Home > Others

OpenStack Stuff Flow trend

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

A lot of netizens asked me how to communicate between OpenStack virtual machines. Below I outline how the virtual machine and virtual machine communication between the first virtual machine and virtual machine communication is divided into two

1 virtual machines for the same group of tenants are communicated between different host hosts

2 virtual machines for the same group of tenants communicate between the same host

3 communication between virtual machines in different tenants

Let's briefly introduce the first kind of communication.

650) this.width=650; "Src=" Http://s1.51cto.com/wyfs02/M02/85/FC/wKioL1exgm_TlCWWAAM581p4Q1I263.png-wh_500x0-wm_3 -wmp_4-s_481919411.png "title=" 1.png "alt=" Wkiol1exgm_tlcwwaam581p4q1i263.png-wh_50 "/>

Let's look at the VLAN network first, when VM1 sends packet to VM2, the bridge has two ports, tap and QVB, which are the first to pass through the QBR bridge. This bridge is made using Linux's iptable firewall to do some security rules. Let's say this rule releases traffic through the bridge to the next br-int.

Br-int The bridge receives the packet and forwards it to the Br-vlan bridge. Br-vlan This bridge will put a real tag on the packet and send it to the corresponding Br-vlan Bridge of the other compute node. The bag will be sent to Br-vlan on this bridge.

On the same node2 there is also a QBR bridge in charge of the flow of incoming and out. If this is allow then the packet is sent to the vm2.

In fact, when our OpenStack platform deployment is complete, Br-vlan and Br-int have been created below to see a few configuration files

Network node

in the Openvswitch_agent.ini file, configure the Open vSwitch agent:

[OVS]LOCAL_IP = Tunnel_interface_ip_addressbridge_mappings =, External:br-ex

Compute nodes

In the openvswitch_agent.ini file, configure the Open VSwitch agent:

[OVS]LOCAL_IP = Tunnel_interface_ip_addressbridge_mappings = Vlan:br-vlan

Of course, our iptables rules can also be seen in the config file.

[Securitygroup]firewall_driver = Iptables_hybrid

The above item is an option for configuration rules.


This article is from "Perfect world!" "Blog, be sure to keep this provenance http://shyln.blog.51cto.com/6890594/1838575

OpenStack Stuff Flow trend

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More