OpenStack LinuxBridge网络模式修改为OpenvSwitch网络模式

一、测试环境
二、查询当前openstack的网络类型
三、neutron的配置(controller节点)
1. 关闭Linuxbridge服务
2. 重建neutron数据库
3. 安装openvswitch软件包
4. 配置ML2 插件
5. 配置ML3 插件
6. 配置openvswitch_agent
7. 配置dhcp
8. 初始化neutron数据库
9. 启动openswitch服务
四、neutron的配置(compute节点)
1. 关闭Linuxbridge服务
2. 安装openvswitch软件包
3. 配置openvswitch_agent
4. 启动openswitch服务
五、控制节点执行以下操作
1. 查询网络的类型是否为OVS
2. 删除之前留下的Linuxbridge网桥信息
3. 添加br-ex网桥
4. 查看ovs的状态
六、dashboard界面正常创建网络
1. 创建完成如下图
2. 创建云主机访问百度测试

一、测试环境

controller    eth0: 10.20.1.181    eth1: 192.168.1.181

compute1   eth0: 10.20.1.182    eth1: 192.168.1.182

compute2    eth0: 10.20.1.183    eth1: 192.168.1.183

 

二、查询当前openstack的网络类型

[root@controller ~]# openstack network agent list 
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host       | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 3adf1be0-6bb2-4407-97a8-4650c853c37a | Linux bridge agent | compute    | None              | :-)   | UP    | neutron-linuxbridge-agent |
| 608949e5-f0de-451e-9c58-d43d47901ed8 | DHCP agent         | controller | nova              | :-)   | UP    | neutron-dhcp-agent        |
| 8bbbd0b9-80ee-49d7-936c-2d357847c0a6 | Linux bridge agent | controller | None              | :-)   | UP    | neutron-linuxbridge-agent |
| b237a133-3ecd-485a-8270-dd5708a175cd | Metadata agent     | controller | None              | :-)   | UP    | neutron-metadata-agent    |
| e98685f1-f6f3-499a-89f1-5b215cbe0a8d | L3 agent           | controller | nova              | :-)   | UP    | neutron-l3-agent          |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

 

三、neutron的配置(controller节点)

原来的配置不动,只需要修改如下几个文件里面的内容即可

1. 关闭Linuxbridge服务

[root@controller ~]# systemctl stop neutron-linuxbridge-agent.service
[root@controller ~]# systemctl disable neutron-linuxbridge-agent.service
Removed symlink /etc/systemd/system/multi-user.target.wants/neutron-linuxbridge-agent.service.

2. 重建neutron数据库

MariaDB [(none)]> DROP DATABASE neutron;
MariaDB [(none)]> CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' IDENTIFIED BY '000000';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY '000000';  

3. 安装openvswitch软件包

[root@controller ~]# yum install openstack-neutron-openvswitch -y

4. 配置ML2 插件

修改如下内容即可
[root@controller ~]# vi /etc/neutron/plugins/ml2/ml2_conf.ini 
[ml2]
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = openvswitch,l2population
extension_drivers = port_security
[ml2_type_flat]
flat_networks = provider
[securitygroup]
enable_ipset = true
[ml2_type_vxlan]
vni_ranges = 1:1000
[ml2_type_vlan]
network_vlan_ranges = default:3001:4000

5. 配置ML3 插件

[root@controller ~]# vi /etc/neutron/l3_agent.ini 
[DEFAULT]
verbose = true
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
external_network_bridge = br-ex

 

6. 配置openvswitch_agent

[root@controller ~]# vi /etc/neutron/plugins/ml2/openvswitch_agent.ini 
[ovs]
tunnel_bridge = br-tun
local_ip = 192.168.100.10   #隧道IP地址即管理网卡IP地址
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
bridge_mappings = provider:br-ex
prevent_arp_spoofing = true
[agent]
tunnel_types = vxlan
l2_population = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true

7. 配置dhcp

[root@controller ~]# vi /etc/neutron/dhcp_agent.ini 
[DEFAULT]
interface_driver = neutron.agent.linux.interface.OVSInterfaceDriver
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true

 

8. 初始化neutron数据库

[root@controller ~]# su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron

9. 启动openswitch服务

[root@controller ~]# systemctl restart neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
[root@controller ~]# systemctl enable neutron-server.service neutron-openvswitch-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service 

 

四、neutron的配置(compute节点)

1. 关闭Linuxbridge服务

[root@compute ~]# systemctl stop neutron-linuxbridge-agent.service
[root@compute ~]# systemctl disable neutron-linuxbridge-agent.service

2. 安装openvswitch软件包

[root@controller ~]# yum install openstack-neutron-openvswitch -y

3. 配置openvswitch_agent

[root@compute ~]# vi /etc/neutron/plugins/ml2/openvswitch_agent.ini 
[ovs]
tunnel_bridge = br-tun
local_ip = 192.168.100.20   #隧道IP地址 管理网卡IP地址
integration_bridge = br-int
tenant_network_type = vxlan
tunnel_type = vxlan
tunnel_id_ranges = 1:1000
enable_tunneling = true
[agent]
tunnel_types = vxlan
l2_population = true
[securitygroup]
firewall_driver = neutron.agent.linux.iptables_firewall.OVSHybridIptablesFirewallDriver
enable_security_group = true

 

4. 启动openswitch服务

[root@compute ~]# systemctl start neutron-openvswitch-agent.service
[root@compute ~]# systemctl enable neutron-openvswitch-agent.service

 

五、控制节点执行以下操作

1. 查询网络的类型是否为OVS

[root@controller ~]# openstack network agent list 
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID                                   | Agent Type         | Host       | Availability Zone | Alive | State | Binary                    |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 1e651e34-d239-43fb-8af7-553411afe406 | Open vSwitch agent | compute    | None              | :-)   | UP    | neutron-openvswitch-agent |
| 2f8e4601-47ae-4ce6-8c8f-9ed7b3fe648c | Metadata agent     | controller | None              | :-)   | UP    | neutron-metadata-agent    |
| 41e68b12-2003-4534-97a4-107bb0390cb7 | Linux bridge agent | compute    | None              | XXX   | UP    | neutron-linuxbridge-agent |
| 825f9141-08bd-47f7-8cc5-7eeee9cbb522 | DHCP agent         | controller | nova              | :-)   | UP    | neutron-dhcp-agent        |
| a6bf0bf8-508e-4bb0-9540-2c41c00b83bd | Open vSwitch agent | controller | None              | :-)   | UP    | neutron-openvswitch-agent |
| f62de0be-8a0a-4037-b3b7-01070c10c885 | L3 agent           | controller | nova              | :-)   | UP    | neutron-l3-agent          |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+

删除没有用的Linuxbridge信息

[root@controller ~]# openstack network agent delete 6dcdf2e8-8227-420e-823b-8ed671677745

[root@controller ~]# openstack network agent delete d9fc5b44-92a0-4cf5-8668-1d04845fff1b

 

2. 删除之前留下的Linuxbridge网桥信息

查看网桥信息

[root@controller ~]# brctl show
bridge name           bridge id               STP enabled     interfaces
brq7f21d513-47          8000.286ed489d013           no              eth0

 

 

不操作这一步添加br-ex会报错

先使用 brctl delif 网桥名称  绑定网卡的名称 这条命令解除网卡的绑定
 brctl delif brq7f21d513-47 eth0

然后down掉对应的网桥 在进行删除即可
[root@controller ~]# ifconfig brq7f21d513-47 down 
[root@controller ~]# ifconfig brq7f21d513-47 down 
[root@controller ~]# ifconfig  vxlan-1 down 
[root@controller ~]# brctl show   查看网桥信息
bridge name     bridge id               STP enabled     interfaces
brq59014ca7-b8          8000.000000000000       no
brqdb369f01-a7          8000.000000000000       no
[root@controller ~]# brctl delbr brq59014ca7-b8
[root@controller ~]# brctl delbr brqdb369f01-a7
[root@controller ~]# brctl show
bridge name     bridge id               STP enabled     interfaces

 

3. 添加br-ex网桥

[root@controller ~]# ovs-vsctl add-br br-ex 
[root@controller ~]# ovs-vsctl add-port br-ex eth0

然后重启以下控制节点和计算节点的网络服务即可

 

4. 查看ovs的状态

br-ex 上网用的主要连接外部网卡
br-tun 隧道网卡,建立隧道的
br-int 确保云主机可以上网的
br-tun这里会显示隧道的IP地址

[root@controller ~]# ovs-vsctl show 
[root@controller ~]# ovs-vsctl show 
8f6d9ea5-4be3-409e-af6e-e9c2b1783dfe
    Manager "ptcp:6640:127.0.0.1"
        is_connected: true
    Bridge br-ex
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "ens34"
            Interface "ens34"
        Port br-ex
            Interface br-ex
                type: internal
        Port phy-br-ex
            Interface phy-br-ex
                type: patch
                options: {peer=int-br-ex}
    Bridge br-tun
        Controller "tcp:127.0.0.1:6633"
            is_connected: true
        fail_mode: secure
        Port "vxlan-c0a86414"
            Interface "vxlan-c0a86414"
                type: vxlan
                options: {df_default="true", egress_pkt_mark="0", in_key=flow, local_ip="192.168.100.10", out_key=flow, remote_ip="192.168.100.20"}
        Port patch-int
            Interface patch-int
                type: patch
                options: {peer=patch-tun}
        Port br-tun
            Interface br-tun
                type: internal

六、dashboard界面正常创建网络

1. 创建完成如下图

 

 

 

2. 创建云主机访问百度测试

 

 

 

 

摘自: https://blog.csdn.net/qq_45631844/article/details/120822263

 

posted @ 2022-07-14 09:29  fengjian1585  阅读(1160)  评论(0编辑  收藏  举报