电子商务网站建设的安全性,龙元建设集团股份有限公司网站地址,赣州市建设工程质量监督管理站网站,开发公司网签价格目录
一、理论
1.OpenStack
二、实验
1. Linux系统修改网卡
2.OpenStack 配置二层物理网卡为三层桥的接口 一、理论
1.OpenStack
#xff08;1#xff09;概念
OpenStack是一个开源的云计算管理平台项目#xff0c;是一系列软件开源项目的组合。由NASA(美国国家航空…目录
一、理论
1.OpenStack
二、实验
1. Linux系统修改网卡
2.OpenStack 配置二层物理网卡为三层桥的接口 一、理论
1.OpenStack
1概念
OpenStack是一个开源的云计算管理平台项目是一系列软件开源项目的组合。由NASA(美国国家航空航天局)和Rackspace合作研发并发起以Apache许可证Apache软件基金会发布的一个自由软件许可证授权。
OpenStack为私有云和公有云提供可扩展的弹性的云计算服务。项目目标是提供实施简单、可大规模扩展、丰富、标准统一的云计算管理平台。
2官网架构图
Open Source Cloud Computing Platform Software - OpenStack (3)关键组件与服务
表1 Openstack关键组件与服务
服务类型组件名称描述DashboardHorizon提供了一个基于web的自服务门户通过web与OpenStack底层服务交互。Controller/ComputeNova在OpenStack环境中计算实例的生命周期管理。包括虚拟机创建、调度、删除等操作。NetworkingNeutron确保为其它OpenStack服务提供网络连接即服务比如OpenStack计算。为用户提供API定义网络和使用。基于插件的架构其支持众多的网络提供商和技术。Object StorageSwift通过基于HTTP的应用程序接口存储和任意检索的非结构化数据对象。Block StorageCinder为运行实例而提供的持久性块存储。它的可插拔驱动架构的功能有助于创建和管理块存储设备。Identity ServiceKeystone为其他OpenStack服务提供认证和授权服务为所有的OpenStack服务提供一个端点目录。Image ServiceGlance存储和检索虚拟机镜像元数据OpenStack会在实例部署时使用此服务。Telemetry ServiceCeilometer为OpenStack云的计费、基准、扩展性以及统计等目的提供监测和计量。Orchestration ServiceHeat既可以模板来编排多个综合的云应用类似 AWS的CloudFormation。 4基础网络配置
1br-ex
连接外部网络(external)2br-tun
连接隧道网络tunnel3br-int
综合网桥integration
二、实验
1. Linux系统修改网卡
1关闭网络管理
[rootopenstack ~]# systemctl stop NetworkManager systemctl disable NetworkManager2查看当前ip地址
[rootopenstack ~]# ip a3复制网卡
[rootopenstack ~]# cp /etc/sysconfig/network-scripts/ifcfg-eth0 /etc/sysconfig/network-scripts/ifcfg-ens334查看网卡
[rootopenstack ~]# cd /etc/sysconfig/network-scripts/
[rootopenstack network-scripts]# ls
ifcfg-ens33 ifdown-eth ifdown-isdn ifdown-routes ifdown-tunnel ifup-eth ifup-isdn ifup-post ifup-Team init.ipv6-global
ifcfg-eth0 ifdown-ib ifdown-ovs ifdown-sit ifup ifup-ib ifup-ovs ifup-ppp ifup-TeamPort network-functions
ifdown ifdown-ippp ifdown-post ifdown-Team ifup-aliases ifup-ippp ifup-plip ifup-routes ifup-tunnel network-functions-ipv6
ifdown-bnep ifdown-ipv6 ifdown-ppp ifdown-TeamPort ifup-bnep ifup-ipv6 ifup-plusb ifup-sit ifup-wireless test5编辑网卡
[rootopenstack network-scripts]# vim ifcfg-ens33 6删除旧网卡
[rootopenstack network-scripts]# rm -fr /etc/sysconfig/network-scripts/ifcfg-eth07重启网络服务
[rootopenstack network-scripts]# systemctl restart network(8)主机ping opsenstack地址 (9) 登录系统
http://192.168.199.201 2.OpenStack 配置二层物理网卡为三层桥的接口
1查看当前网桥信息
[rootopenstack network-scripts]# ovs-vsctl show
db90689c-619b-4abe-bcbf-16563efed45bManager ptcp:6640:127.0.0.1is_connected: trueBridge br-exController tcp:127.0.0.1:6633is_connected: truefail_mode: securePort br-exInterface br-extype: internalPort phy-br-exInterface phy-br-extype: patchoptions: {peerint-br-ex}Bridge br-intController tcp:127.0.0.1:6633is_connected: truefail_mode: securePort br-intInterface br-inttype: internalPort int-br-exInterface int-br-extype: patchoptions: {peerphy-br-ex}Port patch-tunInterface patch-tuntype: patchoptions: {peerpatch-int}Bridge br-tunController tcp:127.0.0.1:6633is_connected: truefail_mode: securePort patch-intInterface patch-inttype: patchoptions: {peerpatch-tun}Port br-tunInterface br-tuntype: internalovs_version: 2.7.32备份网卡
[rootopenstack network-scripts]# mkdir bak[rootopenstack network-scripts]# ls
bak ifdown-ib ifdown-post ifdown-TeamPort ifup-eth ifup-ovs ifup-routes ifup-wireless
ifcfg-ens33 ifdown-ippp ifdown-ppp ifdown-tunnel ifup-ib ifup-plip ifup-sit init.ipv6-global
ifdown ifdown-ipv6 ifdown-routes ifup ifup-ippp ifup-plusb ifup-Team network-functions
ifdown-bnep ifdown-isdn ifdown-sit ifup-aliases ifup-ipv6 ifup-post ifup-TeamPort network-functions-ipv6
ifdown-eth ifdown-ovs ifdown-Team ifup-bnep ifup-isdn ifup-ppp ifup-tunnel test[rootopenstack network-scripts]# cp ifcfg-ens33 bak/3创建br-ex桥
[rootopenstack network-scripts]# cp ifcfg-ens33 ifcfg-br-ex[rootopenstack network-scripts]# vim ifcfg-ens33 [rootopenstack network-scripts]# vim ifcfg-br-ex 复制 将对应的物理网卡添加到OVS– BR-EX上作为一个接口 地址配置在br-ex 三层接口上 4重启网络
[rootopenstack network-scripts]# service network restart
Restarting network (via systemctl): [ 确定 ]5查看接口信息
[rootopenstack network-scripts]# more ifcfg-ens33
TYPEOVSPort
HWADDR00:0c:29:53:85:ce
ONBOOTyes
DEVICEens33
DEVICETYPEovs
OVS_BRIDGEbr-ex6查看网桥信息
[rootopenstack network-scripts]# more ifcfg-ens33
TYPEOVSPort
HWADDR00:0c:29:53:85:ce
ONBOOTyes
DEVICEens33
DEVICETYPEovs
OVS_BRIDGEbr-ex[rootopenstack network-scripts]# more ifcfg-br-ex
TYPEOVSBridge
DEVICETYPEovs
DEVICEbr-ex
BOOTPROTOstatic
DNS1192.168.199.2
DEFROUTEyes
NAMEbr-ex
ONBOOTyes
IPADDR192.168.199.201
PREFIX24
GATEWAY192.168.199.27查看ip
[rootopenstack network-scripts]# ip add show
1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN qlen 1link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00inet 127.0.0.1/8 scope host lovalid_lft forever preferred_lft foreverinet6 ::1/128 scope host valid_lft forever preferred_lft forever
2: ens33: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast master ovs-system state UP qlen 1000link/ether 00:0c:29:53:85:ce brd ff:ff:ff:ff:ff:ffinet6 fe80::20c:29ff:fe53:85ce/64 scope link valid_lft forever preferred_lft forever
3: ovs-system: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 1000link/ether ba:4a:22:6d:00:d7 brd ff:ff:ff:ff:ff:ff
4: br-int: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 1000link/ether 06:b7:f9:bd:7d:47 brd ff:ff:ff:ff:ff:ff
5: br-tun: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN qlen 1000link/ether 8a:88:cb:d5:87:41 brd ff:ff:ff:ff:ff:ff
6: br-ex: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc noqueue state UNKNOWN qlen 1000link/ether 00:0c:29:53:85:ce brd ff:ff:ff:ff:ff:ffinet 192.168.199.201/24 brd 192.168.199.255 scope global br-exvalid_lft forever preferred_lft foreverinet6 fe80::3c23:faff:fe8f:9d47/64 scope link valid_lft forever preferred_lft forever8主机 ping openstack地址 9查看网桥信息桥br-ex已添加端口ens33对应接口为ens33
[rootopenstack network-scripts]# ovs-vsctl show
db90689c-619b-4abe-bcbf-16563efed45bManager ptcp:6640:127.0.0.1Bridge br-exController tcp:127.0.0.1:6633fail_mode: securePort br-exInterface br-extype: internalPort ens33Interface ens33Port phy-br-exInterface phy-br-extype: patchoptions: {peerint-br-ex}Bridge br-intController tcp:127.0.0.1:6633fail_mode: securePort br-intInterface br-inttype: internalPort int-br-exInterface int-br-extype: patchoptions: {peerphy-br-ex}Port patch-tunInterface patch-tuntype: patchoptions: {peerpatch-int}Bridge br-tunController tcp:127.0.0.1:6633fail_mode: securePort patch-intInterface patch-inttype: patchoptions: {peerpatch-tun}Port br-tunInterface br-tuntype: internalovs_version: 2.7.3(9) 测试抓包
[rootopenstack network-scripts]# tcpdump -i br-ex | grep -i icmp
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br-ex, link-type EN10MB (Ethernet), capture size 262144 bytes
^C40 packets captured
40 packets received by filter
0 packets dropped by kernel10再次成功登录系统
文章转载自: http://www.morning.lydtr.cn.gov.cn.lydtr.cn http://www.morning.hlfnh.cn.gov.cn.hlfnh.cn http://www.morning.tldfp.cn.gov.cn.tldfp.cn http://www.morning.tfwg.cn.gov.cn.tfwg.cn http://www.morning.crqpl.cn.gov.cn.crqpl.cn http://www.morning.jzyfy.cn.gov.cn.jzyfy.cn http://www.morning.fkgcd.cn.gov.cn.fkgcd.cn http://www.morning.hdscx.cn.gov.cn.hdscx.cn http://www.morning.hffjj.cn.gov.cn.hffjj.cn http://www.morning.tdnbw.cn.gov.cn.tdnbw.cn http://www.morning.fbrshjf.com.gov.cn.fbrshjf.com http://www.morning.bgpch.cn.gov.cn.bgpch.cn http://www.morning.yrmpr.cn.gov.cn.yrmpr.cn http://www.morning.lltdf.cn.gov.cn.lltdf.cn http://www.morning.rgzc.cn.gov.cn.rgzc.cn http://www.morning.gbgdm.cn.gov.cn.gbgdm.cn http://www.morning.hhfwj.cn.gov.cn.hhfwj.cn http://www.morning.hrzymy.com.gov.cn.hrzymy.com http://www.morning.tmpsc.cn.gov.cn.tmpsc.cn http://www.morning.jgmdr.cn.gov.cn.jgmdr.cn http://www.morning.tzcr.cn.gov.cn.tzcr.cn http://www.morning.yrck.cn.gov.cn.yrck.cn http://www.morning.rfdqr.cn.gov.cn.rfdqr.cn http://www.morning.gpfuxiu.cn.gov.cn.gpfuxiu.cn http://www.morning.c-ae.cn.gov.cn.c-ae.cn http://www.morning.pzcqz.cn.gov.cn.pzcqz.cn http://www.morning.ltbwq.cn.gov.cn.ltbwq.cn http://www.morning.fzqfb.cn.gov.cn.fzqfb.cn http://www.morning.njntp.cn.gov.cn.njntp.cn http://www.morning.rfhmb.cn.gov.cn.rfhmb.cn http://www.morning.chhhq.cn.gov.cn.chhhq.cn http://www.morning.lwqst.cn.gov.cn.lwqst.cn http://www.morning.znrlg.cn.gov.cn.znrlg.cn http://www.morning.rfzzw.com.gov.cn.rfzzw.com http://www.morning.ngqdp.cn.gov.cn.ngqdp.cn http://www.morning.zzfqn.cn.gov.cn.zzfqn.cn http://www.morning.rmdwp.cn.gov.cn.rmdwp.cn http://www.morning.phjny.cn.gov.cn.phjny.cn http://www.morning.qkqzm.cn.gov.cn.qkqzm.cn http://www.morning.wiitw.com.gov.cn.wiitw.com http://www.morning.wflpj.cn.gov.cn.wflpj.cn http://www.morning.tbjtm.cn.gov.cn.tbjtm.cn http://www.morning.ctqlq.cn.gov.cn.ctqlq.cn http://www.morning.pqbkk.cn.gov.cn.pqbkk.cn http://www.morning.gqfbh.cn.gov.cn.gqfbh.cn http://www.morning.dwrjj.cn.gov.cn.dwrjj.cn http://www.morning.kyflr.cn.gov.cn.kyflr.cn http://www.morning.rmyqj.cn.gov.cn.rmyqj.cn http://www.morning.phzrq.cn.gov.cn.phzrq.cn http://www.morning.krgjc.cn.gov.cn.krgjc.cn http://www.morning.czqqy.cn.gov.cn.czqqy.cn http://www.morning.mhlsx.cn.gov.cn.mhlsx.cn http://www.morning.jqpq.cn.gov.cn.jqpq.cn http://www.morning.xqgtd.cn.gov.cn.xqgtd.cn http://www.morning.tlfzp.cn.gov.cn.tlfzp.cn http://www.morning.mfzyn.cn.gov.cn.mfzyn.cn http://www.morning.xhfky.cn.gov.cn.xhfky.cn http://www.morning.c7512.cn.gov.cn.c7512.cn http://www.morning.dtcsp.cn.gov.cn.dtcsp.cn http://www.morning.jhrqn.cn.gov.cn.jhrqn.cn http://www.morning.rlbfp.cn.gov.cn.rlbfp.cn http://www.morning.gwqkk.cn.gov.cn.gwqkk.cn http://www.morning.kpxnz.cn.gov.cn.kpxnz.cn http://www.morning.hpjpy.cn.gov.cn.hpjpy.cn http://www.morning.zwznz.cn.gov.cn.zwznz.cn http://www.morning.ftdlg.cn.gov.cn.ftdlg.cn http://www.morning.glnxd.cn.gov.cn.glnxd.cn http://www.morning.dydqh.cn.gov.cn.dydqh.cn http://www.morning.ktlxk.cn.gov.cn.ktlxk.cn http://www.morning.znqztgc.cn.gov.cn.znqztgc.cn http://www.morning.huarma.com.gov.cn.huarma.com http://www.morning.fhbhr.cn.gov.cn.fhbhr.cn http://www.morning.mfcbk.cn.gov.cn.mfcbk.cn http://www.morning.rbylq.cn.gov.cn.rbylq.cn http://www.morning.dbylp.cn.gov.cn.dbylp.cn http://www.morning.rpsjh.cn.gov.cn.rpsjh.cn http://www.morning.bxrqf.cn.gov.cn.bxrqf.cn http://www.morning.ryfq.cn.gov.cn.ryfq.cn http://www.morning.mplb.cn.gov.cn.mplb.cn http://www.morning.hqrkq.cn.gov.cn.hqrkq.cn
