openstack 虚拟机增加VIP

source /root/
neutron net-list  |grep private

neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}')

###创建VIP接口  #--security-group default
neutron port-create --fixed-ip ip_address= private 


neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"'

neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"' |awk '{print $2}'

neutron port-update $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"' |awk '{print $2}') --allowed_address_pairs list=true type=dict ip_address= 

neutron port-show $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"' |awk '{print $2}')

source /root/

neutron port-create --fixed-ip ip_address= private 

neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"'  |awk '{print $2}'

neutron port-update --no-security-groups --port-security-enabled=False $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"'  |awk '{print $2}')

neutron port-show $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"' |awk '{print $2}')

####取消安全组对应端口的管理 vip
neutron port-update --no-security-groups  --port-security-enabled=False $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"'  |awk '{print $2}')

####接口信息 vip
neutron port-show $(neutron port-list --network_id=$(neutron net-list  |grep private |awk '{print $2}') |grep '"' |awk '{print $2}')


###操作实例: keepalived vip








[root@node171 ~]# source
[root@node171 ~]# neutron port-create --fixed-ip ip_address= public
Created a new port:
| Field                 | Value                |
| admin_state_up        | True                |
| allowed_address_pairs |                |
| binding:host_id       |                |
| binding:profile       | {}                |
| binding:vif_details   | {}                |
| binding:vif_type      | unbound                |
| binding:vnic_type     | normal                |
| device_id             |                |
| device_owner          |                |
| dns_assignment        | {"hostname": "host-192-168-3-207", "ip_address": "", "fqdn": "host-192-168-3-207.openstacklocal."} |
| dns_name              |                |
| extra_dhcp_opts       |                |
| fixed_ips             | {"subnet_id": "41e4d673-f502-4ed2-8844-994bd3d135f1", "ip_address": ""}                |
| id                    | e260f45f-a437-4d90-a46c-f23ed0c2440d                |
| mac_address           | fa:16:3e:c3:0d:fe                |
| name                  | vip1                |
| network_id            | 1fc9dafc-8f5e-4c53-82d1-1b6e432f88fd                |
| port_security_enabled | True                |
| security_groups       | 81b83d75-e8c7-4cd4-bcf5-7013d83cbc9c                |
| status                | DOWN                |
| tenant_id             | 3e2c6c87f087404a80826d0467e2e37a                |
[root@node171 ~]# neutron port-update $(neutron port-list --network_id=$(neutron net-list  |grep public |awk '{print $2}') |grep '"' |awk '{print $2}') --allowed_address_pairs list=true type=dict ip_address=
Updated port: 101ac8ae-bce5-4992-96df-b77ee41b2467
[root@node171 ~]# neutron port-show $(neutron port-list --network_id=$(neutron net-list  |grep public |awk '{print $2}') |grep '"' |awk '{print $2}')
| Field                 | Value                |
| admin_state_up        | True                |
| allowed_address_pairs | {"ip_address": "", "mac_address": "fa:16:3e:81:b1:cd"}                |
| binding:host_id       | node172                |
| binding:profile       | {}                |
| binding:vif_details   | {"port_filter": true}                |
| binding:vif_type      | bridge                |
| binding:vnic_type     | normal                |
| device_id             | e22f47d1-7081-483f-af44-136990374667                |
| device_owner          | compute:nova                |
| dns_assignment        | {"hostname": "host-192-168-3-205", "ip_address": "", "fqdn": "host-192-168-3-205.openstacklocal."} |
| dns_name              |                |
| extra_dhcp_opts       |                |
| fixed_ips             | {"subnet_id": "41e4d673-f502-4ed2-8844-994bd3d135f1", "ip_address": ""}                |
| id                    | 101ac8ae-bce5-4992-96df-b77ee41b2467                |
| mac_address           | fa:16:3e:81:b1:cd                |
| name                  |                |
| network_id            | 1fc9dafc-8f5e-4c53-82d1-1b6e432f88fd                |
| port_security_enabled | True                |
| security_groups       | 81b83d75-e8c7-4cd4-bcf5-7013d83cbc9c                |
| status                | ACTIVE                |
| tenant_id             | 3e2c6c87f087404a80826d0467e2e37a                |
[root@node171 ~]# neutron port-update $(neutron port-list --network_id=$(neutron net-list  |grep public |awk '{print $2}') |grep '"' |awk '{print $2}') --allowed_address_pairs list=true type=dict ip_address=
Updated port: 9993629f-8f6b-44da-a413-ec3b5af88091
[root@node171 ~]# neutron port-show $(neutron port-list --network_id=$(neutron net-list  |grep public |awk '{print $2}') |grep '"' |awk '{print $2}')
| Field                 | Value                |
| admin_state_up        | True                |
| allowed_address_pairs | {"ip_address": "", "mac_address": "fa:16:3e:d4:14:98"}                |
| binding:host_id       | node174                |
| binding:profile       | {}                |
| binding:vif_details   | {"port_filter": true}                |
| binding:vif_type      | bridge                |
| binding:vnic_type     | normal                |
| device_id             | 61d7d9ac-b7fa-40b6-a1b1-6cc5dde5503e                |
| device_owner          | compute:nova                |
| dns_assignment        | {"hostname": "host-192-168-3-206", "ip_address": "", "fqdn": "host-192-168-3-206.openstacklocal."} |
| dns_name              |                |
| extra_dhcp_opts       |                |
| fixed_ips             | {"subnet_id": "41e4d673-f502-4ed2-8844-994bd3d135f1", "ip_address": ""}                |
| id                    | 9993629f-8f6b-44da-a413-ec3b5af88091                |
| mac_address           | fa:16:3e:d4:14:98                |
| name                  |                |
| network_id            | 1fc9dafc-8f5e-4c53-82d1-1b6e432f88fd                |
| port_security_enabled | True                |
| security_groups       | 81b83d75-e8c7-4cd4-bcf5-7013d83cbc9c                |
| status                | ACTIVE                |
| tenant_id             | 3e2c6c87f087404a80826d0467e2e37a                |





##################vm node-1  操作如下
yum install -y keepalived

echo '
global_defs {
   router_id LVS_DEVEL

vrrp_instance VI_1 {
    state MASTER
    interface eth0

    virtual_router_id 203
    priority 100
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 2829

    virtual_ipaddress { dev eth0

' >/etc/keepalived/keepalived.conf 

systemctl enable keepalived.service 
systemctl restart keepalived.service
systemctl status keepalived.service 

ip address

##################vm node-1 操作如下

yum install -y keepalived

echo '
global_defs {
   router_id LVS_DEVEL

vrrp_instance VI_1 {
    state BACKUP
    interface eth0

    virtual_router_id 203
    priority 99
    advert_int 1
    authentication {
    auth_type PASS
    auth_pass 2829
    virtual_ipaddress { dev eth0

' >/etc/keepalived/keepalived.conf 

systemctl enable keepalived.service 
systemctl restart keepalived.service
systemctl status keepalived.service 

ip address



#####################################vm node-1 操作
[root@node-1 ~]# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:81:b1:cd brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic eth0
       valid_lft 86079sec preferred_lft 86079sec
    inet scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fe81:b1cd/64 scope link
       valid_lft forever preferred_lft forever

##################################### vm node-2 操作
[root@node-2 ~]# ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.661 ms
64 bytes from icmp_seq=2 ttl=64 time=0.394 ms

##################################### vm node-1 操作
[root@node-1 ~]# systemctl stop keepalived.service
[root@node-1 ~]# ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:81:b1:cd brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic eth0
       valid_lft 73060sec preferred_lft 73060sec
    inet6 fe80::f816:3eff:fe81:b1cd/64 scope link
       valid_lft forever preferred_lft forever

##################################### vm node-2 操作  
[root@node-2 ~]# ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN qlen 1
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast state UP qlen 1000
    link/ether fa:16:3e:d4:14:98 brd ff:ff:ff:ff:ff:ff
    inet brd scope global dynamic eth0
       valid_lft 65713sec preferred_lft 65713sec
    inet scope global secondary eth0
       valid_lft forever preferred_lft forever
    inet6 fe80::f816:3eff:fed4:1498/64 scope link
       valid_lft forever preferred_lft forever
#################################### vm node-1 操作      
[root@node-1 ~]# ping
PING ( 56(84) bytes of data.
64 bytes from icmp_seq=1 ttl=64 time=0.554 ms


