The tenant network provides internal network access for instances.
The architecture isolates this type of network from other tenants. The
demo tenant owns this network because it only
provides network access for instances within it.
![[Note]](../common/images/admon/note.png) | Note |
|---|---|
Perform these commands on the controller node. |
To create the tenant network
Source the
demotenant credentials:$ source demo-openrc.sh
Create the network:
$ neutron net-create demo-net Created a new network: +----------------+--------------------------------------+ | Field | Value | +----------------+--------------------------------------+ | admin_state_up | True | | id | ac108952-6096-4243-adf4-bb6615b3de28 | | name | demo-net | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | cdef0071a0194d19ac6bb63802dc9bae | +----------------+--------------------------------------+
Like the external network, your tenant network also requires
a subnet attached to it. You can specify any valid subnet because the
architecture isolates tenant networks. Replace
TENANT_NETWORK_CIDR with the subnet
you want to associate with the tenant network. Replace
TENANT_NETWORK_GATEWAY with the gateway you
want to associate with this network, typically the ".1" IP address. By
default, this subnet will use DHCP so your instances can obtain IP
addresses.
To create a subnet on the tenant network
Create the subnet:
$ neutron subnet-create demo-net --name demo-subnet \ --gateway
TENANT_NETWORK_GATEWAYTENANT_NETWORK_CIDRExample using
192.168.1.0/24:$ neutron subnet-create demo-net --name demo-subnet \ --gateway 192.168.1.1 192.168.1.0/24 Created a new subnet: +-------------------+------------------------------------------------------+ | Field | Value | +-------------------+------------------------------------------------------+ | allocation_pools | {"start": "192.168.1.2", "end": "192.168.1.254"} | | cidr | 192.168.1.0/24 | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 192.168.1.1 | | host_routes | | | id | 69d38773-794a-4e49-b887-6de6734e792d | | ip_version | 4 | | ipv6_address_mode | | | ipv6_ra_mode | | | name | demo-subnet | | network_id | ac108952-6096-4243-adf4-bb6615b3de28 | | tenant_id | cdef0071a0194d19ac6bb63802dc9bae | +-------------------+------------------------------------------------------+
A virtual router passes network traffic between two or more virtual networks. Each router requires one or more interfaces and/or gateways that provide access to specific networks. In this case, you will create a router and attach your tenant and external networks to it.
To create a router on the tenant network and attach the external and tenant networks to it
Create the router:
$ neutron router-create demo-router Created a new router: +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | admin_state_up | True | | external_gateway_info | | | id | 635660ae-a254-4feb-8993-295aa9ec6418 | | name | demo-router | | status | ACTIVE | | tenant_id | cdef0071a0194d19ac6bb63802dc9bae | +-----------------------+--------------------------------------+
Attach the router to the
demotenant subnet:$ neutron router-interface-add demo-router demo-subnet Added interface b1a894fd-aee8-475c-9262-4342afdc1b58 to router demo-router.
Attach the router to the external network by setting it as the gateway:
$ neutron router-gateway-set demo-router ext-net Set gateway for router demo-router
