openvswitch+vxlan網絡
部署節點為一個controller節點,一個compute節點。controller節點有3個網卡,分別為eth0(管理和API網絡,192.168.10.0/24)、eth1(租戶網絡,10.10.10.0/24)、eth2(外部網絡,192.168.100.0/24,不設置IP);compute節點有2個網卡,分別為eth0(管理和API網絡,192.168.10.0/24)、eth1(租戶網絡,10.10.10.0/24)。
創建虛擬網絡
修改配置文件
controller節點
/etc/neutron/plugins/ml2/ml2conf.ini
[ml2]
type_drivers = flat,vxlan
tenant_network_types = vxlan
extension_drivers = port_security
[ml2_type_vxlan]
vni_ranges = 1001:2000
[securitygroup]
enable_ipset = true
/etc/neutron/l3agent.ini
[DEFAULT]
external_network_bridge = br-ex
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
/etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = True
/etc/neutron/plugins/ml2/openvswitchagent.ini
[agent]
tunnel_types = vxlan
l2_population = True
[ovs]
bridge_mappings =
tunnel_bridge = br-tun
local_ip = 10.10.10.10
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true
compute節點
/etc/neutron/plugins/ml2/openvswitchagent.ini
[agent]
tunnel_types = vxlan
l2_population = True
[ovs]
bridge_mappings =
tunnel_bridge = br-tun
local_ip = 10.10.10.11
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true
提前準備ovs網橋
root@controller:~# ovs-vsctl add-br br-ex
root@controller:~# ovs-vsctl add-port br-ex eth2
配置文件修改後,需要重啟網絡相關服務。
controller節點啟動了 neturon-metadata-agent、neutron-l3-agent、neutron-openvswitch-agent、neutron-dhcp-agent
compute節點啟動了 neutron-openvswitch-agent
openvswitch+vxlan網絡