在https://blog.51cto.com/u_14814545/5169584基础上,实现内外网
控制端
[root@control1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@control1 ~]# grep "^[a-Z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth1,external:eth0
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_vxlan = false[root@control1 ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
flat_networks = internal,external重启neutron服务
[root@control1 ~]# systemctl restart neutron-linuxbridge-agent
[root@control1 ~]# systemctl restart neutron-server计算节点
[root@node1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[root@node1 ~]# grep "^[a-Z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth1,external:eth0
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_vxlan = false重启neutron服务
[root@node1 ~]# systemctl restart neutron-linuxbridge-agent
[root@node2 ~]# systemctl restart neutron-linuxbridge-agent控制端创建网络
创建外网
[root@control1 ~]# source admin.sh
[root@control1 ~]# neutron net-create --shared --provider:physical_network external \
> --provider:network_type flat external-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-04-05T10:41:56Z |
| description | |
| id | aa310624-a955-44bd-854c-c03d8b74ffaf |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1500 |
| name | external-net |
| port_security_enabled | True |
| project_id | abd8ed2affc3440eb98d996a13cc6cbd |
| provider:network_type | flat |
| provider:physical_network | external |
| provider:segmentation_id | |
| revision_number | 1 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | abd8ed2affc3440eb98d996a13cc6cbd |
| updated_at | 2022-04-05T10:41:56Z |
+---------------------------+--------------------------------------+
[root@control1 ~]# neutron subnet-create --name external-subnet\
> --allocation-pool start=192.168.47.100,end=192.168.47.200 \
> --dns-nameserver 223.5.5.5 external-net 192.168.47.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.47.100", "end": "192.168.47.200"} |
| cidr | 192.168.47.0/24 |
| created_at | 2022-04-05T10:47:25Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 192.168.47.1 |
| host_routes | |
| id | e5ce1abc-6144-4905-a4a8-71fe53798a46 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | external-subnet |
| network_id | aa310624-a955-44bd-854c-c03d8b74ffaf |
| project_id | abd8ed2affc3440eb98d996a13cc6cbd |
| revision_number | 0 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | abd8ed2affc3440eb98d996a13cc6cbd |
| updated_at | 2022-04-05T10:47:25Z |
+-------------------+------------------------------------------------------+创建内网
[root@control1 ~]# neutron net-create --shared --provider:physical_network internal \
> --provider:network_type flat internal-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-04-05T11:01:19Z |
| description | |
| id | edf7ab13-bc77-4990-9b7e-fe1adba02a7f |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1500 |
| name | internal-net |
| port_security_enabled | True |
| project_id | abd8ed2affc3440eb98d996a13cc6cbd |
| provider:network_type | flat |
| provider:physical_network | internal |
| provider:segmentation_id | |
| revision_number | 1 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | abd8ed2affc3440eb98d996a13cc6cbd |
| updated_at | 2022-04-05T11:01:19Z |
+---------------------------+--------------------------------------+
[root@control1 ~]# neutron subnet-create --name internal-subnet \
> --allocation-pool start=10.0.1.100,end=10.0.1.200 \
> internal-net 10.0.1.0/24
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+----------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------+
| allocation_pools | {"start": "10.0.1.100", "end": "10.0.1.200"} |
| cidr | 10.0.1.0/24 |
| created_at | 2022-04-05T11:08:38Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 10.0.1.1 |
| host_routes | |
| id | 1abb799d-5da3-4e58-801d-8f4d3f16bf25 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | internal-subnet |
| network_id | edf7ab13-bc77-4990-9b7e-fe1adba02a7f |
| project_id | abd8ed2affc3440eb98d996a13cc6cbd |
| revision_number | 0 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | abd8ed2affc3440eb98d996a13cc6cbd |
| updated_at | 2022-04-05T11:08:38Z |
+-------------------+----------------------------------------------+查看
[root@control1 ~]# neutron net-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------+----------------------------------+------------------------------------------------------+
| id | name | tenant_id | subnets |
+--------------------------------------+--------------+----------------------------------+------------------------------------------------------+
| aa310624-a955-44bd-854c-c03d8b74ffaf | external-net | abd8ed2affc3440eb98d996a13cc6cbd | e5ce1abc-6144-4905-a4a8-71fe53798a46 192.168.47.0/24 |
| edf7ab13-bc77-4990-9b7e-fe1adba02a7f | internal-net | abd8ed2affc3440eb98d996a13cc6cbd | 1abb799d-5da3-4e58-801d-8f4d3f16bf25 10.0.1.0/24 |
+--------------------------------------+--------------+----------------------------------+------------------------------------------------------+
[root@control1 ~]# openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| aa310624-a955-44bd-854c-c03d8b74ffaf | external-net | e5ce1abc-6144-4905-a4a8-71fe53798a46 |
| edf7ab13-bc77-4990-9b7e-fe1adba02a7f | internal-net | 1abb799d-5da3-4e58-801d-8f4d3f16bf25 |
+--------------------------------------+--------------+--------------------------------------+
