本文测试OpenStack虚拟网络设备,部署环境参考《OpenStack Installation Guide | Debug》,在没有创建任何虚拟机、虚拟设备时,控制节点的情况如下:
[[email protected] ~]# ip address show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:2b:df:df brd ff:ff:ff:ff:ff:ff inet 192.168.1.11/24 brd 192.168.1.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe2b:dfdf/64 scope link valid_lft forever preferred_lft forever3: ens37: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:81:a5:8f brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe81:a58f/64 scope link valid_lft forever preferred_lft foreve
使用管理员添加 网络类型为Flat的网络及子网,并启动DHCP服务
在控制节点上,可以看到:
可以看到,此时增加了两个虚拟的网络设备,分别为:
虚拟网桥:brqe4048220-7a
虚拟网卡:[email protected]
并且虚拟网卡[email protected] 和网卡ens37都是连到虚拟网桥上的
[[email protected] ~]# ip address show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:2b:df:df brd ff:ff:ff:ff:ff:ff inet 192.168.1.11/24 brd 192.168.1.255 scope global ens33 valid_lft forever preferred_lft forever inet6 fe80::250:56ff:fe2b:dfdf/64 scope link valid_lft forever preferred_lft forever3: ens37: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UP group default qlen 1000 link/ether 00:0c:29:81:a5:8f brd ff:ff:ff:ff:ff:ff inet6 fe80::20c:29ff:fe81:a58f/64 scope link valid_lft forever preferred_lft forever13: [email protected]: mtu 1500 qdisc noqueue master brqe4048220-7a state UP group default qlen 1000 link/ether 62:32:52:9c:e0:0b brd ff:ff:ff:ff:ff:ff link-netnsid 014: brqe4048220-7a: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:0c:29:81:a5:8f brd ff:ff:ff:ff:ff:ff inet6 fe80::74d6:5fff:fe0b:522c/64 scope link valid_lft forever preferred_lft forever [[email protected] ~]# brctl show brqe4048220-7abridge name bridge id STP enabled interfacesbrqe4048220-7a 8000.000c2981a58f no ens37 tapa6b763f6-de[[email protected] ~]# ip link show tapa6b763f6-de13: [email protected]: mtu 1500 qdisc noqueue master brqe4048220-7a state UP mode DEFAULT group default qlen 1000 link/ether 62:32:52:9c:e0:0b brd ff:ff:ff:ff:ff:ff link-netnsid 0
在计算节点上,此时可以看到,计算节点增加了一个
虚拟网桥:brqe4048220-7a
并且网卡ens37连接到虚拟网桥上
注意,此处计算节点和控制节点所建立的网桥名称是一致的。
[[email protected] ~]# ip address show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:38:45:fc brd ff:ff:ff:ff:ff:ff inet 192.168.1.31/24 brd 192.168.1.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::75c3:4efd:dbc6:64fc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: ens37: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff10: brqe4048220-7a: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff[[email protected] ~]# brctl show brqe4048220-7abridge name bridge id STP enabled interfacesbrqe4048220-7a 8000.000c29013f5c no ens37
下面我们创建一个虚拟机实例,来查看Linux 虚拟网络设备的变化情况
控制节点的虚拟网络设备信息没有变化,在计算节点上的网络设备信息变更为
虚拟网桥:brqe4048220-7a
虚拟网卡:tap9f2d322b-05
并且网卡ens37和新增的虚拟网卡tap9f2d322b-05都连接到虚拟网桥上
[[email protected] ~]# ip address show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:38:45:fc brd ff:ff:ff:ff:ff:ff inet 192.168.1.31/24 brd 192.168.1.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::75c3:4efd:dbc6:64fc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: ens37: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff10: brqe4048220-7a: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff12: tap9f2d322b-05: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN group default qlen 1000 link/ether fe:16:3e:8b:aa:4a brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fe8b:aa4a/64 scope link valid_lft forever preferred_lft forever[[email protected] ~]# brctl show brqe4048220-7abridge name bridge id STP enabled interfacesbrqe4048220-7a 8000.000c29013f5c no ens37 tap9f2d322b-05[[email protected] ~]# ip link show tap9f2d322b-0512: tap9f2d322b-05: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN mode DEFAULT group default qlen 1000 link/ether fe:16:3e:8b:aa:4a brd ff:ff:ff:ff:ff:ff
此时新建的虚拟机网络设备信息如下所示:
此时我们再次创建一个虚拟机VM2,然后查看计算节点和网络节点的网络设备状态
控制节点的虚拟网络设备信息没有变化,在计算节点上的网络设备信息变更为
虚拟网桥:brqe4048220-7a
虚拟网卡:tap9f2d322b-05、tap69652a23-3d
并且网卡ens37和虚拟网卡都连接到虚拟网桥上
[[email protected] ~]# ip address show1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever2: ens33: mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:50:56:38:45:fc brd ff:ff:ff:ff:ff:ff inet 192.168.1.31/24 brd 192.168.1.255 scope global noprefixroute ens33 valid_lft forever preferred_lft forever inet6 fe80::75c3:4efd:dbc6:64fc/64 scope link noprefixroute valid_lft forever preferred_lft forever3: ens37: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff10: brqe4048220-7a: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether 00:0c:29:01:3f:5c brd ff:ff:ff:ff:ff:ff12: tap9f2d322b-05: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN group default qlen 1000 link/ether fe:16:3e:8b:aa:4a brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fe8b:aa4a/64 scope link valid_lft forever preferred_lft forever13: tap69652a23-3d: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN group default qlen 1000 link/ether fe:16:3e:e5:a1:b0 brd ff:ff:ff:ff:ff:ff inet6 fe80::fc16:3eff:fee5:a1b0/64 scope link valid_lft forever preferred_lft forever[[email protected] ~]# [[email protected] ~]# [[email protected] ~]# brctl show brqe4048220-7abridge name bridge id STP enabled interfacesbrqe4048220-7a 8000.000c29013f5c no ens37 tap69652a23-3d tap9f2d322b-05[[email protected] ~]# ip link show tap9f2d322b-0512: tap9f2d322b-05: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN mode DEFAULT group default qlen 1000 link/ether fe:16:3e:8b:aa:4a brd ff:ff:ff:ff:ff:ff[[email protected] ~]# ip link show tap69652a23-3d13: tap69652a23-3d: mtu 1500 qdisc pfifo_fast master brqe4048220-7a state UNKNOWN mode DEFAULT group default qlen 1000 link/ether fe:16:3e:e5:a1:b0 brd ff:ff:ff:ff:ff:ff
查看虚拟机VM2网络设备信息
此时的两个虚拟机VM1和VM2是可以连通的
在计算节点上,使用virsh命令来查看虚拟机信息
[[email protected] ~]# virshWelcome to virsh, the virtualization interactive terminal.Type: 'help' for help with commands 'quit' to quitvirsh # list Id Name State---------------------------------------------------- 4 instance-00000034 running 5 instance-00000035 running
下面是virsh的一些常用命令:
virsh --help #查看命令帮忙virsh list #显示正在运行的虚拟机virsh list --all #显示所有的虚拟机virsh start vm-node1 #启动vm-node1虚拟机virsh shutdown vm-node1 #关闭vm-node1虚拟机virsh destroy vm-node1 #虚拟机vm-node1强制断电virsh suspend vm-node1 #挂起vm-node1虚拟机virsh resume vm-node1 #恢复挂起的虚拟机virsh undefine vm-node1 #删除虚拟机,慎用virsh dominfo vm-node1 #查看虚拟机的配置信息virsh domiflist vm-node1 #查看网卡配置信息virsh domblklist vm-node1 #查看该虚拟机的磁盘位置virsh edit vm-node1 #修改vm-node1的xml配置文件virsh dumpxml vm-node1 #查看KVM虚拟机当前配置virsh dumpxml vm-node1 > vm-node1.bak.xml #备份vm-node1虚拟机的xml文件,原文件默认路径/etc/libvirt/qemu/vm-node1.xmlvirsh autostart vm-node1 #KVM物理机开机自启动虚拟机,配置后会在此目录生成配置文件/etc/libvirt/qemu/autostart/vm-node1.xmlvirsh autostart --disable vm-node1 #取消开机自启动
查看虚拟机的网卡配置
virsh # domiflist instance-00000034Interface Type Source Model MAC-------------------------------------------------------tap9f2d322b-05 bridge brqe4048220-7a virtio fa:16:3e:8b:aa:4avirsh # dumpxml instance-00000034... <interface type='bridge'> <mac address='fa:16:3e:8b:aa:4a'/> <source bridge='brqe4048220-7a'/> <target dev='tap9f2d322b-05'/> <model type='virtio'/> <driver name='qemu'/> <mtu size='1500'/> <alias name='net0'/> <address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/> interface>...
虚拟机的配置信息和我们在Linux平台上查到的虚拟设备信息是一致的。上述的测试实验验证了我们在文章中介绍的flat网络模型,《OpenStack 网络服务 | flat network》。
此处需要补充说明的是OpenStack是云管理平台,其本身不提供虚拟化功能,真正的虚拟化能力是底层的Hypervisor(例如KVM、QEMU、Xen等)提供的,OpenStack通过调用libvirt来实现虚拟化层的控制,libvirt具备的跨平台的属性使得OpenStack兼容多种虚拟化的技术。如下图所示
相关历史文章点击下面连接:
《OpenStack Installation Guide | Debug》
《OpenStack 架构 | 麒麟云》
《Openstack 创建实例》
《openstack 环境 demo | 易捷行云》
《OpenStack虚拟网络 | openvswitch》
《OpenStack | Linux Bridge vs Open vSwitch》
《OpenStack虚拟网络 | Linux Bridge》
《OpenStack 网络服务 | flat network》
《OpenStack 网络服务 | local network》
《OpenStack 网络服务 | vlan network》
《OpenStack Glance | 镜像文件的创建》
《Openstack | 云计算安全防护需求》
《Openstack 安全| iptables》
《Openstack Neutron | 安全组 vs 防火墙》
《Openstack Neutron | 租户网络 vs 运营商网络》
《OpenStack实例正确设置九大技巧》
《Linux 虚拟网络设备 | 网桥 & 网卡》