初识OVN

2024-01-18 23:52:04

1、OVN是什么

OVN(Open Virtual Network)开放虚拟网络,是OVS提供的原生虚拟化网络方案。OVN在OVS现有功能的基础上原生支持虚拟网络抽象,例如虚拟L2,L3覆盖网络以及完全组,诸如DHCP,DNS的服务也是其关注的内容。就像OVS一样,OVN的设计目标是可以大规模运行的高质量生产级实施方案。

OVN由以下组件构成:

  • CMS (Cloud Management System):云管理系统。
  • OVN/CMS Plugin:OVN/CMS插件是CMS的组件OVN的接口。在OpenStack中,这是一个Neutron插件。这个插件的主要目的是翻译CMS逻辑网络配置的概念,存储在CMS的配置数据库是使用特定的CMS格式,转化为一个被OVN理解的中间表示。
  • OVN Northbound DB:OVN北向数据库,接收来之OVN/CMS Plugin的逻辑配置信息,主要包括逻辑交换机,逻辑路由器,ACL等。
  • ovn-northd: 连接OVN北向数据库和OVN南向数据库,主要功能是将北向的逻辑配置信息转换为南向的物理配置信息。
  • OVN SouthBound DB:OVN南向数据库,主要保存来自ovn-northd翻译的网络配置信息。
  • ovn-controller:是OVN在每个节点上的本地SDN控制器。
  • ovs-vswitchd和ovsdb-server:节点上的OVS进程。

OVN架构如下所示:

                                     CMS
                                      |
                                      |
                          +-----------|-----------+
                          |           |           |
                          |     OVN/CMS Plugin    |
                          |           |           |
                          |           |           |
                          |   OVN Northbound DB   |
                          |           |           |
                          |           |           |
                          |       ovn-northd      |
                          |           |           |
                          +-----------|-----------+
                                      |
                                      |
                            +-------------------+
                            | OVN Southbound DB |
                            +-------------------+
                                      |
                                      |
                   +------------------+------------------+
                   |                  |                  |
     HV 1          |                  |    HV n          |
   +---------------|---------------+  .  +---------------|---------------+
   |               |               |  .  |               |               |
   |        ovn-controller         |  .  |        ovn-controller         |
   |         |          |          |  .  |         |          |          |
   |         |          |          |     |         |          |          |
   |  ovs-vswitchd   ovsdb-server  |     |  ovs-vswitchd   ovsdb-server  |
   |                               |     |                               |
   +-------------------------------+     +-------------------------------+

2、OVN如何安装

2.1 通过源码安装

2.1.1 安装OVS

# 1、预装环境依赖
yum -y install systemd-units openssl groff graphviz desktop-file-utils python-twisted python-zope-interface procps-ng checkpolicy libcap-ng libcap-ng-devel unbound unbound-devel
yum -y install python-six selinux-policy-devel python-sphinx
yum -y install make gcc openssl-devel autoconf automake rpm-build redhat-rpm-config perl
yum -y install python-devel kernel-devel kernel-debug-devel libtool wget git python3

# 2、下载项目源码
git clone https://github.com/openvswitch/ovs.git

# 3、Bootstrapping
./boot.sh

# 4、Configuring
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc

# 5、Build
make
make install
make modules_install

2.1.2 安装OVN

# 1、下载项目源码
git clone https://github.com/ovn-org/ovn.git

# 2、Bootstrapping
./boot.sh

# 3、Configuring
./configure --prefix=/usr --localstatedir=/var --sysconfdir=/etc --with-ovs-source=/root/ovs

# 4、Build
make
make install

2.1.3 启动OVS/OVN

# 启动OVS

[root@localhost ovs]# /usr/share/openvswitch/scripts/ovs-ctl start --system-id=random
/etc/openvswitch/conf.db does not exist ... (warning).
Creating empty database /etc/openvswitch/conf.db [ OK ]
Starting ovsdb-server [ OK ]
Configuring Open vSwitch system IDs [ OK ]
Inserting openvswitch module [ OK ]
Starting ovs-vswitchd [ OK ]
Enabling remote OVSDB managers [ OK ]


# 启动OVN

[root@localhost ovn]# /usr/share/ovn/scripts/ovn-ctl start_northd
/etc/ovn/ovnnb_db.db does not exist ... (warning).
Creating empty database /etc/ovn/ovnnb_db.db [ OK ]
Starting ovsdb-nb [ OK ]
/etc/ovn/ovnsb_db.db does not exist ... (warning).
Creating empty database /etc/ovn/ovnsb_db.db [ OK ]
Starting ovsdb-sb [ OK ]
Starting ovn-northd [ OK ]

 

# 启动ovn-controller

[root@localhost ovn]# /usr/share/ovn/scripts/ovn-ctl start_controller
Starting ovn-controller [ OK ]

 

# 设置南北向数据库的监听端口

ovn-nbctl set-connection ptcp:6641:127.0.0.1
ovn-sbctl set-connection ptcp:6642:0.0.0.0

 

# 设置chassis连接到ovn(IP地址根据实际节点的IP信息设置)

ovs-vsctl set open_vswitch . external-ids:ovn-remote=tcp:172.28.110.172:6642
ovs-vsctl set open_vswitch . external-ids:ovn-encap-type=geneve
ovs-vsctl set open_vswitch . external-ids:ovn-encap-ip=172.28.110.172




2.1.4 检查是否安装成功



# 检查OVS是否安装成功


[root@localhost ovn-branch-20.09]# ovs-vsctl -V
ovs-vsctl (Open vSwitch) 2.14.0
DB Schema 8.2.0


 


# 检查OVN是否安装成功


[root@localhost ovn-branch-20.09]# ovn-nbctl -V
ovn-nbctl 20.09.1
Open vSwitch Library 2.14.0
DB Schema 5.27.0



3、OVN初体验


搭建一个最简拓扑,实际使用下OVN,该最简拓扑包括一台逻辑交换机和两台虚机(虚机使用linux的namespace模拟),拓扑如下:


初识OVN


 


 


 



 # 创建逻辑交换机ls


ovn-nbctl ls-add ls


# 创建逻辑交换机端口ls-p1


ovn-nbctl lsp-add ls ls-p1
ovn-nbctl lsp-set-addresses ls-p1 00:00:00:00:00:11


 


# 创建逻辑交换机端口ls-p1


ovn-nbctl lsp-add ls ls-p2
ovn-nbctl lsp-set-addresses ls-p2 00:00:00:00:00:22


 


# 添加vm1


ip netns add vm1
    ip link add vm1 type veth peer name vm1-peer
    ovs-vsctl add-port br-int vm1-peer
    ip link set vm1 netns vm1
    ip netns exec vm1 ip link set vm1 address 00:00:00:00:00:11
    ip netns exec vm1 ip addr add 192.168.1.2/24 dev vm1
    ip netns exec vm1 ip link set vm1 up
    ovs-vsctl set Interface vm1-peer external_ids:iface-id=ls-p1
    ip netns exec vm1 ip r add default via 192.168.1.1
    ip link set vm1-peer up


 


# 添加vm2


ip netns add vm2
    ip link add vm2 type veth peer name vm2-peer
    ovs-vsctl add-port br-int vm2-peer
    ip link set vm2 netns vm2
    ip netns exec vm2 ip link set vm2 address 00:00:00:00:00:22
    ip netns exec vm2 ip addr add 192.168.1.3/24 dev vm2
    ip netns exec vm2 ip link set vm2 up
    ovs-vsctl set Interface vm2-peer external_ids:iface-id=ls-p2
    ip netns exec vm2 ip r add default via 192.168.1.1
    ip link set vm2-peer up


 



 


 验证虚机之间的连通性



# 通过ovn-nbctl查看逻辑网络


[root@localhost ~]# ovn-nbctl show 
switch e9f2556c-7824-46f9-a450-42136522ed91 (ls)
  port ls-p2
            addresses: ["00:00:00:00:00:22"]
      port ls-p1
            addresses: ["00:00:00:00:00:11"]



# 通过ovs-vsctl查看


[root@localhost ~]# ovs-vsctl show
dbb195c6-abc3-497f-acc0-9932d7095800
      Bridge br-int
            fail_mode: secure
            datapath_type: system
            Port vm2-peer
                  Interface vm2-peer
            Port vm1-peer
                  Interface vm1-peer
      ovs_version: "2.14.0"



# 验证vm1与vm2之间的通信
# vm1 ping vm2


[root@localhost ovn-branch-20.09]# ip netns exec vm1 ping 192.168.1.3
PING 192.168.1.3 (192.168.1.3) 56(84) bytes of data.
64 bytes from 192.168.1.3: icmp_seq=1 ttl=64 time=1.07 ms
64 bytes from 192.168.1.3: icmp_seq=2 ttl=64 time=0.176 ms
64 bytes from 192.168.1.3: icmp_seq=3 ttl=64 time=0.078 ms
64 bytes from 192.168.1.3: icmp_seq=4 ttl=64 time=0.084 ms
64 bytes from 192.168.1.3: icmp_seq=5 ttl=64 time=0.079 ms
^C
--- 192.168.1.3 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 0.078/0.298/1.075/0.390 ms


 


# vm2 ping vm1


[root@localhost ovn-branch-20.09]# ip netns exec vm2 ping 192.168.1.2 
PING 192.168.1.2 (192.168.1.2) 56(84) bytes of data.
64 bytes from 192.168.1.2: icmp_seq=1 ttl=64 time=0.644 ms
64 bytes from 192.168.1.2: icmp_seq=2 ttl=64 time=0.100 ms
64 bytes from 192.168.1.2: icmp_seq=3 ttl=64 time=0.100 ms
64 bytes from 192.168.1.2: icmp_seq=4 ttl=64 time=0.087 ms
64 bytes from 192.168.1.2: icmp_seq=5 ttl=64 time=0.065 ms
^C
--- 192.168.1.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4000ms
rtt min/avg/max/mdev = 0.065/0.199/0.644/0.222 ms



 


 

上一篇:Linux高级存储管理

下一篇:Prometheus容器监控环境部署