本节介绍了 NSX Advanced Load Balancer 对多个 OpenStack 浮动 IP 的支持。
OpenStack 网络 (Neutron) 中的 L3 API 支持多个浮动 IP 池。在 OpenStack 网络中,浮动 IP 池表示为外部网络,且浮动 IP 从与该外部网络关联的子网进行分配。用于 OpenStack 部署的外部网络可以由企业 IT 内网与面向内联网的外网组合而成。
为虚拟服务 VIP 分配浮动 IP
NSX Advanced Load Balancer 支持为虚拟服务的每个 VIP 各分配一个浮动 IP。在某些客户环境中,可以在带外将多个浮动 IP 与 VIP 相关联。NSX Advanced Load Balancer 会保留所有此类带外浮动 IP 与 VIP 之间的关联,并在 VIP 生命周期内同时管理由 NSX Advanced Load Balancer 分配给 VIP 的浮动 IP。
更新 VIP 地址时,可将带外浮动 IP 从与旧 VIP 关联更改为与新 VIP 关联,从而保留这些浮动 IP。更新或删除 NSX Advanced Load Balancer 分配的浮动 IP 时,将仅修改其与 VIP 的关联,而保留带外浮动 IP 关联。删除 VIP 将释放带外浮动 IP 关联。
为虚拟服务 VIP 配置浮动 IP
通过 NSX Advanced Load Balancer UI,创建具有 NSX Advanced Load Balancer 分配的浮动 IP 的虚拟服务 VIP。
NSX Advanced Load Balancer 屏幕截图显示,Dual-FIP 虚拟服务已创建且处于 100% 正常运行状态。
评估 OpenStack Neutron 浮动 IP 关联。
[root@sivacos ~(keystone_admin)]# neutron net-list +--------------------------------------+------------+------------------------------------------------------+ | id | name | subnets | +--------------------------------------+------------+------------------------------------------------------+ | 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 | | c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 | +--------------------------------------+------------+------------------------------------------------------+ [root@sivacos ~(keystone_admin)]# neutron floatingip-list +--------------------------------------+------------------+---------------------+--------------------------------------+ | id | fixed_ip_address | floating_ip_address | port_id | +--------------------------------------+------------------+---------------------+--------------------------------------+ | 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8 | 10.130.130.6 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 | | 1348f055-8e6c-423f-b628-292d43071d6d | | 192.168.99.14 | | +--------------------------------------+------------------+---------------------+--------------------------------------+ [root@sivacos ~(keystone_admin)]# neutron port-show e8b242b6-aa0a-4a22-b120-d21dd2979f21 +--------------+--------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +--------------+--------------------------------------------------------------------------------------------------------------------------------------------+ | device_id | | | device_owner | neutron:LOADBALANCER | | fixed_ips | {"subnet_id": "4e010951-eb90-43af-9bad-e578f1ac2f77", "ip_address": "10.0.0.8"} | | id | e8b242b6-aa0a-4a22-b120-d21dd2979f21 | | mac_address | fa:16:3e:61:02:14 | | name | avi-vip-vsvip-92fc6977-d856-4427-bc52-6f09c2449d20:cluster-24e1c6db-bba4-409c-b86e-1accf4bebac3:cloud-2f391637-05bf-41c7-9c9c-6908c51c0f4d | | network_id | a6669299-dccb-40a9-a0d2-4608aaea79c0 | | status | DOWN | | tenant_id | 9d50abab12cb40c9a20242407e3f38f6 | ... +--------------+--------------------------------------------------------------------------------------------------------------------------------------------+添加第二个带外浮动 IP。
[root@sivacos ~(keystone_admin)]# neutron floatingip-create lab-ext Created a new floatingip: +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | | | floating_ip_address | 192.168.99.14 | | floating_network_id | 74b6ff07-eb04-44cb-afb9-9f25d03342da | | id | 1348f055-8e6c-423f-b628-292d43071d6d | | port_id | | | router_id | | | status | DOWN | | tenant_id | 9d50abab12cb40c9a20242407e3f38f6 | ... +---------------------+--------------------------------------+ [root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 10.0.0.8 1348f055-8e6c-423f-b628-292d43071d6d e8b242b6-aa0a-4a22-b120-d21dd2979f21 Associated floating IP 1348f055-8e6c-423f-b628-292d43071d6d [root@sivacos ~(keystone_admin)]# neutron floatingip-list +--------------------------------------+------------------+---------------------+--------------------------------------+ | id | fixed_ip_address | floating_ip_address | port_id | +--------------------------------------+------------------+---------------------+--------------------------------------+ | 5ecceb7d-bf68-4a1a-b383-9566a8f4c5d3 | 10.0.0.8 | 10.130.130.6 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 | | 1348f055-8e6c-423f-b628-292d43071d6d | 10.0.0.8 | 192.168.99.14 | e8b242b6-aa0a-4a22-b120-d21dd2979f21 | +--------------------------------------+------------------+---------------------+--------------------------------------+
将浮动 IP 与集群 IP 关联
NSX Advanced Load Balancer 支持将集群 IP 与 NSX Advanced Load Balancer Controller 集群相关联。此外,可在带外将多个浮动 IP 与该集群 IP 相关联。在集群主节点发生更改时,NSX Advanced Load Balancer Controller 会保留所有此类带外浮动 IP 与集群 VIP 之间的关联。更新集群 IP 地址时,可将带外浮动 IP 从与旧 VIP 关联更改为与新 VIP 关联,从而保留这些浮动 IP。删除集群 IP 将释放带外浮动 IP 关联。
[root@sivacos ~(keystone_admin)]# neutron net-list +--------------------------------------+------------+------------------------------------------------------+ | id | name | subnets | +--------------------------------------+------------+------------------------------------------------------+ | 74b6ff07-eb04-44cb-afb9-9f25d03342da | lab-ext | 2f95bbc2-9690-4fa4-935c-0a251153d198 192.168.99.0/24 | | c71d1f1b-429c-4bc0-8029-587138550126 | public-ext | 15046d5d-d26d-4099-9916-2f18aa7de30e 10.130.128.0/18 | +--------------------------------------+------------+------------------------------------------------------+
配置 NSX Advanced Load Balancer Controller 集群 IP
使用 OpenStack Neutron CLI 添加带外浮动 IP
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | | 10.130.130.10 | |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | | 192.168.99.6 | |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron port-show 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id | |
| device_owner | neutron:LOADBALANCER |
| fixed_ips | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.100"} |
| id | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
| mac_address | fa:16:3e:79:fb:cf |
| name | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id | 27bd1f64-5a50-4189-98db-3265809ac71a |
| tenant_id | a6d878c0f7db40bf91ed1226e720460a |
...
+-----------------------+------------------------------------------------------------------------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 2f769d13-e463-46c5-befe-7049ab6d9693 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 2f769d13-e463-46c5-befe-7049ab6d9693
[root@sivacos ~(keystone_admin)]# neutron floatingip-associate --fixed-ip-address 172.24.16.100 562477b5-dbb4-4bff-b7d2-90455230b36d 90b0a7fc-5376-4ddc-9740-18c508a4d7fc
Associated floating IP 562477b5-dbb4-4bff-b7d2-90455230b36d
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.100 | 10.130.130.10 | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.100 | 192.168.99.6 | 90b0a7fc-5376-4ddc-9740-18c508a4d7fc |
+--------------------------------------+------------------+---------------------+--------------------------------------+
更新集群 IP
更新 NSX Advanced Load Balancer Controller 集群配置
[root@sivacos ~(keystone_admin)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 2f769d13-e463-46c5-befe-7049ab6d9693 | 172.24.16.200 | 10.130.130.10 | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
| 562477b5-dbb4-4bff-b7d2-90455230b36d | 172.24.16.200 | 192.168.99.6 | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
+--------------------------------------+------------------+---------------------+--------------------------------------+
[root@sivacos ~(keystone_admin)]# neutron port-show 68c54c6a-e305-4c92-90c0-418240ecf7fd
+-----------------------+------------------------------------------------------------------------------------------------------+
| Field | Value |
+-----------------------+------------------------------------------------------------------------------------------------------+
| device_id | |
| device_owner | neutron:LOADBALANCER |
| fixed_ips | {"subnet_id": "a178c1f1-5cce-4f0a-ac1a-8277e26b085e", "ip_address": "172.24.16.200"} |
| id | 68c54c6a-e305-4c92-90c0-418240ecf7fd |
| mac_address | fa:16:3e:46:e1:c4 |
| name | AviClusterIp:cluster-e5293381-d3ca-4630-8535-5b4071a78482:cloud-14b49755-c9ff-4e1e-8a42-21a1590e3345 |
| network_id | 27bd1f64-5a50-4189-98db-3265809ac71a |
| tenant_id | a6d878c0f7db40bf91ed1226e720460a |
...
+-----------------------+------------------------------------------------------------------------------------------------------+
删除带外浮动 IP
云配置 NSX Advanced Load Balancer UI 中的释放未使用的浮动 IP 地址复选框(与 NSX Advanced Load Balancer CLI 中的 free_floatingips 标记相对应),可决定在删除虚拟服务 VIP 或集群 IP 时是否删除带外浮动 IP。如果激活此复选框,将删除带外浮动 IP;如果不激活,它们会被释放回可用浮动 IP 池中。
释放未使用的浮动 IP 地址
