Cloud computing ikulowa mozama m'miyoyo yathu ndipo mwina palibe munthu m'modzi yemwe sanagwiritsepo ntchito mautumiki amtambo kamodzi. Komabe, kwenikweni mtambo ndi chiyani komanso momwe umagwirira ntchito, anthu ochepa amadziwa, ngakhale pamlingo wa lingaliro. 5G yayamba kale kuchitika ndipo njira zolumikizirana ndi telecom zikuyamba kuchoka pamayankho amtambo kupita ku mayankho amtambo, monga momwe zidakhalira pomwe zidachoka pamayankho azinthu zonse kupita ku "zipilala" zowoneka bwino.
Lero tikambirana za dziko lamkati la zomangamanga zamtambo, makamaka tiwona zofunikira za gawo la intaneti.
Kodi mtambo ndi chiyani? Momwemonso - mawonekedwe ambiri?
Kuposa funso lomveka. Ayi - izi sizowona, ngakhale sizingachitike popanda izo. Tiyeni tiwone matanthauzo awiri:
Cloud computing (yomwe imatchedwa Cloud) ndi chitsanzo chopereka mwayi wogwiritsa ntchito zipangizo zamakompyuta zomwe zimagawidwa zomwe ziyenera kutumizidwa ndi kukhazikitsidwa pofunidwa ndi latency yotsika kwambiri komanso mtengo wochepa kwa wothandizira.
Virtualization - uku ndikutha kugawa chinthu chimodzi (mwachitsanzo, seva) m'magawo angapo, potero kuwonjezera kagwiritsidwe ntchito kazinthu (mwachitsanzo, munali ndi ma seva atatu odzaza 3-25 peresenti, mutatha kukhazikika mumapeza seva imodzi yodzaza. pa 30-1 peresenti). Mwachilengedwe, virtualization imadya zina mwazinthu - muyenera kudyetsa hypervisor, komabe, monga momwe zasonyezera, masewerawa ndi ofunika kandulo. Chitsanzo chabwino cha virtualization ndi VMWare, yomwe imakonzekera bwino makina enieni, kapena mwachitsanzo KVM, yomwe ndimakonda, koma iyi ndi nkhani ya kukoma.
Timagwiritsa ntchito virtualization popanda kuzindikira, ndipo ngakhale ma routers achitsulo amagwiritsa ntchito kale virtualization - mwachitsanzo, mu JunOS yaposachedwa, makina ogwiritsira ntchito amaikidwa ngati makina enieni pamwamba pa nthawi yeniyeni yogawa Linux (Wind River 9). Koma virtualization si mtambo, koma mtambo sungakhalepo popanda virtualization.
Virtualization ndi imodzi mwazinthu zomangira zomwe mtambo umamangidwa.
Kupanga mtambo pongosonkhanitsa ma hypervisors angapo mu domain imodzi ya L2, kuwonjezera ma yaml playbook angapo kuti mulembetse ma vlans kudzera mumtundu wina wa Ansible ndikuyika china chake ngati orchestration system pamwamba pake kuti mupange makina enieni sangagwire ntchito. Zidzakhala zolondola kwambiri, koma zotsatira za Frankenstein si mtambo womwe timafunikira, ngakhale ukhoza kukhala maloto omaliza kwa ena. Komanso, ngati mutenga Openstack yemweyo, akadali Frankenstein, koma chabwino, tisalankhule za izi pakadali pano.
Koma ndikumvetsa kuti kuchokera ku tanthawuzo lomwe laperekedwa pamwambapa silikumveka bwino lomwe lingathe kutchedwa mtambo.
Chifukwa chake, chikalata chochokera ku NIST (National Institute of Standards and Technology) chimapereka mikhalidwe yayikulu 5 yomwe maziko amtambo ayenera kukhala nawo:
Kupereka chithandizo pakupempha. Wogwiritsa ntchitoyo ayenera kupatsidwa mwayi wopeza zida zamakompyuta zomwe adapatsidwa (monga ma network, ma disks, kukumbukira, ma processor cores, etc.), ndipo zinthu izi ziyenera kuperekedwa zokha - ndiko kuti, popanda kulowererapo kuchokera kwa wothandizira.
Kupezeka kochuluka kwa mautumiki. Kupeza chuma kuyenera kuperekedwa ndi njira zovomerezeka zololeza kugwiritsa ntchito ma PC wamba komanso makasitomala oonda ndi zida zam'manja.
Kuphatikizira zinthu mu maiwe. Maiwe azinthu ayenera kukhala ndi mwayi wopereka zothandizira kwa makasitomala angapo nthawi imodzi, kuwonetsetsa kuti makasitomala ali kwaokha komanso opanda chikoka chilichonse komanso mpikisano wazinthu. Maukonde amaphatikizidwanso m'madziwe, zomwe zikuwonetsa kuthekera kogwiritsa ntchito maadiresi opitilira. Madzi osambira ayenera kukhala okwera pakufunika. Kugwiritsiridwa ntchito kwa maiwe kumapangitsa kuti pakhale mwayi wopereka mulingo wofunikira wololera zolakwika ndi kuchotsedwa kwazinthu zakuthupi ndi zenizeni - wolandila ntchitoyo amangoperekedwa ndi zida zomwe adapempha (komwe zinthuzi zilipo, zingati. ma seva ndi ma switch - zilibe kanthu kwa kasitomala). Komabe, tiyenera kuganizira mfundo yakuti wopereka chithandizo ayenera kuonetsetsa kusungitsa poyera zinthu zimenezi.
Kusintha mwachangu kuzinthu zosiyanasiyana. Ntchito ziyenera kukhala zosinthika - kuperekedwa mwachangu kwazinthu, kugawanso kwawo, kuwonjezera kapena kuchepetsa zinthu zomwe kasitomala akufuna, ndipo kumbali ya kasitomala payenera kukhala kumverera kuti zida zamtambo sizimatha. Kuti mumvetsetse bwino, mwachitsanzo, simukuwona chenjezo kuti gawo la danga lanu la disk mu Apple iCloud lasowa chifukwa hard drive pa seva yawonongeka, ndipo ma drive amawonongeka. Kuphatikiza apo, kumbali yanu, mwayi wautumikiwu ndi wopanda malire - muyenera 2 TB - palibe vuto, mudalipira ndikulandila. Chitsanzo chofanana chikhoza kuperekedwa ndi Google.Drive kapena Yandex.Disk.
Kuthekera kwa kuyeza ntchito yoperekedwa. Makina amtambo amayenera kuwongolera ndi kukhathamiritsa zomwe zimagwiritsidwa ntchito, ndipo njirazi ziyenera kukhala zowonekera kwa onse ogwiritsa ntchito komanso wopereka chithandizo. Ndiye kuti, mutha kuyang'ana nthawi zonse kuchuluka kwazinthu zomwe inu ndi makasitomala anu mukugwiritsa ntchito.
Ndikoyenera kulingalira kuti zofunikirazi ndizofunikira kwambiri pamtambo wapagulu, kotero kuti mtambo wachinsinsi (ndiko kuti, mtambo wokhazikitsidwa ndi zosowa za mkati mwa kampani), zofunikirazi zikhoza kusinthidwa pang'ono. Komabe, ziyenera kuchitidwabe, apo ayi sitipeza phindu lonse la cloud computing.
Chifukwa chiyani timafunikira mtambo?
Komabe, teknoloji iliyonse yatsopano kapena yomwe ilipo, ndondomeko iliyonse yatsopano imapangidwira chinachake (chabwino, kupatulapo RIP-ng, ndithudi). Palibe amene amafunikira protocol chifukwa cha protocol (chabwino, kupatula RIP-ng, inde). Ndizomveka kuti Cloud idapangidwa kuti ipereke mtundu wina wa ntchito kwa wogwiritsa ntchito / kasitomala. Tonse timadziwa ntchito zingapo zamtambo, mwachitsanzo Dropbox kapena Google.Docs, ndipo ndikukhulupirira kuti anthu ambiri amazigwiritsa ntchito bwino - mwachitsanzo, nkhaniyi idalembedwa pogwiritsa ntchito mtambo wa Google.Docs. Koma mautumiki amtambo omwe timawadziwa ndi gawo limodzi la kuthekera kwa mtambo - ndendende, ndi ntchito yamtundu wa SaaS. Titha kupereka ntchito yamtambo m'njira zitatu: mwa mawonekedwe a SaaS, PaaS kapena IaaS. Utumiki womwe mukufunikira umadalira zofuna zanu ndi luso lanu.
Tiyeni tiwone chilichonse mwadongosolo:
Pulogalamu monga Service (SaaS) ndi chitsanzo chopereka chithandizo chokwanira kwa kasitomala, mwachitsanzo, ntchito ya imelo monga Yandex.Mail kapena Gmail. Muchitsanzo choperekera chithandizochi, inu, monga kasitomala, simukuchita chilichonse kupatula kugwiritsa ntchito ntchitozo - ndiko kuti, simuyenera kuganiza za kukhazikitsa ntchitoyo, kulolerana kwa zolakwika kapena kuperewera. Chachikulu ndichakuti musasokoneze mawu anu achinsinsi; wopereka chithandizochi akuchitirani zina zonse. Kuchokera pakuwona kwa wopereka chithandizo, iye ali ndi udindo wonse wa utumiki wonse - kuchokera ku hardware ya seva ndi machitidwe opangira ogwiritsira ntchito ku database ndi mapulogalamu a mapulogalamu.
Pulatifomu ngati Ntchito (PaaS) - pogwiritsira ntchito chitsanzo ichi, wothandizira amapereka chithandizo kwa kasitomala ndi ntchito yothandizira, mwachitsanzo, tiyeni titenge seva ya Webusaiti. Wopereka chithandizo adapatsa kasitomala seva yeniyeni (kwenikweni, zida zambiri, monga RAM/CPU/Storage/Nets, etc.), ndipo adayikanso OS ndi mapulogalamu ofunikira pa seva iyi, komabe, kasinthidwe ka zonsezi zimachitidwa ndi kasitomala mwiniwake komanso chifukwa cha ntchito yomwe kasitomala amayankha. Wopereka chithandizo, monga momwe zinalili m'mbuyomu, ali ndi udindo wogwiritsa ntchito zida zakuthupi, ma hypervisors, makina enieniwo, kupezeka kwa maukonde, ndi zina zotero, koma utumikiwo sulinso m'dera lake la udindo.
Zowonongeka ngati Ntchito (IaaS) - njira iyi ndi yosangalatsa kwambiri, makamaka, wothandizira amapereka chithandizo kwa kasitomala ndi zipangizo zonse zokhazikika - ndiko kuti, zina (dziwe) lazinthu, monga CPU Cores, RAM, Networks, ndi zina. kasitomala - zomwe kasitomala akufuna kuchita ndi zinthu izi mkati mwa dziwe lomwe apatsidwa (gawo) - sizofunikira makamaka kwa wopereka. Kaya kasitomala akufuna kupanga vEPC yake kapena kupanga mini operator ndi kupereka mauthenga - palibe funso - chitani. Zikatero, wopereka chithandizo ali ndi udindo wopereka zothandizira, kulekerera kwawo zolakwika ndi kupezeka, komanso OS yomwe imawalola kuti azitha kugwirizanitsa zinthuzi ndikuzipereka kwa kasitomala ndi kuthekera koonjezera kapena kuchepetsa chuma nthawi iliyonse. pa pempho la kasitomala. Makasitomala amakonza makina onse owoneka bwino ndi ma tinsel ena kudzera pa portal yodzithandizira komanso kutonthoza, kuphatikiza kukhazikitsa maukonde (kupatula maukonde akunja).
Kodi OpenStack ndi chiyani?
Muzosankha zonse zitatu, wopereka chithandizo amafunikira OS yomwe ingathandize kupanga maziko amtambo. Ndipotu, ndi SaaS, magawano oposa amodzi ali ndi udindo pa ndondomeko yonse ya matekinoloje - pali magawano omwe amayang'anira zomangamanga - ndiko kuti, amapereka IaaS ku gawo lina, gawoli limapereka SaaS kwa kasitomala. OpenStack ndi imodzi mwa machitidwe ogwiritsira ntchito mtambo omwe amakulolani kusonkhanitsa gulu la masinthidwe, ma seva ndi makina osungiramo zinthu mu dziwe limodzi lothandizira, kugawanitsa dziwe lodziwika bwino mumagulu ang'onoang'ono (opanga antchito) ndikupereka izi kwa makasitomala pa intaneti.
OpenStack ndi makina ogwiritsira ntchito mtambo omwe amakulolani kuti muzitha kuyang'anira maiwe akuluakulu azinthu zamakompyuta, kusungirako deta ndi zothandizira pa intaneti, zoperekedwa ndi kuyendetsedwa kudzera mu API pogwiritsa ntchito njira zovomerezeka zovomerezeka.
Mwa kuyankhula kwina, iyi ndi mapulogalamu a mapulogalamu aulere omwe amapangidwa kuti apange mautumiki amtambo (onse apagulu ndi achinsinsi) - ndiko kuti, zida zomwe zimakulolani kuti muphatikize seva ndi kusintha zipangizo kukhala dziwe limodzi lazinthu, kusamalira. zinthu izi, kupereka mlingo wofunika wa kulolerana zolakwa .
Panthawi yolemba izi, mawonekedwe a OpenStack amawoneka motere:
Chithunzi chotengedwa kuchokera
Chigawo chilichonse chomwe chikuphatikizidwa mu OpenStack chimagwira ntchito inayake. Zomangamanga zogawidwazi zimakulolani kuti muphatikizepo mu yankho la zigawo zogwira ntchito zomwe mukufuna. Komabe, zigawo zina ndizozigawo za mizu ndipo kuchotsedwa kwawo kungayambitse kusagwira ntchito kwathunthu kapena pang'ono kwa yankho lonse. Zigawozi nthawi zambiri zimagawidwa motere:
- lakutsogolo - GUI yochokera pa intaneti pakuwongolera ntchito za OpenStack
- Mwalawafungulo ndi ntchito yapakati yomwe imapereka chitsimikiziro ndi chilolezo cha mautumiki ena, komanso kuyang'anira zidziwitso za ogwiritsa ntchito ndi maudindo awo.
- Neutron - ntchito yapaintaneti yomwe imapereka kulumikizana pakati pa zolumikizira zosiyanasiyana za OpenStack (kuphatikiza kulumikizana pakati pa ma VM ndi mwayi wawo wopita kudziko lakunja)
- Cinder - imapereka mwayi wosungirako chipika cha makina enieni
- Nova - kasamalidwe ka moyo wa makina enieni
- Glance - malo osungiramo zithunzi zamakina ndi zithunzi
- Swift - imapereka mwayi wopita ku chinthu chosungirako
- Ceilometer - ntchito yomwe imapereka mwayi wopeza ma telemetry ndikuyesa zomwe zilipo komanso zomwe zimagwiritsidwa ntchito
- kutentha - orchestration yotengera ma tempuleti opangira okha komanso kupereka zinthu
Mndandanda wathunthu wama projekiti onse ndi cholinga chawo zitha kuwonedwa .
Chigawo chilichonse cha OpenStack ndi ntchito yomwe imagwira ntchito inayake ndipo imapereka API yoyendetsera ntchitoyi ndikulumikizana ndi mautumiki ena ogwiritsira ntchito mitambo kuti apange maziko ogwirizana. Mwachitsanzo, Nova imapereka kasamalidwe kazinthu zamakompyuta ndi API kuti mupeze zosintha izi, Glance imapereka kasamalidwe kazithunzi ndi API yowongolera, Cinder imapereka block block ndi API yoyang'anira, ndi zina zambiri. Ntchito zonse zimalumikizidwa moyandikira kwambiri.
Komabe, mukayang'ana, ntchito zonse zomwe zikuyenda mu OpenStack pamapeto pake zimakhala zamtundu wina wamakina (kapena chidebe) cholumikizidwa ndi netiweki. Funso likubuka - chifukwa chiyani timafunikira zinthu zambiri?
Tiyeni tidutse ma aligorivimu popanga makina enieni ndikulumikiza ku netiweki ndikusunga kosalekeza ku Openstack.
- Mukapanga pempho lopanga makina, kukhala pempho kudzera pa Horizon (Dashboard) kapena pempho kudzera pa CLI, chinthu choyamba chomwe chimachitika ndikuvomereza pempho lanu pa Keystone - mutha kupanga makina, kodi ili ndi ali ndi ufulu wogwiritsa ntchito netiweki iyi, kodi kuchuluka kwanu, ndi zina zotero.
- Keystone imatsimikizira pempho lanu ndikupanga chizindikiro chotsimikizika mu uthenga wakuyankha, womwe udzagwiritsidwa ntchito mopitilira. Atalandira yankho kuchokera kwa Keystone, pempholo limatumizidwa ku Nova (nova api).
- Nova-api imayang'ana kutsimikizika kwa pempho lanu polumikizana ndi Keystone pogwiritsa ntchito chizindikiro cholembedwa kale
- Keystone amatsimikizira ndikupereka zilolezo ndi zoletsa kutengera chizindikiro ichi.
- Nova-api imapanga cholowera cha VM yatsopano mu nova-database ndipo ipereka pempho lopanga makinawo ku nova-scheduler.
- Nova-scheduler amasankha wolandila (kompyuta node) pomwe VM idzatumizidwa kutengera magawo, miyeso ndi madera. Mbiri ya izi ndi ID ya VM yalembedwa ku nova-database.
- Kenako, nova-scheduler contacts nova-compute ndi pempho loti atumize chochitika. Nova-compute contacts nova-conductor kuti mudziwe zambiri zamakina (nova-conductor ndi chinthu cha nova chomwe chimagwira ntchito ngati seva ya proxy pakati pa nova-database ndi nova-compute, kuchepetsa kuchuluka kwa zopempha ku nova-database kuti mupewe mavuto ndi database. kuchepetsa kusinthasintha kwa katundu).
- Nova-conductor amalandira zomwe akufunsidwa kuchokera ku nova-database ndikuzipereka ku nova-compute.
- Kenako, ma foni a nova-compute ayang'ana kuti mupeze chithunzi cha ID. Glace imatsimikizira pempho ku Keystone ndikubweza zomwe mwapempha.
- Nova-compute contacts nyutroni kuti mudziwe zambiri zamagawo amtaneti. Mofanana ndi kuyang'ana, nyutroni imatsimikizira pempho ku Keystone, pambuyo pake imapanga cholowa mu nkhokwe (chozindikiritsa doko, ndi zina zotero), imapanga pempho lopanga doko, ndikubwezera zomwe mwapempha ku nova-compute.
- Nova-compute contacts cinder ndi pempho loti agawire voliyumu ku makina enieni. Mofanana ndi kuyang'ana, cider imatsimikizira pempho ku Keystone, imapanga pempho lopanga voliyumu, ndikubwezera zomwe mwapempha.
- Nova-compute contacts libvirt ndi pempho lotumiza makina enieni okhala ndi magawo omwe atchulidwa.
M'malo mwake, ntchito yomwe ikuwoneka ngati yosavuta yopanga makina osavuta owoneka bwino imasandulika kukhala chiwombankhanga cha mafoni a API pakati pa zinthu za nsanja yamtambo. Komanso, monga mukuwonera, ngakhale ntchito zomwe zidasankhidwa kale zimakhalanso ndi tizigawo ting'onoting'ono tomwe timalumikizana. Kupanga makina ndi gawo laling'ono chabe la zomwe nsanja yamtambo imakulolani kuchita - pali ntchito yomwe imayang'anira kuwongolera magalimoto, ntchito yomwe imayang'anira kusungirako chipika, ntchito yomwe imayang'anira DNS, ntchito yomwe imayang'anira kupereka ma seva opanda zitsulo, ndi zina zotero. Mtambo umakupatsani mwayi wochitira makina anu enieni ngati gulu la nkhosa (mosiyana ndi virtualization). Ngati china chake chikachitika pamakina anu pamalo owoneka bwino - mumachibwezeretsa kuchokera ku zosunga zobwezeretsera, ndi zina zambiri, koma mapulogalamu amtambo amamangidwa m'njira yoti makinawo asakhale ndi gawo lofunikira - makinawo "anafa" - palibe vuto. - chatsopano chimangopangidwa galimotoyo imachokera pa template ndipo, monga akunena, gululo silinazindikire kutayika kwa womenyayo. Mwachilengedwe, izi zimapereka kupezeka kwa njira zoyimba - pogwiritsa ntchito ma tempulo a Kutentha, mutha kuyika ntchito yovuta yomwe ili ndi ma network ambiri ndi makina pafupifupi.
Ndikoyenera kukumbukira nthawi zonse kuti palibe maziko amtambo popanda netiweki - chilichonse mwanjira ina chimalumikizana ndi zinthu zina kudzera pamaneti. Kuphatikiza apo, mtambowu uli ndi netiweki yopanda static. Mwachilengedwe, netiweki yapansi panthaka imakhala yocheperako kapena yocheperako - ma node atsopano ndi masiwichi siziwonjezedwa tsiku lililonse, koma gawo lophatikizika limatha kusintha mosalekeza - maukonde atsopano adzawonjezedwa kapena kuchotsedwa, makina atsopano adzawonekera ndipo akale adzawoneka. kufa. Ndipo monga mukukumbukira kuchokera ku tanthauzo la mtambo lomwe laperekedwa koyambirira kwa nkhaniyo, zothandizira ziyenera kuperekedwa kwa wogwiritsa ntchito basi komanso mocheperako (kapena bwino, popanda) kulowererapo kuchokera kwa wothandizira. Ndiko kuti, mtundu wa makonzedwe a chuma maukonde amene tsopano alipo mu mawonekedwe a kutsogolo-kumapeto mu mawonekedwe a akaunti yanu munthu Kufikika kudzera http/https ndi pa-ntchito network injiniya Vasily monga backend si mtambo, ngakhale ngati Vasily ali ndi manja asanu ndi atatu.
Neutron, monga ntchito yapaintaneti, imapereka API yoyang'anira gawo la netiweki la zomangamanga zamtambo. Ntchitoyi imapereka mphamvu ndikuwongolera gawo lamanetiweki la Openstack popereka chosanjikiza chotchedwa Network-as-a-Service (NaaS). Ndiko kuti, maukonde ndi gawo lomwe lingayesedwe, mwachitsanzo, ma cores a CPU kapena kuchuluka kwa RAM.
Koma tisanapitirire kumamangidwe a gawo la netiweki la OpenStack, tiyeni tiwone momwe maukondewa amagwirira ntchito ku OpenStack komanso chifukwa chake maukonde ndi gawo lofunikira komanso lofunikira pamtambo.
Chifukwa chake tili ndi ma VM awiri a RED kasitomala ndi ma VM awiri a GREEN kasitomala. Tiyerekeze kuti makinawa ali pa hypervisors awiri motere:
Pakadali pano, uku ndikungowoneka kwa ma seva a 4 ndipo palibenso china, popeza mpaka pano zonse zomwe tachita ndikukhazikitsa ma seva 4, kuwayika pa seva ziwiri zakuthupi. Ndipo mpaka pano iwo sanalumikizidwe nkomwe ndi netiweki.
Kuti tipange mtambo, tiyenera kuwonjezera zigawo zingapo. Choyamba, timagwirizanitsa gawo la maukonde - tiyenera kulumikiza makina 4 awa awiriawiri, ndipo makasitomala amafuna L2 kugwirizana. Mutha kugwiritsa ntchito chosinthira ndikusintha thunthu momwe mumayendera ndikuthetsa chilichonse pogwiritsa ntchito mlatho wa linux kapena, kwa ogwiritsa ntchito apamwamba kwambiri, openvswitch (tibwerera ku izi pambuyo pake). Koma pakhoza kukhala maukonde ambiri, ndipo nthawi zonse kukankhira L2 kudzera chosinthira si lingaliro labwino kwambiri - pali madipatimenti osiyanasiyana, desiki lantchito, miyezi yodikirira kuti pulogalamuyo ikwaniritsidwe, masabata othetsa mavuto - m'dziko lamakono izi. njira sikugwiranso ntchito. Ndipo kampani ikamvetsetsa izi mwachangu, zimakhala zosavuta kuti zipite patsogolo. Chifukwa chake, pakati pa ma hypervisors tidzasankha maukonde a L3 omwe makina athu enieni adzalumikizana nawo, ndipo pamwamba pa intaneti ya L3 iyi tidzapanga maukonde ophatikizika a L2 komwe magalimoto athu amayendera. Mutha kugwiritsa ntchito GRE, Geneve kapena VxLAN ngati encapsulation. Tiyeni tiyang'ane pa zomalizazo pakadali pano, ngakhale sizofunikira kwenikweni.
Tiyenera kupeza VTEP kwinakwake (ndikukhulupirira kuti aliyense amadziwa mawu a VxLAN). Popeza tili ndi netiweki ya L3 yomwe ikubwera molunjika kuchokera kumaseva, palibe chomwe chimatilepheretsa kuyika VTEP pamaseva okha, ndipo OVS (OpenvSwitch) ndiyabwino kwambiri pochita izi. Chifukwa chake, tapeza mapangidwe awa:
Popeza magalimoto pakati pa ma VM ayenera kugawidwa, madoko olowera kumakina enieni adzakhala ndi manambala osiyanasiyana a vlan. Nambala ya tag imakhala ndi gawo lokhalokha mkati mwa switch imodzi yokha, popeza ikayikidwa mu VxLAN titha kuichotsa mosavuta, popeza tidzakhala ndi VNI.
Tsopano titha kupanga makina athu ndi maukonde pafupifupi kwa iwo popanda vuto lililonse.
Komabe, bwanji ngati kasitomala ali ndi makina ena, koma ali pa netiweki ina? Timafunikira mizu pakati pa maukonde. Tidzayang'ana njira yosavuta pamene njira yapakati ikugwiritsidwa ntchito - ndiko kuti, magalimoto amayendetsedwa kudzera muzitsulo zapadera zodzipatulira (chabwino, monga lamulo, zimaphatikizidwa ndi ma node olamulira, kotero tidzakhala ndi chinthu chomwecho).
Zikuwoneka ngati palibe chovuta - timapanga mawonekedwe a mlatho pamayendedwe owongolera, kuyendetsa magalimoto kupitako ndipo kuchokera pamenepo timayiyendetsa komwe tikufunikira. Koma vuto ndiloti kasitomala wa RED akufuna kugwiritsa ntchito netiweki ya 10.0.0.0/24, ndipo kasitomala wa GREEN akufuna kugwiritsa ntchito netiweki ya 10.0.0.0/24. Ndiko kuti, timayamba kudutsa malo adilesi. Kuphatikiza apo, makasitomala safuna kuti makasitomala ena azitha kulowa mumaneti awo amkati, zomwe ndizomveka. Kuti tisiyanitse ma netiweki ndi kuchuluka kwa data yamakasitomala, tigawa dzina la aliyense wa iwo. Namespace kwenikweni ndi kopi ya Linux network stack, ndiko kuti, makasitomala omwe ali mu namespace RED ali olekanitsidwa kwa makasitomala kuchokera ku namespace GREEN (chabwino, mwina kuyenda pakati pamanetiweki amakasitomalawa kumaloledwa kudzera mumalo osasintha kapena pazida zonyamulira zam'mwamba).
Ndiye kuti, timapeza chithunzi chotsatira:
Ma tunnel a L2 amasintha kuchokera ku ma node onse apakompyuta kupita kumalo olamulira. node komwe mawonekedwe a L3 a maukondewa ali, iliyonse ili m'malo odzipatulira odzipatula.
Komabe, tinaiwala chinthu chofunika kwambiri. Makina enieni ayenera kupereka chithandizo kwa kasitomala, ndiko kuti, ayenera kukhala ndi mawonekedwe akunja omwe amatha kufikirako. Ndiko kuti, tiyenera kupita kudziko lakunja. Pali zosankha zosiyanasiyana pano. Tiyeni tichite njira yosavuta. Tidzawonjezera netiweki imodzi kwa kasitomala aliyense, yomwe ingakhale yovomerezeka pa intaneti ya omwe amapereka ndipo sichingafanane ndi maukonde ena. Maukonde amathanso kudutsana ndikuyang'ana ma VRF osiyanasiyana kumbali ya netiweki yopereka. Deta ya netiweki idzakhalanso mu malo amtundu wa kasitomala aliyense. Komabe, adzapitabe kudziko lakunja kudzera mu mawonekedwe amodzi (kapena chomangira, chomwe chili chomveka). Kuti mulekanitse kuchuluka kwamakasitomala, kuchuluka kwa magalimoto omwe amatuluka kunja kumayikidwa chizindikiro cha VLAN choperekedwa kwa kasitomala.
Chifukwa chake, tapeza chithunzi ichi:
Funso lomveka ndilakuti bwanji osapanga zipata pama compute node okha? Ili si vuto lalikulu; Komanso, mukayatsa rauta yogawidwa (DVR), izi zitha kugwira ntchito. Munkhaniyi, tikuganizira njira yosavuta kwambiri yokhala ndi chipata chapakati, chomwe chimagwiritsidwa ntchito mosakhazikika mu Openstack. Kwa ntchito zolemetsa kwambiri, adzagwiritsa ntchito njira zonse zogawira rauta ndi ukadaulo wothamangitsa monga SR-IOV ndi Passthrough, koma monga akunena, ndi nkhani yosiyana kwambiri. Choyamba, tiyeni tigwirizane ndi gawo lofunikira, ndiyeno tidzapita mwatsatanetsatane.
Kwenikweni, dongosolo lathu likugwira ntchito kale, koma pali ma nuances angapo:
- Tiyenera kuteteza makina athu mwanjira ina, ndiye kuti, kuyika fyuluta pakusinthana kwa kasitomala.
- Pangani zotheka kuti makina azitha kupeza adilesi ya IP yokha, kuti musalowemo kudzera pa console nthawi zonse ndikulembetsa adilesi.
Tiyeni tiyambe ndi kuteteza makina. Pachifukwa ichi mungagwiritse ntchito ma banal iptables, bwanji osatero.
Ndiye kuti, tsopano topology yathu yakhala yovuta kwambiri:
Tiyeni tipitirire. Tiyenera kuwonjezera seva ya DHCP. Malo abwino kwambiri opezera ma seva a DHCP kwa kasitomala aliyense angakhale malo owongolera omwe atchulidwa pamwambapa, pomwe malowa ali:
Komabe, pali vuto laling'ono. Bwanji ngati chirichonse chiyambiranso ndipo zonse zokhudza kubwereka maadiresi pa DHCP zikusowa. Ndizomveka kuti makinawo adzapatsidwa maadiresi atsopano, omwe si abwino kwambiri. Pali njira ziwiri kunja kuno - mwina gwiritsani ntchito mayina a mayina ndikuwonjezera seva ya DNS kwa kasitomala aliyense, ndiye kuti adilesiyo siidzakhala yofunika kwambiri kwa ife (yofanana ndi gawo la netiweki mu k8s) - koma pali vuto ndi maukonde akunja, popeza maadiresi amathanso kuperekedwa mwa iwo kudzera pa DHCP - muyenera kulunzanitsa ndi ma seva a DNS pamtambo wamtambo ndi seva yakunja ya DNS, yomwe m'malingaliro mwanga sikusintha kwambiri, koma ndizotheka. Kapena njira yachiwiri ndiyo kugwiritsa ntchito metadata - ndiko kuti, sungani zambiri za adiresi yoperekedwa ku makina kuti seva ya DHCP idziwe kuti ndi adiresi yotani yomwe ingapereke ku makina ngati makina alandira kale adiresi. Njira yachiwiri ndi yosavuta komanso yowonjezereka, chifukwa imakulolani kuti musunge zambiri zokhudza galimotoyo. Tsopano tiyeni tiwonjeze metadata ya wothandizira pachithunzichi:
Nkhani ina yomwe ikufunikanso kukambirana ndi kuthekera kogwiritsa ntchito maukonde akunja ndi makasitomala onse, popeza maukonde akunja, ngati akuyenera kukhala omveka pamaneti onse, zimakhala zovuta - muyenera kugawa nthawi zonse ndikuwongolera kugawa kwa maukonde awa. Kukhoza kugwiritsa ntchito intaneti imodzi yokha yokonzedweratu kwa makasitomala onse kudzakhala kothandiza kwambiri popanga mtambo wa anthu. Izi zipangitsa kukhala kosavuta kutumizira makina chifukwa sitiyenera kuyang'ana nkhokwe ya maadiresi ndikusankha malo apadera a adilesi pamaneti akunja a kasitomala aliyense. Kuonjezera apo, tikhoza kulembetsa maukonde akunja pasadakhale ndipo panthawi yotumizidwa tidzangofunika kugwirizanitsa maadiresi akunja ndi makina a kasitomala.
Ndipo apa NAT itithandiza - tingopangitsa kuti makasitomala azitha kulumikizana ndi dziko lakunja kudzera m'malo osasinthika a mayina pogwiritsa ntchito kumasulira kwa NAT. Chabwino, apa pali vuto laling'ono. Izi ndi zabwino ngati seva ya kasitomala ikuchita ngati kasitomala osati ngati seva - ndiye kuti, imayamba m'malo movomereza kulumikizana. Koma kwa ife zikhala mwanjira ina mozungulira. Pankhaniyi, tifunika kuchita kopita NAT kotero kuti polandira magalimoto, malo olamulira amvetsetsa kuti magalimotowa amapangidwira makina A kasitomala A, zomwe zikutanthauza kuti tiyenera kumasulira NAT kuchokera ku adiresi yakunja, mwachitsanzo 100.1.1.1 .10.0.0.1, ku adilesi yamkati 100. Pankhaniyi, ngakhale makasitomala onse adzagwiritsa ntchito maukonde omwewo, kudzipatula kwamkati kumasungidwa kwathunthu. Ndiye kuti, tiyenera kuchita dNAT ndi sNAT pa node yolamulira. Kaya mugwiritse ntchito netiweki imodzi yokhala ndi ma adilesi oyandama kapena maukonde akunja, kapena zonse nthawi imodzi, zimatengera zomwe mukufuna kubweretsa mumtambo. Sitidzawonjezera ma adilesi oyandama pachithunzichi, koma tisiya maukonde akunja omwe adawonjezedwa kale - kasitomala aliyense ali ndi netiweki yake yakunja (pachithunzichi akuwonetsedwa ngati vlan 200 ndi XNUMX pa mawonekedwe akunja).
Chotsatira chake, tinalandira njira yosangalatsa komanso yoganizira bwino, yomwe imakhala ndi kusinthasintha koma ilibe njira zolekerera zolakwika.
Choyamba, tili ndi node imodzi yokha yolamulira - kulephera kwake kudzatsogolera kugwa kwa machitidwe onse. Kuti muthane ndi vutoli, muyenera kupanga ma quorum atatu. Tiyeni tiwonjeze izi pajambula:
Mwachilengedwe, mfundo zonse zimalumikizidwa ndipo node yogwira ikachoka, mfundo ina idzatenga udindo wake.
Vuto lotsatira ndi ma disks a makina enieni. Pakalipano, amasungidwa pa hypervisors okha, ndipo ngati pali vuto ndi hypervisor, timataya deta yonse - ndipo kupezeka kwa chiwonongeko sikungathandize pano ngati sititaya disk, koma seva yonse. Kuti tichite izi, tifunika kupanga ntchito yomwe idzakhala ngati kutsogolo kwa mtundu wina wa zosungirako. Kusungirako kudzakhala kotani sikuli kofunikira kwa ife, koma kuyenera kuteteza deta yathu ku kulephera kwa disk ndi node, ndipo mwina nduna yonse. Pali zosankha zingapo pano - pali, ndithudi, ma intaneti a SAN omwe ali ndi Fiber Channel, koma tiyeni tikhale oona mtima - FC ili kale ndi zotsalira zakale - analogue ya E1 mu zoyendera - inde, ndikuvomereza, ikugwiritsidwabe ntchito, koma kokha kumene kuli kosatheka mwamtheradi popanda izo. Chifukwa chake, sindikanatumiza mwaufulu netiweki ya FC mu 2020, podziwa kuti palinso zina zosangalatsa. Ngakhale kwa aliyense wake, pakhoza kukhala omwe amakhulupirira kuti FC ndi zofooka zake zonse zomwe timafunikira - sindingatsutse, aliyense ali ndi malingaliro ake. Komabe, yankho losangalatsa kwambiri m'malingaliro anga ndikugwiritsa ntchito SDS, monga Ceph.
Ceph imakulolani kuti mupange njira yosungiramo deta yomwe ilipo kwambiri ndi mulu wa zosankha zosunga zobwezeretsera, kuyambira ndi zizindikiro zoyang'ana parity (zofanana ndi zowononga 5 kapena 6) zomwe zimathera ndi kubwereza kwa deta ku disks zosiyanasiyana, poganizira malo omwe ma disks ali mkati. ma seva, ndi ma seva mu makabati, etc.
Kuti mupange Ceph mufunika ma node ena atatu. Kuyanjana ndi zosungirako kudzachitikanso kudzera pa intaneti pogwiritsa ntchito chipika, chinthu ndi ntchito zosungira mafayilo. Tiyeni tiwonjezere zosungirako ku schema:
Zindikirani: mutha kupanganso ma hyperconverged compute node - ili ndi lingaliro la kuphatikiza ntchito zingapo pa node imodzi - mwachitsanzo, yosungirako + compute - osapereka ma node apadera osungira ceph. Tidzalandira chiwembu chofanana chololera zolakwika - popeza SDS idzasunga deta ndi mulingo wosungitsa womwe timatchula. Komabe, ma hyperconverged node nthawi zonse amakhala osagwirizana - popeza malo osungira samangotenthetsa mpweya monga momwe amawonekera poyamba (popeza palibe makina enieni) - amawononga CPU zothandizira SDS (kwenikweni, imachita zonse). kubwereza ndi kuchira pambuyo pakulephera kwa ma node, ma disks, ndi zina). Ndiko kuti, mudzataya mphamvu ina ya compute node ngati mutayiphatikiza ndi yosungirako.
Zinthu zonsezi ziyenera kuyendetsedwa mwanjira ina - timafunikira china chake chomwe titha kupanga makina, maukonde, rauta yeniyeni, ndi zina zambiri. Kuti tichite izi, tidzawonjezera ntchito ku node yolamulira yomwe ingakhale ngati dashboard - the kasitomala azitha kulumikizana ndi portal iyi kudzera pa http/ https ndikuchita zonse zomwe akufuna (chabwino, pafupifupi).
Zotsatira zake, tsopano tili ndi dongosolo lololera zolakwika. Zinthu zonse zachitukukozi ziyenera kuyendetsedwa mwanjira ina. Zinanenedwa kale kuti Openstack ndi ma projekiti, omwe amapereka ntchito inayake. Monga tikuonera, pali zinthu zambiri zokwanira zomwe ziyenera kukonzedwa ndikuwongolera. Lero tikambirana gawo la network.
Neutron zomangamanga
Mu OpenStack, ndi Neutron yemwe ali ndi udindo wolumikiza madoko amakina pa intaneti wamba wa L2, kuwonetsetsa kuyenda kwa magalimoto pakati pa ma VM omwe ali pamanetiweki osiyanasiyana a L2, komanso njira zakunja, zoperekera ntchito monga NAT, Floating IP, DHCP, ndi zina zambiri.
Pamwamba, ntchito ya utumiki wa maukonde (gawo loyambirira) likhoza kufotokozedwa motere.
Mukayamba VM, ntchito yapaintaneti:
- Amapanga doko la VM yopatsidwa (kapena madoko) ndikudziwitsa ntchito ya DHCP za izo;
- Chipangizo chatsopano cha netiweki chimapangidwa (kudzera pa libvirt);
- VM imalumikizana ndi doko (ma) opangidwa mu gawo 1;
Zodabwitsa ndizakuti, ntchito ya Neutron idakhazikitsidwa pamakina omwe amadziwika kwa aliyense yemwe adalowapo mu Linux - malo a mayina, ma iptables, milatho ya linux, openvswitch, contrack, ndi zina zambiri.
Ziyenera kufotokozedwa mwachangu kuti Neutron siwowongolera wa SDN.
Neutron imakhala ndi zigawo zingapo zolumikizana:
Openstack-neutron-server ndi daemon yomwe imagwira ntchito ndi zopempha za ogwiritsa ntchito kudzera pa API. Chiwanda ichi sichimakhudzidwa ndikulembetsa maukonde aliwonse, koma imapereka chidziwitso chofunikira pa izi mapulagini ake, omwe amakonza zomwe mukufuna pa intaneti. Othandizira a Neutron pa OpenStack node amalembetsa ndi seva ya Neutron.
Neutron-server kwenikweni ndi ntchito yolembedwa mu python, yokhala ndi magawo awiri:
- REST utumiki
- Pulogalamu ya Neutron (pachimake / ntchito)
Ntchito ya REST idapangidwa kuti ilandire mafoni a API kuchokera kuzinthu zina (mwachitsanzo, pempho loti mupereke zambiri, ndi zina).
Mapulagini ndi mapulogalamu a pulagi / ma module omwe amatchedwa panthawi yofunsira API - ndiye kuti, kuperekedwa kwa ntchito kumachitika kudzera mwa iwo. Mapulagini amagawidwa m'mitundu iwiri - utumiki ndi mizu. Monga lamulo, plugin ya kavalo ndiyo makamaka imayang'anira malo adilesi ndi kulumikizana kwa L2 pakati pa ma VM, ndipo mapulagini amtunduwu amapereka kale magwiridwe antchito monga VPN kapena FW.
Mndandanda wa mapulagini omwe alipo lero akhoza kuwonedwa mwachitsanzo
Pakhoza kukhala mapulagini angapo a ntchito, koma pangakhale pulogalamu yowonjezera imodzi yokha.
Openstack-neutron-ml2 ndiye pulogalamu yowonjezera ya Openstack root. Pulagi iyi ili ndi zomangira zokhazikika (mosiyana ndi zomwe zidalipo kale) ndipo imakonza ma network kudzera pa madalaivala olumikizidwa nayo. Tidzayang'ana pulogalamu yowonjezerayo pakapita nthawi, popeza imapereka kusinthasintha komwe OpenStack ili nayo mu gawo la intaneti. Pulagi ya mizu imatha kusinthidwa (mwachitsanzo, Contrail Networking imasinthanso).
Ntchito ya RPC (rabbitmq-server) - ntchito yomwe imapereka kasamalidwe ka mizere ndi kulumikizana ndi mautumiki ena a OpenStack, komanso kuyanjana pakati pa othandizira maukonde.
Ma network othandizira - othandizira omwe ali mu node iliyonse, kudzera momwe maukonde amakonzedwera.
Pali mitundu ingapo ya othandizira.
Wothandizira wamkulu ndi L2 wothandizira. Othandizirawa amayendetsa pamtundu uliwonse wa hypervisors, kuphatikiza ma node owongolera (molondola, pama node onse omwe amapereka ntchito iliyonse kwa obwereketsa) ndipo ntchito yawo yayikulu ndikulumikiza makina enieni ku netiweki wamba wa L2, komanso kupanga zidziwitso zikachitika zochitika zilizonse. mwachitsanzo zimitsani / yambitsani doko).
Chotsatira, chofunikira kwambiri ndi wothandizira L3 wothandizira. Mwachikhazikitso, wothandizira uyu amangoyenda pa node ya netiweki (nthawi zambiri node ya netiweki imaphatikizidwa ndi node yowongolera) ndipo imapereka njira pakati pa ma network a lendi (pakati pa maukonde ake ndi ma netiweki a lendi ena, ndipo imapezeka kudziko lakunja, kupereka. NAT, komanso ntchito ya DHCP). Komabe, mukamagwiritsa ntchito DVR (rauta yogawidwa), kufunikira kwa pulogalamu yowonjezera ya L3 kumawonekeranso pamakompyuta.
Wothandizira L3 amagwiritsa ntchito malo a Linux kuti apatse mwininyumba aliyense ma network ake omwe amadzipatula komanso magwiridwe antchito a ma routers omwe amayendetsa magalimoto ndikupereka zipata zama netiweki a Layer 2.
Nawonso achichepere - nkhokwe yakuzindikiritsa maukonde, ma subnets, madoko, maiwe, ndi zina.
M'malo mwake, Neutron imavomereza zopempha za API kuchokera pakupangidwa kwa mabungwe aliwonse a netiweki, imatsimikizira pempholo, ndipo kudzera pa RPC (ngati ipeza pulogalamu yowonjezera kapena wothandizira) kapena REST API (ngati imalumikizana ndi SDN) imatumiza kwa othandizira (kudzera mapulagini) malangizo ofunikira kuti akonze ntchito yomwe mwafunsidwa.
Tsopano tiyeni titembenuzire kuyika koyesa (momwe imayikidwa ndi zomwe zikuphatikizidwamo, tiwona pambuyo pake mu gawo lothandizira) ndikuwona komwe gawo lililonse lili:
(overcloud) [stack@undercloud ~]$ openstack network agent list
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| 10495de9-ba4b-41fe-b30a-b90ec3f8728b | Open vSwitch agent | overcloud-novacompute-1.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| 1515ad4a-5972-46c3-af5f-e5446dff7ac7 | L3 agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-l3-agent |
| 322e62ca-1e5a-479e-9a96-4f26d09abdd7 | DHCP agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-dhcp-agent |
| 9c1de2f9-bac5-400e-998d-4360f04fc533 | Open vSwitch agent | overcloud-novacompute-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| d99c5657-851e-4d3c-bef6-f1e3bb1acfb0 | Open vSwitch agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| ff85fae6-5543-45fb-a301-19c57b62d836 | Metadata agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
(overcloud) [stack@undercloud ~]$
Kwenikweni, ndilo dongosolo lonse la Neutron. Tsopano ndikoyenera kuthera nthawi pa pulogalamu yowonjezera ya ML2.
Modular Layer 2
Monga tafotokozera pamwambapa, pulogalamu yowonjezera ndi pulogalamu yowonjezera ya OpenStack mizu ndipo ili ndi zomangamanga.
Woyambitsa pulojekiti ya ML2 anali ndi dongosolo la monolithic, lomwe silinalole, mwachitsanzo, kugwiritsa ntchito kusakaniza kwa matekinoloje angapo pakuyika kumodzi. Mwachitsanzo, simungathe kugwiritsa ntchito Openvswitch ndi linuxbridge nthawi imodzi - yoyamba kapena yachiwiri. Pachifukwa ichi, pulogalamu yowonjezera ya ML2 yokhala ndi zomangamanga idapangidwa.
ML2 ili ndi zigawo ziwiri - mitundu iwiri ya madalaivala: Madalaivala amtundu ndi madalaivala a Mechanism.
Lembani ma driver Dziwani matekinoloje omwe adzagwiritsidwe ntchito kukonza maukonde ochezera, mwachitsanzo VxLAN, VLAN, GRE. Panthawi imodzimodziyo, dalaivala amalola kugwiritsa ntchito matekinoloje osiyanasiyana. Ukadaulo wokhazikika ndi VxLAN encapsulation for overlay networks and vlan outside network.
Ma driver amtundu ali ndi mitundu iyi ya netiweki:
Flat - netiweki popanda tagging
Zithunzi za VLAN -Tagged network
Local - mtundu wapadera wa netiweki pazokhazikitsa zonse-mu-modzi (kuyika kotere kumafunika kwa opanga kapena kuphunzitsa)
GRE - Kuphimba maukonde pogwiritsa ntchito ngalande za GRE
VxLAN - Kukuta maukonde pogwiritsa ntchito tunnel za VxLAN
Makina oyendetsa fotokozerani zida zomwe zimatsimikizira kukhazikitsidwa kwa matekinoloje omwe atchulidwa mu dalaivala wamtundu - mwachitsanzo, openvswitch, sr-iov, opendaylight, OVN, etc.
Kutengera kukhazikitsidwa kwa dalaivala uyu, mwina othandizira omwe amawongoleredwa ndi Neutron adzagwiritsidwa ntchito, kapena kulumikizana ndi wowongolera wakunja wa SDN adzagwiritsidwa ntchito, omwe amasamalira nkhani zonse zokhudzana ndi kukonza ma network a L2, mayendedwe, ndi zina zambiri.
Chitsanzo: ngati tigwiritsa ntchito ML2 pamodzi ndi OVS, ndiye kuti L2 wothandizira amaikidwa pa node iliyonse ya kompyuta yomwe imayang'anira OVS. Komabe, ngati tigwiritsa ntchito, mwachitsanzo, OVN kapena OpenDayLight, ndiye kuti ulamuliro wa OVS umabwera pansi pa ulamuliro wawo - Neutron, kupyolera muzu wa plugin, amapereka malamulo kwa wolamulira, ndipo amachita kale zomwe adauzidwa.
Tiyeni tiyambepo pa Open vSwitch
Pakadali pano, chimodzi mwazinthu zazikulu za OpenStack ndi Open vSwitch.
Mukayika OpenStack popanda SDN yowonjezera yowonjezera monga Juniper Contrail kapena Nokia Nuage, OVS ndiye gawo lalikulu la netiweki yamtambo ndipo, kuphatikiza ma iptables, contrack, namespaces, amakulolani kuti mukonzekere maukonde ophatikizika amitundu yambiri. Mwachibadwa, chigawo ichi chikhoza kusinthidwa, mwachitsanzo, pogwiritsa ntchito njira zachitatu za eni (wogulitsa) SDN.
OVS ndi pulogalamu yotsegulira pulogalamu yotseguka yomwe idapangidwa kuti igwiritsidwe ntchito m'malo owoneka bwino ngati njira yopititsira patsogolo magalimoto.
Pakadali pano, OVS ili ndi magwiridwe antchito abwino kwambiri, omwe amaphatikiza matekinoloje monga QoS, LACP, VLAN, VxLAN, GENEVE, OpenFlow, DPDK, ndi zina zambiri.
Zindikirani: OVS poyamba sinapangidwe ngati chosinthira chofewa cha ntchito zodzaza kwambiri ndi telecom ndipo idapangidwa kuti igwire ntchito za IT zomwe sizimafuna bandwidth monga seva WEB kapena seva yamakalata. Komabe, OVS ikupititsidwa patsogolo ndipo kukhazikitsidwa kwa OVS panopa kwasintha kwambiri ntchito yake ndi mphamvu zake, zomwe zimalola kuti zigwiritsidwe ntchito ndi ogwiritsira ntchito telecom omwe ali ndi ntchito zodzaza kwambiri, mwachitsanzo, pali kukhazikitsidwa kwa OVS ndi chithandizo cha DPDK kufulumizitsa.
Pali zigawo zitatu zofunika za OVS zomwe muyenera kuzidziwa:
- Kernel module - gawo lomwe lili mu kernel space lomwe limayendetsa magalimoto potengera malamulo omwe alandilidwa kuchokera ku control element;
- vSinthani daemon (ovs-vswitchd) ndi njira yomwe idakhazikitsidwa m'malo ogwiritsa ntchito omwe ali ndi udindo wopanga gawo la kernel - ndiye kuti, imayimira mwachindunji lingaliro la ntchito ya switch.
- Seva ya database - nkhokwe yam'deralo yomwe ili pagulu lililonse lomwe likuyendetsa OVS, momwe masinthidwe amasungidwa. Owongolera a SDN amatha kulumikizana kudzera mugawoli pogwiritsa ntchito protocol ya OVSDB.
Zonsezi zimatsagana ndi zida zowunikira komanso zowongolera, monga ovs-vsctl, ovs-appctl, ovs-ofctl, ndi zina.
Pakadali pano, Openstack imagwiritsidwa ntchito kwambiri ndi opanga ma telecom kuti asamutsire ntchito zama network, monga EPC, SBC, HLR, ndi zina. Ntchito zina zimatha kukhala popanda mavuto ndi OVS momwe zilili, koma mwachitsanzo, EPC imayendetsa magalimoto olembetsa - kenako imadutsa. kuchuluka kwa magalimoto (tsopano kuchuluka kwa magalimoto kumafika magigabit mazana angapo pamphindikati). Mwachilengedwe, kuyendetsa magalimoto oterowo kudzera m'malo a kernel (popeza wotumizirayo amakhala pamenepo mwachisawawa) si lingaliro labwino kwambiri. Chifukwa chake, OVS nthawi zambiri imayikidwa kwathunthu m'malo ogwiritsa ntchito pogwiritsa ntchito ukadaulo wa DPDK wopititsa patsogolo magalimoto kuchokera ku NIC kupita kumalo ogwiritsira ntchito podutsa kernel.
Zindikirani: pamtambo womwe umagwiritsidwa ntchito pa telecom, ndizotheka kutulutsa kuchuluka kwa magalimoto kuchokera ku compute node kudutsa OVS mwachindunji kupita ku zida zosinthira. Njira za SR-IOV ndi Passthrough zimagwiritsidwa ntchito pa izi.
Kodi izi zimagwira ntchito bwanji pamapangidwe enieni?
Chabwino, tsopano tiyeni tipite ku gawo lothandizira ndikuwona momwe zonsezi zimagwirira ntchito.
Choyamba, tiyeni tigwiritse ntchito kukhazikitsa kosavuta kwa Openstack. Popeza ndilibe ma seva omwe ali pafupi kuti ayesedwe, tidzasonkhanitsa chitsanzocho pa seva imodzi yakuthupi kuchokera pamakina enieni. Inde, mwachibadwa, yankho lotere silili loyenera kwa malonda, koma kuti muwone chitsanzo cha momwe maukonde amagwirira ntchito ku Openstack, kuyika koteroko ndikokwanira kwa maso. Komanso, kukhazikitsa koteroko kumakhala kosangalatsa kwambiri pazolinga zophunzitsira - popeza mutha kugwira magalimoto, ndi zina zambiri.
Popeza timangofunika kuwona gawo loyambira, sitingagwiritse ntchito maukonde angapo koma kukweza chilichonse pogwiritsa ntchito maukonde awiri okha, ndipo netiweki yachiwiri pamasanjidwe awa idzagwiritsidwa ntchito pokhapokha kuti ipezeke pamtambo wamtambo ndi seva ya DNS. Sitikhudza ma network akunja pakadali pano - uwu ndi mutu wankhani ina yayikulu.
Kotero, tiyeni tiyambe mwa dongosolo. Choyamba, chiphunzitso chaching'ono. Tikhazikitsa Openstack pogwiritsa ntchito TripleO (Openstack pa Openstack). Chofunikira cha TripleO ndikuti timayika Openstack zonse-mu-m'modzi (ndiko kuti, pamfundo imodzi), yotchedwa undercloud, ndiyeno tigwiritse ntchito mphamvu za Openstack yomwe idayikidwapo kukhazikitsa Openstack yoti igwire ntchito, yotchedwa overcloud. Undercloud idzagwiritsa ntchito luso lake loyendetsa ma seva akuthupi (zitsulo zopanda kanthu) - pulojekiti ya Ironic - kupereka ma hypervisors omwe adzachita maudindo a compute, control, node yosungirako. Ndiye kuti, sitigwiritsa ntchito zida zilizonse za chipani chachitatu kuyika Openstack - timatumiza Openstack pogwiritsa ntchito Openstack. Zidzakhala zomveka bwino pamene kukhazikitsa kukupita patsogolo, kotero sitiyima pamenepo ndikupita patsogolo.
Zindikirani: M'nkhaniyi, chifukwa cha kuphweka, sindinagwiritse ntchito intaneti kudzipatula kwa Openstack mkati, koma zonse zimayikidwa pogwiritsa ntchito netiweki imodzi yokha. Komabe, kukhalapo kapena kusapezeka kwa kudzipatula kwa maukonde sikumakhudza magwiridwe antchito a yankho - chilichonse chidzagwira ntchito chimodzimodzi ndikugwiritsa ntchito kudzipatula, koma magalimoto adzayenda pamaneti omwewo. Pakuyika kwamalonda, ndikofunikira mwachilengedwe kugwiritsa ntchito kudzipatula pogwiritsa ntchito ma vlans osiyanasiyana ndi mawonekedwe. Mwachitsanzo, ceph yosungirako kasamalidwe magalimoto ndi deta deta palokha (makina kupeza ma disks, etc.) pamene akutali ntchito subnets osiyana (Kusungirako kasamalidwe ndi Kusungirako) ndipo izi zimakuthandizani kuti yankho likhale lololera zolakwika pogawaniza magalimotowa, mwachitsanzo. , kudutsa madoko osiyanasiyana, kapena kugwiritsa ntchito mbiri zosiyanasiyana za QoS pamagalimoto osiyanasiyana kuti kuchuluka kwa data kusamatseke. Kwa ife, iwo adzapita pa intaneti yomweyo ndipo kwenikweni izi sizimatilepheretsa mwanjira iliyonse.
Zindikirani: Popeza tigwiritsa ntchito makina owoneka bwino m'malo okhazikika pamakina enieni, choyamba tifunika kuyambitsa makina owoneka bwino.
Mutha kuwona ngati nested virtualization yayatsidwa kapena ayi motere:
[root@hp-gen9 bormoglotx]# cat /sys/module/kvm_intel/parameters/nested N [root@hp-gen9 bormoglotx]#Ngati muwona chilembo N, ndiye kuti timathandizira kuti pakhale zisankho molingana ndi chiwongolero chilichonse chomwe mungapeze pa intaneti, mwachitsanzo. .
Tiyenera kusonkhanitsa dera lotsatira kuchokera ku makina enieni:
Kwa ine, kulumikiza makina enieni omwe ali mbali ya kukhazikitsidwa kwamtsogolo (ndipo ndinapeza 7 mwa iwo, koma mukhoza kudutsa ndi 4 ngati mulibe zinthu zambiri), ndinagwiritsa ntchito OpenvSwitch. Ndinapanga mlatho umodzi wa ovs ndikulumikiza makina enieni kwa iwo kudzera pamagulu adoko. Kuti muchite izi, ndidapanga fayilo ya xml motere:
[root@hp-gen9 ~]# virsh net-dumpxml ovs-network-1
<network>
<name>ovs-network-1</name>
<uuid>7a2e7de7-fc16-4e00-b1ed-4d190133af67</uuid>
<forward mode='bridge'/>
<bridge name='ovs-br1'/>
<virtualport type='openvswitch'/>
<portgroup name='trunk-1'>
<vlan trunk='yes'>
<tag id='100'/>
<tag id='101'/>
<tag id='102'/>
</vlan>
</portgroup>
<portgroup name='access-100'>
<vlan>
<tag id='100'/>
</vlan>
</portgroup>
<portgroup name='access-101'>
<vlan>
<tag id='101'/>
</vlan>
</portgroup>
</network>Magulu atatu adoko amalengezedwa pano - kupeza awiri ndi thunthu limodzi (chomalizacho chinali chofunikira pa seva ya DNS, koma mutha kuchita popanda izo, kapena kuyiyika pa makina opangira - chilichonse chomwe chili chosavuta kwa inu). Kenako, pogwiritsa ntchito template iyi, timalengeza zathu kudzera mu virsh net-define:
virsh net-define ovs-network-1.xml
virsh net-start ovs-network-1
virsh net-autostart ovs-network-1 Tsopano tisintha masinthidwe amtundu wa hypervisor:
[root@hp-gen9 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ens1f0
TYPE=Ethernet
NAME=ens1f0
DEVICE=ens1f0
TYPE=OVSPort
DEVICETYPE=ovs
OVS_BRIDGE=ovs-br1
ONBOOT=yes
OVS_OPTIONS="trunk=100,101,102"
[root@hp-gen9 ~]
[root@hp-gen9 ~]# cat /etc/sysconfig/network-scripts/ifcfg-ovs-br1
DEVICE=ovs-br1
DEVICETYPE=ovs
TYPE=OVSBridge
BOOTPROTO=static
ONBOOT=yes
IPADDR=192.168.255.200
PREFIX=24
[root@hp-gen9 ~]# Zindikirani: muzochitika izi, adilesi yomwe ili pa port ovs-br1 sipezeka chifukwa ilibe vlan tag. Kuti mukonze izi, muyenera kutulutsa lamulo sudo ovs-vsctl set port ovs-br1 tag=100. Komabe, mutatha kuyambiranso, chizindikirochi chidzazimiririka (ngati wina akudziwa momwe angapangire kukhala pamalo, ndikuthokoza kwambiri). Koma izi sizofunika kwambiri, chifukwa tidzangofunika adilesiyi panthawi yoyika ndipo sitidzayifuna pamene Openstack ikugwiritsidwa ntchito.
Pambuyo pake, timapanga makina a undercloud:
virt-install -n undercloud --description "undercloud" --os-type=Linux --os-variant=centos7.0 --ram=8192 --vcpus=8 --disk path=/var/lib/libvirt/images/undercloud.qcow2,bus=virtio,size=40,format=qcow2 --network network:ovs-network-1,model=virtio,portgroup=access-100 --network network:ovs-network-1,model=virtio,portgroup=access-101 --graphics none --location /var/lib/libvirt/boot/CentOS-7-x86_64-Minimal-2003.iso --extra-args console=ttyS0Pakuyika, mumayika magawo onse ofunikira, monga dzina la makina, mapasiwedi, ogwiritsa ntchito, ma seva a ntp, ndi zina zambiri, mutha kukonza madoko nthawi yomweyo, koma kwa ine ndekha, ndikatha kukhazikitsa, ndikosavuta kulowa mu makinawo. console ndikuwongolera mafayilo ofunikira. Ngati muli ndi chithunzi chopangidwa kale, mutha kuchigwiritsa ntchito, kapena chitani zomwe ndidachita - tsitsani chithunzi chochepa cha Centos 7 ndikuchigwiritsa ntchito kukhazikitsa VM.
Pambuyo kukhazikitsa bwino, muyenera kukhala ndi makina enieni omwe mungathe kukhazikitsa pansi pamtambo
[root@hp-gen9 bormoglotx]# virsh list
Id Name State
----------------------------------------------------
6 dns-server running
62 undercloud runningChoyamba, yikani zida zofunika pakuyika:
sudo yum update -y
sudo yum install -y net-tools
sudo yum install -y wget
sudo yum install -y ipmitool
Kuyika kwa Undercloud
Timapanga wogwiritsa ntchito stack, kuyika mawu achinsinsi, kuwonjezera pa sudoer ndikumupatsa kuthekera kochita malamulo a mizu kudzera pa sudo osalowetsa mawu achinsinsi:
useradd stack
passwd stack
echo βstack ALL=(root) NOPASSWD:ALLβ > /etc/sudoers.d/stack
chmod 0440 /etc/sudoers.d/stackTsopano tikufotokozerani dzina lonse la undercloud mu fayilo ya makamu:
vi /etc/hosts
127.0.0.1 undercloud.openstack.rnd localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6Kenako, timawonjezera zosungira ndikuyika pulogalamu yomwe tikufuna:
sudo yum install -y https://trunk.rdoproject.org/centos7/current/python2-tripleo-repos-0.0.1-0.20200409224957.8bac392.el7.noarch.rpm
sudo -E tripleo-repos -b queens current
sudo -E tripleo-repos -b queens current ceph
sudo yum install -y python-tripleoclient
sudo yum install -y ceph-ansibleZindikirani: ngati simukukonzekera kukhazikitsa ceph, ndiye kuti simuyenera kuyika malamulo okhudzana ndi ceph. Ndagwiritsa ntchito kumasulidwa kwa Queens, koma mutha kugwiritsa ntchito ina iliyonse yomwe mumakonda.
Kenako, koperani fayilo yosinthira pansi pamtambo kumalo osungira kunyumba kwa wogwiritsa ntchito:
cp /usr/share/instack-undercloud/undercloud.conf.sample ~/undercloud.confTsopano tikuyenera kukonza fayiloyi, ndikuyisintha kuti ikhale yathu.
Muyenera kuwonjezera mizere iyi kumayambiriro kwa fayilo:
vi undercloud.conf
[DEFAULT]
undercloud_hostname = undercloud.openstack.rnd
local_ip = 192.168.255.1/24
network_gateway = 192.168.255.1
undercloud_public_host = 192.168.255.2
undercloud_admin_host = 192.168.255.3
undercloud_nameservers = 192.168.255.253
generate_service_certificate = false
local_interface = eth0
local_mtu = 1450
network_cidr = 192.168.255.0/24
masquerade = true
masquerade_network = 192.168.255.0/24
dhcp_start = 192.168.255.11
dhcp_end = 192.168.255.50
inspection_iprange = 192.168.255.51,192.168.255.100
scheduler_max_attempts = 10Kotero, tiyeni tidutse zokonda:
undercloud_hostname - dzina lathunthu la seva yamtambo, liyenera kufanana ndi zomwe zili pa seva ya DNS
kumalo_ip - adilesi yapansi panthaka yopita ku ma network
network_gateway - adilesi yomweyi, yomwe idzakhala ngati khomo lolowera kudziko lakunja panthawi yoyika ma node amtambo, imagwirizananso ndi ip yakomweko.
undercloud_public_host - adilesi yakunja ya API, adilesi iliyonse yaulere kuchokera pamaneti operekera amaperekedwa
undercloud_admin_host Adilesi yamkati ya API, adilesi iliyonse yaulere kuchokera pa netiweki yopereka imaperekedwa
undercloud_nameservers - Seva ya DNS
kupanga_service_certificate - mzerewu ndi wofunikira kwambiri pachitsanzo chapano, chifukwa ngati simukuchiyika kukhala chabodza mudzalandira cholakwika pakuyika, vuto likufotokozedwa pa Red Hat bug tracker.
local_interface mawonekedwe pakupanga maukonde. Mawonekedwewa adzasinthidwanso panthawi yotumizidwa pansi pamtambo, chifukwa chake muyenera kukhala ndi mawonekedwe awiri pamtambo wamtambo - imodzi kuti muyipeze, yachiwiri yopereka.
local_mtu -MTU. Popeza tili ndi labotale yoyesera ndipo ndili ndi MTU ya 1500 pamadoko osinthira a OVS, ndikofunikira kuyiyika ku 1450 kuti mapaketi omwe ali mu VxLAN adutse.
network_cidr - network network
kusokoneza - kugwiritsa ntchito NAT kuti mupeze netiweki yakunja
masquerade_network - network yomwe idzakhala NATED
dhcp_start - adilesi yoyambira ya dziwe la ma adilesi komwe maadiresi adzaperekedwa ku ma node panthawi yotumiza mitambo
dhcp_kumapeto - adilesi yomaliza ya dziwe la maadiresi komwe maadiresi adzaperekedwa ku node panthawi yotumiza mitambo
inspection_iprange - ma adilesi ofunikira pakuwunikira (sakuyenera kuphatikizira ndi dziwe lomwe lili pamwambapa)
scheduler_max_attempts - kuchuluka kwa zoyesa kukhazikitsa overcloud (ziyenera kukhala zazikulu kuposa kapena zofanana ndi kuchuluka kwa node)
Fayiloyo itafotokozedwa, mutha kulamula kuti muyike pansi pamtambo:
openstack undercloud install
Njirayi imatenga mphindi 10 mpaka 30 kutengera chitsulo chanu. Pomaliza muyenera kuwona zotsatira monga izi:
vi undercloud.conf
2020-08-13 23:13:12,668 INFO:
#############################################################################
Undercloud install complete.
The file containing this installation's passwords is at
/home/stack/undercloud-passwords.conf.
There is also a stackrc file at /home/stack/stackrc.
These files are needed to interact with the OpenStack services, and should be
secured.
#############################################################################Izi linanena kuti inu bwinobwino anaika undercloud ndipo mukhoza tsopano kuona mmene undercloud ndi kupitiriza kukhazikitsa overcloud.
Mukayang'ana zotsatira za ifconfig, mudzawona kuti mawonekedwe atsopano a mlatho awonekera
[stack@undercloud ~]$ ifconfig
br-ctlplane: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.1 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe2c:89e prefixlen 64 scopeid 0x20<link>
ether 52:54:00:2c:08:9e txqueuelen 1000 (Ethernet)
RX packets 14 bytes 1095 (1.0 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 20 bytes 1292 (1.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0Kutumiza kwa Overcloud tsopano kuchitidwa kudzera mu mawonekedwe awa.
Kuchokera pazomwe zili pansipa mutha kuwona kuti tili ndi mautumiki onse pa node imodzi:
(undercloud) [stack@undercloud ~]$ openstack host list
+--------------------------+-----------+----------+
| Host Name | Service | Zone |
+--------------------------+-----------+----------+
| undercloud.openstack.rnd | conductor | internal |
| undercloud.openstack.rnd | scheduler | internal |
| undercloud.openstack.rnd | compute | nova |
+--------------------------+-----------+----------+M'munsimu ndi kasinthidwe ka undercloud network part:
(undercloud) [stack@undercloud ~]$ python -m json.tool /etc/os-net-config/config.json
{
"network_config": [
{
"addresses": [
{
"ip_netmask": "192.168.255.1/24"
}
],
"members": [
{
"dns_servers": [
"192.168.255.253"
],
"mtu": 1450,
"name": "eth0",
"primary": "true",
"type": "interface"
}
],
"mtu": 1450,
"name": "br-ctlplane",
"ovs_extra": [
"br-set-external-id br-ctlplane bridge-id br-ctlplane"
],
"routes": [],
"type": "ovs_bridge"
}
]
}
(undercloud) [stack@undercloud ~]$Kuyika kwa Overcloud
Pakali pano tili ndi mitambo yapansi, ndipo tilibe ma node okwanira omwe mtambo wamtambo udzasonkhanitsidwa. Chifukwa chake, choyamba, tiyeni tigwiritse ntchito makina omwe tikufuna. Pakutumiza, undercloud yokha idzakhazikitsa OS ndi pulogalamu yofunikira pamakina amtambo - ndiko kuti, sitiyenera kuyika makinawo, koma kungopanga diski (kapena ma disks) ake ndikuzindikira magawo ake - ndiko kuti. , kwenikweni, timapeza seva yopanda kanthu popanda OS yoyikidwapo.
Tiyeni tipite ku chikwatu ndi ma disks a makina athu enieni ndikupanga ma disks a kukula kofunikira:
cd /var/lib/libvirt/images/
qemu-img create -f qcow2 -o preallocation=metadata control-1.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata compute-1.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata compute-2.qcow2 60G
qemu-img create -f qcow2 -o preallocation=metadata storage-1.qcow2 160G
qemu-img create -f qcow2 -o preallocation=metadata storage-2.qcow2 160GPopeza tikugwira ntchito ngati mizu, tifunika kusintha eni ake a disks kuti tisakhale ndi vuto ndi ufulu:
[root@hp-gen9 images]# ls -lh
total 5.8G
drwxr-xr-x. 2 qemu qemu 4.0K Aug 13 16:15 backups
-rw-r--r--. 1 root root 61G Aug 14 03:07 compute-1.qcow2
-rw-r--r--. 1 root root 61G Aug 14 03:07 compute-2.qcow2
-rw-r--r--. 1 root root 61G Aug 14 03:07 control-1.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:03 dns-server.qcow2
-rw-r--r--. 1 root root 161G Aug 14 03:07 storage-1.qcow2
-rw-r--r--. 1 root root 161G Aug 14 03:07 storage-2.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:07 undercloud.qcow2
[root@hp-gen9 images]#
[root@hp-gen9 images]#
[root@hp-gen9 images]# chown qemu:qemu /var/lib/libvirt/images/*qcow2
[root@hp-gen9 images]# ls -lh
total 5.8G
drwxr-xr-x. 2 qemu qemu 4.0K Aug 13 16:15 backups
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 compute-1.qcow2
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 compute-2.qcow2
-rw-r--r--. 1 qemu qemu 61G Aug 14 03:07 control-1.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:03 dns-server.qcow2
-rw-r--r--. 1 qemu qemu 161G Aug 14 03:07 storage-1.qcow2
-rw-r--r--. 1 qemu qemu 161G Aug 14 03:07 storage-2.qcow2
-rw-------. 1 qemu qemu 41G Aug 14 03:08 undercloud.qcow2
[root@hp-gen9 images]# Zindikirani: ngati simukukonzekera kukhazikitsa ceph kuti muphunzire, ndiye kuti malamulowo sapanga ma node osachepera atatu okhala ndi ma disks osachepera awiri, koma mu template akuwonetsa kuti ma disks vda, vdb, etc.
Chabwino, tsopano tiyenera kufotokozera makina onsewa:
virt-install --name control-1 --ram 32768 --vcpus 8 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/control-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --network network:ovs-network-1,model=virtio,portgroup=trunk-1 --dry-run --print-xml > /tmp/control-1.xml
virt-install --name storage-1 --ram 16384 --vcpus 4 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/storage-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/storage-1.xml
virt-install --name storage-2 --ram 16384 --vcpus 4 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/storage-2.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/storage-2.xml
virt-install --name compute-1 --ram 32768 --vcpus 12 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/compute-1.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/compute-1.xml
virt-install --name compute-2 --ram 32768 --vcpus 12 --os-variant centos7.0 --disk path=/var/lib/libvirt/images/compute-2.qcow2,device=disk,bus=virtio,format=qcow2 --noautoconsole --vnc --network network:ovs-network-1,model=virtio,portgroup=access-100 --dry-run --print-xml > /tmp/compute-2.xml Pamapeto pake pali lamulo -print-xml > /tmp/storage-1.xml, lomwe limapanga fayilo ya xml ndikufotokozera makina aliwonse mu /tmp/ foda; ngati simukuwonjezera, simudzakhala. amatha kuzindikira makina enieni.
Tsopano tiyenera kufotokozera makina onsewa mu virsh:
virsh define --file /tmp/control-1.xml
virsh define --file /tmp/compute-1.xml
virsh define --file /tmp/compute-2.xml
virsh define --file /tmp/storage-1.xml
virsh define --file /tmp/storage-2.xml
[root@hp-gen9 ~]# virsh list --all
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
- compute-1 shut off
- compute-2 shut off
- control-1 shut off
- storage-1 shut off
- storage-2 shut off
[root@hp-gen9 ~]#Tsopano kagawo kakang'ono - tripleO imagwiritsa ntchito IPMI kuyang'anira ma seva panthawi ya kukhazikitsa ndi kuyang'ana.
Introspection ndi njira yoyendera ma hardware kuti apeze magawo ake ofunikira pakupititsa patsogolo ma node. Introspection ikuchitika pogwiritsa ntchito ironic, ntchito yopangidwa kuti igwire ntchito ndi ma seva opanda zitsulo.
Koma apa pali vuto - pamene ma seva a IPMI a hardware ali ndi doko losiyana (kapena doko logawana nawo, koma izi sizofunika), ndiye makina enieni alibe madoko oterowo. Apa ndodo yotchedwa vbmc imatithandizira - chida chomwe chimakulolani kutsanzira doko la IPMI. Nuance iyi ndiyoyenera kulabadira makamaka kwa iwo omwe akufuna kukhazikitsa labotale pa ESXI hypervisor - kunena zoona, sindikudziwa ngati ili ndi analogue ya vbmc, ndiye ndiyenera kudabwa za nkhaniyi musanatumize chilichonse. .
Ikani vbmc:
yum install yum install python2-virtualbmcNgati OS yanu siyikupeza phukusi, yonjezerani chosungira:
yum install -y https://www.rdoproject.org/repos/rdo-release.rpmTsopano ife tipanga zothandiza. Chilichonse pano ndi choletsedwa mpaka chamanyazi. Tsopano ndizomveka kuti palibe ma seva pamndandanda wa vbmc
[root@hp-gen9 ~]# vbmc list
[root@hp-gen9 ~]# Kuti awonekere, ayenera kulengezedwa pamanja motere:
[root@hp-gen9 ~]# vbmc add control-1 --port 7001 --username admin --password admin
[root@hp-gen9 ~]# vbmc add storage-1 --port 7002 --username admin --password admin
[root@hp-gen9 ~]# vbmc add storage-2 --port 7003 --username admin --password admin
[root@hp-gen9 ~]# vbmc add compute-1 --port 7004 --username admin --password admin
[root@hp-gen9 ~]# vbmc add compute-2 --port 7005 --username admin --password admin
[root@hp-gen9 ~]#
[root@hp-gen9 ~]# vbmc list
+-------------+--------+---------+------+
| Domain name | Status | Address | Port |
+-------------+--------+---------+------+
| compute-1 | down | :: | 7004 |
| compute-2 | down | :: | 7005 |
| control-1 | down | :: | 7001 |
| storage-1 | down | :: | 7002 |
| storage-2 | down | :: | 7003 |
+-------------+--------+---------+------+
[root@hp-gen9 ~]#Ndikuganiza kuti mawu omasulira amamveka bwino popanda kufotokoza. Komabe, pakadali pano magawo athu onse ali mu DOWN. Kuti asamukire ku UP, muyenera kuwathandizira:
[root@hp-gen9 ~]# vbmc start control-1
2020-08-14 03:15:57,826.826 13149 INFO VirtualBMC [-] Started vBMC instance for domain control-1
[root@hp-gen9 ~]# vbmc start storage-1
2020-08-14 03:15:58,316.316 13149 INFO VirtualBMC [-] Started vBMC instance for domain storage-1
[root@hp-gen9 ~]# vbmc start storage-2
2020-08-14 03:15:58,851.851 13149 INFO VirtualBMC [-] Started vBMC instance for domain storage-2
[root@hp-gen9 ~]# vbmc start compute-1
2020-08-14 03:15:59,307.307 13149 INFO VirtualBMC [-] Started vBMC instance for domain compute-1
[root@hp-gen9 ~]# vbmc start compute-2
2020-08-14 03:15:59,712.712 13149 INFO VirtualBMC [-] Started vBMC instance for domain compute-2
[root@hp-gen9 ~]#
[root@hp-gen9 ~]#
[root@hp-gen9 ~]# vbmc list
+-------------+---------+---------+------+
| Domain name | Status | Address | Port |
+-------------+---------+---------+------+
| compute-1 | running | :: | 7004 |
| compute-2 | running | :: | 7005 |
| control-1 | running | :: | 7001 |
| storage-1 | running | :: | 7002 |
| storage-2 | running | :: | 7003 |
+-------------+---------+---------+------+
[root@hp-gen9 ~]#Ndipo kukhudza komaliza - muyenera kukonza malamulo a firewall (kapena kuletsa kwathunthu):
firewall-cmd --zone=public --add-port=7001/udp --permanent
firewall-cmd --zone=public --add-port=7002/udp --permanent
firewall-cmd --zone=public --add-port=7003/udp --permanent
firewall-cmd --zone=public --add-port=7004/udp --permanent
firewall-cmd --zone=public --add-port=7005/udp --permanent
firewall-cmd --reload
Tsopano tiyeni tipite ku undercloud ndikuwona ngati zonse zikuyenda. Adilesi ya makina ochitirako ndi 192.168.255.200, pamtambo wamtambo tidawonjezera phukusi lofunikira la ipmitool pokonzekera kutumiza:
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power status
Chassis Power is off
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power on
Chassis Power Control: Up/On
[stack@undercloud ~]$
[root@hp-gen9 ~]# virsh list
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
65 control-1 runningMonga mukuwonera, tayambitsa bwino njira yowongolera kudzera pa vbmc. Tsopano tiyeni tizimitse ndikupitiriza:
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power off
Chassis Power Control: Down/Off
[stack@undercloud ~]$ ipmitool -I lanplus -U admin -P admin -H 192.168.255.200 -p 7001 power status
Chassis Power is off
[stack@undercloud ~]$
[root@hp-gen9 ~]# virsh list --all
Id Name State
----------------------------------------------------
6 dns-server running
64 undercloud running
- compute-1 shut off
- compute-2 shut off
- control-1 shut off
- storage-1 shut off
- storage-2 shut off
[root@hp-gen9 ~]#Chotsatira ndikuwunika ma node omwe overcloud idzayikidwe. Kuti tichite izi, tifunika kukonzekera fayilo ya json ndi kufotokoza kwa node zathu. Chonde dziwani kuti, mosiyana ndi kukhazikitsa pa maseva opanda kanthu, fayilo imawonetsa doko lomwe vbmc ikugwira ntchito pamakina aliwonse.
[root@hp-gen9 ~]# virsh domiflist --domain control-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:20:a2:2f
- network ovs-network-1 virtio 52:54:00:3f:87:9f
[root@hp-gen9 ~]# virsh domiflist --domain compute-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:98:e9:d6
[root@hp-gen9 ~]# virsh domiflist --domain compute-2
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:6a:ea:be
[root@hp-gen9 ~]# virsh domiflist --domain storage-1
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:79:0b:cb
[root@hp-gen9 ~]# virsh domiflist --domain storage-2
Interface Type Source Model MAC
-------------------------------------------------------
- network ovs-network-1 virtio 52:54:00:a7:fe:27Zindikirani: gawo lowongolera lili ndi mawonekedwe awiri, koma pakadali pano izi sizofunikira, pakukhazikitsa uku kudzakhala kokwanira kwa ife.
Tsopano tikukonzekera fayilo ya json. Tiyenera kuwonetsa adiresi ya poppy ya doko momwe kuperekera kudzachitikira, magawo a node, kuwapatsa mayina ndikuwonetsa momwe mungapitire ipmi:
{
"nodes":[
{
"mac":[
"52:54:00:20:a2:2f"
],
"cpu":"8",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"control-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7001"
},
{
"mac":[
"52:54:00:79:0b:cb"
],
"cpu":"4",
"memory":"16384",
"disk":"160",
"arch":"x86_64",
"name":"storage-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7002"
},
{
"mac":[
"52:54:00:a7:fe:27"
],
"cpu":"4",
"memory":"16384",
"disk":"160",
"arch":"x86_64",
"name":"storage-2",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7003"
},
{
"mac":[
"52:54:00:98:e9:d6"
],
"cpu":"12",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"compute-1",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7004"
},
{
"mac":[
"52:54:00:6a:ea:be"
],
"cpu":"12",
"memory":"32768",
"disk":"60",
"arch":"x86_64",
"name":"compute-2",
"pm_type":"pxe_ipmitool",
"pm_user":"admin",
"pm_password":"admin",
"pm_addr":"192.168.255.200",
"pm_port":"7005"
}
]
}Tsopano tikuyenera kukonzekera zithunzi kuti zikhale zododometsa. Kuti muchite izi, tsitsani kudzera pa wget ndikuyika:
(undercloud) [stack@undercloud ~]$ sudo wget https://images.rdoproject.org/queens/delorean/current-tripleo-rdo/overcloud-full.tar --no-check-certificate
(undercloud) [stack@undercloud ~]$ sudo wget https://images.rdoproject.org/queens/delorean/current-tripleo-rdo/ironic-python-agent.tar --no-check-certificate
(undercloud) [stack@undercloud ~]$ ls -lh
total 1.9G
-rw-r--r--. 1 stack stack 447M Aug 14 10:26 ironic-python-agent.tar
-rw-r--r--. 1 stack stack 1.5G Aug 14 10:26 overcloud-full.tar
-rw-------. 1 stack stack 916 Aug 13 23:10 stackrc
-rw-r--r--. 1 stack stack 15K Aug 13 22:50 undercloud.conf
-rw-------. 1 stack stack 2.0K Aug 13 22:50 undercloud-passwords.conf
(undercloud) [stack@undercloud ~]$ mkdir images/
(undercloud) [stack@undercloud ~]$ tar -xpvf ironic-python-agent.tar -C ~/images/
ironic-python-agent.initramfs
ironic-python-agent.kernel
(undercloud) [stack@undercloud ~]$ tar -xpvf overcloud-full.tar -C ~/images/
overcloud-full.qcow2
overcloud-full.initrd
overcloud-full.vmlinuz
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ ls -lh images/
total 1.9G
-rw-rw-r--. 1 stack stack 441M Aug 12 17:24 ironic-python-agent.initramfs
-rwxr-xr-x. 1 stack stack 6.5M Aug 12 17:24 ironic-python-agent.kernel
-rw-r--r--. 1 stack stack 53M Aug 12 17:14 overcloud-full.initrd
-rw-r--r--. 1 stack stack 1.4G Aug 12 17:18 overcloud-full.qcow2
-rwxr-xr-x. 1 stack stack 6.5M Aug 12 17:14 overcloud-full.vmlinuz
(undercloud) [stack@undercloud ~]$Kukweza zithunzi ku undercloud:
(undercloud) [stack@undercloud ~]$ openstack overcloud image upload --image-path ~/images/
Image "overcloud-full-vmlinuz" was uploaded.
+--------------------------------------+------------------------+-------------+---------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+------------------------+-------------+---------+--------+
| c2553770-3e0f-4750-b46b-138855b5c385 | overcloud-full-vmlinuz | aki | 6761064 | active |
+--------------------------------------+------------------------+-------------+---------+--------+
Image "overcloud-full-initrd" was uploaded.
+--------------------------------------+-----------------------+-------------+----------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+-----------------------+-------------+----------+--------+
| 949984e0-4932-4e71-af43-d67a38c3dc89 | overcloud-full-initrd | ari | 55183045 | active |
+--------------------------------------+-----------------------+-------------+----------+--------+
Image "overcloud-full" was uploaded.
+--------------------------------------+----------------+-------------+------------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+----------------+-------------+------------+--------+
| a2f2096d-c9d7-429a-b866-c7543c02a380 | overcloud-full | qcow2 | 1487475712 | active |
+--------------------------------------+----------------+-------------+------------+--------+
Image "bm-deploy-kernel" was uploaded.
+--------------------------------------+------------------+-------------+---------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+------------------+-------------+---------+--------+
| e413aa78-e38f-404c-bbaf-93e582a8e67f | bm-deploy-kernel | aki | 6761064 | active |
+--------------------------------------+------------------+-------------+---------+--------+
Image "bm-deploy-ramdisk" was uploaded.
+--------------------------------------+-------------------+-------------+-----------+--------+
| ID | Name | Disk Format | Size | Status |
+--------------------------------------+-------------------+-------------+-----------+--------+
| 5cf3aba4-0e50-45d3-929f-27f025dd6ce3 | bm-deploy-ramdisk | ari | 461759376 | active |
+--------------------------------------+-------------------+-------------+-----------+--------+
(undercloud) [stack@undercloud ~]$Kuwona kuti zithunzi zonse zakwezedwa
(undercloud) [stack@undercloud ~]$ openstack image list
+--------------------------------------+------------------------+--------+
| ID | Name | Status |
+--------------------------------------+------------------------+--------+
| e413aa78-e38f-404c-bbaf-93e582a8e67f | bm-deploy-kernel | active |
| 5cf3aba4-0e50-45d3-929f-27f025dd6ce3 | bm-deploy-ramdisk | active |
| a2f2096d-c9d7-429a-b866-c7543c02a380 | overcloud-full | active |
| 949984e0-4932-4e71-af43-d67a38c3dc89 | overcloud-full-initrd | active |
| c2553770-3e0f-4750-b46b-138855b5c385 | overcloud-full-vmlinuz | active |
+--------------------------------------+------------------------+--------+
(undercloud) [stack@undercloud ~]$Chinthu chinanso - muyenera kuwonjezera seva ya DNS:
(undercloud) [stack@undercloud ~]$ openstack subnet list
+--------------------------------------+-----------------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+-----------------+--------------------------------------+------------------+
| f45dea46-4066-42aa-a3c4-6f84b8120cab | ctlplane-subnet | 6ca013dc-41c2-42d8-9d69-542afad53392 | 192.168.255.0/24 |
+--------------------------------------+-----------------+--------------------------------------+------------------+
(undercloud) [stack@undercloud ~]$ openstack subnet show f45dea46-4066-42aa-a3c4-6f84b8120cab
+-------------------+-----------------------------------------------------------+
| Field | Value |
+-------------------+-----------------------------------------------------------+
| allocation_pools | 192.168.255.11-192.168.255.50 |
| cidr | 192.168.255.0/24 |
| created_at | 2020-08-13T20:10:37Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.255.1 |
| host_routes | destination='169.254.169.254/32', gateway='192.168.255.1' |
| id | f45dea46-4066-42aa-a3c4-6f84b8120cab |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | ctlplane-subnet |
| network_id | 6ca013dc-41c2-42d8-9d69-542afad53392 |
| prefix_length | None |
| project_id | a844ccfcdb2745b198dde3e1b28c40a3 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2020-08-13T20:10:37Z |
+-------------------+-----------------------------------------------------------+
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ neutron subnet-update f45dea46-4066-42aa-a3c4-6f84b8120cab --dns-nameserver 192.168.255.253
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Updated subnet: f45dea46-4066-42aa-a3c4-6f84b8120cab
(undercloud) [stack@undercloud ~]$Tsopano titha kupereka lamulo loyang'ana:
(undercloud) [stack@undercloud ~]$ openstack overcloud node import --introspect --provide inspection.json
Started Mistral Workflow tripleo.baremetal.v1.register_or_update. Execution ID: d57456a3-d8ed-479c-9a90-dff7c752d0ec
Waiting for messages on queue 'tripleo' with no timeout.
5 node(s) successfully moved to the "manageable" state.
Successfully registered node UUID b4b2cf4a-b7ca-4095-af13-cc83be21c4f5
Successfully registered node UUID b89a72a3-6bb7-429a-93bc-48393d225838
Successfully registered node UUID 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e
Successfully registered node UUID bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8
Successfully registered node UUID 766ab623-464c-423d-a529-d9afb69d1167
Waiting for introspection to finish...
Started Mistral Workflow tripleo.baremetal.v1.introspect. Execution ID: 6b4d08ae-94c3-4a10-ab63-7634ec198a79
Waiting for messages on queue 'tripleo' with no timeout.
Introspection of node b89a72a3-6bb7-429a-93bc-48393d225838 completed. Status:SUCCESS. Errors:None
Introspection of node 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e completed. Status:SUCCESS. Errors:None
Introspection of node bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 completed. Status:SUCCESS. Errors:None
Introspection of node 766ab623-464c-423d-a529-d9afb69d1167 completed. Status:SUCCESS. Errors:None
Introspection of node b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 completed. Status:SUCCESS. Errors:None
Successfully introspected 5 node(s).
Started Mistral Workflow tripleo.baremetal.v1.provide. Execution ID: f5594736-edcf-4927-a8a0-2a7bf806a59a
Waiting for messages on queue 'tripleo' with no timeout.
5 node(s) successfully moved to the "available" state.
(undercloud) [stack@undercloud ~]$Monga mukuwonera pazotulutsa, zonse zidatha popanda zolakwika. Tiyeni tiwone ngati ma node onse ali m'malo omwe alipo:
(undercloud) [stack@undercloud ~]$ openstack baremetal node list
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
| UUID | Name | Instance UUID | Power State | Provisioning State | Maintenance |
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | None | power off | available | False |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | None | power off | available | False |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | None | power off | available | False |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | None | power off | available | False |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | None | power off | available | False |
+--------------------------------------+-----------+---------------+-------------+--------------------+-------------+
(undercloud) [stack@undercloud ~]$ Ngati mfundozo zili mu chikhalidwe chosiyana, nthawi zambiri zimayendetsedwa, ndiye kuti chinachake chalakwika ndipo muyenera kuyang'ana pa chipikacho ndikuwona chifukwa chake izi zinachitika. Kumbukirani kuti muzochitika izi tikugwiritsa ntchito virtualization ndipo pakhoza kukhala nsikidzi zomwe zimagwirizanitsidwa ndi kugwiritsa ntchito makina enieni kapena vbmc.
Kenako, tifunika kuwonetsa node yomwe igwire ntchito - ndiko kuti, kuwonetsa mbiri yomwe nodeyo idzagwiritse ntchito:
(undercloud) [stack@undercloud ~]$ openstack overcloud profiles list
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| Node UUID | Node Name | Provision State | Current Profile | Possible Profiles |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | available | None | |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | available | None | |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | available | None | |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | available | None | |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | available | None | |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
(undercloud) [stack@undercloud ~]$ openstack flavor list
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
| 168af640-7f40-42c7-91b2-989abc5c5d8f | swift-storage | 4096 | 40 | 0 | 1 | True |
| 52148d1b-492e-48b4-b5fc-772849dd1b78 | baremetal | 4096 | 40 | 0 | 1 | True |
| 56e66542-ae60-416d-863e-0cb192d01b09 | control | 4096 | 40 | 0 | 1 | True |
| af6796e1-d0c4-4bfe-898c-532be194f7ac | block-storage | 4096 | 40 | 0 | 1 | True |
| e4d50fdd-0034-446b-b72c-9da19b16c2df | compute | 4096 | 40 | 0 | 1 | True |
| fc2e3acf-7fca-4901-9eee-4a4d6ef0265d | ceph-storage | 4096 | 40 | 0 | 1 | True |
+--------------------------------------+---------------+------+------+-----------+-------+-----------+
(undercloud) [stack@undercloud ~]$Tchulani mbiri ya node iliyonse:
openstack baremetal node set --property capabilities='profile:control,boot_option:local' b4b2cf4a-b7ca-4095-af13-cc83be21c4f5
openstack baremetal node set --property capabilities='profile:ceph-storage,boot_option:local' b89a72a3-6bb7-429a-93bc-48393d225838
openstack baremetal node set --property capabilities='profile:ceph-storage,boot_option:local' 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e
openstack baremetal node set --property capabilities='profile:compute,boot_option:local' bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8
openstack baremetal node set --property capabilities='profile:compute,boot_option:local' 766ab623-464c-423d-a529-d9afb69d1167Tiyeni tiwone ngati tachita zonse molondola:
(undercloud) [stack@undercloud ~]$ openstack overcloud profiles list
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| Node UUID | Node Name | Provision State | Current Profile | Possible Profiles |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
| b4b2cf4a-b7ca-4095-af13-cc83be21c4f5 | control-1 | available | control | |
| b89a72a3-6bb7-429a-93bc-48393d225838 | storage-1 | available | ceph-storage | |
| 20a16cc0-e0ce-4d88-8f17-eb0ce7b4d69e | storage-2 | available | ceph-storage | |
| bfc1eb98-a17a-4a70-b0b6-6c0db0eac8e8 | compute-1 | available | compute | |
| 766ab623-464c-423d-a529-d9afb69d1167 | compute-2 | available | compute | |
+--------------------------------------+-----------+-----------------+-----------------+-------------------+
(undercloud) [stack@undercloud ~]$Ngati zonse zili zolondola, timapereka lamulo loti titumize mtambo:
openstack overcloud deploy --templates --control-scale 1 --compute-scale 2 --ceph-storage-scale 2 --control-flavor control --compute-flavor compute --ceph-storage-flavor ceph-storage --libvirt-type qemuPakuyika kwenikweni, ma template osinthidwa adzagwiritsidwa ntchito mwachilengedwe, kwa ife izi zidzasokoneza kwambiri ndondomekoyi, popeza kusintha kulikonse mu template kumayenera kufotokozedwa. Monga momwe zinalembedwera kale, ngakhale kukhazikitsa kosavuta kudzakhala kokwanira kuti tiwone momwe zimagwirira ntchito.
Zindikirani: --libvirt-type qemu variable ndiyofunikira pamenepa, popeza tidzagwiritsa ntchito zisa. Apo ayi, simungathe kuyendetsa makina enieni.
Tsopano muli ndi ola limodzi, kapena mwina kupitilira apo (malingana ndi kuthekera kwa zida) ndipo mutha kuyembekeza kuti ikatha nthawi iyi muwona uthenga wotsatira:
2020-08-14 08:39:21Z [overcloud]: CREATE_COMPLETE Stack CREATE completed successfully
Stack overcloud CREATE_COMPLETE
Host 192.168.255.21 not found in /home/stack/.ssh/known_hosts
Started Mistral Workflow tripleo.deployment.v1.get_horizon_url. Execution ID: fcb996cd-6a19-482b-b755-2ca0c08069a9
Overcloud Endpoint: http://192.168.255.21:5000/
Overcloud Horizon Dashboard URL: http://192.168.255.21:80/dashboard
Overcloud rc file: /home/stack/overcloudrc
Overcloud Deployed
(undercloud) [stack@undercloud ~]$Tsopano muli ndi mtundu wathunthu wa openstack, womwe mungaphunzire, kuyesa, ndi zina.
Tiyeni tiwone ngati zonse zikuyenda bwino. Pachikwatu cha wogwiritsa ntchito kunyumba pali mafayilo awiri - stackrc imodzi (yoyang'anira pansi pamtambo) ndi yachiwiri overcloudrc (yoyang'anira mitambo). Mafayilowa ayenera kutchulidwa ngati gwero, chifukwa ali ndi chidziwitso chofunikira kuti atsimikizidwe.
(undercloud) [stack@undercloud ~]$ openstack server list
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
| fd7d36f4-ce87-4b9a-93b0-add2957792de | overcloud-controller-0 | ACTIVE | ctlplane=192.168.255.15 | overcloud-full | control |
| edc77778-8972-475e-a541-ff40eb944197 | overcloud-novacompute-1 | ACTIVE | ctlplane=192.168.255.26 | overcloud-full | compute |
| 5448ce01-f05f-47ca-950a-ced14892c0d4 | overcloud-cephstorage-1 | ACTIVE | ctlplane=192.168.255.34 | overcloud-full | ceph-storage |
| ce6d862f-4bdf-4ba3-b711-7217915364d7 | overcloud-novacompute-0 | ACTIVE | ctlplane=192.168.255.19 | overcloud-full | compute |
| e4507bd5-6f96-4b12-9cc0-6924709da59e | overcloud-cephstorage-0 | ACTIVE | ctlplane=192.168.255.44 | overcloud-full | ceph-storage |
+--------------------------------------+-------------------------+--------+-------------------------+----------------+--------------+
(undercloud) [stack@undercloud ~]$
(undercloud) [stack@undercloud ~]$ source overcloudrc
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$ openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 4eed7d0f06544625857d51cd77c5bd4c | admin |
| ee1c68758bde41eaa9912c81dc67dad8 | service |
+----------------------------------+---------+
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$
(overcloud) [stack@undercloud ~]$ openstack network agent list
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
| 10495de9-ba4b-41fe-b30a-b90ec3f8728b | Open vSwitch agent | overcloud-novacompute-1.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| 1515ad4a-5972-46c3-af5f-e5446dff7ac7 | L3 agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-l3-agent |
| 322e62ca-1e5a-479e-9a96-4f26d09abdd7 | DHCP agent | overcloud-controller-0.localdomain | nova | :-) | UP | neutron-dhcp-agent |
| 9c1de2f9-bac5-400e-998d-4360f04fc533 | Open vSwitch agent | overcloud-novacompute-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| d99c5657-851e-4d3c-bef6-f1e3bb1acfb0 | Open vSwitch agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-openvswitch-agent |
| ff85fae6-5543-45fb-a301-19c57b62d836 | Metadata agent | overcloud-controller-0.localdomain | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+-------------------------------------+-------------------+-------+-------+---------------------------+
(overcloud) [stack@undercloud ~]$Kuyika kwanga kumafunikirabe kukhudza kumodzi kakang'ono - kuwonjezera njira pa wowongolera, popeza makina omwe ndikugwira nawo ntchito ali pa intaneti ina. Kuti muchite izi, pitani ku Control-1 pansi pa akaunti ya kutentha-admin ndikulembetsa njira
(undercloud) [stack@undercloud ~]$ ssh [email protected]
Last login: Fri Aug 14 09:47:40 2020 from 192.168.255.1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ip route add 10.169.0.0/16 via 192.168.255.254Chabwino, tsopano inu mukhoza kupita pachizimezime. Zambiri zonse - ma adilesi, malowedwe ndi mawu achinsinsi - zili mufayilo /home/stack/overcloudrc. Chithunzi chomaliza chikuwoneka motere:
Mwa njira, pakuyika kwathu, ma adilesi amakina adaperekedwa kudzera pa DHCP ndipo, monga mukuwonera, amaperekedwa "mwachisawawa". Mutha kutanthauzira mosamalitsa mu template yomwe adilesi yomwe iyenera kulumikizidwa ndi makina omwe mukutumizidwa, ngati mukufuna.
Kodi magalimoto amayenda bwanji pakati pa makina enieni?
M'nkhaniyi tiona njira zitatu zodutsa magalimoto
- Makina awiri pa hypervisor imodzi pa intaneti imodzi ya L2
- Makina awiri pa ma hypervisors osiyanasiyana pamaneti amodzi a L2
- makina awiri pamanetiweki osiyana (mtanda-network rooting)
Milandu yokhala ndi mwayi wopita kudziko lakunja kudzera pamaneti akunja, pogwiritsa ntchito ma adilesi oyandama, komanso njira zogawira, tidzakambirana nthawi ina, pakadali pano tiyang'ana pamayendedwe amkati.
Kuti tiwone, tiyeni tipange chithunzi chotsatirachi:
Tapanga makina 4 - 3 pa netiweki imodzi ya L2 - net-1, ndi 1 ina pa net-2 network
(overcloud) [stack@undercloud ~]$ nova list --tenant 5e18ce8ec9594e00b155485f19895e6c
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
| ID | Name | Tenant ID | Status | Task State | Power State | Networks |
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
| f53b37b5-2204-46cc-aef0-dba84bf970c0 | vm-1 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.85 |
| fc8b6722-0231-49b0-b2fa-041115bef34a | vm-2 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.88 |
| 3cd74455-b9b7-467a-abe3-bd6ff765c83c | vm-3 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-1=10.0.1.90 |
| 7e836338-6772-46b0-9950-f7f06dbe91a8 | vm-4 | 5e18ce8ec9594e00b155485f19895e6c | ACTIVE | - | Running | net-2=10.0.2.8 |
+--------------------------------------+------+----------------------------------+--------+------------+-------------+-----------------+
(overcloud) [stack@undercloud ~]$ Tiyeni tiwone ma hypervisors omwe makina opangidwa ali:
(overcloud) [stack@undercloud ~]$ nova show f53b37b5-2204-46cc-aef0-dba84bf970c0 | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-1 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-0.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000001 |(overcloud) [stack@undercloud ~]$ nova show fc8b6722-0231-49b0-b2fa-041115bef34a | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-2 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-1.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000002 |(overcloud) [stack@undercloud ~]$ nova show 3cd74455-b9b7-467a-abe3-bd6ff765c83c | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-3 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-0.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000003 |(overcloud) [stack@undercloud ~]$ nova show 7e836338-6772-46b0-9950-f7f06dbe91a8 | egrep "hypervisor_hostname|instance_name|hostname"
| OS-EXT-SRV-ATTR:hostname | vm-4 |
| OS-EXT-SRV-ATTR:hypervisor_hostname | overcloud-novacompute-1.localdomain |
| OS-EXT-SRV-ATTR:instance_name | instance-00000004 |
(overcloud) [stack@undercloud ~]$
Makina a vm-1 ndi vm-3 ali pa compute-0, makina vm-2 ndi vm-4 ali pa node compute-1.
Kuphatikiza apo, ma rauta enieni adapangidwa kuti azitha kuyendetsa pakati pa maukonde omwe atchulidwa:
(overcloud) [stack@undercloud ~]$ openstack router list --project 5e18ce8ec9594e00b155485f19895e6c
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
| ID | Name | Status | State | Distributed | HA | Project |
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
| 0a4d2420-4b9c-46bd-aec1-86a1ef299abe | router-1 | ACTIVE | UP | False | False | 5e18ce8ec9594e00b155485f19895e6c |
+--------------------------------------+----------+--------+-------+-------------+-------+----------------------------------+
(overcloud) [stack@undercloud ~]$ Router ili ndi madoko awiri enieni, omwe amakhala ngati zipata zama network:
(overcloud) [stack@undercloud ~]$ openstack router show 0a4d2420-4b9c-46bd-aec1-86a1ef299abe | grep interface
| interfaces_info | [{"subnet_id": "2529ad1a-6b97-49cd-8515-cbdcbe5e3daa", "ip_address": "10.0.1.254", "port_id": "0c52b15f-8fcc-4801-bf52-7dacc72a5201"}, {"subnet_id": "335552dd-b35b-456b-9df0-5aac36a3ca13", "ip_address": "10.0.2.254", "port_id": "92fa49b5-5406-499f-ab8d-ddf28cc1a76c"}] |
(overcloud) [stack@undercloud ~]$ Koma tisanayang'ane momwe magalimoto amayendera, tiyeni tiwone zomwe tili nazo pakalipano pa node yolamulira (yomwe ilinso node ya intaneti) ndi pa compute node. Tiyeni tiyambe ndi compute node.
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-vsctl show
[heat-admin@overcloud-novacompute-0 ~]$ sudo sudo ovs-appctl dpif/show
system@ovs-system: hit:3 missed:3
br-ex:
br-ex 65534/1: (internal)
phy-br-ex 1/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/2: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
br-tun:
br-tun 65534/3: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff0f 3/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.15)
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$Pakadali pano, mfundoyi ili ndi milatho itatu ya ovs - br-int, br-tun, br-ex. Pakati pawo, monga tikuonera, pali njira zolumikizirana. Kuti timvetsetse, tiyeni tikonze zolumikizira zonsezi pazithunzi ndikuwona zomwe zikuchitika.
Kuyang'ana maadiresi omwe ma tunnel a VxLAN amakwezedwa, zikhoza kuwoneka kuti ngalande imodzi imakwezedwa kuti iwerenge-1 (192.168.255.26), msewu wachiwiri umayang'ana kulamulira-1 (192.168.255.15). Koma chochititsa chidwi kwambiri ndi chakuti br-ex alibe mawonekedwe a thupi, ndipo ngati muyang'ana zomwe zikuyenda zimakonzedwa, mukhoza kuona kuti mlatho uwu ukhoza kugwetsa magalimoto panthawiyi.
[heat-admin@overcloud-novacompute-0 ~]$ ifconfig eth0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.19 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe6a:eabe prefixlen 64 scopeid 0x20<link>
ether 52:54:00:6a:ea:be txqueuelen 1000 (Ethernet)
RX packets 2909669 bytes 4608201000 (4.2 GiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1821057 bytes 349198520 (333.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-novacompute-0 ~]$ Monga mukuwonera kuchokera pazotuluka, adilesi imakhomedwa mwachindunji ku doko lakuthupi, osati ku mawonekedwe a mlatho.
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-ex
port VLAN MAC Age
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-ex
cookie=0x9169eae8f7fe5bb2, duration=216686.864s, table=0, n_packets=303, n_bytes=26035, priority=2,in_port="phy-br-ex" actions=drop
cookie=0x9169eae8f7fe5bb2, duration=216686.887s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
[heat-admin@overcloud-novacompute-0 ~]$
Malinga ndi lamulo loyamba, zonse zomwe zidachokera ku doko la phy-br-ex ziyenera kutayidwa.
M'malo mwake, palibenso kwina kulikonse komwe magalimoto angabwere mumlathowu kupatulapo mawonekedwe awa (mawonekedwe ndi br-int), ndipo kutengera madontho, magalimoto a BUM alowa kale mumlatho.
Ndiye kuti, magalimoto amatha kusiya mfundoyi pokhapokha kudzera mumsewu wa VxLAN ndipo palibe china chilichonse. Komabe, mukayatsa DVR, zinthu zisintha, koma tithana nazo nthawi ina. Mukamagwiritsa ntchito kudzipatula kwa netiweki, mwachitsanzo kugwiritsa ntchito vlans, simudzakhala ndi mawonekedwe amodzi a L3 mu vlan 0, koma mawonekedwe angapo. Komabe, magalimoto a VxLAN adzasiya mfundo mofanana, komanso atatsekedwa mu mtundu wina wa vlan wodzipereka.
Takonza ndondomeko ya compute, tiyeni tipite ku control node.
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl dpif/show
system@ovs-system: hit:930491 missed:825
br-ex:
br-ex 65534/1: (internal)
eth0 1/2: (system)
phy-br-ex 2/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/3: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
br-tun:
br-tun 65534/4: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff13 3/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.19)
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$M'malo mwake, titha kunena kuti zonse ndizofanana, koma adilesi ya IP salinso pa mawonekedwe akuthupi koma pamlatho weniweni. Izi zimachitika chifukwa doko ili ndi doko lomwe magalimoto amatuluka kupita kunja.
[heat-admin@overcloud-controller-0 ~]$ ifconfig br-ex
br-ex: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 192.168.255.15 netmask 255.255.255.0 broadcast 192.168.255.255
inet6 fe80::5054:ff:fe20:a22f prefixlen 64 scopeid 0x20<link>
ether 52:54:00:20:a2:2f txqueuelen 1000 (Ethernet)
RX packets 803859 bytes 1732616116 (1.6 GiB)
RX errors 0 dropped 63 overruns 0 frame 0
TX packets 808475 bytes 121652156 (116.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-ex
port VLAN MAC Age
3 100 28:c0:da:00:4d:d3 35
1 0 28:c0:da:00:4d:d3 35
1 0 52:54:00:98:e9:d6 0
LOCAL 0 52:54:00:20:a2:2f 0
1 0 52:54:00:2c:08:9e 0
3 100 52:54:00:20:a2:2f 0
1 0 52:54:00:6a:ea:be 0
[heat-admin@overcloud-controller-0 ~]$ Doko ili limamangiriridwa ku mlatho wa br-ex ndipo popeza kulibe ma tag a vlan pamenepo, doko ili ndi doko lomwe ma vlans onse amaloledwa, tsopano magalimoto amatuluka panja popanda tag, monga akuwonetsera vlan-id 0 mu zotuluka pamwamba.
Zina zonse pakadali pano ndizofanana ndi ma compute node - milatho yomweyo, ngalande zomwezo zimapita kumalo awiri owerengera.
Sitidzaganizira zosungirako m'nkhaniyi, koma kuti timvetsetse ndikofunika kunena kuti gawo la maukonde a mfundozi ndi banal mpaka manyazi. Kwa ife, pali doko limodzi lokha (eth0) lomwe lili ndi adilesi ya IP yomwe wapatsidwa ndipo ndi momwemo. Palibe ma tunnel a VxLAN, milatho ya tunnel, ndi zina zotero - palibe ma ovs nkomwe, popeza palibe chifukwa chake. Mukamagwiritsa ntchito kudzipatula kwa netiweki, node iyi idzakhala ndi mawonekedwe awiri (madoko akuthupi, bodny, kapena ma vlans awiri okha - zilibe kanthu - zimatengera zomwe mukufuna) - imodzi yoyang'anira, yachiwiri ya traffic (kulembera ku VM disk. , kuwerenga kuchokera pa disk, etc.)
Tinalingalira zomwe tili nazo pama node popanda ntchito iliyonse. Tsopano tiyeni tiyambitse makina 4 enieni ndikuwona momwe chiwembu chomwe tafotokoza pamwambapa chikusintha - tiyenera kukhala ndi madoko, ma routers, ndi zina zambiri.
Pakadali pano network yathu ikuwoneka motere:
Tili ndi makina awiri pakompyuta iliyonse. Pogwiritsa ntchito compute-0 monga chitsanzo, tiyeni tiwone momwe zonse zikuphatikizidwa.
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh list
Id Name State
----------------------------------------------------
1 instance-00000001 running
3 instance-00000003 running
[heat-admin@overcloud-novacompute-0 ~]$ Makinawa ali ndi mawonekedwe amodzi okha - tap95d96a75-a0:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
Mawonekedwe awa akuwoneka mu mlatho wa linux:
[heat-admin@overcloud-novacompute-0 ~]$ sudo brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.0242904c92a8 no
qbr5bd37136-47 8000.5e4e05841423 no qvb5bd37136-47
tap5bd37136-47
qbr95d96a75-a0 8000.de076cb850f6 no qvb95d96a75-a0
tap95d96a75-a0
[heat-admin@overcloud-novacompute-0 ~]$ Monga mukuwonera pazotulutsa, pali magawo awiri okha pamlatho - tap95d96a75-a0 ndi qvb95d96a75-a0.
Apa ndikofunikira kukhazikika pang'ono pamitundu ya zida zapaintaneti za OpenStack:
vtap - mawonekedwe enieni ophatikizidwa ndi chitsanzo (VM)
qbr - Linux mlatho
qvb ndi qvo - vEth awiri olumikizidwa ku Linux mlatho ndi Open vSwitch bridge
br-int, br-tun, br-vlan - Open vSwitch milatho
chigamba-, int-br-, phy-br- - Tsegulani vSwitch patch interfaces kulumikiza milatho
qg, qr, ha, fg, sg - Tsegulani madoko a vSwitch omwe amagwiritsidwa ntchito ndi zida zenizeni kuti mulumikizane ndi OVS
Monga mukumvetsetsa, ngati tili ndi doko la qvb95d96a75-a0 mu mlatho, womwe ndi vEth pair, ndiye penapake pali mnzake, womwe uyenera kutchedwa qvo95d96a75-a0. Tiyeni tiwone zomwe madoko ali pa OVS.
[heat-admin@overcloud-novacompute-0 ~]$ sudo sudo ovs-appctl dpif/show
system@ovs-system: hit:526 missed:91
br-ex:
br-ex 65534/1: (internal)
phy-br-ex 1/none: (patch: peer=int-br-ex)
br-int:
br-int 65534/2: (internal)
int-br-ex 1/none: (patch: peer=phy-br-ex)
patch-tun 2/none: (patch: peer=patch-int)
qvo5bd37136-47 6/6: (system)
qvo95d96a75-a0 3/5: (system)
br-tun:
br-tun 65534/3: (internal)
patch-int 1/none: (patch: peer=patch-tun)
vxlan-c0a8ff0f 3/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.15)
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$ Monga tikuonera, doko lili mu br-int. Br-int imagwira ntchito ngati chosinthira chomwe chimathetsa madoko a makina enieni. Kuphatikiza pa qvo95d96a75-a0, doko qvo5bd37136-47 likuwoneka pazotulutsa. Ili ndiye doko la makina achiwiri enieni. Zotsatira zake, chithunzi chathu tsopano chikuwoneka motere:
Funso lomwe liyenera kusangalatsa owerenga mwatcheru - kodi mlatho wa linux pakati pa doko la makina ndi doko la OVS ndi lotani? Chowonadi ndi chakuti kuteteza makinawo, magulu otetezera amagwiritsidwa ntchito, omwe sali kanthu koma iptables. OVS sagwira ntchito ndi ma iptables, kotero "crutch" iyi idapangidwa. Komabe, ikutha ntchito - ikusinthidwa ndi contrack mu zotulutsidwa zatsopano.
Ndiye kuti, pamapeto pake, pulogalamuyo ikuwoneka motere:
Makina awiri pa hypervisor imodzi pa intaneti imodzi ya L2
Popeza ma VM awiriwa ali pa netiweki yomweyo ya L2 komanso pa hypervisor yomweyo, kuchuluka kwa magalimoto pakati pawo kumayenda momveka bwino mdera lanu kudzera mu br-int, popeza makina onsewa azikhala pa VLAN imodzi:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000003
Interface Type Source Model MAC
-------------------------------------------------------
tap5bd37136-47 bridge qbr5bd37136-47 virtio fa:16:3e:83:ad:a4
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int
port VLAN MAC Age
6 1 fa:16:3e:83:ad:a4 0
3 1 fa:16:3e:44:98:20 0
[heat-admin@overcloud-novacompute-0 ~]$ Makina awiri pa ma hypervisors osiyanasiyana pamaneti amodzi a L2
Tsopano tiyeni tiwone momwe magalimoto adzayendera pakati pa makina awiri pa intaneti yomweyo ya L2, koma yomwe ili pama hypervisors osiyanasiyana. Kunena zowona, palibe chomwe chidzasinthe kwambiri, basi magalimoto pakati pa hypervisors adzadutsa mumsewu wa vxlan. Tiyeni tione chitsanzo.
Maadiresi a makina enieni omwe tiwonapo magalimoto:
[heat-admin@overcloud-novacompute-0 ~]$ sudo virsh domiflist instance-00000001
Interface Type Source Model MAC
-------------------------------------------------------
tap95d96a75-a0 bridge qbr95d96a75-a0 virtio fa:16:3e:44:98:20
[heat-admin@overcloud-novacompute-0 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo virsh domiflist instance-00000002
Interface Type Source Model MAC
-------------------------------------------------------
tape7e23f1b-07 bridge qbre7e23f1b-07 virtio fa:16:3e:72:ad:53
[heat-admin@overcloud-novacompute-1 ~]$ Timayang'ana pa tebulo lotumizira mu br-int pa compute-0:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:72:ad:53
2 1 fa:16:3e:72:ad:53 1
[heat-admin@overcloud-novacompute-0 ~]Magalimoto akuyenera kupita ku doko 2 - tiyeni tiwone kuti ndi doko lotani:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:7e:7f:28:1f:bd:54
2(patch-tun): addr:0a:bd:07:69:58:d9
3(qvo95d96a75-a0): addr:ea:50:9a:3d:69:58
6(qvo5bd37136-47): addr:9a:d1:03:50:3d:96
LOCAL(br-int): addr:1a:0f:53:97:b1:49
[heat-admin@overcloud-novacompute-0 ~]$Ichi ndi chigamba-tun - ndiko kuti, mawonekedwe mu br-tun. Tiyeni tiwone zomwe zimachitika pa phukusi pa br-tun:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:72:ad:53
cookie=0x8759a56536b67a8e, duration=1387.959s, table=20, n_packets=1460, n_bytes=138880, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:72:ad:53 actions=load:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:2
[heat-admin@overcloud-novacompute-0 ~]$ Phukusili limapakidwa mu VxLAN ndikutumizidwa ku doko 2. Tiyeni tiwone komwe doko 2 limatsogolera:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:b2:d1:f8:21:96:66
2(vxlan-c0a8ff1a): addr:be:64:1f:75:78:a7
3(vxlan-c0a8ff0f): addr:76:6f:b9:3c:3f:1c
LOCAL(br-tun): addr:a2:5b:6d:4f:94:47
[heat-admin@overcloud-novacompute-0 ~]$Iyi ndi njira ya vxlan pa compute-1:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl dpif/show | egrep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/4: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.19, remote_ip=192.168.255.26)
[heat-admin@overcloud-novacompute-0 ~]$Tiyeni tipite ku compute-1 ndikuwona zomwe zidzachitike ndi phukusi:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:44:98:20
2 1 fa:16:3e:44:98:20 1
[heat-admin@overcloud-novacompute-1 ~]$ Mac ili patebulo lotumizira br-int pa compute-1, ndipo monga zikuwonekera kuchokera pazomwe zili pamwambapa, zikuwonekera kudzera padoko 2, lomwe ndi doko lolowera ku br-tun:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:8a:d7:f9:ad:8c:1d
2(patch-tun): addr:46:cc:40:bd:20:da
3(qvoe7e23f1b-07): addr:12:78:2e:34:6a:c7
4(qvo3210e8ec-c0): addr:7a:5f:59:75:40:85
LOCAL(br-int): addr:e2:27:b2:ed:14:46Chabwino, ndiye tikuwona kuti mu br-int pa compute-1 pali poppy kopita:
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:72:ad:53
3 1 fa:16:3e:72:ad:53 0
[heat-admin@overcloud-novacompute-1 ~]$ Ndiko kuti, paketi yolandiridwa idzawulukira ku doko 3, kumbuyo komwe kuli kale makina amtundu-00000003.
Kukongola kwa kutumiza Openstack pophunzira pa zomangamanga zenizeni ndikuti titha kujambula mosavuta magalimoto pakati pa ma hypervisors ndikuwona zomwe zikuchitika nawo. Izi ndi zomwe tidzachita tsopano, thamangani tcpdump pa doko la vnet kupita ku compute-0:
[root@hp-gen9 bormoglotx]# tcpdump -vvv -i vnet3
tcpdump: listening on vnet3, link-type EN10MB (Ethernet), capture size 262144 bytes
*****************omitted*******************
04:39:04.583459 IP (tos 0x0, ttl 64, id 16868, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.19.39096 > 192.168.255.26.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 8012, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.1.88: ICMP echo request, id 5634, seq 16, length 64
04:39:04.584449 IP (tos 0x0, ttl 64, id 35181, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.26.speedtrace-disc > 192.168.255.19.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 59124, offset 0, flags [none], proto ICMP (1), length 84)
10.0.1.88 > 10.0.1.85: ICMP echo reply, id 5634, seq 16, length 64
*****************omitted*******************Mzere woyamba ukuwonetsa kuti Patek kuchokera ku adilesi 10.0.1.85 amapita ku 10.0.1.88 (ICMP traffic), ndipo atakulungidwa mu VxLAN paketi ndi vni 22 ndipo paketi imachokera ku host 192.168.255.19 (compute-0) kuchititsa 192.168.255.26 .1 ( compute-XNUMX). Titha kuwona kuti VNI ikugwirizana ndi zomwe zafotokozedwa mu ovs.
Tiyeni tibwerere ku mzerewu actions=load:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:2. 0x16 ndi vni mu dongosolo la nambala ya hexadecimal. Tiyeni tisinthe nambala iyi kukhala 16th system:
16 = 6*16^0+1*16^1 = 6+16 = 22Ndiko kuti, vni imagwirizana ndi zenizeni.
Mzere wachiwiri ukuwonetsa magalimoto obwerera, chabwino, palibe chifukwa chofotokozera, chirichonse chikuwonekera pamenepo.
Makina awiri pamanetiweki osiyanasiyana (inter-network routing)
Mlandu womaliza lero ndikuyenda pakati pa maukonde mkati mwa polojekiti imodzi pogwiritsa ntchito rauta yeniyeni. Tikulingalira mlandu wopanda DVR (tiwonanso m'nkhani ina), kotero kuwongolera kumachitika pamaneti. Kwa ife, node ya netiweki siyimayikidwa m'malo osiyana ndipo ili pagawo lolamulira.
Choyamba, tiyeni tiwone kuti njira imagwira ntchito:
$ ping 10.0.2.8
PING 10.0.2.8 (10.0.2.8): 56 data bytes
64 bytes from 10.0.2.8: seq=0 ttl=63 time=7.727 ms
64 bytes from 10.0.2.8: seq=1 ttl=63 time=3.832 ms
^C
--- 10.0.2.8 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max = 3.832/5.779/7.727 msPopeza pakadali pano paketi iyenera kupita kuchipata ndikuthamangitsidwa kumeneko, tiyenera kupeza adilesi ya poppy pachipata, chomwe timayang'ana pa tebulo la ARP mwachitsanzo:
$ arp
host-10-0-1-254.openstacklocal (10.0.1.254) at fa:16:3e:c4:64:70 [ether] on eth0
host-10-0-1-1.openstacklocal (10.0.1.1) at fa:16:3e:e6:2c:5c [ether] on eth0
host-10-0-1-90.openstacklocal (10.0.1.90) at fa:16:3e:83:ad:a4 [ether] on eth0
host-10-0-1-88.openstacklocal (10.0.1.88) at fa:16:3e:72:ad:53 [ether] on eth0Tsopano tiyeni tiwone komwe magalimoto okhala ndi kopita (10.0.1.254) fa:16:3e:c4:64:70 ayenera kutumizidwa:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-appctl fdb/show br-int | egrep fa:16:3e:c4:64:70
2 1 fa:16:3e:c4:64:70 0
[heat-admin@overcloud-novacompute-0 ~]$ Tiyeni tiwone komwe port 2 imatsogolera:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:7e:7f:28:1f:bd:54
2(patch-tun): addr:0a:bd:07:69:58:d9
3(qvo95d96a75-a0): addr:ea:50:9a:3d:69:58
6(qvo5bd37136-47): addr:9a:d1:03:50:3d:96
LOCAL(br-int): addr:1a:0f:53:97:b1:49
[heat-admin@overcloud-novacompute-0 ~]$ Zonse ndi zomveka, magalimoto amapita ku br-tun. Tiyeni tiwone njira ya vxlan yomwe idzakulungidwemo:
[heat-admin@overcloud-novacompute-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:c4:64:70
cookie=0x8759a56536b67a8e, duration=3514.566s, table=20, n_packets=3368, n_bytes=317072, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:c4:64:70 actions=load:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:3
[heat-admin@overcloud-novacompute-0 ~]$ Doko lachitatu ndi msewu wa vxlan:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:a2:69:00:c5:fa:ba
2(vxlan-c0a8ff1a): addr:86:f0:ce:d0:e8:ea
3(vxlan-c0a8ff13): addr:72:aa:73:2c:2e:5b
LOCAL(br-tun): addr:a6:cb:cd:72:1c:45
[heat-admin@overcloud-controller-0 ~]$ Zomwe zimayang'ana pa node yolamulira:
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$ Magalimoto afika kumalo olamulira, choncho tiyenera kupitako ndikuwona momwe mayendedwe angachitikire.
Monga mukukumbukira, node yolamulira mkatimo inkawoneka chimodzimodzi ndi mfundo yowerengera - milatho itatu yomweyi, br-ex yokha inali ndi doko lakuthupi lomwe nodeyo imatha kutumiza magalimoto kunja. Kupanga zochitika kunasintha kasinthidwe pa ma compute node - mlatho wa linux, ma iptables ndi ma interfaces adawonjezeredwa ku node. Kulengedwa kwa maukonde ndi rauta pafupifupi anasiya chizindikiro pa kasinthidwe node ulamuliro.
Chifukwa chake, ndizodziwikiratu kuti adilesi yachipata ya MAC iyenera kukhala patebulo lotumizira br-int pagawo lowongolera. Tiyeni tiwone ngati ili pomwepo ndi pomwe ikuyang'ana:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:c4:64:70
5 1 fa:16:3e:c4:64:70 1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:2e:58:b6:db:d5:de
2(patch-tun): addr:06:41:90:f0:9e:56
3(tapca25a97e-64): addr:fa:16:3e:e6:2c:5c
4(tap22015e46-0b): addr:fa:16:3e:76:c2:11
5(qr-0c52b15f-8f): addr:fa:16:3e:c4:64:70
6(qr-92fa49b5-54): addr:fa:16:3e:80:13:72
LOCAL(br-int): addr:06:de:5d:ed:44:44
[heat-admin@overcloud-controller-0 ~]$ Mac ikuwoneka kuchokera padoko qr-0c52b15f-8f. Ngati tibwereranso pamndandanda wamadoko omwe ali ku Openstack, doko lamtunduwu limagwiritsidwa ntchito kulumikiza zida zosiyanasiyana ku OVS. Kuti mukhale olondola, qr ndi doko la rauta yeniyeni, yomwe imayimiridwa ngati malo a mayina.
Tiyeni tiwone malo omwe ali pa seva:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns
qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe (id: 2)
qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 (id: 1)
qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 (id: 0)
[heat-admin@overcloud-controller-0 ~]$ Pafupifupi makope atatu. Koma potengera mayina, mutha kulingalira cholinga cha aliyense wa iwo. Tibwereranso kuzinthu zokhala ndi ID 0 ndi 1 pambuyo pake, tsopano tili ndi chidwi ndi namespace qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe ip route
10.0.1.0/24 dev qr-0c52b15f-8f proto kernel scope link src 10.0.1.254
10.0.2.0/24 dev qr-92fa49b5-54 proto kernel scope link src 10.0.2.254
[heat-admin@overcloud-controller-0 ~]$ Malo a mayinawa ali ndi ziwiri zamkati zomwe tidapanga kale. Madoko onse awiri awonjezedwa ku br-int. Tiyeni tiwone adilesi ya mac ya doko qr-0c52b15f-8f, popeza kuchuluka kwa magalimoto, potengera komwe akupita, adapita ku mawonekedwe awa.
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe ifconfig qr-0c52b15f-8f
qr-0c52b15f-8f: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.0.1.254 netmask 255.255.255.0 broadcast 10.0.1.255
inet6 fe80::f816:3eff:fec4:6470 prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:c4:64:70 txqueuelen 1000 (Ethernet)
RX packets 5356 bytes 427305 (417.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 5195 bytes 490603 (479.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[heat-admin@overcloud-controller-0 ~]$ Ndiye kuti, mu nkhani iyi, chirichonse chimagwira ntchito molingana ndi malamulo a standard routing. Popeza kuchuluka kwa magalimoto kumapangidwira 10.0.2.8, iyenera kutuluka kudzera mu mawonekedwe achiwiri qr-92fa49b5-54 ndikudutsa mumsewu wa vxlan kupita ku compute node:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe arp
Address HWtype HWaddress Flags Mask Iface
10.0.1.88 ether fa:16:3e:72:ad:53 C qr-0c52b15f-8f
10.0.1.90 ether fa:16:3e:83:ad:a4 C qr-0c52b15f-8f
10.0.2.8 ether fa:16:3e:6c:ad:9c C qr-92fa49b5-54
10.0.2.42 ether fa:16:3e:f5:0b:29 C qr-92fa49b5-54
10.0.1.85 ether fa:16:3e:44:98:20 C qr-0c52b15f-8f
[heat-admin@overcloud-controller-0 ~]$ Zonse ndi zomveka, palibe zodabwitsa. Tiyeni tiwone komwe adilesi ya poppy ya host 10.0.2.8 ikuwonekera mu br-int:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:6c:ad:9c
2 2 fa:16:3e:6c:ad:9c 1
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:2e:58:b6:db:d5:de
2(patch-tun): addr:06:41:90:f0:9e:56
3(tapca25a97e-64): addr:fa:16:3e:e6:2c:5c
4(tap22015e46-0b): addr:fa:16:3e:76:c2:11
5(qr-0c52b15f-8f): addr:fa:16:3e:c4:64:70
6(qr-92fa49b5-54): addr:fa:16:3e:80:13:72
LOCAL(br-int): addr:06:de:5d:ed:44:44
[heat-admin@overcloud-controller-0 ~]$ Monga zikuyembekezeredwa, magalimoto amapita ku br-tun, tiyeni tiwone njira yomwe magalimoto amapita:
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl dump-flows br-tun | grep fa:16:3e:6c:ad:9c
cookie=0x2ab04bf27114410e, duration=5346.829s, table=20, n_packets=5248, n_bytes=498512, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0002/0x0fff,dl_dst=fa:16:3e:6c:ad:9c actions=load:0->NXM_OF_VLAN_TCI[],load:0x63->NXM_NX_TUN_ID[],output:2
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo ovs-ofctl show br-tun | grep addr
1(patch-int): addr:a2:69:00:c5:fa:ba
2(vxlan-c0a8ff1a): addr:86:f0:ce:d0:e8:ea
3(vxlan-c0a8ff13): addr:72:aa:73:2c:2e:5b
LOCAL(br-tun): addr:a6:cb:cd:72:1c:45
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$ Magalimoto amapita mumsewu kuti awerenge-1. Chabwino, pa compute-1 chirichonse chiri chophweka - kuchokera ku br-tun phukusi limapita ku br-int ndipo kuchokera kumeneko kupita ku mawonekedwe a makina:
[heat-admin@overcloud-controller-0 ~]$ sudo sudo ovs-appctl dpif/show | grep vxlan-c0a8ff1a
vxlan-c0a8ff1a 2/5: (vxlan: egress_pkt_mark=0, key=flow, local_ip=192.168.255.15, remote_ip=192.168.255.26)
[heat-admin@overcloud-controller-0 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-appctl fdb/show br-int | grep fa:16:3e:6c:ad:9c
4 2 fa:16:3e:6c:ad:9c 1
[heat-admin@overcloud-novacompute-1 ~]$ sudo ovs-ofctl show br-int | grep addr
1(int-br-ex): addr:8a:d7:f9:ad:8c:1d
2(patch-tun): addr:46:cc:40:bd:20:da
3(qvoe7e23f1b-07): addr:12:78:2e:34:6a:c7
4(qvo3210e8ec-c0): addr:7a:5f:59:75:40:85
LOCAL(br-int): addr:e2:27:b2:ed:14:46
[heat-admin@overcloud-novacompute-1 ~]$ Tiyeni tiwone ngati awa ndi mawonekedwe olondola:
[heat-admin@overcloud-novacompute-1 ~]$ brctl show
bridge name bridge id STP enabled interfaces
docker0 8000.02429c001e1c no
qbr3210e8ec-c0 8000.ea27f45358be no qvb3210e8ec-c0
tap3210e8ec-c0
qbre7e23f1b-07 8000.b26ac0eded8a no qvbe7e23f1b-07
tape7e23f1b-07
[heat-admin@overcloud-novacompute-1 ~]$
[heat-admin@overcloud-novacompute-1 ~]$ sudo virsh domiflist instance-00000004
Interface Type Source Model MAC
-------------------------------------------------------
tap3210e8ec-c0 bridge qbr3210e8ec-c0 virtio fa:16:3e:6c:ad:9c
[heat-admin@overcloud-novacompute-1 ~]$
Kwenikweni, tinadutsa njira yonse ya phukusi. Ndikuganiza kuti mwazindikira kuti magalimoto adadutsa munjira zosiyanasiyana za vxlan ndikutuluka ndi ma VNI osiyanasiyana. Tiyeni tiwone kuti ndi mtundu wanji wa VNI, pambuyo pake tidzasonkhanitsa zotayira pa doko lowongolera la node ndikuwonetsetsa kuti magalimoto amayenda ndendende monga tafotokozera pamwambapa.
Chifukwa chake, njira yowerengera-0 ili ndi zotsatirazi = katundu:0->NXM_OF_VLAN_TCI[],load:0x16->NXM_NX_TUN_ID[],output:3. Tiyeni tisinthe 0x16 kukhala dongosolo la nambala ya decimal:
0x16 = 6*16^0+1*16^1 = 6+16 = 22Njira yowerengera-1 ili ndi VNI:actions=load:0->NXM_OF_VLAN_TCI[],load:0x63->NXM_NX_TUN_ID[],output:2. Tiyeni tisinthe 0x63 kukhala dongosolo la nambala ya decimal:
0x63 = 3*16^0+6*16^1 = 3+96 = 99Chabwino, tsopano tiyeni tiwone zotayirapo:
[root@hp-gen9 bormoglotx]# tcpdump -vvv -i vnet4
tcpdump: listening on vnet4, link-type EN10MB (Ethernet), capture size 262144 bytes
*****************omitted*******************
04:35:18.709949 IP (tos 0x0, ttl 64, id 48650, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.19.41591 > 192.168.255.15.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 64, id 49042, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.2.8: ICMP echo request, id 5378, seq 9, length 64
04:35:18.710159 IP (tos 0x0, ttl 64, id 23360, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.15.38983 > 192.168.255.26.4789: [no cksum] VXLAN, flags [I] (0x08), vni 99
IP (tos 0x0, ttl 63, id 49042, offset 0, flags [DF], proto ICMP (1), length 84)
10.0.1.85 > 10.0.2.8: ICMP echo request, id 5378, seq 9, length 64
04:35:18.711292 IP (tos 0x0, ttl 64, id 43596, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.26.42588 > 192.168.255.15.4789: [no cksum] VXLAN, flags [I] (0x08), vni 99
IP (tos 0x0, ttl 64, id 55103, offset 0, flags [none], proto ICMP (1), length 84)
10.0.2.8 > 10.0.1.85: ICMP echo reply, id 5378, seq 9, length 64
04:35:18.711531 IP (tos 0x0, ttl 64, id 8555, offset 0, flags [DF], proto UDP (17), length 134)
192.168.255.15.38983 > 192.168.255.19.4789: [no cksum] VXLAN, flags [I] (0x08), vni 22
IP (tos 0x0, ttl 63, id 55103, offset 0, flags [none], proto ICMP (1), length 84)
10.0.2.8 > 10.0.1.85: ICMP echo reply, id 5378, seq 9, length 64
*****************omitted*******************Phukusi loyamba ndi paketi ya vxlan yochokera ku host 192.168.255.19 (compute-0) kuchititsa 192.168.255.15 (control-1) ndi vni 22, mkati momwe ICMP paketi imayikidwa kuchokera ku host 10.0.1.85 kuti ikhale ndi 10.0.2.8. Monga tawerengera pamwambapa, vni ikufanana ndi zomwe tawona pazotulutsa.
Phukusi lachiwiri ndi paketi ya vxlan yochokera ku host 192.168.255.15 (control-1) kuchititsa 192.168.255.26 (compute-1) ndi vni 99, mkati momwe ICMP paketi imayikidwa kuchokera ku host 10.0.1.85 kuti ikhale ndi 10.0.2.8. Monga tawerengera pamwambapa, vni ikufanana ndi zomwe tawona pazotulutsa.
Mapaketi awiri otsatirawa akubwerera magalimoto kuchokera ku 10.0.2.8 osati 10.0.1.85.
Ndiye kuti, pamapeto pake tili ndi dongosolo lotsatira la node:
Zikuwoneka ngati ndi choncho? Tinayiwala za malo awiri:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns
qrouter-0a4d2420-4b9c-46bd-aec1-86a1ef299abe (id: 2)
qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 (id: 1)
qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 (id: 0)
[heat-admin@overcloud-controller-0 ~]$ Pamene tinalankhula za kamangidwe ka nsanja ya mtambo, zingakhale bwino ngati makina adzalandira maadiresi okha kuchokera ku seva ya DHCP. Awa ndi ma seva awiri a DHCP pamanetiweki athu awiri 10.0.1.0/24 ndi 10.0.2.0/24.
Tiyeni tiwone ngati izi ndi zoona. Pali adilesi imodzi yokha m'malo awa - 10.0.1.1 - adilesi ya seva ya DHCP yokha, ndipo ikuphatikizidwanso mu br-int:
[heat-admin@overcloud-controller-0 ~]$ sudo ip netns exec qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 ifconfig
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 1 bytes 28 (28.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1 bytes 28 (28.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
tapca25a97e-64: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1450
inet 10.0.1.1 netmask 255.255.255.0 broadcast 10.0.1.255
inet6 fe80::f816:3eff:fee6:2c5c prefixlen 64 scopeid 0x20<link>
ether fa:16:3e:e6:2c:5c txqueuelen 1000 (Ethernet)
RX packets 129 bytes 9372 (9.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 49 bytes 6154 (6.0 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0Tiyeni tiwone ngati njira zomwe zili ndi qdhcp-67a3798c-32c0-4c18-8502-2531247e3cc2 m'dzina lawo pazowongolera:
[heat-admin@overcloud-controller-0 ~]$ ps -aux | egrep qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638
root 640420 0.0 0.0 4220 348 ? Ss 11:31 0:00 dumb-init --single-child -- ip netns exec qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638 /usr/sbin/dnsmasq -k --no-hosts --no-resolv --pid-file=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/pid --dhcp-hostsfile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/host --addn-hosts=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/addn_hosts --dhcp-optsfile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/opts --dhcp-leasefile=/var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/leases --dhcp-match=set:ipxe,175 --local-service --bind-dynamic --dhcp-range=set:subnet-335552dd-b35b-456b-9df0-5aac36a3ca13,10.0.2.0,static,255.255.255.0,86400s --dhcp-option-force=option:mtu,1450 --dhcp-lease-max=256 --conf-file= --domain=openstacklocal
heat-ad+ 951620 0.0 0.0 112944 980 pts/0 S+ 18:50 0:00 grep -E --color=auto qdhcp-7d541e74-1c36-4e1d-a7c4-0968c8dbc638
[heat-admin@overcloud-controller-0 ~]$ Pali njira yoteroyo ndipo kutengera zomwe zafotokozedwa pamwambapa, titha, mwachitsanzo, kuwona zomwe tili nazo pakubwereka:
[heat-admin@overcloud-controller-0 ~]$ cat /var/lib/neutron/dhcp/7d541e74-1c36-4e1d-a7c4-0968c8dbc638/leases
1597492111 fa:16:3e:6c:ad:9c 10.0.2.8 host-10-0-2-8 01:fa:16:3e:6c:ad:9c
1597491115 fa:16:3e:76:c2:11 10.0.2.1 host-10-0-2-1 *
[heat-admin@overcloud-controller-0 ~]$Zotsatira zake, timapeza ntchito zotsatirazi pa node yolamulira:
Chabwino, kumbukirani - awa ndi makina 4 okha, ma netiweki 2 amkati ndi rauta imodzi ... rauta yogawidwa idazimitsidwa, ndipo pamapeto pake, panali node imodzi yokha yowongolera mu benchi yoyeserera (pakulekerera zolakwika payenera kukhala quorum ya mfundo zitatu). Ndizomveka kuti muzamalonda chilichonse ndi "pang'ono" chovuta kwambiri, koma mu chitsanzo chosavuta ichi timamvetsetsa momwe ziyenera kukhalira - kaya muli ndi mayina a 3 kapena 300 ndizofunikira, koma pakuwona momwe ntchito yonse ikuyendera. dongosolo, palibe chomwe chidzasinthe kwambiri ... ngakhale mpaka simungalowetse ena ogulitsa SDN. Koma imeneyo ndi nkhani yosiyana kotheratu.
Ndikukhulupirira kuti zinali zosangalatsa. Ngati muli ndi ndemanga / zowonjezera, kapena kwinakwake ndinanama (ndine munthu ndipo maganizo anga nthawi zonse amakhala omvera) - lembani zomwe ziyenera kuwongoleredwa / kuwonjezeredwa - tidzakonza / kuwonjezera chirichonse.
Pomaliza, ndikufuna kunena mawu ochepa okhudzana ndi kufananiza Openstack (onse vanila ndi wogulitsa) ndi yankho lamtambo kuchokera ku VMWare - ndakhala ndikufunsidwa funsoli pafupipafupi zaka zingapo zapitazi ndipo, kunena zoona, ndine. kale atatopa nazo, komabe. Malingaliro anga, ndizovuta kwambiri kufanizitsa njira ziwirizi, koma tikhoza kunena kuti pali zovuta muzothetsera zonsezo ndipo posankha njira imodzi muyenera kuyeza ubwino ndi kuipa.
Ngati OpenStack ndi yankho loyendetsedwa ndi anthu, ndiye kuti VMWare ili ndi ufulu wochita zomwe akufuna (kuwerenga - zomwe zili zopindulitsa kwa izo) ndipo izi ndizomveka - chifukwa ndi kampani yamalonda yomwe imagwiritsidwa ntchito kupanga ndalama kuchokera kwa makasitomala ake. Koma pali imodzi yayikulu komanso yonenepa KOMA - mutha kuchoka ku OpenStack, mwachitsanzo kuchokera ku Nokia, ndikusintha ndalama pang'ono kupita ku yankho kuchokera, mwachitsanzo, Juniper (Contrail Cloud), koma simungathe kuchoka pa VMWare. . Kwa ine, mayankho awiriwa amawoneka ngati awa - Openstack (wogulitsa) ndi khola losavuta momwe mumayikamo, koma muli ndi kiyi ndipo mutha kuchoka nthawi iliyonse. VMWare ndi khola lagolide, mwiniwakeyo ali ndi kiyi ya khola ndipo adzakudyerani ndalama zambiri.
Sindikutsatsa malonda oyamba kapena achiwiri - mumasankha zomwe mukufuna. Koma ndikadakhala ndi chisankho choterocho, ndikadasankha mayankho onse awiri - VMWare pamtambo wa IT (zonyamula zotsika, zowongolera zosavuta), OpenStack kuchokera kwa ogulitsa ena (Nokia ndi Juniper amapereka mayankho abwino kwambiri a turnkey) - pamtambo wa Telecom. Sindingagwiritse ntchito Openstack pa IT yoyera - zili ngati kuwombera mpheta ndi cannon, koma sindikuwona zotsutsana ndikugwiritsa ntchito kupatula kufutukula. Komabe, kugwiritsa ntchito VMWare mu telecom kuli ngati kukoka mwala wosweka mu Ford Raptor - ndizokongola kuchokera kunja, koma dalaivala ayenera kupanga maulendo 10 m'malo mwa amodzi.
M'malingaliro anga, choyipa chachikulu cha VMWare ndikutseka kwathunthu - kampaniyo sidzakupatsani chidziwitso cha momwe imagwirira ntchito, mwachitsanzo, vSAN kapena zomwe zili mu hypervisor kernel - sizopindulitsa kwa izo - ndiko kuti, mudzachita. osakhalanso katswiri wa VMWare - popanda kuthandizidwa ndi ogulitsa, ndiwe wothedwa (nthawi zambiri ndimakumana ndi akatswiri a VMWare omwe amadabwitsidwa ndi mafunso ang'onoang'ono). Kwa ine, VMWare ikugula galimoto yokhala ndi hood yotsekedwa - inde, mutha kukhala ndi akatswiri omwe angasinthe lamba wanthawi, koma ndi yekhayo amene adakugulitsani yankho ili ndi omwe angatsegule hood. Inemwini, sindimakonda mayankho omwe sindingathe kulowamo. Mudzanena kuti simuyenera kupita pansi pa hood. Inde, izi ndi zotheka, koma ndikuyang'ana pa inu pamene muyenera kusonkhanitsa ntchito yaikulu mumtambo kuchokera ku makina pafupifupi 20-30, maukonde 40-50, theka la omwe akufuna kupita kunja, ndipo theka lachiwiri likufunsani. SR-IOV mathamangitsidwe, apo ayi mudzafunika angapo angapo a magalimoto awa - apo ayi ntchito sikokwanira.
Palinso malingaliro ena, kotero inu nokha mungasankhe zomwe mungasankhe ndipo, chofunika kwambiri, mudzakhala ndi udindo pazosankha zanu. Awa ndi malingaliro anga chabe - munthu yemwe wawona ndikukhudza zinthu zosachepera 4 - Nokia, Juniper, Red Hat ndi VMWare. Ndiko kuti, ndili ndi chofanizira nacho.
Source: www.habr.com