Skip to content

Instantly share code, notes, and snippets.

@kashyapc
Last active August 15, 2016 17:09
Show Gist options
  • Save kashyapc/fd7d52232ca6b73654ac to your computer and use it in GitHub Desktop.
Save kashyapc/fd7d52232ca6b73654ac to your computer and use it in GitHub Desktop.
Neutron-network-creation

Create external network, and its associated subnet:

# Source the admin tenant credentials
$ . keystonerc_admin

$ keystone tenant-list | grep services | awk '{print $2;}'
3e112abc4c4b4214b8efbd627a32f75e

$ neutron net-create --tenant-id 3e112abc4c4b4214b8efbd627a32f75e \
  ext --router:external=True
Created a new network:
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 976a9bb7-f01a-4ccc-8eba-0329212fc868 |
| name                      | ext                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1                                    |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tenant_id                 | 3e112abc4c4b4214b8efbd627a32f75e     |
+---------------------------+--------------------------------------+

$ neutron subnet-create --tenant-id 3e112abc4c4b4214b8efbd627a32f75e  \
  ext 192.169.142.0/24 --enable_dhcp=False --allocation-pool \
  start=192.169.142.10,end=192.169.142.200 --gateway-ip \
  192.169.142.1
Created a new subnet:
+------------------+-------------------------------------------------------+
| Field            | Value                                                 |
+------------------+-------------------------------------------------------+
| allocation_pools | {"start": "192.169.142.10", "end": "192.169.142.200"} |
| cidr             | 192.169.142.0/24                                      |
| dns_nameservers  |                                                       |
| enable_dhcp      | False                                                 |
| gateway_ip       | 192.169.142.1                                         |
| host_routes      |                                                       |
| id               | 49b174e5-fce2-490d-ac75-3c75a7b13e24                  |
| ip_version       | 4                                                     |
| name             |                                                       |
| network_id       | 976a9bb7-f01a-4ccc-8eba-0329212fc868                  |
| tenant_id        | 3e112abc4c4b4214b8efbd627a32f75e                      |
+------------------+-------------------------------------------------------+

List the external network and its subnet:

$ neutron net-list
+--------------------------------------+------+-------------------------------------------------------+
| id                                   | name | subnets                                               |
+--------------------------------------+------+-------------------------------------------------------+
| 976a9bb7-f01a-4ccc-8eba-0329212fc868 | ext  | 49b174e5-fce2-490d-ac75-3c75a7b13e24 192.169.142.0/24 |
+--------------------------------------+------+-------------------------------------------------------+

$ neutron subnet-list
+--------------------------------------+------+------------------+-------------------------------------------------------+
| id                                   | name | cidr             | allocation_pools                                      |
+--------------------------------------+------+------------------+-------------------------------------------------------+
| 49b174e5-fce2-490d-ac75-3c75a7b13e24 |      | 192.169.142.0/24 | {"start": "192.169.142.10", "end": "192.169.142.200"} |
+--------------------------------------+------+------------------+-------------------------------------------------------+

$ neutron net-show ext
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | True                                 |
| id                        | 976a9bb7-f01a-4ccc-8eba-0329212fc868 |
| name                      | ext                                  |
| provider:network_type     | gre                                  |
| provider:physical_network |                                      |
| provider:segmentation_id  | 1                                    |
| router:external           | True                                 |
| shared                    | False                                |
| status                    | ACTIVE                               |
| subnets                   | 49b174e5-fce2-490d-ac75-3c75a7b13e24 |
| tenant_id                 | 3e112abc4c4b4214b8efbd627a32f75e     |
+---------------------------+--------------------------------------+

Next, let's create an internal network under a tenant network (ostenant). Source the keystone user's credentials:

# Source Kashyap's tenant
$ . keystonerc_kashyap

$ neutron net-create int
Created a new network:
+----------------+--------------------------------------+
| Field          | Value                                |
+----------------+--------------------------------------+
| admin_state_up | True                                 |
| id             | f5af9fff-5d8a-420e-8a88-b3aae38ab5a4 |
| name           | int                                  |
| shared         | False                                |
| status         | ACTIVE                               |
| subnets        |                                      |
| tenant_id      | 0a6eb2259ca142e7a80541db10835e71     |
+----------------+--------------------------------------+

$ neutron subnet-create int 30.0.0.0/24 \
  --dns_nameservers list=true 192.169.142.1 \
  --name intsubnet1
Created a new subnet:
+------------------+--------------------------------------------+
| Field            | Value                                      |
+------------------+--------------------------------------------+
| allocation_pools | {"start": "30.0.0.2", "end": "30.0.0.254"} |
| cidr             | 30.0.0.0/24                                |
| dns_nameservers  | 192.169.142.1                              |
| enable_dhcp      | True                                       |
| gateway_ip       | 30.0.0.1                                   |
| host_routes      |                                            |
| id               | 4ba033fa-19d3-429d-8c52-51f6f7147fd0       |
| ip_version       | 4                                          |
| name             | intsubnet1                                 |
| network_id       | f5af9fff-5d8a-420e-8a88-b3aae38ab5a4       |
| tenant_id        | 0a6eb2259ca142e7a80541db10835e71           |
+------------------+--------------------------------------------+

Create a router:

$ neutron router-create router1
Created a new router:
+-----------------------+--------------------------------------+
| Field                 | Value                                |
+-----------------------+--------------------------------------+
| admin_state_up        | True                                 |
| external_gateway_info |                                      |
| id                    | 2c7ba7dc-0101-417a-b76d-1cae17ae654e |
| name                  | router1                              |
| status                | ACTIVE                               |
| tenant_id             | 0a6eb2259ca142e7a80541db10835e71     |
+-----------------------+--------------------------------------+

Get the external network ID, internal network ID, and router ID:

$ neutron net-list | grep ext | awk '{print $2;}'
976a9bb7-f01a-4ccc-8eba-0329212fc868
$ neutron subnet-list | grep intsubnet1 | awk '{print $2;}'
4ba033fa-19d3-429d-8c52-51f6f7147fd0
$ neutron router-list | grep router1 | awk '{print $2;}'
2c7ba7dc-0101-417a-b76d-1cae17ae654e

Associate the router to the external network by setting its gateway:

$ neutron router-gateway-set 2c7ba7dc-0101-417a-b76d-1cae17ae654e \
  976a9bb7-f01a-4ccc-8eba-0329212fc868
Set gateway for router 2c7ba7dc-0101-417a-b76d-1cae17ae654e

$ neutron router-interface-add 2c7ba7dc-0101-417a-b76d-1cae17ae654e \
  4ba033fa-19d3-429d-8c52-51f6f7147fd0
Added interface f0ea1594-3fda-4420-8a3c-011be8441bda to router
2c7ba7dc-0101-417a-b76d-1cae17ae654e.

Add Neutron security groups for this test tenant:

$ neutron security-group-rule-create   \
        --protocol icmp              \
        --direction ingress          \
        --remote-ip-prefix 0.0.0.0/0 \
        default

$ neutron security-group-rule-create   \
        --protocol tcp               \
        --port-range-min 22          \
        --port-range-max 22          \
        --direction ingress          \
        --remote-ip-prefix 0.0.0.0/0 \
        default

# Keysone info $ cat keystonerc_admin export OS_USERNAME=admin export OS_TENANT_NAME=admin export OS_PASSWORD=fedora export OS_AUTH_URL=http://192.169.142.97:35357/v2.0/ export PS1='[u@h W(keystone_admin)]$ '

$ cat keystonerc_kashyap export OS_USERNAME=kashyap export OS_TENANT_NAME=ostenant export OS_PASSWORD=fedora export OS_AUTH_URL=http://192.169.142.97:35357/v2.0/ export PS1='[u@h W(keystone_kashyap)]$ '

$ keystone tenant-list +----------------------------------+----------+---------+ | id | name | enabled | +----------------------------------+----------+---------+ | 94befff9ca894575b7865cd28952d8b5 | admin | True | | c1fbc17d05114fafb568e9b7cb4abe4f | demoten2 | True | | 0a6eb2259ca142e7a80541db10835e71 | ostenant | True | | 3e112abc4c4b4214b8efbd627a32f75e | services | True | +----------------------------------+----------+---------+

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment