neutron option-1(compute node)

https://docs.openstack.org/neutron/queens/install/compute-install-option1-rdo.html

Linux bridge agent 为实例建立layer2虚拟网络并且处理安全组规则.

cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini{,.ori}
# map the provider virtual network to the provider physical network interface
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini linux_bridge physical_interface_mappings provider:eth0
# disable VXLAN overlay networks
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini vxlan enable_vxlan false
# enable security groups and configure the Linux bridge iptables firewall driver
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup enable_security_group true
openstack-config --set /etc/neutron/plugins/ml2/linuxbridge_agent.ini securitygroup firewall_driver neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

cat >> /etc/sysctl.conf<<'EOF'
net.bridge.bridge-nf-call-ip6tables = 1
net.bridge.bridge-nf-call-iptables = 1
EOF
 
modprobe br_netfilter
lsmod | grep br_netfilter
sysctl -p
  • virtualization/openstack/neutron/provider_compute_node.txt
  • 最后更改: 2019/04/16 18:31
  • (外部编辑)