子网入网¶
子网入网功能允许您将已在子网池外部创建的现有子网移动到现有的子网池中。这使您能够开始使用子网池和地址范围,即使您尚未从子网池分配现有子网。它还允许您在子网池之间移动单个子网,从而在地址范围之间移动它们。
工作原理¶
子网池的一个基本约束是,同一网络上的相同地址族(IPv4、IPv6)的所有子网必须从同一个子网池分配。由于此约束,子网必须以网络级别为组移动或“入网”到子网池,而不是单独处理。因此,子网入网需要用户提供子网(们)关联的网络 UUID,以及执行操作的目标子网池 UUID。
我的环境是否支持子网入网?¶
要测试您的环境是否支持子网入网,请执行以下命令
$ openstack extension list --network -c Alias -c Description | grep subnet_onboard
| subnet_onboard | Provides support for onboarding subnets into subnet pools
从 Stein 版本开始,ML2 插件中存在对子网入网的支持。如果您需要子网入网但当前环境不支持它,请考虑升级到支持子网入网的版本。在使用 Neutron 的第三方插件时,请咨询插件供应商有关对子网入网的支持情况。
演示¶
假设管理员在其环境中有一个现有的提供商网络,该网络是在不从子网池分配其子网的情况下创建的。
$ openstack network list
+--------------------------------------+----------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+----------------+--------------------------------------+
| f643a4f5-f8d3-4325-b1fe-6061a9af0f07 | provider-net-1 | 5153cab7-7ab6-4956-8466-39aa85dccc9a |
+--------------------------------------+----------------+--------------------------------------+
$ openstack subnet show 5153cab7-7ab6-4956-8466-39aa85dccc9a
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.0.2-192.168.7.254 |
| cidr | 192.168.0.0/21 |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.0.1 |
| host_routes | |
| id | 5153cab7-7ab6-4956-8466-39aa85dccc9a |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| network_id | f643a4f5-f8d3-4325-b1fe-6061a9af0f07 |
| prefix_length | None |
| project_id | 7b80998e5e044cee91c1cdb2e9c63afd |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2019-03-13T18:24:37Z |
+-------------------+--------------------------------------+
管理员创建了一个名为 routable-prefixes 的子网池,并希望将与网络 provider-net-1 关联的子网入网。管理员现在希望使用子网池管理提供商网络的地址空间,但这些提供商网络使用的前缀不在子网池或地址范围的管理之下。
$ openstack subnet pool list
+--------------------------------------+-------------------+--------------+
| ID | Name | Prefixes |
+--------------------------------------+-------------------+--------------+
| d05e9f61-248c-43f2-98f4-5142570127e1 | routable-prefixes | 10.10.0.0/16 |
+--------------------------------------+-------------------+--------------+
$ openstack subnet pool show routable-prefixes
+-------------------+--------------------------------+
| Field | Value |
+-------------------+--------------------------------+
| address_scope_id | None |
| created_at | 2019-03-102T05:45:01Z |
| default_prefixlen | 26 |
| default_quota | None |
| description | Routable prefixes for projects |
| headers | |
| id | d3aefb76-2527-43d4-bc21-0ec253 |
| | 908545 |
| ip_version | 4 |
| is_default | False |
| max_prefixlen | 32 |
| min_prefixlen | 8 |
| name | routable-prefixes |
| prefixes | 10.10.0.0/16 |
| project_id | cfd1889ac7d64ad891d4f20aef9f8d |
| | 7c |
| revision_number | 1 |
| shared | True |
| tags | [] |
| updated_at | 2019-03-10T05:45:01Z |
+-------------------+--------------------------------+
管理员可以使用以下命令将这些子网纳入子网池的管理
$ openstack network onboard subnets provider-net-1 routable-prefixes
provider-net-1 上的子网现在应该都已更新其 subnetpool_id,以匹配 routable-prefixes 子网池的 UUID
$ openstack subnet show 5153cab7-7ab6-4956-8466-39aa85dccc9a
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 192.168.0.2-192.168.7.254 |
| cidr | 192.168.0.0/21 |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.0.1 |
| host_routes | |
| id | 5153cab7-7ab6-4956-8466-39aa85dccc9a |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| network_id | f643a4f5-f8d3-4325-b1fe-6061a9af0f07 |
| prefix_length | None |
| project_id | 7b80998e5e044cee91c1cdb2e9c63afd |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | d3aefb76-2527-43d4-bc21-0ec253908545 |
| updated_at | 2019-03-13T18:24:37Z |
+-------------------+--------------------------------------+
子网池现在也会在其前缀列表中显示入网的前缀
$ openstack subnet pool show routable-prefixes
+-------------------+--------------------------------+
| Field | Value |
+-------------------+--------------------------------+
| address_scope_id | None |
| created_at | 2019-03-102T05:45:01Z |
| default_prefixlen | 26 |
| default_quota | None |
| description | Routable prefixes for projects |
| headers | |
| id | d3aefb76-2527-43d4-bc21-0ec253 |
| | 908545 |
| ip_version | 4 |
| is_default | False |
| max_prefixlen | 32 |
| min_prefixlen | 8 |
| name | routable-prefixes |
| prefixes | 10.10.0.0/16, 192.168.0.0/21 |
| project_id | cfd1889ac7d64ad891d4f20aef9f8d |
| | 7c |
| revision_number | 1 |
| shared | True |
| tags | [] |
| updated_at | 2019-03-12T13:11:037Z |
+-------------------+--------------------------------+
