1. Create an internal network
2. Create a vm
3. Create a route
4. Route to connect to the internal network
5. Create an external network
6. Route to connect to the external network
7. Test vm ping baidu, and successfully allow vm to access the Internet
8. Create floating ip, let the Internet access this vm
pay attention, observe the changes of
ip netns
brctl show more
★★★★★★★★★★★★Basic knowledge★★★★★★★★★★★★★★
Three concepts:
1. Network, subnet:
If it is an intranet corresponding to the namespace, bridge, dnsmasq process (dhcp),
if it is an external network, there is no namespace, only the bridge
2.port
3. Routing
neutron net-list neutron subnet-list neutron port-list neutron router-list neutron router-port-list <router-id>
View namespace
ip netns
View bridge
brctl show
View ip in namespace ip
ip netns exec <netns-name> ip a
★★★★★★★★★★★★Create internal network★★★★★★★★★★ ★★:
neutron net-list
neutron net-create <network name>
neutron net-create hello-private
Create subnet
neutron subnet-create --name <subnet name> <network name> network segment
neutron subnet-create --name hello-sub-private hello-private 10.1.0.0/28
verify:
neutron port-list ip netns
qdhcp- starts with the network, followed by the network id,
brctl show
tap<port-id> on the bridge corresponds to ns-<port-id> in the namespace
ip netns exec <qdhcp-netid> ip a
brctl show
view
is a veth pair
ps -ef|grep dnsmasq
corresponds to the network id
★★★★★★★★★★ The way to create a vm: [] means optional parameter <> means parameter replacement
1. Create a vm according to the network (this method is understood, this Test not):
nova boot [--availability-zone nova::netnode] --image <image> --flavor <flavor> --nic net-id=<network id> <vm-name>
nova boot --availability-zone nova::mcom2 --image cirros --flavor 1 --nic net-id=23fa78be-a22a-4946-b175-20b5e5b92b3c One
Note that subnets cannot be specified here. If there are multiple subnets, ip will be automatically assigned
2. If you want to specify ip for vm: create port, specify ip for port, specify port and then create vm (connect in this way):
neutron port- create --fixed-ip subnet_id=<subnet-id>,ip_address=<ip in the subnet> --name <port name> <network name>
neutron port-create --fixed-ip subnet_id=5bcc6a89-9d6e-4126-92f3-b6a12174c5a1,ip_address=10.1.0.6 --name hello-port hello-private
neutron port-list Check that there are already two ports,
one belongs to the network namespace, and the other is free and ready to be bound to the vm. Specify ip
netns
ip netns exec qdhcp-23fa78be-a22a-4946-b175-20b5e5b92b3c ip
a port to create vm:
nova boot --flavor 1 --image cirros --nic port-id=<port-id> <vm-name>
nova boot --flavor 1 --image cirros --nic port-id=b52bc9c9-e4c7-455b-aa55-5256a026aaea hello-vm
test vm
openstack console url show hello-vm nova get-vnc-console hello-vm novnc
Enter vm:
ifconfig
★★★★★★★Create router★★★★★★★★★★
Create router:
neutron router-create --distributed=false <route name>
neutron router-create --distributed=False hello-router
☆★linuxbridge supports non-distributed routing, and openvswitch supports distributed routing.
Network subnets are added to the router:
neutron router-interface-add <route name> <subnet name>
neutron router-interface-add hello-router hello-sub-private
Verification:
ip netns
qrouter- starts with router, followed by router-id
ip netns exec qrouter-d62d8aca-0b9e-4e59-8c79-37aca9fe6696 ip a
route ip is 10.1.0.1
console enter vm ping to test it out
★★★★★★ ★★★★★★★★
Create external network:
Create network:
neutron net-create --shared <name of external network> --router:external=True --provider:network_type flat --provider:physical_network <★ml2 configured The name of the external network flat_networks>
#neutron net-create --shared hello-public --router:external=True --provider:network_type flat --provider:physical_network provider
★
neutron net-create --shared hello-public --router:external=True --provider:network_type flat --provider:physical_network hello-provider
Among them ★★★★★ must pay attention to the last parameter must not
write the wrong network node: --provider:physical_network vim /etc/neutron/plugins/ml2/ml2_conf.ini [ml2_type_flat] flat_networks = hello-provider vim /etc /neutron/plugins/ml2/linuxbridge_agent.ini [linux_bridge] physical_interface_mappings = hello-provider:eth0 is not easy to change to other ones. These two configuration files must correspond. *It seems to be bad. Create a subnet: neutron subnet-create - -name <subnet name> <network name> --allocation-pool start=<start ip>,end=<end ip> --gateway=gateway ip --enable_dhcp=False <network segment> eg ★
neutron subnet-create --name hello-subnet-public hello-public --allocation-pool start=192.168.139.114,end=192.168.139.116 --gateway=192.168.128.1 --enable_dhcp=False 192.168.128.0/20
Note: 139 is the office network segment, must be pinged once, do not conflict with other
people to the
router
neutron router-gateway-set hello-router hello-public
In this step, you must check whether the bridge exists. If
brctl show
does not have a bridge from the router to the external network, it has not been successfully built.
Do not use:
neutron router-interface-add <router-name> <external network subnet Name>
neutron router-interface-add hello-router hello-subnet-public
neutron router-interface-delete hello-router hello-subnet-public
This is the
verification :
neutron net-list neutron subnet-list neutron port-list neutron router-list neutorn help|grep router neutron router-port-list <router-id> neutron router-port-list hello-router ip netns exec qrouter-d62d8aca-0b9e-4e59-8c79-37aca9fe6696 ip a
The ip of qr-d0b3aac4-65@if23 is 192.168.139.114/20
If the binding method of the internal network is used to bind the external network,
the ip of qr-d0b3aac4-65@if23 is 192.168.128.1/20
Test vm,
console Connect in,
if the network is wrong, you need to restart the network in the vm or restart the vm
to test whether you can ping to Baidu
first ping 114.114.114.114
vi /etc/resolv.conf servername 114.114.114.114
Then ping baidu
★★★★★★★★Create floating ip ★★★★★★★★★★
Create
neutron floatingip-create hello-public nova floating-ip-associate hello-vm 192.168.139.115
nova get-vnc-console hello-vm novnc
is connected to vm, ifconfig can't see the ip 115,
but can ssh from the controller,
if not, try
restarting #nova reboot hello-vm
★★★★★★★★ ★If you encounter problems ★★★★★★★★★★★★★★★
If it doesn't work, delete the extranet and rebuild it
neutron router-gateway-clear hello-router hello-public neutron net-delete hello-public
When viewing the history with time
export HISTTIMEFORMAT="%F %T `whoami` "
history
clean up the environment:
delete vm
nova delete <vm_name> neutron port-list neutron help|grep router neutron router-list neutron router-port-list <router-id> neutron help router-interface-delete
Delete the connection between the network and the route,
use the external network:
neutron router-gateway-clear <router-name> <net-name>
use the
neutron router-interface-delete for the internal network <ROUTER> <INTERFACE>
delete the connection between the external network and the route
neutron router-gateway-clear hello-router hello-public
Intranet deletion and routing connections
neutron router-interface-delete hello-router hello-sub-private
delete port, net, route
neutron port-delete <port-name>
neutron net-delete <net-id>
neutron router-delete hello-router
Then delete the network and vm
########################Debug scripts####mysql_openstack.sh ############ ###########
#!/bin/sh
#for i in `awk ' {if(NR>4 && NR<40)print $2};' a.log `
mysql_user=root
mysql_password=haoning
mysql_host=mcon
if [ "$1" = "" ]
then
echo "please use ./mysql_openstack.sh [dbname], for example: ./mysql_openstack.sh keystone";
echo "this will exit."
exit 0;
be
echo "use db " $1
for i in ` mysql -u$mysql_user -h$mysql_host -p$mysql_password $1 -e "show tables" |awk ' {if(NR>1)print $1};'`
do
if [ $i != "ml2_vxlan_allocations" ]
then
echo "mysql -u$mysql_user -h$mysql_host -p$mysql_password $1 -e \"select * from \`$i\`\"";
mysql -u$mysql_user -h$mysql_host -p$mysql_password $1 -e "select * from \`$i\`";
be
done
./mysql_openstack.sh neutron
l2poplation
bridge fdb
ip neigh