在你按照你选择的架构,完成各个节点操作系统安装以后,你必须配置网络接口。我们推荐你禁用自动网络管理工具并手动编辑你相应版本的配置文件。更多关于如何配置你版本网络信息内容,参考 documentation 。
All nodes require Internet access for administrative purposes such as package installation, security updates, DNS, and NTP. In most cases, nodes should obtain Internet access through the management network interface. To highlight the importance of network separation, the example architectures use private address space for the management network and assume that the physical network infrastructure provides Internet access via NAT or other methods. The example architectures use routable IP address space for the provider (external) network and assume that the physical network infrastructure provides direct Internet access.
在提供者网络架构中,所有实例直接连接到提供商网络。在自服务(私有)网络架构,实例可以连接到自服务或提供网络。自服务网络可以完全在openstack环境中或者通过外部网络使用:term:’NAT<Network Address Translation (NAT)>’提供某种级别的外部网络访问。
示例架构假设使用如下网络:
管理使用 10.0.0.0/24 带有网关 10.0.0.1
这个网络需要一个网关为所有节点提供网络访问用来管理,如安装包、安全更新,:term:’DNS<Domain Name System (DNS)>’和:term:’NTP <Network Time Protocol (NTP)>’。
提供者网段 203.0.113.0/24,网关203.0.113.1
这个网络需要一个网关来提供在环境中内部实例的访问。
您可以修改这些范围和网关来以您的特定网络设施进行工作。
Network interface names vary by distribution. Traditionally,
interfaces use eth
followed by a sequential number. To cover all
variations, this guide refers to the first interface as the
interface with the lowest number and the second interface as the
interface with the highest number.
Unless you intend to use the exact configuration provided in this
example architecture, you must modify the networks in this procedure to
match your environment. Each node must resolve the other nodes by
name in addition to IP address. For example, the controller
name must
resolve to 10.0.0.11
, the IP address of the management interface on
the controller node.
警告
重新配置网络接口会中断网络连接。我们建议使用本地终端会话来进行这个过程。
注解
Your distribution enables a restrictive firewall by default. During the installation process, certain steps will fail unless you alter or disable the firewall. For more information about securing your environment, refer to the OpenStack Security Guide.
Except where otherwise noted, this document is licensed under Creative Commons Attribution 3.0 License. See all OpenStack Legal Documents.