openstack quantum 网络架构

最新推荐文章于 2021-08-22 08:47:54 发布

yzg2010a

最新推荐文章于 2021-08-22 08:47:54 发布

阅读量1.7k

点赞数

分类专栏：网络文章标签： openstack 网络

网络专栏收录该内容

24 篇文章 0 订阅

订阅专栏

plugin 可以选择 OpenVSwitch 或者 Linux Bridge或者 Cisco Nexus，

我用的OpenVSwitch

要用 OpenVSwitch 首先确定你有两个网卡

一个用做链接外网做桥接网卡

一个用于各种service host ip试用

下面有几张图已利于理解 quantum OpenVSwitch 架构

Grizzly single node 架构

quantum OpenVSwitch 内部架构

plugin Cisco Nexus 架构

root@openstack-neal:~# ovs-vsctl list-br
br-ex
br-int
br-tun
qbrb2ce49ee-6c
qbrb37189cf-f1
qbrc7895871-79
qbre0bae8a3-c2
virbr0
root@openstack-neal:~#

当前系统虚拟机两个

eth1 连接内部网络

eth0 连接外部网络

root@openstack-neal:~# ovs-vsctl show
c8f3c60c-5c17-40de-b374-9789a54d1649
    Bridge "qbrc7895871-79"
        Port "tapc7895871-79"
            Interface "tapc7895871-79"
        Port "qvbc7895871-79"
            Interface "qvbc7895871-79"
        Port "qbrc7895871-79"
            Interface "qbrc7895871-79"
                type: internal
    Bridge br-int
        Port "qvob2ce49ee-6c"
            tag: 1
            Interface "qvob2ce49ee-6c"
        Port "tap31fd28fb-43"
            tag: 3
            Interface "tap31fd28fb-43"
                type: internal
        Port "qvob37189cf-f1"
            tag: 4095
            Interface "qvob37189cf-f1"
        Port "qvoe0bae8a3-c2"
            tag: 4095
            Interface "qvoe0bae8a3-c2"
        Port "qr-69f9a5bb-84"
            tag: 1
            Interface "qr-69f9a5bb-84"
                type: internal
        Port patch-tun
            Interface patch-tun
                type: patch
                options: {peer=patch-int}
        Port br-int
            Interface br-int
                type: internal
        Port "tapd7718c48-9d"
            tag: 1
            Interface "tapd7718c48-9d"
                type: internal
        Port "qr-712b81a0-1b"
            tag: 3
            Interface "qr-712b81a0-1b"
                type: internal
        Port "qvoc7895871-79"
            tag: 1
            Interface "qvoc7895871-79"
    Bridge "qbre0bae8a3-c2"
        Port "qvbe0bae8a3-c2"
            Interface "qvbe0bae8a3-c2"
        Port "qbre0bae8a3-c2"
            Interface "qbre0bae8a3-c2"
                type: internal
    Bridge br-tun
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal
    Bridge "qbrb37189cf-f1"
        Port "qvbb37189cf-f1"
            Interface "qvbb37189cf-f1"
        Port "qbrb37189cf-f1"
            Interface "qbrb37189cf-f1"
                type: internal
    Bridge "virbr0"
        Port "virbr0"
            Interface "virbr0"
                type: internal
    Bridge br-ex
        Port "qg-3514db24-6e"
            Interface "qg-3514db24-6e"
                type: internal
        Port "eth0"
            Interface "eth0"
        Port br-ex
            Interface br-ex
                type: internal
        Port "qg-2bde16b8-cd"
            Interface "qg-2bde16b8-cd"
                type: internal
    Bridge "qbrb2ce49ee-6c"
        Port "tapb2ce49ee-6c"
            Interface "tapb2ce49ee-6c"
        Port "qvbb2ce49ee-6c"
            Interface "qvbb2ce49ee-6c"
        Port "qbrb2ce49ee-6c"
            Interface "qbrb2ce49ee-6c"
                type: internal
    ovs_version: "1.4.0+build0"

Bridge br-ex 网桥桥接了eth0和 br-ex Port "qg-3514db24-6e" Port "qg-2bde16b8-cd"

prot 在这里代表的是网络交换机上的端口

我们看看路由器和子网之间的连接关系

先看图再看 cli

192.168.2.0 是我的外网网段

10.10.10.0 和10.1.1.0 是虚拟局域网

虚拟机可以上网

主要是路由上的 getway是对的

route 需要上需要有外网ip 然后连接子网

首先看看我们有几个router

(quantum) router-list
+--------------------------------------+--------------+--------------------------------------------------------+
| id | name | external_gateway_info |
+--------------------------------------+--------------+--------------------------------------------------------+
| 1ff6ff47-9eb2-44b6-a8b8-aaf7d1509b6b | test_router1 | {"network_id": "1c5c7730-e464-4236-b69c-42bc77aea399"} |
| c72140e0-f0cf-44ac-be9e-d9e129349639 | demo_router1 | {"network_id": "1c5c7730-e464-4236-b69c-42bc77aea399"} |
+--------------------------------------+--------------+--------------------------------------------------------+

测试随便设置两个router router 不设置参数就是废的就把他当做真是存在的 router 那么router我们需要给他配什么

当然是ip了这个必须是个公网的ip

路由上端口ip查看

(quantum) router-port-list   1ff6ff47-9eb2-44b6-a8b8-aaf7d1509b6b
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                          |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| 3514db24-6e92-4aa5-828d-d7284dc24c5d |      | fa:16:3e:8d:e4:39 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.9"} |
| 69f9a5bb-84f3-4ea0-a409-6425a347dc2f |      | fa:16:3e:d8:b5:87 | {"subnet_id": "b77aaff8-d604-4862-b2a1-4ae665185e95", "ip_address": "10.10.10.1"} |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+

下一个子网查看

root@openstack-neal:~# quantum

(quantum) net-list
+--------------------------------------+--------------+-----------------------------------------------------+
| id                                   | name         | subnets                                             |
+--------------------------------------+--------------+-----------------------------------------------------+
| 1c5c7730-e464-4236-b69c-42bc77aea399 | net_external | 8758c8f3-c9ec-40bb-9b87-89e6711a5299 192.168.2.0/24 |
| 2b7c9c86-6151-463d-b15b-bfb0126508aa | demo_net1    | 915359f4-4e68-49dd-9897-093f625d9f41 10.1.1.0/24    |
| 9387f63a-e7bb-4671-9d1c-925aa57c0e6a | subnet1      | b77aaff8-d604-4862-b2a1-4ae665185e95 10.10.10.0/24 |
+--------------------------------------+--------------+-----------------------------------------------------+
(quantum) net-external-list
+--------------------------------------+--------------+-----------------------------------------------------+
| id                                   | name         | subnets                                             |
+--------------------------------------+--------------+-----------------------------------------------------+
| 1c5c7730-e464-4236-b69c-42bc77aea399 | net_external | 8758c8f3-c9ec-40bb-9b87-89e6711a5299 192.168.2.0/24 |
+--------------------------------------+--------------+-----------------------------------------------------+
(quantum)
这两个不用解释了一个子网一个外网查看

当然用整个外网子网确定这些ip都是空闲的，不然到时候你用的floating ip分配不出来很烦的

floating ip 查看

(quantum) floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id                                   | fixed_ip_address | floating_ip_address | port_id                              |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2be4b102-51b7-49a5-af69-6c49542cb03a | 10.10.10.10      | 192.168.2.5         | b2ce49ee-6cc7-4650-9ae8-f6a4b1e22c69 |
| 2ec62611-557e-4e25-8d5e-0312c100e12f |                  | 192.168.2.3         |                                      |
| 357a3a85-a784-4d60-b167-fffa352462ef | 10.10.10.11      | 192.168.2.4         | c7895871-79c9-4456-af1e-e09f70684752 |
| 536c2025-bb3b-4fa5-84f6-30fb3188c4c7 |                  | 192.168.2.7         |                                      |
| 8003ee0d-5bbe-42fe-aa4e-70b96d660eb1 |                  | 192.168.2.6         |                                      |
| c08f79ac-ecca-42f1-8342-7d3c494fd110 |                  | 192.168.2.8         |                                      |
+--------------------------------------+------------------+---------------------+--------------------------------------+

子网查看网络查看

(quantum) subnet-list
+--------------------------------------+--------------+----------------+--------------------------------------------------+
| id                                   | name         | cidr           | allocation_pools                                 |
+--------------------------------------+--------------+----------------+--------------------------------------------------+
| 8758c8f3-c9ec-40bb-9b87-89e6711a5299 |              | 192.168.2.0/24 | {"start": "192.168.2.2", "end": "192.168.2.254"} |
| 915359f4-4e68-49dd-9897-093f625d9f41 | demo_subnet1 | 10.1.1.0/24    | {"start": "10.1.1.2", "end": "10.1.1.254"}       |
| b77aaff8-d604-4862-b2a1-4ae665185e95 | subnet1      | 10.10.10.0/24 | {"start": "10.10.10.8", "end": "10.10.10.200"}   |
+--------------------------------------+--------------+----------------+--------------------------------------------------+
(quantum) net-list
+--------------------------------------+--------------+-----------------------------------------------------+
| id                                   | name         | subnets                                             |
+--------------------------------------+--------------+-----------------------------------------------------+
| 1c5c7730-e464-4236-b69c-42bc77aea399 | net_external | 8758c8f3-c9ec-40bb-9b87-89e6711a5299 192.168.2.0/24 |
| 2b7c9c86-6151-463d-b15b-bfb0126508aa | demo_net1    | 915359f4-4e68-49dd-9897-093f625d9f41 10.1.1.0/24    |
| 9387f63a-e7bb-4671-9d1c-925aa57c0e6a | subnet1      | b77aaff8-d604-4862-b2a1-4ae665185e95 10.10.10.0/24 |
+--------------------------------------+--------------+-----------------------------------------------------+

注意这两个命令的不同

交换机端口查看也就是看看交换机每个端口配置了什么ip

(quantum) port-list
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| id                                   | name | mac_address       | fixed_ips                                                                          |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
| 2bde16b8-cd5c-49eb-a095-4dde56807f59 |      | fa:16:3e:6c:59:95 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.2"} |
| 31fd28fb-43ae-4e8a-bfbb-59d18071b675 |      | fa:16:3e:a0:77:1c | {"subnet_id": "915359f4-4e68-49dd-9897-093f625d9f41", "ip_address": "10.1.1.2"}    |
| 3514db24-6e92-4aa5-828d-d7284dc24c5d |      | fa:16:3e:8d:e4:39 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.9"} |
| 372b1bfc-66b7-4bde-b6cd-c57f43bbf8c8 |      | fa:16:3e:eb:14:e6 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.6"} |
| 5d6e5a0b-6754-4593-8f37-277a070474e0 |      | fa:16:3e:9d:8f:bb | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.5"} |
| 69f9a5bb-84f3-4ea0-a409-6425a347dc2f |      | fa:16:3e:d8:b5:87 | {"subnet_id": "b77aaff8-d604-4862-b2a1-4ae665185e95", "ip_address": "10.10.10.1"} |
| 712b81a0-1b71-42ae-9a62-9ea95f77ac5f |      | fa:16:3e:84:07:33 | {"subnet_id": "915359f4-4e68-49dd-9897-093f625d9f41", "ip_address": "10.1.1.1"}    |
| 8ea4de82-b3d8-4a95-a529-0deed03aa667 |      | fa:16:3e:22:c7:e4 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.3"} |
| 9679e50a-eee6-44a6-a19d-289befe0067f |      | fa:16:3e:8b:92:3c | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.8"} |
| b1448067-7409-46d8-b14d-c30a7182caf9 |      | fa:16:3e:f4:d3:99 | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.4"} |
| b2ce49ee-6cc7-4650-9ae8-f6a4b1e22c69 |      | fa:16:3e:1d:87:71 | {"subnet_id": "b77aaff8-d604-4862-b2a1-4ae665185e95", "ip_address": "10.10.10.10"} |
| c7895871-79c9-4456-af1e-e09f70684752 |      | fa:16:3e:93:c2:a1 | {"subnet_id": "b77aaff8-d604-4862-b2a1-4ae665185e95", "ip_address": "10.10.10.11"} |
| d7718c48-9d85-4bfd-aefa-c987825e493f |      | fa:16:3e:fa:61:56 | {"subnet_id": "b77aaff8-d604-4862-b2a1-4ae665185e95", "ip_address": "10.10.10.9"} |
| da09023f-1afe-4de2-b0f6-54649e4715e3 |      | fa:16:3e:ab:26:ba | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.7"} |
+--------------------------------------+------+-------------------+------------------------------------------------------------------------------------+
(quantum) port-show 5d6e5a0b-6754-4593-8f37-277a070474e0
+----------------------+------------------------------------------------------------------------------------+
| Field                | Value                                                                              |
+----------------------+------------------------------------------------------------------------------------+
| admin_state_up       | True                                                                               |
| binding:capabilities | {"port_filter": false}                                                             |
| binding:vif_type     | ovs                                                                                |
| device_id            | 2be4b102-51b7-49a5-af69-6c49542cb03a                                               |
| device_owner         | network:floatingip                                                                 |
| fixed_ips            | {"subnet_id": "8758c8f3-c9ec-40bb-9b87-89e6711a5299", "ip_address": "192.168.2.5"} |
| id                   | 5d6e5a0b-6754-4593-8f37-277a070474e0                                               |
| mac_address          | fa:16:3e:9d:8f:bb                                                                  |
| name                 |                                                                                    |
| network_id           | 1c5c7730-e464-4236-b69c-42bc77aea399                                               |
| status               | DOWN                                                                               |
| tenant_id            |                                                                                    |
+----------------------+------------------------------------------------------------------------------------+

quantum cli 功能非常强大

有时候 cli create的东西dashboard 里面删除不掉的

如果网络建错了 ip已经用了情况下怎么删除。

首先删除这个网络的的机器还有 floating ip，

floatingip-delete id

然后删除 router上面的连接关系

router-gateway-clear id

删除路由上连接的子网

router-interface-delete router id subnet id

删除 port

port-delete id

删除 net，在

net-delete id

删除 subnet 如果显示port在使用

subnet-delete id

怎么显示id 等等问题 xxx-list

(quantum) router-delete d69a164f-2ed0-4bd0-b46d-6b0a4cf721f5
Router d69a164f-2ed0-4bd0-b46d-6b0a4cf721f5 still has active ports

删除 router 的gateway 第一步

查询id方法 router-list

第二步删除 router 上的interface

查询 (quantum) router-port-list d69a164f-2ed0-4bd0-b46d-6b0a4cf721f5
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
| 52844dce-bf78-4d09-8f89-263e119a9816 | | fa:16:3e:24:42:0d | {"subnet_id": "6ae917f3-bca8-4b25-87af-8554b749a59e", "ip_address": "10.1.1.1"} |
+--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+
(quantum)

第三步删除subnet

查询方法 subnet-list

第四步删除 net

查询方法 net-list

net subnet 区别

net只是网络名称 subnet 是我们的子网包含ip地址子网掩码的

简单的说一个网络需要上网需要路由器交换机网卡

路由器是quantum 里面的 router

交换机也就是 net net里面的subnet 使我们自己配置的子网

一个子网需要上网需要配置一个到外网的端口路由器上需要有到交换机的端口，交换机上面需要有子网的ip 也就是网关地址.