本文介紹在ubuntu 16.04下單點安裝Mitaka Neutron的過程,有兩種網絡安裝模式,選了第一種簡單的安裝。
步驟1:root身份進入mysql後,建立neutron資料庫 CREATE DATABASE neutron;
步驟2:建立資料庫的neutron使用者并授權,之後退出mysql
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
步驟3:運作腳本. admin-openrc以保證接下來以admin身份運作指令
步驟4:建立openstack的neutron使用者 openstack user create --domain default --password-prompt neutron
步驟5:對neutron使用者授予service project中資源的admin權限 openstack role add --project service --user neutron admin
步驟6:建立network服務 openstack service create --name neutron --description "OpenStack Networking" network
步驟7:國際慣例,為network服務建立三個API URL,這三個URL僅類型不同
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
步驟8:接下來就面臨了一個選擇,選擇network服務的部署架構,本文采用選擇1
選擇1:簡單架構,直接将執行個體與外部網絡連接配接,沒有私有網絡、路由器或者浮動IP。
隻有admin權限使用者可以管理網絡設定。
選擇2:支援建構私有網絡,并允許非admin使用者通過路由連接配接私網與外網。
步驟9:安裝元件
apt-get install neutron-server neutron-plugin-ml2 \
neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
步驟10:編輯檔案 /etc/neutron/neutron.conf
[database] 添加:
connection = mysql+pymysql://neutron:[email protected]/neutron
#注意NEUTRON_DBPASS替換成你設定的密碼
[DEFAULT] 添加:
rpc_backend = rabbit
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[oslo_messaging_rabbit]添加:
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS #注意RABBIT_PASS替換成你設定的密碼
[keystone_authtoken]添加:
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS #注意NEUTRON_PASS替換成你設定的密碼
[nova]添加:
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS #注意NOVA_PASS替換成你設定的密碼
步驟11:編輯檔案/etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]添加或修改:
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]添加或修改:
flat_networks = provider
[securitygroup]添加或修改:
enable_ipset = True
步驟12:編輯檔案/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]添加或修改:
physical_interface_mappings = provider:enp4s0 #enp4s0是你第二個網卡的名稱
[vxlan]添加或修改:
enable_vxlan = False
[securitygroup]添加或修改:
enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
步驟13:編輯檔案/etc/neutron/dhcp_agent.ini
[DEFAULT]添加或修改:
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
步驟14:編輯檔案/etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET #此處設定一個密碼
步驟15:編輯檔案/etc/nova/nova.conf
[neutron]添加或修改:
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS #注意NEUTRON_PASS替換成你設定的密碼
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET #注意METADATA_SECRET替換成你設定的密碼
步驟16:同步資料庫
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
步驟17:一些服務的重新開機
service nova-api restart
service neutron-server restart
service neutron-linuxbridge-agent restart
service neutron-dhcp-agent restart
service neutron-metadata-agent restart
service nova-compute restart
步驟18:驗證 neutron ext-list(確定此時為admin使用者身份運作此指令)
步驟19:驗證(確定此時為admin使用者身份運作次指令) neutron agent-list
如圖,zopen是controller所在機器的hostname。此時有3個agent處于UP狀态。