Shulou(Shulou.com)05/31 Report--

What is the purpose of Mirantis Fuel deploying OpenStack networks? I believe many inexperienced people don't know what to do about it. Therefore, this paper summarizes the causes and solutions of the problem. Through this article, I hope you can solve this problem.

Here is a brief talk about Fuel's network. Deployment of OpenStack should be the most complex part of the network, Fuel simplifies the deployment of OpenStack at the same time the network type is also difficult for beginners to understand, and then I briefly talk about my understanding.

The following figure shows several network types we encountered when using Fuel deployment, which is deployed in neutron vlan mode.

To sum up, there are roughly five networks:

1. PXE (deployment network): this is the deployment network, that is, the network startup set when the node is powered on. The network of the network card that first obtains the IP address. Once the network card starts from this network card, it cannot be manually changed like other networks, and cannot be bound, so it is generally independent. Mixing with other networks is not recommended in the production environment. In order to distinguish, in general, we use the first or last network port of the network card to start, and there can be no DHCP, otherwise there will be an error during network verification, but it can still be forcibly deployed.

2. Storage (storage network): storage network, as its name implies, is a private network dedicated to storage. I like to use Ceph as the unified storage of NOVA, Cinder and Glance, simple and shared. At this time, the storage network is equivalent to the Cluster Network of Ceph, which is used for the synchronization of the second and third copies of the data and the internal rebalance. In fact, the traffic of this network is still very large, especially when there are more storage nodes and the read IO is high.

3. Public (public network): there are actually two networks, Public network and Floating IP network. The two networks must be deployed on the same network segment for the first time. Additional Floating IP network segments can be manually added after deployment. Note that the ports interconnected with the switch need to be set to Trunk. Public is mainly used for external access. First, external users need to access the physical machine through the Public network, first go to the controller node, and then jump to the computing node. Of course, you can also manually configure Public IP for the computing and storage nodes. Second, the network node is above the controller node, that is, the so-called neutron L3. If the virtual machine is assigned Floating IP, it needs to access the external network, such as the company or the Internet, or the external network accesses the virtual machine through Floating IP. We know that Floating IP is going to DNAT the neutron L3 of the network node, that is, the control node.

In fact, many people worry that this is a bottleneck, worry too much, really. Of course, if you have hundreds of physical nodes, or north-south traffic, you need to evaluate it. In addition, if you do not need elastic IP, you can also consider going directly to the switch through Private, that is, the computing node.

4. Private (private network): this network is mainly used for internal communication. For example, when a CVM accesses to the controller node first, then the Public is only on the controller node, so how does it get to the controller node, of course, through the Private network. At the time of deployment, we saw that it had 30 VLAN by default, that is, VLAN ID 1000-1030. What did it do? We know that OpenStack can have many tenants, and each tenant can have his own network, so the subnet of the network can be the same under different tenants, so the question is, how is this achieved and how is the isolation done? This is the purpose of this VLAN. VLAN is used to isolate each other, that is, each subnet is separated by a VLAN to ensure network isolation and non-conflict between different tenants. These 30 vlan can set up 30 subnets, which you can change according to the actual needs. This Private also needs an uplink port, that is, the port interconnected with the switch is Trunk.

5. MGMT (Management Network): this management network is very useful. first, the communication between the various components of the OpenStack is the Management, that is, the API, Keystone authentication, monitoring, ah, everything is the network. Well, there is not much traffic in theory, ah, of course, in fact, this MGMT network has another use, that is, it serves as a Public network for Ceph. What's the difference between a Public network and the previous Public network? don't be dizzy. In fact, it is said that the Public network is relative to Ceph. It was said before that the Storage network is the Cluster Network of Ceph, which is used for internal data synchronization and rebalance. How to write that external traffic? that is our MGMT network. The data of the virtual machine is written through the external network, and then the traffic is written to the Ceph cluster through the MGMT network, so this data is the master copy of Ceph, so the network traffic is also very large. Because it is written and accessed externally, it can be called Public Network compared to the Ceph cluster.

If it is a production environment, in fact, the requirements for the network is still quite high, network redundancy, that is, binding is necessary. This requires network card redundancy, line redundancy, switch redundancy and so on. Of course, it also involves the bandwidth of the traffic, such as whether a 10 Gigabit network card is needed. The cost of this deployment is still quite large. Whether the network needs to be physically separated, several 10 gigabytes or all 10 gigabytes needs to be evaluated according to the traffic. For example, the traffic of MGMT and Storage in an environment must be not small, equipped with 10 gigabit network cards is the first to bear the brunt. Then the Public of north-south flow and the Private of east-west flow need to be evaluated according to the business. Of course, the bandwidth of PXE is gigabit.

After reading the above, have you mastered the method of using Mirantis Fuel to deploy OpenStack networks? If you want to learn more skills or want to know more about it, you are welcome to follow the industry information channel, thank you for reading!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.