openstack 命令行管理十二 - 内部网络[instance专用]管理 (备忘)



ip 帮助

[root@station140 ~(keystone_admin)]# nova help | grep ip
    add-fixed-ip        Add new IP address on a network to server.
    add-floating-ip     Add a floating IP address to a server.
    cloudpipe-configure
                        Update the VPN IP/port of a cloudpipe instance.
    cloudpipe-create    Create a cloudpipe instance for the given project.
    cloudpipe-list      Print a list of all cloudpipe instances.
    dns-create          Create a DNS entry for domain, name and ip.
    dns-list            List current DNS entries for domain and ip or domain
    fixed-ip-get        Retrieve info on a fixed ip.
    fixed-ip-reserve    Reserve a fixed IP.
    fixed-ip-unreserve  Unreserve a fixed IP.
    floating-ip-bulk-create
                        Bulk create floating ips by range.
    floating-ip-bulk-delete
                        Bulk delete floating ips by range.
    floating-ip-bulk-list
                        List all floating ips.
    floating-ip-create  Allocate a floating IP for the current tenant.
    floating-ip-delete  De-allocate a floating IP.
    floating-ip-list    List floating ips for this tenant.
    floating-ip-pool-list
                        List all floating ip pools.
    remove-fixed-ip     Remove an IP address from a server.
    remove-floating-ip  Remove a floating IP address from a server.

网络管理帮助

[root@station140 ~(keystone_admin)]# nova help | grep network
    interface-attach    Attach a network interface to an instance.
    interface-detach    Detach a network interface from an instance.
    network-associate-host
                        Associate host with network.
    network-associate-project
                        Associate project with network.
    network-create      Create a network.
    network-disassociate
                        network.
    network-list        Print a list of available networks.
    network-show        Show details about the given network.
    reset-network       Reset network of an instance.
                        Add a network interface to a baremetal node.
                        List network interfaces associated with a baremetal
                        Remove a network interface from a baremetal node.
    net                 Show a network
    net-create          Create a network
    net-delete          Delete a network
    net-list            List networks

显示当前 openstack 网络方法

[root@station140 ~(keystone_admin)]# nova network-list
+--------------------------------------+---------+------+
| ID                                   | Label   | Cidr |
+--------------------------------------+---------+------+
| 68a1d874-e7bd-42e2-9f86-8eb0b0b4b8fd | public  | None |
| e8e14001-44d9-4ab1-a462-ea621b8a4746 | private | None |
+--------------------------------------+---------+------+

参考 openstack 官方文档, 在某些旧版本中, 需要利用下面方法创建网络, 当前 H 版本可以不使用下面变量

export OS_USERNAME=admin
export OS_PASSWORD=password
export OS_TENANT_NAME=admin
export OS_AUTH_URL=http://localhost:5000/v2.0

另外一种列出网络方法

[root@station140 ~(network_admin)]# neutron net-list
+--------------------------------------+---------+------------------------------------------------------+
| id                                   | name    | subnets                                              |
+--------------------------------------+---------+------------------------------------------------------+
| 68a1d874-e7bd-42e2-9f86-8eb0b0b4b8fd | public  | ce0a4a92-5c23-4557-ad67-97560ab5afa1 172.24.4.224/28 |
| e8e14001-44d9-4ab1-a462-ea621b8a4746 | private | 79fdeabd-7f8a-4619-a17d-87864ccdfa80 10.0.0.0/24     |
+--------------------------------------+---------+------------------------------------------------------+

显示某个网络详细信息

[root@station140 ~(network_admin)]# neutron net-show public
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 68a1d874-e7bd-42e2-9f86-8eb0b0b4b8fd |
| name                      | public                               |
| provider:network_type     | local                                |
| provider:physical_network |                                      |
| provider:segmentation_id  |                                      |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | ce0a4a92-5c23-4557-ad67-97560ab5afa1 |
| tenant_id                 | e3a71a59840c4e88b8740b789c3afb9c     |
+---------------------------+--------------------------------------+

显示网络 extension 详细信息

[root@station140 ~(keystone_admin)]# neutron ext-list
+-----------------------+-----------------------------------------------+
| alias                 | name                                          |
+-----------------------+-----------------------------------------------+
| ext-gw-mode           | Neutron L3 Configurable external gateway mode |
| security-group        | security-group                                |
| l3_agent_scheduler    | L3 Agent Scheduler                            |
| provider              | Provider Network                              |
| binding               | Port Binding                                  |
| quotas                | Quota management support                      |
| agent                 | agent                                         |
| dhcp_agent_scheduler  | DHCP Agent Scheduler                          |
| external-net          | Neutron external network                      |
| router                | Neutron L3 Router                             |
| allowed-address-pairs | Allowed Address Pairs                         |
| extra_dhcp_opt        | Neutron Extra DHCP opts                       |
| extraroute            | Neutron Extra Route                           |
+-----------------------+-----------------------------------------------+

创建私有网络

[root@station140 ~(network_admin)]# neutron net-create net1
Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | d0e3f988-d62f-4f95-ab21-b73f4dae326b |
| name                      | net1                                 |
| provider:network_type     | local                                |
| provider:physical_network |                                      |
| provider:segmentation_id  |                                      |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | e3a71a59840c4e88b8740b789c3afb9c     |
+---------------------------+--------------------------------------+

显示 net1 网络详细信息

[root@station140 ~(keystone_admin)]# neutron net-show net1
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | d0e3f988-d62f-4f95-ab21-b73f4dae326b |
| name                      | net1                                 |
| provider:network_type     | local                                |
| provider:physical_network |                                      |
| provider:segmentation_id  |                                      |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | e3a71a59840c4e88b8740b789c3afb9c     |
+---------------------------+--------------------------------------+

创建私网络 net1 的子网

[root@station140 ~(network_admin)]# neutron subnet-create --name terry_pri_net1 --allocation-pool start=10.0.0.50,end=10.0.0.100 --no-gateway --ip-version 4  net1 10.0.0.0/24
Created a new subnet:
+------------------+---------------------------------------------+
| Field            | Value                                       |
+------------------+---------------------------------------------+
| allocation_pools | {"start": "10.0.0.50", "end": "10.0.0.100"} |
| cidr             | 10.0.0.0/24                                  |
| dns_nameservers  |                                             |
| enable_dhcp      | True                                        |
| gateway_ip       |                                             |
| host_routes      |                                             |
| id               | 3066c397-bccf-4473-8a94-72b09a97a70a        |
| ip_version       | 4                                           |
| name             | terry_pri_net1                              |
| network_id       | d0e3f988-d62f-4f95-ab21-b73f4dae326b        |
| tenant_id        | e3a71a59840c4e88b8740b789c3afb9c            |
+------------------+---------------------------------------------+

显示 net1 网络详细信息

[root@station140 ~(keystone_admin)]# neutron net-show net1
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | d0e3f988-d62f-4f95-ab21-b73f4dae326b |
| name                      | net1                                 |
| provider:network_type     | local                                |
| provider:physical_network |                                      |
| provider:segmentation_id  |                                      |
| router:external           | False                                |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 3066c397-bccf-4473-8a94-72b09a97a70a |
| tenant_id                 | e3a71a59840c4e88b8740b789c3afb9c     |
+---------------------------+--------------------------------------+

注意 net1 中的 subnets values 部分 3066c397-bccf-4473-8a94-72b09a97a70a 显示为 terry_pri_net1 中的 ID 值

如果使用 vlan 网络

创建网络时候需要先把 vlan tag 进行定义, 例如

neutron net-create --variable segmentation_id=2030   --tenant-id 36c8fbaa-f178-4fd1-a614-2e8276ddd63f DMZ7_NET

子网创建参考

neutron subnet-create --name DMZ7_SUBNET --allocation-pool start=10.199.30.10,end=10.199.30.254 --no-gateway  --host-route  destination=0.0.0.0/0,nexthop=10.199.30.1  --dns-nameserver 10.189.208.21  --dns-nameserver 10.189.208.22 --ip-version 4  DMZ7_NET 10.199.30.0/24

创建网络后 ，需要激活 dhcp agent 

# neutron agent-list | grep DHCP
| 38edc3a8-af4e-496d-847b-acf80c1bf313 | DHCP agent         | ns-master-208023.vclound.com  | :-)   | True           |
| a73f3728-6ae4-48e9-8ad3-1d3ae85db6f4 | DHCP agent         | ns-slave-208024.vclound.com   | :-)   | True           |


neutron dhcp-agent-network-add 38edc3a8-af4e-496d-847b-acf80c1bf313 97e258d8-285f-4318-a032-afdf2f02dbd4
neutron dhcp-agent-network-add a73f3728-6ae4-48e9-8ad3-1d3ae85db6f4  97e258d8-285f-4318-a032-afdf2f02dbd4

subnet create example

···

# neutron subnet-create --tenant-id bad5649abc974dec9480f930f61d8c6e --name DNZ_SUBNET --ip-version 4 --allocation-pool start=10.189.23.20,end=10.189.23.250 --host-route destination=0.0.0.0/0,nexthop=10.189.23.1 --dns-nameserver 10.189.208.21 QATOOL_NET 10.189.23.0/24
Created a new subnet:
+------------------+--------------------------------------------------------+
| Field            | Value                                                  |
+------------------+--------------------------------------------------------+
| allocation_pools | {"start": "10.189.23.20", "end": "10.189.23.250"}      |
| cidr             | 10.189.23.0/24                                         |
| dns_nameservers  | 10.189.208.21                                          |
| enable_dhcp      | True                                                   |
| gateway_ip       | 10.189.23.1                                            |
| host_routes      | {"destination": "0.0.0.0/0", "nexthop": "10.189.23.1"} |
| id               | 1edb9468-5bd3-45cb-8fb6-788641ded2a1                   |
| ip_version       | 4                                                      |
| name             | DNZ_SUBNET                                             |
| network_id       | b3ed62da-1d11-42fe-9a05-853a2be317a1                   |
| tenant_id        | bad5649abc974dec9480f930f61d8c6e                       |
+------------------+--------------------------------------------------------+
 

···