红帽全球峰会6.2. 使用供应商网络进行模型安装场景
此安装场景演示了 OpenStack 和 OpenDaylight 示例,它们使用提供商网络而不是租户网络。外部 Neutron 提供商网络将虚拟机实例桥接到提供第 3 层(L3)和其他网络服务的物理网络基础架构中。在大多数情况下,提供商网络使用 VLAN ID 实施第 2 层(L2)分段。提供商网络映射到支持在提供商网络中启动虚拟机实例的每个 Compute 节点上的提供程序网桥。
6.2.1. 物理拓扑
此场景的拓扑由六个节点组成:
- 1 个 x director undercloud 节点
- 3 个 x OpenStack overcloud 控制器,除了其他 OpenStack 服务外,还安装有 OpenDaylight SDN 控制器
- 2 个 x OpenStack overcloud Compute 节点
6.2.2. 规划物理网络环境
overcloud Controller 节点使用四个网络接口卡(NIC):
| 名称 | 用途 |
|---|---|
| nic1 | 管理网络(例如通过 SSH 访问节点) |
| nic2 | 调配(PXE、DHCP) 和内部 API 网络 |
| nic3 | 租户网络 |
| nic4 | 公共 API 网络,浮动 IP 网络 |
overcloud Compute 节点配备四个 NIC:
| 名称 | 用途 |
|---|---|
| nic1 | 管理网络 |
| nic2 | 置备和内部 API 网络 |
| nic3 | 租户网络 |
| nic4 | 浮动 IP 网络 |
undercloud 节点配备两个 NIC:
| 名称 | 用途 |
|---|---|
| nic1 | 用于管理网络 |
| nic2 | 用于 Provisioning 网络 |
6.2.3. 规划 NIC 连接
在这种情况下,环境文件使用抽象的编号接口(nic1、 nic2),而不是主机操作系统上提供的实际设备名称,如 eth0 或 eno2。属于同一角色的主机不需要相同的网络接口设备名称。如果一个主机使用 em1 和 em2 接口,则没有问题,另一个主机使用 eno1 和 eno2。每个 NIC 都将被称为 nic1 和 nic2。
抽象的 NIC 方案仅依赖于实时和连接的接口。如果主机有不同数量的接口,就足以使用连接主机所需的最少接口数量。例如,如果一台主机上有 4 个物理接口和第 6 个物理接口,则您应该仅在两个主机上使用 nic1、 nic2、nic3 和 nic4 插件。
6.2.4. 规划网络、VLAN 和 IP
此场景使用网络隔离来分隔管理、配置、内部 API、租户、公共 API 和浮动 IP 网络流量。
图 6.2. 在这种情况下使用的详细网络拓扑
下表显示了与每个网络关联的 VLAN ID 和 IP 子网:
| Network | VLAN ID | IP 子网 |
|---|---|---|
| 置备 | 原生 | 192.0.5.0/24 |
| 内部 API | 600 | 172.17.0.0/24 |
| 租户 | 554,555-601 | 172.16.0.0/24 |
| 公共 API | 552 | 192.168.210.0/24 |
| 浮动 IP | 553 | 10.35.186.146/28 |
OpenStack Platform director 创建 br-isolated OVS 网桥,并为网络配置文件中定义的每个网络添加 VLAN 接口。director 还自动创建 br-ex 网桥并附加了相关网络接口。
确保提供主机之间连接的物理网络交换机已正确配置,以承载这些 VLAN ID。您必须将主机面临的所有交换机端口配置为 VLAN 的 中继 。此处使用术语"中继"来描述允许多个 VLAN ID 穿过同一端口的端口。
物理交换机的配置指南不在本文档范围内。
network-environment.yaml 中的 TenantNetworkVlanID 可在使用 VXLAN 隧道时为租户网络定义 VLAN 标签(即 VXLAN 租户流量通过标记在lay 网络的 VLAN 传输)。如果需要租户网络通过原生 VLAN 运行,则此值也可能为空。另请注意,在使用 VLAN 租户网络时,可以使用除为 TenantNetworkVlanID 提供的值之外的 VLAN 标签。
6.2.5. 这种情境中使用的 OpenDaylight 配置文件
要部署 OpenStack 和 OpenDaylight 的这种场景,在 undercloud 节点上输入以下部署命令:
$ openstack overcloud deploy --debug \
--templates \
--environment-file "$HOME/extra_env.yaml" \
--libvirt-type kvm \
-e /home/stack/baremetal-vlan/network-environment.yaml \
-e /usr/share/openstack-tripleo-heat-templates/environments/neutron-opendaylight.yaml \
--log-file overcloud_install.log &> overcloud_install.log本指南还显示此场景的配置文件、配置文件内容以及有关配置的信息。
6.2.5.1. extra_env.yaml 文件。
该文件只有一个参数。
parameter_defaults:
OpenDaylightProviderMappings: 'datacentre:br-ex,tenant:br-vlan'
这些是每个节点的映射,由 OpenDaylight 控制,供 OpenDaylight 使用。物理网络 数据中心 映射到 br-ex OVS 网桥,租户网络流量映射到 br-vlan OVS 网桥。
6.2.5.2. undercloud.conf 文件
此文件位于 /home/stack/ 目录中。
文件路径指向配置文件的自定义版本。
[DEFAULT]
local_ip = 192.0.5.1/24
network_gateway = 192.0.5.1
undercloud_public_vip = 192.0.5.2
undercloud_admin_vip = 192.0.5.3
local_interface = eno2
network_cidr = 192.0.5.0/24
masquerade_network = 192.0.5.0/24
dhcp_start = 192.0.5.5
dhcp_end = 192.0.5.24
inspection_iprange = 192.0.5.100,192.0.5.120本例将 192.0.5.0/24 子网用于 Provisioning 网络。请注意,在 undercloud 节点上使用物理接口 eno2 来置备。
6.2.5.3. network-environment.yaml file
这是配置网络的主要文件。它位于 /home/stack/baremetal-vlan/ 目录中。以下文件指定不同网络的 VLAN ID 和 IP 子网,并显示提供程序映射。nic-configs 目录中的 controller.yaml 和 compute.yaml 文件用于指定 Controller 和 Compute 节点的网络配置。
示例中指定 Controller 节点(3)和 Compute 节点(2)。
resource_registry:
# Specify the relative/absolute path to the config files you want to use for override the default.
OS::TripleO::Compute::Net::SoftwareConfig: nic-configs/compute.yaml
OS::TripleO::Controller::Net::SoftwareConfig: nic-configs/controller.yaml
# Network isolation configuration
# Service section
# If some service should be disabled, use the following example
# OS::TripleO::Network::Management: OS::Heat::None
OS::TripleO::Network::External: /usr/share/openstack-tripleo-heat-templates/network/external.yaml
OS::TripleO::Network::InternalApi: /usr/share/openstack-tripleo-heat-templates/network/internal_api.yaml
OS::TripleO::Network::Tenant: /usr/share/openstack-tripleo-heat-templates/network/tenant.yaml
OS::TripleO::Network::Management: OS::Heat::None
OS::TripleO::Network::StorageMgmt: OS::Heat::None
OS::TripleO::Network::Storage: OS::Heat::None
# Port assignments for the VIPs
OS::TripleO::Network::Ports::ExternalVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml
OS::TripleO::Network::Ports::InternalApiVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml
OS::TripleO::Network::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml
OS::TripleO::Network::Ports::StorageVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
OS::TripleO::Network::Ports::StorageMgmtVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
# Port assignments for the controller role
OS::TripleO::Controller::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml
OS::TripleO::Controller::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml
OS::TripleO::Controller::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml
OS::TripleO::Controller::Ports::ManagementPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
OS::TripleO::Controller::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
OS::TripleO::Controller::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
# Port assignments for the compute role
OS::TripleO::Compute::Ports::ExternalPort: /usr/share/openstack-tripleo-heat-templates/network/ports/external.yaml
OS::TripleO::Compute::Ports::InternalApiPort: /usr/share/openstack-tripleo-heat-templates/network/ports/internal_api.yaml
OS::TripleO::Compute::Ports::TenantPort: /usr/share/openstack-tripleo-heat-templates/network/ports/tenant.yaml
OS::TripleO::Compute::Ports::ManagementPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
OS::TripleO::Compute::Ports::StoragePort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
OS::TripleO::Compute::Ports::StorageMgmtPort: /usr/share/openstack-tripleo-heat-templates/network/ports/noop.yaml
# Port assignments for service virtual IPs for the controller role
OS::TripleO::Controller::Ports::RedisVipPort: /usr/share/openstack-tripleo-heat-templates/network/ports/vip.yaml
OS::TripleO::NodeUserData: /home/stack/baremetal-vlan/firstboot-config.yaml
parameter_defaults:
# Customize all these values to match the local environment
InternalApiNetCidr: 172.17.0.0/24
TenantNetCidr: 172.16.0.0/24
ExternalNetCidr: 192.168.210.0/24
# CIDR subnet mask length for provisioning network
ControlPlaneSubnetCidr: '24'
InternalApiAllocationPools: [{'start': '172.17.0.10', 'end': '172.17.0.200'}]
TenantAllocationPools: [{'start': '172.16.0.100', 'end': '172.16.0.200'}]
# Use an External allocation pool which will leave room for floating IPs
ExternalAllocationPools: [{'start': '192.168.210.2', 'end': '192.168.210.12'}]
# Set to the router gateway on the external network
ExternalInterfaceDefaultRoute: 192.168.210.1
# Gateway router for the provisioning network (or Undercloud IP)
ControlPlaneDefaultRoute: 192.0.5.1
# Generally the IP of the Undercloud
EC2MetadataIp: 192.0.5.1
InternalApiNetworkVlanID: 600
TenantNetworkVlanID: 554
ExternalNetworkVlanID: 552
# Define the DNS servers (maximum 2) for the overcloud nodes
DnsServers: ["10.35.28.28","8.8.8.8"]
# May set to br-ex if using floating IPs only on native VLAN on bridge br-ex
NeutronExternalNetworkBridge: "''"
# The tunnel type for the tenant network (vxlan or gre). Set to '' to disable tunneling.
NeutronTunnelTypes: ''
# The tenant network type for Neutron (vlan or vxlan).
NeutronNetworkType: 'vlan'
# The OVS logical->physical bridge mappings to use.
# NeutronBridgeMappings: 'datacentre:br-ex,tenant:br-isolated'
# The Neutron ML2 and OpenVSwitch vlan mapping range to support.
NeutronNetworkVLANRanges: 'datacentre:552:553,tenant:555:601'
# Nova flavor to use.
OvercloudControlFlavor: baremetal
OvercloudComputeFlavor: baremetal
# Number of nodes to deploy.
ControllerCount: 3
ComputeCount: 2
# Sets overcloud nodes custom names
# http://docs.openstack.org/developer/tripleo-docs/advanced_deployment/node_placement.html#custom-hostnames
ControllerHostnameFormat: 'controller-%index%'
ComputeHostnameFormat: 'compute-%index%'
CephStorageHostnameFormat: 'ceph-%index%'
ObjectStorageHostnameFormat: 'swift-%index%'6.2.5.4. controller.yaml file
此文件位于 /home/stack/baremetal-vlan/nic-configs/ 目录中。本例定义了以下交换机: br-isolated、br-vlan 和 br-ex。nic2 在 br-isolated 下,nic3 位于 br-ex 下:
heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the
controller role.
parameters:
ControlPlaneIp:
default: ''
description: IP address/subnet on the ctlplane network
type: string
ExternalIpSubnet:
default: ''
description: IP address/subnet on the external network
type: string
InternalApiIpSubnet:
default: ''
description: IP address/subnet on the internal API network
type: string
StorageIpSubnet:
default: ''
description: IP address/subnet on the storage network
type: string
StorageMgmtIpSubnet:
default: ''
description: IP address/subnet on the storage mgmt network
type: string
TenantIpSubnet:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
ExternalNetworkVlanID:
default: ''
description: Vlan ID for the external network traffic.
type: number
InternalApiNetworkVlanID:
default: ''
description: Vlan ID for the internal_api network traffic.
type: number
TenantNetworkVlanID:
default: ''
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 23
description: Vlan ID for the management network traffic.
type: number
ExternalInterfaceDefaultRoute:
default: ''
description: default route for the external network
type: string
ControlPlaneSubnetCidr: # Override this with parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
type: string
DnsServers: # Override this with parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: comma_delimited_list
EC2MetadataIp: # Override this with parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
resources:
OsNetConfigImpl:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config:
os_net_config:
network_config:
-
type: interface
name: nic1
use_dhcp: false
-
type: ovs_bridge
name: br-isolated
use_dhcp: false
dns_servers: {get_param: DnsServers}
addresses:
-
ip_netmask:
list_join:
- '/'
- - {get_param: ControlPlaneIp}
- {get_param: ControlPlaneSubnetCidr}
routes:
-
ip_netmask: 169.254.169.254/32
next_hop: {get_param: EC2MetadataIp}
members:
-
type: interface
name: nic2
# force the MAC address of the bridge to this interface
primary: true
-
type: vlan
vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: ovs_bridge
name: br-ex
use_dhcp: false
dns_servers: {get_param: DnsServers}
members:
-
type: interface
name: nic4
# force the MAC address of the bridge to this interface
-
type: vlan
vlan_id: {get_param: ExternalNetworkVlanID}
addresses:
-
ip_netmask: {get_param: ExternalIpSubnet}
routes:
-
default: true
next_hop: {get_param: ExternalInterfaceDefaultRoute}
-
type: ovs_bridge
name: br-vlan
use_dhcp: false
dns_servers: {get_param: DnsServers}
members:
-
type: interface
name: nic3
-
type: vlan
vlan_id: {get_param: TenantNetworkVlanID}
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
outputs:
OS::stack_id:
description: The OsNetConfigImpl resource.
value: {get_resource: OsNetConfigImpl}6.2.5.5. compute.yaml 文件
此文件位于 /home/stack/baremetal-vlan/nic-configs/ 目录中。计算配置中的大多数选项都与 Controller 配置中相同。在本例中,nic4 低于 br-ex 以用于外部连接(浮动 IP 网络 )
heat_template_version: pike
description: >
Software Config to drive os-net-config to configure VLANs for the
compute role.
parameters:
ControlPlaneIp:
default: ''
description: IP address/subnet on the ctlplane network
type: string
ExternalIpSubnet:
default: ''
description: IP address/subnet on the external network
type: string
InternalApiIpSubnet:
default: ''
description: IP address/subnet on the internal API network
type: string
TenantIpSubnet:
default: ''
description: IP address/subnet on the tenant network
type: string
ManagementIpSubnet: # Only populated when including environments/network-management.yaml
default: ''
description: IP address/subnet on the management network
type: string
InternalApiNetworkVlanID:
default: ''
description: Vlan ID for the internal_api network traffic.
type: number
TenantNetworkVlanID:
default: ''
description: Vlan ID for the tenant network traffic.
type: number
ManagementNetworkVlanID:
default: 23
description: Vlan ID for the management network traffic.
type: number
StorageIpSubnet:
default: ''
description: IP address/subnet on the storage network
type: string
StorageMgmtIpSubnet:
default: ''
description: IP address/subnet on the storage mgmt network
type: string
ControlPlaneSubnetCidr: # Override this with parameter_defaults
default: '24'
description: The subnet CIDR of the control plane network.
type: string
ControlPlaneDefaultRoute: # Override this with parameter_defaults
description: The default route of the control plane network.
type: string
DnsServers: # Override this with parameter_defaults
default: []
description: A list of DNS servers (2 max for some implementations) that will be added to resolv.conf.
type: comma_delimited_list
EC2MetadataIp: # Override this with parameter_defaults
description: The IP address of the EC2 metadata server.
type: string
ExternalInterfaceDefaultRoute:
default: ''
description: default route for the external network
type: string
resources:
OsNetConfigImpl:
type: OS::Heat::StructuredConfig
properties:
group: os-apply-config
config:
os_net_config:
network_config:
-
type: interface
name: nic1
use_dhcp: false
-
type: ovs_bridge
name: br-isolated
use_dhcp: false
dns_servers: {get_param: DnsServers}
addresses:
-
ip_netmask:
list_join:
- '/'
- - {get_param: ControlPlaneIp}
- {get_param: ControlPlaneSubnetCidr}
routes:
-
ip_netmask: 169.254.169.254/32
next_hop: {get_param: EC2MetadataIp}
-
next_hop: {get_param: ControlPlaneDefaultRoute}
default: true
members:
-
type: interface
name: nic2
# force the MAC address of the bridge to this interface
primary: true
-
type: vlan
vlan_id: {get_param: InternalApiNetworkVlanID}
addresses:
-
ip_netmask: {get_param: InternalApiIpSubnet}
-
type: ovs_bridge
name: br-ex
use_dhcp: false
members:
-
type: interface
name: nic4
-
type: ovs_bridge
name: br-vlan
use_dhcp: false
dns_servers: {get_param: DnsServers}
members:
-
type: interface
name: nic3
-
type: vlan
vlan_id: {get_param: TenantNetworkVlanID}
addresses:
-
ip_netmask: {get_param: TenantIpSubnet}
outputs:
OS::stack_id:
description: The OsNetConfigImpl resource.
value: {get_resource: OsNetConfigImpl}6.2.6. 此情境中使用的 Red Hat OpenStack Platform director 配置文件
6.2.6.1. neutron.conf 文件
此文件位于 /etc/neutron/ 目录中,并包含以下信息:
[DEFAULT]
service_plugins=odl-router_v2,trunk6.2.6.2. ml2_conf.ini file
此文件位于 /etc/neutron/plugins/ml2/ 目录中,并包含以下信息:
[DEFAULT]
[ml2]
type_drivers = vxlan,vlan,flat,gre
tenant_network_types = vlan
mechanism_drivers = opendaylight_v2
extension_drivers = qos,port_security
path_mtu = 0
[ml2_type_flat]
flat_networks = datacentre
[ml2_type_geneve]
[ml2_type_gre]
tunnel_id_ranges = 1:4094
[ml2_type_vlan]
network_vlan_ranges = datacentre:552:553,tenant:555:601
[ml2_type_vxlan]
vni_ranges = 1:4094
vxlan_group = 224.0.0.1
[securitygroup]
[ml2_odl]
password=<PASSWORD>
username=<USER>
url=http://172.17.0.10:8081/controller/nb/v2/neutron-
在 [ml2] 部分下,注意 VXLAN 用作网络类型,因此是
opendaylight_v2机制驱动程序。 -
在 [ml2_type_vlan] 下,设置与
network-environment.yaml文件中的相同映射。 - 在 [ml2_odl] 下,您应看到访问 OpenDaylightController 的配置。
您可以使用这些详情确认对 OpenDaylight Controller 的访问:
$ curl -H "Content-Type:application/json" -u admin:admin http://172.17.1.18:8081/controller/nb/v2/neutron/networks
'%20d='M201.5%20305.5c-13.8%200-24.9-11.1-24.9-24.6%200-13.8%2011.1-24.9%2024.9-24.9%2013.6%200%2024.6%2011.1%2024.6%2024.9%200%2013.6-11.1%2024.6-24.6%2024.6zM504%20256c0%20137-111%20248-248%20248S8%20393%208%20256%20119%208%20256%208s248%20111%20248%20248zm-132.3-41.2c-9.4%200-17.7%203.9-23.8%2010-22.4-15.5-52.6-25.5-86.1-26.6l17.4-78.3%2055.4%2012.5c0%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.3%2024.9-24.9s-11.1-24.9-24.9-24.9c-9.7%200-18%205.8-22.1%2013.8l-61.2-13.6c-3-.8-6.1%201.4-6.9%204.4l-19.1%2086.4c-33.2%201.4-63.1%2011.3-85.5%2026.8-6.1-6.4-14.7-10.2-24.1-10.2-34.9%200-46.3%2046.9-14.4%2062.8-1.1%205-1.7%2010.2-1.7%2015.5%200%2052.6%2059.2%2095.2%20132%2095.2%2073.1%200%20132.3-42.6%20132.3-95.2%200-5.3-.6-10.8-1.9-15.8%2031.3-16%2019.8-62.5-14.9-62.5zM302.8%20331c-18.2%2018.2-76.1%2017.9-93.6%200-2.2-2.2-6.1-2.2-8.3%200-2.5%202.5-2.5%206.4%200%208.6%2022.8%2022.8%2087.3%2022.8%20110.2%200%202.5-2.2%202.5-6.1%200-8.6-2.2-2.2-6.1-2.2-8.3%200zm7.7-75c-13.6%200-24.6%2011.1-24.6%2024.9%200%2013.6%2011.1%2024.6%2024.6%2024.6%2013.8%200%2024.9-11.1%2024.9-24.6%200-13.8-11-24.9-24.9-24.9z'/%3e%3c/svg%3e){kind=small}