openstack DVR (pike)

千家信息网最后更新 2025年12月03日openstack DVR (pike)1 说明
在openstack传统的集中式路由环境下，南北流量和跨网络的东西流量都要经过网络节点，当计算节点规模越来越大的时候，网络节点很快会成为整个系统的瓶颈，为解决这个问题引入了Distribute Virtual Router (DVR)的概念。
DVR是将路由分布到计算节点，南北流量和跨网段的东西流量由虚机所在计算节点上的虚拟路由进行路由。
2 DVR结构图


3 DVR配置
本文采用的网络方案是openvswitch vxlan


3.1 控制节点配置
/etc/neutron/neutron.conf添加如下配置
[DEFAULT]
router_distributed = True
重启neutron-server
systemc restart neutron-server.service
3.2 网络节点配置
/etc/neutron/plugins/ml2/ml2_conf.ini中添加如下配置
[agent]
l2_population = True
enable_distributed_routing = True
apr_responder = True
/etc/neutron/plugins/ml2/openvswitch_agent.ini中添加如下配置
[default]
enable_distributed_routing = True
重启neutron-openvswitch-agent,neutron-l3-agent
systemctl restart neutron-openvswitch-agent neutron-l3-agent
3.3计算节点配置
计算节点中安装如下软件openstack-neutron，openstack-neutron-ml2
yum install -y openstack-neutron openstack-neutron-ml2


/etc/neutron/l3_agent.ini 中添加如下配置
[default]
agent_mode = dvr_snat
/etc/neutron/plugins/ml2/ml2_conf.ini中添加如下配置
[agent]
l2_population = True
enable_distributed_routing = True
/etc/neutron/plugins/ml2/openvswitch_agent.ini中添加如下配置
[default]
enable_distributed_routing = True
apr_responder = True
重启neutron-openvswitch-agent,neutron-l3-agent
systemctl restart neutron-openvswitch-agent neutron-l3-agent
查看安装的network agent
[root@network ~]# openstack network agent list
+--------------------------------------+--------------------+---------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+---------+-------------------+-------+-------+---------------------------+
| 77717425-5a8f-494d-a144-8d1831e7d5de | Metadata agent | network | None | :-) | UP | neutron-metadata-agent |
| 903d9a68-b050-4948-8c4b-ecc329189fff | Open vSwitch agent | compute | None | :-) | UP | neutron-openvswitch-agent |
| bb1cdef8-e8bf-4353-8b89-2b33464392a5 | L3 agent | network | nova | :-) | UP | neutron-l3-agent |
| c59b2915-184d-4e38-9d8a-e5c593001db0 | Open vSwitch agent | network | None | :-) | UP | neutron-openvswitch-agent |
| ce266daa-dee1-45a9-93e4-bb0b1edb5b8b | DHCP agent | network | nova | :-) | UP | neutron-dhcp-agent |
| d0173090-50a6-4d02-8af8-cf73204a05c7 | L3 agent | compute | nova | :-) | UP | neutron-l3-agent |
| f2ce576c-01e8-488b-b718-68aa9117c2ac | Metadata agent | compute | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+---------+-------------------+-------+-------+---------------------------+
创建网络和DVR

#!/bin/bash
neutron net-create --shared --router:external=True --provider:network_type flat --provider:physical_network provider public
neutron subnet-create public 192.168.100.0/24 --name public-sub --allocation-pool start=192.168.100.181,end=192.168.100.190 --dns-nameserver 8.8.8.8 --gateway 192.168.100.1 --enable_dhcp=False
neutron net-create private --provider:network_type vxlan --router:external False --shared
neutron subnet-create private --name private-sub --gateway 172.17.0.1 172.17.0.1/16 --dns-nameserver 8.8.8.8
neutron router-create dvr-router --distributed true
neutron router-interface-add dvr-router private-sub
neutron router-gateway-set dvr-router public

创建虚机绑定浮动IP，可以在dashboard上操作
在计算节点的qrouter
[root@compute ~]# ip netns
fip-51e0cb5e-1058-4a97-b205-a57d245a6726
qrouter-a3cc1dbb-73cb-431d-97e5-23be9aa7be20
网络节点的qrouter
[root@network ~]# ip netns
snat-a3cc1dbb-73cb-431d-97e5-23be9aa7be20
fip-51e0cb5e-1058-4a97-b205-a57d245a6726
qrouter-a3cc1dbb-73cb-431d-97e5-23be9aa7be20
qdhcp-53896585-6380-48f1-aed9-db340c5facf9
拓扑图