作者:Tatsuya Naganawa 译者:TF中文社区
oVirt是一个免费开源的企业级虚拟化解决方案,基于KVM(并整合了libvirt、Gluster、PatternFly和Ansible等开源软件)提供强大的开源虚拟化功能。 本文重点介绍oVirt与Tungsten Fabric的集成过程。
ovirt 4.2.6.4-1.el7 tungsten-fabric r5.0.1 centos7.5
(编者注:本文写于2018年11月,请更新到最新版本)
oVirt安装文件
更多详细信息,请关注 TF中文社区
所有的虚拟机都来自centos7 libvirt
libvirt网络如下:
default, 192.168.122.0/24, nat 192_168_130_0, 192.168.130.0/24, isolated
节点如下:
ovirt-manager: centos161, 192.168.122.161 default ovirt-node: centos162, 192.168.122.162, 192.168.130.162, default, 192_168_130_0 ovirt-node: centos163, 192.168.122.163, 192.168.130.163, default, 192_168_130_0 contrail-controller: centos164, 192.168.122.164, 192.168.130.164: default, 192_168_130_0
· 4vcpu, 8GB mem (24GB for contrail-controller), 48GB disk
1、添加两台主机和一个NFS数据域。
注意:需要指定cpu类型“cpu-model”:
2、从ovirt glance导入cirros镜像。
3、在两台主机上创建cirros虚拟机,并检查虚拟机是否运行良好。
使用Tungsten Fabric r5.0.1版本 更多详细信息,请关注 TF中文社区
以及ansible-deployer来安装OpenStack neutron / keystone 更多详细信息,请关注 TF中文社区
instance.yaml provider_config: bms: ssh_pwd: root ssh_user: root domainsuffix: local ntpserver: 0.centos.pool.ntp.org instances: bms1: provider: bms ip: 192.168.122.164 roles: config_database: config: control: analytics_database: analytics: webui: openstack: bms11: provider: bms ip: 192.168.122.162 roles: vrouter: PHYSICAL_INTERFACE: eth1 VROUTER_GATEWAY: 192.168.130.1 openstack_compute: bms12: provider: bms ip: 192.168.122.163 roles: vrouter: PHYSICAL_INTERFACE: eth1 VROUTER_GATEWAY: 192.168.130.1 openstack_compute: contrail_configuration: RABBITMQ_NODE_PORT: 5673 AUTH_MODE: keystone KEYSTONE_AUTH_URL_VERSION: /v3 CONTRAIL_VERSION: r5.0.1 kolla_config: kolla_globals: enable_haproxy: no enable_swift: no kolla_passwords: keystone_admin_password: contrail123 global_configuration: CONTAINER_REGISTRY: tungstenfabric对于ovirt-nodes,必须指定“vrouter”和“nova_compute”角色。
还需要明确指定PHYSICAL_INTERFACE,VROUTER_GATEWAY,以使vrouter能够使用eth1(与ovirtmgmt不同的NIC)。
终止nova_compute, nova_libvirt
由于vdsm使用了libvirt端口,因此需要终止nova_libvirt。
# docker stop nova_compute nova_libvirt # docker rm nova_compute nova_libvirt # reboot键入下面的命令,以在Tungsten Fabric上创建虚拟网络。
# source /etc/kolla/kolla-toolbox/admin-openrc.sh # openstack network create vn1 # openstack subnet create --subnet-range 10.0.1.0/24 --network vn1 subnet1使用下面的参数,创建Tungsten Fabric提供程序。
Name: tungsten-fabric Network Plugin: LINUX_BRIDGE Provider URL: http://192.168.122.164:9696 Read-Only: Checked Requires Authentication: Checked Username: admin Password: contrail123 Tenant /name: admin Authentication URL: http://192.168.122.164:35357/v2.0添加vdsm hook
在下面的目录找到文件: /usr/libexec/vdsm/hooks/after_device_create/60_tungsten-fabric
注意:部署时需要给出tf_controller_ip #!/usr/bin/python import os import requests tf_controller_ip='192.168.122.164' vnic_id=os.environ['vnic_id'] re = requests.get('http://{}:8082/virtual-machine-interface/{}'.format (tf_controller_ip, vnic_id)) js = re.json()['virtual-machine-interface'] mac_addr = js['virtual_machine_interface_mac_addresses']['mac_address'][0] vm_id = js['virtual_machine_refs'][0]['to'][0] vn_id = js['virtual_network_refs'][0]['uuid'] cmd = "/var/lib/docker/volumes/opt_plugin/_data/bin/vrouter-port-control --oper=add --uuid={} --instance_uuid={} --vn_uuid={} --vm_name='' --ip_address='0.0.0.0' --ipv6_address=None --tap_name=tap{} --mac='{}' --rx_vlan_id=-1 --tx_vlan_id=-1".format(vnic_id, vm_id, vn_id, vnic_id[:11], mac_addr) os.popen(cmd).read() # chmod 755 /usr/libexec/vdsm/hooks/after_device_create/60_tungsten-fabric # chmod 755 /var/lib/docker/volumes/登录到cirros并检查是否能正常ping通:
# ping 10.0.1.1 # gw-ip # ping 10.0.1.2 # service-ip # ping (cirros ip on different ovirt node) [root@centos163 ~]# ip -o a 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lftforever 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever 21: ovirtmgmt inet 192.168.122.163/24 brd 192.168.122.255 scope global ovirtmgmt\ valid_lft forever preferred_lft forever 21: ovirtmgmt inet6 fe80::5054:ff:fe7b:b7ac/64 scope link \ valid_lftforever preferred_lft forever 25: vhost0 inet 192.168.130.163/24 brd 192.168.130.255 scope global vhost0\ valid_lft forever preferred_lft forever 25: vhost0 inet6 fe80::5054:ff:fecf:54be/64 scope link \ valid_lft forever preferred_lft forever 26: docker0 inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0\ valid_lft forever preferred_lft forever 27: genev_sys_6081 inet6 fe80::c8b:b5ff:fe21:bbed/64 scope link \ valid_lft forever preferred_lft forever 28: pkt0 inet6 fe80::f806:bcff:fe7d:fe28/64 scope link \ valid_lft forever preferred_lft forever 30: tapec01038d-44 inet6 fe80::fc1a:4aff:fe16:105/64 scope link \ valid_lft forever preferred_lft forever [root@centos163 ~]# [root@centos163 ~]# ip route default via 192.168.122.1 dev ovirtmgmt 169.254.0.0/16 dev ovirtmgmt scope link metric 1021 169.254.0.3 dev vhost0 proto 109 scope link 172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 192.168.122.0/24 dev ovirtmgmt proto kernel scope link src 192.168.122.163 192.168.130.0/24 dev vhost0 proto kernel scope link src 192.168.130.163 [root@centos163 ~]# [root@centos163 ~]# ssh cirros@169.254.0.3 The authenticity of host '169.254.0.3 (169.254.0.3)' can't be established. ECDSA key fingerprint is SHA256:HVJoTV0MGH9/T8bIw0aofzX7rCAphKDgts36YAXxpoo. ECDSA key fingerprint is MD5:03:55:f1:dd:53:ed:c9:87:62:fd:e6:3a:bb:59:aa:cc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '169.254.0.3' (ECDSA) to the list of known hosts. cirros@169.254.0.3's password: $ $ ip -o a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1\ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000\ link/ether 00:1a:4a:16:01:05 brd ff:ff:ff:ff:ff:ff 2: eth0 inet 10.0.1.4/24 brd 10.0.1.255 scope global eth0\ valid_lft forever preferred_lft forever 2: eth0 inet6 fe80::21a:4aff:fe16:105/64 scope link \ valid_lft forever preferred_lft forever $ $ ping 10.0.1.3 PING 10.0.1.3 (10.0.1.3): 56 data bytes 64 bytes from 10.0.1.3: seq=0 ttl=64 time=2.855 ms 64 bytes from 10.0.1.3: seq=1 ttl=64 time=1.852 ms ^C --- 10.0.1.3 ping statistics --- 2 packets transmitted, 2 packets received, 0% packet loss round-trip min/avg/max = 1.852/2.353/2.855 ms $ $ ssh 10.0.1.3 Host '10.0.1.3' is not in the trusted hosts file. (ecdsa-sha2-nistp521 fingerprint md5 5f:61:d0:f8:c3:c2:aa:8d:07:95:29:b4:52:aa:06:77) Do you want to continue connecting? (y/n) y cirros@10.0.1.3's password: $ $ ip -o a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1\ link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 1: lo inet 127.0.0.1/8 scope host lo\ valid_lft forever preferred_lft forever 1: lo inet6 ::1/128 scope host \ valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000\ link/ether 00:1a:4a:16:01:04 brd ff:ff:ff:ff:ff:ff 2: eth0 inet 10.0.1.3/24 brd 10.0.1.255 scope global eth0\ valid_lft forever preferred_lft forever 2: eth0 inet6 fe80::21a:4aff:fe16:104/64 scope link \ valid_lft forever preferred_lft forever $以上,我们就实现了oVirt与Tungsten Fabric的集成部署。如有更多问题,请与TF中文社区联系。
