启动实例
创建虚拟网络
在创建私有项目网络前,必须创建创建公共网络(在启动实例前,必须创建必要的虚拟网络设施。对网络选择1,实例通过layer-2(桥接/交换)使用连接到物理网络设施的公共提供虚拟网络。这个网络包括一个为实例提供IP地址的DHCP服务。admin或者其他权限用户必须创建这个网络,因为它直接连接到物理网络设施。)
创建公共网络
[root@controller ~]# source admin-openrc.sh #加载 admin 凭证来获取管理员能执行的命令访问权限
[root@controller ~]# neutron net-create public --shared --provider:physical_network public --provider:network_type flat #创建网络
Created a new network:
--------------------------- --------------------------------------
| Field | Value |
--------------------------- --------------------------------------
| admin_state_up | True |
| id | 5fc60cce-0943-4844-b9e2-c768af2ea302 |
| mtu | 0 |
| name | public |
| port_security_enabled | True |
| provider:network_type | flat |
| provider:physical_network | public |
| provider:segmentation_id | |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | e5f65d198e594c9f8a8db29a6a9d01a7 |
--------------------------- --------------------------------------
[root@controller ~]# neutron subnet-create public 192.168.1.0/24 --name public --allocation-pool start=192.168.1.220,end=192.168.1.250 --dns-nameserver 114.114.114.114 --gateway 192.168.1.1 #在网络上创建一个子网
Created a new subnet:
------------------- ----------------------------------------------------
| Field | Value |
------------------- ----------------------------------------------------
| allocation_pools | {"start": "192.168.1.220", "end": "192.168.1.250"} |
| cidr | 192.168.1.0/24 |
| dns_nameservers | 192.168.1.1 |
| enable_dhcp | True |
| gateway_ip | 192.168.1.1 |
| host_routes | |
| id | ac92ba15-daef-4bc3-a353-ed1325c85844 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | public |
| network_id | 5fc60cce-0943-4844-b9e2-c768af2ea302 |
| subnetpool_id | |
| tenant_id | e5f65d198e594c9f8a8db29a6a9d01a7 |
------------------- ----------------------------------------------------
创建私有项目网络
[root@controller ~]# source demo-openrc.sh #加载 demo 凭证来获取管理员能执行的命令访问权限
[root@controller ~]# neutron net-create private #创建网络 非特权用户一般不能在这个命令制定更多参数
Created a new network:
----------------------- --------------------------------------
| Field | Value |
----------------------- --------------------------------------
| admin_state_up | True |
| id | ce8a6c38-5a84-47c0-b058-9bdd8b67e179 |
| mtu | 0 |
| name | private |
| port_security_enabled | True |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | a152b2b891a147dfa3068d66311ad0c3 |
----------------------- --------------------------------------
[root@controller ~]# neutron subnet-create private172.16.1.0/24 --name private --dns-nameserver 114.114.114.114 --gateway 172.16.1.1 #在网络上创建一个子网
Created a new subnet:
------------------- ------------------------------------------------
| Field | Value |
------------------- ------------------------------------------------
| allocation_pools | {"start": "172.16.1.2", "end": "172.16.1.254"} |
| cidr | 172.16.1.0/24 |
| dns_nameservers | 114.114.114.114 |
| enable_dhcp | True |
| gateway_ip | 172.16.1.1 |
| host_routes | |
| id | 91f26704-6ead-4d73-870e-115dd8377998 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | private |
| network_id | ce8a6c38-5a84-47c0-b058-9bdd8b67e179 |
| subnetpool_id | |
| tenant_id | a152b2b891a147dfa3068d66311ad0c3 |
------------------- ------------------------------------------------
创建路由器
[root@controller ~]# source admin-openrc.sh #获得 admin 凭证来获取只有管理员能执行的命令的访问权限
[root@controller ~]# neutron net-update public --router:external #添加router: external到 public 网络
Updated network: public
[root@controller ~]# source demo-openrc.sh #加载 demo 凭证获得用户能执行的命令访问权限
[root@controller ~]# neutron router-create router #创建路由
Created a new router:
----------------------- --------------------------------------
| Field | Value |
----------------------- --------------------------------------
| admin_state_up | True |
| external_gateway_info | |
| id | 649c8cfc-e117-4105-b55d-cd9214792ae3 |
| name | router |
| routes | |
| status | ACTIVE |
| tenant_id | a152b2b891a147dfa3068d66311ad0c3 |
----------------------- --------------------------------------
[root@controller ~]# neutron router-interface-add router private #在路由器添加一个私网子网接口
Added interface65404353-b387-4243-81b8-a2cbeb5b6b4d to router router.
[root@controller ~]# neutron router-gateway-set router public #在路由器上设置公共网络的网关
Set gateway for router router