可以设置localnet属于某个vlan,这样从localnet出去的报文都携带vlan id, 这样可以让连接到localnet所属交换机的VM属于某个vlan。
TOPO
outside outside
| |
|phy nic |phy nic
+--------------+------------+ +-------------+-------------+
|ovs bridge on hv0 | |ovs bridge on hv1 |
| | | |
| | | |
+-----+--------------+------+ +-----+---------------+-----+
| | | |
| | | |
|(ln vlan=3) |(ln vlan=4) |(ln vlan=3) |(ln vlan=4)
+-----+------+ +-----+------+ +-----+------+ +------+-----+
|ls1 | |ls2 | |ls3 | |ls4 |
+-----+------+ +-----+------+ +-----+------+ +------+-----+
| | | |
| | | |
+-----+--------------+------+ +-----+---------------+-----+
| v0 v1 | | v0 v1 |
| +----+ |
|hv0(server+computing) | |hv1(computing) |
+---------------------------+ +---------------------------+
install vm
在两台机器上各安装两个虚拟机
rhel_version=rhel$(rpm -E %rhel)
# libvirt && kvm
yum -y install virt-install
yum -y install libvirt
yum install -y python3-lxml.x86_64
rpm -qa | grep qemu-kvm >/dev/null || yum -y install qemu-kvm
if (($rhel_version < 7)); then
service libvirtd restart
else
systemctl restart libvirtd
systemctl start virtlogd.socket
fi
# work around for failure of virt-install
chmod 666 /dev/kvm
# define default vnet
virsh net-define /usr/share/libvirt/networks/default.xml
virsh net-start default
virsh net-autostart default
# define vm name and mac
vm_name=v0
mac4vm=a4:a4:a4:a4:a4:a0
# download image
wget http://netqe-bj.usersys.redhat.com/share/vms/rhel8.4.qcow2 -O /var/lib/libvirt/images/$vm_name.qcow2
# install vm
virt-install \
--name $vm_name \
--vcpus=2 \
--ram=2048 \
--disk path=/var/lib/libvirt/images/$vm_name.qcow2,device=disk,bus=virtio,format=qcow2 \
--network bridge=virbr0,model=virtio,mac=$mac4vm \
--boot hd \
--accelerate \
--graphics vnc,listen=0.0.0.0 \
--force \
--os-type=linux \
--noautoconsol
setup on central node
systemctl start openvswitch
systemctl start ovn-northd
ovn-sbctl set-connection ptcp:6642
ovn-nbctl set-connection ptcp:6641
ovs-vsctl set Open_vSwitch . external-ids:system-id=hv0
ovs-vsctl set Open_vSwitch . external-ids:ovn-remote=tcp:177.1.1.1:6642
ovs-vsctl set Open_vSwitch . external-ids:ovn-encap-type=geneve
ovs-vsctl set Open_vSwitch . external-ids:ovn-encap-ip=177.1.1.1
systemctl restart ovn-controller
mac_v0_vnet1=04:ac:10:ff:01:94
mac_v0_vnet2=04:ac:10:ff:01:95
mac_v1_vnet1=04:ac:10:ff:01:96
mac_v1_vnet2=04:ac:10:ff:01:97
cat <<-EOF > v0-vnet1.xml
<interface type='bridge'>
<target dev='h0_v0_vnet1'/>
<mac address='${mac_v0_vnet1}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v0-vnet2.xml
<interface type='bridge'>
<target dev='h0_v0_vnet2'/>
<mac address='${mac_v0_vnet2}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v1-vnet1.xml
<interface type='bridge'>
<target dev='h0_v1_vnet1'/>
<mac address='${mac_v1_vnet1}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v1-vnet2.xml
<interface type='bridge'>
<target dev='h0_v1_vnet2'/>
<mac address='${mac_v1_vnet2}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
virsh attach-device v0 v0-vnet1.xml
virsh attach-device v1 v1-vnet1.xml
sleep 2
ovs-vsctl set interface h0_v0_vnet1 external-ids:iface-id=h0_v0_vnet1
ovs-vsctl set interface h0_v1_vnet1 external-ids:iface-id=h0_v1_vnet1
setup on computing node
systemctl start openvswitch
ovs-vsctl set Open_vSwitch . external-ids:system-id=hv1
ovs-vsctl set Open_vSwitch . external-ids:ovn-remote=tcp:177.1.1.1:6642
ovs-vsctl set Open_vSwitch . external-ids:ovn-encap-type=geneve
ovs-vsctl set Open_vSwitch . external-ids:ovn-encap-ip=177.1.1.2
systemctl start ovn-controller
mac_v0_vnet1=02:ac:10:ff:01:94
mac_v0_vnet2=02:ac:10:ff:01:95
mac_v1_vnet1=02:ac:10:ff:01:96
mac_v1_vnet2=02:ac:10:ff:01:97
cat <<-EOF > v0-vnet1.xml
<interface type='bridge'>
<target dev='h1_v0_vnet1'/>
<mac address='${mac_v0_vnet1}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v0-vnet2.xml
<interface type='bridge'>
<target dev='h1_v0_vnet2'/>
<mac address='${mac_v0_vnet2}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v1-vnet1.xml
<interface type='bridge'>
<target dev='h1_v1_vnet1'/>
<mac address='${mac_v1_vnet1}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
cat <<-EOF > v1-vnet2.xml
<interface type='bridge'>
<target dev='h1_v1_vnet2'/>
<mac address='${mac_v1_vnet2}'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'/>
<model type='virtio'/>
</interface>
EOF
virsh attach-device v0 v0-vnet2.xml
virsh attach-device v1 v1-vnet2.xml
sleep 2
ovs-vsctl set interface h1_v0_vnet2 external-ids:iface-id=h1_v0_vnet2
ovs-vsctl set interface h1_v1_vnet2 external-ids:iface-id=h1_v1_vnet2
create topo on central node
mac_h0_v0_vnet1=04:ac:10:ff:01:94
mac_h0_v0_vnet2=04:ac:10:ff:01:95
mac_h0_v1_vnet1=04:ac:10:ff:01:96
mac_h0_v1_vnet2=04:ac:10:ff:01:97
mac_h1_v0_vnet1=02:ac:10:ff:01:94
mac_h1_v0_vnet2=02:ac:10:ff:01:95
mac_h1_v1_vnet1=02:ac:10:ff:01:96
mac_h1_v1_vnet2=02:ac:10:ff:01:97
# create logical switch port and setup dhcp_option
lsp_name=h0_v0_vnet1
mac=$mac_h0_v0_vnet1
ovn-nbctl ls-add ls1
ovn-nbctl lsp-add ls1 $lsp_name
ovn-nbctl lsp-set-addresses $lsp_name $mac
ovn-nbctl lsp-add ls1 ln-s1
ovn-nbctl lsp-set-addresses ln-s1 unknown
ovn-nbctl lsp-set-type ln-s1 localnet
ovn-nbctl lsp-set-options ln-s1 network_name=vlantest
ovn-nbctl set logical_switch_port ln-s1 options:network_name=vlantest tag_request=3
lsp_name=h0_v1_vnet1
mac=$mac_h0_v1_vnet1
ovn-nbctl ls-add ls2
ovn-nbctl lsp-add ls2 $lsp_name
ovn-nbctl lsp-set-addresses $lsp_name $mac
ovn-nbctl lsp-add ls2 ln-s2
ovn-nbctl lsp-set-addresses ln-s2 unknown
ovn-nbctl lsp-set-type ln-s2 localnet
ovn-nbctl lsp-set-options ln-s2 network_name=vlantest
ovn-nbctl set logical_switch_port ln-s2 options:network_name=vlantest tag_request=4
lsp_name=h1_v0_vnet2
mac=$mac_h1_v0_vnet2
ovn-nbctl ls-add ls3
ovn-nbctl lsp-add ls3 $lsp_name
ovn-nbctl lsp-set-addresses $lsp_name $mac
ovn-nbctl lsp-add ls3 ln-s3
ovn-nbctl lsp-set-addresses ln-s3 unknown
ovn-nbctl lsp-set-type ln-s3 localnet
ovn-nbctl lsp-set-options ln-s3 network_name=vlantest
ovn-nbctl set logical_switch_port ln-s3 options:network_name=vlantest tag_request=3
lsp_name=h1_v1_vnet2
mac=$mac_h1_v1_vnet2
ovn-nbctl ls-add ls4
ovn-nbctl lsp-add ls4 $lsp_name
ovn-nbctl lsp-set-addresses $lsp_name $mac
ovn-nbctl lsp-add ls4 ln-s4
ovn-nbctl lsp-set-addresses ln-s4 unknown
ovn-nbctl lsp-set-type ln-s4 localnet
ovn-nbctl lsp-set-options ln-s4 network_name=vlantest
ovn-nbctl set logical_switch_port ln-s4 options:network_name=vlantest tag_request=4
# 为localnet创建ovs bridge
ovs-vsctl add-br vlan-test
ip link set vlan-test up
ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=vlantest:vlan-test
ovs-vsctl add-port vlan-test ens2f1
ip link set ens2f1 up
# 现在central node上的v0加入vlan3,v1加入了vlan4,可以和物理网络中相同vlan的主机通信了
但是因为computing node上还没有为localnet创建ovs bridge,所以和外网不通。
create ovs bridge for localnet on computing node
ovs-vsctl add-br vlan-test
ip link set vlan-test up
ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=vlantest:vlan-test
ovs-vsctl add-port vlan-test ens3f1np1
ip link set ens3f1np1 up
这样就全都通了,包括不同的node上的VM之间也可以通信(相同vlan中的VM可以通信)。