1、查询openstack可使用的子网
[root@test-opctrl ~]# openstack network list
+--------------------------------------+---------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------------+--------------------------------------+
| 1c9e03f5-5983-49b9-997d-1ba5315da1e2 | net-vlan-1860 | a2204645-c397-42a4-8eb2-52e9ea181d7c |
| 2f32187f-e20a-4d67-ae9e-7c6949d03813 | net-vlan-1850 | 8cb50523-d91e-4558-8e89-cd0c84f9fb0f |
| 75084d12-883d-4c66-bf27-88cc3adb1d79 | net-vlan-1800 | fdbf0a71-3551-4092-b0be-d1a1f74a50b3 |
| 925f9243-2547-482d-a2c3-2a2bcf6e1653 | net-vlan-1870 | 049b9d6f-fc9a-4a76-9598-6bf113dac642 |
+--------------------------------------+---------------+--------------------------------------+
2、创建VIP地址
创建port来占用Vip,保证neutron不会将此IP在分配出去,避免后续虚拟机自动分配P冲突问题
命令示例:openstack port create --fixed-ip subnet=<subnet_id>,ip-address=<vip_address> <vip-port-name>subnet_id:openstack集群中子网的Subnets ID
vip_address:需要给虚拟机配置的VIP
vip-port-name:VIP的端口名称
3、将VIP绑定至虚拟机端口
allowed_address_pairs:allowed_address_pairs 是 OpenStack Neutron 中的一个属性,允许用户在虚拟机(VM)接口上配置额外的 IP 地址或 MAC 地址
a)获取虚拟机现有端口ID
命令示例:openstack port list --server <server-name>
[root@test-opctrl ~]# openstack port list --server test-out-nginx01
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| c7b2115b-6bdd-4608-9229-5d53e4d2bc0b | | fa:16:3e:ff:74:45 | ip_address='10.35.180.1', subnet_id='fdbf0a71-3551-4092-b0be-d1a1f74a50b3' | ACTIVE |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
[root@test-opctrl ~]# openstack port list --server test-out-nginx02
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| ID | Name | MAC Address | Fixed IP Addresses | Status |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
| a7ae1767-d10e-49bf-a7a8-12ae0ecc8fd1 | | fa:16:3e:16:55:bc | ip_address='10.35.180.2', subnet_id='fdbf0a71-3551-4092-b0be-d1a1f74a50b3' | ACTIVE |
+--------------------------------------+------+-------------------+-----------------------------------------------------------------------------+--------+
b)为虚拟机端口添加allowed_address_pairs配置
使用 openstack port set 命令来配置 allowed_address_pairs
命令示例:openstack port set --allowed-address ip-address=<ip_address>,mac-address=<mac_address> <port_id>只指定 IP 地址而不指定 MAC 地址。系统将自动允许此 IP 与当前端口的 MAC 地址配对
命令示例:openstack port set --allowed-address ip-address=<ip_address> <port_id>[root@test-opctrl ~]# openstack port set --allowed-address ip-address=10.35.180.100 c7b2115b-6bdd-4608-9229-5d53e4d2bc0b
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | ip_address='10.35.180.100/32', mac_address='fa:16:3e:ff:74:45' |
| binding_host_id | test-opnode01 |
| binding_profile | |
| binding_vif_details | datapath_type='system', ovs_hybrid_plug='True', port_filter='True' |
| binding_vif_type | ovs |
| binding_vnic_type | normal |
| created_at | 2024-08-16T05:58:02Z |
| data_plane_status | None |
| description | |
| device_id | 1ca2a3a4-875e-49ae-a27f-740e7f555526 |
| device_owner | compute:nova |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='10.35.180.1', subnet_id='fdbf0a71-3551-4092-b0be-d1a1f74a50b3' |
| id | c7b2115b-6bdd-4608-9229-5d53e4d2bc0b |
| ip_address | None |
| mac_address | fa:16:3e:ff:74:45 |
| name | |
| network_id | 75084d12-883d-4c66-bf27-88cc3adb1d79 |
| option_name | None |
| option_value | None |
| port_security_enabled | True |
| project_id | b892ab684d4c4ee384c6023e68f018e9 |
| qos_policy_id | None |
| revision_number | 12 |
| security_group_ids | 36d985b0-ff44-49a3-a46e-504fe6ae73cd |
| status | ACTIVE |
| subnet_id | None |
| tags | |
| trunk_details | None |
| updated_at | 2024-08-16T06:21:24Z |
+-----------------------+-----------------------------------------------------------------------------+
[root@test-opctrl ~]# openstack port set --allowed-address ip-address=10.35.180.100 a7ae1767-d10e-49bf-a7a8-12ae0ecc8fd1
+-----------------------+-----------------------------------------------------------------------------+
| Field | Value |
+-----------------------+-----------------------------------------------------------------------------+
| admin_state_up | UP |
| allowed_address_pairs | ip_address='10.35.180.100/32', mac_address='fa:16:3e:16:55:bc' |
| binding_host_id | test-opnode02 |
| binding_profile | |
| binding_vif_details | datapath_type='system', ovs_hybrid_plug='True', port_filter='True' |
| binding_vif_type | ovs |
| binding_vnic_type | normal |
| created_at | 2024-08-16T05:58:15Z |
| data_plane_status | None |
| description | |
| device_id | 3e84febd-dbf4-47cb-8336-dffcd9e59f33 |
| device_owner | compute:nova |
| dns_assignment | None |
| dns_name | None |
| extra_dhcp_opts | |
| fixed_ips | ip_address='10.35.180.2', subnet_id='fdbf0a71-3551-4092-b0be-d1a1f74a50b3' |
| id | a7ae1767-d10e-49bf-a7a8-12ae0ecc8fd1 |
| ip_address | None |
| mac_address | fa:16:3e:16:55:bc |
| name | |
| network_id | 75084d12-883d-4c66-bf27-88cc3adb1d79 |
| option_name | None |
| option_value | None |
| port_security_enabled | True |
| project_id | b892ab684d4c4ee384c6023e68f018e9 |
| qos_policy_id | None |
| revision_number | 12 |
| security_group_ids | 36d985b0-ff44-49a3-a46e-504fe6ae73cd |
| status | ACTIVE |
| subnet_id | None |
| tags | |
| trunk_details | None |
| updated_at | 2024-08-16T06:21:47Z |
+-----------------------+-----------------------------------------------------------------------------+4、使用 Keepalived 配置高可用性 VIP
a)安装keepalived
[root@test-nginx01 ~]# yum -y install keepalived
[root@test-nginx02 ~]# yum -y install keepalivedb)配置 Keepalived
编辑每台虚拟机上的 Keepalived 配置文件(通常位于 /etc/keepalived/keepalived.conf)
[root@test-nginx01 ~]# cat /etc/keepalived/keepalived.conf
! Configuration File for keepalived
global_defs {
router_id node1
notification_email {
acassen@firewall.loc
failover@firewall.loc
sysadmin@firewall.loc
}
notification_email_from Alexandre.Cassen@firewall.loc
smtp_server 127.0.0.1
smtp_connect_timeout 30
}
#vrrp_script check_nginx {
# script "killall -0 nginx"
# interval 2
# weight 2
#}
vrrp_instance VI_1 {
state BACKUP
interface eth0
virtual_router_id 88
priority 99
advert_int 1
authentication {
auth_type PASS
auth_pass cn1-test-apisix
}
virtual_ipaddress {
10.35.180.100/32 dev eth0 label eth0:1
}
track_script {
check_nginx
}
}
c)启动 Keepalived
在所有虚拟机上启动并使 Keepalived 服务自动启动
[root@test-nginx01 ~]# systemctl start keepalived
[root@test-nginx01 ~]# systemctl enable keepalived
[root@test-nginx01 ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether fa:16:3e:ff:74:45 brd ff:ff:ff:ff:ff:ff
inet 10.35.180.1/24 brd 10.35.180.255 scope global eth0
valid_lft forever preferred_lft forever
inet 10.35.180.100/32 scope global eth0:1
valid_lft forever preferred_lft forever
扫一扫
4767
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
