基本部署

搭建云路由网络的基本流程如下:
  1. 创建二层公有网络,并加载此二层网络到相应集群。
  2. 创建三层公有网络。
  3. 创建二层管理网络,并加载此二层网络到相应集群。
  4. 创建三层管理网络,用于与物理资源通信,例如,物理机、主存储、镜像服务器等。
  5. 添加云路由镜像。
  6. 创建云路由规格。
  7. 创建二层私有网络,并加载此二层网络到相应集群。
  8. 创建云路由类型的三层私有网络。
  9. 使用此私有网络创建云主机,创建云主机过程中会自动创建云路由器,云路由器会提供云路由网络的各种网络服务。
  10. 验证云路由网络连通性。
假定客户环境如下:
  1. 公有网络
    Table 1. 公有网络配置信息
    公有网络 配置信息
    网卡 em01
    VLAN ID 非VLAN
    IP地址段 10.108.10.0~10.108.11.255
    子网掩码 255.0.0.0
    网关 10.0.0.1
    DHCP服务IP 10.108.10.1
  2. 管理网络
    Table 2. 管理网络配置信息
    管理网络 配置信息
    网卡 em02
    VLAN ID 非VLAN
    IP地址段 192.168.29.30~192.168.29.40
    子网掩码 255.255.255.0
    网关 192.168.29.1
    Note:
    • For security and stability reasons, we recommend that you deploy an independent management network and separate it from the public networks.
    • The management network we mentioned here is the same as that in ZStack Private Cloud. That is, the management network is the network used to manage hosts, primary storages, and backup storages. If a management network was created before, you can use it directly.
  3. Private network
    Table 3. 私有网络配置信息
    私有网络 配置信息
    网卡 em01
    VLAN ID 2700
    IP CIDR 192.168.10.0/24
    DHCP服务IP 192.168.10.10
云路由网络架构如Figure 1所示:
Figure 1. 云路由网络架构图


以下介绍搭建云路由网络的实践步骤。

  1. ZStack私有云界面创建L2-公有网络。
    ZStack私有云界面,点击网络资源 > 二层网络资源 > 二层网络,进入二层网络界面,点击创建二层网路,在弹出的创建二层网络界面,参考上述Table 1填写如下:
    • 名称:设置L2-公有网络名称
    • 简介:可选项,可留空不填
    • 类型:选择L2NoVlanNetwork
    • 网卡:em01
    • 集群:选择集群,如Cluster-1
    Figure 2所示,点击确定,创建L2-公有网络。
    Figure 2. 创建L2-公有网络


  2. ZStack私有云界面创建L3-公有网络。
    ZStack私有云界面,点击网络资源 > 三层网络 > 公有网络,进入公有网络界面,点击创建公有网络,在弹出的创建公有网络界面,参考上述Table 1填写如下:
    • 名称:设置L3-公有网络名称
    • 简介:可选项,可留空不填
    • 二层网络:选择已创建的L2-公有网络
    • Stop DHCP server: Choose whether to enable the DHCP service.
      Note:
      • By default, this checkbox is not selected, indicating that the DHCP service is enabled, and IP addresses will be automatically allocated to VM instances. In this case, you can customize a DHCP IP address, or let the system randomly specify a DHCP IP address.
      • If selected, the DHCP service will be disabled, indicating that VM instances that use this network cannot obtain IP addresses automatically, and need to be configured manually with IP addresses. In this case, you cannot customize the DHCP IP address. In addition, the system cannot randomly specify a DHCP IP address.
    • 添加网络段:选择IPv4类型网络地址、IP范围方式
      Note: ZStack支持IPv4、IPv6类型网络地址;可通过IP范围或CIDR方式添加网络段。本教程以IPv4类型网络地址、IP范围方式为例。
    • 起始IP10.108.10.0
    • 结束IP10.108.11.255
    • 子网掩码255.0.0.0
    • 网关10.0.0.1
    • DHCP服务IP:可选项,可按需设置DHCP服务IP
      Note:
      • If you create an L3 network and enable the DHCP service for the first time, or if you add the first IP range for the L3 network of the enabled DHCP service, you can customize the DHCP IP address.
      • If the L3 network has a DHCP IP address, you cannot customize the DHCP IP address when you add an IP range.
      • The DHCP IP address can be included or excluded on the added IP range. However, the DHCP IP address must be within the CIDR to which the added IP range belongs, and must not be occupied.
      • The IP range specified within the start IP address and end IP address cannot contain IP addresses of the link-local address (169.254.0.0/16).
      • If not specified, the system will randomly specify an IP address within the IP range that you added.
    • DNS:可选项,可留空不填,也可设置,如114.114.114.114
    Figure 3所示,点击确定,创建L3-公有网络。
    Figure 3. 创建L3-公有网络




  3. ZStack私有云界面创建L2-管理网络。
    ZStack私有云界面,点击网络资源 > 二层网络资源 > 二层网络,进入二层网络界面,点击创建二层网路,在弹出的创建二层网络界面,参考上述Table 2填写如下:
    • 名称:设置L2-管理网络名称
    • 简介:可选项,可留空不填
    • 类型:选择L2NoVlanNetwork
    • 网卡:em02
    • 集群:选择集群,如Cluster-1
    Figure 4所示,点击确定,创建L2-管理网络。
    Figure 4. 创建L2-管理网络


  4. ZStack私有云界面创建L3-管理网络。
    ZStack私有云界面,点击网络资源 > 三层网络 > 系统网络,进入系统网络界面,点击创建系统网络,在弹出的创建系统网络界面,参考上述Table 2填写如下:
    • 名称:设置L3-管理网络名称
    • 简介:可选项,可留空不填
    • 二层网络:选择已创建的L2-管理网络
    • 添加网络段:选择IP范围
    • 起始IP192.168.29.30
    • 结束IP192.168.29.40
    • 子网掩码255.255.255.0
    • 网关192.168.29.1
    Figure 5所示,点击确定,创建L3-管理网络。
    Figure 5. 创建L3-管理网络


  5. Add a vRouter image.
    In the navigation pane of the ZStack Private Cloud UI, choose Network Resource > vRouter Resource > vRouter Image. On the vRouter Image page, click Add vRouter Image. On the displayed Add vRouter Image page, set the following parameters:
    • Name: Enter a name for the vRouter image.
    • Description: Optional. Enter a description for the vRouter image.
    • Backup Storage: Select a backup storage to store the vRouter image, for example, BS-1.
    • Image URL: Enter a local URL or upload a local file.
      1. URL: Enter the path that can download the vRouter image.
        Note:
        ZStack provides you with dedicated vRouter images. Download the latest vRouter images from ZStack Official Website.
      2. Local file: Upload a vRouter image file that can directly be accessed by the current browser.
        Note:
        • vRouter images can be uploaded to an ImageStore or Ceph backup storage.
        • A local browser will serve as a transmission relay used for uploading vRouter images. Make sure that you do not refresh or stop the current browser, and do not stop your management node. Or otherwise, you will fail to add a vRouter image.
    Click OK. Then, a vRouter image will be added, as shown in Add vRouter Image.
    Figure 6. Add vRouter Image


  6. Create a vRouter offering.
    In the navigation pane of the ZStack Private Cloud UI, choose Network Resource > vRouter Resource > vRouter Offering. On the vRouter Offering page, click Create vRouter Offering. On the displayed Create vRouter Offering page, set the following parameters:
    • Name: Enter a name for the vRouter offering.
    • Description: Optional. Enter a description for the vRouter offering.
    • CPU: Set the CPU count for the vRouter offering. In an actual production environment, we recommend that the CPU count must be greater than 8.
    • Memory: Set the memory size for the vRouter offering. Unit: M | G | T. In an actual production environment, we recommend that the memory size must be greater than 8 G.
    • Image: Select the vRouter image that you added.
      Note: If the L3 public network in the vRouter offering has an IP range with the IPv6 type, when you create a VPC vRouter, you must use the vRouter image of version 3.10.0 and later.
    • Management Network: Select the L3 management network that you created from the network list.
    • L3 Network: Select an L3 network that you created from the network list, including public network and flat network.
      • If the L3 network is a public network, the vRouter or VPC vRouter created from this vRouter offering can provide various network services for vRouter networks and VPC networks.
      • If the L3 network is a public network, the vRouter created from this vRouter offering can provide load balancing network services for flat networks.
      • If the L3 network is a flat network, the vRouter created from this vRouter offering can provide load balancing network services for flat networks.
    Click OK. Then, a vRouter offering will be created, as shown in Create vRouter Offering.
    Figure 7. Create vRouter Offering


  7. ZStack私有云界面创建L2-私有网络(云路由网络)。
    ZStack私有云界面,点击网络资源 > 二层网络资源 > 二层网络,进入二层网络界面,点击创建二层网路,在弹出的创建二层网络界面,参考上述Table 3填写如下:
    • 名称:设置L2-私有网络名称
    • 简介:可选项,可留空不填
    • 类型:选择L2VlanNetwork
    • Vlan ID:2700
    • 网卡:em01
    • 集群:选择集群,如Cluster-1
    Figure 8所示,点击确定,创建L2-私有网络。
    Figure 8. 创建L2-私有网络


  8. ZStack私有云界面创建L3-私有网络(云路由网络)。
    ZStack私有云界面,点击网络资源 > 三层网络 > 私有网络,进入私有网络界面,点击创建私有网络,在弹出的创建私有网络界面,参考上述Table 3填写如下:
    • 名称:设置L3-私有网络名称
    • 简介:可选项,可留空不填
    • 二层网络:选择已创建的L2-私有网络
    • Stop DHCP server: Choose whether to enable the DHCP service.
      Note:
      • By default, this checkbox is not selected, indicating that the DHCP service is enabled, and IP addresses will be automatically allocated to VM instances. In this case, you can customize a DHCP IP address, or let the system randomly specify a DHCP IP address.
      • If selected, the DHCP service will be disabled, indicating that VM instances that use this network cannot obtain IP addresses automatically, and need to be configured manually with IP addresses. In this case, you cannot customize the DHCP IP address. In addition, the system cannot randomly specify a DHCP IP address.
    • 网络类型选择云路由网络
    • 云路由规格:选择已创建的云路由规格
    • 添加网络段:选择CIDR方式
    • CIDR192.168.10.0/24
    • DHCP服务IP:可选项,可按需设置DHCP服务IP
      Note:
      • If you create an L3 network and enable the DHCP service for the first time, or if you add the first network range for the L3 network of the enabled DHCP service, you can customize the DHCP IP address.
      • If the L3 network has a DHCP IP address, you cannot customize the DHCP IP address when you add the IP range.
      • The DHCP IP address can be included or excluded on the IP range that you added. However, the DHCP IP address must not be in conflict with the current CIDR.
      • If not specified, the system will randomly specify an IP address within the added IP range.
      • The first IP address in a CIDR is deemed as a gateway by default, and cannot serve as a DHCP IP address.
    • DNS:可选项,可留空不填,也可设置,如114.114.114.114
    Figure 9所示,点击确定,创建L3-私有网络。
    Figure 9. 创建L3-私有网络




  9. 使用云路由网络创建私有云云主机。
    ZStack私有云界面,点击云资源池 > 云主机,进入云主机界面,点击创建云主机,在弹出的创建云主机界面,可参考以下示例输入相应内容(以创建单个云主机为例):
    • 添加方式:单个
      Note: 如需批量创建云主机,请选择多个,并输入需批量创建云主机的数量。
    • 名称:设置私有云云主机名称,例如VM-1
    • 简介:可选项,可留空不填
    • 计算规格:选择已创建的计算规格
    • 镜像:选择已添加的镜像
    • 网络:选择IPv4网络地址类型的云路由网络
    Figure 10所示,点击 确定,创建私有云云主机。
    Figure 10. 创建私有云云主机


  10. 使用云路由网络创建私有云云主机过程中,系统会自动创建云路由器。云路由器会提供云路由网络的各种网络服务。
  11. 验证云路由网络连通性。
    • 公网连通性验证:
      登录VM-1,检查是否能够ping通公网,如Figure 11所示:
      Figure 11. VM-1 ping通公网


    • 内网连通性验证:
      1. 使用该云路由网络创建另一台私有云云主机,例如VM-2。
      2. 登录VM-1,检查是否能够ping通VM-2,如Figure 12所示:
        Figure 12. VM-1 ping通 VM-2


      3. 登录VM-2,检查是否能够ping通VM-1,如Figure 13所示:
        Figure 13. VM-2 ping通 VM-1


    至此,云路由网络的基本部署实践介绍完毕。