![[Note]](../common/images/admon/note.png) | Note |
|---|---|
Run these commands on the network node. Ensure that the following environment variables are set. Various clients use these variables to access the Identity Service. |
Create a
novarcfile:export OS_TENANT_NAME=provider_tenant export OS_USERNAME=admin export OS_PASSWORD=
ADMIN_PASSexport OS_AUTH_URL="http://controller:5000/v2.0/" export OS_SERVICE_ENDPOINT="http://controller:35357/v2.0" export OS_SERVICE_TOKEN=password
Export the variables:
# source novarc echo "source novarc">>.bashrc
The admin user creates a network and subnet on behalf of tenant_A. A tenant_A user can also complete these steps.
To configure internal networking
Get the tenant ID (Used as $TENANT_ID later).
# keystone tenant-list +----------------------------------+--------------------+---------+ | id | name | enabled | +----------------------------------+--------------------+---------+ | 48fb81ab2f6b409bafac8961a594980f | provider_tenant | True | | cbb574ac1e654a0a992bfc0554237abf | service | True | | e371436fe2854ed89cca6c33ae7a83cd | invisible_to_admin | True | | e40fa60181524f9f9ee7aa1038748f08 | tenant_A | True | +----------------------------------+--------------------+---------+
Create an internal network named net1 for tenant_A ($TENANT_ID will be e40fa60181524f9f9ee7aa1038748f08):
# neutron net-create --tenant-id $TENANT_ID net1 +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | e99a361c-0af8-4163-9feb-8554d4c37e4f | | name | net1 | | provider:network_type | vlan | | provider:physical_network | physnet1 | | provider:segmentation_id | 1024 | | router:external | False | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | e40fa60181524f9f9ee7aa1038748f08 | +---------------------------+--------------------------------------+
Create a subnet on the network net1 (ID field below is used as $SUBNET_ID later):
# neutron subnet-create --tenant-id $TENANT_ID net1 10.5.5.0/24 +------------------+--------------------------------------------+ | Field | Value | +------------------+--------------------------------------------+ | allocation_pools | {"start": "10.5.5.2", "end": "10.5.5.254"} | | cidr | 10.5.5.0/24 | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 10.5.5.1 | | host_routes | | | id | c395cb5d-ba03-41ee-8a12-7e792d51a167 | | ip_version | 4 | | name | | | network_id | e99a361c-0af8-4163-9feb-8554d4c37e4f | | tenant_id | e40fa60181524f9f9ee7aa1038748f08 | +------------------+--------------------------------------------+
A user with the admin role must complete these steps. In this procedure, the user is admin from provider_tenant.
To configure the router and external networking
Create a router1 route. The ID is used as $ROUTER_ID later:
# neutron router-create router1 +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | admin_state_up | True | | external_gateway_info | | | id | 685f64e7-a020-4fdf-a8ad-e41194ae124b | | name | router1 | | status | ACTIVE | | tenant_id | 48fb81ab2f6b409bafac8961a594980f | +-----------------------+--------------------------------------+
Note The
--tenant-idparameter is not specified, so this router is assigned to the provider_tenant tenant.Add an interface to the
router1router and attach it to the subnet fromnet1:# neutron router-interface-add $ROUTER_ID $SUBNET_ID Added interface to router 685f64e7-a020-4fdf-a8ad-e41194ae124b
Note You can repeat this step to add more interfaces for other networks that belong to other tenants.
Create the
ext_netexternal network:# neutron net-create ext_net --router:external=True +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | 8858732b-0400-41f6-8e5c-25590e67ffeb | | name | ext_net | | provider:network_type | vlan | | provider:physical_network | physnet1 | | provider:segmentation_id | 1 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | 48fb81ab2f6b409bafac8961a594980f | +---------------------------+--------------------------------------+
Create the subnet for floating IPs.
Note The DHCP service is disabled for this subnet.
# neutron subnet-create ext_net \ --allocation-pool start=7.7.7.130,end=7.7.7.150 \ --gateway 7.7.7.1 7.7.7.0/24 --disable-dhcp +------------------+--------------------------------------------------+ | Field | Value | +------------------+--------------------------------------------------+ | allocation_pools | {"start": "7.7.7.130", "end": "7.7.7.150"} | | cidr | 7.7.7.0/24 | | dns_nameservers | | | enable_dhcp | False | | gateway_ip | 7.7.7.1 | | host_routes | | | id | aef60b55-cbff-405d-a81d-406283ac6cff | | ip_version | 4 | | name | | | network_id | 8858732b-0400-41f6-8e5c-25590e67ffeb | | tenant_id | 48fb81ab2f6b409bafac8961a594980f | +------------------+--------------------------------------------------+Set the gateway for the router to the external network:
# neutron router-gateway-set $ROUTER_ID $EXTERNAL_NETWORK_ID Set gateway for router 685f64e7-a020-4fdf-a8ad-e41194ae124b
A user from tenant_A completes these steps, so the credentials in the environment variables are different than those in the previous procedure.
To allocate floating IP addresses
You can associate a floating IP address with a VM after it starts. Find the ID of the port ($PORT_ID) that was allocated for the VM, as follows:
# nova list +--------------------------------------+--------+--------+---------------+ | ID | Name | Status | Networks | +--------------------------------------+--------+--------+---------------+ | 1cdc671d-a296-4476-9a75-f9ca1d92fd26 | testvm | ACTIVE | net1=10.5.5.3 | +--------------------------------------+--------+--------+---------------+ neutron port-list -- --device_id 1cdc671d-a296-4476-9a75-f9ca1d92fd26 +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+ | id | name | mac_address | fixed_ips | +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+ | 9aa47099-b87b-488c-8c1d-32f993626a30 | | fa:16:3e:b4:d6:6c | {"subnet_id": "c395cb5d-ba03-41ee-8a12-7e792d51a167", "ip_address": "10.5.5.3"} | +--------------------------------------+------+-------------------+---------------------------------------------------------------------------------+Allocate a floating IP (Used as $FLOATING_ID):
# neutron floatingip-create ext_net +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | | | floating_ip_address | 7.7.7.131 | | floating_network_id | 8858732b-0400-41f6-8e5c-25590e67ffeb | | id | 40952c83-2541-4d0c-b58e-812c835079a5 | | port_id | | | router_id | | | tenant_id | e40fa60181524f9f9ee7aa1038748f08 | +---------------------+--------------------------------------+
Associate the floating IP with the port for the VM:
# neutron floatingip-associate $FLOATING_ID $PORT_ID Associated floatingip 40952c83-2541-4d0c-b58e-812c835079a5
Show the floating IP:
# neutron floatingip-show $FLOATING_ID +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | 10.5.5.3 | | floating_ip_address | 7.7.7.131 | | floating_network_id | 8858732b-0400-41f6-8e5c-25590e67ffeb | | id | 40952c83-2541-4d0c-b58e-812c835079a5 | | port_id | 9aa47099-b87b-488c-8c1d-32f993626a30 | | router_id | 685f64e7-a020-4fdf-a8ad-e41194ae124b | | tenant_id | e40fa60181524f9f9ee7aa1038748f08 | +---------------------+--------------------------------------+
Test the floating IP:
# ping 7.7.7.131 PING 7.7.7.131 (7.7.7.131) 56(84) bytes of data. 64 bytes from 7.7.7.131: icmp_req=2 ttl=64 time=0.152 ms 64 bytes from 7.7.7.131: icmp_req=3 ttl=64 time=0.049 ms
