Home > Others

Neutron SDN Manual Implementation Manual

Source: Internet
Author: User
Tags openvswitch
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

Introduction to Installation Architecture

The purpose of this paper is to build an environment of SDN, such as Neutron (Openvswitch + GRE), to learn how it works, to simulate the core principles, such as: the same tenant custom network instance interoperability, manually for instance distribution floating IP and other phase Content. <ignore_js_op>

Virtual network

You need to create a new 3 virtual network Net0, Net1, and Net2, which are configured in virtual box as follows.

    1. Net0:
    2. Network Name:virtualbox host-only Ethernet adapter#2
    3. Purpose:administrator/management Network
    4. IP block:10.20.0.0/24
    5. Dhcp:disable
    6. Linux Device:eth0
    8. Net1:
    9. Network Name:virtualbox host-only Ethernet adapter#3
    10. Purpose:public Network
    11. Dhcp:disable
    12. IP block:172.16.0.0/24
    13. Linux device:eth1
    15. Net2:
    16. Network Name:virtualbox host-only Ethernet adapter#4
    17. Purpose:storage/private Network
    18. Dhcp:disable
    19. IP block:192.168.4.0/24
    20. Linux Device:eth2
Copy Code

Virtual machines

You need to create a new 2 virtual machine VM1 and VM2, which are configured as follows.

    1. VM1:
    2. Name:network1
    3. Vcpu:1
    4. memory:1g
    5. disk:30g
    6. Network:net1,net2,net3
    8. VM2:
    9. Name:compute1
    10. Vcpu:1
    11. memory:1g
    12. disk:30g
    13. Networks:net1,net2,net3
Copy Code

Linux Interface Settings

    1. Network1
    2. eth0:10.20.0.201 (Management Network)
    3. eht1:172.16.0.201 (Public/external Network)
    4. eht2:192.168.4.201 (Private Network,gre tunning)
    6. Compute1
    7. ETH0:10.20.0.202 (Management Network)
    8. EHT1: (Disabled)
    9. eht2:192.168.4.202 (Private Network,gre tunning)
Copy Code

Simulating the installation of network nodes (NETWORK1)

Analog Network node-related implementation, such as L3, dhcp-agent implementation, in order to simulate the multi-node network situation, here also simulates a compute node, the simulation M2 Openvswitch implementation, the above run Instance1.

Network Interface Configuration

    1. Vi/etc/sysconfig/network-scripts/ifcfg-eth0
    2. Device=eth0
    3. Type=ethernet
    4. Onboot=yes
    5. Nm_controlled=yes
    6. Bootproto=static
    7. ipaddr=10.20.0.201
    8. netmask=255.255.255.0
    10. Vi/etc/sysconfig/network-scripts/ifcfg-eth1
    11. Device=eth1
    12. Type=ethernet
    13. Onboot=yes
    14. Nm_controlled=yes
    15. Bootproto=static
    16. ipaddr=172.16.0.201
    17. netmask=255.255.255.0
    19. Vi/etc/sysconfig/network-scripts/ifcfg-eth2
    20. Device=eth2
    21. Type=ethernet
    22. Onboot=yes
    23. Nm_controlled=yes
    24. Bootproto=static
    25. ipaddr=192.168.4.201
    26. netmask=255.255.255.0
Copy Code



Restart Network Service

    1. Service Network restart
Copy Code



Install the package that needs to be used

    1. Yum install libvirt openvswitch python-virtinst Xauth tigervnc-y
Copy Code

Remove the default Libvirt network for easy and clear analysis of network conditions

    1. Virsh Net-destroy Default
    2. Virsh Net-autostart--disable Default
    3. Virsh net-undefine Default
Copy Code



Set Allow Ipforwarding

    1. Vi/etc/sysctl.conf
    2. Net.ipv4.ip_forward=1
    3. Net.ipv4.conf.all.rp_filter=0
    4. Net.ipv4.conf.default.rp_filter=0
Copy Code

Immediate effect

    1. Sysctl-p
Copy Code



Start Openvswitch

    1. Service Openvswitch Start
    2. Chkconfig Openvswitch on
Copy Code



Create a Linux Bridge

    1. Brctl ADDBR Qbr01
    2. IP link Set Qbr01 up
Copy Code

Create a instance and connect to Qbr01 Bridge, the network Interface section is configured as follows

    1. <interface type= ' bridge ' >
    2. <source bridge= ' Qbr01 '/>
    3. <target dev= ' tap01 '/>
    4. <model type= ' Virtio '/>
    5. <driver name= ' Qemu '/>
    6. <address type= ' PCI ' domain= ' 0x0000 ' bus= ' 0x00 ' slot= ' 0x03 ' function= ' 0x0 '/>
    7. </interface>
Copy Code



You can refer to the attachment./gre/instance1.xml Create

    1. CP ~/gre//var/tmp/
    2. Cd/var/tmp/gre
    3. MV Cirros-0.3.0-x86_64-disk.img instance1.img
    4. Virsh Define Instance1.xml
    5. Virsh start Instance1
    6. Virsh Vncdisplay Instance1
    7. vncviewer:0
Copy Code



After you start the console, login to add the IP address 192.168.1.11

    1. IP addr Add 192.168.1.11/24 dev eth0
    2. Route add default GW 192.168.1.1
Copy Code

Create an internal bridge br-int, simulate OpenStack integrated bridge

    1. Ovs-vsctl ADD-BR Br-int
    2. Ovs-vsctl add-port br-int gre0--set interface gre0 Type=gre options:remote_ip=192.168.4.202
Copy Code

Create a Veth peer, connect the Linux bridge ' Qbr01 ' and Openvswich Bridge ' Br-ini '

    1. IP link Add qvo01 type Veth peer name Qvb01
    2. Brctl addif Qbr01 QVB01
    3. Ovs-vsctl Add-port Br-int qvo01
    4. Ovs-vsctl Set Port qvo01 tag=100
    5. IP link Set qvb01 up
    6. IP link Set qvo01 up
Copy Code

Check out the Br-int on NETWORK1 now.

    1. Ovs-vsctl Show
Copy Code



Simulating installation compute nodes (COMPUTE1)


Network Interface Configuration

    1. Vi/etc/sysconfig/network-scripts/ifcfg-eth0
    2. Device=eth0
    3. Type=ethernet
    4. Onboot=yes
    5. Nm_controlled=yes
    6. Bootproto=static
    7. ipaddr=10.20.0.202
    8. netmask=255.255.255.0
    10. Vi/etc/sysconfig/network-scripts/ifcfg-eth1
    11. Device=eth1
    12. Type=ethernet
    13. Onboot=yes
    14. Nm_controlled=yes
    15. Bootproto=static
    16. ipaddr=172.16.0.202
    17. netmask=255.255.255.0
    19. Vi/etc/sysconfig/network-scripts/ifcfg-eth2
    20. Device=eth2
    21. Type=ethernet
    22. Onboot=yes
    23. Nm_controlled=yes
    24. Bootproto=static
    25. ipaddr=192.168.4.202
    26. netmask=255.255.255.0
Copy Code

Restart Network Service

    1. Service Network restart
Copy Code

Install the package that needs to be used

    1. Yum install libvirt openvswitch python-virtinst Xauth tigervnc
Copy Code

Remove the Libvirt default network

    1. Virsh Net-destroy Default
    2. Virsh Net-autostart--disable Default
    3. Virsh net-undefine Default
Copy Code

Set Allow Ipforwarding

    1. Vi/etc/sysctl.conf
    2. Net.ipv4.ip_forward=1
    3. Net.ipv4.conf.all.rp_filter=0
    4. Net.ipv4.conf.default.rp_filter=0
Copy Code

Immediate effect

    1. Sysctl-p
Copy Code



Start Openvswitch

    1. Service Openvswitch Start
    2. Chkconfig Openvswitch on
Copy Code

Create a Linux Bridge

    1. Brctl ADDBR Qbr02
    2. IP link Set qbr02 up
Copy Code



Create a VM and connect to the Qbr02

On the GRE directory to the COMPUTE1 node, you can refer to the attachment./gre/instance2.xml Create

    1. CP ~/gre//var/tmp/
    2. Cd/var/tmp/gre
    3. MV Cirros-0.3.0-x86_64-disk.img instance2.img
    4. Virsh Define Instance2.xml
    5. Virsh Start Instance2
    6. Virsh Vncdesplay Instance2
    7. vncviewer:0
Copy Code



After you start the console, login to add IP to know 192.168.1.12

    1. IP addr Add 192.168.1.12/24 dev eth0
    2. Route add default GW 192.168.1.1
Copy Code

Create an internal bridge br-int, simulate OpenStack integrated bridge

    1. Ovs-vsctl ADD-BR Br-int
    2. Ovs-vsctl add-port br-int gre0--set interface gre0 Type=gre options:remote_ip=192.168.4.201
Copy Code

Create a Veth peer, connect the Linux bridge ' Qbr02 ' and Openvswich Bridge ' Br-ini '

    1. IP link Add qvo02 type Veth peer name qvb02
    2. Brctl addif Qbr02 QVB02
    3. Ovs-vsctl Add-port Br-int qvo02
    4. Ovs-vsctl Set Port qvo02 tag=100
    5. IP link Set qvb02 up
    6. IP link Set qvo02 up
Copy Code

Check out the Br-int on NETWORK1 now.

    1. Ovs-vsctl Show
Copy Code



Check if the Instance1 can be connected to the INSTANCE2 console

    1. Ping 192.168.1.11
Copy Code

Access to private network of tenants through networking Namespace

Add a namespace,dhcp01 to isolate the tenant network.

    1. IP netns Add dhcp01
Copy Code

192.168.1.0/24 for a private network, creating a DHCP service in the namespace Dhcp01

    1. Ovs-vsctl add-port br-int TAPDHCP01--set interface Tapdhcp01 type=internal
    2. Ovs-vsctl Set Port Tapdhcp01 tag=100
    4. IP link set tapdhcp01 netns dhcp01
    5. IP netns exec dhcp01 IP addr add 192.168.1.2/24 dev tapdhcp01
    6. IP netns exec dhcp01 IP link set tapdhcp01 up
Copy Code



Check network connectivity, Access Instance1 and Instance2 in namespace

    1. IP netns exec dhcp01 ping 192.168.1.12
    2. IP netns exec dhcp01 ping 192.168.1.11
Copy Code



L3 router through Network Namespace and iptables

Ovs-vsctl ADD-BR Br-ex

Reconfigure Eth1 and Br-ex

    1. Vi/etc/sysconfig/network-scripts/ifcfg-eth1
    3. Device=eth1
    4. Onboot=yes
    5. Bootproto=none
    6. Promisc=yes
    7. mtu=1546
    9. Vi/etc/sysconfig/network-scripts/ifcfg-br-ex
    11. Device=br-ex
    12. Type=bridge
    13. Onboot=yes
    14. Bootproto=none
    15. ipaddr0=172.16.0.201
    16. Prefix0=24
Copy Code

Restart the Network Service

    1. Ovs-vsctl add-port br-ex eth1 && Service Network restart
Copy Code

Check the network for connectivity after configuration

    1. Ping 172.16.0.201
Copy Code



Add a Namespace,router01 for routing and floating IP assignment

    1. IP netns Add Router01
Copy Code

Add an interface to Br-int as a gateway to the private network 192.168.1.0/24

    1. Ovs-vsctl add-port br-int Qr01--set interface Qr01 type=internal
    2. Ovs-vsctl Set Port Qr01 tag=100
    4. IP link set Qr01 netns Router01
    5. IP netns exec router01 IP addr add 192.168.1.1/24 dev Qr01
    6. IP netns exec router01 IP link set qr01 up
    7. IP netns exec router01 IP link set lo up
Copy Code



Add an interface in Br-ex for private network 192.168.1.0/24 set next hop address

    1. Ovs-vsctl add-port Br-ex QG01--set interface qg01 type=internal
    2. IP link set qg01 netns Router01
    3. IP netns exec router01 IP addr add 172.16.0.100/24 dev qg01
    4. IP netns exec router01 IP link set qg01 up
    5. IP netns exec router01 IP link set lo up
Copy Code



Analog assignment floating IP access Instance1

assigning floating ip,172.16.0.101 to Instance1 192.168.1.11

    1. IP netns exec router01 IP addr add 172.16.0.101/32 dev qg01
    3. IP netns exec router01 iptables-t nat-a output-d 172.16.0.101/32-j DNAT--to-destination 192.168.1.11
    4. IP netns exec router01 iptables-t nat-a prerouting-d 172.16.0.101/32-j DNAT--to-destination 192.168.1.11
    5. IP netns exec router01 iptables-t nat-a postrouting-s 192.168.1.11/32-j SNAT--to-source 172.16.0.101
    6. IP netns exec router01 iptables-t nat-a postrouting-s 192.168.1.0/24-j SNAT--to-source 172.16.0.100
Copy Code



Test floating IP

    1. Ping 172.16.0.101
Copy Code

If you need to clear NAT chain

    1. Iptables-t nat-f

Neutron SDN Manual Implementation Manual

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
apc manual call manual cc manual codeigniter manual comand manual composer manual concept manual

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More