Openstack Quantum supported network topologies
Quantum support very flexible network topologies, this section we talk about several typical modes.
1. No L3-agent, physical network takes L3 function directly
- For this kind of network, we only need to create tenant network and its subnet, that’s all, no router needs to be created since physical router takes care of L3 function.
`#Create tenant network and subnet` `[root``@gateway``-``1``~]# quantum net-create direct-net --provider:network_type=vlan --provider:physical_network=physnet1 --provider:segmentation_id=``2000` `[root``@gateway``-``1``~]# quantum subnet-create --name direct-subnet direct-net --gateway ``10.68``.``111.1` `10.68``.``111.0``/``24` `[root``@gateway``-``1``~]# quantum net-list` `+--------------------------------------+-------------+-----------------------------------------------------+` `| id | name | subnets |` `+--------------------------------------+-------------+-----------------------------------------------------+` `| ad385ea8-05c9-``4675``-a17e-90ebb00517c6 | direct-net | c8756518-b27f-468f-b011-84633a377bae ``10.68``.``111.0``/``24``|` `+--------------------------------------+-------------+-----------------------------------------------------+` |
`#Launch a VM with the network we created above` `[root``@controller``-``1``~(keystone_admin)]# nova boot --flavor m1.small --image f1e5e50a-``2668``-``4627``-bcd4-769a0dbe28d3 --nic net-id=ad385ea8-05c9-``4675``-a17e-90ebb00517c6 vm-with-direct-net` ` ` `#Check the VM` `[root``@controller``-``1``~(keystone_admin)]# nova list` `+--------------------------------------+---------------------------+--------+------------------------------------------------------------------------+` `| ID | Name | Status | Networks |` `+--------------------------------------+---------------------------+--------+------------------------------------------------------------------------+` `| 7f767aae-b683-488d-af30-863bb4efdbeb | vm-with-direct-net | ACTIVE | direct-net=``10.68``.``111.2` `|` `+--------------------------------------+---------------------------+--------+------------------------------------------------------------------------+` ` ` `#From the VM, check routes and ``try``to access gateway and external world` `[root``@10``-``68``-``111``-``2``~]# route -n` `Kernel IP routing table` `Destination Gateway Genmask Flags Metric Ref Use Iface` `10.68``.``111.0` `0.0``.``0.0` `255.255``.``255.0` `U ``0` `0` `0``eth0` `0.0``.``0.0` `10.68``.``111.1` `0.0``.``0.0` `UG ``0` `0` `0``eth0` ` ` `[root``@10``-``68``-``111``-``2``~]# ping ``10.68``.``111.1` `PING ``10.68``.``111.1``(``10.68``.``111.1``) ``56``(``84``) bytes of data.` `64``bytes from ``10.68``.``111.1``: icmp_seq=``1``ttl=``255``time=``0.565``ms` `64``bytes from ``10.68``.``111.1``: icmp_seq=``2``ttl=``255``time=``0.655``ms` `[root``@10``-``68``-``111``-``2``~]# ping ``10.56``.``130.139` `PING ``10.56``.``130.139``(``10.56``.``130.139``) ``56``(``84``) bytes of data.` `64``bytes from ``10.56``.``130.139``: icmp_seq=``1``ttl=``255``time=``0.815``ms` `64``bytes from ``10.56``.``130.139``: icmp_seq=``2``ttl=``255``time=``0.925``ms` |
- Benifit of this mode: Physical network takes care of L3 traffic directly, no L3-agent traffic bottleneck pressure. Native physical network HA can be used(VRRP/HSRP).
- Disadvantage of this mode: Since no L3 agent involved, meta-data service can NOT work directly for VMs using this network mode. Workaround is need, which is out of scope of this post. Also Elastic(floating) IP function does not work for this mode.
2. One shared router connecting networks of multiple tenants
- Create tenant A and tenant B networks, here we use admin and ncep tenants as example
`#Get tenant list` `[root``@gateway``-``1``~]# keystone tenant-list` `+----------------------------------+---------+---------+` `| id | name | enabled |` `+----------------------------------+---------+---------+` `| 8ad295a5fac84759b5770fef059861a6 | admin | True |` `| 45f69c2ba1e34f61ab7e86a81605589d | ncep | True |` `| ef1716b3b580460ba0402da01bac8243 | service | True |` `+----------------------------------+---------+---------+` ` ` `#Create admin-net and ncep-net ``for``admin and ncep tenant` `[root``@gateway``-``1``~]# quantum net-create --tenant-id 8ad295a5fac84759b5770fef059861a6 admin-net ` `[root``@gateway``-``1``~]# quantum net-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d ncep-net ` ` ` `#Create admin-subnet and ncep-subnet` `[root``@gateway``-``1``~]# quantum subnet-create --tenant-id 8ad295a5fac84759b5770fef059861a6 --name admin-subnet admin-net ``192.168``.``0.0``/``24` `[root``@gateway``-``1``~]# quantum subnet-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d --name ncep-subnet ncep-net ``10.20``.``20.0``/``24` |
`#Create router on tenant admin` `[root``@gateway``-``1``~]# quantum router-create --tenant-id 8ad295a5fac84759b5770fef059861a6 admin-router` ` ` `#Link both admin-subnet and ncep-subnet to admin-router` `[root``@gateway``-``1``~]# quantum router-``interface``-add admin-router admin-subnet` `Added ``interface``to router admin-router` `[root``@gateway``-``1``~]# quantum router-``interface``-add admin-router ncep-subnet ` `Added ``interface``to router admin-router` ` ` `#List ports of admin-router` `[root``@gateway``-``1``~]# quantum router-port-list admin-router` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| id | name | mac_address | fixed_ips |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| 184bdc43-b832-475c-9fbb-54be53edf3c4 | | fa:``16``:3e:b5:``45``:``14``| {``"subnet_id"``: ``"78a7f776-e465-41bd-86ef-937363bd09a1"``, ``"ip_address"``: ``"192.168.0.1"``} |` `| ceb480b5-``5610``-4f4c-92d0-fad5eaf2afca | | fa:``16``:3e:``80``:5b:``72``| {``"subnet_id"``: ``"fc0a9d79-1ed0-41ee-b32a-cc57905325b4"``, ``"ip_address"``: ``"10.20.20.1"``} |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` |
`#Create external net and subnet with floating IP range` `[root``@gateway``-``1``~]# quantum net-create ext_net --router:external=True` `[root``@gateway``-``1``~]# quantum subnet-create --name subext_net ext_net --allocation-pool start=``10.68``.``124.100``,end=``10.68``.``124.200``10.68``.``124.0``/``24``-- --enable_dhcp=False ` ` ` `#Set the external network as gateway of admin-router` `[root``@gateway``-``1``~]# quantum router-gateway-set admin-router ext_net` `Set gateway ``for``router admin-router` |
- Create one tenant A network and 2 tenant B networks, here we use admin and ncep tenants as example
`#Get tenant list` `[root``@gateway``-``1``~]# keystone tenant-list` `+----------------------------------+---------+---------+` `| id | name | enabled |` `+----------------------------------+---------+---------+` `| 8ad295a5fac84759b5770fef059861a6 | admin | True |` `| 45f69c2ba1e34f61ab7e86a81605589d | ncep | True |` `| ef1716b3b580460ba0402da01bac8243 | service | True |` `+----------------------------------+---------+---------+` ` ` `#Create admin-net ``for``admin tenant, ncep-net and ncep-netn-``2``for``ncep tenant` `[root``@gateway``-``1``~]# quantum net-create --tenant-id 8ad295a5fac84759b5770fef059861a6 admin-net ` `[root``@gateway``-``1``~]# quantum net-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d ncep-net` `[root``@gateway``-``1``~]# quantum net-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d ncep-net-``2` ` ` `#Create admin-subnet, ncep-subnet and ncep-subnet-``2` `[root``@gateway``-``1``~]# quantum subnet-create --tenant-id 8ad295a5fac84759b5770fef059861a6 --name admin-subnet admin-net ``192.168``.``0.0``/``24` `[root``@gateway``-``1``~]# quantum subnet-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d --name ncep-subnet ncep-net ``10.20``.``20.0``/``24` `[root``@gateway``-``1``~]# quantum subnet-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d --name ncep-subnet-``2``ncep-net-``2``192.168``.``0.0``/``24` ` ` `##Since we enabled namespace, admin-subnet and ncep-net-``2``can use overlapping IP range.` |
`#Create admin-router and ncep-router ``for``each tenant` `[root``@gateway``-``1``~]# quantum router-create --tenant-id 8ad295a5fac84759b5770fef059861a6 admin-router` `[root``@gateway``-``1``~]# quantum router-create --tenant-id 45f69c2ba1e34f61ab7e86a81605589d ncep-router ` ` ` `#Link admin-subnet to admin-router, ncep-subnet to ncep-router` `[root``@gateway``-``1``~]# quantum router-``interface``-add admin-router admin-subnet` `Added ``interface``to router admin-router` `[root``@gateway``-``1``~]# quantum router-``interface``-add ncep-router ncep-subnet ` `Added ``interface``to router ncep-router` `[root``@gateway``-``1``~]# quantum router-``interface``-add ncep-router ncep-subnet-``2` `Added ``interface``to router ncep-router` |
`#Create external net and subnet with floating IP range` `[root``@gateway``-``1``~]# quantum net-create ext_net --router:external=True` `[root``@gateway``-``1``~]# quantum subnet-create --name subext_net ext_net --allocation-pool start=``10.68``.``124.100``,end=``10.68``.``124.200``10.68``.``124.0``/``24``-- --enable_dhcp=False ` ` ` `#Set the external network as gateway of admin-router and ncep-router` `[root``@gateway``-``1``~]# quantum router-gateway-set admin-router ext_net` `Set gateway ``for``router admin-router` ` [root``@gateway``-``1``~]# quantum router-gateway-set ncep-router ext_net` `Set gateway ``for``router admin-router` |
`[root``@gateway``-``1``~]# quantum router-port-list admin-router ` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| id | name | mac_address | fixed_ips |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| 184bdc43-b832-475c-9fbb-54be53edf3c4 | | fa:``16``:3e:b5:``45``:``14``| {``"subnet_id"``: ``"78a7f776-e465-41bd-86ef-937363bd09a1"``, ``"ip_address"``: ``"192.168.0.1"``} |` `| 3482fb00-c951-4c36-86ab-04054dc51534 | | fa:``16``:3e:``14``:2c:0f | {``"subnet_id"``: ``"cfa7243a-1d02-429f-95fa-d384d6112c04"``, ``"ip_address"``: ``"10.68.124.100"``} |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `[root``@gateway``-``1``~]# quantum router-port-list ncep-router ` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| id | name | mac_address | fixed_ips |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` `| 041535fb-46b3-412d-8e96-e392eb005d23 | | fa:``16``:3e:fc:fe:``49``| {``"subnet_id"``: ``"fc0a9d79-1ed0-41ee-b32a-cc57905325b4"``, ``"ip_address"``: ``"10.20.20.1"``} |` `| 58de8679-95d5-447f-b9e7-f2a48e4ccf06 | | fa:``16``:3e:7e:9e:ea | {``"subnet_id"``: ``"cfa7243a-1d02-429f-95fa-d384d6112c04"``, ``"ip_address"``: ``"10.68.124.101"``} |` `| 65f41f9c-693b-4d76-a7db-713ed3a780be | | fa:``16``:3e:5c:``38``:``09``| {``"subnet_id"``: ``"4c687636-5c61-43bd-8dcf-cd626f09baef"``, ``"ip_address"``: ``"192.168.0.1"``} |` `+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+` |