五、部署网络服务neutron
5.1 为openstack网络服务创建一个数据库,服务凭证和API端点
[root@mysql ~]# mysql -uroot -p123456
MariaDB [(none)]> CREATE DATABASE neutron;
Query OK, 1 row affected (0.01 sec)
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' IDENTIFIED BY 'neutron123';
Query OK, 0 rows affected (0.01 sec)
- 控制端测试连接
[root@controller1 ~]# mysql -uneutron -pneutron123 -h172.20.6.248
Welcome to the MariaDB monitor. Commands end with ; or \g.
Your MariaDB connection id is 155
Server version: 10.1.20-MariaDB MariaDB Server
Copyright (c) 2000, 2016, Oracle, MariaDB Corporation Ab and others.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
5.2 控制端创建neutron用户并授权
[root@controller1 ~]# source script/admin.sh
#创建``neutron``用户
[root@controller1 ~]# openstack user create --domain default --password-prompt neutron
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | cbdbfa70fb1c4b0d9b0d37650f848599 |
| enabled | True |
| id | e9d30840635342fa92097f74bf1ced8d |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
You have new mail in /var/spool/mail/root
#添加``admin`` 角色到``neutron`` 用户:
[root@controller1 ~]# openstack role add --project service --user neutron admin
5.3 创建neutron服务并注册
#创建``neutron``服务实体
[root@controller1 ~]# openstack service create --name neutron --description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 4c420b2ad5654f9c99e2a24b4c82e0bf |
| name | neutron |
| type | network |
+-------------+----------------------------------+
#创建网络服务API端点
#注册公共端点:
[root@controller1 ~]# openstack endpoint create --region RegionOne network public http://openstack-linux36-vip.magedu.net:9696
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | 9c062afea0c043b0b42af68a93831f9b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c420b2ad5654f9c99e2a24b4c82e0bf |
| service_name | neutron |
| service_type | network |
| url | http://openstack-linux36-vip.magedu.net:9696 |
+--------------+----------------------------------------------+
#注册私有端点:
[root@controller1 ~]# openstack endpoint create --region RegionOne network internal http://openstack-linux36-vip.magedu.net:9696
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | 1e9d22dca93e478997162e77c7543c10 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c420b2ad5654f9c99e2a24b4c82e0bf |
| service_name | neutron |
| service_type | network |
| url | http://openstack-linux36-vip.magedu.net:9696 |
+--------------+----------------------------------------------+
[root@controller1 ~]# openstack endpoint create --region RegionOne network admin http://openstack-linux36-vip.magedu.net:9696
#注册管理端点:
+--------------+----------------------------------------------+
| Field | Value |
+--------------+----------------------------------------------+
| enabled | True |
| id | b81e7b7d23724cd48fe932a56549fce0 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 4c420b2ad5654f9c99e2a24b4c82e0bf |
| service_name | neutron |
| service_type | network |
| url | http://openstack-linux36-vip.magedu.net:9696 |
+--------------+----------------------------------------------+
-
验证端点添加成功
image.png 配置haproxy负载
root@lb1:~# vim /etc/haproxy/haproxy.cfg
...
listen opnestack_neutron_port_9696
bind 172.20.6.248:9696
mode tcp
log global
server 172.20.6.101 172.20.6.101:9696 check inter 3000 fall 2 rise 5
root@lb1:~# systemctl restart haproxy
5.4 配置网络选项(本实验网络选项为提供者网络)
部署neutron控制端
- 安装组件(控制端安装neutron)
[root@controller1 ~]# yum install -y openstack-neutron openstack-neutron-ml2 openstack-neutron-linuxbridge ebtables
- 配置服务组件,编辑
/etc/neutron/neutron.conf文件
[root@controller1 ~]# vim /etc/neutron/neutron.conf
配置最终如下
[DEFAULT]
core_plugin = ml2
service_plugins =
transport_url = rabbit://openstack:[email protected]
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
[database]
connection = mysql+pymysql://neutron:[email protected]/neutron
[keystone_authtoken]
auth_uri = http://openstack-linux36-vip.magedu.net:5000
auth_url = http://openstack-linux36-vip.magedu.net:35357
memcached_servers = openstack-linux36-vip.magedu.net:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[nova]
auth_url = http://openstack-linux36-vip.magedu.net:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = nova
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
- 配置 Modular Layer 2 (ML2) 插件
编辑/etc/neutron/plugins/ml2/ml2_conf.ini
最终配置如下
[root@controller1 ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
type_drivers = flat,vlan
tenant_network_types =
mechanism_drivers = linuxbridge
extension_drivers = port_security
[ml2_type_flat]
flat_networks = external 注:external网络名称自定义
[securitygroup]
enable_ipset = true
- 配置Linuxbridge代理
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件
最终配置如下
[root@controller1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:br0
注: external在/etc/neutron/plugins/ml2/ml2_conf.ini配置文件定义的网络名称
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
[vxlan]
enable_vxlan = false
- 配置DHCP代理
编辑/etc/neutron/dhcp_agent.ini文件
最终配置如下
[root@controller1 ~]# vim /etc/neutron/dhcp_agent.ini
[DEFAULT]
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
上面的提供者网络配置完成之后,配置以下配置文件
- 配置元数据代理
编辑/etc/neutron/metadata_agent.ini文件
root@controller1 ~]# vim /etc/neutron/metadata_agent.ini
...
[DEFAULT]
nova_metadata_ip = openstack-linux36-vip.magedu.net
metadata_proxy_shared_secret = 20190625
- 配置计算服务来使用网络服务
编辑/etc/nova/nova.conf文件
[root@controller1 ~]# vim /etc/nova/nova.conf
...
[neutron]
url = http://openstack-linux36-vip.magedu.net:9696
auth_url = http://openstack-linux36-vip.magedu.net:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
service_metadata_proxy = true
metadata_proxy_shared_secret = 20190625
5.5 控制端配置完之后,进行下面的操作
- 创建软连接
[root@controller1 ~]# ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
- 初始化数据库(同步数据库)
未初始化之前,查看数据库
MariaDB [(none)]> use neutron;
Database changed
MariaDB [neutron]> show tables;
Empty set (0.00 sec)
初始化数据库
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf --config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
再次查看数据库
MariaDB [neutron]> show tables;
+-----------------------------------------+
| Tables_in_neutron |
+-----------------------------------------+
| address_scopes |
| agents |
| alembic_version |
| allowedaddresspairs |
| arista_provisioned_nets |
| arista_provisioned_tenants |
| arista_provisioned_vms |
...
- 重启api服务
[root@controller1 ~]# systemctl restart openstack-nova-api.service
- 验证nova api日志有没有报错
2019-06-25 13:42:00.378 27115 INFO oslo_service.service [req-ed874ee0-f8fb-4c0a-9c30-cdde121d0fb9 - - - - -] Starting 2 workers
2019-06-25 13:42:00.533 27115 INFO nova.wsgi [req-ed874ee0-f8fb-4c0a-9c30-cdde121d0fb9 - - - - -] metadata listening on 0.0.0.0:8775
2019-06-25 13:42:00.535 27115 INFO oslo_service.service [req-ed874ee0-f8fb-4c0a-9c30-cdde121d0fb9 - - - - -] Starting 2 workers
2019-06-25 13:42:00.565 27115 WARNING oslo_config.cfg [req-ed874ee0-f8fb-4c0a-9c30-cdde121d0fb9 - - - - -] Option "force_dhcp_release" from group "DEFAULT" is deprecated for removal. Its value may be silently ignored in the future.
2019-06-25 13:42:01.982 27124 INFO nova.osapi_compute.wsgi.server [req-c702f27c-9d87-43ff-a40b-e2a1ccf0c6f2 - - - - -] (27124) wsgi starting up on http://0.0.0.0:8774
2019-06-25 13:42:02.009 27125 INFO nova.osapi_compute.wsgi.server [req-81f3fe24-ef48-4bad-abce-9252ed2c9c96 - - - - -] (27125) wsgi starting up on http://0.0.0.0:8774
2019-06-25 13:42:02.219 27126 INFO nova.metadata.wsgi.server [req-3b9ff73b-68d1-4688-b0c5-73e42d6a781d - - - - -] (27126) wsgi starting up on http://0.0.0.0:8775
2019-06-25 13:42:02.255 27127 INFO nova.metadata.wsgi.server [req-48c792b9-cc4b-4215-9ef9-9af5da426846 - - - - -] (27127) wsgi starting up on http://0.0.0.0:8775
You have new mail in /var/spool/mail/root
- 配置haroxy代理
listen opnestack_nova-api_port_8775
bind 172.20.6.248:8775
mode tcp
log global
server 172.20.6.101 172.20.6.101:8775 check inter 3000 fall 2 rise 5
root@lb1:~# systemctl restart haproxy
root@lb1:~# ss -tnl | grep 8775
LISTEN 0 128 172.20.6.248:8775 0.0.0.0:*
- 启动neutron服务并设置为开机启动
[root@controller1 ~]# systemctl enable neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
[root@controller1 ~]# systemctl start neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
-
验证日志
image.png - 验证neutron控制端是否注册成功
此步骤要求各服务器时间必须一致
[root@controller1 ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+------------------------+-------------------+-------+
| id | agent_type | host | availability_zone | alive |
+--------------------------------------+--------------------+------------------------+-------------------+-------+
| 21d615de-fa1c-49ef-9c06-7a4f4511b9f6 | Metadata agent | controller1.magedu.net | | :-) |
| 57f3dfe0-0091-4a7f-9ca2-43a68cc769a1 | DHCP agent | controller1.magedu.net | nova | :-) |
| 83dc0627-4183-4df6-bd45-a982fb8871e4 | Linux bridge agent | controller1.magedu.net | | :-) |
+--------------------------------------+--------------------+------------------------+-------------------+-------
[root@controller1 ~]# vim script/neutron-restart.sh
#!/bin/bash
systemctl restart neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service
- 部署neutron计算节点
6.1 安装组件
[root@computer1 nova]# yum install openstack-neutron-linuxbridge ebtables ipset -y
6.2 配置通用组件
- 编辑
/etc/neutron/neutron.conf文件
[DEFAULT]
transport_url = rabbit://openstack:[email protected]
auth_strategy = keystone
[keystone_authtoken]
auth_uri = http://openstack-linux36-vip.magedu.net:5000
auth_url = http://openstack-linux36-vip.magedu.net:35357
memcached_servers = openstack-linux36-vip.magedu.net:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = neutron
[oslo_concurrency]
lock_path = /var/lib/neutron/tmp
6.3 配置提供者网络
编辑/etc/neutron/plugins/ml2/linuxbridge_agent.ini文件
[root@computer1 nova]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:br0
注: 此处external网络名称要与控制节点定义的一样
[vxlan]
enable_vxlan = false
[securitygroup]
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
6.4 配置计算服务来使用网络服务
编辑/etc/nova/nova.conf文件
[root@computer1 nova]# vim /etc/nova/nova.conf
[neutron]
url = http://openstack-linux36-vip.magedu.net:9696
auth_url = http://openstack-linux36-vip.magedu.net:35357
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = neutron
6.5 重启计算服务
[root@computer1 nova]# systemctl restart openstack-nova-compute.service
6.6 启动计算节点neutron服务并设置为开机启动(启动Linuxbridge代理并配置它开机自启动)
[root@computer1 nova]# systemctl enable neutron-linuxbridge-agent.service
[root@computer1 nova]# systemctl start neutron-linuxbridge-agent.service
6.7 验证neutron日志
[root@computer1 ~]# tail -f /var/log/nova/*.log
2019-06-25 14:30:47.920 17005 WARNING nova.compute.monitors [req-0384f311-17fa-48ef-a77f-09bdd7262d96 - - - - -] Excluding nova.compute.monitors.cpu monitor virt_driver. Not in the list of enabled monitors (CONF.compute_monitors).
2019-06-25 14:30:52.815 17005 INFO nova.compute.resource_tracker [req-0384f311-17fa-48ef-a77f-09bdd7262d96 - - - - -] Final resource view: name=computer1.magedu.net phys_ram=3035MB used_ram=512MB phys_disk=99GB used_disk=0GB total_vcpus=2 used_vcpus=0 pci_stats=[]
2019-06-25 14:31:47.576 17005 INFO nova.compute.resource_tracker [req-b4788d5c-64f3-4109-b342-aface49289e5 - - - - -] Final resource view: name=computer1.magedu.net phys_ram=3035MB used_ram=512MB phys_disk=99GB used_disk=0GB total_vcpus=2 used_vcpus=0 pci_stats=[]
2019-06-25 14:32:48.006 17005 INFO nova.compute.resource_tracker [req-b4788d5c-64f3-4109-b342-aface49289e5 - - - - -] Final resource view: name=computer1.magedu.net phys_ram=3035MB used_ram=512MB phys_disk=99GB used_disk=0GB total_vcpus=2 used_vcpus=0 pci_stats=[]
2019-06-25 14:33:47.694 17005 INFO nova.compute.resource_tracker [req-b4788d5c-64f3-4109-b342-aface49289e5 - - - - -] Final resource view: name=computer1.magedu.net phys_ram=3035MB used_ram=512MB phys_disk=99GB used_disk=0GB total_vcpus=2 used_vcpus=0 pci_stats=[]
6.8 neutron 控制端验证计算节点是否注册成功
[root@controller1 ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+------------------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+------------------------+-------------------+-------+----------------+---------------------------+
| 21d615de-fa1c-49ef-9c06-7a4f4511b9f6 | Metadata agent | controller1.magedu.net | | :-) | True | neutron-metadata-agent |
| 57f3dfe0-0091-4a7f-9ca2-43a68cc769a1 | DHCP agent | controller1.magedu.net | nova | :-) | True | neutron-dhcp-agent |
| 77f29564-a2fe-4178-8598-aad2f6f147fa | Linux bridge agent | computer1.magedu.net | | :-) | True | neutron-linuxbridge-agent |
| 83dc0627-4183-4df6-bd45-a982fb8871e4 | Linux bridge agent | controller1.magedu.net | | :-) | True | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------------------+-------------------+-------+----------------+---------------------------+
[root@controller1 ~]# openstack network agent list
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
| 21d615de-fa1c-49ef-9c06-7a4f4511b9f6 | Metadata agent | controller1.magedu.net | None | True | UP | neutron-metadata-agent |
| 57f3dfe0-0091-4a7f-9ca2-43a68cc769a1 | DHCP agent | controller1.magedu.net | nova | True | UP | neutron-dhcp-agent |
| 77f29564-a2fe-4178-8598-aad2f6f147fa | Linux bridge agent | computer1.magedu.net | None | True | UP | neutron-linuxbridge-agent |
| 83dc0627-4183-4df6-bd45-a982fb8871e4 | Linux bridge agent | controller1.magedu.net | None | True | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
image.png
6.9 验证neutron server进程是否正常运行
[root@controller1 ~]# openstack extension list --network
+-------------------------------------------------------------+---------------------------+---------------------------------------------------------------------------------------------------------+
| Name | Alias | Description |
+-------------------------------------------------------------+---------------------------+---------------------------------------------------------------------------------------------------------+
| Default Subnetpools | default-subnetpools | Provides ability to mark and use a subnetpool as the default |
| Availability Zone | availability_zone | The availability zone extension. |
| Network Availability Zone | network_availability_zone | Availability zone support for network. |
| Port Binding | binding | Expose port bindings of a virtual port to external application |
| agent | agent | The agent management extension. |
| Subnet Allocation | subnet_allocation | Enables allocation of subnets from a subnet pool |
| DHCP Agent Scheduler | dhcp_agent_scheduler | Schedule networks among dhcp agents |
| Tag support | tag | Enables to set tag on resources. |
| Neutron external network | external-net | Adds external network attribute to network resource. |
| Neutron Service Flavors | flavors | Flavor specification for Neutron advanced services |
| Network MTU | net-mtu | Provides MTU attribute for a network resource. |
| Network IP Availability | network-ip-availability | Provides IP availability data for each network and subnet. |
| Quota management support | quotas | Expose functions for quotas management per tenant |
| Provider Network | provider | Expose mapping of virtual networks to physical networks |
| Multi Provider Network | multi-provider | Expose mapping of virtual networks to multiple physical networks
...
6.10 配置第二个计算节点neutron配置(将计算节点一的neutron配置文件拷贝一份到计算节点2)
[root@computer2 nova]# yum install openstack-neutron-linuxbridge ebtables ipset -y
[root@computer1 nova]# cd /etc/neutron/
You have new mail in /var/spool/mail/root
[root@computer1 neutron]# ls
conf.d neutron.conf plugins rootwrap.conf
[root@computer1 neutron]# tar czvf neutron-computer.tar.gz ./*
./conf.d/
./conf.d/README
./conf.d/common/
./conf.d/neutron-linuxbridge-agent/
./neutron.conf
./plugins/
./plugins/ml2/
./plugins/ml2/linuxbridge_agent.ini
./rootwrap.conf
[root@computer1 neutron]# scp neutron-computer.tar.gz 172.20.6.105:/etc/neutron/
[email protected]'s password:
neutron-computer.tar.gz 100% 23KB 23.1KB/s 00:00
You have new mail in /var/spool/mail/root
[root@computer1 neutron]# scp /etc/nova/nova.conf 172.20.6.105:/etc/nova/
[root@computer2 neutron]# ls
conf.d neutron-computer.tar.gz neutron.conf plugins rootwrap.conf
解压
[root@computer2 neutron]# tar -xf neutron-computer.tar.gz
重启计算服务
[root@computer2 neutron]# systemctl restart openstack-nova-compute.service
启动计算节点neutron服务并设置为开机启动
[root@computer2 neutron]# systemctl enable neutron-linuxbridge-agent.service
[root@computer2 neutron]# systemctl start neutron-linuxbridge-agent.service
验证neutron日志
[root@computer2 ~]# tail -f /var/log/neutron/*.log
2019-06-25 15:07:10.027 15791 INFO neutron.common.config [-] /usr/bin/neutron-linuxbridge-agent version 10.0.7
2019-06-25 15:07:10.028 15791 INFO neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Interface mappings: {'external': 'br0'}
2019-06-25 15:07:10.028 15791 INFO neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Bridge mappings: {}
2019-06-25 15:07:10.036 15791 INFO neutron.plugins.ml2.drivers.linuxbridge.agent.linuxbridge_neutron_agent [-] Agent initialized successfully, now running...
2019-06-25 15:07:10.333 15791 INFO oslo_rootwrap.client [req-18c23712-df1d-4fc1-bfd9-0436adebb8a3 - - - - -] Spawned new rootwrap daemon process with pid=15803
2019-06-25 15:07:10.475 15791 INFO neutron.plugins.ml2.drivers.agent._common_agent [req-18c23712-df1d-4fc1-bfd9-0436adebb8a3 - - - - -] RPC agent_id: lb000c29fea4bb
2019-06-25 15:07:10.480 15791 INFO neutron.agent.agent_extensions_manager [req-18c23712-df1d-4fc1-bfd9-0436adebb8a3 - - - - -] Loaded agent extensions: []
2019-06-25 15:07:11.140 15791 INFO neutron.plugins.ml2.drivers.agent._common_agent [req-18c23712-df1d-4fc1-bfd9-0
- neutron 控制端验证计算节点是否注册成功
[root@controller1 ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+------------------------+-------------------+-------+
| id | agent_type | host | availability_zone | alive |
+--------------------------------------+--------------------+------------------------+-------------------+-------+
| 21d615de-fa1c-49ef-9c06-7a4f4511b9f6 | Metadata agent | controller1.magedu.net | | :-) |
| 57f3dfe0-0091-4a7f-9ca2-43a68cc769a1 | DHCP agent | controller1.magedu.net | nova | :-) |
| 77f29564-a2fe-4178-8598-aad2f6f147fa | Linux bridge agent | computer1.magedu.net | | :-) |
| 83dc0627-4183-4df6-bd45-a982fb8871e4 | Linux bridge agent | controller1.magedu.net | | :-) |
| e645f58e-adf6-4f58-8aaf-189a0a1086f5 | Linux bridge agent | computer2.magedu.net | | :-) |
+--------------------------------------+--------------------+------------------------+-------------------+-------
[root@controller1 ~]# openstack network agent list
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
| 21d615de-fa1c-49ef-9c06-7a4f4511b9f6 | Metadata agent | controller1.magedu.net | None | True | UP | neutron-metadata-agent |
| 57f3dfe0-0091-4a7f-9ca2-43a68cc769a1 | DHCP agent | controller1.magedu.net | nova | True | UP | neutron-dhcp-agent |
| 77f29564-a2fe-4178-8598-aad2f6f147fa | Linux bridge agent | computer1.magedu.net | None | True | UP | neutron-linuxbridge-agent |
| 83dc0627-4183-4df6-bd45-a982fb8871e4 | Linux bridge agent | controller1.magedu.net | None | True | UP | neutron-linuxbridge-agent |
| e645f58e-adf6-4f58-8aaf-189a0a1086f5 | Linux bridge agent | computer2.magedu.net | None | True | UP | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+------------------------+-------------------+-------+-------+---------------------------+
六、部署管理服务仪表盘(horizon)
注:一般仪表盘服务部署在控制端
- 安全并配置组件
1.1 安装软件包
[root@controller1 ~]# yum install openstack-dashboard -y
- 2 编辑文件 /etc/openstack-dashboard/local_settings
[root@controller1 ~]# vim /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "172.20.6.101"
ALLOWED_HOSTS = ['*',]
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
ACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'openstack-linux36-vip.magedu.net:11211',
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 2,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = 'Default'
OPENSTACK_NEUTRON_NETWORK = {
'enable_router': False,
'enable_quotas': False,
'enable_ipv6': False,
'enable_distributed_router': False,
'enable_ha_router': False,
'enable_lb': False,
'enable_firewall': False,
'enable_vpn': False,
'enable_fip_topology_check': False,
TIME_ZONE = "Asia/Shanghai"
1.3 重启web服务器以及会话存储服务
[root@controller1 script]# systemctl restart httpd
1.4 配置haproxy代理horizon
root@lb1:~# vim /etc/haproxy/haproxy.cfg
listen opnestacl_dashboard_web_port_80
bind 172.20.6.248:80
mode tcp
log global
server 172.20.6.101 172.20.6.101:80 check inter 3000 fall 2 rise 5
root@lb1:~# systemctl restart haproxy
1.4 验证仪表盘的操作
image.png
image.png
image.png
七、创建虚拟机
在步骤一中,进行环境配置时,进行的网卡绑定,由于通过笔记本wmware中创建的网卡绑定,导致网络不稳定,进而实验进程掉线。所有再次进行解绑,重新配置网卡,但是实验ip地址不变
- 控制端重新配置
[root@controller1 network-scripts]# cat ifcfg-eth0 ifcfg-eth2
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=172.20.6.101
NETMASK=255.255.0.0
GATEWAY=172.20.0.1
DNS=114.114.114.114
BOOTPROTO=static
NAME=eth2
DEVICE=eth2
ONBOOT=yes
IPADDR=10.20.6.101
NETMASK=255.255.0.0
修改控制端neutron组件中的配置文件
[root@controller1 network-scripts]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_type_flat]
flat_networks = external,internal
[root@controller1 network-scripts]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:eth0,internal:eth2
- 计算节点1重新配置
[root@computer1 network-scripts]# cat ifcfg-eth*
BOOTPROTO=static
NAME=eth0
DEVICE=eth0
ONBOOT=yes
IPADDR=172.20.6.104
NETMASK=255.255.0.0
GATEWAY=172.20.0.1
DNS=114.114.114.114
BOOTPROTO=static
NAME=eth2
DEVICE=eth2
ONBOOT=yes
IPADDR=10.20.6.104
NETMASK=255.255.0.0
修改计算节点neutron组件中的配置文件
[root@computer1 network-scripts]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:eth0,internal:eth2
- 计算节点2同计算节点1同理配置
- 创建虚拟网络(创建提供者网络)
1.1 网络规划及IP划分
- 创建网络
注:#openstack network create --在项目之间共享 --外部网络 --provider-physical-network --配置文件名称 --provider-network-type flat --自定义网络名称
[root@controller1 ~]# source script/admin.sh
[root@controller1 ~]# openstack network create --share --external --provider-physical-network external --provider-network-type flat external-net
- 在网络上创建一个子网
注:# openstack subnet create --network 上一步定义的网络名称 --allocation-pool start=开始IP,end=结束IP --dns-nameserver DNS --gateway 网关 --subnet-range IP/掩码 自定义名称
[root@controller1 ~]# openstack subnet create --network external-net --allocation-pool start=172.20.6.201,end=172.20.6.220 --dns-nameserver 172.20.0.1 --gateway 172.20.0.1 --subnet-range 172.20.0.0/16 external-sub
- 验证网络
[root@controller1 ~]# openstack network list
+----------------------------------+--------------+----------------------------------+
| ID | Name | Subnets |
+----------------------------------+--------------+----------------------------------+
| ccd536cc-09cb-4885-8bed- | external-net | 5ba1aae1-68e3-43bc-a260-e0584545 |
| be9d78f339e0 | | e6dc |
+----------------------------------+--------------+----------------------------------
[root@controller1 ~]# openstack subnet list
+--------------------------+--------------+--------------------------+---------------+
| ID | Name | Network | Subnet |
+--------------------------+--------------+--------------------------+---------------+
| 5ba1aae1-68e3-43bc-a260- | external-sub | ccd536cc-09cb-4885-8bed- | 172.20.0.0/16 |
| e0584545e6dc | | be9d78f339e0 | |
+--------------------------+--------------+--------------------------+---------------+
[root@controller1 ~]# neutron net-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+----------------------+--------------+----------------------+-----------------------+
| id | name | tenant_id | subnets |
+----------------------+--------------+----------------------+-----------------------+
| ccd536cc-09cb-4885 | external-net | 2c101bf8498c42a484c9 | 5ba1aae1-68e3-43bc-a2 |
| -8bed-be9d78f339e0 | | ff26b1a5d802 | 60-e0584545e6dc |
| | | | 172.20.0.0/16 |
+----------------------+--------------+----------------------+-----------------------+
[root@controller1 ~]# neutron subnet-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------+----------------------------------+---------------+--------------------------------------------------+
| id | name | tenant_id | cidr | allocation_pools |
+--------------------------------------+--------------+----------------------------------+---------------+--------------------------------------------------+
| 5ba1aae1-68e3-43bc-a260-e0584545e6dc | external-sub | 2c101bf8498c42a484c9ff26b1a5d802 | 172.20.0.0/16 | {"start": "172.20.6.201", "end": "172.20.6.220"} |
+--------------------------------------+--------------+----------------------------------+---------------+--------------------------------------------------+
-
web端验证网络
image.png
注:如果上面通过控制端服务器创建的子网用完了,可以再次用上面的方法进行创建,也可以在上面web界面进行创建子网。
image.png
-
创建m1.nano类型
image.png
默认的最小规格的主机需要512 MB内存。对于环境中计算节点内存不足4 GB的,我们推荐创建只需要64 MB的m1.nano规格的主机。若单纯为了测试的目的,请使用m1.nano规格的主机来加载CirrOS镜像
[root@controller1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
You have new mail in /var/spool/mail/root
image.png
- 生成一个键值对
大部分云镜像支持 :term:public key authentication而不是传统的密码登陆。在启动实例前,你必须添加一个公共密钥到计算服务。
注:基于key实现免密码登录
[root@controller1 ~]# source script/demo.sh
生成key
[root@controller1 ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
[root@controller1 ~]# ll /root/.ssh
total 12
-rw------- 1 root root 1679 Jun 25 20:11 id_rsa
-rw-r--r-- 1 root root 409 Jun 25 20:11 id_rsa.pub
添加公钥(将公钥上传到openstack里面)
[root@controller1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | c7:7f:9b:2a:1d:96:6b:5a:d4:49:7b:2c:f3:b4:a6:b6 |
| name | mykey |
| user_id | d7ef16d7501f4398810bdd4247bb191f |
+-------------+-------------------------------------------------+
注:工作生产中,不用上面方法,而是在把基于key的公钥直接写入到系统镜像文件中。
- 验证key
[root@controller1 ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | c7:7f:9b:2a:1d:96:6b:5a:d4:49:7b:2c:f3:b4:a6:b6 |
+-------+-------------------------------------------------+
-
web端验证
image.png
- 增加安全组规则
默认情况下, ''default``安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping) 和安全shell(SSH)规则
注:安全组在生产环境中不用
4.1 创建实验环境
[root@controller1 ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+
| ID | Name | Description | Project |
+--------------------------------------+---------+------------------------+----------------------------------+
| 497d88bb-08bf-4425-a7ef-911e7660d669 | default | Default security group | a43d0e07295546f0a4c2c5987073863b |
| 72f3a893-70e6-426e-8777-99811d23bad9 | default | Default security group | 2c101bf8498c42a484c9ff26b1a5d802 |
+--------------------------------------+---------+------------------------+----------------------------------+
You have new mail in /var/spool/mail/root
[root@controller1 ~]# openstack security group delete 497d88bb-08bf-4425-a7ef-911e7660d669
[root@controller1 ~]# openstack security group delete 72f3a893-70e6-426e-8777-99811d23bad9
[root@controller1 ~]# bash script/neutron-restart.sh
[root@controller1 ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+
| ID | Name | Description | Project |
+--------------------------------------+---------+------------------------+----------------------------------+
| 34d29b6b-1343-4636-8b30-86df4e11536e | default | Default security group | 2c101bf8498c42a484c9ff26b1a5d802 |
+--------------------------------------+---------+------------------------+----------------------------------+
4.2 添加规则到 default 安全组
注:将允许ping规则添加到default安全组
[root@controller1 ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-06-25T12:50:25Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 6f6e5114-28b6-43b3-a289-8d4afb900995 |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | 34d29b6b-1343-4636-8b30-86df4e11536e |
| updated_at | 2019-06-25T12:50:25Z |
+-------------------+--------------------------------------+
- 允许安全 shell (SSH) 的访问
[root@controller1 ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2019-06-25T12:51:05Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 6175465d-76c2-45cb-845c-8c850fe5bf38 |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 1 |
| security_group_id | 34d29b6b-1343-4636-8b30-86df4e11536e |
| updated_at | 2019-06-25T12:51:05Z |
+-------------------+--------------------------------------+
-
web端验证生成的安全组
image.png
4.3 最终验证
- 列出虚拟机类型
[root@controller1 ~]# openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
注:已创建的虚拟机
- 列出可用镜像
[root@controller1 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| de7350ff-5090-4cda-a950-2817cee72384 | cirros-0.3.4 | active |
+--------------------------------------+--------------+--------+
- 列出可用网络
[root@controller1 ~]# openstack network list
+----------------------------------+--------------+----------------------------------+
| ID | Name | Subnets |
+----------------------------------+--------------+----------------------------------+
| ccd536cc-09cb-4885-8bed- | external-net | 5ba1aae1-68e3-43bc-a260-e0584545 |
| be9d78f339e0 | | e6dc |
+----------------------------------+--------------+----------------------------------
- 列出可用安全组
[root@controller1 ~]# openstack security group list
+------------------------+---------+------------------------+------------------------+
| ID | Name | Description | Project |
+------------------------+---------+------------------------+------------------------+
| 34d29b6b-1343-4636-8b3 | default | Default security group | 2c101bf8498c42a484c9ff |
| 0-86df4e11536e | | | 26b1a5d802 |
+------------------------+---------+------------------------+------------------------+
- 创建虚拟机
5.1 确定实例选项
[root@controller1 ~]# source script/demo.sh
一个实例指定了虚拟机资源的大致分配,包括处理器、内存和存储。
列出可用类型
[root@controller1 ~]# openstack flavor list
+----+---------+-----+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+---------+-----+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
+----+---------+-----+------+-----------+-------+-----------+
列出可用镜像
[root@controller1 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| de7350ff-5090-4cda-a950-2817cee72384 | cirros-0.3.4 | active |
+--------------------------------------+--------------+--------+
列出可用网络
[root@controller1 ~]# openstack network list
+----------------------------------+--------------+----------------------------------+
| ID | Name | Subnets |
+----------------------------------+--------------+----------------------------------+
| ccd536cc-09cb-4885-8bed- | external-net | 5ba1aae1-68e3-43bc-a260-e0584545 |
| be9d78f339e0 | | e6dc |
+----------------------------------+--------------+----------------------------------+
列出可用的安全组
[root@controller1 ~]# openstack security group list
+------------------------+---------+------------------------+------------------------+
| ID | Name | Description | Project |
+------------------------+---------+------------------------+------------------------+
| 92e4483b-72e6-4a78-ad8 | default | Default security group | a43d0e07295546f0a4c2c5 |
| 3-df7f9e1ddf42 | | | 987073863b |
+------------------------+---------+------------------------+------------------------+
5.2 创建实例(虚拟机)
注:# openstack server create --flavor 虚拟机类型 --image 镜像名称 --nic net-id=network-ID --security-group 安全组名 --key-name key名称 虚拟机名称
[root@controller1 ~]# openstack server create --flavor m1.nano --image cirros-0.3.4 \
> --nic net-id=ccd536cc-09cb-4885-8bed-be9d78f339e0 --security-group default \
> --key-name mykey linux-vm1
+-----------------------------+-----------------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | RbB9mYN5Gu4t |
| config_drive | |
| created | 2019-06-26T13:16:05Z |
| flavor | m1.nano (0) |
| hostId | |
| id | 08232f74-c0d8-4dce-b93c-191685b7cd87 |
| image | cirros-0.3.4 (de7350ff-5090-4cda-a950-2817cee72384) |
| key_name | mykey |
| name | linux-vm1 |
| progress | 0 |
| project_id | a43d0e07295546f0a4c2c5987073863b |
| properties | |
| security_groups | name='default' |
| status | BUILD |
| updated | 2019-06-26T13:16:05Z |
| user_id | d7ef16d7501f4398810bdd4247bb191f |
| volumes_attached | |
5.3 查看实例(虚拟机)状态
[root@controller1 ~]# openstack server list
+--------------------------------------+-----------+--------+---------------------------+--------------+
| ID | Name | Status | Networks | Image Name |
+--------------------------------------+-----------+--------+---------------------------+--------------+
| 08232f74-c0d8-4dce-b93c-191685b7cd87 | linux-vm1 | ACTIVE | external-net=172.20.6.210 | cirros-0.3.4 |
+--------------------------------------+-----------+--------+---------------------------+--------------+
5.4 使用虚拟控制台访问实例
- 获取你实例的 Virtual Network Computing (VNC) 会话URL并从web浏览器访问它
注:# openstack console url show 虚拟机名称
[root@controller1 ~]# openstack console url show linux-vm1
+-------+-------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------+-------------------------------------------------------------------------------------------------------+
| type | novnc |
| url | http://openstack-linux36-vip.magedu.net:6080/vnc_auto.html?token=37a8e2d8-6408-449d-9f7b-26d6465c415a |
+-------+-------------------------------------------------------------------------------------------------------+
-
使用浏览器访问虚拟机的URL
image.png
正常虚拟机web界面
image.png
5.4 图形界面创建虚拟机 -
点击创建实例
image.png -
定义名称
image.png -
选择镜像
image.png -
定义虚拟机类型
image.png -
选择网络
image.png -
选择安全组
image.png
-
启动虚拟机
image.png -
创建过程中
image.png -
验证虚拟机运行正常
image.png
image.png
八、创建私有网络实例(虚拟机)
8.1 在计算节点和控制节点上添加网卡eth2(主机模式)并配置ip地址,网段在10.20.0.0/16
···
[root@controller1 ~]# ifconfig eth2
eth2: flags=4163
inet 10.20.6.101 netmask 255.255.0.0 broadcast 10.20.255.255
inet6 fe80::20c:29ff:fe9b:598f prefixlen 64 scopeid 0x20
ether 00:0c:29:9b:59:8f txqueuelen 1000 (Ethernet)
RX packets 1666 bytes 296908 (289.9 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 11 bytes 828 (828.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@computer1 ~]# ifconfig eth2
eth2: flags=4099
inet 10.20.6.104 netmask 255.255.0.0 broadcast 10.20.255.255
ether 00:0c:29:0f:9f:e9 txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
[root@computer2 ~]# ifconfig eth2
eth2: flags=4099
inet 10.20.6.105 netmask 255.255.0.0 broadcast 10.20.255.255
ether 00:0c:29:fe:a4:bb txqueuelen 1000 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
You have new mail in /var/spool/mail/root
···
8.2 控制节点配置
- 编辑配置文件linuxbridge_agent.ini如下
[root@controller1 ~]# vim /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2_type_flat]
flat_networks = external,internal
注:网络名称,这个是自定义的,external代表外网,internal代表内网
- 编辑配置文件如下ml2_conf.ini
[root@controller1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = external:eth0,internal:eth2
注:自定义的网络名称对应的本机网卡
- 重启neutron服务
# systemctl restart neutron-linuxbridge-agent
# systemctl restart neutron-server
8.2 计算节点当前全部配置
[root@computer1 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = external:eth0,internal:eth2
注:此处的网络名称external,internal要与控制节点定义的网络名称一致。
网络对应的网卡根据本机实际情况填写
[root@computer2 ~]# vim /etc/neutron/plugins/ml2/linuxbridge_agent.ini
physical_interface_mappings = external:eth0,internal:eth2
- 重启neutron服务
[root@computer1 ~]# systemctl restart neutron-linuxbridge-agent
[root@computer2 ~]# systemctl restart neutron-linuxbridge-agent
8.3 创建网络并验证
- 控制端创建内网网络
[root@controller1 ~]# neutron net-create --shared --provider:physical_network internal --provider:network_type flat internal-net
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2019-06-27T14:03:14Z |
| description | |
| id | a11094a7-9404-40bb-9d7a-63bbbdb885bd |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1500 |
| name | internal-net |
| port_security_enabled | True |
| project_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| provider:network_type | flat |
| provider:physical_network | internal |
| provider:segmentation_id | |
| revision_number | 3 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| updated_at | 2019-06-27T14:03:15Z |
+---------------------------+--------------------------------------+
- 创建子网
[root@controller1 ~]# neutron subnet-create --name internal-subnet --allocation-pool start=10.20.6.201,end=10.20.6.220 --dns-nameserver 223.5.5.5 internal-net 10.20.0.0/16
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
Created a new subnet:
+-------------------+------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------+
| allocation_pools | {"start": "10.20.6.201", "end": "10.20.6.220"} |
| cidr | 10.20.0.0/16 |
| created_at | 2019-06-27T14:07:15Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 10.20.0.1 |
| host_routes | |
| id | 9bbc6b92-4ab5-450a-8b43-a939a8540b71 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | internal-subnet |
| network_id | a11094a7-9404-40bb-9d7a-63bbbdb885bd |
| project_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| revision_number | 2 |
| service_types | |
| subnetpool_id | |
| tags | |
| tenant_id | 2c101bf8498c42a484c9ff26b1a5d802 |
| updated_at | 2019-06-27T14:07:15Z |
+-------------------+------------------------------------------------+
- 验证子网创建完成
[root@controller1 ~]# neutron net-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+-------------------------+--------------+-------------------------+--------------------------+
| id | name | tenant_id | subnets |
+-------------------------+--------------+-------------------------+--------------------------+
| a11094a7-9404-40bb- | internal-net | 2c101bf8498c42a484c9ff2 | 9bbc6b92-4ab5-450a- |
| 9d7a-63bbbdb885bd | | 6b1a5d802 | 8b43-a939a8540b71 |
| | | | 10.20.0.0/16 |
| ccd536cc-09cb-4885 | external-net | 2c101bf8498c42a484c9ff2 | 5ba1aae1-68e3-43bc-a260- |
| -8bed-be9d78f339e0 | | 6b1a5d802 | e0584545e6dc |
| | | | 172.20.0.0/16 |
+-------------------------+--------------+-------------------------+--------------------------
8.4创建虚拟机(拥有内外网)