本节介绍了在无权访问模式下部署控制器集群的步骤。
对于 OpenStack 无权访问云类型,您需要使用以下命令手动配置 AAP 条目。
root@openstack-mitaka:/root# openstack port set --allowed--address ip-address=172.16.0.133 Controller_Port
例如,
root@openstack-mitaka:/root# openstack port set --allowed--address ip-address=172.16.0.133 d0bf0bda-02e2-46bf-abd2-0d05cc4654df
root@openstack-mitaka:/root# openstack port show d0bf0bda-02e2-46bf-abd2-0d05cc4654df
+-------------------------------+-----------------------------------------------------------------------------------+
| Field | Value |
+--------------------------+----------------------------------------------------------------------------------------+
| admin_state_up | True |
| allowed_address_pairs | {"ip_address": "172.16.0.131", "mac_address": "fa:16:3e:47:6b:70"} |
| binding:host_id | openstack-mitaka |
| binding:profile | {} |
| binding:vif_details | {"port_filter": true} |
| binding:vif_type | bridge |
| binding:vnic_type | normal |
| created_at | 2018-01-12T13:58:02 |
| description | |
| device_id | 2adedfc3-75d6-4296-ad18-bfc38873485c |
| device_owner | compute:nova |
| extra_dhcp_opts | |
| fixed_ips | {"subnet_id": "5785c1cf-a222-4b0a-9343-003153f37a65", "ip_address": "172.16.0.133"} |
| id | d0bf0bda-02e2-46bf-abd2-0d05cc4654df |
| mac_address | fa:16:3e:47:6b:70 |
| name | |
| network_id | dd9dab27-9228-4765-96f2-d56194136ba0 |
| port_security_enabled | True |
| security_groups | 3cc1092e-538c-4ff7-b4ac-eeff84731f75 |
| status | ACTIVE |
| tenant_id | 904fb201a92f443297bffca3b354d52d |
| updated_at | 2018-01-12T14:19:06 |
+--------------------------+----------------------------------------------------------------------------------------+
使用以下命令为 VIP 创建 Neutron 端口:
openstack port create --network "neutron_network_name" --allowed-address mac-address="fa:16:3e:52:81:03",ip-address="172.16.0.63" --allowed-address mac-address="fa:16:3e:52:81:04",ip-address="172.16.0.64" --allowed-address mac-address="fa:16:3e:52:81:06",ip-address="172.16.0.66" --fixed-ip ip-address="172.16.0.65" --project "904fb201a92f443297bffca3b354d52d"
例如,
openstack port create --network "neutron_network_name" --allowed-address mac-address="controller_mac1",ip-address="controller_ip1" --allowed-address mac-address="controller_mac2",ip-address="controller_ip2" --allowed-address mac-address="controller_mac3",ip-address="controller_ip3" --fixed-ip ip-address="cluster_ip" --project "project-id"
注:
在主控制器发生故障(或重新引导)时,从属控制器将接管集群 IP(此处为 172.16.0.65),并且浮动 IP (10.130.170.86) 和集群 IP (172.16.0.65) 之间的映射不会发生变化。因此,在没有干预的情况下,浮动 IP 和集群 IP 关联将正常工作。
