Ubuntu 16.04
Sponsored Link

OpenStack Newton : Neutron Network (FLAT)
2016/11/17
 
Configure virtual networking by OpenStack Network Service (Neutron).
For example, configure FLAT type of provider networking on here.
Before it, Configure basic settings on Control Node, Network Node, Compute Node.
Furthermore, this example is based on the environment that Network Node and Compute Node have 2 network interfaces.

                                        |
  +-------------+                  +----+----+
  | Name Server |                  | Gateway |
  +------+------+                  +----+----+
         |10.0.0.10                     |10.0.0.1
         |                              |
         +------------+-----------------+------------------+
         |            |                 |                  |     10.0.0.200-10.0.0.250
     eth0|10.0.0.30   |             eth0|10.0.0.50         |         +-----------------+
+--------+---------+  |     +-----------+----------+       |     +---| Virtual Machine |
| [ Control Node ] |  |     |   [ Network Node ]   |       |     |   +-----------------+
|     Keystone     |  |     |       DHCP Agent     |       |     |   +-----------------+
|      Glance      |  |     |       L3 Agent       |eth1   |     |---| Virtual Machine |
|     Nova API     |  |     |       L2 Agent       |       |     |   +-----------------+
|  Neutron Server  |  |     |    Metadata Agent    |       |     |   +-----------------+
+------------------+  |     +----------------------+       +-----+---| Virtual Machine |
                      |                                          |   +-----------------+
                      |     +----------------------+             |   +-----------------+
                      | eth0|   [ Compute Node ]   |             |---| Virtual Machine |
                      +-----|     Nova Compute     |eth1         |   +-----------------+
                   10.0.0.51|       L2 Agent       |             |   +-----------------+
                            +----------------------+             +---| Virtual Machine |
                                                                     +-----------------+

[1] Change settings like follows on both Network Node and Compute Node.
root@network:~#
vi /etc/neutron/plugins/ml2/ml2_conf.ini
# line 154: add

[ml2_type_flat]
flat_networks = physnet1
root@network:~#
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
# line 133: add

[linux_bridge]
physical_interface_mappings = physnet1:eth1
# line 176: uncomment and change

enable_vxlan =
false
root@network:~#
systemctl restart neutron-linuxbridge-agent

[2] Create network. It's OK to work on any node. (This example is on Control Node)
root@dlp ~(keystone)#
tenantID=`openstack project list | grep service | awk '{print $2}'`
# create network named "sharednet1"

root@dlp ~(keystone)#
neutron net-create --tenant-id $tenantID sharednet1 \
--shared --provider:network_type flat --provider:physical_network physnet1

Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2016-11-18T06:59:51Z                 |
| description               |                                      |
| id                        | f8ebfce4-3459-4f1a-9afc-2aa940e699fd |
| ipv4_address_scope        |                                      |
| ipv6_address_scope        |                                      |
| mtu                       | 1500                                 |
| name                      | sharednet1                           |
| port_security_enabled     | True                                 |
| project_id                | e2fed44089aa40dc88f5ae6ed9dfe915     |
| provider:network_type     | flat                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  |                                      |
| revision_number           | 3                                    |
| router:external           | False                                |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| tenant_id                 | e2fed44089aa40dc88f5ae6ed9dfe915     |
| updated_at                | 2016-11-18T06:59:51Z                 |
+---------------------------+--------------------------------------+

# create subnet "10.0.0.0/24" in "sharednet1"

root@dlp ~(keystone)#
neutron subnet-create \
--tenant-id $tenantID --gateway 10.0.0.1 --allocation-pool start=10.0.0.200,end=10.0.0.250 \
--dns-nameserver 10.0.0.1 sharednet1 10.0.0.0/24

Created a new subnet:
+-------------------+----------------------------------------------+
| Field             | Value                                        |
+-------------------+----------------------------------------------+
| allocation_pools  | {"start": "10.0.0.200", "end": "10.0.0.250"} |
| cidr              | 10.0.0.0/24                                  |
| created_at        | 2016-11-18T07:13:16Z                         |
| description       |                                              |
| dns_nameservers   | 10.0.0.1                                     |
| enable_dhcp       | True                                         |
| gateway_ip        | 10.0.0.1                                     |
| host_routes       |                                              |
| id                | d1a496c3-6f7c-46d6-9c29-826fd8039512         |
| ip_version        | 4                                            |
| ipv6_address_mode |                                              |
| ipv6_ra_mode      |                                              |
| name              |                                              |
| network_id        | f8ebfce4-3459-4f1a-9afc-2aa940e699fd         |
| project_id        | e2fed44089aa40dc88f5ae6ed9dfe915             |
| revision_number   | 2                                            |
| service_types     |                                              |
| subnetpool_id     |                                              |
| tenant_id         | e2fed44089aa40dc88f5ae6ed9dfe915             |
| updated_at        | 2016-11-18T07:13:16Z                         |
+-------------------+----------------------------------------------+

# confirm settings

root@dlp ~(keystone)#
neutron net-list

+--------------------------------+------------+--------------------------------+
| id                             | name       | subnets                        |
+--------------------------------+------------+--------------------------------+
| f8ebfce4-3459-4f1a-9afc-       | sharednet1 | d1a496c3-6f7c-                 |
| 2aa940e699fd                   |            | 46d6-9c29-826fd8039512         |
|                                |            | 10.0.0.0/24                    |
+--------------------------------+------------+--------------------------------+
[3] Create and start a Virtual machine Instance with the network just created above.
root@dlp ~(keystone)#
netID=`neutron net-list | grep sharednet1 | awk '{print $2}'`

root@dlp ~(keystone)#
openstack image list

+--------------------------------------+------------+--------+
| ID                                   | Name       | Status |
+--------------------------------------+------------+--------+
| 7d0cf100-6017-448c-9a6b-5bcf20d93f73 | Ubuntu1604 | active |
+--------------------------------------+------------+--------+

root@dlp ~(keystone)#
openstack server create --flavor m1.small --image Ubuntu1604 --security-group default --nic net-id=$netID Ubuntu_1604
root@dlp ~(keystone)#
openstack server list

+--------------------+-------------+--------+---------------------+------------+
| ID                 | Name        | Status | Networks            | Image Name |
+--------------------+-------------+--------+---------------------+------------+
| ac239720-867d-49d5 | Ubuntu_1604 | ACTIVE | sharednet1=10.0.0.2 | Ubuntu1604 |
| -b8f5-1c387a5f95e0 |             |        | 07                  |            |
+--------------------+-------------+--------+---------------------+------------+
[4] Configure security settings like follows to access with SSH and ICMP.
# permit ICMP

root@dlp ~(keystone)#
neutron security-group-rule-create --direction ingress --protocol icmp default

Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2016-11-18T07:18:26Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| id                | 6580784f-03d5-441e-ba73-44347edf231c |
| port_range_max    |                                      |
| port_range_min    |                                      |
| project_id        | 1b8227c2c89e4f1cbcbbb9f6060b0416     |
| protocol          | icmp                                 |
| remote_group_id   |                                      |
| remote_ip_prefix  |                                      |
| revision_number   | 1                                    |
| security_group_id | 6f9266c8-881f-42df-a071-5ee1858a28ed |
| tenant_id         | 1b8227c2c89e4f1cbcbbb9f6060b0416     |
| updated_at        | 2016-11-18T07:18:26Z                 |
+-------------------+--------------------------------------+

# permit SSH

root@dlp ~(keystone)#
neutron security-group-rule-create --direction ingress --protocol tcp --port_range_min 22 --port_range_max 22 default

Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2016-11-18T07:18:41Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| id                | 832fea91-92cd-4da2-9a00-a6f2ff4881d6 |
| port_range_max    | 22                                   |
| port_range_min    | 22                                   |
| project_id        | 1b8227c2c89e4f1cbcbbb9f6060b0416     |
| protocol          | tcp                                  |
| remote_group_id   |                                      |
| remote_ip_prefix  |                                      |
| revision_number   | 1                                    |
| security_group_id | 6f9266c8-881f-42df-a071-5ee1858a28ed |
| tenant_id         | 1b8227c2c89e4f1cbcbbb9f6060b0416     |
| updated_at        | 2016-11-18T07:18:41Z                 |
+-------------------+--------------------------------------+

root@dlp ~(keystone)#
neutron security-group-rule-list

+------------+----------------+-----------+-----------+---------------+---------------+
| id         | security_group | direction | ethertype | port/protocol | remote        |
+------------+----------------+-----------+-----------+---------------+---------------+
| 14bcbec0-3 | default        | ingress   | IPv4      | any           | default       |
| 8e6-44df-8 |                |           |           |               | (group)       |
| 211-d8d61d |                |           |           |               |               |
| 97697a     |                |           |           |               |               |
| 26fcb8ad-  | default        | ingress   | IPv6      | any           | default       |
| f6de-4264  |                |           |           |               | (group)       |
| -988f-b996 |                |           |           |               |               |
| f70976bb   |                |           |           |               |               |
| 3a3ca4b0-4 | default        | egress    | IPv6      | any           | any           |
| dba-4704-8 |                |           |           |               |               |
| 0e8-8df82c |                |           |           |               |               |
| 4a560f     |                |           |           |               |               |
| 5a553435-3 | default        | egress    | IPv4      | any           | any           |
| 059-4602-9 |                |           |           |               |               |
| 626-833fbb |                |           |           |               |               |
| 7e2d79     |                |           |           |               |               |
| 6580784f-  | default        | ingress   | IPv4      | icmp          | any           |
| 03d5-441e- |                |           |           |               |               |
| ba73-44347 |                |           |           |               |               |
| edf231c    |                |           |           |               |               |
| 832fea91   | default        | ingress   | IPv4      | 22/tcp        | any           |
| -92cd-4da2 |                |           |           |               |               |
| -9a00-a6f2 |                |           |           |               |               |
| ff4881d6   |                |           |           |               |               |
+------------+----------------+-----------+-----------+---------------+---------------+
[5] Login to Instance.
root@dlp ~(keystone)#
ssh ubuntu@10.0.0.207

The authenticity of host '10.0.0.207 (10.0.0.207)' can't be established.
ECDSA key fingerprint is SHA256:SsoSJR8Mq6olDKmaKKcRhYhdGO9m6GXVhd3RFViSo+E.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '10.0.0.207' (ECDSA) to the list of known hosts.
ubuntu@10.0.0.207's password:
Welcome to Ubuntu 16.04.1 LTS (GNU/Linux 4.4.0-47-generic x86_64)

 * Documentation:  https://help.ubuntu.com
 * Management:     https://landscape.canonical.com
 * Support:        https://ubuntu.com/advantage
Last login: Fri Nov 18 10:36:51 2016
ubuntu@localhost:~$    
# just logined
 
Tweet