admin
不忘初心,方得始终
级别: 管理员
只看楼主 | | | 0楼 发表于:2018-04-13 19:35

Openstack VLAN模式通过Openvswitch增加外部网络的方法

  Openstack VLAN模式的外部网络,客户需要新增2个外部网络的IP地址段。
   当前拓扑图如下:
    当前网络拓扑图

   希望改造后的外部网络拓扑图:
    3个外部网络拓扑
  
   添加了名为br_pub和br_internal的两个网桥,并使用patch peer与bond1网桥建立了连接,具体命令如下:
    br_pub网桥:
  # ovs-vsctl add-br br_pub
  # ovs-vsctl add-port br_pub patch-br_pub--bond1
  # ovs-vsctl set interface patch-br_pub--bond1 type=patch options:peer=patch-bond1--br_pub
  # ovs-vsctl add-port bond1 patch-bond1--br_pub
  # ovs-vsctl set interface patch-bond1--br_pub type=patch options:peer=patch-br_pub--bond1

  br_internal网桥:
  # ovs-vsctl add-br br_internal
  # ovs-vsctl add-port br_internal patch-br_internal--bond1
  # ovs-vsctl set interface patch-br_internal--bond1 type=patch options:peer=patch-bond1--br_internal
  # ovs-vsctl add-port bond1 patch-bond1--br_internal
  # ovs-vsctl set interface patch-bond1--br_internal type=patch options:peer=patch-br_internal--bond1
  
  实际环境用到的命令为:
  1.br_pub网桥
  #ovs-vsctl add-br br_pub
  #ovs-vsctl add-port br_pub patch-br_pub--br-phy-em3
  #ovs-vsctl set interface patch-br_pub--br-phy-em3 type=patch options:peer=patch-br-phy-em3--br_pub
  #ovs-vsctl add-port br-phy-em3 patch-br-phy-em3--br_pub
  #ovs-vsctl set interface patch-br-phy-em3--br_pub type=patch options:peer=patch-br_pub--br-phy-em3
  
  br_internal网桥
  #ovs-vsctl add-br br_internal
  #ovs-vsctl add-port br_internal patch-br_internal--br-phy-em3
  #ovs-vsctl set interface patch-br_internal--br-phy-em3 type=patch options:peer=patch-br-phy-em3--br_internal
  #ovs-vsctl add-port br-phy-em3 patch-br-phy-em3--br_internal
  #ovs-vsctl set interface patch-br-phy-em3--br_internal type=patch options:peer=patch-br_internal--br-phy-em3
  
  2.修改容器里面/etc/neutron/plugins/ml2/ml2_conf.ini配置文件。
  #consul-cli kv read templates/neutron/ml2_conf.ini.ctmpl > ml2_conf.ini.ctmpl
  在[ml2_type_vlan]
  下面添加physnet-pub:$VLAN_ID:VLAN_ID,physnet-inter:$VLAN_ID:$VLAN_ID。
   加完导入配置文件到docker容器:
  #consul-cli kv write templates/neutron/ml2_conf.ini.ctmpl "$(cat ml2_conf.ini.ctmpl)"
  
  3.重启neutron-server服务:
  #nomad stop neutron-server
  #nomad run /etc/kolla/nomad/neutron-server.hcl
  
  4.在所有节点修改/etc/neutron/plugins/ml2/openvswitch_agent.ini,并且重启neutron-openvswitch-agent服务。
  #vim  /etc/neutron/plugins/ml2/openvswitch_agent.ini
  在[ovs]模块中加入:
  bridge_mappings=physnet-pub:br_pub,physnet-inter:br_internal
  #systemctl restart neutron-openvswitch-agent

  5.创建外部网络(外部网络设置为共享,并且禁用DHCP功能):
  下面的变量中segmentation_id代表是VLAN的ID。
  可以通过连接数据库MySQL查询未使用的VLAN ID:
  #mysql -uneutron -pxxx -h haproxy-galera.service.consule
  #use neutron;
  #select * from neutron.ml2_vlan_allocations order by vlan_id and allocated=0;
  
  #neutron net-create external_pub --provider:network_type vlan --provider:segmentation_id xxx --provider:physical_network physnet-pub --router:external true --shared
  #neutron subnet-create --allocation-pool start=x.x.x.x,end=x.x.x.x --gateway x.x.x.x external_pub  x.x.x.x/xx --enable_dhcp=False
  
  #neutron net-create external_inter --provider:network_type vlan --provider:segmentation_id xxx --provider:physical_network physnet-inter --router:external true --shared
  #neutron subnet-create --allocation-pool start=x.x.x.x,end=x.x.x.x --gateway x.x.x.x external_inter x.x.x.x/xx --enable_dhcp=False

  6.可以根据项目project创建网络和子网:
  #openstack project list
   查看出来项目名称对应的UUID。
   neutron net-create internal_xx --provider:network_type vlan --provider:segmentation_id  xxx --provider:physical_network physnet-inter --tenant-id $project_id
   对应的子网在页面上创建就可以。