Why is IPAM important for Neutron?

•No VM connectivity without a valid IP assigned
•Duplicate subnets/IPs in shared or routable space are disastrous
Especially relevant when using provider networks
•Allocation of subnets for large scale deployments can be difficult and time consuming
Especially for Tenants using non-overlapping addresses
Errors in address planning and quota allocation are difficult to reverse
•Users have multiple/heterogeneous environments
Rrack IPs/subnets across multiple clusters
Reclaim IPs/subnets that are no longer in use
 
 

Subnet Allocation 

•What was introduced in Kilo?
̶Subnet Pool - Range of addresses from which subnets may be allocated
-May be exclusive to a tenant or shared
-Enforces a quota for shared pools
-Simplifies centralized management of subnet allocations to tenants
-Example: 10.0.0.0/16 from which smaller subnets (/20, /23, /24, etc.) are allocated
•How does it work?
̶Pools can be managed via the API or neutron client
̶Optionally specify a pool when allocating a subnet
-Leave out the CIDR and just pass a prefix length (or use the default prefix length)
-Specify a CIDR if you want, as long as it fits in the pool without overlap

1. 创建一个subnet pool,一共256个IP,203.0.113.0/24

admin> neutron subnetpool-create --shared --pool-prefix 203.0.113.0/24 \

           --default-prefixlen 26 demo-subnetpool4

Created a new subnetpool:

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| default_prefixlen | 26                                   |

| default_quota     |                                      |

| id                | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| ip_version        | 4                                    |

| max_prefixlen     | 32                                   |

| min_prefixlen     | 8                                    |

| name              | demo-subnetpool4                     |

| prefixes          | 203.0.113.0/24                       |

| shared            | True                                 |

| tenant_id         | c597484841ff4a8785804c62ba81449b     |

+-------------------+--------------------------------------+
$ neutron subnetpool-list

+---------+------------------+------------------------------------+-------------------+

| id      | name             | prefixes                           | default_prefixlen |

+---------+------------------+------------------------------------+-------------------+

| 670e... | demo-subnetpool4 | [u'203.0.113.0/24']                | 26                |

| 7b69... | demo-subnetpool  | [u'2001:db8:1:2', u'2001:db8:1:2'] | 64                |

+---------+------------------+------------------------------------+-------------------+

2. subnet 32-25=7, 2^7=128个IP, 已经分配出的IP subnet不能再分配了, Subnet pool之外的ip不能分配

$ neutron subnet-create --name demo-subnet1 --ip_version 4 \

      --subnetpool demo-subnetpool4 demo-network1

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| id                | 6e38b23f-0b27-4e3c-8e69-fd23a3df1935 |

| ip_version        | 4                                    |

| cidr              | 203.0.113.0/26                       |

| name              | demo-subnet1                         |

| network_id        | b5b729d8-31cc-4d2c-8284-72b3291fec02 |

| subnetpool_id     | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| tenant_id         | a8b3054cc1214f18b1186b291525650f     |

+-------------------+--------------------------------------+

3. 再分配一个128个ip的subnet,这时pool的ip分配完了。

4. 再从该pool分配失败,

5. 再从该pool中分配时,自动找到合适的ip段。

增加pool的ip池,只能增大不能减小,而且可以添加其他断的subnet ip。

admin> neutron subnetpool-update --pool-prefix 203.0.113.0/24 \

           --pool-prefix 198.51.100.0/24 demo-subnetpool4

Updated subnetpool: demo-subnetpool4

admin> neutron subnetpool-show demo-subnetpool4

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| default_prefixlen | 26                                   |

| default_quota     |                                      |

| id                | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| ip_version        | 4                                    |

| max_prefixlen     | 32                                   |

| min_prefixlen     | 8                                    |

| name              | demo-subnetpool4                     |

| prefixes          | 198.51.100.0/24                      |

|                   | 203.0.113.0/24                       |

| shared            | True                                 |

| tenant_id         | c597484841ff4a8785804c62ba81449b     |

+-------------------+--------------------------------------+

http://blog.episodicgenius.com/post/neutron-subnet-pools/

http://www.slideshare.net/carlbaldwin/subnet-pools-and-pluggable-ipam

http://docs.openstack.org/developer/neutron/devref/address_scopes.html

Neutron Address Scopes

则位于subnetpool之上,可以用来控制哪些IP不走NAT出去,而是直接连到外网上的。

创建一个address scopes:

admin> neutron address-scope-create --shared address-scope-ip4 4

Created a new address_scope:

+------------+--------------------------------------+

| Field      | Value                                |

+------------+--------------------------------------+

| id         | 97702525-e145-40c8-8c8f-d415930d12ce |

| ip_version | 4                                    |

| name       | address-scope-ip4                    |

| shared     | True                                 |

+------------+--------------------------------------+

在该address scopes之中创建一个subnetpool:

admin> neutron subnetpool-create --address-scope address-scope-ip4 \

       --shared --pool-prefix 203.0.113.0/21 --default-prefixlen 26 \

       subnet-pool-ip4

Created a new subnetpool:

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| address_scope_id  | 97702525-e145-40c8-8c8f-d415930d12ce |

| default_prefixlen | 26                                   |

| id                | e2c4f12d-307f-4616-a4df-203a45e6cb7f |

| ip_version        | 4                                    |

| name              | subnet-pool-ip4                      |

| prefixes          | 203.0.112.0/21                       |

| shared            | True                                 |

+-------------------+--------------------------------------+

Subnet Pools and Address Scopes的更多相关文章

  1. subnetting and the subnet mask

    原文:https://www.techopedia.com/6/28587/internet/8-steps-to-understanding-ip-subnetting/5 Step 4 - Sub ...

  2. dhcpsrv:windows系统的优秀开源免费dhcp serve软件

    概述: 官方网站 :http://www.dhcpserver.de/ 写博客时的可免费下载版本  2.52, 或者在cnblogs 本地下载 --========================== ...

  3. 我非要捅穿这 Neutron(三)架构分析与代码实现篇(基于 OpenStack Rocky)

    目录 文章目录 目录 Neutron 的软件架构分析与实现 Neutron Server 启动流程 获取 WSGI Application Core API & Extension API C ...

  4. 云计算管理平台之OpenStack网络服务neutron

    一.简介 neutron的主要作用是在openstack中为启动虚拟机实例提供网络服务,对于neutron来讲,它可以提供两种类型的网络:第一种是provider network,这种网络就是我们常说 ...

  5. OpenStack-Ocata版+CentOS7.6 云平台环境搭建 —7.网络服务Neutron配置

    网络服务Neutron本章节结束如何安装并配置网络服务(neutron)采用:ref:`provider networks <network1>`或:ref:`self-service n ...

  6. CentOS7.4安装部署openstack [Liberty版] (一)

    一.OpenStack简介 OpenStack是一个由NASA(美国国家航空航天局)和Rackspace合作研发并发起的,以Apache许可证授权的自由软件和开放源代码项目. OpenStack是一个 ...

  7. CentOS7安装OpenStack(Rocky版)-06.安装Neutron网络服务(控制节点)

    上一章介绍了独立的nova计算节点的安装方法,本章分享openstack的网络服务neutron的安装配制方法 ------------------- 完美的分割线 ----------------- ...

  8. OpenStack(queens)最小化搭建记录——控制与计算共两个节点

    境: 2台安装了centos7-minimal的主机 ip地址: 10.132.226.103/24 (controller) 10.132.226.104/24 (compute1) 1.配置主机名 ...

  9. OpenStack Network --- introduction部分 阅读笔记

    Basic Networking 1.混杂模式(promiscuous mode):当网卡被配置为混杂模式时,它们会将所有的frame传递给操作系统,即使MAC地址不匹配. 2.交换机(switch) ...

随机推荐

  1. 匿名函数块级作用域以及在JQuery中的应用

    最近经常回在群里面看到有些朋友问如下这样的js写法该如何理解的的问题,虽然可能对匿名函数有些理解,但是有时候看到JQuery源码或者其他JS库中同样的写法时,就有点不理解了,今天再次分享下这方面的知识 ...

  2. nginx反向代理做cache配置

    前序:请耐性子看完,前面的这个配置可以达到按后缀名进行缓存,但无法被purge.后面的配置可以被purge.具体实施方案按个人情况而定. 需要第三方的ngx_cache_purge模块:wget ht ...

  3. cobbler+koan

    cobbler+koan自动重装客户机   koan是kickstart-over-a-network的缩写,它是cobbler的客户端帮助程序,koan允许你通过网络提供虚拟机,也允许你重装已经存在 ...

  4. 【Atheros】Iperf性能测试的问题小结

    1. Iperf用文件作为数据源无效的问题 2. 在代码中修改iperf数据,iperf无法收到,但在mac层能拿到数据 3. TCP发不出去包的问题 1. Iperf用文件作为数据源无效的问题 Ip ...

  5. PHP如何进阶,提升自己

    2017年6月15日14:32:51 今天看今日头条,刷到了一个话题?是:整天增删改查调接口,PHP程序员,如何突破职业瓶颈晋级? 晋级包括:职位晋级:技术能力晋级.当你的技术能力晋级了,职位晋级也就 ...

  6. (转)linux设备驱动之USB数据传输分析 一

    三:传输过程的实现说到传输过程,我们必须要从URB开始说起,这个结构的就好比是网络子系统中的skb,好比是I/O中的bio.USB系统的信息传输就是打成URB结构,然后再过行传送的.URB的全称叫US ...

  7. java.lang.IllegalStateException: ImageView no longer exists. You should not use this PhotoViewAttacher any more.

    java.lang.IllegalStateException: ImageView no longer exists. You should not use this PhotoViewAttach ...

  8. java中业务接口

    今天写完业务层在抽取接口的时候脑子里突然产生了一个问题:抽取接口到底有什么用呢? 在刚刚学习接口的时候知道接口是为了实现java的多继承,但是现在每一个业务类都要抽取一个接口,每当该类需要增加方法的时 ...

  9. task19-21

    [说明]理想是丰满的,现实很骨感,昨天还说今天有望干掉5个小任务,看来是没可能了,兜兜转转地做了一天也才完成下面的这些 一:今日完成 19.学习Spring,配置Spring和Junit 1)先安装一 ...

  10. 学习Sharding JDBC 从入门到出门-1

    感觉大神已经写好了,自己膜拜下下, 送上大神地址:http://www.cnblogs.com/zhongxinWang/p/4262650.html 这篇博客主要是理论的说明了什么是分库分表,路由等 ...