Red Hat Summit이 콘텐츠는 선택한 언어로 제공되지 않습니다.
7.6. Configure the L3 Agent
Configure the Layer 3 agent. All steps in this procedure must be performed on the server hosting OpenStack Networking, while logged in as the
root user.
Procedure 7.13. Configuring the L3 Agent
- Configure the L3 agent to use the Identity service for authentication.
- Set the authentication strategy to
keystone:openstack-config --set /etc/neutron/metadata_agent.ini \ DEFAULT auth_strategy keystone
# openstack-config --set /etc/neutron/metadata_agent.ini \ DEFAULT auth_strategy keystoneCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Set the Identity service host that the L3 agent must use:
openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken auth_host IP
# openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken auth_host IPCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace IP with the IP address or host name of the server hosting the Identity service. - Set the L3 agent to authenticate as the correct tenant:
openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_tenant_name services
# openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_tenant_name servicesCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace services with the name of the tenant created for the use of OpenStack Networking. Examples in this guide useservices. - Set the L3 agent to authenticate using the
neutronadministrative user account:openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_user neutron
# openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_user neutronCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Set the L3 agent to use the correct
neutronadministrative user account password:openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_password PASSWORD
# openstack-config --set /etc/neutron/metadata_agent.ini \ keystone_authtoken admin_password PASSWORDCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace PASSWORD with the password set when theneutronuser was created. - If the
neutron-metadata-agentservice and thenova-metadata-apiservice are not installed on the same server, set the address of thenova-metadata-apiservice:openstack-config --set /etc/neutron/metadata_agent.ini \ DEFAULT nova_metadata_ip IP
# openstack-config --set /etc/neutron/metadata_agent.ini \ DEFAULT nova_metadata_ip IPCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace IP with the IP address of the server hosting thenova-metadata-apiservice.
- Set the interface driver in the
/etc/neutron/l3_agent.inifile based on the OpenStack Networking plug-in being used. Use the command the applies to the plug-in used in your environment:Open vSwitch Interface Driver
openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriver
# openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT interface_driver neutron.agent.linux.interface.OVSInterfaceDriverCopy to Clipboard Copied! Toggle word wrap Toggle overflow Linux Bridge Interface Driver
openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriver
# openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT interface_driver neutron.agent.linux.interface.BridgeInterfaceDriverCopy to Clipboard Copied! Toggle word wrap Toggle overflow
- The L3 agent connects to external networks using either an external bridge or an external provider network. When using the Open vSwitch plug-in, either approach is supported. When using the Linux Bridge plug-in, only the use of an external provider network is supported. Set up the option that is most appropriate for your environment.
Using an External Bridge
Create and configure an external bridge and configure OpenStack Networking to use it. Perform these steps on each system hosting an instance of the L3 agent.- Create the external bridge,
br-ex:ovs-vsctl add-br br-ex
# ovs-vsctl add-br br-exCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Ensure that the
br-exdevice persists on reboot by creating a/etc/sysconfig/network-scripts/ifcfg-br-exfile, and adding the following lines:DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge ONBOOT=yes BOOTPROTO=none
DEVICE=br-ex DEVICETYPE=ovs TYPE=OVSBridge ONBOOT=yes BOOTPROTO=noneCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Ensure that the L3 agent will use the external bridge:
openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT external_network_bridge br-ex
# openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT external_network_bridge br-exCopy to Clipboard Copied! Toggle word wrap Toggle overflow
Using a Provider Network
To connect the L3 agent to external networks using a provider network, you must first have created the provider network. You must also have created a subnet and router to associate with it. The unique identifier of the router is required to complete these steps.Set the value of theexternal_network_bridgeconfiguration to be blank. This ensures that the L3 agent does not attempt to use an external bridge:openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT external_network_bridge ""
# openstack-config --set /etc/neutron/l3_agent.ini \ DEFAULT external_network_bridge ""Copy to Clipboard Copied! Toggle word wrap Toggle overflow
- Start the
neutron-l3-agentservice and configure it to start at boot time:systemctl start neutron-l3-agent.service systemctl enable neutron-l3-agent.service
# systemctl start neutron-l3-agent.service # systemctl enable neutron-l3-agent.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow - The OpenStack Networking metadata agent allows virtual machine instances to communicate with the Compute metadata service. It runs on the same hosts as the L3 agent. Start the
neutron-metadata-agentservice and configure it to start at boot time:systemctl start neutron-metadata-agent.service systemctl enable neutron-metadata-agent.service
# systemctl start neutron-metadata-agent.service # systemctl enable neutron-metadata-agent.serviceCopy to Clipboard Copied! Toggle word wrap Toggle overflow - The
leastrouterscheduler enumerates L3 Agent router assignment, and consequently schedules the router to the L3 Agent with the fewest routers. This differs from the ChanceScheduler behavior, which randomly selects from the candidate pool of L3 Agents.- Enable the
leastrouterscheduler:openstack-config --set /etc/neutron/neutron.conf \ DEFAULT router_scheduler_driver neutron.scheduler.l3_agent_scheduler.LeastRoutersScheduler
# openstack-config --set /etc/neutron/neutron.conf \ DEFAULT router_scheduler_driver neutron.scheduler.l3_agent_scheduler.LeastRoutersSchedulerCopy to Clipboard Copied! Toggle word wrap Toggle overflow - Set up the shell to access keystone as the administrative user:
source ~/keystonerc_admin
# source ~/keystonerc_adminCopy to Clipboard Copied! Toggle word wrap Toggle overflow - The router is scheduled once connected to a network. Unschedule the router:
[(keystone_admin)]# neutron l3-agent-router-remove L3_NODE_ID ROUTER_ID
[(keystone_admin)]# neutron l3-agent-router-remove L3_NODE_ID ROUTER_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace L3_NODE_ID with the unique identifier of the agent on which the router is currently hosted, and replace ROUTER_ID with the unique identifier of the router. - Assign the router:
[(keystone_admin)]# neutron l3-agent-router-add L3_NODE_ID ROUTER_ID
[(keystone_admin)]# neutron l3-agent-router-add L3_NODE_ID ROUTER_IDCopy to Clipboard Copied! Toggle word wrap Toggle overflow Replace L3_NODE_ID with the unique identifier of the agent on which the router is to be assigned, and replace ROUTER_ID with the unique identifier of the router.
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}