OpenStack中的网络命名空间分析
1、查询网络命名空间。
[root@kolla ~]# ip netns list
qdhcp-e66f117c-4412-4ee1-a89a-3ac3949bffa1 (id: 2)
qrouter-9e2aae1d-2bd5-4174-883b-bb55bacbaa80 (id: 1)
qdhcp-da2d32ea-ec78-4605-84e1-7347b3bcb7b1 (id: 0)
2、ID为0的namespace,为VXLAN网络namespace。10.0.0.2为网关地址,169.254.169.254为元数据代理地址。
[root@kolla ~]# ip netns exec qdhcp-da2d32ea-ec78-4605-84e1-7347b3bcb7b1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
12: tap8aa144fe-f2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:0a:31:04 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global tap8aa144fe-f2
valid_lft forever preferred_lft forever
inet 169.254.169.254/16 brd 169.254.255.255 scope global tap8aa144fe-f2
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe0a:3104/64 scope link
valid_lft forever preferred_lft forever
经测试:如果VXLAN网络的子网去掉勾选激活DHCP,那么平台将删除ID为0的namespace,虚拟机DHCP discover超时,无法获取任何IP(实例列表中可以看到IP,无任何意义),也无任何路由。
3、ID为2的namespace,为FLAT网络namespace。192.168.0.50为网关地址,169.254.169.254为元数据代理地址。
[root@kolla ~]# ip netns exec qdhcp-e66f117c-4412-4ee1-a89a-3ac3949bffa1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
34: tap67517e06-c4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:94:09:36 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.50/24 brd 192.168.0.255 scope global tap67517e06-c4
valid_lft forever preferred_lft forever
inet 169.254.169.254/16 brd 169.254.255.255 scope global tap67517e06-c4
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe94:936/64 scope link
valid_lft forever preferred_lft forever
经测试:如果FLAT网络的子网去掉勾选激活DHCP,那么平台将删除ID为2的namespace,虚拟机无法获取平台分配的IP地址(实例列表看到的IP),但可以从外部DHCP服务器获取1个IP,获取的IP与平台分配的IP地址不一致。且并不能访问网关(无实际用处),且虚拟机无法与169.254.169.254为元数据代理地址通信(无路由)。
4、ID为1的namespace,为虚拟路由器namespace。192.168.0.66为网关地址,192.168.0.65为浮动IP地址,每绑定一个浮动IP,qg-25922cec-56网卡将新增一个地址。
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
16: qr-0ee37473-8d: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:9c:36:48 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.1/24 brd 10.0.0.255 scope global qr-0ee37473-8d
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe9c:3648/64 scope link
valid_lft forever preferred_lft forever
17: qg-25922cec-56: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether fa:16:3e:20:4a:24 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.66/24 brd 192.168.0.255 scope global qg-25922cec-56
valid_lft forever preferred_lft forever
inet 192.168.0.65/32 brd 192.168.0.65 scope global qg-25922cec-56
valid_lft forever preferred_lft forever
inet6 fe80::f816:3eff:fe20:4a24/64 scope link
valid_lft forever preferred_lft forever
