OpenStack学习笔记之六：Neutron网络操作

Neutron操作

1 网络创建

1.1 Flat

flat：扁平网络，和VLAN相比，没有VLAN tag，类似于用hub将所有的设备连接，没有逻辑隔离

1. 宿主机中添加一张物理网卡

2. 修改网卡配置，创建OVS交换机

所有的宿主机都需要添加相同的OVS

[root@openstack ~]# cd /etc/sysconfig/network-scripts/
[root@openstack network-scripts]# cp ifcfg-eno16777736 ifcfg-eno33554984		# 后面添加的网卡没有配置文件，因此需要手工创建
[root@openstack network-scripts]# vim ifcfg-eno33554984 
[root@openstack network-scripts]# sed -i 's/eno16777736/eno33554984/' ifcfg-eno33554984 
[root@openstack network-scripts]# cp ifcfg-eno33554984 ifcfg-br-eth1
[root@openstack network-scripts]# vim ifcfg-br-eth1

TYPE=OVSBridge
BOOTPROTO=none
NAME=br-eth1
DEVICE=br-eth1
DEVICETYPE=ovs
ONBOOT=yes

[root@openstack network-scripts]# vim ifcfg-eno33554984 

TYPE=OVSPort
BOOTPROTO=none
NAME=eno33554984
DEVICE=eno33554984
ONBOOT=yes
DEVICETYPE=ovs
OVS_BRIDGE=br-eth1

[root@openstack network-scripts]# systemctl restart network

[root@openstack ~]# ovs-vsctl show
89650532-c547-457e-840d-1303c92c6234
    Bridge br-int
        fail_mode: secure
        Port "tap06121dd5-fa"
            tag: 1
            Interface "tap06121dd5-fa"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port "qr-e7edab5f-c4"
            tag: 1
            Interface "qr-e7edab5f-c4"
                type: internal
        Port br-int
            Interface br-int
                type: internal
        Port "qvo6be31818-36"
            tag: 1
            Interface "qvo6be31818-36"
    Bridge br-tun
        fail_mode: secure
        Port br-tun
            Interface br-tun
                type: internal
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
    Bridge "br-eth1"
        Port "br-eth1"
            Interface "br-eth1"
                type: internal
        Port "eno33554984"
            Interface "eno33554984"
    Bridge br-ex
        Port br-ex
            Interface br-ex
                type: internal
        Port "eno16777736"
            Interface "eno16777736"
    ovs_version: "2.1.3"

3. 在OpenStack控制节点下修改ML2的配置文件

[root@openstack plugins]# pwd
/etc/neutron/plugins
[root@openstack plugins]# ls			# 只有控制节点才有ml2文件夹
ml2  openvswitch
[root@openstack plugins]# cd ml2/
[root@openstack ml2]# ls
ml2_conf_arista.ini   ml2_conf_cisco.ini   ml2_conf.ini       ml2_conf_ncs.ini  ml2_conf_ofa.ini    nuage_plugin.ini
ml2_conf_brocade.ini  ml2_conf_fslsdn.ini  ml2_conf_mlnx.ini  ml2_conf_odl.ini  ml2_conf_sriov.ini  restproxy.ini
[root@openstack ml2]# vim ml2_conf.ini 

[ml2]

type_drivers = vxlan,vlan,flat			# 默认只有VXLAN，在这里添加其他网络的支持

tenant_network_types = flat			# 只有管理员才能够选择创建的网络类型，租户的使用默认，在这里修改

[ml2_type_flat]
# (ListOpt) List of physical_network names with which flat networks
# can be created. Use * to allow flat networks with arbitrary
# physical_network names.
#
# flat_networks =
flat_networks = huawei			# huawei只是一个标示，用来标示后面的br-eth1
# Example:flat_networks = physnet1,physnet2
# Example:flat_networks = *

[root@openstack ~]# openstack-service restart neutron

4. 在计算节点上配置(这里是控制和计算节点复用了)

[root@openstack ml2]# cd ../openvswitch/
[root@openstack openvswitch]# vim ovs_neutron_plugin.ini 

 88 bridge_mappings = huawei:br-eth1	# 和前面的huawei必须对应

[root@openstack ~]# systemctl restart neutron-openvswitch-agent.service

5. 现在管理员创建网络时，可以创建flat类型的网络了，以前可以创建，但是不能用

6. 租户使用

创建云主机后，宿主机会为这个主机创建以下网卡，对应1.5节的第一张图

[root@openstack ~]# ip addr show
...
21: qbrcd665e55-49: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP 
    link/ether ea:89:70:67:07:95 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::e889:70ff:fe67:795/64 scope link 
       valid_lft forever preferred_lft forever
22: qvocd665e55-49: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000
    link/ether 2e:10:9a:3e:61:9d brd ff:ff:ff:ff:ff:ff
    inet6 fe80::2c10:9aff:fe3e:619d/64 scope link 
       valid_lft forever preferred_lft forever
23: qvbcd665e55-49: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master qbrcd665e55-49 state UP qlen 1000
    link/ether ea:89:70:67:07:95 brd ff:ff:ff:ff:ff:ff
    inet6 fe80::e889:70ff:fe67:795/64 scope link 
       valid_lft forever preferred_lft forever
24: tapcd665e55-49: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast master qbrcd665e55-49 state UNKNOWN qlen 500
    link/ether fe:16:3e:91:6b:0a brd ff:ff:ff:ff:ff:ff
    inet6 fe80::fc16:3eff:fe91:6b0a/64 scope link 
       valid_lft forever preferred_lft forever

[root@openstack ~]# brctl show
bridge name	bridge id		STP enabled	interfaces
qbr6be31818-36		8000.0e334f62066e	no		qvb6be31818-36
qbrcd665e55-49		8000.ea8970670795	no		qvbcd665e55-49
							tapcd665e55-49

1.2 VLAN

1. 创建vSwitch（省略）

2. 修改控制的配置文件并重启网络服务

[root@openstack ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini 

type_drivers = vxlan,vlan,flat
# Example: type_drivers = flat,vlan,gre,vxlan

# (ListOpt) Ordered list of network_types to allocate as tenant
# networks. The default value 'local' is useful for single-box testing
# but provides no connectivity between hosts.
#
# tenant_network_types = local
tenant_network_types = vlan
# Example: tenant_network_types = vlan,gre,vxlan

# (ListOpt) Ordered list of networking mechanism driver entrypoints
# to be loaded from the neutron.ml2.mechanism_drivers namespace.
# mechanism_drivers =
mechanism_drivers =openvswitch				# 下面有支持的driver类型，如果网络中有多重类型的交换机，可以添加多个，用逗号隔开
# Example: mechanism_drivers = openvswitch,mlnx
# Example: mechanism_drivers = arista
# Example: mechanism_drivers = cisco,logger
# Example: mechanism_drivers = openvswitch,brocade
# Example: mechanism_drivers = linuxbridge,brocade

[ml2_type_vlan]
# (ListOpt) List of <physical_network>[:<vlan_min>:<vlan_max>] tuples
# specifying physical_network names usable for VLAN provider and
# tenant networks, as well as ranges of VLAN tags on each
# physical_n