Ke komo nei ka ʻike kapuaʻi i ka hohonu a hohonu i loko o ko mākou ola a ʻaʻole paha he kanaka hoʻokahi i hoʻohana ʻole i nā lawelawe kapua ma ka liʻiliʻi hoʻokahi. Eia nō naʻe, he aha ke ao a pehea e hana ai, he kakaikahi ka poʻe i ʻike, ʻoiai ma ka pae o kahi manaʻo. Ke lilo nei ʻo 5G i mea ʻoiaʻiʻo a ke hoʻomaka nei ka neʻe ʻana o ka ʻenehana telecom mai nā pole solutions i nā solutions cloud, e like me ka wā i neʻe ai mai nā hāmeʻa piha piha i nā "pou" virtualized.
I kēia lā, e kamaʻilio mākou e pili ana i ka honua i loko o ka ʻōnaehana kapuaʻi, ʻoiai mākou e nānā i nā kumu o ka ʻāpana pūnaewele.
He aha ke ao? ʻO ka virtualization like - ʻike pili?
ʻOi aku ma mua o kahi nīnau kūpono. ʻAʻole - ʻaʻole kēia virtualization, ʻoiai ʻaʻole hiki ke hana me ka ʻole. E nānā kākou i ʻelua wehewehe:
Cloud computing (i kapa ʻia ʻo Cloud) he kumu hoʻohālike no ka hoʻolako ʻana i nā mea hoʻohana i nā kumuwaiwai computing i puʻunaue ʻia e pono e hoʻolālā a hoʻokuʻu ʻia ma ke koi me ka latency haʻahaʻa haʻahaʻa a me ka uku liʻiliʻi i ka mea lawelawe.
Virtualization - ʻo ia ka hiki ke hoʻokaʻawale i hoʻokahi mea kino (no ka laʻana, kahi kikowaena) i kekahi mau mea virtual, a laila e hoʻonui ai i ka hoʻohana ʻana i nā kumuwaiwai (no ka laʻana, loaʻa iā ʻoe he 3 mau kikowaena i hoʻouka ʻia ma 25-30 pakeneka, ma hope o ka virtualization loaʻa iā ʻoe ka 1 server i hoʻouka ʻia. ma 80-90 pakeneka). ʻO ka mea maʻamau, ʻai ka virtualization i kekahi o nā kumuwaiwai - pono ʻoe e hānai i ka hypervisor, akā naʻe, e like me ka hōʻike ʻana, pono ka pāʻani i ke kukui. ʻO kahi hiʻohiʻona maikaʻi o ka virtualization ʻo VMWare, kahi e hoʻomākaukau pono ai i nā mīkini virtual, a i ʻole he laʻana KVM, kahi aʻu i makemake ai, akā he mea ʻono kēia.
Hoʻohana mākou i ka virtualization me ka ʻole o ka ʻike ʻana, a ua hoʻohana mua nā mea ala hao i ka virtualization - no ka laʻana, i ka mana hou loa o JunOS, ua hoʻokomo ʻia ka ʻōnaehana hana ma ke ʻano he mīkini virtual ma luna o kahi hoʻolaha Linux manawa maoli (Wind River 9). Akā ʻaʻole ʻo ka virtualization ke ao, akā ʻaʻole hiki i ke ao ke noho me ka ʻole o ka virtualization.
ʻO ka Virtualization kekahi o nā poloka kūkulu i kūkulu ʻia ai ke ao.
Ke hana ʻana i ke ao ma ka hōʻiliʻili wale ʻana i kekahi mau hypervisors i loko o ka L2 domain hoʻokahi, hoʻohui i ʻelua mau puke pāʻani yaml no ka hoʻopaʻa inoa ʻana i nā vlans ma o kekahi ʻano o ka ansible a me ka hoʻopili ʻana i kahi mea e like me kahi ʻōnaehana orchestration ma luna o ia mea āpau no ka hana ʻana i nā mīkini virtual ʻaʻole e holo. E ʻoi aku ka pololei, akā ʻo ka hopena ʻo Frankenstein ʻaʻole ia ke ao e pono ai mākou, ʻoiai ʻo ia ka moeʻuhane hope loa no nā poʻe ʻē aʻe. Eia kekahi, inā ʻoe e lawe i ka Openstack like, ʻo ia nō ʻo Frankenstein, akā maikaʻi, ʻaʻole mākou e kamaʻilio e pili ana i kēia manawa.
Akā, maopopo iaʻu mai ka wehewehe ʻana i hōʻike ʻia ma luna nei ʻaʻole maopopo loa ka mea hiki ke kapa ʻia he ao.
No laila, hāʻawi kahi palapala mai NIST (National Institute of Standards and Technology) i 5 mau hiʻohiʻona nui e loaʻa i kahi ʻenehana kapuaʻi:
Hāʻawi i ka lawelawe ma ke noi. Pono e hāʻawi ʻia i ka mea hoʻohana ke komo manuahi i nā kumuwaiwai kamepiula i hāʻawi ʻia iā ia (e like me nā pūnaewele, nā disks virtual, ka hoʻomanaʻo, nā cores processor, a me nā mea ʻē aʻe), a pono e hāʻawi ʻia kēia mau kumuwaiwai - ʻo ia hoʻi, me ka ʻole o ka mea lawelawe.
Loaʻa ākea ka lawelawe. Pono e hoʻolako ʻia ka loaʻa ʻana o nā kumuwaiwai e nā mīkini maʻamau e ʻae i ka hoʻohana ʻana i nā PC maʻamau a me nā mea kūʻai lahilahi a me nā polokalamu kelepona.
Hoʻohui i nā kumuwaiwai i loko o nā loko. Pono nā loko punawai e hāʻawi i nā kumuwaiwai i nā mea kūʻai aku he nui i ka manawa like, me ka hōʻoia ʻana e hoʻokaʻawale ʻia nā mea kūʻai aku a ʻaʻohe manaʻo like a me ka hoʻokūkū no nā kumuwaiwai. Hoʻokomo pū ʻia nā pūnaewele i loko o nā loko, e hōʻike ana i ka hiki ke hoʻohana i ka ʻōlelo ʻana. Pono nā loko e hoʻonui i ke koi. ʻO ka hoʻohana ʻana i nā loko e hiki ai ke hāʻawi i ka pae kūpono o ka hoʻomanawanui hewa a me ka abstraction o nā kumuwaiwai kino a me ka virtual - ua hāʻawi wale ʻia ka mea i loaʻa i ka lawelawe me ka hoʻonohonoho o nā kumuwaiwai āna i noi ai (kahi i loaʻa kino ai kēia mau kumuwaiwai, ehia ka nui. nā kikowaena a me nā hoʻololi - ʻaʻole pili i ka mea kūʻai aku). Eia naʻe, pono mākou e noʻonoʻo pono i ka mea hāʻawi e hōʻoia i ka mālama pono ʻana i kēia mau kumuwaiwai.
Hoʻololi wikiwiki i nā kūlana like ʻole. Pono e maʻalahi nā lawelawe - ka hāʻawi wikiwiki ʻana i nā kumuwaiwai, kā lākou hāʻawi hou ʻana, hoʻohui a hōʻemi paha i nā kumuwaiwai ma ke noi a ka mea kūʻai aku, a ma ka ʻaoʻao o ka mea kūʻai aku e manaʻo ʻia he pau ʻole nā kumuwaiwai ao. No ka maʻalahi o ka hoʻomaopopo ʻana, no ka laʻana, ʻaʻole ʻoe e ʻike i kahi ʻōlelo aʻo ua nalowale kekahi hapa o kāu wahi disk ma Apple iCloud no ka mea ua haki ka paʻa paʻa ma ke kikowaena, a ua haki nā drive. Eia kekahi, ma kāu ʻaoʻao, ʻaʻohe palena o nā hiki o kēia lawelawe - pono ʻoe i 2 TB - ʻaʻohe pilikia, ua uku ʻoe a loaʻa. Hiki ke hāʻawi ʻia kahi laʻana like me Google.Drive a i ʻole Yandex.Disk.
Hiki ke ana i ka lawelawe i haawiia. Pono nā ʻōnaehana kapua e hoʻomalu a hoʻopaʻa pono i nā kumu waiwai i pau, a pono e maopopo kēia mau hana i ka mea hoʻohana a me ka mea lawelawe. ʻO ia hoʻi, hiki iā ʻoe ke nānā mau i ka nui o nā kumuwaiwai āu e ʻai ai a me kāu mau mea kūʻai aku.
Pono e noʻonoʻo i ka ʻoiaʻiʻo o kēia mau koi i ka hapa nui o ke ao ākea, no laila no kahi ao pilikino (ʻo ia hoʻi, kahi ao i hoʻokuʻu ʻia no nā pono kūloko o ka ʻoihana), hiki ke hoʻololi iki i kēia mau koi. Eia nō naʻe, pono e hana ʻia, inā ʻaʻole e loaʻa iā mākou nā pōmaikaʻi āpau o ka computing cloud.
No ke aha mākou e pono ai i kahi ao?
Eia nō naʻe, ʻo nā ʻenehana hou a i ʻole nā ʻenehana, ua hana ʻia kekahi protocol hou no kekahi mea (maikaʻi, koe wale no RIP-ng, ʻoiaʻiʻo). ʻAʻohe mea e pono i kahi protocol no ka pono o kahi protocol (maikaʻi, koe wale no RIP-ng, ʻoiaʻiʻo). He kūpono ka hana ʻana o ka Cloud e hāʻawi i kekahi ʻano lawelawe i ka mea hoʻohana / mea kūʻai aku. Ua kamaʻāina mākou a pau i ʻelua mau lawelawe kapuaʻi, no ka laʻana ʻo Dropbox a i ʻole Google.Docs, a ke manaʻoʻiʻo nei au e hoʻohana maikaʻi ana ka hapa nui o ka poʻe iā lākou - no ka laʻana, ua kākau ʻia kēia ʻatikala me ka lawelawe ʻo Google.Docs cloud. Akā ʻo nā lawelawe kapuaʻi a mākou i ʻike ai he ʻāpana wale nō ia o nā mana o ke ao - ʻoi aku ka pololei, he lawelawe ʻano SaaS wale nō lākou. Hiki iā mākou ke hāʻawi i kahi lawelawe kapua ma nā ʻano ʻekolu: ma ke ʻano o SaaS, PaaS a i ʻole IaaS. ʻO ka lawelawe āu e pono ai e pili ana i kou makemake a me kou hiki.
E nānā kākou i kēlā me kēia ma ke ʻano:
Pūnaeweleʻo ia he lawelawe (SaaS) he kumu hoʻohālike no ka hāʻawi ʻana i kahi lawelawe piha i ka mea kūʻai aku, no ka laʻana, kahi lawelawe leka uila e like me Yandex.Mail a i ʻole Gmail. Ma kēia hoʻohālike hāʻawi lawelawe, ʻo ʻoe, ma ke ʻano he mea kūʻai aku, ʻaʻole ʻoe e hana i kekahi mea koe wale nō ka hoʻohana ʻana i nā lawelawe - ʻo ia hoʻi, ʻaʻole pono ʻoe e noʻonoʻo e pili ana i ka hoʻonohonoho ʻana i ka lawelawe, kona hoʻomanawanui hewa a i ʻole redundancy. ʻO ka mea nui ʻaʻole e hoʻololi i kāu ʻōlelo huna; na ka mea hoʻolako o kēia lawelawe e hana i ke koena no ʻoe. Mai ka manaʻo o ka mea lawelawe, ʻo ia ke kuleana piha no ka lawelawe holoʻokoʻa - mai nā lako kikowaena a me nā ʻōnaehana lawelawe hoʻokipa i ka ʻikepili a me nā hoʻonohonoho polokalamu.
Paepae ma ke ʻano he lawelawe (PaaS) — i ka hoʻohana ʻana i kēia ʻano hoʻohālike, hāʻawi ka mea lawelawe i ka mea kūʻai aku i kahi mea hana no ka lawelawe, no ka laʻana, e lawe mākou i kahi kikowaena pūnaewele. Hāʻawi ka mea lawelawe i ka mea kūʻai aku i kahi kikowaena virtual (ʻoiaʻiʻo, kahi hoʻonohonoho o nā kumuwaiwai, e like me RAM/CPU/Storage/Nets, etc.), a hoʻokomo pū i ka OS a me nā polokalamu pono ma kēia kikowaena, akā naʻe, ka hoʻonohonoho o ʻO kēia mau mea a pau e hana ʻia e ka mea kūʻai aku ponoʻī a no ka hana o ka lawelawe a ka mea kūʻai aku e pane. ʻO ka mea lawelawe, e like me ka hihia ma mua, ke kuleana no ka hana ʻana i nā mea hana kino, hypervisors, ka mīkini virtual ponoʻī, ka loaʻa ʻana o ka pūnaewele, a me nā mea ʻē aʻe, akā ʻaʻole ʻo ka lawelawe ponoʻī i kāna wahi kuleana.
ʻO Infrastructure ma ke ʻano he lawelawe (IaaS) - ʻoi aku ka hoihoi o kēia ala, ʻoiaʻiʻo, hāʻawi ka mea lawelawe i ka mea kūʻai aku i kahi ʻōnaehana virtualized piha - ʻo ia hoʻi, kekahi pūʻulu (pool) o nā kumuwaiwai, e like me CPU Cores, RAM, Networks, etc. ka mea kūʻai - he aha ka mea a ka mea kūʻai e makemake ai e hana me kēia mau kumuwaiwai i loko o ka loko i hoʻokaʻawale ʻia (quota) - ʻaʻole ia he mea koʻikoʻi no ka mea hoʻolako. Inā makemake ka mea kūʻai aku e hana i kāna vEPC ponoʻī a i ʻole e hana i kahi mea hoʻohana liʻiliʻi a hāʻawi i nā lawelawe kamaʻilio - ʻaʻohe nīnau - e hana. Ma kēlā ʻano hiʻohiʻona, kuleana ka mea lawelawe i ka hoʻolako ʻana i nā kumuwaiwai, ko lākou ʻae ʻana a me ka loaʻa ʻana, a me ka OS e hiki ai iā lākou ke hoʻohui i kēia mau kumuwaiwai a hoʻolako iā lākou i ka mea kūʻai aku me ka hiki ke hoʻonui a hoʻemi i nā kumuwaiwai i kēlā me kēia manawa. ma ke noi a ka mea kūʻai aku. Hoʻonohonoho ka mea kūʻai aku i nā mīkini virtual a me nā tinsel ʻē aʻe iā ia iho ma o ka portal lawelawe ponoʻī a me ka console, me ka hoʻonohonoho ʻana i nā pūnaewele (koe wale nā pūnaewele waho).
He aha ka OpenStack?
Ma nā koho ʻekolu a pau, pono ka mea lawelawe i kahi OS e hiki ai ke hana i kahi ʻōnaehana ao. ʻO kaʻoiaʻiʻo, me SaaS, ʻoi aku ma mua o hoʻokahi mahele ke kuleana o ka ʻenehana holoʻokoʻa - aia kahi mahele i kuleana no ka ʻoihana - ʻo ia hoʻi, hāʻawi ia IaaS i kekahi mahele, hāʻawi kēia māhele iā SaaS i ka mea kūʻai. ʻO OpenStack kekahi o nā ʻōnaehana kapuaʻi e hiki ai iā ʻoe ke hōʻiliʻili i kahi pūʻulu o nā hoʻololi, nā kikowaena a me nā ʻōnaehana mālama i loko o kahi wai punawai hoʻokahi, e hoʻokaʻawale i kēia kolamu maʻamau i loko o nā subpools (tenants) a hāʻawi i kēia mau kumuwaiwai i nā mea kūʻai aku ma ka pūnaewele.
OpenStack he ʻōnaehana hana kapua e hiki ai iā ʻoe ke hoʻomalu i nā pūnāwai nui o nā kumuwaiwai computing, mālama ʻikepili a me nā kumuwaiwai pūnaewele, hoʻolako ʻia a mālama ʻia ma o kahi API me ka hoʻohana ʻana i nā mīkini hōʻoia maʻamau.
I nā huaʻōlelo ʻē aʻe, he hoʻonohonoho kēia o nā papahana polokalamu manuahi i hoʻolālā ʻia e hana i nā lawelawe kapuaʻi (ʻo ka lehulehu a me ka pilikino) - ʻo ia hoʻi, kahi hoʻonohonoho o nā mea hana e hiki ai iā ʻoe ke hoʻohui i ka server a me ka hoʻololi ʻana i nā mea hana i loko o kahi wai punawai hoʻokahi, hoʻokele. kēia mau kumuwaiwai, e hāʻawi ana i ka pae kūpono o ka hoʻomanawanui hewa.
I ka manawa e kākau ai i kēia mea, ua like ke ʻano o ka OpenStack structure:
Kiʻi ʻia mai
Hana kēlā me kēia ʻāpana i OpenStack i kahi hana kikoʻī. Hāʻawi kēia hoʻolaha hoʻolaha iā ʻoe e hoʻokomo i loko o ka hopena i ka hoʻonohonoho o nā ʻāpana hana āu e pono ai. Eia nō naʻe, ʻo kekahi mau ʻāpana he ʻāpana kumu a ʻo kā lākou wehe ʻana e alakaʻi i ka hiki ʻole o ka hoʻokō ʻana a i ʻole hapa o ka hopena holoʻokoʻa. Hoʻokaʻawale pinepine ʻia kēia mau ʻāpana penei:
- Dashboard — ʻO GUI pūnaewele no ka mālama ʻana i nā lawelawe OpenStack
- Keystone he lawelawe ʻike kikowaena e hāʻawi ana i ka hana hōʻoia a me ka ʻae ʻana no nā lawelawe ʻē aʻe, a me ka mālama ʻana i nā hōʻoia mea hoʻohana a me kā lākou mau kuleana.
- Neutron - he lawelawe pūnaewele e hāʻawi ana i ka pilina ma waena o nā kikowaena o nā lawelawe OpenStack like ʻole (me ka pilina ma waena o nā VM a me ko lākou komo ʻana i ka honua waho)
- Kukuni - hāʻawi i ke ala e pale ai i ka waiho ʻana no nā mīkini virtual
- Nova - ka hoʻokele ola ʻana o nā mīkini virtual
- Nānā - ka waihona o nā kiʻi mīkini virtual a me nā kiʻi
- māmā - hāʻawi i ke komo i ka mea mālama
- Ceilometer - he lawelawe e hāʻawi i ka hiki ke hōʻiliʻili i ka telemetry a ana i nā kumuwaiwai i loaʻa a hoʻopau ʻia
- wela - ka hoʻonohonoho ʻana e pili ana i nā mamana no ka hana ʻana a me ka hoʻolako ʻana i nā kumuwaiwai
Hiki ke ʻike ʻia kahi papa inoa piha o nā papahana āpau a me kā lākou kumu .
ʻO kēlā me kēia māhele OpenStack he lawelawe ia e hana ana i kahi hana kikoʻī a hāʻawi i kahi API no ka hoʻokele ʻana i kēlā hana a me ka launa pū ʻana me nā lawelawe ʻōnaehana ʻoihana ʻē aʻe e hana i kahi ʻōnaehana hui. No ka laʻana, hāʻawi ʻo Nova i ka hoʻokele waiwai waiwai a me kahi API no ke komo ʻana i ka hoʻonohonoho ʻana i kēia mau kumuwaiwai, hāʻawi ʻo Glance i ka hoʻokele kiʻi a me kahi API no ka hoʻokele ʻana iā lākou, hāʻawi ʻo Cinder i kahi waiho poloka a me kahi API no ka mālama ʻana, etc. Hoʻopili ʻia nā hana a pau ma kahi ala kokoke loa.
Eia nō naʻe, inā ʻoe e nānā iā ia, ʻo nā lawelawe āpau e holo ana ma OpenStack ma hope o kekahi ʻano mīkini virtual (a i ʻole ipu) pili i ka pūnaewele. Ke kū nei ka nīnau - no ke aha mākou e makemake ai i nā mea he nui?
E hele kāua i ka algorithm no ka hana ʻana i kahi mīkini virtual a hoʻopili iā ia i ka pūnaewele a me ka mālama mau ʻana ma Openstack.
- Ke hana ʻoe i kahi noi e hana i kahi mīkini, inā he noi ma o Horizon (Dashboard) a i ʻole kahi noi ma o ka CLI, ʻo ka mea mua e hana ʻia ʻo ka ʻae ʻia o kāu noi ma Keystone - hiki iā ʻoe ke hana i kahi mīkini, aia iā ia ka pono e hoʻohana i kēia pūnaewele, hana i kāu kikoo kikoʻī, etc.
- Hōʻoia ʻo Keystone i kāu noi a hoʻopuka i kahi hōʻailona hōʻoia i ka memo pane, e hoʻohana hou ʻia. Ma hope o ka loaʻa ʻana o ka pane mai Keystone, hoʻouna ʻia ke noi iā Nova (nova api).
- Nānā ʻo Nova-api i ka pono o kāu noi ma ke kelepona ʻana iā Keystone me ka hoʻohana ʻana i ka hōʻailona mana i hana mua ʻia
- Hana ʻo Keystone i ka hōʻoia a hāʻawi i ka ʻike e pili ana i nā ʻae a me nā kapu e pili ana i kēia hōʻailona hōʻoia.
- Hoʻokumu ʻo Nova-api i kahi komo no ka VM hou ma nova-database a hāʻawi i ka noi e hana i ka mīkini i ka nova-scheduler.
- Koho ʻo Nova-scheduler i ka host (node computer) kahi e kau ʻia ai ka VM e pili ana i nā ʻāpana, nā kaupaona a me nā ʻāpana. Ua kākau ʻia kahi moʻolelo o kēia a me ka VM ID i nova-database.
- A laila, hoʻopili ʻo nova-scheduler iā nova-compute me kahi noi e kau i kahi laʻana. Hoʻopili ʻo Nova-compute i ka nova-conductor no ka loaʻa ʻana o ka ʻike e pili ana i nā ʻāpana mīkini (nova-conductor kahi mea nova e hana ma ke ʻano he kikowaena proxy ma waena o nova-database a me nova-compute, e kaupalena ana i ka helu o nā noi i nova-database e pale i nā pilikia me ka waihona. ho'ēmi haawe kūlike).
- Loaʻa iā Nova-conductor ka ʻike i noi ʻia mai nova-database a hāʻawi iā ia i ka nova-compute.
- A laila, ʻike ka nova-compute e kiʻi i ka ID kiʻi. Hōʻoia ʻo Glace i ka noi ma Keystone a hoʻihoʻi i ka ʻike i noi ʻia.
- Hoʻopili ʻo Nova-compute i ka neutron no ka loaʻa ʻana o ka ʻike e pili ana i nā ʻāpana pūnaewele. E like me ka nānā ʻana, hōʻoia ka neutron i ka noi ma Keystone, a laila hana ia i kahi komo i loko o ka waihona (port identifier, etc.), hana i kahi noi e hana i kahi awa, a hoʻihoʻi i ka ʻike i noi ʻia i ka nova-compute.
- Hoʻopili ʻo Nova-compute cinder me kahi noi e hoʻokaʻawale i kahi leo i ka mīkini virtual. E like me ka nānā ʻana, hōʻoia ʻo cider i ka noi ma Keystone, hana i kahi noi hana leo, a hoʻihoʻi i ka ʻike i noi ʻia.
- Hoʻopili ʻo Nova-compute iā libvirt me kahi noi e kau i kahi mīkini virtual me nā ʻāpana i kuhikuhi ʻia.
ʻO ka ʻoiaʻiʻo, ʻo kahi hana maʻalahi o ka hana ʻana i kahi mīkini maʻalahi maʻalahi e huli i kahi whirlpool o nā kelepona API ma waena o nā mea o ka paepae ao. Eia kekahi, e like me kāu e ʻike ai, ʻo nā lawelawe i koho mua ʻia pū kekahi me nā mea liʻiliʻi ma waena o ka launa pū ʻana. ʻO ka hana ʻana i kahi mīkini he ʻāpana liʻiliʻi wale nō ia o ka mea a ka paepae kapuaʻi e ʻae ai iā ʻoe e hana - aia kahi lawelawe e pili ana i ke kaupaona ʻana i nā kaʻa, kahi lawelawe no ka mālama ʻana i ka poloka, kahi lawelawe kuleana no DNS, kahi lawelawe kuleana no ka hoʻolako ʻana i nā kikowaena metala ʻole, etc. ʻAe ke ao iā ʻoe e mālama i kāu mau mīkini virtual e like me ka ʻohana hipa (e kū'ē i ka virtualization). Inā loaʻa kekahi mea i kāu mīkini i loko o kahi kaiapuni virtual - hoʻihoʻi ʻoe iā ia mai nā backup, a me nā mea ʻē aʻe, akā ua kūkulu ʻia nā noi ao ma ke ʻano i hana ʻole ai ka mīkini virtual i kahi hana koʻikoʻi - "make" ka mīkini virtual - ʻaʻohe pilikia. - ua hana wale ʻia kahi mea hou e pili ana ka kaʻa i ke kumu hoʻohālike a, e like me kā lākou e ʻōlelo nei, ʻaʻole ʻike ka hui i ka nalowale o ka mea hakakā. Ma keʻano maʻamau, hāʻawi kēia i ka hiki ʻana o nā mīkini orchestration - me ka hoʻohana ʻana i nā template Heat, hiki iā ʻoe ke hoʻonohonoho maʻalahi i kahi hana paʻakikī i loaʻa i nā haneli o nā pūnaewele a me nā mīkini virtual.
He mea pono e hoʻomanaʻo ʻaʻole ʻaʻohe ʻenehana kapuaʻi me ka ʻole o ka pūnaewele - ʻo kēlā me kēia mea ma ke ʻano a i ʻole e launa pū me nā mea ʻē aʻe ma o ka pūnaewele. Eia kekahi, loaʻa i ke ao kahi pūnaewele non-static loa. ʻO ka mea maʻamau, ʻoi aku ka liʻiliʻi o ka pūnaewele underlay - ʻaʻole i hoʻohui ʻia nā nodes a me nā hoʻololi hou i kēlā me kēia lā, akā hiki ke hoʻololi mau ka ʻāpana overlay - e hoʻohui ʻia a holoi ʻia paha nā pūnaewele hou, e kū mai nā mīkini virtual hou a ʻo nā mea kahiko. make. A e like me kou hoʻomanaʻo ʻana mai ka wehewehe ʻana o ke ao i hāʻawi ʻia ma ka hoʻomaka ʻana o ka ʻatikala, pono e hoʻokaʻawale ʻia nā kumuwaiwai i ka mea hoʻohana me ka liʻiliʻi (a ʻoi aku ka maikaʻi, me ka ʻole) ke komo ʻana mai ka mea lawelawe. ʻO ia hoʻi, ke ʻano o ka hoʻolako ʻana i nā kumuwaiwai pūnaewele i kēia manawa ma ke ʻano o ka mua-hope ma ke ʻano o kāu moʻokāki pilikino i hiki ke loaʻa ma o http/https a me ka ʻenekini pūnaewele ma luna o Vasily ma ke ʻano he backend ʻaʻole ia he ao, ʻoiai. inā ʻewalu mau lima o Vasily.
ʻO Neutron, ma ke ʻano he lawelawe pūnaewele, hāʻawi i kahi API no ka hoʻokele ʻana i ka ʻāpana pūnaewele o ka ʻōnaehana ao. Na ka lawelawe a mālama i ka ʻāpana pūnaewele o Openstack ma o ka hāʻawi ʻana i kahi papa abstraction i kapa ʻia ʻo Network-as-a-Service (NaaS). ʻO ia hoʻi, ʻo ka pūnaewele ʻo ia ka ʻāpana like ʻole e like me ka laʻana, nā cores CPU virtual a i ʻole ka nui o ka RAM.
Akā ma mua o ka neʻe ʻana i ka hoʻolālā o ka ʻāpana pūnaewele o OpenStack, e noʻonoʻo kākou i ka hana ʻana o kēia pūnaewele ma OpenStack a no ke aha he mea koʻikoʻi a koʻikoʻi ka pūnaewele o ke ao.
No laila, loaʻa iā mākou ʻelua VM mea kūʻai aku RED a ʻelua VM mea kūʻai GREEN. E noʻonoʻo kākou aia kēia mau mīkini ma nā hypervisors ʻelua ma kēia ʻano:
I kēia manawa, ʻo kēia wale nō ka virtualization o nā kikowaena 4 a ʻaʻohe mea ʻē aʻe, ʻoiai i kēia manawa a mākou i hana ai ʻo virtualize 4 mau kikowaena, kau iā lākou ma nā kikowaena kino ʻelua. A i kēia manawa ʻaʻole lākou i pili i ka pūnaewele.
No ka hana ʻana i kahi ao, pono mākou e hoʻohui i kekahi mau ʻāpana. ʻO ka mea mua, ke virtualize mākou i ka ʻāpana pūnaewele - pono mākou e hoʻopili i kēia mau mīkini 4 i ʻelua, a makemake nā mea kūʻai aku i kahi pilina L2. Hiki iā ʻoe ke hoʻohana i kahi hoʻololi a hoʻonohonoho i kahi pahu i kona kuhikuhi a hoʻoholo i nā mea āpau me ka hoʻohana ʻana i kahi alahaka linux a i ʻole, no nā mea hoʻohana ʻoi aku ka holomua, openvswitch (e hoʻi mākou i kēia ma hope). Akā hiki i ka nui o nā pūnaewele, a ʻo ka hoʻokau mau ʻana iā L2 ma o ka hoʻololi ʻana ʻaʻole ia ka manaʻo maikaʻi loa - aia nā keʻena ʻokoʻa, kahi papa lawelawe, nā mahina o ke kali ʻana no kahi noi e hoʻopau ʻia, nā pule hoʻoponopono pilikia - i ka honua hou kēia. ʻaʻole hana hou ke ala. A ʻo ka wikiwiki o ka ʻoihana e hoʻomaopopo i kēia, ʻoi aku ka maʻalahi o ka neʻe ʻana i mua. No laila, ma waena o nā hypervisors e koho mākou i kahi pūnaewele L3 kahi e kamaʻilio ai kā mākou mau mīkini uila, a ma luna o kēia pūnaewele L3 mākou e kūkulu ai i nā pūnaewele overlay L2 virtual kahi e holo ai ke kaʻa o kā mākou mīkini virtual. Hiki iā ʻoe ke hoʻohana iā GRE, Geneve a i ʻole VxLAN e like me ka encapsulation. E noʻonoʻo kākou i ka mea hope i kēia manawa, ʻoiai ʻaʻole ia he mea koʻikoʻi.
Pono mākou e ʻimi i ka VTEP ma kahi (manaʻo wau ua kamaʻāina nā mea a pau i ka huaʻōlelo VxLAN). No ka mea, loaʻa iā mākou kahi pūnaewele L3 e hele pololei mai nā kikowaena, ʻaʻohe mea e pale iā mākou mai ke kau ʻana iā VTEP ma nā kikowaena ponoʻī, a ʻo OVS (OpenvSwitch) maikaʻi loa i ka hana ʻana i kēia. ʻO ka hopena, ua loaʻa iā mākou kēia hoʻolālā:
No ka mea pono e hoʻokaʻawale ʻia nā kaʻa ma waena o nā VM, e loaʻa i nā awa i nā mīkini virtual nā helu vlan ʻokoʻa. ʻO ka helu helu he kuleana wale nō i loko o hoʻokahi hoʻololi virtual, ʻoiai ke hoʻopili ʻia i VxLAN hiki iā mākou ke wehe maʻalahi, no ka mea, loaʻa iā mākou kahi VNI.
I kēia manawa hiki iā mākou ke hana i kā mākou mau mīkini a me nā pūnaewele virtual no lākou me ka pilikia ʻole.
Akā, pehea inā he mīkini ʻē aʻe ka mea kūʻai aku, akā aia ma kahi pūnaewele ʻokoʻa? Pono mākou i ke aʻa ma waena o nā pūnaewele. E nānā mākou i kahi koho maʻalahi i ka wā e hoʻohana ʻia ai ka routing centralized - ʻo ia hoʻi, hoʻokele ʻia ke kaʻa ma o nā nodes pūnaewele kūikawā kūikawā (maikaʻi, ma ke ʻano he kānāwai, ua hui pū ʻia lākou me nā nodes mana, no laila e loaʻa iā mākou ka mea like).
Me he mea lā ʻaʻohe mea paʻakikī - hana mākou i kahi alahaka ma ka node control, hoʻokele kaʻa i laila a mai laila mākou e hele ai i kahi e pono ai mākou. Akā ʻo ka pilikia, makemake ka mea kūʻai RED e hoʻohana i ka pūnaewele 10.0.0.0/24, a makemake ka mea kūʻai GREEN e hoʻohana i ka pūnaewele 10.0.0.0/24. ʻO ia hoʻi, hoʻomaka mākou e intersect i nā wahi kikoʻī. Eia hou, ʻaʻole makemake nā mea kūʻai aku i nā mea kūʻai aku e hiki ke hele i loko o kā lākou pūnaewele i loko, i kūpono. No ka hoʻokaʻawale ʻana i nā ʻupena a me ka ʻikepili o ka mea kūʻai aku, e hoʻokaʻawale mākou i kahi inoa inoa ʻokoʻa no kēlā me kēia o lākou. ʻO ka inoa inoa he kope maoli ia o ka waihona pūnaewele Linux, ʻo ia hoʻi, kaʻawale loa nā mea kūʻai aku i ka namespace RED mai nā mea kūʻai aku mai ka namespace GREEN (maikaʻi, ʻae ʻia ke ala ʻana ma waena o kēia mau pūnaewele mea kūʻai aku ma o ka inoa inoa paʻamau a i ʻole nā mea halihali i luna).
ʻO ia hoʻi, loaʻa iā mākou ke kiʻi penei:
Huli nā pūnana L2 mai nā node helu helu a pau i ka node mana. node kahi i loaʻa ai ka loulou L3 no kēia mau pūnaewele, kēlā me kēia ma kahi inoa inoa i hoʻolaʻa ʻia no ka kaʻawale.
Akā naʻe, poina iā mākou ka mea nui loa. Pono ka mīkini virtual e hāʻawi i kahi lawelawe i ka mea kūʻai aku, ʻo ia hoʻi, pono e loaʻa iā ia ma kahi liʻiliʻi o hoʻokahi kikowaena waho e hiki ai ke loaʻa. ʻO ia hoʻi, pono mākou e hele i waho o ka honua. Aia nā koho like ʻole ma aneʻi. E hana kāua i ka koho maʻalahi. E hoʻohui mākou i hoʻokahi pūnaewele i kēlā me kēia mea kūʻai aku, e kūpono i ka pūnaewele o ka mea hoʻolako a ʻaʻole e uhi ʻia me nā pūnaewele ʻē aʻe. Hiki i nā pūnaewele ke hui a nānā i nā VRF likeʻole ma kaʻaoʻao o ka pūnaewele hoʻolako. E noho pū ka ʻikepili pūnaewele ma ka inoa inoa o kēlā me kēia mea kūʻai. Eia nō naʻe, e hele mau ana lākou i waho o ka honua ma o hoʻokahi kino kino (a i ʻole paʻa, ʻoi aku ka logical). No ka hoʻokaʻawale ʻana i ke kaʻa o nā mea kūʻai aku, e hōʻailona ʻia ka huakaʻi hele i waho me kahi hōʻailona VLAN i hāʻawi ʻia i ka mea kūʻai.
ʻO ka hopena, ua loaʻa iā mākou kēia kiʻi:
ʻO kahi nīnau kūpono no ke aha e hana ʻole ai i nā ʻīpuka ma nā nodes compute iā lākou iho? ʻAʻole kēia he pilikia nui; ʻoi aku, inā ʻoe e hoʻohuli i ka distributed router (DVR), e hana kēia. Ma kēia hiʻohiʻona, ke noʻonoʻo nei mākou i ka koho maʻalahi loa me kahi puka kikowaena, i hoʻohana ʻia e ka paʻamau ma Openstack. No nā hana haʻahaʻa kiʻekiʻe, e hoʻohana lākou i kahi alalai hoʻolaha a me nā ʻenehana wikiwiki e like me SR-IOV a me Passthrough, akā e like me kā lākou e ʻōlelo nei, he moʻolelo ʻokoʻa loa kēlā. ʻO ka mea mua, e hana mākou i ka ʻāpana kumu, a laila e hele mākou i nā kikoʻī.
ʻOiaʻiʻo, hiki i kā mākou papahana ke hana, akā aia kekahi mau nuances:
- Pono mākou e pale i kā mākou mau mīkini, ʻo ia hoʻi, e kau i kahi kānana ma ke kikowaena hoʻololi i ka mea kūʻai aku.
- Hiki i ka mīkini virtual ke loaʻa i kahi leka uila IP, i ʻole ʻoe e komo i loko ma o ka console i kēlā me kēia manawa a hoʻopaʻa inoa i ka helu.
E hoʻomaka kākou me ka pale ʻana i ka mīkini. No kēia hiki iā ʻoe ke hoʻohana i nā iptables banal, no ke aha.
ʻO ia, i kēia manawa ua lilo kā mākou topology i mea paʻakikī loa:
E neʻe kāua. Pono mākou e hoʻohui i kahi kikowaena DHCP. ʻO kahi kūpono loa e ʻimi ai i nā kikowaena DHCP no kēlā me kēia mea kūʻai aku, ʻo ia ka node mana i ʻōlelo ʻia ma luna, kahi i loaʻa ai nā inoa inoa:
Eia naʻe, he pilikia liʻiliʻi. He aha inā e hoʻomaka hou nā mea āpau a nalowale nā ʻike āpau e pili ana i ka hoʻolimalima ʻana i nā helu wahi ma DHCP. He kūpono ka hāʻawi ʻia ʻana o nā mīkini i nā ʻōlelo hou, ʻaʻole kūpono loa. ʻElua ala i waho ma ʻaneʻi - e hoʻohana i nā inoa kikowaena a hoʻohui i kahi kikowaena DNS no kēlā me kēia mea kūʻai aku, a laila ʻaʻole e koʻikoʻi ka helu wahi iā mākou (e like me ka ʻāpana pūnaewele i k8s) - akā aia kahi pilikia me nā pūnaewele waho, ʻoiai. Hiki ke hoʻopuka ʻia nā ʻōlelo i loko o lākou ma o DHCP - pono ʻoe i ka hoʻonohonoho ʻana me nā kikowaena DNS ma ke ao kapuaʻi a me kahi kikowaena DNS waho, i koʻu manaʻo ʻaʻole hiki ke maʻalahi, akā hiki loa. A i ʻole ka lua o ka koho e hoʻohana i ka metadata - ʻo ia hoʻi, e mālama i ka ʻike e pili ana i ka helu wahi i hāʻawi ʻia i ka mīkini i ʻike ka server DHCP i ka helu e hoʻopuka ai i ka mīkini inā ua loaʻa i ka mīkini kahi helu. ʻO ka lua o ka koho he mea maʻalahi a maʻalahi hoʻi, no ka mea, hiki iāʻoe ke mālama i nāʻike hou e pili ana i ke kaʻa. I kēia manawa e hoʻohui i ka metadata agent i ke kiʻikuhi:
ʻO kekahi pilikia ʻē aʻe e pili ana i ke kūkākūkā ʻana, ʻo ia ka hiki ke hoʻohana i hoʻokahi pūnaewele waho e nā mea kūʻai aku a pau, no ka mea, ʻo nā ʻoihana waho, inā pono lākou i loko o ka pūnaewele holoʻokoʻa, paʻakikī - pono ʻoe e hoʻokaʻawale mau a mālama i ka hoʻokaʻawale ʻana o kēia mau pūnaewele. ʻO ka hiki ke hoʻohana i hoʻokahi pūnaewele i hoʻonohonoho mua ʻia i waho no nā mea kūʻai aku e lilo i mea maikaʻi loa i ka hana ʻana i kahi ao lehulehu. E maʻalahi kēia i ka hoʻolaha ʻana i nā mīkini no ka mea ʻaʻole pono mākou e nīnau i kahi waihona helu helu a koho i kahi wahi kikoʻī kūʻokoʻa no ka pūnaewele waho o kēlā me kēia mea kūʻai. Eia hou, hiki iā mākou ke hoʻopaʻa inoa i kahi pūnaewele waho ma mua a i ka manawa o ka hoʻolālā ʻana e pono wale mākou e hoʻopili i nā helu waho me nā mīkini mea kūʻai aku.
A eia ke kōkua mai ʻo NAT iā mākou - hiki iā mākou ke hiki i nā mea kūʻai aku ke komo i ka honua waho ma o ka papa inoa paʻamau me ka unuhi ʻana o NAT. ʻAe, eia kahi pilikia liʻiliʻi. Maikaʻi kēia inā hana ka mea kūʻai aku ma ke ʻano he mea kūʻai aku a ʻaʻole ma ke ʻano he kikowaena - ʻo ia hoʻi, hoʻomaka ia ma mua o ka ʻae ʻana i nā pilina. Akā no mākou, ʻo ia ke ʻano ʻē aʻe. I kēia hihia, pono mākou e hana i kahi NAT i ka wā e loaʻa ai ke kaʻa, ʻike ka node mana i manaʻo ʻia kēia huakaʻi no ka mīkini virtual A o ka mea kūʻai aku A, ʻo ia hoʻi, pono mākou e hana i kahi unuhi NAT mai kahi helu waho, no ka laʻana 100.1.1.1 .10.0.0.1, i kahi helu kūloko 100. I kēia hihia, ʻoiai e hoʻohana nā mea kūʻai aku i ka pūnaewele like, mālama ʻia ka kaʻawale kūloko. ʻO ia hoʻi, pono mākou e hana i ka dNAT a me ka sNAT ma ka node mana. ʻO ka hoʻohana ʻana i kahi pūnaewele hoʻokahi me nā wahi e lana ana a i ʻole nā pūnaewele waho, a i ʻole nā mea ʻelua i ka manawa hoʻokahi, pili i ka mea āu e makemake ai e lawe i loko o ke ao. ʻAʻole mākou e hoʻohui i nā helu lana i ke kiʻikuhi, akā e haʻalele i nā pūnaewele waho i hoʻohui ʻia ma mua - aia kēlā me kēia mea kūʻai aku i kāna pūnaewele waho (ma ke kiʻikuhi i hōʻike ʻia lākou he vlan 200 a me XNUMX ma ka interface waho).
ʻO ka hopena, ua loaʻa iā mākou kahi hoʻonā hoihoi a i ka manawa like i noʻonoʻo maikaʻi ʻia, aia kahi maʻalahi akā ʻaʻole i loaʻa nā ʻano hana hoʻomanawanui.
ʻO ka mea mua, hoʻokahi wale nō kā mākou node mana - ʻo kona hemahema e alakaʻi i ka hāʻule o nā ʻōnaehana āpau. No ka hoʻoponopono ʻana i kēia pilikia, pono ʻoe e hana i kahi quorum o 3 nodes. E hoʻohui kākou i kēia i ke kiʻikuhi:
Ma keʻano maʻamau, hoʻonohonoho ʻia nā node a pau a i ka wā e haʻalele ai kahi puʻupuʻu ikaika, e lawe kekahi node i kāna mau kuleana.
ʻO ka pilikia aʻe ʻo nā disks mīkini virtual. I kēia manawa, mālama ʻia lākou ma nā hypervisors iā lākou iho, a inā he pilikia me ka hypervisor, nalowale mākou i nā ʻikepili āpau - a ʻaʻole e kōkua ka hele ʻana o kahi hoʻouka ma ʻaneʻi inā ʻaʻole e nalowale ka disk, akā ke kikowaena holoʻokoʻa. No ka hana ʻana i kēia, pono mākou e hana i kahi lawelawe e hana ma ke ʻano he ʻano mua no kekahi ʻano mālama. He aha ke ʻano o ka mālama ʻana ʻaʻole ia he mea koʻikoʻi loa iā mākou, akā pono ia e pale i kā mākou ʻikepili mai ka hemahema o ka disk a me ka node, a ʻo ke keʻena holoʻokoʻa paha. Nui nā koho ma aneʻi - aia nō, ʻoiaʻiʻo, nā pūnaewele SAN me Fiber Channel, akā e ʻoiaʻiʻo - ʻo FC kahi relic o ka wā i hala - kahi analogue o E1 i ka lawe ʻana - ʻae, ʻae wau, hoʻohana mau ʻia, akā. wale no kahi hiki ole loa ke ole. No laila, ʻaʻole wau e hāʻawi manawaleʻa i kahi pūnaewele FC ma 2020, me ka ʻike ʻana aia kekahi mau koho ʻē aʻe. ʻOiai i kēlā me kēia iā ia iho, aia paha ka poʻe e manaʻoʻiʻo ʻo FC me kona mau palena āpau ka mea e pono ai mākou - ʻaʻole wau e hoʻopaʻapaʻa, aia kēlā me kēia kanaka i ko lākou manaʻo ponoʻī. Eia naʻe, ʻo ka hopena hoihoi loa i koʻu manaʻo ʻo ka hoʻohana ʻana i kahi SDS, e like me Ceph.
ʻAe ʻo Ceph iā ʻoe e kūkulu i kahi hoʻonā mālama ʻikepili i loaʻa loa me ka pūʻulu o nā koho backup hiki, e hoʻomaka me nā code me ka nānā ʻana i ka parity (e like me ka raid 5 a i ʻole 6) e hoʻopau ana me ka hoʻopiʻi ʻana i ka ʻikepili piha i nā disks ʻokoʻa, e noʻonoʻo ana i ka wahi o nā disks i loko. nā kikowaena, a me nā kikowaena i loko o nā keʻena, etc.
No ke kūkulu ʻana iā Ceph, pono ʻoe i 3 mau nodes. E hoʻokō ʻia ka pilina me ka waihona ma o ka pūnaewele me ka hoʻohana ʻana i ka poloka, mea a me nā lawelawe mālama faila. E hoʻohui i kahi waihona i ka schema:
E hoʻomaopopo: hiki iā ʻoe ke hana i nā nodes compute hyperconverged - ʻo ia ka manaʻo o ka hoʻohui ʻana i kekahi mau hana ma kahi node - no ka laʻana, mālama + helu - me ka hoʻolaʻa ʻole ʻana i nā nodes kūikawā no ka mālama ceph. E loaʻa iā mākou ka hoʻolālā hoʻomanawanui hoʻokahi - no ka mea e mālama ʻo SDS i ka ʻikepili me ka pae hoʻopaʻa a mākou e kuhikuhi nei. Eia nō naʻe, ʻo nā node hyperconverged he mea hoʻohālikelike mau - no ka mea ʻaʻole wela wale ka node mālama i ka ea e like me ka mea i ʻike mua ʻia (no ka mea ʻaʻohe mīkini virtual ma luna) - hoʻolilo ʻo ia i nā kumuwaiwai CPU ma ka lawelawe ʻana iā SDS (ʻoiaʻiʻo, hana nā mea āpau. ka hana hou ʻana a me ka hoʻihoʻi ʻana ma hope o ka hāʻule ʻana o nā nodes, disks, etc.). ʻO ia hoʻi, e nalowale ana ʻoe i kekahi o ka mana o ka node compute inā hoʻohui ʻoe iā ia me kahi waihona.
Pono e hoʻokele ʻia kēia mau mea āpau - pono mākou i kahi mea e hiki ai iā mākou ke hana i kahi mīkini, kahi pūnaewele, kahi router virtual, a me nā mea ʻē aʻe. hiki i ka mea kūʻai ke hoʻopili i kēia puka ma o http/ https a hana i nā mea āpau e pono ai (maikaʻi, kokoke).
ʻO ka hopena, loaʻa iā mākou kahi ʻōnaehana hoʻomanawanui hewa. Pono e mālama ʻia nā mea a pau o kēia ʻano hana. Ua wehewehe mua ʻia ʻo Openstack kahi hoʻonohonoho o nā papahana, e hāʻawi ana kēlā me kēia i kahi hana kikoʻī. E like me kā mākou e ʻike ai, ʻoi aku ka nui o nā mea pono e hoʻonohonoho a hoʻokele ʻia. I kēia lā e kamaʻilio mākou e pili ana i ka ʻāpana pūnaewele.
ʻO ka hale hana neutron
Ma OpenStack, ʻo Neutron ke kuleana no ka hoʻopili ʻana i nā awa mīkini virtual i kahi pūnaewele L2 maʻamau, e hōʻoia ana i ke ala kaʻa ma waena o nā VM i loaʻa ma nā pūnaewele L2 like ʻole, a me ke ala i waho, e hāʻawi ana i nā lawelawe e like me NAT, Floating IP, DHCP, etc.
Ma kahi kiʻekiʻe, hiki ke wehewehe ʻia ka hana o ka lawelawe pūnaewele (ʻo ka ʻāpana kumu).
I ka hoʻomaka ʻana i ka VM, ʻo ka lawelawe pūnaewele:
- Hoʻokumu i kahi awa no kahi VM i hāʻawi ʻia (a i ʻole nā awa) a hoʻolaha i ka lawelawe DHCP e pili ana iā ia;
- Hoʻokumu ʻia kahi mea hana pūnaewele virtual hou (ma libvirt);
- Hoʻopili ka VM i nā awa i hana ʻia ma ka ʻanuʻu 1;
ʻO ka mea kupanaha, hoʻokumu ʻia ka hana a Neutron i nā mīkini maʻamau i ʻike ʻia e ka poʻe a pau i luʻu i Linux - namespaces, iptables, linux bridges, openvswitch, conntrack, etc.
Pono e wehewehe koke ʻia ʻaʻole ʻo Neutron kahi mea hoʻokele SDN.
Loaʻa i ka Neutron kekahi mau ʻāpana pili:
Openstack-neutron-server he daemon e hana me nā noi mea hoʻohana ma o ka API. ʻAʻole pili kēia daimonio i ka hoʻopaʻa inoa ʻana i nā pilina pūnaewele, akā hāʻawi i ka ʻike e pono ai no kēia i kāna mau plugins, a laila hoʻonohonoho i ka mea pūnaewele makemake. Hoʻopaʻa inoa nā ʻelele Neutron ma OpenStack nodes me ka server Neutron.
ʻO Neutron-server kahi palapala noi i kākau ʻia ma ka python, ʻelua mau ʻāpana:
- lawelawe hoomaha
- Pākuʻi Neutron (kumu/lawelawe)
Hoʻolālā ʻia ka lawelawe REST no ka loaʻa ʻana o nā kelepona API mai nā ʻāpana ʻē aʻe (no ka laʻana, kahi noi e hāʻawi i kekahi ʻike, etc.)
ʻO nā plugins nā mea lako polokalamu plug-in/modules i kāhea ʻia i ka wā o nā noi API - ʻo ia hoʻi, loaʻa ka hoʻoili ʻana o kahi lawelawe ma o lākou. Hoʻokaʻawale ʻia nā plugins i ʻelua ʻano - lawelawe a me ke kumu. Ma ke ʻano maʻamau, ʻo ka plugin lio ke kuleana nui no ka hoʻokele ʻana i ka wahi kikoʻī a me nā pilina L2 ma waena o VM, a ua hāʻawi mua nā plugins lawelawe i nā hana hou e like me VPN a i ʻole FW.
Hiki ke nānā ʻia ka papa inoa o nā plugins i kēia lā
Hiki ke nui nā plugins lawelawe, akā hoʻokahi wale nō plugins lio.
openstack-neutron-ml2 ʻo ia ka mea maʻamau Opentack root plugin. Loaʻa i kēia plugin kahi hoʻolālā modular (ʻaʻole e like me kona mua) a hoʻonohonoho i ka lawelawe pūnaewele ma o nā mea hoʻokele pili iā ia. E nānā mākou i ka plugin pono'ī ma hope iki, no ka mea, hāʻawi ia i ka maʻalahi o OpenStack i ka ʻāpana pūnaewele. Hiki ke hoʻololi i ka plugin root (no ka laʻana, hana ʻo Contrail Networking i kahi hoʻololi).
lawelawe RPC (rabbitmq-server) - he lawelawe e hāʻawi ana i ka hoʻokele queue a me ka launa pū ʻana me nā lawelawe OpenStack ʻē aʻe, a me ka launa pū ʻana ma waena o nā ʻoihana lawelawe pūnaewele.
Nā ʻelele pūnaewele - nā ʻelele i loaʻa i kēlā me kēia node, kahi i hoʻonohonoho ʻia ai nā lawelawe pūnaewele.
Nui nā ʻano mea hana.
ʻO ka luna nui L2 luna. Holo kēia mau ʻelele ma kēlā me kēia hypervisors, me nā nodes mana (ʻoi aku ka pololei, ma nā nodes a pau e hāʻawi ana i kekahi lawelawe no nā mea hoʻolimalima) a ʻo kā lākou hana nui ʻo ka hoʻopili ʻana i nā mīkini virtual i kahi pūnaewele L2 maʻamau, a hoʻopuka pū i nā mākaʻikaʻi ke loaʻa nā hanana ( no ka laʻana, hoʻopau / hiki i ke awa).
ʻO ka mea aʻe, ʻaʻohe mea liʻiliʻi nui L3 luna. ʻO ka mea maʻamau, holo wale kēia ʻelele ma kahi node pūnaewele (ʻo ka manawa pinepine e hui pū ʻia ka node pūnaewele me kahi node mana) a hāʻawi i ke alahele ma waena o nā pūnaewele hoʻolimalima (ma waena o kāna mau pūnaewele a me nā pūnaewele o nā mea hoʻolimalima ʻē aʻe, a hiki ke loaʻa i ka honua o waho, hāʻawi. NAT, a me ka lawelawe DHCP). Eia nō naʻe, i ka hoʻohana ʻana i kahi DVR (distributed router), ʻike pū ʻia ka pono no kahi plugin L3 ma nā nodes compute.
Hoʻohana ka luna L3 i nā inoa inoa Linux e hāʻawi i kēlā me kēia mea hoʻolimalima i kahi hoʻonohonoho o kāna mau pūnaewele kaʻawale a me ka hana o nā mea hoʻokele virtual e ala i nā kaʻa a hāʻawi i nā lawelawe puka no nā pūnaewele Layer 2.
hōkeoʻikepili - kahi waihona o nā ʻike o nā pūnaewele, subnets, ports, pools, etc.
ʻOiaʻiʻo, ʻae ʻo Neutron i nā noi API mai ka hana ʻana i nā hui pūnaewele, hōʻoia i ka noi, a ma o RPC (inā loaʻa iā ia kekahi plugin a agent) a i ʻole REST API (inā e kamaʻilio ma SDN) e hoʻouna i nā ʻelele (ma nā plugins) nā ʻōlelo kuhikuhi e pono ai e hoʻonohonoho i ka lawelawe i noi ʻia.
I kēia manawa, e huli kākou i ka hoʻonohonoho hoʻāʻo (pehea i hoʻonohonoho ʻia ai a me nā mea i hoʻokomo ʻia i loko, e ʻike mākou ma hope ma ka ʻāpana hana) a ʻike i kahi o kēlā me kēia ʻāpana:
(overcloud) [stack@undercloud ~]$ openstack network agent list
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| 10495de9-ba4b-41fe-b30a-b90ec3f8728b | Open vSwitch agent | overcloud-novacompute-1.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| 1515ad4a-5972-46c3-af5f-e5446dff7ac7 | L3 agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-l3-agent |
| 322e62ca-1e5a-479e-9a96-4f26d09abdd7 | DHCP agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-dhcp-agent |
| 9c1de2f9-bac5-400e-998d-4360f04fc533 | Open vSwitch agent | overcloud-novacompute-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| d99c5657-851e-4d3c-bef6-f1e3bb1acfb0 | Open vSwitch agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| ff85fae6-5543-45fb-a301-19c57b62d836 | Metadata agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
(overcloud) [stack@undercloud ~]$
ʻOiaʻiʻo, ʻo ia ke ʻano holoʻokoʻa o Neutron. I kēia manawa pono e hoʻolilo i kekahi manawa ma ka plugin ML2.
Papahana Modular 2
E like me ka mea i ʻōlelo ʻia ma luna, ʻo ka plugin he OpenStack root plugin a loaʻa iā ia kahi hoʻolālā modular.
ʻO ka mea mua o ka plugin ML2 he ʻano monolithic, ʻaʻole i ʻae ʻia, no ka laʻana, me ka hoʻohana ʻana i kahi hui o nā ʻenehana i hoʻokahi hoʻonohonoho. No ka laʻana, ʻaʻole hiki iā ʻoe ke hoʻohana i ka openvswitch a me linuxbridge i ka manawa like - ʻo ka mua a i ʻole ka lua. No kēia kumu, ua hana ʻia ka plugin ML2 me kāna hoʻolālā.
He ʻelua ʻāpana ʻo ML2 - ʻelua ʻano mea hoʻokele: ʻAno hoʻokele a me nā mea hoʻokele Mechanism.
ʻAno hoʻokele e hoʻoholo i nā ʻenehana e hoʻohana ʻia no ka hoʻonohonoho ʻana i nā pili pūnaewele, no ka laʻana VxLAN, VLAN, GRE. I ka manawa like, ʻae ka mea hoʻokele i ka hoʻohana ʻana i nā ʻenehana like ʻole. ʻO ka ʻenehana maʻamau ʻo VxLAN encapsulation no nā pūnaewele overlay a me nā pūnaewele waho vlan.
Aia nā ʻano mea hoʻokele i nā ʻano pūnaewele penei:
Pau - pūnaewele me ka hōʻailona ʻole
Nā VLAN - pūnaewele hōʻailona
Local - kahi ʻano pūnaewele kūikawā no nā hoʻonohonoho āpau-i-hoʻokahi (pono ʻia kēlā mau hoʻonohonoho no nā mea hoʻomohala a no ke aʻo ʻana paha)
GRE - uhi i ka pūnaewele me ka hoʻohana ʻana i nā tunnels GRE
VxLAN - ka uhi ʻana i ka pūnaewele me ka hoʻohana ʻana i nā tunnels VxLAN
Nā mea hoʻokele mīkini wehewehe i nā mea hana e hōʻoiaʻiʻo ai i ka hoʻonohonoho ʻana o nā ʻenehana i kuhikuhi ʻia i ke ʻano mea hoʻokele - no ka laʻana, openvswitch, sr-iov, opendaylight, OVN, etc.
Ma muli o ka hoʻokō ʻana o kēia mea hoʻokele, e hoʻohana ʻia nā ʻelele i hoʻomalu ʻia e Neutron, a i ʻole e hoʻohana ʻia nā pilina me kahi mea hoʻokele SDN waho, nāna e mālama i nā pilikia āpau e pili ana i ka hoʻonohonoho ʻana i nā pūnaewele L2, ke alahele, etc.
Laʻana: inā mākou e hoʻohana i ka ML2 me OVS, a laila ua hoʻokomo ʻia kahi luna L2 ma kēlā me kēia node computing e hoʻokele iā OVS. Eia naʻe, inā mākou e hoʻohana, no ka laʻana, OVN a OpenDayLight, a laila hiki mai ka mana o OVS ma lalo o ko lākou mana - ʻo Neutron, ma o ka plugin root, hāʻawi i nā kauoha i ka mea hoʻoponopono, a ua hana ia i ka mea i haʻi ʻia.
E hoʻomaka kākou ma Open vSwitch
I kēia manawa, ʻo kekahi o nā mea nui o OpenStack ʻo Open vSwitch.
I ka hoʻokomo ʻana iā OpenStack me ka ʻole o ka mea kūʻai aku ʻē aʻe SDN e like me Juniper Contrail a i ʻole Nokia Nuage, ʻo OVS ka ʻāpana pūnaewele nui o ka pūnaewele kapuaʻi a, me nā iptables, conntrack, namespaces, hiki iā ʻoe ke hoʻonohonoho i nā pūnaewele overlay multi-tenancy. Ma keʻano maʻamau, hiki ke hoʻololi ʻia kēia ʻāpana, no ka laʻana, i ka wā e hoʻohana ai i nā hāmeʻa SDN proprietary (vendor) ʻekolu.
ʻO ka OVS kahi hoʻololi polokalamu punawai i hoʻolālā ʻia no ka hoʻohana ʻana i nā kaiapuni virtualized ma ke ʻano he mea hoʻokele kaʻa uila.
I kēia manawa, loaʻa i ka OVS nā hana maikaʻi loa, e pili ana i nā ʻenehana e like me QoS, LACP, VLAN, VxLAN, GENEVE, OpenFlow, DPDK, etc.
'Ōlelo Aʻo: ʻAʻole i hoʻomaka mua ʻia ʻo OVS ma ke ʻano he hoʻololi palupalu no nā hana kelepona nui loa a ua hoʻolālā ʻia no ka liʻiliʻi o ka bandwidth-koi ʻana i nā hana IT e like me ka server WEB a i ʻole ka leka uila. Eia nō naʻe, ke hoʻomohala hou ʻia nei ka OVS a ua hoʻomaikaʻi maikaʻi ʻia nā hoʻokō o kēia manawa o OVS i kāna hana a me nā hiki, e hiki ai ke hoʻohana ʻia e nā mea kelepona telecom me nā hana i hoʻouka nui ʻia, no ka laʻana, aia kahi hoʻokō OVS me ke kākoʻo no ka wikiwiki DPDK.
ʻEkolu mau mea nui o OVS e pono ai ʻoe e makaʻala:
- Kōmike kumu - kahi ʻāpana i loaʻa i loko o ka lumi kernel e hoʻoponopono i nā kaʻa e pili ana i nā lula i loaʻa mai ka mea mana;
- vSwitch ʻO ka daemon (ovs-vswitchd) kahi kaʻina hana i hoʻokumu ʻia ma kahi o ka mea hoʻohana nona ke kuleana no ka hoʻonohonoho ʻana i ka module kernel - ʻo ia hoʻi, hōʻike pololei ia i ka loiloi o ka hana o ka hoʻololi.
- kikowaena waihona - kahi waihona kūloko i loaʻa ma kēlā me kēia host e holo ana i ka OVS, kahi i mālama ʻia ai ka hoʻonohonoho. Hiki i nā mea hoʻoponopono SDN ke kamaʻilio ma o kēia module me ka hoʻohana ʻana i ka protocol OVSDB.
Hoʻopili ʻia kēia mau mea āpau me kahi hoʻonohonoho diagnostic a me ka hoʻokele waiwai, e like me ovs-vsctl, ovs-appctl, ovs-ofctl, etc.
I kēia manawa, hoʻohana nui ʻia ʻo Openstack e nā mea lawelawe kelepona e neʻe i nā hana ʻoihana iā ia, e like me EPC, SBC, HLR, a me nā mea ʻē aʻe. Hiki i kekahi mau hana ke ola me ka pilikia ʻole me OVS e like me ia, akā no ka laʻana, kaʻina EPC ka mea kākau inoa - a laila hele ia ka nui o nā kaʻa (i kēia manawa ua piʻi ka nui o nā kaʻa i mau haneli gigabits i kekona). ʻO ka mea maʻamau, ʻo ka hoʻokele ʻana i kēlā mau kaʻa ma o ka kernel space (no ka mea, aia ka mea hoʻouna i laila ma ke ʻano maʻamau) ʻaʻole ia ka manaʻo maikaʻi loa. No laila, hoʻohana pinepine ʻia ʻo OVS ma kahi o ka mea hoʻohana me ka hoʻohana ʻana i ka ʻenehana wikiwiki DPDK e hoʻouna i nā kaʻa mai NIC a i kahi mea hoʻohana ma ke kāʻe ʻana i ka kernel.
Noʻonoʻo: no ke ao i hoʻonohonoho ʻia no nā hana telecom, hiki ke hoʻopuka i nā kaʻa mai kahi node compute e kāʻalo pololei ana i ka OVS i nā lako hoʻololi. Hoʻohana ʻia nā mīkini SR-IOV a me Passthrough no kēia kumu.
Pehea e hana ai kēia ma kahi hoʻolālā maoli?
ʻĀ, ʻānō e neʻe kāua i ka ʻāpana hana a ʻike pehea e hana ai nā mea āpau i ka hana.
ʻO ka mea mua, e hoʻonoho i kahi hoʻonohonoho Opentack maʻalahi. No ka mea ʻaʻohe oʻu mau kikowaena ma ka lima no nā hoʻokolohua, e hōʻuluʻulu mākou i ka prototype ma kahi kikowaena kino mai nā mīkini virtual. ʻAe,ʻoiaʻiʻo, ʻaʻole kūpono kēlā ʻano hoʻonā no nā kumu kūʻai, akā e ʻike i kahi hiʻohiʻona o ka hana ʻana o ka pūnaewele ma Openstack, ua lawa kēlā ʻano hoʻonohonoho no nā maka. Eia kekahi, ʻoi aku ka hoihoi o ia hoʻonohonoho ʻana no nā kumu hoʻomaʻamaʻa - no ka mea hiki iā ʻoe ke hopu i nā kaʻa, etc.
No ka mea pono mākou e ʻike i ka ʻāpana kumu, ʻaʻole hiki iā mākou ke hoʻohana i kekahi mau pūnaewele akā e hoʻāla i nā mea āpau me ka hoʻohana ʻana i ʻelua mau pūnaewele, a e hoʻohana wale ʻia ka lua o ka pūnaewele i kēia hoʻolālā no ke komo ʻana i ka undercloud a me ka server DNS. ʻAʻole mākou e hoʻopā i nā pūnaewele waho i kēia manawa - he kumuhana kēia no kahi ʻatikala nui kaʻawale.
No laila, e hoʻomaka kākou ma ke ʻano. ʻO ka mua, kahi manaʻo liʻiliʻi. E hoʻouka mākou i Openstack me ka hoʻohana ʻana i TripleO (Openstack ma Openstack). ʻO ke kumu o TripleO, ʻo ia ka mea e hoʻokomo ai mākou i Openstack āpau-i-hoʻokahi (ʻo ia hoʻi, ma kahi node), i kapa ʻia ʻo undercloud, a laila hoʻohana i nā mana o ka Openstack i hoʻonohonoho ʻia e hoʻokomo i ka Openstack i manaʻo ʻia no ka hana, i kapa ʻia ʻo overcloud. E hoʻohana ʻo Undercloud i kona hiki ke hoʻokele i nā kikowaena kino (metala ʻole) - ka papahana Ironic - e hoʻolako i nā hypervisors e hoʻokō i nā kuleana o ka helu, kaohi, nā nodes mālama. ʻO ia hoʻi, ʻaʻole mākou e hoʻohana i nā mea hana ʻaoʻao ʻekolu e hoʻokau i ka Openstack - hoʻohana mākou i ka Openstack me ka hoʻohana ʻana i ka Openstack. E ʻoi aku ka maʻalahi o ka hoʻonohonoho ʻana, no laila ʻaʻole mākou e hoʻōki i laila a neʻe i mua.
'Ōlelo Aʻo: Ma kēiaʻatikala, no ka maʻalahi,ʻaʻole au i hoʻohana i ka hoʻokaʻawale pūnaewele no nā pūnaewele Openstack i loko, akā ua hoʻolālāʻia nā mea a pau me ka hoʻohanaʻana i hoʻokahi pūnaewele. Eia naʻe, ʻaʻole pili ka hele ʻana a i ʻole ka haʻalele ʻana o ka hoʻokaʻawale pūnaewele i ka hana kumu o ka hoʻonā - e hana like nā mea a pau me ka hoʻohana ʻana i kahi kaʻawale, akā e kahe ka huakaʻi ma ka pūnaewele like. No kahi hoʻonohonoho pāʻoihana, pono maoli ka hoʻohana ʻana i kahi kaʻawale me ka hoʻohana ʻana i nā vlans a me nā interface. No ka laʻana, ʻo ka mālama mālama mālama ceph a me ka lele ʻana o ka ʻikepili iā ia iho (ke komo ʻana i ka mīkini i nā disks, a me nā mea ʻē aʻe) i ka wā kaʻawale e hoʻohana i nā subnets ʻokoʻa (Storage management and Storage) a hiki iā ʻoe ke hana i ka hopena i ʻoi aku ka hewa ma o ka hoʻokaʻawale ʻana i kēia kalepa, no ka laʻana. , ma nā awa like ʻole, a i ʻole ka hoʻohana ʻana i nā ʻaoʻao QoS like ʻole no nā kaʻa like ʻole i ʻole e ʻoki ʻia ka ʻikepili i nā kaʻa hōʻailona. I kā mākou hihia, e hele lākou ma ka pūnaewele like a ʻoiaʻiʻo ʻaʻole kēia e kaupalena iā mākou ma kekahi ʻano.
'Ōlelo Aʻo: No ka mea e holo ana mākou i nā mīkini maʻemaʻe i loko o kahi kaiapuni virtual e pili ana i nā mīkini virtual, pono mākou e hiki i ka virtualization nested.
Hiki iā ʻoe ke nānā inā hoʻohana ʻia ka nested virtualization a i ʻole e like me kēia:
[root@hp-gen9 bormoglotx]# cat /sys/module/kvm_intel/parameters/nested N [root@hp-gen9 bormoglotx]#Inā ʻike ʻoe i ka leka N, a laila hiki iā mākou ke kākoʻo no ka nested virtualization e like me ke alakaʻi āu e ʻike ai ma ka pūnaewele, no ka laʻana. .
Pono mākou e hōʻuluʻulu i kēia kaapuni mai nā mīkini virtual:
I koʻu hihia, e hoʻohui i nā mīkini virtual i ʻāpana o ka hoʻokomo ʻana i ka wā e hiki mai ana (a ua loaʻa iaʻu he 7 o lākou, akā hiki iā ʻoe ke loaʻa me 4 inā ʻaʻole nui kāu mau kumuwaiwai), ua hoʻohana wau iā OpenvSwitch. Ua hana au i hoʻokahi alahaka ovs a hoʻopili i nā mīkini virtual iā ia ma o nā pūʻulu awa. No ka hana ʻana i kēia, hana wau i kahi faila xml e like me kēia:
[root@hp-gen9 ~]# virsh net-dumpxml ovs-network-1
<network>
<name>ovs-network-1</name>
<uuid>7a2e7de7-fc16-4e00-b1ed-4d190133af67</uuid>
<forward mode='bridge'/>
<bridge name='ovs-br1'/>
<virtualport type='openvswitch'/>
<portgroup name='trunk-1'>
<vlan trunk='yes'>
<tag id='100'/>
<tag id='101'/>
<tag id='102'/>
</vlan>
</portgroup>
<portgroup name='access-100'>
<vlan>
<tag id='100'/>
</vlan>
</portgroup>
<portgroup name='access-101'>
<vlan>
<tag id='101'/>
</vlan>
</portgroup>
</network>ʻEkolu mau pūʻulu awa i haʻi ʻia ma aneʻi - ʻelua komo a me hoʻokahi pahu (pono ka hope no ka server DNS, akā hiki iā ʻoe ke hana me ka ʻole, a hoʻokomo paha ma ka mīkini hoʻokipa - ʻoi aku ka maʻalahi iā ʻoe). A laila, me ka hoʻohana ʻana i kēia template, haʻi mākou i kā mākou ma o virsh net-define:
virsh net-define ovs-network-1.xml
virsh net-start ovs-network-1
virsh net-autostart ovs-network-1 I kēia manawa hoʻoponopono mākou i nā hoʻonohonoho port hypervisor:
[root@hp-gen9 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens1f0
TYPE=Ethernet
NAME=ens1f0
DEVICE=ens1f0
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=ovs-br1
ONBOOT=yes
OVS_OPTIONS="trunk=100,101,102"
[root@hp-gen9 ~]
[root@hp-gen9 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ovs-br1
DEVICE=ovs-br1
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.255.200
PREFIX=24
[root@hp-gen9 ~]# 'Ōlelo Aʻo: ma kēia hiʻohiʻona, ʻaʻole hiki ke ʻike ʻia ka helu wahi ma ke awa ovs-br1 no ka mea ʻaʻohe ona vlan tag. No ka hoʻoponopono ʻana i kēia, pono ʻoe e hoʻopuka i ke kauoha sudo ovs-vsctl set port ovs-br1 tag=100. Eia nō naʻe, ma hope o ka hoʻomaka hou ʻana, e nalowale kēia tag (inā ʻike kekahi i ke ʻano o ka hoʻopaʻa ʻana, e mahalo nui wau). Akā ʻaʻole ia he mea koʻikoʻi, no ka mea e pono wale mākou i kēia helu i ka wā o ka hoʻokomo ʻana a ʻaʻole pono ia i ka wā e hoʻopiha piha ʻia ai ka Openstack.
A laila, hana mākou i kahi mīkini undercloud:
virt-install -n undercloud --description "undercloud" --os-type=Linux --os-variant=centos7.0 --ram=8192 --vcpus=8 --disk path=/var/lib/libvirt/images/undercloud.qcow2,bus=virtio,size=40,format=qcow2 --network network:ovs-network-1,model=virtio,portgroup=access-100 --network network:ovs-network-1,model=virtio,portgroup=access-101 --graphics none --location /var/lib/libvirt/boot/CentOS-7-x86_64-Minimal-2003.iso --extra-args console=ttyS0I ka wā o ka hoʻouka ʻana, hoʻonoho ʻoe i nā ʻāpana kūpono a pau, e like me ka inoa mīkini, nā ʻōlelo huna, nā mea hoʻohana, nā kikowaena ntp, a me nā mea ʻē aʻe, hiki iā ʻoe ke hoʻonohonoho koke i nā awa, akā noʻu iho, ma hope o ka hoʻokomo ʻana, ʻoi aku ka maʻalahi o ke komo ʻana i ka mīkini ma o ka console a hoʻoponopono i nā faila pono. Inā loaʻa iā ʻoe kahi kiʻi mākaukau, hiki iā ʻoe ke hoʻohana, a i ʻole e hana i kaʻu i hana ai - hoʻoiho i ke kiʻi liʻiliʻi Centos 7 a hoʻohana iā ia e hoʻokomo i ka VM.
Ma hope o ka hoʻokomo pono ʻana, pono ʻoe e loaʻa i kahi mīkini virtual kahi e hiki ai iā ʻoe ke hoʻokomo i ka undercloud
[root@hp-gen9 bormoglotx]# virsh list
Id Name State
----------------------------------------------------
6 dns-server running
62 undercloud runningʻO ka mea mua, e hoʻokomo i nā mea hana pono no ke kaʻina hana:
sudo yum update -y
sudo yum install -y net-tools
sudo yum install -y wget
sudo yum install -y ipmitool
Hoʻokomo ʻia ma lalo o ke ao
Hana mākou i kahi mea hoʻohana stack, hoʻonohonoho i kahi huaʻōlelo, hoʻohui iā sudoer a hāʻawi iā ia i ka hiki ke hoʻokō i nā kauoha aʻa ma sudo me ka ʻole e hoʻokomo i kahi ʻōlelo huna:
useradd stack
passwd stack
echo “stack ALL=(root) NOPASSWD:ALL” > /etc/sudoers.d/stack
chmod 0440 /etc/sudoers.d/stackI kēia manawa, kuhikuhi mākou i ka inoa undercloud piha i ka faila hosts:
vi /etc/hosts
127.0.0.1 undercloud.openstack.rnd localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6A laila, hoʻohui mākou i nā waihona a hoʻokomo i ka polokalamu e pono ai mākou:
sudo yum install -y https://trunk.rdoproject.org/centos7/current/python2-tripleo-repos-0.0.1-0.20200409224957.8bac392.el7.noarch.rpm
sudo -E tripleo-repos -b queens current
sudo -E tripleo-repos -b queens current ceph
sudo yum install -y python-tripleoclient
sudo yum install -y ceph-ansibleNānā: inā ʻaʻole ʻoe e hoʻolālā e hoʻokomo i ka ceph, a laila ʻaʻole pono ʻoe e komo i nā kauoha pili i ka ceph. Ua hoʻohana wau i ka hoʻokuʻu Queens, akā hiki iā ʻoe ke hoʻohana i nā mea ʻē aʻe āu e makemake ai.
A laila, kope i ka faila hoʻonohonoho undercloud i ka waihona papa kuhikuhi home o ka mea hoʻohana:
cp /usr/share/instack-undercloud/undercloud.conf.sample ~/undercloud.confI kēia manawa pono mākou e hoʻoponopono i kēia faila, hoʻoponopono iā ia i kā mākou hoʻonohonoho.
Pono ʻoe e hoʻohui i kēia mau laina i ka hoʻomaka o ka faila:
vi undercloud.conf
[DEFAULT]
undercloud_hostname = undercloud.openstack.rnd
local_ip = 192.168.255.1/24
network_gateway = 192.168.255.1
undercloud_public_host = 192.168.255.2
undercloud_admin_host = 192.168.255.3
undercloud_nameservers = 192.168.255.253
generate_service_certificate = false
local_interface = eth0
local_mtu = 1450
network_cidr = 192.168.255.0/24
masquerade = true
masquerade_network = 192.168.255.0/24
dhcp_start = 192.168.255.11
dhcp_end = 192.168.255.50
inspection_iprange = 192.168.255.51,192.168.255.100
scheduler_max_attempts = 10No laila, e hele kāua i nā hoʻonohonoho:
undercloud_hostname - ʻo ka inoa piha o ke kikowaena undercloud, pono e hoʻohālikelike i ke komo ʻana ma ka kikowaena DNS
local_ip - ka helu wahi undercloud e pili ana i ka hoʻolako pūnaewele
pūnaewele_puka - ʻo ka helu kūloko like, kahi e hana ai ma ke ʻano he ʻīpuka no ke komo ʻana i ka honua i waho i ka wā o ka hoʻokomo ʻana i nā nodes overcloud, pili pū me ka IP kūloko.
undercloud_public_host - ka helu API waho, ua hāʻawi ʻia kahi helu manuahi mai ka pūnaewele hoʻolako
undercloud_admin_host ka helu API kūloko, hāʻawi ʻia kekahi helu manuahi mai ka pūnaewele hoʻolako
undercloud_nameservers - kikowaena DNS
hana_lawelawe_palapala - He mea koʻikoʻi kēia laina i ka hiʻohiʻona o kēia manawa, no ka mea, inā ʻaʻole ʻoe e hoʻonohonoho i ka wahaheʻe, e loaʻa iā ʻoe kahi hewa i ka wā o ka hoʻonohonoho ʻana, ua wehewehe ʻia ka pilikia ma ka Red Hat bug tracker.
kūloko_interface interface ma ka hoʻolako pūnaewele. E hoʻonohonoho hou ʻia kēia interface i ka wā o ka hoʻolālā undercloud, no laila pono ʻoe e loaʻa i ʻelua mau kikowaena ma undercloud - hoʻokahi no ke komo ʻana iā ia, ʻo ka lua no ka hoʻolako.
local_mtu — MTU. No ka mea he hale hoʻokolohua kā mākou a loaʻa iaʻu kahi MTU o 1500 ma nā awa hoʻololi OVS, pono ia e hoʻonohonoho iā 1450 i hiki i nā ʻeke i hoʻopaʻa ʻia ma VxLAN ke hele i loko.
network_cidr - hoʻolako pūnaewele
kauā - e hoʻohana i ka NAT e komo i kahi pūnaewele waho
masquerade_network - pūnaewele e NATed
dhcp_hoʻomaka - ka helu hoʻomaka o ka waihona helu wahi e hāʻawi ʻia ai nā helu i nā nodes i ka wā o ka uhi ʻana i ka uhi
dhcp_end - ka helu hope loa o ka waihona helu wahi e hoʻoili ʻia ai nā ʻōlelo i nā nodes i ka wā o ka uhi ʻana
inspection_iprange - kahi pūʻulu o nā ʻōlelo e pono ai no ka nānā ʻana (ʻaʻole pono e uhi ʻia me ka wai ma luna)
scheduler_max_attempts — ka helu kiʻekiʻe o nā hoʻāʻo e hoʻokomo i ka overcloud (pono e ʻoi aku ma mua a i ʻole like me ka helu o nā nodes)
Ma hope o ka wehewehe ʻia ʻana o ka faila, hiki iā ʻoe ke hāʻawi i ke kauoha e kau i lalo:
openstack undercloud install
Lawe ʻia ke kaʻina hana mai 10 a 30 mau minuke ma muli o kāu hao. I ka hopena, pono ʻoe e ʻike i ka hopena e like me kēia:
vi undercloud.conf
2020-08-13 23:13:12,668 INFO:
#############################################################################
Undercloud install complete.
The file containing this installation's passwords is at
/home/stack/undercloud-passwords.conf.
There is also a stackrc file at /home/stack/stackrc.
These files are needed to interact with the OpenStack services, and should be
secured.
#############################################################################Ke ʻōlelo nei kēia huahana ua hoʻokomo pono ʻoe i ka undercloud a hiki iā ʻoe ke nānā i ke kūlana o undercloud a hoʻomaka e hoʻokomo i ka overcloud.
Inā ʻoe e nānā i ka hopena ifconfig, e ʻike ʻoe ua puka mai kahi alahaka hou
[stack@undercloud ~]$ ifconfig
br-ctlplane: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.1 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe2c:89e prefixlen 64 scopeid 0x20<link>
ether 52:54:00:2c:08:9e txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1095 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20 bytes 1292 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0E hoʻokō ʻia ka hoʻolālā overcloud ma o kēia interface.
Mai ka hopena ma lalo nei hiki iā ʻoe ke ʻike aia nā lawelawe āpau ma kahi node:
(undercloud) [stack@undercloud ~]$ openstack host list
+--------------------------+-----------+----------+
| Host Name | Service | Zone |
+--------------------------+-----------+----------+
| undercloud.openstack.rnd | conductor | internal |
| undercloud.openstack.rnd | scheduler | internal |
| undercloud.openstack.rnd | compute | nova |
+--------------------------+-----------+----------+Aia ma lalo ka hoʻonohonoho o ka ʻāpana pūnaewele undercloud:
(undercloud) [stack@undercloud ~]$ python -m json.tool /etc/os-net-config/config.json
{
"network_config": [
{
"addresses": [
{
"ip_netmask": "192.168.255.1/24"
}
],
"members": [
{
"dns_servers": [
"192.168.255.253"
],
"mtu": 1450,
"name": "eth0",
"primary": "true",
"type": "interface"
}
],
"mtu": 1450,
"name": "br-ctlplane",
"ovs_extra": [
"br-set-external-id br-ctlplane bridge-id br-ctlplane"
],
"routes": [],
"type": "ovs_bridge"
}
]
}
(undercloud) [stack@undercloud ~]$Hoʻokomo ʻia ʻo Overcloud
I kēia manawa he undercloud wale nō kā mākou, a ʻaʻole lawa nā nodes kahi e ʻākoakoa ai ka overcloud. No laila, ʻo ka mea mua, e kau i nā mīkini virtual a mākou e pono ai. I ka wā o ka hoʻolālā, undercloud ponoʻī e hoʻokomo i ka OS a me ka polokalamu pono ma ka mīkini overcloud - ʻo ia hoʻi, ʻaʻole pono mākou e hoʻopau piha i ka mīkini, akā hana wale i kahi disk (a i ʻole disks) no ia a hoʻoholo i kāna mau palena - ʻo ia. , ʻoiaʻiʻo, loaʻa iā mākou kahi kikowaena manuahi me ka ʻole o kahi OS i kau ʻia ma luna.
E hele kāua i ka waihona me nā disks o kā mākou mīkini virtual a hana i nā disks o ka nui i makemake ʻia:
cd /var/lib/libvirt/images/
qemu-img create -f qcow2 -o preallocation=metadata control-1.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata compute-1.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata compute-2.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata storage-1.qcow2 160G
qemu-img create -f qcow2 -o preallocation=metadata storage-2.qcow2 160GNo ka mea ke hana nei mākou ma ke ʻano he kumu, pono mākou e hoʻololi i ka mea nona kēia mau disks i ʻole e loaʻa kahi pilikia me nā kuleana:
[root@hp-gen9 images]# ls -lh
total 5.8G
drwxr-xr-x. 2 qemu qemu 4.0K Aug 13 16:15 backups
-rw-r--r--. 1 root root 61G Aug 14 03:07 compute-1.qcow2
-rw-r--r--. 1 root root 61G Aug 14 03:07 compute-2.qcow2
-rw-r--r--. 1 root root 61G Aug 14 03:07 control-1.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:03 dns-server.qcow2
-rw-r--r--. 1 root root 161G Aug 14 03:07 storage-1.qcow2
-rw-r--r--. 1 root root 161G Aug 14 03:07 storage-2.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:07 undercloud.qcow2
[root@hp-gen9 images]#
[root@hp-gen9 images]#
[root@hp-gen9 images]# chown qemu:qemu /var/lib/libvirt/images/*qcow2
[root@hp-gen9 images]# ls -lh
total 5.8G
drwxr-xr-x. 2 qemu qemu 4.0K Aug 13 16:15 backups
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 compute-1.qcow2
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 compute-2.qcow2
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 control-1.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:03 dns-server.qcow2
-rw-r--r--. 1 qemu qemu 161G Aug 14 03:07 storage-1.qcow2
-rw-r--r--. 1 qemu qemu 161G Aug 14 03:07 storage-2.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:08 undercloud.qcow2
[root@hp-gen9 images]# 'Ōlelo Aʻo: inā ʻaʻole ʻoe e hoʻolālā e hoʻokomo i ka ceph i mea e aʻo ai, a laila ʻaʻole e hana nā kauoha i ka liʻiliʻi 3 nodes me ka liʻiliʻi o ʻelua disks, akā i ka template e hōʻike ana e hoʻohana ʻia nā disks virtual vda, vdb, etc.
Nui, i kēia manawa pono mākou e wehewehe i kēia mau mīkini:
virt-install --name control-1 --ram 32768 --vcpus 8 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/control-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --network network:ovs-network-1,model=virtio,portgroup=trunk-1 --dry-run --print-xml > /tmp/control-1.xml
virt-install --name storage-1 --ram 16384 --vcpus 4 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/storage-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/storage-1.xml
virt-install --name storage-2 --ram 16384 --vcpus 4 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/storage-2.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/storage-2.xml
virt-install --name compute-1 --ram 32768 --vcpus 12 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/compute-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/compute-1.xml
virt-install --name compute-2 --ram 32768 --vcpus 12 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/compute-2.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/compute-2.xml I ka hopena, aia kahi kauoha -print-xml > /tmp/storage-1.xml, e hana ana i kahi faila xml me ka wehewehe ʻana o kēlā me kēia mīkini i loko o ka waihona /tmp/; inā ʻaʻole ʻoe e hoʻohui, ʻaʻole ʻoe e lilo. hiki ke ʻike i nā mīkini virtual.
I kēia manawa pono mākou e wehewehe i kēia mau mīkini āpau ma virsh:
virsh define --file /tmp/control-1.xml
virsh define --file /tmp/compute-1.xml
virsh define --file /tmp/compute-2.xml
virsh define --file /tmp/storage-1.xml
virsh define --file /tmp/storage-2.xml
[root@hp-gen9 ~]# virsh list --all
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
- compute-1 shut off
- compute-2 shut off
- control-1 shut off
- storage-1 shut off
- storage-2 shut off
[root@hp-gen9 ~]#I kēia manawa kahi nuance liʻiliʻi - hoʻohana ʻo tripleO i ka IPMI e hoʻokele i nā kikowaena i ka wā o ka hoʻonohonoho ʻana a me ka nānā ʻana.
ʻO ka Introspection ke kaʻina o ka nānā ʻana i ka hāmeʻa i mea e loaʻa ai kāna mau ʻāpana e pono ai no ka hoʻolako hou ʻana i nā nodes. Hana ʻia ka Introspection me ka hoʻohana ʻana i ka ironic, kahi lawelawe i hoʻolālā ʻia e hana me nā kikowaena metala ʻole.
Eia naʻe ka pilikia - ʻoiai ʻo nā kikowaena IPMI hāmeʻa he awa ʻokoʻa (a i ʻole kahi awa like ʻole, akā ʻaʻole koʻikoʻi kēia), a laila ʻaʻole loaʻa i nā mīkini virtual nā awa. Eia kahi koʻokoʻo i kapa ʻia ʻo vbmc e kōkua iā mākou - he mea pono e hiki ai iā ʻoe ke hoʻohālike i kahi awa IPMI. He mea pono ke nānā pono i kēia nuance no ka poʻe makemake e hoʻonohonoho i kahi keʻena like ʻole ma kahi hypervisor ESXI - e ʻoiaʻiʻo, ʻaʻole wau ʻike inā he analogue o vbmc, no laila he mea pono e noʻonoʻo e pili ana i kēia pilikia ma mua o ka lawe ʻana i nā mea āpau. .
E hoʻouka i ka vbmc:
yum install yum install python2-virtualbmcInā ʻaʻole hiki i kāu OS ke loaʻa ka pūʻolo, a laila hoʻohui i ka waihona:
yum install -y https://www.rdoproject.org/repos/rdo-release.rpmI kēia manawa hoʻonohonoho mākou i ka pono. ʻO nā mea a pau maʻaneʻi he banal a hiki i ka hilahila. I kēia manawa, ʻaʻohe mea kikowaena i ka papa inoa vbmc
[root@hp-gen9 ~]# vbmc list
[root@hp-gen9 ~]# No ka puka ʻana mai, pono e haʻi lima ʻia e like me kēia:
[root@hp-gen9 ~]# vbmc add control-1 --port 7001 --username admin --password admin
[root@hp-gen9 ~]# vbmc add storage-1 --port 7002 --username admin --password admin
[root@hp-gen9 ~]# vbmc add storage-2 --port 7003 --username admin --password admin
[root@hp-gen9 ~]# vbmc add compute-1 --port 7004 --username admin --password admin
[root@hp-gen9 ~]# vbmc add compute-2 --port 7005 --username admin --password admin
[root@hp-gen9 ~]#
[root@hp-gen9 ~]# vbmc list
+-------------+--------+---------+------+
| Domain name | Status | Address | Port |
+-------------+--------+---------+------+
| compute-1 | down | :: | 7004 |
| compute-2 | down | :: | 7005 |
| control-1 | down | :: | 7001 |
| storage-1 | down | :: | 7002 |
| storage-2 | down | :: | 7003 |
+-------------+--------+---------+------+
[root@hp-gen9 ~]#Manaʻo wau ua maopopo ka syntax kauoha me ka wehewehe ʻole. Eia naʻe, i kēia manawa aia kā mākou mau kau a pau i ke kūlana DOWN. No ka neʻe ʻana iā lākou i ke kūlana UP, pono ʻoe e ʻae iā lākou:
[root@hp-gen9 ~]# vbmc start control-1
2020-08-14 03:15:57,826.826 13149 INFO VirtualBMC [-] Started vBMC instance for domain control-1
[root@hp-gen9 ~]# vbmc start storage-1
2020-08-14 03:15:58,316.316 13149 INFO VirtualBMC [-] Started vBMC instance for domain storage-1
[root@hp-gen9 ~]# vbmc start storage-2
2020-08-14 03:15:58,851.851 13149 INFO VirtualBMC [-] Started vBMC instance for domain storage-2
[root@hp-gen9 ~]# vbmc start compute-1
2020-08-14 03:15:59,307.307 13149 INFO VirtualBMC [-] Started vBMC instance for domain compute-1
[root@hp-gen9 ~]# vbmc start compute-2
2020-08-14 03:15:59,712.712 13149 INFO VirtualBMC [-] Started vBMC instance for domain compute-2
[root@hp-gen9 ~]#
[root@hp-gen9 ~]#
[root@hp-gen9 ~]# vbmc list
+-------------+---------+---------+------+
| Domain name | Status | Address | Port |
+-------------+---------+---------+------+
| compute-1 | running | :: | 7004 |
| compute-2 | running | :: | 7005 |
| control-1 | running | :: | 7001 |
| storage-1 | running | :: | 7002 |
| storage-2 | running | :: | 7003 |
+-------------+---------+---------+------+
[root@hp-gen9 ~]#A ʻo ka paʻi hope loa - pono ʻoe e hoʻoponopono i nā lula o ka pā ahi (a i ʻole e hoʻopau iā ia):
firewall-cmd --zone=public --add-port=7001/udp --permanent
firewall-cmd --zone=public --add-port=7002/udp --permanent
firewall-cmd --zone=public --add-port=7003/udp --permanent
firewall-cmd --zone=public --add-port=7004/udp --permanent
firewall-cmd --zone=public --add-port=7005/udp --permanent
firewall-cmd --reload
I kēia manawa, e hele kāua i undercloud a nānā i ka hana ʻana o nā mea a pau. ʻO ka helu wahi o ka mīkini hoʻokipa ʻo 192.168.255.200, ma undercloud ua hoʻohui mākou i ka pūʻolo ipmitool pono i ka wā e hoʻomākaukau ai no ka waiho ʻana:
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power status
Chassis Power is off
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power on
Chassis Power Control: Up/On
[stack@undercloud ~]$
[root@hp-gen9 ~]# virsh list
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
65 control-1 runningE like me kāu e ʻike ai, ua hoʻomaka maikaʻi mākou i ka node mana ma o vbmc. I kēia manawa e hoʻopau kākou a neʻe aku:
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power off
Chassis Power Control: Down/Off
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power status
Chassis Power is off
[stack@undercloud ~]$
[root@hp-gen9 ~]# virsh list --all
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
- compute-1 shut off
- compute-2 shut off
- control-1 shut off
- storage-1 shut off
- storage-2 shut off
[root@hp-gen9 ~]#ʻO ka hana aʻe ka nānā ʻana i nā nodes kahi e hoʻokomo ʻia ai ka overcloud. No ka hana ʻana i kēia, pono mākou e hoʻomākaukau i kahi faila json me kahi wehewehe o kā mākou mau nodes. E ʻoluʻolu, ʻaʻole e like me ka hoʻokomo ʻana ma nā kikowaena manuahi, hōʻike ka faila i ke awa kahi e holo ai ka vbmc no kēlā me kēia mīkini.
[root@hp-gen9 ~]# virsh domiflist --domain control-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:20:a2:2f
- network ovs-network-1 virtio 52:54:00:3f:87:9f
[root@hp-gen9 ~]# virsh domiflist --domain compute-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:98:e9:d6
[root@hp-gen9 ~]# virsh domiflist --domain compute-2
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:6a:ea:be
[root@hp-gen9 ~]# virsh domiflist --domain storage-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:79:0b:cb
[root@hp-gen9 ~]# virsh domiflist --domain storage-2
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:a7:fe:27E hoʻomaopopo: ʻelua mau kikowaena o ka node control, akā i kēia hihia ʻaʻole ia he mea nui, ma kēia hoʻonohonoho ʻana e lawa ia no mākou.
I kēia manawa hoʻomākaukau mākou i ka faila json. Pono mākou e hōʻike i ka helu poppy o ke awa kahi e hoʻokō ʻia ai ka hoʻolako ʻana, nā ʻāpana o nā nodes, hāʻawi iā lākou i nā inoa a kuhikuhi i ke ala e hele ai i ipmi:
{
"nodes":[
{
"mac":[
"52:54:00:20:a2:2f"
],
"cpu":"8",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"control-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7001"
},
{
"mac":[
"52:54:00:79:0b:cb"
],
"cpu":"4",
"memory":"16384",
"disk":"160",
"arch":"x86_64",
"name":"storage-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7002"
},
{
"mac":[
"52:54:00:a7:fe:27"
],
"cpu":"4",
"memory":"16384",
"disk":"160",
"arch":"x86_64",
"name":"storage-2",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7003"
},
{
"mac":[
"52:54:00:98:e9:d6"
],
"cpu":"12",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"compute-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7004"
},
{
"mac":[
"52:54:00:6a:ea:be"
],
"cpu":"12",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"compute-2",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7005"
}
]
}I kēia manawa pono mākou e hoʻomākaukau i nā kiʻi no ka hao. No ka hana ʻana i kēia, hoʻoiho iā lākou ma o wget a hoʻokomo:
(undercloud) [stack@undercloud ~]$ sudo wget https://images.rdoproject.org/queens/delorean/current-tripleo-rdo/overcloud-full.tar --no-check-certificate
(undercloud) [stack@undercloud ~]$ sudo wget https://images.rdoproject.org/queens/delorean/current-tripleo-rdo/ironic-python-agent.tar --no-check-certificate
(undercloud) [stack@undercloud ~]$ ls -lh
total 1.9G
-rw-r--r--. 1 stack stack 447M Aug 14 10:26 ironic-python-agent.tar
-rw-r--r--. 1 stack stack 1.5G Aug 14 10:26 overcloud-full.tar
-rw-------. 1 stack stack 916 Aug 13 23:10 stackrc
-rw-r--r--. 1 stack stack 15K Aug 13 22:50 undercloud.conf
-rw-------. 1 stack stack 2.0K Aug 13 22:50 undercloud-passwords.conf
(undercloud) [stack@undercloud ~]$ mkdir images/
(undercloud) [stack@undercloud ~]$ tar -xpvf ironic-python-agent.tar -C ~/images/
ironic-python-agent.initramfs
ironic-python-agent.kernel
(undercloud) [stack@undercloud ~]$ tar -xpvf overcloud-full.tar -C ~/images/
overcloud-full.qcow2
overcloud-full.initrd
overcloud-full.vmlinuz
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ ls -lh images/
total 1.9G
-rw-rw-r--. 1 stack stack 441M Aug 12 17:24 ironic-python-agent.initramfs
-rwxr-xr-x. 1 stack stack 6.5M Aug 12 17:24 ironic-python-agent.kernel
-rw-r--r--. 1 stack stack 53M Aug 12 17:14 overcloud-full.initrd
-rw-r--r--. 1 stack stack 1.4G Aug 12 17:18 overcloud-full.qcow2
-rwxr-xr-x. 1 stack stack 6.5M Aug 12 17:14 overcloud-full.vmlinuz
(undercloud) [stack@undercloud ~]$Ke hoʻouka nei i nā kiʻi i lalo:
(undercloud) [stack@undercloud ~]$ openstack overcloud image upload --image-path ~/images/
Image "overcloud-full-vmlinuz" was uploaded.
+--------------------------------------+------------------------+-------------+---------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+------------------------+-------------+---------+--------+
| c2553770-3e0f-4750-b46b-138855b5c385 | overcloud-full-vmlinuz | aki | 6761064 | active |
+--------------------------------------+------------------------+-------------+---------+--------+
Image "overcloud-full-initrd" was uploaded.
+--------------------------------------+-----------------------+-------------+----------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+-----------------------+-------------+----------+--------+
| 949984e0-4932-4e71-af43-d67a38c3dc89 | overcloud-full-initrd | ari | 55183045 | active |
+--------------------------------------+-----------------------+-------------+----------+--------+
Image "overcloud-full" was uploaded.
+--------------------------------------+----------------+-------------+------------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+----------------+-------------+------------+--------+
| a2f2096d-c9d7-429a-b866-c7543c02a380 | overcloud-full | qcow2 | 1487475712 | active |
+--------------------------------------+----------------+-------------+------------+--------+
Image "bm-deploy-kernel" was uploaded.
+--------------------------------------+------------------+-------------+---------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+------------------+-------------+---------+--------+
| e413aa78-e38f-404c-bbaf-93e582a8e67f | bm-deploy-kernel | aki | 6761064 | active |
+--------------------------------------+------------------+-------------+---------+--------+
Image "bm-deploy-ramdisk" was uploaded.
+--------------------------------------+-------------------+-------------+-----------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+-------------------+-------------+-----------+--------+
| 5cf3aba4-0e50-45d3-929f-27f025dd6ce3 | bm-deploy-ramdisk | ari | 461759376 | active |
+--------------------------------------+-------------------+-------------+-----------+--------+
(undercloud) [stack@undercloud ~]$E nānā ana ua hoʻouka ʻia nā kiʻi a pau
(undercloud) [stack@undercloud ~]$ openstack image list
+--------------------------------------+------------------------+--------+
| ID | Name | Status |
+--------------------------------------+------------------------+--------+
| e413aa78-e38f-404c-bbaf-93e582a8e67f | bm-deploy-kernel | active |
| 5cf3aba4-0e50-45d3-929f-27f025dd6ce3 | bm-deploy-ramdisk | active |
| a2f2096d-c9d7-429a-b866-c7543c02a380 | overcloud-full | active |
| 949984e0-4932-4e71-af43-d67a38c3dc89 | overcloud-full-initrd | active |
| c2553770-3e0f-4750-b46b-138855b5c385 | overcloud-full-vmlinuz | active |
+--------------------------------------+------------------------+--------+
(undercloud) [stack@undercloud ~]$Hoʻokahi mea hou - pono ʻoe e hoʻohui i kahi kikowaena DNS:
(undercloud) [stack@undercloud ~]$ openstack subnet list
+--------------------------------------+-----------------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+-----------------+--------------------------------------+------------------+
| f45dea46-4066-42aa-a3c4-6f84b8120cab | ctlplane-subnet | 6ca013dc-41c2-42d8-9d69-542afad53392 | 192.168.255.0/24 |
+--------------------------------------+-----------------+--------------------------------------+------------------+
(undercloud) [stack@undercloud ~]$ openstack subnet show f45dea46-4066-42aa-a3c4-6f84b8120cab
+-------------------+-----------------------------------------------------------+
| Field | Value |
+-------------------+-----------------------------------------------------------+
| allocation_pools | 192.168.255.11-192.168.255.50 |
| cidr | 192.168.255.0/24 |
| created_at | 2020-08-13T20:10:37Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.255.1 |
| host_routes | destination='169.254.169.254/32', gateway='192.168.255.1' |
| id | f45dea46-4066-42aa-a3c4-6f84b8120cab |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | ctlplane-subnet |
| network_id | 6ca013dc-41c2-42d8-9d69-542afad53392 |
| prefix_length | None |
| project_id | a844ccfcdb2745b198dde3e1b28c40a3 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2020-08-13T20:10:37Z |
+-------------------+-----------------------------------------------------------+
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ neutron subnet-update f45dea46-4066-42aa-a3c4-6f84b8120cab --dns-nameserver 192.168.255.253
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Updated subnet: f45dea46-4066-42aa-a3c4-6f84b8120cab
(undercloud) [stack@undercloud ~]$I kēia manawa hiki iā mākou ke hāʻawi i ke kauoha no ka introspection:
(undercloud) [stack@undercloud ~]$ openstack overcloud node import --introspect --provide inspection.json
Started Mistral Workflow tripleo.baremetal.v1.register_or_update. Execution ID: d57456a3-d8ed-479c-9a90-dff7c752d0ec
Waiting for messages on queue 'tripleo' with no timeout.
5 node(s) successfully moved to the "manageable" state.
Successfully registered node UUID b4b2cf4a-b7ca-4095-af13-cc83be21c4f5
Successfully registered node UUID b89a72a3-6bb7-429a-93bc-48393d225838
Successfully registered node UUID 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e
Successfully registered node UUID bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8
Successfully registered node UUID 766ab623-464c-423d-a529-d9afb69d1167
Waiting for introspection to finish...
Started Mistral Workflow tripleo.baremetal.v1.introspect. Execution ID: 6b4d08ae-94c3-4a10-ab63-7634ec198a79
Waiting for messages on queue 'tripleo' with no timeout.
Introspection of node b89a72a3-6bb7-429a-93bc-48393d225838 completed. Status:SUCCESS. Errors:None
Introspection of node 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e completed. Status:SUCCESS. Errors:None
Introspection of node bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 completed. Status:SUCCESS. Errors:None
Introspection of node 766ab623-464c-423d-a529-d9afb69d1167 completed. Status:SUCCESS. Errors:None
Introspection of node b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 completed. Status:SUCCESS. Errors:None
Successfully introspected 5 node(s).
Started Mistral Workflow tripleo.baremetal.v1.provide. Execution ID: f5594736-edcf-4927-a8a0-2a7bf806a59a
Waiting for messages on queue 'tripleo' with no timeout.
5 node(s) successfully moved to the "available" state.
(undercloud) [stack@undercloud ~]$E like me kāu e ʻike ai mai ka hoʻopuka ʻana, ua pau nā mea āpau me ka ʻole o nā hewa. E nānā kākou aia nā node a pau i ka moku'āina i loaʻa:
(undercloud) [stack@undercloud ~]$ openstack baremetal node list
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
| UUID | Name | Instance UUID | Power State | Provisioning State | Maintenance |
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | None | power off | available | False |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | None | power off | available | False |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | None | power off | available | False |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | None | power off | available | False |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | None | power off | available | False |
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
(undercloud) [stack@undercloud ~]$ Inā ʻokoʻa nā nodes, hiki ke hoʻokele ʻia, a laila ua hewa kekahi mea a pono ʻoe e nānā i ka log a ʻike i ke kumu o kēia. E hoʻomanaʻo i kēia hiʻohiʻona ke hoʻohana nei mākou i ka virtualization a aia paha nā pōpoki pili i ka hoʻohana ʻana i nā mīkini virtual a i ʻole vbmc.
A laila, pono mākou e hōʻike i ka node e hana i ka hana - ʻo ia hoʻi, e hōʻike i ka ʻaoʻao kahi e kau ai ka node:
(undercloud) [stack@undercloud ~]$ openstack overcloud profiles list
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| Node UUID | Node Name | Provision State | Current Profile | Possible Profiles |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | available | None | |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | available | None | |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | available | None | |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | available | None | |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | available | None | |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
(undercloud) [stack@undercloud ~]$ openstack flavor list
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
| 168af640-7f40-42c7-91b2-989abc5c5d8f | swift-storage | 4096 | 40 | 0 | 1 | True |
| 52148d1b-492e-48b4-b5fc-772849dd1b78 | baremetal | 4096 | 40 | 0 | 1 | True |
| 56e66542-ae60-416d-863e-0cb192d01b09 | control | 4096 | 40 | 0 | 1 | True |
| af6796e1-d0c4-4bfe-898c-532be194f7ac | block-storage | 4096 | 40 | 0 | 1 | True |
| e4d50fdd-0034-446b-b72c-9da19b16c2df | compute | 4096 | 40 | 0 | 1 | True |
| fc2e3acf-7fca-4901-9eee-4a4d6ef0265d | ceph-storage | 4096 | 40 | 0 | 1 | True |
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
(undercloud) [stack@undercloud ~]$E wehewehe i ka ʻaoʻao no kēlā me kēia node:
openstack baremetal node set --property capabilities='profile:control,boot_option:local' b4b2cf4a-b7ca-4095-af13-cc83be21c4f5
openstack baremetal node set --property capabilities='profile:ceph-storage,boot_option:local' b89a72a3-6bb7-429a-93bc-48393d225838
openstack baremetal node set --property capabilities='profile:ceph-storage,boot_option:local' 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e
openstack baremetal node set --property capabilities='profile:compute,boot_option:local' bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8
openstack baremetal node set --property capabilities='profile:compute,boot_option:local' 766ab623-464c-423d-a529-d9afb69d1167E nānā mākou ua hana pololei mākou i nā mea a pau:
(undercloud) [stack@undercloud ~]$ openstack overcloud profiles list
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| Node UUID | Node Name | Provision State | Current Profile | Possible Profiles |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | available | control | |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | available | ceph-storage | |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | available | ceph-storage | |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | available | compute | |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | available | compute | |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
(undercloud) [stack@undercloud ~]$Inā pololei nā mea a pau, hāʻawi mākou i ke kauoha e kau i ka overcloud:
openstack overcloud deploy --templates --control-scale 1 --compute-scale 2 --ceph-storage-scale 2 --control-flavor control --compute-flavor compute --ceph-storage-flavor ceph-storage --libvirt-type qemuMa kahi hoʻonohonoho maoli, e hoʻohana maoli ʻia nā ʻano hana maʻamau, i kā mākou hihia e paʻakikī loa kēia i ke kaʻina hana, no ka mea e wehewehe ʻia kēlā me kēia hoʻoponopono i ka template. E like me ka mea i kākau mua ʻia, ʻo kahi hoʻonohonoho maʻalahi e lawa iā mākou e ʻike pehea e hana ai.
E hoʻomaopopo: pono ka --libvirt-type qemu i kēia hihia, no ka mea e hoʻohana mākou i ka virtualization nested. A i ʻole, ʻaʻole hiki iā ʻoe ke holo i nā mīkini virtual.
I kēia manawa ua loaʻa iā ʻoe hoʻokahi hola, a ʻoi aku paha (e pili ana i ka hiki o ka hāmeʻa) a hiki iā ʻoe ke manaʻolana ma hope o kēia manawa e ʻike ʻoe i kēia memo:
2020-08-14 08:39:21Z [overcloud]: CREATE_COMPLETE Stack CREATE completed successfully
Stack overcloud CREATE_COMPLETE
Host 192.168.255.21 not found in /home/stack/.ssh/known_hosts
Started Mistral Workflow tripleo.deployment.v1.get_horizon_url. Execution ID: fcb996cd-6a19-482b-b755-2ca0c08069a9
Overcloud Endpoint: http://192.168.255.21:5000/
Overcloud Horizon Dashboard URL: http://192.168.255.21:80/dashboard
Overcloud rc file: /home/stack/overcloudrc
Overcloud Deployed
(undercloud) [stack@undercloud ~]$I kēia manawa, loaʻa iā ʻoe kahi mana piha piha o openstack, kahi e hiki ai iā ʻoe ke aʻo, hoʻokolohua, etc.
E nānā kākou i ka hana pono ʻana o nā mea a pau. Ma ka waihona papa kuhikuhi home o ka mea hoʻohana aia ʻelua faila - hoʻokahi stackrc (no ka hoʻokele undercloud) a me ka lua overcloudrc (no ka hoʻokele overcloud). Pono e kuhikuhi ʻia kēia mau faila ma ke ʻano he kumu, no ka mea aia lākou i ka ʻike e pono ai no ka hōʻoia.
(undercloud) [stack@undercloud ~]$ openstack server list
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
| fd7d36f4-ce87-4b9a-93b0-add2957792de | overcloud-controller-0 | ACTIVE | ctlplane=192.168.255.15 | overcloud-full | control |
| edc77778-8972-475e-a541-ff40eb944197 | overcloud-novacompute-1 | ACTIVE | ctlplane=192.168.255.26 | overcloud-full | compute |
| 5448ce01-f05f-47ca-950a-ced14892c0d4 | overcloud-cephstorage-1 | ACTIVE | ctlplane=192.168.255.34 | overcloud-full | ceph-storage |
| ce6d862f-4bdf-4ba3-b711-7217915364d7 | overcloud-novacompute-0 | ACTIVE | ctlplane=192.168.255.19 | overcloud-full | compute |
| e4507bd5-6f96-4b12-9cc0-6924709da59e | overcloud-cephstorage-0 | ACTIVE | ctlplane=192.168.255.44 | overcloud-full | ceph-storage |
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ source overcloudrc
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$ openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 4eed7d0f06544625857d51cd77c5bd4c | admin |
| ee1c68758bde41eaa9912c81dc67dad8 | service |
+----------------------------------+---------+
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$ openstack network agent list
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| 10495de9-ba4b-41fe-b30a-b90ec3f8728b | Open vSwitch agent | overcloud-novacompute-1.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| 1515ad4a-5972-46c3-af5f-e5446dff7ac7 | L3 agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-l3-agent |
| 322e62ca-1e5a-479e-9a96-4f26d09abdd7 | DHCP agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-dhcp-agent |
| 9c1de2f9-bac5-400e-998d-4360f04fc533 | Open vSwitch agent | overcloud-novacompute-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| d99c5657-851e-4d3c-bef6-f1e3bb1acfb0 | Open vSwitch agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| ff85fae6-5543-45fb-a301-19c57b62d836 | Metadata agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
(overcloud) [stack@undercloud ~]$Pono kaʻu hoʻokomo ʻana i hoʻokahi paʻi liʻiliʻi - hoʻohui i kahi ala ma ka mea hoʻoponopono, ʻoiai ʻo ka mīkini aʻu e hana nei aia ma kahi pūnaewele ʻokoʻa. No ka hana ʻana i kēia, e hele i ka control-1 ma lalo o ka mooolelo heat-admin a hoʻopaʻa inoa i ke ala
(undercloud) [stack@undercloud ~]$ ssh [email protected]
Last login: Fri Aug 14 09:47:40 2020 from 192.168.255.1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ip route add 10.169.0.0/16 via 192.168.255.254ʻAe, i kēia manawa hiki iā ʻoe ke hele i ka lewa. ʻO nā ʻike āpau - nā helu wahi, ka inoa inoa a me ka ʻōlelo huna - aia ma ka faila /home/stack/overcloudrc. ʻO ke kiʻikuhi hope e like me kēia:
Ma ke ala, i kā mākou hoʻonohonoho ʻana, ua hoʻopuka ʻia nā leka uila ma o DHCP a, e like me kāu e ʻike ai, ua hoʻopuka ʻia lākou "ma ka random". Hiki iā ʻoe ke wehewehe pono i loko o ka template i ka helu wahi e hoʻopili ʻia i ka mīkini i ka wā o ka hoʻolaha ʻana, inā pono ʻoe.
Pehea ka holo ʻana o nā kaʻa ma waena o nā mīkini virtual?
Ma kēia ʻatikala e nānā mākou i ʻekolu mau koho no ka hele ʻana i nā kaʻa
- ʻElua mau mīkini ma hoʻokahi hypervisor ma hoʻokahi pūnaewele L2
- ʻElua mau mīkini ma nā hypervisors like ʻole ma ka pūnaewele L2 like
- ʻElua mau mīkini ma nā pūnaewele ʻokoʻa (ka ʻaʻa ʻana o ka ʻupena cross-network)
ʻO nā hihia me ke komo ʻana i waho o ka honua ma o kahi pūnaewele o waho, me ka hoʻohana ʻana i nā leka uila, a me ka hoʻolaha ʻana i ke alahele, e noʻonoʻo mākou i ka manawa aʻe, no kēia manawa e nānā mākou i nā kaʻa kūloko.
No ka nānā ʻana, e hui pū kākou i kēia kiʻi:
Ua hana mākou i 4 mau mīkini virtual - 3 ma hoʻokahi pūnaewele L2 - net-1, a me 1 hou aku ma ka pūnaewele net-2
(overcloud) [stack@undercloud ~]$ nova list --tenant 5e18ce8ec9594e00b155485f19895e6c
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
| ID | Name | Tenant ID | Status | Task State | Power State | Networks |
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
| f53b37b5-2204-46cc-aef0-dba84bf970c0 | vm-1 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.85 |
| fc8b6722-0231-49b0-b2fa-041115bef34a | vm-2 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.88 |
| 3cd74455-b9b7-467a-abe3-bd6ff765c83c | vm-3 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.90 |
| 7e836338-6772-46b0-9950-f7f06dbe91a8 | vm-4 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-2=10.0.2.8 |
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
(overcloud) [stack@undercloud ~]$ E ʻike kākou i nā hypervisors o nā mīkini i hana ʻia ma:
(overcloud) [stack@undercloud ~]$ nova show f53b37b5-2204-46cc-aef0-dba84bf970c0 | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-1 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-0.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000001 |(overcloud) [stack@undercloud ~]$ nova show fc8b6722-0231-49b0-b2fa-041115bef34a | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-2 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-1.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000002 |(overcloud) [stack@undercloud ~]$ nova show 3cd74455-b9b7-467a-abe3-bd6ff765c83c | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-3 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-0.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000003 |(overcloud) [stack@undercloud ~]$ nova show 7e836338-6772-46b0-9950-f7f06dbe91a8 | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-4 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-1.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000004 |
(ke ao) [hoʻopaʻa@undercloud ~]$
Aia nā mīkini vm-1 a me vm-3 ma compute-0, aia nā mīkini vm-2 a me vm-4 ma ka node compute-1.
Eia kekahi, ua hoʻokumu ʻia kahi router virtual e hiki ai i ke ala ʻana ma waena o nā pūnaewele i kuhikuhi ʻia:
(overcloud) [stack@undercloud ~]$ openstack router list --project 5e18ce8ec9594e00b155485f19895e6c
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
| ID | Name | Status | State | Distributed | HA | Project |
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
| 0a4d2420-4b9c-46bd-aec1-86a1ef299abe | router-1 | ACTIVE | UP | False | False | 5e18ce8ec9594e00b155485f19895e6c |
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
(overcloud) [stack@undercloud ~]$ Loaʻa i ka mea alalai nā awa ʻelua, e hana ana ma ke ʻano he puka no nā pūnaewele:
(overcloud) [stack@undercloud ~]$ openstack router show 0a4d2420-4b9c-46bd-aec1-86a1ef299abe | grep interface
| interfaces_info | [{"subnet_id": "2529ad1a-6b97-49cd-8515-cbdcbe5e3daa", "ip_address": "10.0.1.254", "port_id": "0c52b15f-8fcc-4801-bf52-7dacc72a5201"}, {"subnet_id": "335552dd-b35b-456b-9df0-5aac36a3ca13", "ip_address": "10.0.2.254", "port_id": "92fa49b5-5406-499f-ab8d-ddf28cc1a76c"}] |
(overcloud) [stack@undercloud ~]$ Akā, ma mua o ka nānā ʻana i ke kahe ʻana o ke kaʻa, e nānā kākou i nā mea i loaʻa iā mākou i kēia manawa ma ka node mana (ʻo ia hoʻi kahi node pūnaewele) a ma ka node compute. E hoʻomaka kākou me ka helu helu.
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-vsctl show
[heat-admin@overcloud-novacompute-0 ~]$ sudo sudo ovs-appctl dpif/show
system@ovs-system: hit:3 missed:3
br-ex:
br-ex 65534/1: (internal)
phy-br-ex 1/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/2: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
br-tun:
br-tun 65534/3: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff0f 3/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.15)
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$I kēia manawa, ʻekolu mau alahaka o ka node - br-int, br-tun, br-ex. Ma waena o lākou, e like me kā mākou e ʻike ai, aia kahi hoʻonohonoho o nā interface. No ka maʻalahi o ka hoʻomaopopo ʻana, e noʻonoʻo kākou i kēia mau pilina āpau ma ke kiʻikuhi a ʻike i ka mea e hana nei.
I ka nānā ʻana i nā ʻōlelo i hoʻokiʻekiʻe ʻia ai nā tunnels VxLAN, hiki ke ʻike ʻia ua hoʻokiʻekiʻe ʻia kekahi tunnel e helu-1 (192.168.255.26), ʻo ka lua o ka tunnel e nānā i ka control-1 (192.168.255.15). Akā ʻo ka mea hoihoi loa, ʻaʻohe o br-ex i nā pilina kino, a inā ʻoe e nānā i nā kahe i hoʻonohonoho ʻia, ʻike ʻoe hiki i kēia alahaka ke hāʻule wale i ke kaʻa i kēia manawa.
[heat-admin@overcloud-novacompute-0 ~]$ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.19 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe6a:eabe prefixlen 64 scopeid 0x20<link>
ether 52:54:00:6a:ea:be txqueuelen 1000 (Ethernet)
RX packets 2909669 bytes 4608201000 (4.2 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1821057 bytes 349198520 (333.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-novacompute-0 ~]$ E like me kāu e ʻike ai mai ka hoʻopuka ʻana, ua hoʻopili pololei ʻia ka helu wahi i ke awa kino, ʻaʻole i ke kikowaena alahaka virtual.
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-ex
port VLAN MAC Age
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-ex
cookie=0x9169eae8f7fe5bb2, duration=216686.864s, table=0, n_packets=303, n_bytes=26035, priority=2,in_port="phy-br-ex" actions=drop
cookie=0x9169eae8f7fe5bb2, duration=216686.887s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
[heat-admin@overcloud-novacompute-0 ~]$
Wahi a ke kānāwai mua, pono e hoʻolei ʻia nā mea a pau mai ka port phy-br-ex.
ʻOiaʻiʻo, ʻaʻohe wahi ʻē aʻe i kēia manawa no ke komo ʻana o ke kaʻa i loko o kēia alahaka koe wale nō mai kēia interface (ka interface me br-int), a i ka manaʻo ʻana i nā hāʻule, ua lele mua ka huakaʻi BUM i ke alahaka.
ʻO ia, hiki ke haʻalele i kēia node ma o ka tunnel VxLAN a ʻaʻohe mea ʻē aʻe. Eia nō naʻe, inā e hoʻā ʻoe i ka DVR, e loli ke kūlana, akā e hana mākou i kēlā i kekahi manawa. Ke hoʻohana nei i ka hoʻokaʻawale pūnaewele, no ka laʻana me ka hoʻohana ʻana i nā vlans, ʻaʻole loaʻa iā ʻoe hoʻokahi interface L3 ma vlan 0, akā he mau mea pili. Eia naʻe, e haʻalele ʻo VxLAN traffic i ka node ma ke ʻano like, akā hoʻopili pū ʻia i kekahi ʻano vlan i hoʻolaʻa ʻia.
Ua hoʻokaʻawale mākou i ka node compute, e neʻe mākou i ka node mana.
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl dpif/show
system@ovs-system: hit:930491 missed:825
br-ex:
br-ex 65534/1: (internal)
eth0 1/2: (system)
phy-br-ex 2/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/3: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
br-tun:
br-tun 65534/4: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff13 3/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.19)
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$ʻO kaʻoiaʻiʻo, hiki iā mākou ke'ōlelo ua like nā mea a pau, akā,ʻaʻole ka IP address ma ke kino kino akā ma ke alahaka virtual. Hana ʻia kēia no ka mea ʻo kēia awa ke awa e puka ai nā kaʻa i waho.
[heat-admin@overcloud-controller-0 ~]$ ifconfig br-ex
br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.15 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe20:a22f prefixlen 64 scopeid 0x20<link>
ether 52:54:00:20:a2:2f txqueuelen 1000 (Ethernet)
RX packets 803859 bytes 1732616116 (1.6 GiB)
RX errors 0 dropped 63 overruns 0 frame 0
TX packets 808475 bytes 121652156 (116.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-ex
port VLAN MAC Age
3 100 28:c0:da:00:4d:d3 35
1 0 28:c0:da:00:4d:d3 35
1 0 52:54:00:98:e9:d6 0
LOCAL 0 52:54:00:20:a2:2f 0
1 0 52:54:00:2c:08:9e 0
3 100 52:54:00:20:a2:2f 0
1 0 52:54:00:6a:ea:be 0
[heat-admin@overcloud-controller-0 ~]$ Hoʻopaʻa ʻia kēia awa i ke alahaka br-ex a no ka mea ʻaʻohe mau vlan tag ma luna, ʻo kēia awa kahi pahu pahu kahi e ʻae ʻia ai nā vlans a pau, i kēia manawa ke hele nei ke kaʻa i waho me ka ʻole o ka hōʻailona, e like me ka vlan-id 0 i ka puka ma luna.
ʻO nā mea ʻē aʻe i kēia manawa ua like ia me ka node compute - nā alahaka like, nā tunnels like e hele ana i ʻelua node compute.
ʻAʻole mākou e noʻonoʻo i nā nodes mālama i kēia ʻatikala, akā no ka hoʻomaopopo ʻana he mea pono e ʻōlelo ʻo ka ʻāpana pūnaewele o kēia mau nodes he banal a hiki i ka hilahila. I kā mākou hihia, hoʻokahi wale nō port kino (eth0) me kahi IP IP i hāʻawi ʻia iā ia a ʻo ia nō. ʻAʻohe VxLAN tunnels, tunnel bridges, etc. Ke hoʻohana nei i ka hoʻokaʻawale ʻana i ka pūnaewele, e loaʻa i kēia node ʻelua mau kikowaena (nā awa kino, bodny, a i ʻole ʻelua vlans wale nō - ʻaʻohe mea pili - pili ia i ka mea āu e makemake ai) - hoʻokahi no ka hoʻokele, ʻo ka lua no ke kalepa (kākau i ka disk VM. , heluhelu mai ka diski, etc.)
Ua noʻonoʻo mākou i nā mea i loaʻa iā mākou ma nā nodes me ka ʻole o nā lawelawe. I kēia manawa, e hoʻomaka kākou i nā mīkini virtual 4 a ʻike i ke ʻano o ka hoʻololi ʻana o ka hoʻolālā i hōʻike ʻia ma luna - pono mākou e loaʻa nā awa, nā mea hoʻokele virtual, etc.
I kēia manawa, ua like kā mākou pūnaewele:
Loaʻa iā mākou ʻelua mīkini virtual ma kēlā me kēia node kamepiula. Ke hoʻohana nei i ka compute-0 ma ke ʻano he laʻana, e ʻike kākou pehea e hoʻokomo ʻia ai nā mea a pau.
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh list
Id Name State
----------------------------------------------------
1 instance-00000001 running
3 instance-00000003 running
[heat-admin@overcloud-novacompute-0 ~]$ Hoʻokahi wale nō mea hoʻohana virtual - tap95d96a75-a0:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
ʻIke ʻia kēia interface ma ke alahaka linux:
[heat-admin@overcloud-novacompute-0 ~]$ sudo brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242904c92a8 no
qbr5bd37136-47 8000.5e4e05841423 no qvb5bd37136-47
tap5bd37136-47
qbr95d96a75-a0 8000.de076cb850f6 no qvb95d96a75-a0
tap95d96a75-a0
[heat-admin@overcloud-novacompute-0 ~]$ E like me kāu e ʻike ai mai ka hoʻopuka ʻana, ʻelua wale nō mau pilina ma ke alahaka - tap95d96a75-a0 a me qvb95d96a75-a0.
Eia ka mea pono e noho iki i nā ʻano o nā polokalamu kelepona ma OpenStack:
vtap - hoʻopili ʻia ke kikowaena virtual i kahi laʻana (VM)
qbr - alahaka Linux
qvb a me qvo - vEth i pili i ke alahaka Linux a me ke alahaka Open vSwitch
br-int, br-tun, br-vlan - Wehe i nā alahaka vSwitch
patch-, int-br-, phy-br- - Wehe vSwitch patch interfaces e pili ana i na alahaka
qg, qr, ha, fg, sg - Wehe i nā awa vSwitch i hoʻohana ʻia e nā polokalamu uila e hoʻopili iā OVS
E like me kāu e hoʻomaopopo ai, inā loaʻa iā mākou kahi awa qvb95d96a75-a0 i loko o ke alahaka, ʻo ia ka vEth pair, a laila aia ma kahi o kāna counterpart, pono e kapa ʻia ʻo qvo95d96a75-a0. E ʻike kākou i nā awa ma OVS.
[heat-admin@overcloud-novacompute-0 ~]$ sudo sudo ovs-appctl dpif/show
system@ovs-system: hit:526 missed:91
br-ex:
br-ex 65534/1: (internal)
phy-br-ex 1/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/2: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
qvo5bd37136-47 6/6: (system)
qvo95d96a75-a0 3/5: (system)
br-tun:
br-tun 65534/3: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff0f 3/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.15)
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$ E like me kā mākou e ʻike ai, aia ke awa ma br-int. Hana ʻo Br-int ma ke ʻano he hoʻololi e hoʻopau i nā awa mīkini virtual. Ma waho aʻe o qvo95d96a75-a0, ʻike ʻia ke awa qvo5bd37136-47 i ka hopena. ʻO kēia ke awa i ka mīkini virtual lua. ʻO ka hopena, ua like kā mākou kiʻi i kēia manawa:
He nīnau e hoihoi koke i ka mea heluhelu hoʻolohe - he aha ke alahaka linux ma waena o ke awa mīkini virtual a me ke awa OVS? ʻO ka ʻoiaʻiʻo ʻo ka pale ʻana i ka mīkini, hoʻohana ʻia nā pūʻulu palekana, ʻaʻohe mea ʻē aʻe ma mua o nā iptables. ʻAʻole hana ʻo OVS me nā iptables, no laila ua hana ʻia kēia "crutch". Eia naʻe, ke lilo nei ia i mea kahiko - ke pani ʻia nei e conntrack i nā mea hou.
ʻO ia hoʻi, ʻo ke ʻano o ka papahana e like me kēia:
ʻElua mau mīkini ma hoʻokahi hypervisor ma hoʻokahi pūnaewele L2
No ka mea aia kēia mau VM ʻelua ma ka pūnaewele L2 hoʻokahi a ma ka hypervisor hoʻokahi, e holo pololei ana ka huakaʻi ma waena o lākou ma o br-int, no ka mea, aia nā mīkini ʻelua ma ka VLAN hoʻokahi:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000003
Interface Type Source Model MAC
-------------------------------------------------------
tap5bd37136-47 bridge qbr5bd37136-47 virtio fa:16:3e:83:ad:a4
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int
port VLAN MAC Age
6 1 fa:16:3e:83:ad:a4 0
3 1 fa:16:3e:44:98:20 0
[heat-admin@overcloud-novacompute-0 ~]$ ʻElua mau mīkini ma nā hypervisors like ʻole ma ka pūnaewele L2 like
E ʻike kākou pehea e hele ai ke kaʻa ma waena o nā mīkini ʻelua ma ka pūnaewele L2 like, akā aia ma nā hypervisors like ʻole. ʻO kaʻoiaʻiʻo, ʻaʻohe mea e loli nui, ʻo ke kaʻa wale ma waena o nā hypervisors e hele i loko o ka tunnel vxlan. E nānā kākou i kekahi laʻana.
Nā helu wahi o nā mīkini virtual ma waena o mākou e nānā ai i ke kaʻa:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo virsh domiflist instance-00000002
Interface Type Source Model MAC
-------------------------------------------------------
tape7e23f1b-07 bridge qbre7e23f1b-07 virtio fa:16:3e:72:ad:53
[heat-admin@overcloud-novacompute-1 ~]$ Nānā mākou i ka papa hoʻouna ma br-int ma compute-0:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:72:ad:53
2 1 fa:16:3e:72:ad:53 1
[heat-admin@overcloud-novacompute-0 ~]Pono ke kaʻa i ke awa 2 - e ʻike kākou i ke ʻano o ia awa:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:7e:7f:28:1f:bd:54
2(patch-tun): addr:0a:bd:07:69:58:d9
3(qvo95d96a75-a0): addr:ea:50:9a:3d:69:58
6(qvo5bd37136-47): addr:9a:d1:03:50:3d:96
LOCAL(br-int): addr:1a:0f:53:97:b1:49
[heat-admin@overcloud-novacompute-0 ~]$ʻO kēia ka patch-tun - ʻo ia hoʻi, ke kikowaena ma br-tun. E ʻike kākou i ka hopena o ka pūʻolo ma br-tun:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:72:ad:53
cookie=0x8759a56536b67a8e, duration=1387.959s, table=20, n_packets=1460, n_bytes=138880, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:72:ad:53 actions=load:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:2
[heat-admin@overcloud-novacompute-0 ~]$ Hoʻopili ʻia ka ʻeke ma VxLAN a hoʻouna ʻia i ke awa 2. E ʻike kākou i kahi e alakaʻi ai ke awa 2:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:b2:d1:f8:21:96:66
2(vxlan-c0a8ff1a): addr:be:64:1f:75:78:a7
3(vxlan-c0a8ff0f): addr:76:6f:b9:3c:3f:1c
LOCAL(br-tun): addr:a2:5b:6d:4f:94:47
[heat-admin@overcloud-novacompute-0 ~]$He tunnel vxlan kēia ma compute-1:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl dpif/show | egrep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$E hele kāua i ka helu-1 a ʻike i ka mea e hiki mai ana me ka pūʻolo:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:44:98:20
2 1 fa:16:3e:44:98:20 1
[heat-admin@overcloud-novacompute-1 ~]$ Aia ʻo Mac i ka papa hoʻouna br-int ma compute-1, a e like me ka mea i ʻike ʻia mai ka hoʻopuka ʻana ma luna, ʻike ʻia ia ma o ke awa 2, ʻo ia ke awa i br-tun:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:8a:d7:f9:ad:8c:1d
2(patch-tun): addr:46:cc:40:bd:20:da
3(qvoe7e23f1b-07): addr:12:78:2e:34:6a:c7
4(qvo3210e8ec-c0): addr:7a:5f:59:75:40:85
LOCAL(br-int): addr:e2:27:b2:ed:14:46ʻAe, a laila ʻike mākou aia ma br-int ma compute-1 kahi poppy huakaʻi:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:72:ad:53
3 1 fa:16:3e:72:ad:53 0
[heat-admin@overcloud-novacompute-1 ~]$ ʻO ia hoʻi, e lele ka ʻeke i loaʻa i ke awa 3, ma hope o laila aia kahi mīkini virtual instance-00000003.
ʻO ka nani o ka hoʻohana ʻana i Openstack no ke aʻo ʻana i nā ʻōnaehana virtual ʻo ia ka hiki iā mākou ke hopu maʻalahi i nā kaʻa ma waena o nā hypervisors a ʻike i nā mea e hana nei me ia. ʻO kēia ka mea a mākou e hana ai i kēia manawa, e holo i ka tcpdump ma ke awa vnet e pili ana i ka compute-0:
[root@hp-gen9 bormoglotx]# tcpdump -vvv -i vnet3
tcpdump: listening on vnet3, link-type EN10MB (Ethernet), capture size 262144 bytes
*****************omitted*******************
04:39:04.583459 IP (tos 0x0, ttl 64, id 16868, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.19.39096 > 192.168.255.26.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 8012, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.1.88: ICMP echo request, id 5634, seq 16, length 64
04:39:04.584449 IP (tos 0x0, ttl 64, id 35181, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.26.speedtrace-disc > 192.168.255.19.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 59124, offset 0, flags [none], proto ICMP (1), length 84)
10.0.1.88 > 10.0.1.85: ICMP echo reply, id 5634, seq 16, length 64
*****************omitted*******************Hōʻike ka laina mua e hele ana ʻo Patek mai ka helu 10.0.1.85 i ka helu 10.0.1.88 (ICMP traffic), a ua wahī ʻia i loko o kahi ʻeke VxLAN me vni 22 a hele ka ʻeke mai ka host 192.168.255.19 (compute-0) e hoʻokipa iā 192.168.255.26 .1 ( helu-XNUMX). Hiki iā mākou ke nānā inā pili ka VNI i ka mea i kuhikuhi ʻia ma ovs.
E hoʻi kāua i kēia laina hana=hoʻouka:0->NXM_OF_VLAN_TCI [], hoʻouka: 0x16->NXM_NX_TUN_ID[], puka:2. ʻO 0x16 ka vni ma ka ʻōnaehana helu hexadecimal. E hoʻololi kākou i kēia helu i ka ʻōnaehana 16:
16 = 6*16^0+1*16^1 = 6+16 = 22ʻO ia hoʻi, pili ka vni i ka ʻoiaʻiʻo.
Hōʻike ka laina ʻelua i ke kaʻa hoʻi, ʻaʻohe kumu o ka wehewehe ʻana, ua maopopo nā mea a pau ma laila.
ʻElua mau mīkini ma nā pūnaewele ʻokoʻa (ka hoʻokele pūnaewele waena)
ʻO ka hihia hope loa no kēia lā ʻo ke alahele ma waena o nā pūnaewele i loko o hoʻokahi papahana me ka hoʻohana ʻana i kahi router virtual. Ke noʻonoʻo nei mākou i kahi hihia me ka ʻole o kahi DVR (e nānā mākou iā ia ma kahi ʻatikala ʻē aʻe), no laila ke hele nei ke ala ma ka node pūnaewele. I kā mākou hihia, ʻaʻole i hoʻokomo ʻia ka node pūnaewele i kahi hui ʻokoʻa a aia ma ka node mana.
ʻO ka mea mua, e ʻike kākou i ka hana ʻana o ke ala:
$ ping 10.0.2.8
PING 10.0.2.8 (10.0.2.8): 56 data bytes
64 bytes from 10.0.2.8: seq=0 ttl=63 time=7.727 ms
64 bytes from 10.0.2.8: seq=1 ttl=63 time=3.832 ms
^C
--- 10.0.2.8 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 3.832/5.779/7.727 msNo ka mea, i kēia hihia, pono e hele ka ʻeke i ka ʻīpuka a hele i laila, pono mākou e ʻike i ka helu poppy o ka ʻīpuka, kahi e nānā ai mākou i ka papa ARP ma ke ʻano:
$ arp
host-10-0-1-254.openstacklocal (10.0.1.254) at fa:16:3e:c4:64:70 [ether] on eth0
host-10-0-1-1.openstacklocal (10.0.1.1) at fa:16:3e:e6:2c:5c [ether] on eth0
host-10-0-1-90.openstacklocal (10.0.1.90) at fa:16:3e:83:ad:a4 [ether] on eth0
host-10-0-1-88.openstacklocal (10.0.1.88) at fa:16:3e:72:ad:53 [ether] on eth0ʻĀnō e ʻike kākou i kahi e hoʻouna ʻia ai ka huakaʻi me ka huakaʻi (10.0.1.254) fa:16:3e:c4:64:70:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:c4:64:70
2 1 fa:16:3e:c4:64:70 0
[heat-admin@overcloud-novacompute-0 ~]$ E nānā kākou i kahi e alakaʻi ai ke awa 2:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:7e:7f:28:1f:bd:54
2(patch-tun): addr:0a:bd:07:69:58:d9
3(qvo95d96a75-a0): addr:ea:50:9a:3d:69:58
6(qvo5bd37136-47): addr:9a:d1:03:50:3d:96
LOCAL(br-int): addr:1a:0f:53:97:b1:49
[heat-admin@overcloud-novacompute-0 ~]$ Pono nā mea a pau, hele ke kaʻa i br-tun. E ʻike kāua i ka tunnel vxlan e wahī ʻia ai:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:c4:64:70
cookie=0x8759a56536b67a8e, duration=3514.566s, table=20, n_packets=3368, n_bytes=317072, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:c4:64:70 actions=load:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:3
[heat-admin@overcloud-novacompute-0 ~]$ ʻO ke kolu o ke awa he pūnana vxlan:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:a2:69:00:c5:fa:ba
2(vxlan-c0a8ff1a): addr:86:f0:ce:d0:e8:ea
3(vxlan-c0a8ff13): addr:72:aa:73:2c:2e:5b
LOCAL(br-tun): addr:a6:cb:cd:72:1c:45
[heat-admin@overcloud-controller-0 ~]$ Ke nānā nei i ka node mana:
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$ Ua hōʻea ke kaʻa i ka node mana, no laila pono mākou e hele i laila a ʻike i ke ʻano o ke ala ʻana.
E like me kāu e hoʻomanaʻo ai, ua like ke ʻano o ka node mana i loko me ka node compute - ʻekolu mau alahaka like, ʻo br-ex wale nō kahi awa kino e hiki ai i ka node ke hoʻouna aku i waho. Ua hoʻololi ka hana ʻana i nā manawa i ka hoʻonohonoho ʻana i nā nodes compute - linux bridge, iptables a me nā interface i hoʻohui ʻia i nā nodes. ʻO ka hana ʻana o nā pūnaewele a me kahi router virtual ua waiho pū i kāna hōʻailona ma ka hoʻonohonoho ʻana o ka node mana.
No laila, ʻike maopopo ʻia ka helu MAC puka i loko o ka papa kuhikuhi mua ma ka node mana. E nānā kāua aia ma laila a ma hea kāna e nānā nei:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:c4:64:70
5 1 fa:16:3e:c4:64:70 1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:2e:58:b6:db:d5:de
2(patch-tun): addr:06:41:90:f0:9e:56
3(tapca25a97e-64): addr:fa:16:3e:e6:2c:5c
4(tap22015e46-0b): addr:fa:16:3e:76:c2:11
5(qr-0c52b15f-8f): addr:fa:16:3e:c4:64:70
6(qr-92fa49b5-54): addr:fa:16:3e:80:13:72
LOCAL(br-int): addr:06:de:5d:ed:44:44
[heat-admin@overcloud-controller-0 ~]$ ʻIke ʻia ka Mac mai ke awa qr-0c52b15f-8f. Inā mākou e hoʻi i ka papa inoa o nā awa virtual ma Openstack, hoʻohana ʻia kēia ʻano o ke awa e hoʻopili ai i nā ʻano mea uila like ʻole i OVS. No ka ʻoi aku ka pololei, ʻo qr kahi awa i ka router virtual, i hōʻike ʻia ma ke ʻano he inoa inoa.
E ʻike kākou i nā inoa inoa ma ke kikowaena:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns
qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe (id: 2)
qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 (id: 1)
qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 (id: 0)
[heat-admin@overcloud-controller-0 ~]$ ʻEkolu kope. Akā i ka hoʻoholo ʻana i nā inoa, hiki iā ʻoe ke koho i ke kumu o kēlā me kēia. E hoʻi mākou i nā manawa me ka ID 0 a me 1 ma hope, i kēia manawa makemake mākou i ka inoa inoa qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe ip route
10.0.1.0/24 dev qr-0c52b15f-8f proto kernel scope link src 10.0.1.254
10.0.2.0/24 dev qr-92fa49b5-54 proto kernel scope link src 10.0.2.254
[heat-admin@overcloud-controller-0 ~]$ Aia i loko o kēia waihona inoa ʻelua mau mea i hana mua ʻia. Ua hoʻohui ʻia nā awa ʻelua i ka br-int. E nānā kāua i ka helu mac o ke awa qr-0c52b15f-8f, no ka mea, ua hele ka huakaʻi, e hoʻoholo ana i ka helu mac e hele ai, i kēia interface.
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe ifconfig qr-0c52b15f-8f
qr-0c52b15f-8f: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.0.1.254 netmask 255.255.255.0 broadcast 10.0.1.255
inet6 fe80::f816:3eff:fec4:6470 prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:c4:64:70 txqueuelen 1000 (Ethernet)
RX packets 5356 bytes 427305 (417.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5195 bytes 490603 (479.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-controller-0 ~]$ ʻO ia hoʻi, i kēia hihia, hana nā mea a pau e like me nā kānāwai o ke ala ala maʻamau. No ka mea, ua hoʻoholo ʻia ke kaʻa no ka host 10.0.2.8, pono ia e haʻalele ma o ka lua o ka interface qr-92fa49b5-54 a hele ma ka vxlan tunnel a hiki i ka helu helu:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe arp
Address HWtype HWaddress Flags Mask Iface
10.0.1.88 ether fa:16:3e:72:ad:53 C qr-0c52b15f-8f
10.0.1.90 ether fa:16:3e:83:ad:a4 C qr-0c52b15f-8f
10.0.2.8 ether fa:16:3e:6c:ad:9c C qr-92fa49b5-54
10.0.2.42 ether fa:16:3e:f5:0b:29 C qr-92fa49b5-54
10.0.1.85 ether fa:16:3e:44:98:20 C qr-0c52b15f-8f
[heat-admin@overcloud-controller-0 ~]$ Pono nā mea a pau, ʻaʻohe mea kupanaha. E ʻike kākou i kahi i ʻike ʻia ai ka helu poppy o ka host 10.0.2.8 ma br-int:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:6c:ad:9c
2 2 fa:16:3e:6c:ad:9c 1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:2e:58:b6:db:d5:de
2(patch-tun): addr:06:41:90:f0:9e:56
3(tapca25a97e-64): addr:fa:16:3e:e6:2c:5c
4(tap22015e46-0b): addr:fa:16:3e:76:c2:11
5(qr-0c52b15f-8f): addr:fa:16:3e:c4:64:70
6(qr-92fa49b5-54): addr:fa:16:3e:80:13:72
LOCAL(br-int): addr:06:de:5d:ed:44:44
[heat-admin@overcloud-controller-0 ~]$ E like me ka mea i manaʻo ʻia, hele ke kaʻa i br-tun, e ʻike kākou i ke ala e hele ai ke kaʻa ma hope aʻe:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:6c:ad:9c
cookie=0x2ab04bf27114410e, duration=5346.829s, table=20, n_packets=5248, n_bytes=498512, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0002/0x0fff,dl_dst=fa:16:3e:6c:ad:9c actions=load:0->NXM_OF_VLAN_TCI[],load:0x63->NXM_NX_TUN_ID[],output:2
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:a2:69:00:c5:fa:ba
2(vxlan-c0a8ff1a): addr:86:f0:ce:d0:e8:ea
3(vxlan-c0a8ff13): addr:72:aa:73:2c:2e:5b
LOCAL(br-tun): addr:a6:cb:cd:72:1c:45
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$ Hele ke kaʻa i ka tunnel e helu-1. ʻAe, ma ka compute-1 ua maʻalahi nā mea a pau - mai ka br-tun e hele ai ka pōʻai i br-int a mai laila aku i ka interface mīkini virtual:
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:6c:ad:9c
4 2 fa:16:3e:6c:ad:9c 1
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:8a:d7:f9:ad:8c:1d
2(patch-tun): addr:46:cc:40:bd:20:da
3(qvoe7e23f1b-07): addr:12:78:2e:34:6a:c7
4(qvo3210e8ec-c0): addr:7a:5f:59:75:40:85
LOCAL(br-int): addr:e2:27:b2:ed:14:46
[heat-admin@overcloud-novacompute-1 ~]$ E nānā kāua ʻo kēia ka interface pololei:
[heat-admin@overcloud-novacompute-1 ~]$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.02429c001e1c no
qbr3210e8ec-c0 8000.ea27f45358be no qvb3210e8ec-c0
tap3210e8ec-c0
qbre7e23f1b-07 8000.b26ac0eded8a no qvbe7e23f1b-07
tape7e23f1b-07
[heat-admin@overcloud-novacompute-1 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo virsh domiflist instance-00000004
Interface Type Source Model MAC
-------------------------------------------------------
tap3210e8ec-c0 bridge qbr3210e8ec-c0 virtio fa:16:3e:6c:ad:9c
[heat-admin@overcloud-novacompute-1 ~]$
ʻOiaʻiʻo, hele mākou i ke ala āpau ma ka pūʻolo. Manaʻo wau ua ʻike ʻoe i ka hele ʻana o ke kaʻa ma nā ʻāpana vxlan like ʻole a puka i waho me nā VNI like ʻole. E ʻike kākou i ke ʻano o kēia mau VNI, a laila e hōʻiliʻili mākou i kahi ʻōpala ma ke awa hoʻomalu o ka node a e hōʻoia i ka holo pololei ʻana o ke kaʻa e like me ka mea i hōʻike ʻia ma luna.
No laila, loaʻa i ka tunnel e helu-0 nā hana aʻe = hoʻouka: 0->NXM_OF_VLAN_TCI [], hoʻouka: 0x16-> NXM_NX_TUN_ID [], puka:3. E hoʻololi kākou i ka 0x16 i ka ʻōnaehana helu decimal:
0x16 = 6*16^0+1*16^1 = 6+16 = 22Loaʻa i ka tunnel e helu ai-1 kēia VNI: nā hana = hoʻouka: 0->NXM_OF_VLAN_TCI[], hoʻouka: 0x63->NXM_NX_TUN_ID[], puka:2. E hoʻololi kākou i ka 0x63 i ka ʻōnaehana helu decimal:
0x63 = 3*16^0+6*16^1 = 3+96 = 99ʻĀ, ʻānō e nānā kākou i ka ʻōpala:
[root@hp-gen9 bormoglotx]# tcpdump -vvv -i vnet4
tcpdump: listening on vnet4, link-type EN10MB (Ethernet), capture size 262144 bytes
*****************omitted*******************
04:35:18.709949 IP (tos 0x0, ttl 64, id 48650, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.19.41591 > 192.168.255.15.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 49042, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.2.8: ICMP echo request, id 5378, seq 9, length 64
04:35:18.710159 IP (tos 0x0, ttl 64, id 23360, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.15.38983 > 192.168.255.26.4789: [no cksum] VXLAN, flags [I] (0x08), vni 99
IP (tos 0x0, ttl 63, id 49042, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.2.8: ICMP echo request, id 5378, seq 9, length 64
04:35:18.711292 IP (tos 0x0, ttl 64, id 43596, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.26.42588 > 192.168.255.15.4789: [no cksum] VXLAN, flags [I] (0x08), vni 99
IP (tos 0x0, ttl 64, id 55103, offset 0, flags [none], proto ICMP (1), length 84)
10.0.2.8 > 10.0.1.85: ICMP echo reply, id 5378, seq 9, length 64
04:35:18.711531 IP (tos 0x0, ttl 64, id 8555, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.15.38983 > 192.168.255.19.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 63, id 55103, offset 0, flags [none], proto ICMP (1), length 84)
10.0.2.8 > 10.0.1.85: ICMP echo reply, id 5378, seq 9, length 64
*****************omitted*******************ʻO ka ʻeke mua he ʻeke vxlan mai ka host 192.168.255.19 (compute-0) e hoʻokipa i ka 192.168.255.15 (control-1) me vni 22, i loko kahi i hoʻopaʻa ʻia ai kahi ʻeke ICMP mai ka host 10.0.1.85 a hoʻokipa iā 10.0.2.8. E like me kā mākou i helu ai ma luna, ua like ka vni i ka mea a mākou i ʻike ai i ka hoʻopuka.
ʻO ka ʻeke ʻelua he ʻeke vxlan mai ka host 192.168.255.15 (control-1) e hoʻokipa iā 192.168.255.26 (compute-1) me vni 99, i loko kahi i hoʻopaʻa ʻia ai kahi ʻeke ICMP mai ka host 10.0.1.85 a hoʻokipa iā 10.0.2.8. E like me kā mākou i helu ai ma luna, ua like ka vni i ka mea a mākou i ʻike ai i ka hoʻopuka.
ʻO nā ʻeke ʻelua e hiki mai ana ka hoʻihoʻi ʻana mai 10.0.2.8 ʻaʻole 10.0.1.85.
ʻO ia hoʻi, i ka hopena ua loaʻa iā mākou ka ʻōnaehana node control penei:
Me he mea lā ʻo ia? Ua poina iā mākou e pili ana i ʻelua papa inoa:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns
qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe (id: 2)
qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 (id: 1)
qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 (id: 0)
[heat-admin@overcloud-controller-0 ~]$ I ko mākou kamaʻilio ʻana e pili ana i ka hoʻolālā ʻana o ka paepae ao, ʻoi aku ka maikaʻi inā loaʻa nā mīkini i nā leka uila mai kahi kikowaena DHCP. ʻElua mau kikowaena DHCP no kā mākou mau pūnaewele ʻelua 10.0.1.0/24 a me 10.0.2.0/24.
E nana kakou he oiaio keia. Hoʻokahi wale nō helu wahi ma kēia inoa inoa - 10.0.1.1 - ka helu wahi o ke kikowaena DHCP pono'ī, a ua hoʻokomo pū ʻia i loko o br-int:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1 bytes 28 (28.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 28 (28.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tapca25a97e-64: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.0.1.1 netmask 255.255.255.0 broadcast 10.0.1.255
inet6 fe80::f816:3eff:fee6:2c5c prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:e6:2c:5c txqueuelen 1000 (Ethernet)
RX packets 129 bytes 9372 (9.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 6154 (6.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0E ʻike inā loaʻa nā kaʻina hana qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 ma ko lākou inoa ma ka node mana:
[heat-admin@overcloud-controller-0 ~]$ ps -aux | egrep qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638
root 640420 0.0 0.0 4220 348 ? Ss 11:31 0:00 dumb-init --single-child -- ip netns exec qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 /usr/sbin/dnsmasq -k --no-hosts --no-resolv --pid-file=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/host --addn-hosts=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/opts --dhcp-leasefile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/leases --dhcp-match=set:ipxe,175 --local-service --bind-dynamic --dhcp-range=set:subnet-335552dd-b35b-456b-9df0-5aac36a3ca13,10.0.2.0,static,255.255.255.0,86400s --dhcp-option-force=option:mtu,1450 --dhcp-lease-max=256 --conf-file= --domain=openstacklocal
heat-ad+ 951620 0.0 0.0 112944 980 pts/0 S+ 18:50 0:00 grep -E --color=auto qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638
[heat-admin@overcloud-controller-0 ~]$ Aia ke kaʻina hana a ma muli o ka ʻike i hōʻike ʻia ma ka hopena ma luna, hiki iā mākou, no ka laʻana, ʻike i nā mea i loaʻa iā mākou i kēia manawa no ka hoʻolimalima:
[heat-admin@overcloud-controller-0 ~]$ cat /var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/leases
1597492111 fa:16:3e:6c:ad:9c 10.0.2.8 host-10-0-2-8 01:fa:16:3e:6c:ad:9c
1597491115 fa:16:3e:76:c2:11 10.0.2.1 host-10-0-2-1 *
[heat-admin@overcloud-controller-0 ~]$Ma muli o ka hopena, loaʻa iā mākou kēia pūʻulu o nā lawelawe ma ka node mana:
Pono, e hoʻomanaʻo - ʻo kēia wale nō nā mīkini 4, 2 pūnaewele kūloko a me hoʻokahi router virtual... ʻAʻohe o mākou pūnaewele waho ma ʻaneʻi i kēia manawa, he pūʻulu o nā papahana like ʻole, kēlā me kēia me kā lākou pūnaewele ponoʻī (overlapping), a loaʻa iā mākou ua pio ka mea alalai mahele, a i ka hopena Ma hope o nā mea a pau, hoʻokahi wale nō node mana i loko o ka papa hoʻāʻo (no ka ʻae ʻana i ka hewa he ʻekolu node). He mea kūpono ia i ke kālepa ʻana he "liʻiliʻi" ʻoi aku ka paʻakikī, akā ma kēia hiʻohiʻona maʻalahi mākou e hoʻomaopopo pehea e hana ai - inā he 3 a i ʻole 300 mau inoa inoa he mea nui, akā mai ka manaʻo o ka hana o ka holoʻokoʻa. hale, ʻaʻohe mea e loli nui ... ʻoiai ʻaʻole ʻoe e hoʻopili i kekahi mea kūʻai SDN. Akā, he moʻolelo ʻokoʻa loa kēlā.
Manaʻo wau he mea hoihoi ia. Inā loaʻa iā ʻoe kekahi manaʻo/hoʻohui, a i ʻole ma kahi aʻu i hoʻopunipuni pololei ai (he kanaka wau a e manaʻo mau koʻu manaʻo) - e kākau i nā mea e pono e hoʻoponopono ʻia / hoʻohui - e hoʻoponopono / hoʻohui mākou i nā mea āpau.
I ka hopena, makemake wau e ʻōlelo i kekahi mau huaʻōlelo e pili ana i ka hoʻohālikelike ʻana i ka Openstack (ʻo ka vanilla a me ka mea kūʻai aku) me ka solution cloud mai VMWare - Ua nīnau pinepine ʻia wau i kēia nīnau i nā makahiki i hala aku nei a, ʻo ka ʻōlelo pololei, ʻo wau. ua luhi ia, akā naʻe. I koʻu manaʻo, he mea paʻakikī loa ka hoʻohālikelike ʻana i kēia mau hoʻonā ʻelua, akā hiki iā mākou ke ʻōlelo maopopo he mau hemahema i nā hopena ʻelua a i ke koho ʻana i hoʻokahi hopena pono ʻoe e kaupaona i nā pono a me nā pōʻino.
Inā ʻo OpenStack kahi hopena i alakaʻi ʻia e ke kaiāulu, a laila aia iā VMWare ke kuleana e hana wale i kāna mea e makemake ai (heluhelu - he aha ka mea e pono ai) a he mea kūpono kēia - no ka mea he ʻoihana kālepa i hoʻohana ʻia e hana kālā mai kāna mau mea kūʻai aku. Akā aia kekahi nui a momona AKA - hiki iā ʻoe ke haʻalele iā OpenStack, no ka laʻana mai Nokia, a me ka hoʻololi liʻiliʻi i kahi hoʻonā, no ka laʻana, Juniper (Contrail Cloud), akā ʻaʻole paha ʻoe e hiki ke haʻalele iā VMWare . Noʻu, ua like kēia mau hoʻonā ʻelua - ʻO Openstack (mea kūʻai aku) he hale maʻalahi kahi i waiho ʻia ai ʻoe, akā he kī kāu a hiki iā ʻoe ke haʻalele i kēlā me kēia manawa. ʻO VMWare kahi hale gula, aia i ka mea nona ke kī o ka hale a e uku nui ʻia iā ʻoe.
ʻAʻole wau e hoʻolaha i ka huahana mua a i ʻole ka lua - koho ʻoe i kāu mea e pono ai. Akā inā loaʻa iaʻu kahi koho, e koho wau i nā hopena ʻelua - VMWare no ke ao IT (nā haʻahaʻa haʻahaʻa, hoʻokele maʻalahi), OpenStack mai kekahi mea kūʻai aku (Nokia a me Juniper hāʻawi i nā hopena turnkey maikaʻi loa) - no ke ao Telecom. ʻAʻole au e hoʻohana i ka Openstack no IT maʻemaʻe - ua like ia me ka pana ʻana i nā manu liʻiliʻi me kahi pūkuniahi, akā ʻaʻole wau i ʻike i nā contraindications i ka hoʻohana ʻana ia mea ma mua o ka redundancy. Eia nō naʻe, ʻo ka hoʻohana ʻana iā VMWare ma ke kelepona ua like ia me ka huki ʻana i ka pōhaku i ʻoki ʻia i loko o kahi Ford Raptor - nani ia mai waho, akā pono ka mea hoʻokele e hana i 10 mau huakaʻi ma mua o hoʻokahi.
I koʻu manaʻo, ʻo ka pōʻino nui loa o VMWare ʻo kona paʻa piha ʻana - ʻaʻole e hāʻawi ka ʻoihana iā ʻoe i ka ʻike e pili ana i ka hana ʻana, no ka laʻana, vSAN a i ʻole ka mea i loko o ka kernel hypervisor - ʻaʻole pono ia no ia - ʻo ia hoʻi, e hana ʻoe. ʻaʻole loa e lilo i loea ma VMWare - me ke kākoʻo ʻole o ka mea kūʻai aku, ua hoʻopaʻi ʻia ʻoe (pinepine wau e hālāwai me nā poʻe loea VMWare i kānalua ʻia e nā nīnau liʻiliʻi). Noʻu, ke kūʻai nei ʻo VMWare i kaʻa me ka paʻa ʻana o ka puʻupuʻu - ʻae, loaʻa paha iā ʻoe nā loea e hiki ke hoʻololi i ke kāʻei manawa, akā ʻo ka mea kūʻai aku iā ʻoe i kēia hopena hiki ke wehe i ka hood. ʻO wau iho, ʻaʻole wau makemake i nā hoʻonā hiki ʻole iaʻu ke komo. E ʻōlelo ʻoe ʻaʻole pono ʻoe e hele ma lalo o ka pā. ʻAe, hiki kēia, akā, e nānā au iā ʻoe i ka wā e pono ai ʻoe e hōʻuluʻulu i kahi hana nui i ke ao mai 20-30 mau mīkini virtual, 40-50 pūnaewele, ʻo ka hapalua o ka makemake e hele i waho, a noi ka hapa lua. ʻO ka wikiwiki SR-IOV, inā ʻaʻole pono ʻoe i ʻelua mau kakini o kēia mau kaʻa - inā ʻaʻole lawa ka hana.
Aia nā manaʻo ʻē aʻe, no laila hiki iā ʻoe ke hoʻoholo i ka mea e koho ai a, ʻo ka mea nui loa, ʻo ʻoe ke kuleana no kāu koho. ʻO koʻu manaʻo wale nō kēia - kahi kanaka i ʻike a hoʻopā i nā huahana 4 ma lalo o ka liʻiliʻi - Nokia, Juniper, Red Hat a me VMWare. ʻO ia hoʻi, he mea kaʻu e hoʻohālikelike ai.
Source: www.habr.com