-gw-mode | Neutron L3 Configurable external gateway mode | | binding | Port Binding | | provider | Provider Network | | agent | agent | | quotas | Quota management support | | subnet_allocation | Subnet Allocation | | dhcp_agent_scheduler | DHCP Agent Scheduler | | l3-ha | HA Router extension | | multi-provider | Multi Provider Network | | external-net | Neutron external network | | router | Neutron L3 Router | | allowed-address-pairs | Allowed Address Pairs | | extraroute | Neutron Extra Route | | extra_dhcp_opt | Neutron Extra DHCP opts | | dvr | Distributed Virtual Router | +-----------------------+-----------------------------------------------+
Next is to Install and configure Network Node.