Shulou(Shulou.com)06/01 Report--

Architecture diagram of Nova and Neutron node interface

Following the logical relationship of the Nova node network in the previous issue, this issue continues the previous topic, mainly talking about the components and interfaces on the Neutron node, and continuing to refer to the "logic diagram".

1. Through the above figure, start with the network node (Neutron), and query some information by using relevant commands, as follows:

[root@controller01 ~] # ip a | grep Q

4: ovs-system: mtu 1500 qdisc noop state DOWN

6: br-int: mtu 1450 qdisc noop state DOWN

11: tapf733605f-e2: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

12: tapeb25bcee-1b: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

13: tap3f46f81b-4f: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

18: tap0a0688b4-f8: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

27: tapfb9f4bc2-30: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

39: br-ex: mtu 1450 qdisc noqueue state UNKNOWN

40: eth2.13@eth2: mtu 1500 qdisc noqueue state UP

41: eth2.2@eth2: mtu 1500 qdisc noqueue master ovs-system state UP

42: br-tun: mtu 1500 qdisc noop state DOWN

43: tapf36b911d-fa: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

44: tap4ba24208-80: mtu 1450 qdisc pfifo_fast master ovs-system state UP qlen 1000

As can be seen from the command of 1, there are three Linux bridge, most of which are tap interfaces, and some hidden qr, in which eth2.2@eth2 and eth2.13 are virtual network cards sliced using virtual network card technology, and br-ex is the bridge out of the network. Continue to check with the command.

two。 Continue to view the interface information of ovs, and do the following:

[root@controller01~] # ovs-vsctl show

2b375334-9ce8-46f2-b5ee-ac60781da7f7

Bridge br-ex

Port "eth2.2"

Interface "eth2.2"

Port "tap4ba24208-80"

Interface "tap4ba24208-80"

Port br-ex

Interface br-ex

Type: internal

Bridge br-int

Fail_mode: secure

Port "tap0a0688b4-f8"

Tag: 1

Interface "tap0a0688b4-f8"

Port patch-tun

Interface patch-tun

Type: patch

Options: {peer=patch-int}

Port "tapeb25bcee-1b"

Tag: 3

Interface "tapeb25bcee-1b"

Port "tap3f46f81b-4f"

Tag: 3

Interface "tap3f46f81b-4f"

Port "tapf733605f-e2"

Tag: 4095

Interface "tapf733605f-e2"

Port "tapf36b911d-fa"

Tag: 4

Interface "tapf36b911d-fa"

Port "tapfb9f4bc2-30"

Tag: 4

Interface "tapfb9f4bc2-30"

Port br-int

Interface br-int

Type: internal

Bridge br-tun

Fail_mode: secure

Port patch-int

Interface patch-int

Type: patch

Options: {peer=patch-tun}

Port "vxlan-0af80903"

Interface "vxlan-0af80903"

Type: vxlan

Options: {df_default= "true", in_key=flow, local_ip= "10.248.9.2", out_key=flow, remote_ip= "10.248.9.3"}

Port "vxlan-0af80905"

Interface "vxlan-0af80905"

Type: vxlan

Options: {df_default= "true", in_key=flow, local_ip= "10.248.9.2", out_key=flow, remote_ip= "10.248.9.5"}

Port "vxlan-0af80901"

Interface "vxlan-0af80901"

Type: vxlan

Options: {df_default= "true", in_key=flow, local_ip= "10.248.9.2", out_key=flow, remote_ip= "10.248.9.1"}

Port br-tun

Interface br-tun

Type: internal

Ovs_version: "2.1.3"

You can see from 2 that there are many interfaces, but this time it is only for one router and one HDCP, and for the above three bridges.

3. To query the configuration information of the above two bridges, do the following:

[root@controller01 ~] # ovs-vsctl list-ports br-int

Patch-tun

Tap0a0688b4-f8

Tap3f46f81b-4f

Tapeb25bcee-1b

Tapf36b911d-fa

Tapf733605f-e2

Tapfb9f4bc2-30

[root@controller01 ~] # ovs-vsctl list-ports br-tun

Patch-int

Vxlan-0af80901

Vxlan-0af80903

Vxlan-0af80905

[root@controller01 ~] # ovs-vsctl list-ports br-ex

Eth2.2

From the command on 3, you can see:

A.br-int has many interfaces, of which patch-tun is a bridge interface and is docked with br-tun, while tap interfaces are all DHCP interfaces.

B.br-tun has three Vxlan tunnel interfaces, point-to-point, which is the tunnel communication between computing nodes and network nodes, while patch-int is a bridge interface, which is docked with br-int.

C.br-ex is joined by a virtual network port eth2.2, which is the address segment of the IP leading to the external network: 124.56.30.0, 27, which is the basis for the communication between the virtual host and the external network.

4. According to the logic diagram, continue to query qrouter and dhcp, which are the elements of Network Namespace (network namespace). Students who are free can learn about one. Here is only one example to let students understand their interface structure. Do the following:

[root@controller01 ~] # ip netns

Example of qdhcp-98daaa5b-3481-44d5-b697-76c8705a2409-DHCP

Qdhcp-237be48f-e8c0-4f35-93f6-8193005cdb21

Qdhcp-50cabb4c-7b6c-44eb-a26b-d240132798c8

Qdhcp-141e2f07-4ef0-4f1e-b0a9-1b7113072d8c

Example of qrouter-4d992933-9f4e-4fe6-9507-a75649ef37db-soft routing

From the command above 4, you can see that there are four DHCP and one soft router above, and then continue to analyze the configuration details of these two network namespaces.

5. The query does not see the hidden port in IP Addr: qr,qg,ns can check it, use the following instruction to query:

[root@controller01~] # ip netns exec qdhcp-98daaa5b-3481-44d5-b697-76c8705a2409 ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Valid_lft forever preferred_lft forever

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: ns-f36b911d-fa: mtu 1450 qdisc pfifo_fast state UP qlen 1000-the same as the tap ID that can be found in IP Add

Link/ether fa:16:3e:f4:08:38 brd ff:ff:ff:ff:ff:ff

Inet 172.16.0.2 scope global ns-f36b911d-fa 24 brd 172.16.0.255 scope global ns-f36b911d-fa-this DHCP has its own IP

Valid_lft forever preferred_lft forever

Inet6 fe80::f816:3eff:fef4:838/64 scope link

Valid_lft forever preferred_lft forever

[root@controller01] # ip netns exec qrouter-4d992933-9f4e-4fe6-9507-a75649ef37db ip addr

1: lo: mtu 65536 qdisc noqueue state UNKNOWN

Link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00

Inet 127.0.0.1/8 scope host lo

Valid_lft forever preferred_lft forever

Inet6:: 1/128 scope host

Valid_lft forever preferred_lft forever

2: qr-3f46f81b-4f: mtu 1450 qdisc pfifo_fast state UP qlen 1000

Link/ether fa:16:3e:e6:48:fb brd ff:ff:ff:ff:ff:ff

Inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-3f46f81b-4f

Valid_lft forever preferred_lft forever

Inet6 fe80::f816:3eff:fee6:48fb/64 scope link

Valid_lft forever preferred_lft forever

4: qr-fb9f4bc2-30: mtu 1450 qdisc pfifo_fast state UP qlen 1000-Gateway to the private network

Link/ether fa:16:3e:1a:84:f0 brd ff:ff:ff:ff:ff:ff

Inet 172.16.0.1 Compact 24 brd 172.16.0.255 scope global qr-fb9f4bc2-30

Valid_lft forever preferred_lft forever

Inet6 fe80::f816:3eff:fe1a:84f0/64 scope link

Valid_lft forever preferred_lft forever

7: qg-4ba24208-80: mtu 1450 qdisc pfifo_fast state UP qlen 1000-Gateway to the public network

Link/ether fa:16:3e:d4:19:15 brd ff:ff:ff:ff:ff:ff

Inet 124.56.30.119 scope global qg-4ba24208 27 brd 123.58.34.127 scope global qg-4ba24208-80

Valid_lft forever preferred_lft forever

Inet 124.56.30.118Charter 32 brd 123.58.34.118 scope global qg-4ba24208-80

Valid_lft forever preferred_lft forever

Inet6 fe80::f816:3eff:fed4:1915/64 scope link

Valid_lft forever preferred_lft forever

[root@controller01] # ip netns exec qdhcp-98daaa5b-3481-44d5-b697-76c8705a2409 route-n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 172.16.0.1 0.0.0.0 UG 000 ns-f36b911d-fa-the same as the tap ID that can be seen in IP Add

172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 0 ns-f36b911d-fa

[root@controller01] # ip netns exec qrouter-4d992933-9f4e-4fe6-9507-a75649ef37db route-n

Kernel IP routing table

Destination Gateway Genmask Flags Metric Ref Use Iface

0.0.0.0 124.56.30.97 0.0.0.0 UG 000 qg-4ba24208-80-Gateway to the public network

10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-3f46f81b-4f

124.56.30.96 0.0.0.0 255.255.255.224 U 0 000 qg-4ba24208-80

172.16.0.0 0.0.0.0 255.255.255.0 U 000 qr-fb9f4bc2-30-Gateway to the intranet

From 5 to previous information, it is now clear that the logical relationship between Nova and Neutron, as well as the flow of data. Qg-4ba24208-80 is the routing port to the external network, and qr-fb9f4bc2-30 is the routing port to the private network to the virtual CVM. Both ports are gateway ports. Ns-f36b911d-fa is actually a connection between tapf36b911d-fa and br-int, so you may assume that the data flow starts from instance0 to the external network, try to walk through it yourself, and you will basically know the network structure of Openstack.

Summary: after reading the network logic relationship between Nova and Neutron, I believe you have a preliminary understanding of the network structure of Openstack, and it also plays a certain role in troubleshooting some problems. Of course, I personally think that the knowledge of Linux Bridge in the whole network structure is very important, as well as tunnel technology, network namespace and other technologies. If you understand it, it will help us to better understand Neutron. Thank you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.