Shulou(Shulou.com)06/03 Report--

Environment:

Openstack version pike control node host openstack-controller (ubuntu 16.04.5) 172.27.34.37

Compute node host openstack-computer (ubuntu 16.04.5) 172.27.34.38vlan100

Cirros01 (172.27.100.6), cirros02 (172.27.100.12) vlan101

Cirros03 (172.27.101.19)

Instance is not allowed in vlan100 and vlan101 by default.

For details of ubuntu installation, please see the full record of Ubuntu16.04.5 installation in lvm mode.

For more information on openstack installation, please see: OpenStack practice (1): build p version of OpenStack by DevStack under Ubuntu16.04

The test contents of this paper are as follows:

Create router to realize the interworking of different vlan

Public network access configuration to enable instance to connect to the public network

Floating ip configuration, which assigns floating ip to instance, and the public network can access the instance directly.

Vlan configuration:

L3 agent

Configuration

Root@openstack-controller:~# view / etc/neutron/l3_agent.iniinterface_driver = linuxbridge

Operation condition

Root@openstack-controller:~# su-stackstack@openstack-controller:~$ source devstack/openrc admin adminstack@openstack-controller:~$ openstack network agent list

Router

Create router router_100_101

New interface

Select vlan100 and vlan10 for subnets

After configuring router, vlan100 and vlan101 can communicate with ping at this time.

Cirros03 ping cirros01

The first goal is achieved.

Public network access configuration

Configure ml2

Stack@openstack-controller:~$ view / etc/neutron/plugins/ml2/ml2_ conf.ini [ml2 _ type_flat] flat_networks = externalte [ml2 _ type_vlan] network_vlan_ranges = default:3001: 4000 [Linux _ bridge] physical_interface_mappings = default:ens192,externaltt:ens224

Because the external network environment of this paper is flat network (the network card of the physical machine is connected to the access port of the switch), the external network is configured with flat, the corresponding network card ens224, the virtual machine internal network is vlan, and the corresponding network card ens192.

Create an external network ext_net

172.27.34.0 this network segment needs to be able to access the external network.

Remove the dhcp option

Ext_net creation completed

Connect the external network to the virtual router

Found that a new interface 6489e9ea-23a3 has been added to the virtual router.

Cirros ping external network

The second goal is achieved.

Create floating ip

Floating ip provides static NAT function, which is configured on the public network interface where router provides the gateway.

Associate an instance cirros03

View cirros

Security group configuration

Add a security group rule

Icmp rules are added to ensure ping connectivity, and ssh rules are added to enable the public network to directly ssh instances

test

The compute node can ping through cirros03 and can be connected directly by ssh.

The third goal is achieved.

The floating ip principle adds two rules for dealing with floating ip to iptables:

For more information on Open vSwitch method, please see: OpenStack practice (9): implementing floating IP in Open vSwitch way

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.