Why is IPAM important for Neutron?

•No VM connectivity without a valid IP assigned
•Duplicate subnets/IPs in shared or routable space are disastrous
Especially relevant when using provider networks
•Allocation of subnets for large scale deployments can be difficult and time consuming
Especially for Tenants using non-overlapping addresses
Errors in address planning and quota allocation are difficult to reverse
•Users have multiple/heterogeneous environments
Rrack IPs/subnets across multiple clusters
Reclaim IPs/subnets that are no longer in use
 
 

Subnet Allocation 

•What was introduced in Kilo?
̶Subnet Pool - Range of addresses from which subnets may be allocated
-May be exclusive to a tenant or shared
-Enforces a quota for shared pools
-Simplifies centralized management of subnet allocations to tenants
-Example: 10.0.0.0/16 from which smaller subnets (/20, /23, /24, etc.) are allocated
•How does it work?
̶Pools can be managed via the API or neutron client
̶Optionally specify a pool when allocating a subnet
-Leave out the CIDR and just pass a prefix length (or use the default prefix length)
-Specify a CIDR if you want, as long as it fits in the pool without overlap

1. 创建一个subnet pool,一共256个IP,203.0.113.0/24

admin> neutron subnetpool-create --shared --pool-prefix 203.0.113.0/24 \

           --default-prefixlen 26 demo-subnetpool4

Created a new subnetpool:

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| default_prefixlen | 26                                   |

| default_quota     |                                      |

| id                | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| ip_version        | 4                                    |

| max_prefixlen     | 32                                   |

| min_prefixlen     | 8                                    |

| name              | demo-subnetpool4                     |

| prefixes          | 203.0.113.0/24                       |

| shared            | True                                 |

| tenant_id         | c597484841ff4a8785804c62ba81449b     |

+-------------------+--------------------------------------+
$ neutron subnetpool-list

+---------+------------------+------------------------------------+-------------------+

| id      | name             | prefixes                           | default_prefixlen |

+---------+------------------+------------------------------------+-------------------+

| 670e... | demo-subnetpool4 | [u'203.0.113.0/24']                | 26                |

| 7b69... | demo-subnetpool  | [u'2001:db8:1:2', u'2001:db8:1:2'] | 64                |

+---------+------------------+------------------------------------+-------------------+

2. subnet 32-25=7, 2^7=128个IP, 已经分配出的IP subnet不能再分配了, Subnet pool之外的ip不能分配

$ neutron subnet-create --name demo-subnet1 --ip_version 4 \

      --subnetpool demo-subnetpool4 demo-network1

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| id                | 6e38b23f-0b27-4e3c-8e69-fd23a3df1935 |

| ip_version        | 4                                    |

| cidr              | 203.0.113.0/26                       |

| name              | demo-subnet1                         |

| network_id        | b5b729d8-31cc-4d2c-8284-72b3291fec02 |

| subnetpool_id     | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| tenant_id         | a8b3054cc1214f18b1186b291525650f     |

+-------------------+--------------------------------------+

3. 再分配一个128个ip的subnet,这时pool的ip分配完了。

4. 再从该pool分配失败,

5. 再从该pool中分配时,自动找到合适的ip段。

增加pool的ip池,只能增大不能减小,而且可以添加其他断的subnet ip。

admin> neutron subnetpool-update --pool-prefix 203.0.113.0/24 \

           --pool-prefix 198.51.100.0/24 demo-subnetpool4

Updated subnetpool: demo-subnetpool4

admin> neutron subnetpool-show demo-subnetpool4

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| default_prefixlen | 26                                   |

| default_quota     |                                      |

| id                | 670eb517-4fd3-4dfc-9bed-da2f99f85c7a |

| ip_version        | 4                                    |

| max_prefixlen     | 32                                   |

| min_prefixlen     | 8                                    |

| name              | demo-subnetpool4                     |

| prefixes          | 198.51.100.0/24                      |

|                   | 203.0.113.0/24                       |

| shared            | True                                 |

| tenant_id         | c597484841ff4a8785804c62ba81449b     |

+-------------------+--------------------------------------+

http://blog.episodicgenius.com/post/neutron-subnet-pools/

http://www.slideshare.net/carlbaldwin/subnet-pools-and-pluggable-ipam

http://docs.openstack.org/developer/neutron/devref/address_scopes.html

Neutron Address Scopes

则位于subnetpool之上,可以用来控制哪些IP不走NAT出去,而是直接连到外网上的。

创建一个address scopes:

admin> neutron address-scope-create --shared address-scope-ip4 4

Created a new address_scope:

+------------+--------------------------------------+

| Field      | Value                                |

+------------+--------------------------------------+

| id         | 97702525-e145-40c8-8c8f-d415930d12ce |

| ip_version | 4                                    |

| name       | address-scope-ip4                    |

| shared     | True                                 |

+------------+--------------------------------------+

在该address scopes之中创建一个subnetpool:

admin> neutron subnetpool-create --address-scope address-scope-ip4 \

       --shared --pool-prefix 203.0.113.0/21 --default-prefixlen 26 \

       subnet-pool-ip4

Created a new subnetpool:

+-------------------+--------------------------------------+

| Field             | Value                                |

+-------------------+--------------------------------------+

| address_scope_id  | 97702525-e145-40c8-8c8f-d415930d12ce |

| default_prefixlen | 26                                   |

| id                | e2c4f12d-307f-4616-a4df-203a45e6cb7f |

| ip_version        | 4                                    |

| name              | subnet-pool-ip4                      |

| prefixes          | 203.0.112.0/21                       |

| shared            | True                                 |

+-------------------+--------------------------------------+

Subnet Pools and Address Scopes的更多相关文章

  1. subnetting and the subnet mask

    原文:https://www.techopedia.com/6/28587/internet/8-steps-to-understanding-ip-subnetting/5 Step 4 - Sub ...

  2. dhcpsrv:windows系统的优秀开源免费dhcp serve软件

    概述: 官方网站 :http://www.dhcpserver.de/ 写博客时的可免费下载版本  2.52, 或者在cnblogs 本地下载 --========================== ...

  3. 我非要捅穿这 Neutron(三)架构分析与代码实现篇(基于 OpenStack Rocky)

    目录 文章目录 目录 Neutron 的软件架构分析与实现 Neutron Server 启动流程 获取 WSGI Application Core API & Extension API C ...

  4. 云计算管理平台之OpenStack网络服务neutron

    一.简介 neutron的主要作用是在openstack中为启动虚拟机实例提供网络服务,对于neutron来讲,它可以提供两种类型的网络:第一种是provider network,这种网络就是我们常说 ...

  5. OpenStack-Ocata版+CentOS7.6 云平台环境搭建 —7.网络服务Neutron配置

    网络服务Neutron本章节结束如何安装并配置网络服务(neutron)采用:ref:`provider networks <network1>`或:ref:`self-service n ...

  6. CentOS7.4安装部署openstack [Liberty版] (一)

    一.OpenStack简介 OpenStack是一个由NASA(美国国家航空航天局)和Rackspace合作研发并发起的,以Apache许可证授权的自由软件和开放源代码项目. OpenStack是一个 ...

  7. CentOS7安装OpenStack(Rocky版)-06.安装Neutron网络服务(控制节点)

    上一章介绍了独立的nova计算节点的安装方法,本章分享openstack的网络服务neutron的安装配制方法 ------------------- 完美的分割线 ----------------- ...

  8. OpenStack(queens)最小化搭建记录——控制与计算共两个节点

    境: 2台安装了centos7-minimal的主机 ip地址: 10.132.226.103/24 (controller) 10.132.226.104/24 (compute1) 1.配置主机名 ...

  9. OpenStack Network --- introduction部分 阅读笔记

    Basic Networking 1.混杂模式(promiscuous mode):当网卡被配置为混杂模式时,它们会将所有的frame传递给操作系统,即使MAC地址不匹配. 2.交换机(switch) ...

随机推荐

  1. Hadoop-2.6.0上调用C的API实现相似云盘的功能

    Hadoop-2.6.0上调用C的API实现类似云盘的功能(上传.下载.删除,重命名) 測试系统:CentOS6.6, hadoop-2.6.0 本次測试是调用hadoop下的C的API来訪问HDFS ...

  2. 出现windows启动服务失败(无法从命令行或调试器启动,需要安装InstallUtil.exe)的解决办法

    两种方法1 从命令行安装2 选择项目-视图-自定义操作   然后将 安装,提交,回滚,卸载分别加入自定义操作,注意InstallClass属性为true

  3. Google Code Jam 2014 Round 1 A:Problem B. Full Binary Tree

    Problem A tree is a connected graph with no cycles. A rooted tree is a tree in which one special ver ...

  4. linux下tomcat6无法显示图片验证码 少了图形插件

    linux下tomcat6无法显示图片验证码(windows下显示正常) 原创 2015年10月20日 10:31:47 3526 linux下tomcat6无法显示图片验证码(windows下显示正 ...

  5. 使用 cacti 批量监控服务器以及其 PHP 运作环境配置

    http://www.ibm.com/developerworks/cn/linux/l-cn-cacti/ http://www.360doc.com/content/12/0711/22/1465 ...

  6. 线程池 http请求

    package com.aibi.cmdc.test; import java.io.BufferedReader; import java.io.InputStream; import java.i ...

  7. Linux守护进程简单介绍和实例具体解释

    Linux守护进程简单介绍和实例具体解释 简单介绍 守护进程(Daemon)是执行在后台的一种特殊进程.它独立于控制终端而且周期性地执行某种任务或等待处理某些发生的事件.守护进程是一种非常实用的进程. ...

  8. ASP.NET动态网站制作(22)-- ADO.NET(1)

    前言:这节课开始真正地学习WEB开发,ADO.NET就是一组允许.NET开发人员使用标准的.机构化的,甚至无连接的方式与数据交互的技术.所属的类库为:System.Data.dll. 内容: 1.AD ...

  9. js父页面和子页面之间传值

    今天和朋友一块讨论,怎样通过js在父页面和子页面之间传值的问题,总结例如以下: 需求描写叙述:父页面有多个子页面.实如今父页面点击子页面,传值到子页面. 看着非常easy,试了好久.主要纠结在怎样获取 ...

  10. Unity3d 中文菜单