Openstack(十六)實現內外網結構
相似於阿里雲ECS主機的內外網(雙網卡不通網段)的結構,最終實現內外網區分隔離。linux
16.1各個虛擬機添加並配置IP
若是已是雙網卡不須要從新添加,網段配置文192.168.10.20服務器
16.1.1在各虛擬機設置界面點擊添加
16.1.2添加網卡
選擇網絡適配器而後點下一步:網絡
16.1.3確認添加
選僅主機模式而後點完成app
16.1.4最終確認
確認添加正確而後點肯定ide
16.1.5各虛擬機確認網卡添加成功
16.1.6各個虛擬機配置IP
# cd /etc/sysconfig/network-scripts/阿里雲
# vim ifcfg-eth13d
TYPE=Ethernetrest
BOOTPROTO=staticserver
ONBOOT=yes
DEVICE=eth1
NAME=eth1
IPADDR=192.168.20.202 #與192.168.10.x網段最後一位IP相同
NETMASK=255.255.252.0
16.1.7其餘服務器配置與驗證
按照以上過程添加其餘服務器,然驗證各服務器第二塊網卡之間是否網絡互通:
16.2控制節點配置
16.2.1編輯配置文件linuxbridge_agent.ini
# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
155 physical_interface_mappings = internal:eth0, external:eth1
16.2.2編輯配置文件以下ml2_conf.ini
# vim /etc/neutron/plugins/ml2/ml2_conf.ini
172 flat_networks = internal, external
16.2.3控制節點當前所有配置
# grep "^[a-Z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth0, external:eth1
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
enable_vxlan = false
# grep "^[a-Z]" /etc/neutron/plugins/ml2/ml2_conf.ini
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
flat_networks = internal, external
enable_ipset = true
16.2.4重啓neutron服務
# systemctl restart neutron-linuxbridge-agent
# systemctl restart neutron-server
16.3計算節點配置
16.3.1編輯配置文件
# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
155 physical_interface_mappings = internal:eth0, external:eth1
# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth0,external:eth1
16.3.2當前所有配置
# grep "^[a-Z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth0, external:eth1
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
enable_vxlan = false
# grep "^[a-Z]" /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = internal:eth0,external:eth1
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
enable_security_group = true
enable_vxlan = false
16.3.3重啓neutron服務
# systemctl restart neutron-linuxbridge-agent
# systemctl restart neutron-linuxbridge-agent
16.4建立網絡並驗證
16.4.1控制端建立網絡
# neutron net-create --shared --provider:physical_network external --provider:network_type flat external-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
16.4.2建立子網
# neutron subnet-create --name external-subnet --allocation-pool start=192.168.20.100,end=192.168.20.200 --dns-nameserver 223.5.5.5 external-net 192.
168.20.0/24
16.4.3驗證子網建立
# neutron net-list
16.5建立虛擬機
16.5.1在網卡界面添加兩個網卡
其餘保持不變
16.5.2驗證內外網訪問
#若是是在虛擬機啓動的實例,則實例啓動過程會稍微有點慢,下面是計算節點192.168.10.202上面的實例:
# 下面是計算節點192.168.10.203上面的實例:
- 1. Openstack之七:實現基於橋接的內外網絡
- 2. 內外網隔離實現
- 3. Centos7 firewalld實現內網訪問外網
- 4. Holer實現外網訪問內網Tomcat
- 5. Holer實現外網訪問內網Web
- 6. nginx實現內外網同時訪問
- 7. virtual box實現內外網共用
- 8. 內外網互通架構
- 9. OpenStack的結構
- 10. OpenStack架構----cinder組件(六)
- 更多相關文章...
- • Rust 結構體 - RUST 教程
- • XML 樹結構 - XML 教程
- • ☆基於Java Instrument的Agent實現
- • Docker容器實戰(六) - 容器的隔離與限制
-
每一个你不满意的现在,都有一个你没有努力的曾经。
- 1. 升級Gradle後報錯Gradle‘s dependency cache may be corrupt (this sometimes occurs
- 2. Smarter, Not Harder
- 3. mac-2019-react-native 本地環境搭建(xcode-11.1和android studio3.5.2中Genymotion2.12.1 和VirtualBox-5.2.34 )
- 4. 查看文件中關鍵字前後幾行的內容
- 5. XXE萌新進階全攻略
- 6. Installation failed due to: ‘Connection refused: connect‘安卓studio端口占用
- 7. zabbix5.0通過agent監控winserve12
- 8. IT行業UI前景、潛力如何?
- 9. Mac Swig 3.0.12 安裝
- 10. Windows上FreeRDP-WebConnect是一個開源HTML5代理,它提供對使用RDP的任何Windows服務器和工作站的Web訪問