描述 需求产生场景
1、用户在虚机运行 K8S ,采用 VLAN 模式组网,要求 VM 端口要支持 trunk,支持多个 VLAN 网络数据在同一虚拟网卡上传输。
2、需要动态的增删虚拟机上的网络接口。通过增删vlan相对来说更加简单和快捷。
openstack version:train
网络名称 模式 vlan idVm_Trunk_Net_500 vlan 500
Vm_Sub_Net_501 vlan 501
Vm_Sub_Net_502 vlan 502
配置实现
在 neuteon server plugin 中启用 trunk
1、kolla-ansible部署openstack的修改方式
$ vim /etc/kolla/conf/neutron.conf service_plugins=router,trunk # 执行让neutron配置生效 $ kolla-ansible -i /etc/ansible/hosts -t neutron deploy2、手工部署opensatck修改方式
$ vim ${neutron_path}/neutron.conf [DEFAULT] service_plugins = router,trunk # 重启neutron相关服务 创建VM trunk ports # 从Vm_Trunk_Net_500网络创建一个端口作为父端口 $ openstack port create --network Vm_Trunk_Net_500 parent-trunk-port 点击查看创建父端口详情$ openstack port create --network Vm_Trunk_Net_500 parent-trunk-port +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | UP | | allowed_address_pairs | | | binding_host_id | | | binding_profile | | | binding_vif_details | | | binding_vif_type | unbound | | binding_vnic_type | normal | | created_at | 2022-02-28T00:27:33Z | | data_plane_status | None | | description | | | device_id | | | device_owner | | | dns_assignment | None | | dns_domain | None | | dns_name | None | | extra_dhcp_opts | | | fixed_ips | ip_address='10.0.1.53', subnet_id='adc1d30e-b08f-46e9-8f09-45ad06eaed12' | | id | 1f7835f4-fe89-46fc-ba8c-7ce93d9a5bb2 | | location | cloud='', project.domain_id=, project.domain_name='Default', project.id='a3f435fc08854b828b3346aa1581d39f', project.name='admin', region_name='RegionOne', zone= | | mac_address | fa:16:3e:7f:ca:16 | | name | parent-trunk-port | | network_id | 96485d8a-0600-44b1-a535-c813fe9a7a86 | | port_security_enabled | False | | project_id | a3f435fc08854b828b3346aa1581d39f | | propagate_uplink_status | None | | qos_policy_id | None | | resource_request | None | | revision_number | 1 | | security_group_ids | | | status | DOWN | | tags | | | trunk_details | None | | updated_at | 2022-02-28T00:27:33Z | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ # 创建一个trunk connection,关联父端口(parent-trunk-port),trunk名字为parent-trunk $ openstack network trunk create --parent-port parent-trunk-port parent-trunk +-----------------+--------------------------------------+ | Field | Value | +-----------------+--------------------------------------+ | admin_state_up | UP | | created_at | 2022-02-28T00:28:53Z | | description | | | id | 5e579416-218e-4fca-8743-bee2654f3d4a | | name | parent-trunk | | port_id | 1f7835f4-fe89-46fc-ba8c-7ce93d9a5bb2 | | project_id | a3f435fc08854b828b3346aa1581d39f | | revision_number | 0 | | status | DOWN | | sub_ports | | | tags | [] | | tenant_id | a3f435fc08854b828b3346aa1581d39f | | updated_at | 2022-02-28T00:28:53Z | +-----------------+--------------------------------------+ # 查看创建好的trunk口(最后会把trunk口挂给VM作为port) $ openstack network trunk list +--------------------------------------+--------------+--------------------------------------+-------------+ | ID | Name | Parent Port | Description | +--------------------------------------+--------------+--------------------------------------+-------------+ | 5e579416-218e-4fca-8743-bee2654f3d4a | parent-trunk | 1f7835f4-fe89-46fc-ba8c-7ce93d9a5bb2 | | +--------------------------------------+--------------+--------------------------------------+-------------+ # 创建两个 subports,作为trunk 的子接口,也就是实际放通的vlan $ openstack port create --network Vm_Sub_Net_501 subport-trunk-port-vlan501 $ openstack port create --network Vm_Sub_Net_502 subport-trunk-port-vlan502 点击查看创建subports详情$ openstack port create --network Vm_Sub_Net_501 subport-trunk-port-vlan501 +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | UP | | allowed_address_pairs | | | binding_host_id | | | binding_profile | | | binding_vif_details | | | binding_vif_type | unbound | | binding_vnic_type | normal | | created_at | 2022-02-28T00:35:26Z | | data_plane_status | None | | description | | | device_id | | | device_owner | | | dns_assignment | None | | dns_domain | None | | dns_name | None | | extra_dhcp_opts | | | fixed_ips | ip_address='192.168.2.189', subnet_id='f1931d63-c58b-4a5e-a627-b0c3e0cfe108' | | id | ccb00cc7-8ef5-4c98-9778-c86c11a9da2d | | location | cloud='', project.domain_id=, project.domain_name='Default', project.id='a3f435fc08854b828b3346aa1581d39f', project.name='admin', region_name='RegionOne', zone= | | mac_address | fa:16:3e:2e:76:25 | | name | subport-trunk-port-vlan501 | | network_id | 8fc28fb7-d24c-4dc5-97f1-bcdb7116323d | | port_security_enabled | False | | project_id | a3f435fc08854b828b3346aa1581d39f | | propagate_uplink_status | None | | qos_policy_id | None | | resource_request | None | | revision_number | 1 | | security_group_ids | | | status | DOWN | | tags | | | trunk_details | None | | updated_at | 2022-02-28T00:35:26Z | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ $ openstack port create --network Vm_Sub_Net_502 subport-trunk-port-vlan502 +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | UP | | allowed_address_pairs | | | binding_host_id | | | binding_profile | | | binding_vif_details | | | binding_vif_type | unbound | | binding_vnic_type | normal | | created_at | 2022-02-28T00:35:51Z | | data_plane_status | None | | description | | | device_id | | | device_owner | | | dns_assignment | None | | dns_domain | None | | dns_name | None | | extra_dhcp_opts | | | fixed_ips | ip_address='192.168.2.157', subnet_id='c1a6e47d-babe-4cd8-b953-07e7773015ef' | | id | 04b64548-4499-4997-a8eb-340c47fe6e03 | | location | cloud='', project.domain_id=, project.domain_name='Default', project.id='a3f435fc08854b828b3346aa1581d39f', project.name='admin', region_name='RegionOne', zone= | | mac_address | fa:16:3e:b8:64:de | | name | subport-trunk-port-vlan502 | | network_id | 0c590e19-9aca-4cb6-ae70-0e7124160a39 | | port_security_enabled | False | | project_id | a3f435fc08854b828b3346aa1581d39f | | propagate_uplink_status | None | | qos_policy_id | None | | resource_request | None | | revision_number | 1 | | security_group_ids | | | status | DOWN | | tags | | | trunk_details | None | | updated_at | 2022-02-28T00:35:51Z | +-------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------+ # 把subport关联到trunk(parent-trunk) # subport-trunk-port-vlan501 = ccb00cc7-8ef5-4c98-9778-c86c11a9da2d # subport-trunk-port-vlan502 = 04b64548-4499-4997-a8eb-340c47fe6e03 # port=subport-id,segmentation-type=网络模式,segmentation-id=subport-vlan-id $ openstack network trunk set --subport port=ccb00cc7-8ef5-4c98-9778-c86c11a9da2d,segmentation-type=vlan,segmentation-id=501 parent-trunk $ openstack network trunk set --subport port=04b64548-4499-4997-a8eb-340c47fe6e03,segmentation-type=vlan,segmentation-id=502 parent-trunk # 查看trunk口的信息,看看是否把subport关联到trunk口成功, sub_ports字段有你关联的子接口即为成功。 $ openstack network trunk show parent-trunk +-----------------+-------------------------------------------------------------------------------------------------+ | Field | Value | +-----------------+-------------------------------------------------------------------------------------------------+ | admin_state_up | UP | | created_at | 2022-02-28T00:28:53Z | | description | | | id | 5e579416-218e-4fca-8743-bee2654f3d4a | | name | parent-trunk | | port_id | 1f7835f4-fe89-46fc-ba8c-7ce93d9a5bb2 | | project_id | a3f435fc08854b828b3346aa1581d39f | | revision_number | 2 | | status | DOWN | | sub_ports | port_id='ccb00cc7-8ef5-4c98-9778-c86c11a9da2d', segmentation_id='501', segmentation_type='vlan' | | | port_id='04b64548-4499-4997-a8eb-340c47fe6e03', segmentation_id='502', segmentation_type='vlan' | | tags | [] | | tenant_id | a3f435fc08854b828b3346aa1581d39f | | updated_at | 2022-02-28T00:41:11Z | +-----------------+-------------------------------------------------------------------------------------------------+ 把trunk口挂给虚拟机使用。 # nova interface-attach ${vm-id} --port-id ${trunk-port-id} $ nova interface-attach 072beefc-ff79-4baa-bb8c-6e7f754399c2 --port-id 5e579416-218e-4fca-8743-bee2654f3d4a # 接下来可分别在centos虚拟机,创建两个子接口,vlan分别为501,502。 # 可采用tcpdump -i ${interface} -nne icmp 抓虚拟机所在宿主机物理口的流量,看看是否打上相应的tag出去。