Sep 072015
 

OpenStack Logo

OpenStack Networking allows you to create or attach interface device to networks, this guide helps you to configure Neutron (Networking) on OpenStack environment. Neutron manages all networking related things that are required for Virtual Networking Infrastructure, it provides the networks, subnets, and router object abstractions.

Install and configure controller node:

Before we configure Neutron service, we must create a database, service, and API endpoint.

Login as the root into MySQL server.

# mysql -u root -p
Create the neutron database.
CREATE DATABASE neutron;

Grant a proper permission to the neutron database.

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'password';

GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'password';

Replace “password” with a suitable password. Exit from MySQL.

Load your admin credential from the environment script.

# source admin-openrc.sh

Create the neutron user for creating service credentials.

# openstack user create --password-prompt neutron
User Password:
Repeat User Password:
+----------+----------------------------------+
| Field    | Value                            |
+----------+----------------------------------+
| email    | None                             |
| enabled  | True                             |
| id       | ac5ee3286887450d911b82d4e263e1c9 |
| name     | neutron                          |
| username | neutron                          |
+----------+----------------------------------+

Add the admin role to the neutron user.

# openstack role add --project service --user neutron admin
+-------+----------------------------------+
| Field | Value                            |
+-------+----------------------------------+
| id    | 33af4f957aa34cc79451c23bf014af6f |
| name  | admin                            |
+-------+----------------------------------+

Create the neutron service entity.

# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field       | Value                            |
+-------------+----------------------------------+
| description | OpenStack Networking             |
| enabled     | True                             |
| id          | 95237876259e44d9a1a926577b786875 |
| name        | neutron                          |
| type        | network                          |
+-------------+----------------------------------+

Create the neutron service API endpoint.

# openstack endpoint create \
--publicurl http://controller:9696 \
--adminurl http://controller:9696 \
--internalurl http://controller:9696 \
--region RegionOne \
network
+--------------+----------------------------------+
| Field        | Value                            |
+--------------+----------------------------------+
| adminurl     | http://controller:9696           |
| id           | ed46eb46c27e4f2b9a58ff574f43d0cb |
| internalurl  | http://controller:9696           |
| publicurl    | http://controller:9696           |
| region       | RegionOne                        |
| service_id   | 95237876259e44d9a1a926577b786875 |
| service_name | neutron                          |
| service_type | network                          |
+--------------+----------------------------------+

Install and configure Networking components on the controller node:

# apt-get install neutron-server neutron-plugin-ml2 python-neutronclient

Edit the /etc/neutron/neutron.conf.

# nano /etc/neutron/neutron.conf

Modify the below settings and make sure to place a entries in the proper sections.

[DEFAULT]
...
verbose = True
rpc_backend = rabbit
auth_strategy = keystone
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = True
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
nova_url = http://controller:8774/v2


[oslo_messaging_rabbit]
...
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = password
## Replace "password" with the password you chose for the openstack account in RabbitMQ

[database]
...
connection = mysql://neutron:password@controller/neutron
## Replace "password" with the password you chose for neutron database

[keystone_authtoken]
...
auth_uri = http://controller:5000
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
project_name = service
username = neutron
password = password
## Replace "password" with the password you chose for neutron user in the identity service.

[nova]
...
auth_url = http://controller:35357
auth_plugin = password
project_domain_id = default
user_domain_id = default
region_name = RegionOne
project_name = service
username = nova
password = password

## Replace "password" with the password you chose for nova user in the identity service.

Configure Modular Layer 2 (ML2) plugin:

Edit the /etc/neutron/plugins/ml2/ml2_conf.ini file

# nano /etc/neutron/plugins/ml2/ml2_conf.ini

Modify the following stanzas.

[ml2]
...
type_drivers = flat,vlan,gre,vxlan
tenant_network_types = gre
mechanism_drivers = openvswitch

[ml2_type_gre]
...
tunnel_id_ranges = 1:1000

[securitygroup]
...
enable_security_group = True
enable_ipset = True
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver

Configure compute to use Networking, edit /etc/nova/nova.conf on the controller node.

# nano /etc/nova/nova.conf

Modify the below settings and make sure to place a entries in the proper sections.

[DEFAULT]
...
network_api_class = nova.network.neutronv2.api.API
security_group_api = neutron
linuxnet_interface_driver = nova.network.linux_net.LinuxOVSInterfaceDriver
firewall_driver = nova.virt.firewall.NoopFirewallDriver

[neutron]
url = http://controller:9696
auth_strategy = keystone
admin_auth_url = http://controller:35357/v2.0
admin_tenant_name = service
admin_username = neutron
admin_password = password

## Replace "password" with the password you chose for neutron user in the identity service

Note: If you do not have a particular section, create and place stanzas onto it.

Populate the neutron database.

# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

Restart compute and networking service on controller node.

# service nova-api restart

# service neutron-server restart

Verify it by listing loaded extensions.

# neutron ext-list
+-----------------------+-----------------------------------------------+
| alias                 | name                                          |
+-----------------------+-----------------------------------------------+
| security-group        | security-group                                |
| l3_agent_scheduler    | L3 Agent Scheduler                            |
| net-mtu               | Network MTU                                   |
| ext-gw-mode           | Neutron L3 Configurable external gateway mode |
| binding               | Port Binding                                  |
| provider              | Provider Network                              |
| agent                 | agent                                         |
| quotas                | Quota management support                      |
| subnet_allocation     | Subnet Allocation                             |
| dhcp_agent_scheduler  | DHCP Agent Scheduler                          |
| l3-ha                 | HA Router extension                           |
| multi-provider        | Multi Provider Network                        |
| external-net          | Neutron external network                      |
| router                | Neutron L3 Router                             |
| allowed-address-pairs | Allowed Address Pairs                         |
| extraroute            | Neutron Extra Route                           |
| extra_dhcp_opt        | Neutron Extra DHCP opts                       |
| dvr                   | Distributed Virtual Router                    |
+-----------------------+-----------------------------------------------+

Next is to Install and configure Network Node.