Welcome to the third part of the series of the blog, today we are going to look at installing and configuring OpenStack networking which will allow us to assign a floating IP to the VM created a in the previous post, and then we should be able to ping and SSH to the instance.
You will need to have your system up to the stage where all the RPMs, repositories, and base config of the system is configured, with one instance up, and available. If in doubt, follow Parts 1 and 2 of the series.
If you have already gone through the first and second part, then we should be in good shape to carry on.
First of all we need to add the external interface to the external bridge that packstack automatically created
ovs-vsctl add-port br-ex enp2s1f1
We need to change the network configs as defined below for br-ex and enp2s1f1
DEVICE=enp2s1f1 TYPE=OVSPort DEVICETYPE=ovs ONBOOT=yes NM_CONTROLLED=no OVS_BRIDGE=br-ex
DEVICE=br-ex TYPE=OVSBridge DEVICETYPE=ovs ONBOOT=yes BOOTPROTO=none NM_CONTROLLED=no IPADDR=192.168.80.1 NETMASK=255.255.240.0 GATEWAY=192.168.95.254
Once the network config has been changed we need to restart the networking, we may need to do restart the network twice in order for to activate correctly
systemctl restart network
As part of the provisioning of demo tenant and sample data, it would have added a public network. As we have a different network we need to remove, and add our networking. The following 3 commands will remove all references to the pre-created public networks and any references.
[root@stack01 ~(keystone_admin)]# neutron router-gateway-clear router1 Removed gateway from router router1 [root@stack01 ~(keystone_admin)]# neutron subnet-delete public_subnet Deleted subnet: public_subnet [root@stack01 ~(keystone_admin)]# neutron net-delete public Deleted network: public
I guess I could have just left the public network, and just added the subnet on top, but in my demo here, I decided to create a new one. The command below created a new network, we make sure that the this network is externally routable. The `–router:external` can only be specified by a user that has the admin role.
[root@stack01 ~(keystone_admin)]# neutron net-create pub_net --router:external=True Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | 621e99ee-b7b8-4455-ac88-d47ea70bf641 | | name | pub_net | | provider:network_type | vxlan | | provider:physical_network | | | provider:segmentation_id | 10 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | cbe4931fa51d4348abd3761560d49055 | +---------------------------+--------------------------------------+
We then define the subnet we want this to have, so in our case we are going to create the `192.168.80.0/20` network. In out case here we do not want dhcp on this network, and so that it can route to the web, we set the default gw of the network. We then allocate the set of IPs that are available to be used for the instances.
[root@stack01 ~(keystone_admin)]# neutron subnet-create --name pub_subnet --disable-dhcp \ pub_net 192.168.80.0/20 --gateway 192.168.95.254 --allocation-pool start=192.168.81.1,end=192.168.94.255 Created a new subnet: +------------------+------------------------------------------------------+ | Field | Value | +------------------+------------------------------------------------------+ | allocation_pools | {"start": "192.168.81.1", "end": "192.168.94.255"} | | cidr | 192.168.80.0/20 | | dns_nameservers | | | enable_dhcp | False | | gateway_ip | 192.168.95.254 | | host_routes | | | id | 45880c1e-c20a-4372-81c5-04dd6d342b39 | | ip_version | 4 | | name | pub_subnet | | network_id | 621e99ee-b7b8-4455-ac88-d47ea70bf641 | | tenant_id | cbe4931fa51d4348abd3761560d49055 | +------------------+------------------------------------------------------+
Now we need to set the gateway of the router that we have to the public network we created.
[root@stack01 ~(keystone_admin)]# neutron router-gateway-set router1 pub_net Set gateway for router router1
Now, the main admin side is done, we now need to be a user to create the floating IPs, and then associate the floating IP to the instance we created in the previous post
Firstly, source the keystonerc_demo, to change to the demo user environment
. /root/keystonerc_demo
Create a new floating IP, from the public network we created earlier, to confirm which networks we can use for this purpose we can run the following command
[root@stack01 ~(keystone_demo)]# nova floating-ip-pool-list
+---------+
| name |
+---------+
| pub_net |
+---------+
and then creating the floating IP on `pub_net`
[root@stack01 ~(keystone_demo)]# nova floating-ip-create pub_net +--------------+-----------+----------+---------+ | Ip | Server Id | Fixed Ip | Pool | +--------------+-----------+----------+---------+ | 192.168.81.2 | | - | pub_net | +--------------+-----------+----------+---------+
Now we need to assign the IP to the instance we created in the last part 2 of the Lab
[root@stack01 ~(keystone_demo)]# nova floating-ip-associate a79e4176-647b-48c7-b335-2ac5436ef444 192.168.81.2
To make sure that the IP has been allocated we can run `nova list`, which shows the output below
[root@stack01 ~(keystone_demo)]# nova list +--------------------------------------+-------+--------+------------+-------------+--------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-------+--------+------------+-------------+--------------------------------+ | a79e4176-647b-48c7-b335-2ac5436ef444 | test0 | ACTIVE | - | Running | private=10.0.0.2, 192.168.81.2 | +--------------------------------------+-------+--------+------------+-------------+--------------------------------+
Now to see if this has in-fact worked, we can ping the external IP, hopefully you should see something similar to the output below
[root@stack01 ~(keystone_demo)]# ping -c 3 192.168.81.2 PING 192.168.81.2 (192.168.81.2) 56(84) bytes of data. 64 bytes from 192.168.80.1: icmp_seq=1 ttl=63 time=1.41 ms 64 bytes from 192.168.80.1: icmp_seq=2 ttl=63 time=0.372 ms 64 bytes from 192.168.80.1: icmp_seq=3 ttl=63 time=0.273 ms --- 192.168.81.2 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2002ms rtt min/avg/max/mdev = 0.273/0.687/1.417/0.517 ms
And now login to the instance by using the key we created in Part 2 of the Lab
[root@stack01 ~(keystone_demo)]# ssh 192.168.81.2 -l cirros -i ~/id_rsa_demo $ $ $ $ cat /etc/issue login as 'cirros' user. default password: 'cubswin:)'. use 'sudo' for root. $ $ $ ip a 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000 link/ether fa:16:3e:03:6c:7a brd ff:ff:ff:ff:ff:ff inet 10.0.0.2/24 brd 10.0.0.255 scope global eth0 inet6 fe80::f816:3eff:fe03:6c7a/64 scope link valid_lft forever preferred_lft forever $
This concludes the all-in-one installation and configuration of the base system. In the next few parts we will be looking at installing all the components using packstack and then also not to install the demo template. This will then involve creating the tenants, users, routers, networks etc..
In the meantime if you have any questions or comments please ping me on IRC arif-ali at freenode.