跳转至

15. 增加一个flat类型的网络

1. 为什么要增加网络

# 我们的openstack当前环境只有一个基于eth0网卡桥接的,它使用的ip范围有限,就决定着它能创建的实例数量有限,无法超过可用ip的数量,当我们的openstack私有云规模比较大的时候,这时候只有一个网络,就不能满足我们的需求了,所以需要增加一个网络。
# 我们使用的环境是VMware workstation,无法模拟vlan的场景,所以这里我们继续使用flat网络类型

2. 查看当前网络

#点击管理员-网络,查看当前的网络

img_52.png

3. 所有虚拟机添加网络适配器

1. 增加LAN区段

# controller
# 打开虚拟机设置,点击网络适配器,然后点击右下角的LAN区段,然后添加:172.16.0.0/24

img_53.png

2. 添加新的网络适配器

# 点击左下角的添加,选择网络适配器,其他都默认

img_54.png

3. 将新加的网络适配器更改为LAN区段

# 点击新建的网卡,然后点击LAN区段,在下拉列表中选择刚才创建的LAN区段:172.16.0.0/24

img_55.png

4. 按照上面步骤添加其他虚拟机网卡

# compute1,compute2
# 略

4. 所有节点增加网卡

1. 修改网卡配置文件

# 所有节点
#1.复制
cd /etc/sysconfig/network-scripts/
cp ifcfg-eth0 ifcfg-eth1

#2.修改
vim ifcfg-eth1
#修改名称为eth1,IP改为172.16.0.11(改为对应的!),网关和dns删除即可!
TYPE=Ethernet
BOOTPROTO=none
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=172.16.0.11
NETMASK=255.255.255.0

#3.启动
ifup eth1

#4.查看
ifconfig eth1

[root@controller ~]# #1.复制
[root@controller ~]# cd /etc/sysconfig/network-scripts/
[root@controller network-scripts]# cp ifcfg-eth0 ifcfg-eth1
[root@controller network-scripts]#
[root@controller network-scripts]# #2.修改
[root@controller network-scripts]# vim ifcfg-eth1
[root@controller network-scripts]#
[root@controller network-scripts]# cat ifcfg-eth1
TYPE=Ethernet
BOOTPROTO=none
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=172.16.0.11
NETMASK=255.255.255.0
[root@controller network-scripts]#
[root@controller network-scripts]#
[root@controller network-scripts]# #3.启动
[root@controller network-scripts]# ifup eth1
[root@controller network-scripts]#
[root@controller network-scripts]# #4.查看
[root@controller network-scripts]# ifconfig eth1
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 172.16.0.11  netmask 255.255.255.0  broadcast 172.16.0.255
        inet6 fe80::20c:29ff:fed2:ddc4  prefixlen 64  scopeid 0x20<link>
        ether 00:0c:29:d2:dd:c4  txqueuelen 1000  (Ethernet)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 13  bytes 938 (938.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

2. 其他节点操作相同!

# 略

3. 互相ping测试!

#controller
ping 172.16.0.31
ping 172.16.0.32

[root@controller network-scripts]# ping 172.16.0.31
PING 172.16.0.31 (172.16.0.31) 56(84) bytes of data.
64 bytes from 172.16.0.31: icmp_seq=1 ttl=64 time=0.417 ms
64 bytes from 172.16.0.31: icmp_seq=2 ttl=64 time=0.159 ms
64 bytes from 172.16.0.31: icmp_seq=3 ttl=64 time=0.155 ms
64 bytes from 172.16.0.31: icmp_seq=4 ttl=64 time=0.150 ms
^C
--- 172.16.0.31 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 2999ms
rtt min/avg/max/mdev = 0.150/0.220/0.417/0.114 ms
[root@controller network-scripts]# ping 172.16.0.32
PING 172.16.0.32 (172.16.0.32) 56(84) bytes of data.
64 bytes from 172.16.0.32: icmp_seq=1 ttl=64 time=0.289 ms
64 bytes from 172.16.0.32: icmp_seq=2 ttl=64 time=0.147 ms
64 bytes from 172.16.0.32: icmp_seq=3 ttl=64 time=0.154 ms
^C
--- 172.16.0.32 ping statistics ---
3 packets transmitted, 3 received, 0% packet loss, time 1999ms
rtt min/avg/max/mdev = 0.147/0.196/0.289/0.067 ms

5. 修改ml2的配置

#controller

vim /etc/neutron/plugins/ml2/ml2_conf.ini
#修改如下标签中的平面网络,添加一个叫:net172_16 的网络!
[ml2_type_flat]
flat_networks = provider,net172_16

#重启服务
systemctl restart neutron-server

[root@controller network-scripts]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[root@controller network-scripts]#
[root@controller network-scripts]# cat /etc/neutron/plugins/ml2/ml2_conf.ini
[DEFAULT]
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider,net172_16
[ml2_type_geneve]
[ml2_type_gre]
[ml2_type_vlan]
[ml2_type_vxlan]
[securitygroup]
enable_ipset = True

6. 修改linuxbridge_agent的配置

#所有节点

vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
#在最后添加在控制节点新加的平面网络名:net172_16:eth1
[linux_bridge]
physical_interface_mappings = provider:eth0,net172_16:eth1

#重启服务
systemctl restart neutron-linuxbridge-agent

[root@controller network-scripts]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@controller network-scripts]#
[root@controller network-scripts]# cat /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[DEFAULT]
[agent]
[linux_bridge]
physical_interface_mappings = provider:eth0,net172_16:eth1
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[vxlan]
enable_vxlan = False

7. 查看neutron网络状态

[root@controller ~]# neutron agent-list
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| id                                   | agent_type         | host       | availability_zone | alive | admin_state_up | binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+
| 5ced1c10-a583-412b-ac9f-04472690e23a | Linux bridge agent | controller |                   | :-)   | True           | neutron-linuxbridge-agent |
| 787e9938-4d41-4735-afc3-cd2c066d495c | Linux bridge agent | compute1   |                   | :-)   | True           | neutron-linuxbridge-agent |
| 86c73826-e063-4e71-9dc1-a652bd65f2ba | Linux bridge agent | compute2   |                   | :-)   | True           | neutron-linuxbridge-agent |
| d8af3511-2fa3-4a87-80ea-e79979021aae | Metadata agent     | controller |                   | :-)   | True           | neutron-metadata-agent    |
| dfaa1c3b-06a7-4687-9470-23bd1131b96e | DHCP agent         | controller | nova              | :-)   | True           | neutron-dhcp-agent        |
+--------------------------------------+--------------------+------------+-------------------+-------+----------------+---------------------------+

8. 创建网络

1. 命令行创建网络(略)

#创建网络:net172_16
neutron net-create --shared --provider:physical_network net172_16 \
--provider:network_type flat net172_16

#创建子网:oldgirl
neutron subnet-crreate --name oldgirl \
--allocation-pool start=172.16.0.1,end=172.16.0.250 \
--dns-nameserver 223.5.5.5 --gateway 172.16.0.254 \
net172_16 172.16.0.0/24

2. 图形界面创建网络

#点击左侧的管理员-网络,然后右上角的创建网络。输入名称:net172_16,选择项目admin,选择网络类型:平面,物理网络:net172_16(这里必须在ml2配置文件中能找到的),然后勾选共享,点击提交

img_56.png

#创建子网
# 点击刚才创建的网络,然后点击创建子网,输入子网名称:net172_16,网络地址:172.16.0.0/24,网关:172.16.0.254,然后下一步
# 注意:网关必须要存在

img_57.png

# 分配池输入:172.16.0.1,172.16.0.250,DNS:223.5.5.5

img_58.png

9. 新建路由虚拟机

# 克隆新的虚拟机openstack-route,然后启动虚拟机

#1. 修改IP为:192.168.178.99(能上网就可以了!)
vim /etc/sysconfig/network-scripts/ifcfg-eth0

#2. 重启网络
systemctl restart network

#3.测试
ping baidu.com

#4.远程连接

10. 给route节点添加一块新的网卡

1. 添加新网卡

# 点击虚拟机配置,添加网卡,然后给新网卡选择LAN区段:172.16.0.0/24

2. 复制网卡配置

cd /etc/sysconfig/network-scripts/
cp ifcfg-eth0 ifcfg-eth1

3. 修改网卡配置

vim ifcfg-eth1

TYPE=Ethernet
BOOTPROTO=none
NAME=eth1
DEVICE=eth1
ONBOOT=yes
IPADDR=172.16.0.254 #这里必须要写成网关的地址!!!
NETMASK=255.255.255.0

4. 启动网卡

ifup eth1

5. 验证

ifconfig eth1
ping 172.16.0.11

11. 给route节点开启转发

1. 编辑内核配置文件,开启转发

vim /etc/sysctl.conf
#添加一行
net.ipv4.ip_forward = 1

2. 使内核生效

sysctl -p

3. 清空防火墙规则

iptables -F

4. 添加转发规则

iptables -t nat -A POSTROUTING -s 172.16.0.0/24 -j MASQUERADE

12. 基于新建网络net172_16启动实例测试

#点击左侧的项目-实例,然后启动实例,输入名称:net172_16-test

img_59.png

# 源选择cirros,flavor选择64M,网络选择刚才创建的网络:net172_16

img_60.png

#打开控制台,ping baidu.com 测试!!
最后更新: 2022-02-20 04:00:12