本文介绍在ubuntu 16.04下单点安装Mitaka Neutron的过程,有两种网络安装模式,选了第一种简单的安装。
步骤1:root身份进入mysql后,创建neutron数据库 CREATE DATABASE neutron;
步骤2:创建数据库的neutron用户并授权,之后退出mysql
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY 'NEUTRON_DBPASS';
GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'NEUTRON_DBPASS';
步骤3:运行脚本. admin-openrc以保证接下来以admin身份运行命令
步骤4:创建openstack的neutron用户 openstack user create --domain default --password-prompt neutron
步骤5:对neutron用户授予service project中资源的admin权限 openstack role add --project service --user neutron admin
步骤6:创建network服务 openstack service create --name neutron --description "OpenStack Networking" network
步骤7:国际惯例,为network服务创建三个API URL,这三个URL仅类型不同
openstack endpoint create --region RegionOne network public http://controller:9696
openstack endpoint create --region RegionOne network internal http://controller:9696
openstack endpoint create --region RegionOne network admin http://controller:9696
步骤8:接下来就面临了一个选择,选择network服务的部署架构,本文采用选择1
选择1:简单架构,直接将实例与外部网络连接,没有私有网络、路由器或者浮动IP。
只有admin权限用户可以管理网络设置。
选择2:支持构建私有网络,并允许非admin用户通过路由连接私网与外网。
步骤9:安装组件
apt-get install neutron-server neutron-plugin-ml2 \
neutron-linuxbridge-agent neutron-dhcp-agent neutron-metadata-agent
步骤10:编辑文件 /etc/neutron/neutron.conf
[database] 添加:
connection = mysql+pymysql://neutron:[email protected]/neutron
#注意NEUTRON_DBPASS替换成你设置的密码
[DEFAULT] 添加:
rpc_backend = rabbit
auth_strategy = keystone
notify_nova_on_port_status_changes = True
notify_nova_on_port_data_changes = True
[oslo_messaging_rabbit]添加:
rabbit_host = controller
rabbit_userid = openstack
rabbit_password = RABBIT_PASS #注意RABBIT_PASS替换成你设置的密码
[keystone_authtoken]添加:
auth_uri = http://controller:5000
auth_url = http://controller:35357
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS #注意NEUTRON_PASS替换成你设置的密码
[nova]添加:
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS #注意NOVA_PASS替换成你设置的密码
步骤11:编辑文件/etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]添加或修改:
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]添加或修改:
flat_networks = provider
[securitygroup]添加或修改:
enable_ipset = True
步骤12:编辑文件/etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]添加或修改:
physical_interface_mappings = provider:enp4s0 #enp4s0是你第二个网卡的名称
[vxlan]添加或修改:
enable_vxlan = False
[securitygroup]添加或修改:
enable_security_group = Truefirewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
步骤13:编辑文件/etc/neutron/dhcp_agent.ini
[DEFAULT]添加或修改:
interface_driver = neutron.agent.linux.interface.BridgeInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
步骤14:编辑文件/etc/neutron/metadata_agent.ini
[DEFAULT]
nova_metadata_ip = controller
metadata_proxy_shared_secret = METADATA_SECRET #此处设置一个密码
步骤15:编辑文件/etc/nova/nova.conf
[neutron]添加或修改:
url = http://controller:9696
auth_url = http://controller:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS #注意NEUTRON_PASS替换成你设置的密码
service_metadata_proxy = True
metadata_proxy_shared_secret = METADATA_SECRET #注意METADATA_SECRET替换成你设置的密码
步骤16:同步数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
步骤17:一些服务的重启
service nova-api restart
service neutron-server restart
service neutron-linuxbridge-agent restart
service neutron-dhcp-agent restart
service neutron-metadata-agent restart
service nova-compute restart
步骤18:验证 neutron ext-list(确保此时为admin用户身份运行此命令)
步骤19:验证(确保此时为admin用户身份运行次命令) neutron agent-list
如图,zopen是controller所在机器的hostname。此时有3个agent处于UP状态。