Interpreting the purpose and analysis of mirantis fuel deploying OpenStack networks

First of all, I have to say sorry, before the environmental damage, has no machine to test, so the previous article to the third end has not found the time and environment to continue testing, here is a brief talk about fuel network.

The most complex deployment of OpenStack should be part of the network, fuel simplifies the deployment of OpenStack while the network type is also confusing for beginners, let me briefly explain my understanding.

is a few of the network types we encountered when deploying with fuel, which is deployed using neutron VLAN mode.

650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6F/4A/wKioL1WXp2zyjbMVAAK5gSAsBGg204.jpg "title=" Qq20150704171855.png "alt=" Wkiol1wxp2zyjbmvaak5gsasbgg204.jpg "/>

We conclude that there are roughly five networks:

1, PXE (Deployment network): This is the deployment of network, that is, when the node is set up when the network boot, the first to obtain the IP address of the network card, the NIC once acquired IP from this network card boot, you can not like other networks manual changes, and can not be bound, so generally independent out, It is not recommended to mix with other networks in the production environment. In order to differentiate, generally our mode uses the network card's first network port or the last network port to start, and cannot exist the DHCP, otherwise the network authentication will certainly error, but can still be forced to deploy.

2, Storage (Storage network): Storage network, as the name implies is dedicated to the storage use of the private network. I like to use Ceph as a unified storage for Nova, cinder and glance, simple and shared. At this point the storage network is the equivalent of Ceph's cluster network, which is used for synchronization and internal rebalance of the second to third copy of the data. In fact, this network traffic is still very large, especially the more storage nodes, read IO high case.

3. Public: It actually contains two networks, a common network and a floating IP network. The first deployment of these two networks must be in the same network segment, after the deployment is complete can manually add additional floating IP network segment, at this time note and the switch interconnect port needs to be set to trunk. Public is mainly used for external access, one is the external user to manage the physical machine through the public network access, first to the controller node, and then jump to the compute node, of course, can also manually configure the compute and Storage node public IP. The second is that the network node is above the controller node, which is often said neutron L3, if the virtual machine assigned floating IP needs to access the external network, such as the company or the Internet, or the external network through the floating IP access to the virtual machine. We know that the floating IP is going to the network node, that is, the control node neutron L3 do dnat out.

In fact, many people worry that this is a bottleneck, worry more, really. Of course, if you have hundreds of physical nodes, or north-south traffic mainly, then use the evaluation. There is also if you do not need elastic IP, you can also consider through private, that is, compute nodes directly to the switch.

4, Private (private network): This network is mainly used for internal communications, such as cloud host external access to the controller node, that public and only controller node, then how it is to the controller node, Of course, through the private network. When we deployed, we saw that it had 30 VLANs by default, which is VLAN ID 1000-1030. We know that OpenStack can have a lot of tenants, each tenant can have their own network, the network of subnets in different tenants can be the same, the problem comes, how this is achieved, how to do the isolation. This is what this VLAN does, using VLANs to isolate each subnet, which uses a VLAN for isolation, ensuring network isolation and non-conflict between different tenants. These 30 VLANs can build 30 subnets, and you can change according to the actual needs. This private also needs an uplink port, that is, the port connected to the switch is trunk.

5, MGMT (Management Network): The use of this management network can be large, one is the internal components of OpenStack communication between the management, that is, the API, Keystone Authentication Ah, monitoring ah what is going on this network. That is supposed to be a little traffic ah, of course, in fact, this MGMT network has another use, that is to act as the public network of Ceph, there is a public network and the public network before the difference between, don't faint ha. In fact, is the public network, is relative to Ceph, said storage network is ceph cluster networks, for internal data synchronization and rebalance, that external traffic how to write it, that is our mgmt network. Virtual machine data is written through an external network, and then this traffic is written to the Ceph cluster via the MGMT network, then this data is the primary copy of Ceph, so this network traffic is also very large, because it is external write and access, so compared to the Ceph cluster, it can also be called public The network.

If it is a production environment, in fact, the requirements of the network is quite high, network redundancy, that is, binding is necessary. This requires network card redundancy, line redundancy, switch redundancy, and so on. Of course also involves the bandwidth of the traffic, such as whether the need for gigabit network card, the cost of the deployment is quite large, need not network physical separation, a few million, or all million, need to be evaluated according to traffic. For example, in an environment mgmt and storage traffic presumably is not small, equipped with the million Gigabit network card is the brunt. Then the north-south flow of public and east-west traffic to the private this is to be evaluated according to the business, of course, the bandwidth of PXE, gigabit is enough.

Above is personal experience and understanding, if there is doubt welcome message discussion, if there is insufficient, welcome to shoot bricks, haha.

This article is from the "Heavenly Soul Eternal" blog, please be sure to keep this source http://tianhunyongheng.blog.51cto.com/1446947/1670933

Interpreting the purpose and analysis of mirantis fuel deploying OpenStack networks