Further understanding of the network

The provider network provides a two-layer connection for virtual machines , Each network segment of a physical network can implement at most one provider network

Self service network allows non privileged ordinary projects to manage the network by themselves , This kind of network is completely virtual （ Pure virtual network ）

By default , Different items ( Tenant ) Self service network , That's the project ( Tenant ) The network is completely isolated , Can't share ,

To create a self-service network, you can choose local、flat、vlan、vxlan perhaps gre Other types

however flat and vlan A type of self-service network essentially corresponds to an actual physical network segment , So what really matters is vxlan or gre type , Because such networks themselves do not depend on specific networks , As long as the physical network can provide ip Multicast support is sufficient .

Besides , If the virtual machine instance in the self-service network wants to access the external network （ Physical networks ）, You must create the appropriate provider network to provide external connections

br-ex
Connect external （external） The bridge of the network

br-int
Integrate （integration） bridge , all instance The virtual network card and other virtual network devices will be connected to the bridge .

br-tun
Tunnel （tunnel） bridge , Based on tunnel technology VxLAN and GRE The network will use this bridge for communication .

These bridges are Neutron Automatically created for us , But by brctl show Commands can't see them . This is because we use Open vSwitch Instead of Linux Bridge, Need to use Open vSwitch The order of ovs-vsctl show see

Create a provider network

Here the provider network is temporarily used OpenStack Network of _baidu_41553551 The blog of -CSDN Blog

  Create a self-service network

/etc/neutron/plugins/ml2/ml2_conf.ini file

This range represents the creation of vxlan The scope of the , Administrator does not vni The limits of scope , You can create 1-16777216 individual xvlan The Internet

  establish vxlan Type of self-service network

Create a subnet , If the gateway is not set , It defaults to the first one in the network ip Address  

If the subnet address pool is not set, it will default to the address range outside the gateway  

To configure Neutron Router

1、 To configure L3 agent

The profile is located in /etc/neutron/l3_agent.ini 

If the network mechanism drive is Linux Bridge

Is set to interface_driver=neutron.agent.linux.interface.BridgeInterfaceDriver

If the network mechanism drive is Open vSwitch

Is set to interface_driver=neutron.agent.linux.interface.OVSInterfaceDriver

Modify the above configuration , Need to restart L3 Agency service

systemctl restart neutron-l3-agent.service

 2、 Configure the router to connect to the subnet

  Connect different subnets , Allow subnets to communicate with each other

The router here directly uses the one built last time

Add the self-service network to the router

Distribution float ip Address to achieve two-way communication between internal and external networks

Bound to the external network ip

Modify the configuration file /etc/nova/nova.conf

Change it to

network_manager=nova.network.manager.VlanManager
vlan_interface=eth1 # A network adapter 
vlan_start=400 #Vlan Numbered starting 
public_interface=enp0s8 # The network card