当前位置:网站首页>金鱼哥RHCA回忆录:CL210管理OPENSTACK网络--章节实验
金鱼哥RHCA回忆录:CL210管理OPENSTACK网络--章节实验
2022-08-01 18:02:00 【华为云】
个人简介:大家好,我是 金鱼哥,CSDN运维领域新星创作者,华为云·云享专家,阿里云社区·专家博主
个人资质:CCNA、HCNP、CSNA(网络分析师),软考初级、中级网络工程师、RHCSA、RHCE、RHCA、RHCI、ITIL
格言:努力不一定成功,但要想成功就必须努力支持我:可点赞、可收藏️、可留言
由于篇幅过长所以章节实验写在此文。
章节实验
创建一个VLAN提供者网络。
启动附加到提供程序网络的实例。
[[email protected] ~]$ lab networking-review setup Setting up workstation for exercise work: • Verifying project: production............................... SUCCESS • Creating user environment file: operator1-production-rc..... SUCCESS • Creating keypair: example-keypair........................... SUCCESS . Creating flavor: default.................................... SUCCESS . Creating image: rhel7....................................... SUCCESS . Creating secgroup: default.................................. SUCCESS • Creating secgroup rule: icmp................................ SUCCESS1. 查看utilitv上的网络接口配置。
实用程序在每个VLAN中都有一个子接口,从101到104,允许测试离开OpenStack的VLAN流量。
[[email protected] ~]$ ssh [email protected][[email protected] ~]# ip addr1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 52:54:00:00:fa:dc brd ff:ff:ff:ff:ff:ff inet 172.25.250.220/24 brd 172.25.250.255 scope global noprefixroute eth0 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe00:fadc/64 scope link valid_lft forever preferred_lft forever3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000 link/ether 52:54:00:03:00:dc brd ff:ff:ff:ff:ff:ff inet 172.24.250.220/24 brd 172.24.250.255 scope global noprefixroute eth1 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe03:dc/64 scope link valid_lft forever preferred_lft forever4: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:03:00:dc brd ff:ff:ff:ff:ff:ff inet 10.0.101.1/24 brd 10.0.101.255 scope global eth1.101 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe03:dc/64 scope link valid_lft forever preferred_lft forever5: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:03:00:dc brd ff:ff:ff:ff:ff:ff inet 10.0.102.1/24 brd 10.0.102.255 scope global eth1.102 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe03:dc/64 scope link valid_lft forever preferred_lft forever6: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:03:00:dc brd ff:ff:ff:ff:ff:ff inet 10.0.103.1/24 brd 10.0.103.255 scope global eth1.103 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe03:dc/64 scope link valid_lft forever preferred_lft forever7: [email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 52:54:00:03:00:dc brd ff:ff:ff:ff:ff:ff inet 10.0.104.1/24 brd 10.0.104.255 scope global eth1.104 valid_lft forever preferred_lft forever inet6 fe80::5054:ff:fe03:dc/64 scope link valid_lft forever preferred_lft forever[[email protected] ~]#2. 使用/home/student/admin-rc环境文件,创建一个名为provider1-104的VLAN提供程序网络并匹配名为subnet1-104的子网。
从前面的练习中,您知道这个网络的流量将通过br-eth3桥传输。使用下表中的选项和值。
[[email protected] ~]# grep ^network_vlan_ranges /var/lib/config-data/puppet-generated/neutron/etc/neutron/plugins/ml2/ml2_conf.ini network_vlan_ranges=datacentre:1:1000,vlanprovider1:101:104,vlanprovider2:101:104,storage:30:30[[email protected] ~]$ source admin-rc [[email protected] ~]$ openstack network create --share --provider-network-type vlan --provider-physical-network vlanprovider1 --provider-segment 104 provider1-104+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2020-10-28T03:31:04Z || description | || dns_domain | None || id | 0f9dd2c1-83ef-4c46-ac9e-7d6ce28d769f || ipv4_address_scope | None || ipv6_address_scope | None || is_default | False || is_vlan_transparent | None || mtu | 1500 || name | provider1-104 || port_security_enabled | True || project_id | 42eecbfbaf684f909abfe5304434fc77 || provider:network_type | vlan || provider:physical_network | vlanprovider1 || provider:segmentation_id | 104 || qos_policy_id | None || revision_number | 3 || router:external | Internal || segments | None || shared | True || status | ACTIVE || subnets | || tags | || updated_at | 2020-10-28T03:31:04Z |+---------------------------+--------------------------------------+[[email protected] ~]$ openstack subnet create --dhcp --subnet-range=10.0.104.0/24 --allocation-pool=start=10.0.104.100,end=10.0.104.149 --network provider1-104 subnet1-104+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| allocation_pools | 10.0.104.100-10.0.104.149 || cidr | 10.0.104.0/24 || created_at | 2020-10-28T03:33:39Z || description | || dns_nameservers | || enable_dhcp | True || gateway_ip | 10.0.104.1 || host_routes | || id | b20a1e29-1b54-4a32-8741-2c0b84c2cf50 || ip_version | 4 || ipv6_address_mode | None || ipv6_ra_mode | None || name | subnet1-104 || network_id | 0f9dd2c1-83ef-4c46-ac9e-7d6ce28d769f || project_id | 42eecbfbaf684f909abfe5304434fc77 || revision_number | 0 || segment_id | None || service_types | || subnetpool_id | None || tags | || updated_at | 2020-10-28T03:33:39Z |+-------------------+--------------------------------------+3. 使用/home/student/admin-rc环境文件,创建一个名为provider2-104的VLAN提供者网络,并匹配名为subnet2-104的子网。
从前面的练习中,您知道这个网络的通信量在br-eth4桥上传输。使用下表中的选项和值。
[[email protected] ~]$ openstack network create --share --provider-network-type vlan --provider-physical-network vlanprovider2 --provider-segment 104 provider2-104+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2020-10-28T03:35:20Z || description | || dns_domain | None || id | 04593cd0-5cbd-4dd5-92a5-ad8d188161c1 || ipv4_address_scope | None || ipv6_address_scope | None || is_default | False || is_vlan_transparent | None || mtu | 1500 || name | provider2-104 || port_security_enabled | True || project_id | 42eecbfbaf684f909abfe5304434fc77 || provider:network_type | vlan || provider:physical_network | vlanprovider2 || provider:segmentation_id | 104 || qos_policy_id | None || revision_number | 3 || router:external | Internal || segments | None || shared | True || status | ACTIVE || subnets | || tags | || updated_at | 2020-10-28T03:35:20Z |+---------------------------+--------------------------------------+[[email protected] ~]$ openstack subnet create --dhcp --subnet-range=10.0.104.0/24 --allocation-pool=start=10.0.104.150,end=10.0.104.199 --network provider2-104 subnet2-104+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| allocation_pools | 10.0.104.150-10.0.104.199 || cidr | 10.0.104.0/24 || created_at | 2020-10-28T03:36:24Z || description | || dns_nameservers | || enable_dhcp | True || gateway_ip | 10.0.104.1 || host_routes | || id | ea643eff-4b09-4a9e-a4b1-fd4a3b4929a8 || ip_version | 4 || ipv6_address_mode | None || ipv6_ra_mode | None || name | subnet2-104 || network_id | 04593cd0-5cbd-4dd5-92a5-ad8d188161c1 || project_id | 42eecbfbaf684f909abfe5304434fc77 || revision_number | 0 || segment_id | None || service_types | || subnetpool_id | None || tags | || updated_at | 2020-10-28T03:36:24Z |+-------------------+--------------------------------------+4. 启动附加到provider1-104网络的实例。将实例命名为production-server1并使用以下值。
[[email protected] ~]$ source operator1-production-rc [[email protected] ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --network provider1-104 --wait production-server1+-----------------------------+---------------------------------------------------------+| Field | Value +-----------------------------+---------------------------------------------------------+| OS-DCF:diskConfig | MANUAL | OS-EXT-AZ:availability_zone | nova | OS-EXT-STS:power_state | Running | OS-EXT-STS:task_state | None | OS-EXT-STS:vm_state | active | OS-SRV-USG:launched_at | 2020-10-28T04:52:20.000000 | OS-SRV-USG:terminated_at | None | accessIPv4 | | accessIPv6 | | addresses | provider1-104=10.0.104.101 5. 启动附加到provider2-104网络的实例。将实例命名为production-server2并使用以下值。
[[email protected] ~(operator1-production)]$ openstack server create --flavor default --image rhel7 --key-name example-keypair --network provider2-104 --wait production-server2+-----------------------------+---------------------------------------------------------+| Field | Value +-----------------------------+---------------------------------------------------------+| OS-DCF:diskConfig | MANUAL | OS-EXT-AZ:availability_zone | nova | OS-EXT-STS:power_state | Running | OS-EXT-STS:task_state | None | OS-EXT-STS:vm_state | active | OS-SRV-USG:launched_at | 2020-10-28T04:55:14.000000| OS-SRV-USG:terminated_at | None | accessIPv4 || accessIPv6 | | addresses | provider2-104=10.0.104.159 6. 在utility中,使用ping命令来测试从OpenStack外部可以访问production-server1和production-server2。
[[email protected] ~]$ ssh utility[[email protected] ~]$ ping -c3 10.0.104.101PING 10.0.104.101 (10.0.104.101) 56(84) bytes of data.64 bytes from 10.0.104.101: icmp_seq=1 ttl=64 time=0.945 ms64 bytes from 10.0.104.101: icmp_seq=2 ttl=64 time=0.494 ms64 bytes from 10.0.104.101: icmp_seq=3 ttl=64 time=0.412 ms--- 10.0.104.101 ping statistics ---3 packets transmitted, 3 received, 0% packet loss, time 2000msrtt min/avg/max/mdev = 0.412/0.617/0.945/0.234 ms[[email protected] ~]$ [[email protected] ~]$ ping -c3 10.0.104.159PING 10.0.104.159 (10.0.104.159) 56(84) bytes of data.64 bytes from 10.0.104.159: icmp_seq=1 ttl=64 time=0.859 ms64 bytes from 10.0.104.159: icmp_seq=2 ttl=64 time=0.569 ms64 bytes from 10.0.104.159: icmp_seq=3 ttl=64 time=0.482 ms--- 10.0.104.159 ping statistics ---3 packets transmitted, 3 received, 0% packet loss, time 2000msrtt min/avg/max/mdev = 0.482/0.636/0.859/0.163 ms7. 在workstation上打开一个新的终端,然后登录到utility并启动tcpdump命令。这将验证是否使用了正确的VLAN。
[[email protected] ~]# tcpdump -nnei eth1 -vvv8. 在production-server1中,使用ping命令测试与production-server2和实用程序的通信。
9. 在utility上,取消tcpdump并验证捕获的ICMP流量是否来自VLAN 104。
10.0.104.101 > 10.0.104.1: ICMP echo request, id 11373, seq 3, length 6406:38:08.998562 52:54:00:03:00:dc > fa:16:3e:46:db:57, ethertype 802.1Q (0x8100), length 102: vlan 104, p 0, ethertype IPv4, (tos 0x0, ttl 64, id 37747, offset 0, flags [none], proto ICMP (1), length 84) 10.0.104.1 > 10.0.104.101: ICMP echo reply, id 11373, seq 3, length 64实验评分
[[email protected] ~]$ lab networking-review grade清除实验
[[email protected] ~]$ lab networking-review cleanup总结
软件定义网络(SDN)是一种网络模型,它允许网络管理员通过抽象几个网络层来管理网络服务。SDN解耦了处理通信量的软件(称为控制平面)和路由通信量的底层机制(称为数据平面)。
开放虚拟网络(OVN)是一个SDN网络项目,扩展了OVS,提供了第二层和第三层网络功能。它利用Geneve框架在OpenStack节点之间创建隧道。
模块化层2 (ML2)插件是一个支持使用各种技术的框架。管理员可以使用OpenStack网络可用的各种插件与Open vSwitch或任何供应商技术(如Cisco设备)进行交互。
自助服务和提供者网络可以组合使用,也可以专门用于定义实例可用的网络连接类型。提供者网络给实例一个到OpenStack外部网络的第二层连接,而租户网络需要一个OpenStack路由器将它们连接到外部网络。
RHCA认证需要经历5门的学习与考试,还是需要花不少时间去学习与备考的,好好加油,可以噶🤪。
以上就是【金鱼哥】对 第六章 管理OPENSTACK网络–章节实验 的简述和讲解。希望能对看到此文章的小伙伴有所帮助。
红帽认证专栏系列:
RHCSA专栏:戏说 RHCSA 认证
RHCE专栏:戏说 RHCE 认证
此文章收录在RHCA专栏:RHCA 回忆录
如果这篇【文章】有帮助到你,希望可以给【金鱼哥】点个赞,创作不易,相比官方的陈述,我更喜欢用【通俗易懂】的文笔去讲解每一个知识点。
如果有对【运维技术】感兴趣,也欢迎关注️️️ 【金鱼哥】️️️,我将会给你带来巨大的【收获与惊喜】!
边栏推荐
- Xingtu has been short of disruptive products?Will this M38T from the Qingdao factory be a breakthrough?
- Go iota关键字与枚举类型实现原理是什么
- ExcelPatternTool: Excel表格-数据库互导工具
- 【Day_08 0426】两种排序方法
- QT_QThread thread
- 【Day_10 0428】密码强度等级
- MySQL 45 讲 | 09 普通索引和唯一索引,应该怎么选择?
- 力扣每日一题-第45天-697. 数组的度
- 云原生全景图详解
- OpenCV installation, QT, VS configuration project settings
猜你喜欢
随机推荐
深入分析类加载器
SQL的索引详细介绍
QPalette调色板、框架色彩填充
阿里云的域名和ip绑定
SQL函数 TO_DATE(二)
8月微软技术课程,欢迎参与
Solve the problem that MySQL cannot insert Chinese data
Tower Defense Shoreline User Agreement
B005 - STC8 based single chip microcomputer intelligent street light control system
OpenCV installation, QT, VS configuration project settings
Leetcode71. Simplified Paths
Leetcode74. Search 2D Matrix
浅谈游戏音效测试点
CodeTON Round 2 (Div. 1 + Div. 2, Rated, Prizes!) 题解
力扣每日一题-第45天-697. 数组的度
SRM供应商管理系统如何助力口腔护理企业实现采购战略的转型升级
QLineEdit learning and use
频域分析实践介绍
顺序表的简单描述及代码的简单实现
Leetcode73. 矩阵置零