Network topology
With the tap device and Veth pair, we can look at the network of OpenStack compute nodes.
First, the virtual machine connects Linux bridge through the TAP device
Secondly, the interworking between Linxu Bridge and OvS Bridge is realized through Vethpair
Finally, the two-layer network interoperability of the cloud platform is realized by mounting the Ovsbridge onto the physical network card.
As for why there are two-tier Network bridge: This is related to the concept of security group, the security group in OpenStack to open which ports, shielding which ports are implemented with Iptables, However br-int these virtual bridge are created by Openvswitch, Openvswitch kernel mode and NetFilter mode are incompatible, an IP packet comes in or goes kernel the rules of processing, Or go openvswitch the rules for processing, through the complex diagram above we can see that Br-int has a lot of openvswitch rules, such as VLAN tag, so iptables have to create a separate Linux bridge to do, So with the QBR, in understanding the topology, you can ignore QBR, as the VM directly connected to the Br-int on it. brief analysis of virtual device startup
When a virtual machine is created, it is a netwoking state, and its implementation is to request a port in the neutron.
Based on the above experiment, we can imagine its network configuration mode:
1, create a tap device
2, create QBR Network Bridge
3, create Veth Pair,qvo and QVB
4, add the QVB to the QBR
5, add the Qvo to the Br-int
6, based on these network devices to start the virtual machine, the realization of network interoperability
7, assigning virtual machine IP through DHCP
Reference Documentation:
Http://www.cnblogs.com/popsuper1982/p/3800233.html
Http://www.cnblogs.com/popsuper1982/p/3931783.html