Floating IP 是相对于Fixed IP而言的,它一般是在VM创建后分配给VM的,可以达到的目的就是,外界可以访问通过这个Floating Ip访问这个VM,VM也可以通过这个IP访问外界。
在OpenStack中,这个Floating IP使用了namespace内的iptables建立NAT 转发机制来达到VM与外界的通讯的。这片文章主要讲述如何使用OpenStack搭建和使用Floating IP.
Environment Setup
Ubuntu 14.04 LTS
2个网卡,分别是eth0(192.168.1.46) 和 eth1(192.168.2.46,这个interface在switch使用vlanid=100)
如果你的机器是VM,请参照?language=en_US&cmd=displayKC&externalId=1004099,去开启eth0 和eth1的promisic模式, 这一步很关键,如果没有启用,外界是无法ping通分配给VM的Floating IP的
Devstack Configuration
启用Nova, Neutron, Cinder, Keystone, Glance
安装OpenvSwitch,然后做如下配置
# Add eth1 into br-eth1 and set eth0 and eth1 to promisc mode sudo ovs-vsctl br-exists br-eth1 || sudo ovs-vsctl add-br br-eth1 sudo ovs-vsctl --may-exist add-port br-eth1 eth1 sudo ip link set dev eth1 promisc on sudo ip link set dev eth0 promisc on sudo ip addr flush eth1 sudo ip link set dev eth1 up
Devstack local.conf
# Note: please change XX to your devstack node IP, change VLAN_START and VLAN_END to your reserved vlan range Here # 我的IP是192.168.1.46, 所在网络是192.168.1.0/24 [[local|localrc]] # Set API endpoint host using HOST_IP HOST_IP=XX # Use to specify the endpoint SERVICE_HOST=XX ADMIN_PASSWORD=welcome MYSQL_PASSWORD=welcome RABBIT_PASSWORD=welcome SERVICE_PASSWORD=welcome SERVICE_TOKEN=welcome disable_service h-eng disable_service h-api disable_service h-api-cfn disable_service h-api-cw disable_service tempest #enable_service tempest disable_service dstat # Enable Neturon disable_service n-net enable_service q-svc enable_service q-agt enable_service q-dhcp enable_service q-l3 enable_service q-meta enable_service neutron # stack.sh will freshen each repo on each run if RECLONE # is set to yes RECLONE=True # Setting OFFLINE=True to enable stack.sh to run multiple # times without an Internet connection OFFLINE=False # Set FLAT_INTERFACE to the Ethernet interface that connects # the host to your local network FLAT_INTERFACE=eth1 #FLOATING_RANGE=192.168.1.0/24 #Q_FLOATING_ALLOCATION_POOL=start=192.168.1.100,end=192.168.1.119 #PUBLIC_NETWORK_GATEWAY=192.168.1.30 PUBLIC_INTERFACE=eth0 PHYSICAL_NETWORK=public_eth1 OVS_PHYSICAL_BRIDGE=br-ex #PUBLIC_BRIDGE=br-ex FIXED_RANGE=192.168.100.0/24 #FIXED_NETWORK_SIZE=32 NETWORK_GATEWAY=192.168.100.1 # IMAGE_URLS accepts a comma separated list of images to pre-load into OpenStack IMAGE_URLS=http://download.cirros-cloud.net/0.3.4/cirros-0.3.4-x86_64-disk.img [[post-config|$NOVA_CONF]] [DEFAULT] rpc_response_timeout=300 service_down_time=300 libvirt_iscsi_use_multipath = True #force_config_drive = False [libvirt] iscsi_use_multipath = True [database] max_pool_size=40 max_overflow=60 [[post-config|/$Q_PLUGIN_CONF_FILE]] [ml2] tenant_network_types = vlan,flat [ml2_type_flat] flat_networks = public_eth0 [ml2_type_vlan] network_vlan_ranges = public_eth1:VLAN_START:VLAN_END [ovs] bridge_mappings = public_eth0:br-ex,public_eth1:br-eth1 enable_tunneling = False
Setup flat and vlan network
接下来,我要做两件事,一个是创建一个VLAN ID为100的private network,以后的虚拟机默认是从这个网络分配IP的。
然后是一个flat的public network,这个网络上是用来分配floating IP
创建private network,VLAN ID为100