• OVN学习(二)


    部署OVN实验环境

    同OVN学习(一)

    L3网络

    创建逻辑交换机和路由

    ### Central节点
    ### 创建逻辑交换机和路由器
    # ovn-nbctl ls-add inside
    # ovn-nbctl ls-add dmz
    # ovn-nbctl lr-add tenant1
    

    创建路由端口

    ### Central节点
    ### 创建路由器端口用于连接dmz交换机
    # ovn-nbctl lrp-add tenant1 tenant1-dmz 02:d4:1d:8c:d9:9f 20.0.0.1/24
    ### 创建交换机接口用于连接tenant1路由器
    # ovn-nbctl lsp-add dmz dmz-tenant1
    # ovn-nbctl lsp-set-type dmz-tenant1 router
    # ovn-nbctl lsp-set-addresses dmz-tenant1 02:d4:1d:8c:d9:9f
    # ovn-nbctl lsp-set-options dmz-tenant1 router-port=tenant1-dmz
    
    ### 创建路由器端口用于连接inside交换机
    # ovn-nbctl lrp-add tenant1 tenant1-inside 02:d4:1d:8c:d9:9e 10.0.0.1/24
    ### 创建交换机接口用于连接tenant1路由器
    # ovn-nbctl lsp-add inside inside-tenant1
    # ovn-nbctl lsp-set-type inside-tenant1 router
    # ovn-nbctl lsp-set-addresses inside-tenant1 02:d4:1d:8c:d9:9e
    # ovn-nbctl lsp-set-options inside-tenant1 router-port=tenant1-inside
    
    # ovn-nbctl show
    switch 4719a2db-47e0-497d-a01a-3e48268f033b (inside)
        port inside-tenant1
            type: router
            addresses: ["02:d4:1d:8c:d9:9e"]
            router-port: tenant1-inside
    switch 5e069447-765e-4f12-960b-22bf1c1f793e (dmz)
        port dmz-tenant1
            type: router
            addresses: ["02:d4:1d:8c:d9:9f"]
            router-port: tenant1-dmz
    router fefceb45-e2c9-4cdf-979f-0cf41a6848c2 (tenant1)
        port tenant1-dmz
            mac: "02:d4:1d:8c:d9:9f"
            networks: ["20.0.0.1/24"]
        port tenant1-inside
            mac: "02:d4:1d:8c:d9:9e"
            networks: ["10.0.0.1/24"]
    

    创建交换机

    ### Central节点
    ### 创建交换机接口用于连接虚拟机(不加IP的话,后面dhclient会超时,分配不了IP)
    # ovn-nbctl lsp-add dmz dmz-vm1
    # ovn-nbctl lsp-set-addresses dmz-vm1 "02:d4:1d:8c:d9:9d 20.0.0.10"
    # ovn-nbctl lsp-set-port-security dmz-vm1 "02:d4:1d:8c:d9:9d 20.0.0.10"
    # ovn-nbctl lsp-add dmz dmz-vm2
    # ovn-nbctl lsp-set-addresses dmz-vm2 "02:d4:1d:8c:d9:9c 20.0.0.20"
    # ovn-nbctl lsp-set-port-security dmz-vm2 "02:d4:1d:8c:d9:9c 20.0.0.20"
    
    ### 创建交换机接口用于连接虚拟机
    # ovn-nbctl lsp-add inside inside-vm3
    # ovn-nbctl lsp-set-addresses inside-vm3 "02:d4:1d:8c:d9:9b 10.0.0.10"
    # ovn-nbctl lsp-set-port-security inside-vm3 "02:d4:1d:8c:d9:9b 10.0.0.10"
    # ovn-nbctl lsp-add inside inside-vm4
    # ovn-nbctl lsp-set-addresses inside-vm4 "02:d4:1d:8c:d9:9a 10.0.0.20"
    # ovn-nbctl lsp-set-port-security inside-vm4 "02:d4:1d:8c:d9:9a 10.0.0.20"
    
    # ovn-nbctl show
    switch 4719a2db-47e0-497d-a01a-3e48268f033b (inside)
        port inside-vm4
            addresses: ["02:d4:1d:8c:d9:9a"]
        port inside-vm3
            addresses: ["02:d4:1d:8c:d9:9b"]
        port inside-tenant1
            type: router
            addresses: ["02:d4:1d:8c:d9:9e"]
            router-port: tenant1-inside
    switch 5e069447-765e-4f12-960b-22bf1c1f793e (dmz)
        port dmz-tenant1
            type: router
            addresses: ["02:d4:1d:8c:d9:9f"]
            router-port: tenant1-dmz
        port dmz-vm1
            addresses: ["02:d4:1d:8c:d9:9d"]
        port dmz-vm2
            addresses: ["02:d4:1d:8c:d9:9c"]
    router fefceb45-e2c9-4cdf-979f-0cf41a6848c2 (tenant1)
        port tenant1-dmz
            mac: "02:d4:1d:8c:d9:9f"
            networks: ["20.0.0.1/24"]
        port tenant1-inside
            mac: "02:d4:1d:8c:d9:9e"
            networks: ["10.0.0.1/24"]
    

    设置DHCP

    ### Central节点
    # ovn-nbctl create DHCP_Options cidr=20.0.0.0/24 options=""server_id"="20.0.0.1" "server_mac"="02:d4:1d:8c:d9:9f" "lease_time"="3600" "router"="20.0.0.1""
    
    # ovn-nbctl create DHCP_Options cidr=10.0.0.0/24 options=""server_id"="10.0.0.1" "server_mac"="02:d4:1d:8c:d9:9e" "lease_time"="3600" "router"="10.0.0.1""
    
    # ovn-nbctl dhcp-options-list
    08286864-4368-49e7-9ab9-e1394dd8aea8
    1a1a9ee7-6b51-4231-8ec5-9d6135dc6233
    # ovn-nbctl dhcp-options-get-options 08286864-4368-49e7-9ab9-e1394dd8aea8
    server_mac=02:d4:1d:8c:d9:9e
    router=10.0.0.1
    server_id=10.0.0.1
    lease_time=3600
    # ovn-nbctl dhcp-options-get-options 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233
    server_mac=02:d4:1d:8c:d9:9f
    router=20.0.0.1
    server_id=20.0.0.1
    lease_time=3600
    
    # ovn-nbctl lsp-set-dhcpv4-options dmz-vm1 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233
    # ovn-nbctl lsp-get-dhcpv4-options dmz-vm1
    1a1a9ee7-6b51-4231-8ec5-9d6135dc6233 (20.0.0.0/24)
    # ovn-nbctl lsp-set-dhcpv4-options dmz-vm2 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233
    # ovn-nbctl lsp-get-dhcpv4-options dmz-vm2
    1a1a9ee7-6b51-4231-8ec5-9d6135dc6233 (20.0.0.0/24)
    # ovn-nbctl lsp-set-dhcpv4-options inside-vm3 08286864-4368-49e7-9ab9-e1394dd8aea8
    # ovn-nbctl lsp-get-dhcpv4-options inside-vm3
    08286864-4368-49e7-9ab9-e1394dd8aea8 (10.0.0.0/24)
    # ovn-nbctl lsp-set-dhcpv4-options inside-vm4 08286864-4368-49e7-9ab9-e1394dd8aea8
    # ovn-nbctl lsp-get-dhcpv4-options inside-vm4
    08286864-4368-49e7-9ab9-e1394dd8aea8 (10.0.0.0/24)
    

    创建虚拟机

    ### Central节点(dhclient不知道为什么不能自动退出,需要手动kill下)
    # ip netns add vm1
    # ovs-vsctl add-port br-int vm1 -- set interface vm1
    # ip link set vm1 address 02:d4:1d:8c:d9:9d
    # ip link set vm1 netns vm1
    # ovs-vsctl set Interface vm1 external_ids:iface-id=dmz-vm1
    # ip netns exec vm1 dhclient vm1
    # ip netns exec vm1 ip addr show vm1
    
    # ip netns add vm2
    # ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal
    # ip link set vm2 address 02:d4:1d:8c:d9:9c
    # ip link set vm2 netns vm2
    # ovs-vsctl set Interface vm2 external_ids:iface-id=dmz-vm2
    # ip netns exec vm2 dhclient vm2
    # ip netns exec vm2 ip addr show vm2
    
    ### Node节点
    # ip netns add vm3
    # ovs-vsctl add-port br-int vm3 -- set interface vm3 type=internal
    # ip link set vm3 address 02:d4:1d:8c:d9:9b
    # ip link set vm3 netns vm3
    # ovs-vsctl set Interface vm3 external_ids:iface-id=inside-vm3
    # ip netns exec vm3 dhclient vm3
    # ip netns exec vm3 ip addr show vm3
    
    # ip netns add vm4
    # ovs-vsctl add-port br-int vm4 -- set interface vm4 type=internal
    # ip link set vm4 address 02:d4:1d:8c:d9:9a
    # ip link set vm4 netns vm4
    # ovs-vsctl set Interface vm4 external_ids:iface-id=inside-vm4
    # ip netns exec vm4 dhclient vm4
    # ip netns exec vm4 ip addr show vm4
    

    测试

    ### Central节点
    ### vm1到网关的连通性
    # ip netns exec vm1 ping -c 2 20.0.0.1
    PING 20.0.0.1 (20.0.0.1) 56(84) bytes of data.
    64 bytes from 20.0.0.1: icmp_seq=1 ttl=254 time=0.224 ms
    64 bytes from 20.0.0.1: icmp_seq=2 ttl=254 time=0.245 ms
    
    --- 20.0.0.1 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 999ms
    rtt min/avg/max/mdev = 0.224/0.234/0.245/0.018 ms
    
    ### vm1到vm2的连通性
    # ip netns exec vm1 ping -c 2 20.0.0.20
    PING 20.0.0.20 (20.0.0.20) 56(84) bytes of data.
    64 bytes from 20.0.0.20: icmp_seq=1 ttl=64 time=0.736 ms
    64 bytes from 20.0.0.20: icmp_seq=2 ttl=64 time=0.071 ms
    
    --- 20.0.0.20 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1000ms
    rtt min/avg/max/mdev = 0.071/0.403/0.736/0.333 ms
    
    ### vm1到vm3的连通性
    # ip netns exec vm1 ping -c 2 10.0.0.10
    PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data.
    64 bytes from 10.0.0.10: icmp_seq=1 ttl=63 time=1.36 ms
    64 bytes from 10.0.0.10: icmp_seq=2 ttl=63 time=0.601 ms
    
    --- 10.0.0.10 ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1001ms
    rtt min/avg/max/mdev = 0.601/0.981/1.362/0.381 ms
    
  • 相关阅读:
    【NOIP2007提高组T4】树网的核-Floyd最短路+枚举
    【NOIP2007提高组T4】树网的核-Floyd最短路+枚举
    【NOIP2008提高组T4】双栈排序-二分图染色
    【NOIP2008提高组T4】双栈排序-二分图染色
    【NOIP2010提高组T4】引水入城-搜索+DP
    【NOIP2010提高组T4】引水入城-搜索+DP
    【NOIP2011提高组T5】聪明的质监员-二分答案+前缀和
    【NOIP2011提高组T5】聪明的质监员-二分答案+前缀和
    POJ 1113 Wall
    BZOJ 1412 狼和羊的故事
  • 原文地址:https://www.cnblogs.com/silvermagic/p/7666117.html
Copyright © 2020-2023  润新知