what？

vlan network 是带 tag 的网络，是实际应用最广泛的网络类型。
下图是 vlan100 网络的示例：

Learning Openstack Part 14 Neutron(6) - linux-bridge-vlan网络类型_第1张图片

vlan100.png

因为物理网卡 eth1 上面可以走多个 vlan 的数据，那么物理交换机上与 eth1 相连的的 port 要设置成 trunk 模式，而不是 access 模式。

how?

设置默认网络类型：

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2 tenant_network_types vlan

设置vlan的范围：

openstack-config --set /etc/neutron/plugins/ml2/ml2_conf.ini ml2_type_vlan network_vlan_ranges physnet1:3001:4000

检查ml2配置

[root@openstack-controller ~]# grep -C1 "^[a-z]" /etc/neutron/plugins/ml2/ml2_conf.ini | grep -Ev "^#|^-"
[ml2]
type_drivers = local,flat,vlan,gre,vxlan
tenant_network_types = vlan
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = physnet1
[ml2_type_vlan]
network_vlan_ranges = physnet1:3001:4000
[securitygroup]
enable_ipset = True

检查网桥控制

[root@openstack-controller ~]# grep -C1 "^[a-z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini | grep -Ev "^-|^#"
[linux_bridge]
physical_interface_mappings = physnet1:eth1
[vxlan]
enable_vxlan = False
[securitygroup]
enable_security_group = True
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver

重启相关网络服务：

systemctl restart neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
systemctl restart neutron-linuxbridge-agent.service

创建网络：

[root@openstack-controller ~]# neutron net-create --shared --provider:network_type vlan --provider:physical_network physnet1 first-vlan
Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 11d7cb82-7e8f-4d18-8d64-154ec7aea6f5 |
| mtu                       | 0                                    |
| name                      | first-vlan                           |
| port_security_enabled     | True                                 |
| provider:network_type     | vlan                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  | 1067                                 |
| router:external           | False                                |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | 471592a4281e4223b2ad578b5c9b8442     |
+---------------------------+--------------------------------------+

创建subnet：

[root@openstack-controller ~]# neutron subnet-create --name vlan100 --gateway 172.16.100.1 --allocation-pool start=172.16.100.100,end=172.16.100.200 --dns-nameserver 8.8.8.8 --enable-dhcp 11d7cb82-7e8f-4d18-8d64-154ec7aea6f5 172.16.100.0/24
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field             | Value                                                |
+-------------------+------------------------------------------------------+
| allocation_pools  | {"start": "172.16.100.100", "end": "172.16.100.200"} |
| cidr              | 172.16.100.0/24                                      |
| dns_nameservers   | 8.8.8.8                                              |
| enable_dhcp       | True                                                 |
| gateway_ip        | 172.16.100.1                                         |
| host_routes       |                                                      |
| id                | df22e0c7-370c-4678-a19a-2eb8f8caecaa                 |
| ip_version        | 4                                                    |
| ipv6_address_mode |                                                      |
| ipv6_ra_mode      |                                                      |
| name              | vlan100                                              |
| network_id        | 11d7cb82-7e8f-4d18-8d64-154ec7aea6f5                 |
| subnetpool_id     |                                                      |
| tenant_id         | 471592a4281e4223b2ad578b5c9b8442                     |
+-------------------+------------------------------------------------------+

创建虚拟机：

[root@openstack-controller ~]# nova boot --flavor cirros --image cirros --key-name mykey --security-groups default --nic net-id=11d7cb82-7e8f-4d18-8d64-154ec7aea6f5 instance-vlan100-1
[root@openstack-controller ~]# nova boot --flavor cirros --image cirros --key-name mykey --security-groups default --nic net-id=11d7cb82-7e8f-4d18-8d64-154ec7aea6f5 instance-vlan100-2

检查网络变化：

[root@openstack-controller ~]# brctl show 
bridge name bridge id       STP enabled interfaces
brq11d7cb82-7e      8000.000c2927f89e   no      eth1.1067
                                                     tap8b0e08f8-24
[root@openstack-controller ~]# ip link list
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:27:f8:94 brd ff:ff:ff:ff:ff:ff
3: eth1:  mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:27:f8:9e brd ff:ff:ff:ff:ff:ff
4: tap8b0e08f8-24@if2:  mtu 1500 qdisc noqueue master brq11d7cb82-7e state UP mode DEFAULT qlen 1000
    link/ether d2:10:22:ab:80:ca brd ff:ff:ff:ff:ff:ff link-netnsid 0
5: eth1.1067@eth1:  mtu 1500 qdisc noqueue master brq11d7cb82-7e state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:27:f8:9e brd ff:ff:ff:ff:ff:ff
6: brq11d7cb82-7e:  mtu 1500 qdisc noqueue state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:27:f8:9e brd ff:ff:ff:ff:ff:ff
[root@openstack-compute ~]# brctl show 
bridge name bridge id       STP enabled interfaces
brq11d7cb82-7e      8000.000c290a9852   no      eth1.1067
                                                      tap3ebca4e1-1b
                                                      tap4742ee50-7f
[root@openstack-compute ~]# ip link list
1: lo:  mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0:  mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:0a:98:48 brd ff:ff:ff:ff:ff:ff
3: eth1:  mtu 1500 qdisc pfifo_fast state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:0a:98:52 brd ff:ff:ff:ff:ff:ff
4: brq11d7cb82-7e:  mtu 1500 qdisc noqueue state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:0a:98:52 brd ff:ff:ff:ff:ff:ff
5: tap4742ee50-7f:  mtu 1500 qdisc pfifo_fast master brq11d7cb82-7e state UNKNOWN mode DEFAULT qlen 1000
    link/ether fe:16:3e:40:70:08 brd ff:ff:ff:ff:ff:ff
6: eth1.1067@eth1:  mtu 1500 qdisc noqueue master brq11d7cb82-7e state UP mode DEFAULT qlen 1000
    link/ether 00:0c:29:0a:98:52 brd ff:ff:ff:ff:ff:ff
7: tap3ebca4e1-1b:  mtu 1500 qdisc pfifo_fast master brq11d7cb82-7e state UNKNOWN mode DEFAULT qlen 1000

Learning Openstack Part 14 Neutron(6) - linux-bridge-vlan网络类型

what？

how?

你可能感兴趣的:(Learning Openstack Part 14 Neutron(6) - linux-bridge-vlan网络类型)