openstack learning - network management operations

Enterprise 2019-09-17 08:39:31 views: null

experiment process:
openstack learning - network management operations

Dashboard operation

Create Network

admin user login dashboard interface, navigation bar, select "Project - Network - Network Topology", displays the current network topology environment, click Create a network
openstack learning - network management operations
to create a network, the name "Network_web_01", and check the "share", the other to keep the default

openstack learning - network management operations

Create a subnet name Subnet_web_01 ", the network address 192.168.11.0/24, the gateway ip" 192.168.11.1 ", the other to keep the default
openstack learning - network management operations
configuration," Subnet details ", enter the starting and ending address pool assigned IP" 192.168.11.100,192.168.11.200 "other keep the default, and then click create
openstack learning - network management operations

Return to the Network Topology page to see changes in the network topology
openstack learning - network management operations

Navigation bar to select "Project - Network - Network" to enter the network list, you can view the network you just created
openstack learning - network management operations

Click the network name "Network_web_01", view network details
openstack learning - network management operations
View subnet information
openstack learning - network management operations
View Network Interface
openstack learning - network management operations

Then create a network "Network_web_02", Subnet name "Subnet_web_02", Network Address '192.168.12.0/24', gateway ip192.168.12.1, starting and ending address pool range of IP "192.168.12.100-192.168.12.200"
openstack learning - network management operations

Examples of each virtual machine access

Navigation bar, select "Project - computing - instance", enter the list of virtual machines ,, before referring to the virtual machine operating experimental release, release two virtual machine instances:

  • Virtual machine instance name: Instance_web_test
  • Number 2
  • Select the Start Source: Image
  • Create a new volume: NO
  • Distribution Mirror: Img_web
  • Distribution specifications: Flavor_web
  • Distribution network: Network_web_01
  • 其他保持默认
    openstack learning - network management operations
    可以看到,创建成功,网络也分配成功
    Instance_web_test_1:192.168.11.110
    Instance_web_test_2:192.168.11.102

分别单击刚刚创建的2个虚拟机实例名称,进入虚拟机实例页面,进入控制台,然后进行互ping测试
openstack learning - network management operations

openstack learning - network management operations

openstack learning - network management operations

网络能够互通
在导航栏,进入”项目-网络-网络拓扑“,可以查看当前的网络拓扑

openstack learning - network management operations

发放虚拟机实例Instance_web_test-3,网络选择Network_web_02,其他参数与Instance_web_test_1一致

openstack learning - network management operations

看可以看到分配的地址是192.168.12.101,此时无法与Instance_web_test1互通

查看现在的网络拓扑

openstack learning - network management operations
Instance_web_test-1与Instance_web_test-3处于不同的网络

创建路由器

在"项目-网络-路由”,创建路由器
openstack learning - network management operations
输入路由器名称Router_web,外部网络选择provider,其他保持默认,进行创建

openstack learning - network management operations
进入路由,查看路由概览
openstack learning - network management operations

进入接口页面,添加接口

openstack learning - network management operations
添加子网“Network_web_01"
openstack learning - network management operations
返回接口列表,查看添加的接口,等待一段时间,接口状态变为up
openstack learning - network management operations

继续添加接口,添加”Network_web_02"

openstack learning - network management operations

此时查看网络拓扑
openstack learning - network management operations

此时,Instance_web_1与Instance_web_2通过路由器,能够相互ping通

管理浮动ip

虽然虚拟实例可以通过路由器相互ping通,但是无法访问外部网络,也无法与宿主机相关进行通信。
如需要访问外部网络,必须在路由器上配置浮动ip
在使用浮动ip之前,需要在“管理员-网络”中创建一个flat类型的provider网络,如果需要访问外部网路,还得勾选外部网络选项。
openstack tranning labs默认在提供了了一个provider网络。可以分配浮动ip,如下所示
openstack learning - network management operations
进入“项目-网络-浮动ip",点击分配给项目
openstack learning - network management operations
分配池默认选择provider,进行随机分配
openstack learning - network management operations
完成后,可以看到分配的浮动ip
openstack learning - network management operations

在“项目-计算-实例”中,将浮动ip分配给Instance_web_test_3
openstack learning - network management operations

按照如下方式进行分配
openstack learning - network management operations

同样的,也可以为Instance_web_test_1分配浮动ip

创建安全组

进入Instance_web_test-3的概览,查看虚拟机实例当前应用的安全组

openstack learning - network management operations

在导航栏,选择“项目-网络-安全组”,进入列表,点击管理规则
openstack learning - network management operations
查看defualt安全组
openstack learning - network management operations
默认安全组规则允许所有外出流量,但是禁止进入流量。

返回安全组列表,创建安全组
openstack learning - network management operations
创建一个名为SG_web的安全组,然后添加规则

openstack learning - network management operations

配置一个规则,能够让任何地址ping
openstack learning - network management operations
再添加一个规则,允许所有tcp协议
openstack learning - network management operations
检查配置的安全组规则
openstack learning - network management operations
然后再虚拟机实例中Instance_web_test_3,点击编辑安全组
openstack learning - network management operations
删除默认安全组default,添加SG_web安全组
openstack learning - network management operations
确认安全组规则
openstack learning - network management operations
从宿主机ping Instance_web_test-3的浮动ip,证实安全组生效
openstack learning - network management operations
从署主机ssh登陆虚拟机实例Instance_web_test-3,验证安全组生效
openstack learning - network management operations

CLI操作

创建网络

创建网络Network_cli_01,设置为shared

openstack network create --share Network_cli_01

openstack learning - network management operations

查看网络列表

openstack network list

openstack learning - network management operations

创建Network_cli_01的子网subnet_cli_01,网络地址“192.168.21.0/24",子网地址”192.168.21.100~192.168.21.200“,网关地址:”192.168.21.1“

openstack subnet create --network Network_cli_01 --subnet-range 192.168.21.0/24 --allocation-pool start=192.168.21.100,end=192.168.21.200 --gateway 192.168.21.1 Subnet_cli_01

openstack learning - network management operations

查看网络子网列表

openstack subnet list

openstack learning - network management operations
查看网络”Network_cli_01"的网口列表

openstack port list --network Network_cli_01 --long

openstack learning - network management operations

创建网络Network_cli_02和子网Subnet_cli_02,网络地址192.168.22.0/24,地址池192.168.22.100~192.168.22.200,网关192.168.22.1

openstack network create --share Network_cli_02

openstack learning - network management operations

openstack subnet create --network Network_cli_02 --subnet-range 192.168.22.0/24 --allocation-pool start=192.168.22.100,end=192.168.22.200 --gateway 192.168.22.1 Subnet_cli_02

openstack learning - network management operations
查看网络和网络子网列表

openstack network list

openstack learning - network management operations
查看子网

openstack subnet list

openstack learning - network management operations

因为openstack tranning lab限制项目虚拟机资源为10,需要删除之间的虚拟机实例才能继续创建新的虚拟机

openstack server delete Instance_web_test_{1,2,3}

发放两个虚拟机实例”Instance_cli_test",按照如下配置

  • 启动源image
  • 镜像:img_cli
  • 规格:flavor_cli
  • 分配网络:network_cli_01 
    openstack server create --image Img_cli --flavor Flavor_cli --network Network_cli_01 --min 2 --max 2 Instance_cli_test

    openstack learning - network management operations

创建完成之后,可以去dashboard里面验证虚拟机实例的网络连通性

创建Instance_cli_test-3,启动源image,镜像img_cli,规格flavor_cli,网络Network_cli_02

openstack server create --image Img_cli --flavor Flavor_cli --network Network_cli_02 Instance_cli_test-3

openstack learning - network management operations
Dashboard to verify the interoperability of virtual machine instances

Create a router

In the following manner, create a router

openstack router create --availability-zone-hint nova Router_cli

openstack learning - network management operations
View a list of routers

openstack router list

openstack learning - network management operations
The external router network provider

openstack router set --external-gateway provider Router_cli

Were added subnets "Subnet_cli_01 and Subnet_cli_02

openstack router add subnet Router_cli Subnet_cli_01
openstack router add subnet Router_cli Subnet_cli_02

Check the router interface information of Router_cli

openstack router show Router_cli | grep interfaces_info

openstack learning - network management operations

Dashboard to verify the virtual machine instance can communicate with each other

Managed floating ip

View examples of Instance_cli_test-3 network port

openstack port list --server Instance_cli_test-3

openstack learning - network management operations
Recording network port ID to be dispensed

Create and assign an external network provider Instance_cli_test-3 network port to a virtual machine instance floating ip

openstack floating ip create --port <port_id>  provider

openstack learning - network management operations
View floating ip list to see network port status
openstack floating ip list --long
openstack learning - network management operations
can be seen floating ip will not delete the virtual machine instance is deleted, it will be de-allocated
to re-create a floating ip

openstack floating ip create provider

openstack learning - network management operations
Floating ip created for 203.0.113.118

Example Instance_cli_test-1 is assigned a floating ip

openstack server add floating ip Instance_cli_test-1 203.0.113.118

openstack learning - network management operations

Security Group

View Instance_cli_test-3 security group

openstack server show Instance_cli_test-3

openstack learning - network management operations
Project name and record of the security group ID
View Instance_cli_test-3 Security Group ID

openstack security group list --project <project_id>

openstack learning - network management operations
View virtual machine instances corresponding security group ID rules

openstack security group rule list | grep <security_group_id

openstack learning - network management operations
View security group corresponding rule details

openstack security group rule show <security_group_rule_id>

openstack learning - network management operations

Create a security group SG_CLI

openstack security group create SG_CLI

openstack learning - network management operations

View list of security groups

openstack security group list

openstack learning - network management operations

Add the security group sg_cli the icmp rules

openstack security group rule create --protocol icmp --ingress --remote-ip 0.0.0.0/0 SG_CLI

openstack learning - network management operations
Add tcp rules

openstack security group rule create --protocol tcp --ingress --remote-ip 0.0.0.0/0 SG_CLI

openstack learning - network management operations

Remove the virtual machine default security group

openstack server remove security group Instance_cli_test-3 default

Add the security group SG_CLI

openstack server add security group Instance_cli_test-3 SG_CLI

Confirm security group VM instances

openstack server show Instance_cli_test-3 |grep security_groups

openstack learning - network management operations

Guess you like

Origin blog.51cto.com/11555417/2438445
Recommended
Ranking
#2019110700005
What materials and procedures are required for patent transfer
What is the blockchain Ethereum triplet state root transaction root receipt root
Front-end study notes 04 --- About the insertion of html pictures and videos
Documents required for the filing of WeChat Mini Programs in special industries, the filing process of WeChat Mini Programs in special industries, how to file WeChat Mini Programs in special industries
2017 Qingdao-site tournament I The Squared Mosquito Coil
[BZOJ3165][HEOI2013]Segment (line segment tree without marking)
Kettle series: KettleEasyExpand, an open source Kettle universal plugin by Ma Jinju
The latest tutorial on making framework for iOS
DAX Section 6: Statistical Functions
Daily
More
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)

Code World

© 2018 codetd.com