Différences

Ci-dessous, les différences entre deux révisions de la page.

--- openstack:newton:controller [2016/10/09 15:23] – [Création de l'utilisateur et service Neutron dans OpenStack] madko
+++ openstack:newton:controller [2016/10/14 06:37] (Version actuelle) – [Configuration de HEAT] madko
@@ Ligne 357: / Ligne 357: @@
 [mks]
 [neutron]
+url = http://controller.internal:9696
+auth_url = http://controller.internal:35357
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+region_name = RegionOne
+project_name = service
+username = neutron
+password = neutron
+service_metadata_proxy = True
+metadata_proxy_shared_secret = METADATA_SECRET
 [osapi_v21]
 [oslo_concurrency]
@@ Ligne 401: / Ligne 412: @@
 systemctl start openstack-nova-api openstack-nova-consoleauth openstack-nova-scheduler openstack-nova-conductor openstack-nova-novncproxy
 </code>
 ===== Service de gestion des réseaux Neutron =====
@@ Ligne 448: / Ligne 461: @@
 Fichier de configuration /etc/neutron/neutron.conf :
+<file>
+[DEFAULT]
+auth_strategy = keystone
+core_plugin = ml2
+service_plugins = router
+allow_overlapping_ips = True
+notify_nova_on_port_status_changes = true
+notify_nova_on_port_data_changes = true
+rpc_backend = rabbit
+[agent]
+[cors]
+[cors.subdomain]
+[database]
+connection = mysql+pymysql://neutron:NEUTRON_DBPASS@bdd/neutron
+[keystone_authtoken]
+auth_uri = http://controller.internal:5000
+auth_url = http://controller.internal:35357
+memcached_servers = controller.internal:11211
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = neutron
+password = neutron
+[matchmaker_redis]
+[nova]
+auth_url = http://controller.internal:35357
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+region_name = RegionOne
+project_name = service
+username = nova
+password = nova
+[oslo_concurrency]
+lock_path = /var/lib/neutron/tmp
+[oslo_messaging_amqp]
+[oslo_messaging_notifications]
+[oslo_messaging_rabbit]
+rabbit_host = bdd
+rabbit_userid = openstack
+rabbit_password = RABBIT_PASS
+[oslo_messaging_zmq]
+[oslo_policy]
+[qos]
+[quotas]
+[ssl]
+</file>
-===== Dashboard Horizon =====
+Configuration du plugin ML2 dans /etc/neutron/plugins/ml2/ml2_conf.ini :
+<file>
+[DEFAULT]
+[ml2]
+type_drivers = flat,vlan,gre,vxlan,geneve
+tenant_network_types = vlan,gre,vxlan,geneve
+mechanism_drivers = openvswitch,l2population
+extension_drivers = port_security
+[ml2_type_flat]
+flat_networks = external
+[ml2_type_geneve]
+vni_ranges = 5000:7000
+[ml2_type_gre]
+tunnel_id_ranges = 100:999
+[ml2_type_vlan]
+network_vlan_ranges = external,vlan:3000:3999
+[ml2_type_vxlan]
+vni_ranges = 1000:2000
+[securitygroup]
+firewall_driver = iptables_hybrid
+</file>
+Pour utiliser le plugin ML2 :
+<code>
+ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
+</code>
+Initialiser la base Neutron :
+<code>
+su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
+</code>
+Pour activer et démarrer les services Neutron :
+<code>
+systemctl enable neutron-server
+systemctl start neutron-server
+</code>
+La suite se passe sur le [[:openstack:newton:network|network node]].
+Les [[:openstack:newton:compute|compute nodes]] sont aussi à configurer pour utiliser Neutron.
+===== Dashboard Horizon =====
 ==== Installation du dashboard ====
@@ Ligne 459: / Ligne 566: @@
 yum install openstack-dashboard
 </code>
 ==== Configuration du dashboard ====
@@ Ligne 464: / Ligne 573: @@
 <file>
+# -*- coding: utf-8 -*-
 import os
 from django.utils.translation import ugettext_lazy as _
@@ Ligne 765: / Ligne 876: @@
 <code>
 systemctl restart httpd
+</code>
+===== Service d'orchestration HEAT =====
+==== Création de la base SQL pour HEAT ====
+Se connecter au serveur SQL :
+<code>
+CREATE DATABASE heat;
+GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'localhost' IDENTIFIED BY 'HEAT_DBPASS';
+GRANT ALL PRIVILEGES ON heat.* TO 'heat'@'%' IDENTIFIED BY 'HEAT_DBPASS';
+</code>
+==== Création des utilisateus et services HEAT dans OpenStack ====
+Sur le serveur d'administration :
+<code>
+sourceadmin-openrc
+</code>
+Puis :
+<code>
+openstack user create --domain default --password-prompt heat
+openstack role add --project service --user heat admin
+openstack service create --name heat --description "Orchestration" orchestration
+openstack service create --name heat-cfn --description "Orchestration"  cloudformation
+</code>
+Création des endpoints pour l'API HEAT :
+<code>
+openstack endpoint create --region RegionOne orchestration public http://controller.public:8004/v1/%\(tenant_id\)s
+openstack endpoint create --region RegionOne orchestration internal http://controller.internal:8004/v1/%\(tenant_id\)s
+openstack endpoint create --region RegionOne orchestration admin http://controller.admin:8004/v1/%\(tenant_id\)s
+openstack endpoint create --region RegionOne cloudformation public http://controller.public:8000/v1
+openstack endpoint create --region RegionOne cloudformation internal http://controller.internal:8000/v1
+openstack endpoint create --region RegionOne cloudformation admin http://controller.admin:8000/v1
+</code>
+Création d'un domaine qui contiendra les "stacks" :
+<code>
+openstack domain create --description "Stack projects and users" heat
+openstack user create --domain heat --password heat_domain_admin heat_domain_admin
+openstack role add --domain heat --user-domain heat --user heat_domain_admin admin
+openstack role create heat_stack_owner
+openstack role create heat_stack_user
+</code>
+Pour autoriser l'utilisateur "demo" à gérer des stacks :
+<code>
+openstack role add --project demo --user demo heat_stack_owner
+</code>
+==== Installation de HEAT ====
+Installer les paquets suivants :
+<code>
+yum install openstack-heat-api openstack-heat-api-cfn openstack-heat-engine
+</code>
+==== Configuration de HEAT ====
+Fichier /etc/heat/heat.conf :
+<file>
+[DEFAULT]
+heat_metadata_server_url = http://controller.internal:8000
+heat_waitcondition_server_url = http://controller.internal:8000/v1/waitcondition
+stack_domain_admin = heat_domain_admin
+stack_domain_admin_password = heat_domain_admin
+stack_user_domain_name = heat
+rpc_backend = rabbit
+[auth_password]
+[clients]
+[clients_aodh]
+[clients_barbican]
+[clients_ceilometer]
+[clients_cinder]
+[clients_designate]
+[clients_glance]
+[clients_heat]
+[clients_keystone]
+auth_uri = http://controller.internal:35357
+[clients_magnum]
+[clients_manila]
+[clients_mistral]
+[clients_monasca]
+[clients_neutron]
+[clients_nova]
+[clients_sahara]
+[clients_senlin]
+[clients_swift]
+[clients_trove]
+[clients_zaqar]
+[cors]
+[cors.subdomain]
+[database]
+connection = mysql+pymysql://heat:HEAT_DBPASS@bdd/heat
+[ec2authtoken]
+auth_uri = http://controller.internal:5000
+[eventlet_opts]
+[heat_api]
+[heat_api_cfn]
+[heat_api_cloudwatch]
+[keystone_authtoken]
+auth_uri = http://controller.internal:5000
+auth_url = http://controller.internal:35357
+memcached_servers = controller.internal:11211
+auth_type = password
+project_domain_name = default
+user_domain_name = default
+project_name = service
+username = heat
+password = heat
+[matchmaker_redis]
+[oslo_messaging_amqp]
+[oslo_messaging_notifications]
+[oslo_messaging_rabbit]
+rabbit_host = bdd
+rabbit_userid = openstack
+rabbit_password = RABBIT_PASS
+[oslo_messaging_zmq]
+[oslo_middleware]
+[oslo_policy]
+[paste_deploy]
+[profiler]
+[revision]
+[ssl]
+[trustee]
+auth_type = password
+auth_url = http://controller.internal:35357
+username = heat
+password = heat
+user_domain_name = default
+[volumes]
+</file>
+Initialisation de la base HEAT :
+<code>
+su -s /bin/sh -c "heat-manage db_sync" heat
+</code>
+Pour activer et démarrer les services en rapports avec HEAT :
+<code>systemctl enable openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
+systemctl start openstack-heat-api.service openstack-heat-api-cfn.service openstack-heat-engine.service
 </code>