部署OVN实验环境

同OVN学习(一)

L3网络

创建逻辑交换机和路由

### Central节点

### 创建逻辑交换机和路由器

# ovn-nbctl ls-add inside

# ovn-nbctl ls-add dmz

# ovn-nbctl lr-add tenant1

创建路由端口

### Central节点

### 创建路由器端口用于连接dmz交换机

# ovn-nbctl lrp-add tenant1 tenant1-dmz 02:d4:1d:8c:d9:9f 20.0.0.1/24

### 创建交换机接口用于连接tenant1路由器

# ovn-nbctl lsp-add dmz dmz-tenant1

# ovn-nbctl lsp-set-type dmz-tenant1 router

# ovn-nbctl lsp-set-addresses dmz-tenant1 02:d4:1d:8c:d9:9f

# ovn-nbctl lsp-set-options dmz-tenant1 router-port=tenant1-dmz

### 创建路由器端口用于连接inside交换机

# ovn-nbctl lrp-add tenant1 tenant1-inside 02:d4:1d:8c:d9:9e 10.0.0.1/24

### 创建交换机接口用于连接tenant1路由器

# ovn-nbctl lsp-add inside inside-tenant1

# ovn-nbctl lsp-set-type inside-tenant1 router

# ovn-nbctl lsp-set-addresses inside-tenant1 02:d4:1d:8c:d9:9e

# ovn-nbctl lsp-set-options inside-tenant1 router-port=tenant1-inside

# ovn-nbctl show

switch 4719a2db-47e0-497d-a01a-3e48268f033b (inside)

    port inside-tenant1

        type: router

        addresses: ["02:d4:1d:8c:d9:9e"]

        router-port: tenant1-inside

switch 5e069447-765e-4f12-960b-22bf1c1f793e (dmz)

    port dmz-tenant1

        type: router

        addresses: ["02:d4:1d:8c:d9:9f"]

        router-port: tenant1-dmz

router fefceb45-e2c9-4cdf-979f-0cf41a6848c2 (tenant1)

    port tenant1-dmz

        mac: "02:d4:1d:8c:d9:9f"

        networks: ["20.0.0.1/24"]

    port tenant1-inside

        mac: "02:d4:1d:8c:d9:9e"

        networks: ["10.0.0.1/24"]

创建交换机

### Central节点

### 创建交换机接口用于连接虚拟机(不加IP的话,后面dhclient会超时,分配不了IP)

# ovn-nbctl lsp-add dmz dmz-vm1

# ovn-nbctl lsp-set-addresses dmz-vm1 "02:d4:1d:8c:d9:9d 20.0.0.10"

# ovn-nbctl lsp-set-port-security dmz-vm1 "02:d4:1d:8c:d9:9d 20.0.0.10"

# ovn-nbctl lsp-add dmz dmz-vm2

# ovn-nbctl lsp-set-addresses dmz-vm2 "02:d4:1d:8c:d9:9c 20.0.0.20"

# ovn-nbctl lsp-set-port-security dmz-vm2 "02:d4:1d:8c:d9:9c 20.0.0.20"

### 创建交换机接口用于连接虚拟机

# ovn-nbctl lsp-add inside inside-vm3

# ovn-nbctl lsp-set-addresses inside-vm3 "02:d4:1d:8c:d9:9b 10.0.0.10"

# ovn-nbctl lsp-set-port-security inside-vm3 "02:d4:1d:8c:d9:9b 10.0.0.10"

# ovn-nbctl lsp-add inside inside-vm4

# ovn-nbctl lsp-set-addresses inside-vm4 "02:d4:1d:8c:d9:9a 10.0.0.20"

# ovn-nbctl lsp-set-port-security inside-vm4 "02:d4:1d:8c:d9:9a 10.0.0.20"

# ovn-nbctl show

switch 4719a2db-47e0-497d-a01a-3e48268f033b (inside)

    port inside-vm4

        addresses: ["02:d4:1d:8c:d9:9a"]

    port inside-vm3

        addresses: ["02:d4:1d:8c:d9:9b"]

    port inside-tenant1

        type: router

        addresses: ["02:d4:1d:8c:d9:9e"]

        router-port: tenant1-inside

switch 5e069447-765e-4f12-960b-22bf1c1f793e (dmz)

    port dmz-tenant1

        type: router

        addresses: ["02:d4:1d:8c:d9:9f"]

        router-port: tenant1-dmz

    port dmz-vm1

        addresses: ["02:d4:1d:8c:d9:9d"]

    port dmz-vm2

        addresses: ["02:d4:1d:8c:d9:9c"]

router fefceb45-e2c9-4cdf-979f-0cf41a6848c2 (tenant1)

    port tenant1-dmz

        mac: "02:d4:1d:8c:d9:9f"

        networks: ["20.0.0.1/24"]

    port tenant1-inside

        mac: "02:d4:1d:8c:d9:9e"

        networks: ["10.0.0.1/24"]

设置DHCP

### Central节点

# ovn-nbctl create DHCP_Options cidr=20.0.0.0/24 options="\"server_id\"=\"20.0.0.1\" \"server_mac\"=\"02:d4:1d:8c:d9:9f\" \"lease_time\"=\"3600\" \"router\"=\"20.0.0.1\""

# ovn-nbctl create DHCP_Options cidr=10.0.0.0/24 options="\"server_id\"=\"10.0.0.1\" \"server_mac\"=\"02:d4:1d:8c:d9:9e\" \"lease_time\"=\"3600\" \"router\"=\"10.0.0.1\""

# ovn-nbctl dhcp-options-list

08286864-4368-49e7-9ab9-e1394dd8aea8

1a1a9ee7-6b51-4231-8ec5-9d6135dc6233

# ovn-nbctl dhcp-options-get-options 08286864-4368-49e7-9ab9-e1394dd8aea8

server_mac=02:d4:1d:8c:d9:9e

router=10.0.0.1

server_id=10.0.0.1

lease_time=3600

# ovn-nbctl dhcp-options-get-options 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233

server_mac=02:d4:1d:8c:d9:9f

router=20.0.0.1

server_id=20.0.0.1

lease_time=3600

# ovn-nbctl lsp-set-dhcpv4-options dmz-vm1 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233

# ovn-nbctl lsp-get-dhcpv4-options dmz-vm1

1a1a9ee7-6b51-4231-8ec5-9d6135dc6233 (20.0.0.0/24)

# ovn-nbctl lsp-set-dhcpv4-options dmz-vm2 1a1a9ee7-6b51-4231-8ec5-9d6135dc6233

# ovn-nbctl lsp-get-dhcpv4-options dmz-vm2

1a1a9ee7-6b51-4231-8ec5-9d6135dc6233 (20.0.0.0/24)

# ovn-nbctl lsp-set-dhcpv4-options inside-vm3 08286864-4368-49e7-9ab9-e1394dd8aea8

# ovn-nbctl lsp-get-dhcpv4-options inside-vm3

08286864-4368-49e7-9ab9-e1394dd8aea8 (10.0.0.0/24)

# ovn-nbctl lsp-set-dhcpv4-options inside-vm4 08286864-4368-49e7-9ab9-e1394dd8aea8

# ovn-nbctl lsp-get-dhcpv4-options inside-vm4

08286864-4368-49e7-9ab9-e1394dd8aea8 (10.0.0.0/24)

创建虚拟机

### Central节点(dhclient不知道为什么不能自动退出,需要手动kill下)

# ip netns add vm1

# ovs-vsctl add-port br-int vm1 -- set interface vm1

# ip link set vm1 address 02:d4:1d:8c:d9:9d

# ip link set vm1 netns vm1

# ovs-vsctl set Interface vm1 external_ids:iface-id=dmz-vm1

# ip netns exec vm1 dhclient vm1

# ip netns exec vm1 ip addr show vm1

# ip netns add vm2

# ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal

# ip link set vm2 address 02:d4:1d:8c:d9:9c

# ip link set vm2 netns vm2

# ovs-vsctl set Interface vm2 external_ids:iface-id=dmz-vm2

# ip netns exec vm2 dhclient vm2

# ip netns exec vm2 ip addr show vm2

### Node节点

# ip netns add vm3

# ovs-vsctl add-port br-int vm3 -- set interface vm3 type=internal

# ip link set vm3 address 02:d4:1d:8c:d9:9b

# ip link set vm3 netns vm3

# ovs-vsctl set Interface vm3 external_ids:iface-id=inside-vm3

# ip netns exec vm3 dhclient vm3

# ip netns exec vm3 ip addr show vm3

# ip netns add vm4

# ovs-vsctl add-port br-int vm4 -- set interface vm4 type=internal

# ip link set vm4 address 02:d4:1d:8c:d9:9a

# ip link set vm4 netns vm4

# ovs-vsctl set Interface vm4 external_ids:iface-id=inside-vm4

# ip netns exec vm4 dhclient vm4

# ip netns exec vm4 ip addr show vm4

测试

### Central节点

### vm1到网关的连通性

# ip netns exec vm1 ping -c 2 20.0.0.1

PING 20.0.0.1 (20.0.0.1) 56(84) bytes of data.

64 bytes from 20.0.0.1: icmp_seq=1 ttl=254 time=0.224 ms

64 bytes from 20.0.0.1: icmp_seq=2 ttl=254 time=0.245 ms

--- 20.0.0.1 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 999ms

rtt min/avg/max/mdev = 0.224/0.234/0.245/0.018 ms

### vm1到vm2的连通性

# ip netns exec vm1 ping -c 2 20.0.0.20

PING 20.0.0.20 (20.0.0.20) 56(84) bytes of data.

64 bytes from 20.0.0.20: icmp_seq=1 ttl=64 time=0.736 ms

64 bytes from 20.0.0.20: icmp_seq=2 ttl=64 time=0.071 ms

--- 20.0.0.20 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1000ms

rtt min/avg/max/mdev = 0.071/0.403/0.736/0.333 ms

### vm1到vm3的连通性

# ip netns exec vm1 ping -c 2 10.0.0.10

PING 10.0.0.10 (10.0.0.10) 56(84) bytes of data.

64 bytes from 10.0.0.10: icmp_seq=1 ttl=63 time=1.36 ms

64 bytes from 10.0.0.10: icmp_seq=2 ttl=63 time=0.601 ms

--- 10.0.0.10 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1001ms

rtt min/avg/max/mdev = 0.601/0.981/1.362/0.381 ms

最新文章

  1. tomcat加密
  2. BZOJ3172: [Tjoi2013]单词
  3. jwplayer播放器停止 单页内多个jwplayer对象停止问题
  4. js中对象 类 实例的区别 数据类型 创建对象
  5. CSS 知识汇总
  6. 原生javascript模仿win8等待进度条。
  7. D3.js 插入元素,删除元素
  8. linux 命令行发送邮件及附件
  9. windows编程socket问题
  10. MySQL 5.7版本安装教程-踩坑总结
  11. ValidationContext
  12. JavaScript获取地址栏中的参数
  13. SpringMVC(三):@RequestMapping中的URL中设定通配符,可以使用@PathVariable映射URL绑定的占位符
  14. Neural Network Programming - Deep Learning with PyTorch with deeplizard.
  15. Docker CE 镜像源站
  16. 序列&权限&索引&视图的语句
  17. postman参数获取不到原因
  18. 前端框架VUE----组件的创建
  19. 知识点:linux数据库备份
  20. 开机进入boot menu和application menu,无法开机

热门文章

  1. shell实现mysql热备份
  2. 性能测试--Jmeter的Non GUI模式、集群
  3. Flask:web表单
  4. 【zabbix】Windows服务器获取IIS站点以及程序池状态
  5. Java基础教程:HashTable与HashMap比较
  6. hadoop —— eclipse插件安装配置
  7. Linux学习之路(二)文件处理命令之下
  8. 轻量级RPC框架开发
  9. laravel基础课程---4、Laravel基础网站结构搭建
  10. 分享知识-快乐自己:MySQL中的约束,添加约束,删除约束,以及一些其他修饰