溫馨提示×

您好,登錄后才能下訂單哦!

密碼登錄×
登錄注冊(cè)×
其他方式登錄
點(diǎn)擊 登錄注冊(cè) 即表示同意《億速云用戶(hù)服務(wù)條款》

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

發(fā)布時(shí)間:2020-07-18 16:29:24 來(lái)源:網(wǎng)絡(luò) 閱讀:2107 作者:loong576 欄目:云計(jì)算

架構(gòu)圖:

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

環(huán)境:

openstack版本pike
控制節(jié)點(diǎn)主機(jī)openstack-controller(ubuntu 16.04.5) 172.27.34.37/137 esn160、ens192、ens224
計(jì)算節(jié)點(diǎn)主機(jī)openstack-computer(ubuntu 16.04.5) 172.27.34.38/138 esn160、ens192
vxlan100
centos01(172.27.100.5, floating ip172.27.34.11)
vxlan101
centos02(172.27.101.22,floating ip172.27.34.12)


ubuntu安裝詳見(jiàn):Ubuntu16.04.5以lvm方式安裝全記錄

openstack安裝詳見(jiàn):OpenStack實(shí)踐(一):Ubuntu16.04下DevStack方式搭建p版OpenStack


本文測(cè)試內(nèi)容有:

  1. 實(shí)例centos01和centos02之間能互通;

  2. 實(shí)例centos01和centos02可訪(fǎng)問(wèn)外網(wǎng);

  3. floating ip配置,為instance分配浮動(dòng)ip,外網(wǎng)可直接訪(fǎng)問(wèn)實(shí)例;


內(nèi)網(wǎng)配置

內(nèi)網(wǎng)采用vxlan,配置如下:

stack@openstack-controller:~$ source devstack/openrc admin admin
stack@openstack-controller:~$ view /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
tenant_network_types = vxlan
extension_drivers = port_security
mechanism_drivers = openvswitch,l2population
type_drivers = local,flat,vlan,gre,vxlan,geneve

[agent]
tunnel_types = vxlan
l2_population = True

[ovs]
datapath_type = system
bridge_mappings =
tunnel_bridge = br-tun
local_ip = 172.27.34.137

計(jì)算節(jié)點(diǎn)local_ip=172.27.34.138,其它相同。


重啟后生效

stack@openstack-controller:~$ sudo systemctl restart devstack@q*


VXLAN創(chuàng)建

創(chuàng)建vxlan100和vxlan101

圖形化方式

創(chuàng)建vlan100

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

網(wǎng)絡(luò)名稱(chēng)為vxlan100,段id為100

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

子網(wǎng)為172.27.100.0/24

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

激活DHCP

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

創(chuàng)建完成

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


命令方式

創(chuàng)建網(wǎng)絡(luò)vxlan101

stack@openstack-controller:~$ openstack network create  --provider-network-type vxlan --provider-segment 101 --project admin vxlan101

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建子網(wǎng)subnet172.27.101.0

stack@openstack-controller:~$ openstack subnet create --network vxlan101 --subnet-range 172.27.101.0/24 --gateway 172.27.101.1 subnet172.27.101.0

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


外網(wǎng)配置

外網(wǎng)采用flat,配置如下

在控制節(jié)點(diǎn)執(zhí)行

stack@openstack-controller:~$ view /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_type_flat]
flat_networks = externaltt

[ovs]
bridge_mappings = externaltt:br-ens224


創(chuàng)建網(wǎng)橋br-ens224并將物理網(wǎng)卡ens224橋接在br-ens224上

stack@openstack-controller:~$ sudo ovs-vsctl add-br br-ens224
stack@openstack-controller:~$ sudo ovs-vsctl add-port br-ens224 ens224


重啟網(wǎng)絡(luò)服務(wù)

stack@openstack-controller:~$ sudo systemctl restart devstack@q*


創(chuàng)建外網(wǎng)ext_net_flat

stack@openstack-controller:~$ openstack network create --provider-network-type flat --provider-physical-network externaltt  --project admin --external ext_net_flat

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建子網(wǎng)subnet172.27.34.0

stack@openstack-controller:~$ openstack subnet create --network ext_net_flat --subnet-range 172.27.34.0/24 --gateway 172.27.34.1 --no-dhcp subnet172.27.34.0

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


查看創(chuàng)建的網(wǎng)絡(luò)

stack@openstack-controller:~$ openstack network list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建路由

創(chuàng)建路由router_100_101

stack@openstack-controller:~$ openstack router create --project admin router_100_101

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


將路由器連接到外部網(wǎng)絡(luò)

stack@openstack-controller:~$ openstack router set router_100_101 --external-gateway ext_net_flat


將路由器連接到子網(wǎng)

stack@openstack-controller:~$ openstack router add subnet router_100_101 subnet172.27.101.0
stack@openstack-controller:~$ openstack router add subnet router_100_101 subnet172.27.100.0


查看路由信息

stack@openstack-controller:~$ openstack router list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建實(shí)例

制作鏡像

上傳介質(zhì)CentOS-7-x86_64-GenericCloud-1809.qcow2c至/tmp目錄,下載地址:http://cloud.centos.org/centos/7/images/


生成鏡像centos7

stack@openstack-controller:/tmp$ openstack image create centos7   --file CentOS-7-x86_64-GenericCloud-1809.qcow2c  --disk-format qcow2 --container-format bare   --public

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


新建密鑰對(duì)

新建密鑰對(duì)centos7

stack@openstack-controller:~$ mkdir keys
stack@openstack-controller:~$ cd keys
stack@openstack-controller:~/keys$ openstack keypair create centos7 > centos7.pem
stack@openstack-controller:~/keys$ chmod 600 centos7.pem 
stack@openstack-controller:~/keys$ ll
total 12
drwxrwxr-x  2 stack stack 4096 Jan 24 10:53 ./
drwxr-xr-x 27 stack stack 4096 Jan 24 10:52 ../
-rw-------  1 stack stack 1680 Jan 24 10:53 centos7.pem

查看密鑰對(duì)

stack@openstack-controller:~$ nova keypair-list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建安全組

創(chuàng)建安全組centos7

stack@openstack-controller:~$ openstack security group create centos7

新增規(guī)則允許ping和ssh

stack@openstack-controller:~$ openstack security group rule create  --protocol icmp   centos7
stack@openstack-controller:~$ openstack security group rule create --protocol TCP --dst-port 22 centos7

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


查看安全組和規(guī)則

stack@openstack-controller:~$ openstack security group list
stack@openstack-controller:~$ openstack security group rule list centos7

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建實(shí)例

創(chuàng)建實(shí)例centos01

stack@openstack-controller:~$ nova boot --flavor m1.small --image centos7  --availability-zone nova:openstack-controller --nic net-name=vxlan100 --key-name centos7 --security-groups centos7 centos01

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

flavor選擇m1.small,計(jì)算節(jié)點(diǎn)選擇openstack-controller,網(wǎng)絡(luò)選擇vxlan100。


創(chuàng)建實(shí)例centos02

stack@openstack-controller:~$ nova boot --flavor m1.small --image centos7  --availability-zone nova:openstack-controller --nic net-name=vxlan101 --key-name centos7 --security-groups centos7 centos02

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

flavor選擇m1.small,計(jì)算節(jié)點(diǎn)選擇openstack-controller,網(wǎng)絡(luò)選擇vxlan101。


查看創(chuàng)建的實(shí)例

stack@openstack-controller:~$ nova list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


創(chuàng)建浮動(dòng)ip

創(chuàng)建floating IP

創(chuàng)建floating IP 172.27.34.11/12

stack@openstack-controller:~$ openstack floating ip create --project admin --floating-ip-address 172.27.34.11 ext_net_flat
stack@openstack-controller:~$ openstack floating ip create --project admin --floating-ip-address 172.27.34.12 ext_net_flat
stack@openstack-controller:~$ openstack floating ip list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


浮動(dòng)ip關(guān)聯(lián)實(shí)例

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

關(guān)聯(lián)的命令執(zhí)行方式為

stack@openstack-controller:~$ nova  floating-ip-associate centos01 172.27.34.11 
stack@openstack-controller:~$ nova  floating-ip-associate centos02 172.27.34.12


查看實(shí)例浮動(dòng)ip

stack@openstack-controller:~$ nova list

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


測(cè)試

登陸實(shí)例

登陸實(shí)例centos01

stack@openstack-controller:~/keys$ ssh -i centos7.pem centos@172.27.34.11

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


ping外網(wǎng)

[centos@centos01 ~]$ ping www.baidu.com

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


ping centos02

[centos@centos01 ~]$ ping 172.27.101.22

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


架構(gòu)圖分析

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


端口查看

vxlan100

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


vxlan101

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


查看網(wǎng)橋

root@openstack-controller:~# ovs-vsctl show

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


root@openstack-controller:~# brctl show

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP


patch port查看

br-int與br-tun的patch port

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

br-int與br-tun通過(guò)patch port"patch-tun"和"br-tun"連接


br-int與br-ens224的patch port

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

OpenStack實(shí)踐(九):Open vSwitch方式實(shí)現(xiàn)floating IP

br-int與br-ens224這兩個(gè)網(wǎng)橋通過(guò)int-br-ens224和phy-br-ens224連接在一起了。


Linux Bridge方式詳見(jiàn):OpenStack實(shí)踐(四):Linux Bridge方式實(shí)現(xiàn)floating IP


參考文章:

https://docs.openstack.org/zh_CN/user-guide/index.html


向AI問(wèn)一下細(xì)節(jié)

免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長(zhǎng)郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。

AI