@[TOC](openstack self network使用(小节14))
controller2
参考文件:'neutron.conf' 注意这个文件一定要有颜色区分,否则后期会出问题
[root@controller2 ~]# vim /etc/neutron/neutron.conf
[DEFAULT]
service_plugins = router <--修改此项
allow_overlapping_ips = true <--允许网络叠加
启用vxlan、参考文件:'ml2_conf.ini'
[root@controller2 ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan,vxlan <--添加'vxlan'
tenant_network_types = vxlan <--
mechanism_drivers = linuxbridge,l2population <--
[ml2_type_vxlan]
vni_ranges = 1:10000
参考文件:'linuxbridge_agent.ini'
[root@controller2 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[vxlan]
enable_vxlan = true
local_ip = 192.168.37.102 <--外网地址
l2_population = true
[securitygroup]
enable_security_group = false
参考文件:'l3_agent.ini'
[root@controller2 ~]# vim /etc/neutron/l3_agent.ini
[DEFAULT]
interface_driver = linuxbridge <--
重启服务
[root@controller2 ~]# systemctl restart openstack-nova-api.service
启动服务并设置为开机启动
[root@controller2 ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller2 ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller2 ~]# systemctl start neutron-l3-agent.service
[root@controller2 ~]# systemctl enable neutron-l3-agent.service
重启服务器
[root@controller2 ~]# reboot
node1和node2
安装包
[root@node1 ~]# yum install -y openstack-neutron-linuxbridge ebtables ipset
节点:参考文件'linuxbridge_agent.ini'
[root@node1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[vxlan]
enable_vxlan = true
local_ip = 192.168.37.103 <--改成自己IP地址
l2_population = true
[securitygroup]
enable_security_group = false <--关闭
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
重启节点服务器
[root@node1 ~]# reboot
controller2
导入变量'admin变量'
[root@controller2 ~]# source scripts/admin_stein.sh
验证:是否有'L3'
[root@controller2 ~]# openstack network agent list
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
| 05db94e9-e31c-490f-b325-1a0863b45db6 | DHCP agent | controller1 | nova | :-) | UP | neutron-dhcp-agent |
| 21688e80-5017-4690-a601-9cf1c3412f5b | L3 agent | controller2 | nova | :-) | UP | neutron-l3-agent | <--
| 2982e4fd-5d5e-4845-813b-7fef0e60749d | Linux bridge agent | controller2 | None | :-) | UP | neutron-linuxbridge-agent |
| 2e5da0fa-1913-45e8-b91a-0b4b5c7d7f1e | DHCP agent | controller2 | nova | :-) | UP | neutron-dhcp-agent |
| 40534044-59b1-481f-b40a-83f6b50ad873 | Linux bridge agent | node1 | None | :-) | UP | neutron-linuxbridge-agent |
| 4065d193-9361-4753-9cc1-41a7bbc73555 | Linux bridge agent | node130 | None | XXX | UP | neutron-linuxbridge-agent |
| 48ce5abe-e6d1-4ae0-bac8-1ba29f6964e2 | Metadata agent | controller1 | None | :-) | UP | neutron-metadata-agent |
| 7275d501-018f-400a-a3a9-d90bad789afd | Linux bridge agent | controller1 | None | :-) | UP | neutron-linuxbridge-agent |
| d66a07b1-b573-4d5b-89e8-8e3557486107 | Metadata agent | controller2 | None | :-) | UP | neutron-metadata-agent |
| f3329100-cbee-46b4-9f51-445b8dd783c6 | Linux bridge agent | node2 | None | :-) | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+-------------+-------------------+-------+-------+---------------------------+
创建admin用户网络
[root@controller2 ~]# openstack network create admin-net
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-10-22T18:10:29Z |
| description | |
| dns_domain | None |
| id | 7d656dad-2afa-4fc8-9949-fdb2c55fddf4 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'admin', 'id': u'7a42de14ea7d4bcf80f60e19e1bc2de4'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| mtu | 1450 |
| name | admin-net |
| port_security_enabled | True |
| project_id | 7a42de14ea7d4bcf80f60e19e1bc2de4 |
| provider:network_type | vxlan |
| provider:physical_network | None |
| provider:segmentation_id | 1 |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-10-22T18:10:30Z |
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
创建子网
[root@controller2 ~]# openstack subnet create --network admin-net --dns-nameserver 223.5.5.5 --gateway 10.20.0.254 --subnet-range 10.20.0.0/24 admin-sube
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| allocation_pools | 10.20.0.1-10.20.0.253 |
| cidr | 10.20.0.0/24 |
| created_at | 2022-10-22T18:17:03Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 10.20.0.254 |
| host_routes | |
| id | 3139a02b-4966-4538-b010-488ac544813e |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'admin', 'id': u'7a42de14ea7d4bcf80f60e19e1bc2de4'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | admin-sube |
| network_id | 7d656dad-2afa-4fc8-9949-fdb2c55fddf4 |
| prefix_length | None |
| project_id | 7a42de14ea7d4bcf80f60e19e1bc2de4 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-10-22T18:17:03Z |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
创建路由
[root@controller2 ~]# openstack router create admin-router
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-10-22T18:18:13Z |
| description | |
| distributed | False |
| external_gateway_info | None |
| flavor_id | None |
| ha | False |
| id | bfa96a42-1498-41bf-8cf4-5dcfae7fd7c5 |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'admin', 'id': u'7a42de14ea7d4bcf80f60e19e1bc2de4'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | admin-router |
| project_id | 7a42de14ea7d4bcf80f60e19e1bc2de4 |
| revision_number | 1 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2022-10-22T18:18:13Z |
+-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
将子网关联到路由
[root@controller2 ~]# neutron router-interface-add admin-router admin-sube
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Added interface 5ad89982-12f5-44e1-8bc3-6ca5cda29577 to router admin-router.
将路由关联到外网(外网名称可用'openstack network list'查看)
[root@controller2 ~]# openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| 1b280d8a-006d-4bd3-9d4b-6ccceb4f3f8d | external-net | 5d5ea056-9ceb-4d36-8e95-0febe09c127e |
| 7d656dad-2afa-4fc8-9949-fdb2c55fddf4 | admin-net | 3139a02b-4966-4538-b010-488ac544813e |
| a42a6ec2-9959-4b1c-a80e-b9c03dd7a301 | internal-net | e4fdcfa5-a48f-4d2e-b86d-7312af712bab |
+--------------------------------------+--------------+--------------------------------------+
[root@controller2 ~]# neutron router-gateway-set admin-router external-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Set gateway for router admin-router
打开一个新的窗口导入'demo'变量
[root@controller2 ~]# source scripts/demo_stein.sh
创建demo用户网络
[root@controller2 ~]# openstack network create demo-net
+---------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+---------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-10-22T18:40:56Z |
| description | |
| dns_domain | None |
| id | 00237978-18b7-40e2-a571-37f579cd023a |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'demo', 'id': u'3eeeee82ef594949974e0b461b0146d8'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| mtu | 1450 |
| name | demo-net |
| port_security_enabled | True |
| project_id | 3eeeee82ef594949974e0b461b0146d8 |
| provider:network_type | None |
| provider:physical_network | None |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-10-22T18:40:56Z |
+---------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
创建demo子网
[root@controller2 ~]# openstack subnet create --network demo-net --dns-nameserver 223.5.5.5 --gateway 10.20.0.254 --subnet-range 10.20.0.0/24 demo-sube
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| allocation_pools | 10.20.0.1-10.20.0.253 |
| cidr | 10.20.0.0/24 |
| created_at | 2022-10-22T18:43:56Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 10.20.0.254 |
| host_routes | |
| id | d7c37882-2dc8-4234-8dd1-f3d67e407c8a |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'demo', 'id': u'3eeeee82ef594949974e0b461b0146d8'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | demo-sube |
| network_id | 00237978-18b7-40e2-a571-37f579cd023a |
| prefix_length | None |
| project_id | 3eeeee82ef594949974e0b461b0146d8 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-10-22T18:43:56Z |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
创建dome路由
[root@controller2 ~]# openstack router create demo-router
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-10-22T18:46:16Z |
| description | |
| external_gateway_info | None |
| flavor_id | None |
| id | 0f6ef108-74c5-4d3c-aa5b-ca877a0e9c56 |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'demo', 'id': u'3eeeee82ef594949974e0b461b0146d8'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | demo-router |
| project_id | 3eeeee82ef594949974e0b461b0146d8 |
| revision_number | 1 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2022-10-22T18:46:16Z |
+-------------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
将子网关联到路由
[root@controller2 ~]# neutron router-interface-add demo-router demo-sube
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Added interface a82c05b7-e8e6-4902-8459-164e17c0e4ee to router demo-router.
将路由关联到外网
[root@controller2 ~]# neutron router-gateway-set demo-router external-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Set gateway for router demo-router
配置第三层网络
[root@controller2 ~]# vim /etc/openstack-dashboard/local_settings
#全部改成'True'
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': True,
'enable_quotas': True,
'enable_ipv6': True,
'enable_distributed_router': True,
'enable_ha_router': True,
'enable_fip_topology_check': True,
重启httpd服务
[root@controller2 ~]# systemctl restart httpd
此时可用看到路由
创建虚拟机
创建浮动IP
关联
此时能否ping通、但是不能ssh(远程连接)
[root@controller2 ~]# ping 192.168.37.202 -c 2
PING 192.168.37.202 (192.168.37.202) 56(84) bytes of data.
64 bytes from 192.168.37.202: icmp_seq=1 ttl=63 time=1.12 ms
64 bytes from 192.168.37.202: icmp_seq=2 ttl=63 time=0.659 ms
--- 192.168.37.202 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1000ms
rtt min/avg/max/mdev = 0.659/0.889/1.120/0.232 ms
配置此步后可SSH(远程连接)
[root@controller2 ~]# ssh 192.168.37.202
root@192.168.37.202's password: <--输入对方密码:123456
Last login: Tue Oct 25 18:38:43 2022
#查看IP地址
[root@self-vm-1 ~]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.20.0.180 netmask 255.255.255.0 broadcast 10.20.0.255
inet6 fe80::f816:3eff:fe5c:1893 prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:5c:18:93 txqueuelen 1000 (Ethernet)
RX packets 348 bytes 41629 (40.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 373 bytes 37118 (36.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 6 bytes 416 (416.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 6 bytes 416 (416.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
#ping外网
[root@self-vm-1 ~]# ping jd.com -c 2
PING jd.com (211.144.27.126) 56(84) bytes of data.
64 bytes from 211.144.27.126: icmp_seq=1 ttl=127 time=6.79 ms
64 bytes from 211.144.27.126: icmp_seq=2 ttl=127 time=5.73 ms
--- jd.com ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 5.731/6.264/6.797/0.533 ms
切换到demo用户登录,创建2个虚拟机
如果IP地址满了?如何添加?
切换到admin用户登录
添加不同的网络
添加接口
在创建两个虚拟机测试一下
创建新的网络
新网络创建完成
新建虚拟机测试1
创建完成已有IP地址
测试能否通信
#不通
[root@self-vm-1 ~]# ping 10.20.2.124 -c 2
PING 10.20.2.124 (10.20.2.124) 56(84) bytes of data.
--- 10.20.2.124 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1000ms
绑定一下
再次测试能否通信
#通信成功
[root@self-vm-1 ~]# ping 10.20.2.124 -c 2
PING 10.20.2.124 (10.20.2.124) 56(84) bytes of data.
64 bytes from 10.20.2.124: icmp_seq=1 ttl=63 time=2.59 ms
64 bytes from 10.20.2.124: icmp_seq=2 ttl=63 time=0.781 ms
--- 10.20.2.124 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.781/1.689/2.598/0.909 ms
‘test3’分配浮动IP
分配IP
关联
关联完成
