Scribd
Upload
169 views13 pages

Managing Networks 1528412461

This document provides instructions for creating and configuring networks in OpenStack. It outlines two scenarios: 1. Create an external network called "acme-ext", an internal network "acme-int" with a subnet, and attach them with a router. 2. Repeat the process of creating an external network, internal network, router, and clean up. The goal is to demonstrate how to set up basic networking components in OpenStack.

Uploaded by

D'trio Arno
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
169 views13 pages

Managing Networks 1528412461

This document provides instructions for creating and configuring networks in OpenStack. It outlines two scenarios: 1. Create an external network called "acme-ext", an internal network "acme-int" with a subnet, and attach them with a router. 2. Repeat the process of creating an external network, internal network, router, and clean up. The goal is to demonstrate how to set up basic networking components in OpenStack.

Uploaded by

D'trio Arno
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

Hands-on Lab

Managing Networks
Contents
Scenario 1 1

Set up Admin Credentials 1

Create an OpenStack Project 2

Add a User to a Role 3

Create External Network 4

Create Internal Network for Demo 5

Delete Our Network 7

Scenario 2 9

Create an External Network 9

Create an Internal Network 9

Create the Router 10

Clean Up the Network 11

Review 11
Managing Networks Linux Academy + Cloud Assessments

For this lab, we are an OpenStack Administrator for the Acme Company. We are tasked with
creating a new external shared network. To make it, we will create a project called corporate
with a network named acme-int. Once created, we will attach a subnet named acme-int-subnet,
give it an IP range of 192.168.1.0/24, the name server 8.8.8.8, an allocation pool between
192.168.1.50 and 192.168.1.100, and the gateway 192.168.1.1. Finally, we will attach it to the
acme-ext network using a router named acme-rtr. We will do this two ways, from the command
line, and then using the OpenStack Dashboard.

Scenario 1
Before we begin, log in as the root user using the information provided:

[user@$host ~]$ ssh root@$IP

When prompted, enter the provided password to finish logging in.

Set up Admin Credentials


Once we are signed in, we need to create a set of credentials for our admin user. To do this, we
use the cp copy command with the credrc.sh file, and put the copied information into a file we’ll
name adminrc.sh:

[root@$host ~]# cp credrc.sh adminrc.sh

With the information copied, we need to go into the adminrc.sh file and update its contents. To
do so, use your preferred editor:

[root@$host ~]# $EDITOR adminrc.sh

The following information appears:

export OS_AUTH_URL=http://127.0.0.1:5000/v2.0

export OS_TENANT_NAME=”demo”

export OS_USERNAME=”demo”

export OS_PASSWORD=”openstack”

-1-
Managing Networks Linux Academy + Cloud Assessments

We need to change the OS_TENANT_NAME and OS_USERNAME values from demo to admin:

export OS_AUTH_URL=http://127.0.0.1:5000/v2.0

export OS_TENANT_NAME=”admin”

export OS_USERNAME=”admin”

export OS_PASSWORD=”openstack”

Once updated, save the file and exit. Back on the command line, source the file:

[root@$host ~]# source adminrc.sh

Create an OpenStack Project


With the admin file sourced, we need to create an OpenStack project for our network. For this,
we use the create command to make a new OpenStack project and name it corporate:

[root@$host ~]# openstack project create corporate


+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | None |
| enabled | True |
| id | $COPIED_ID |
| name | corporate |
+-------------+----------------------------------+

Wonderful. Now we need to copy the id somewhere that we can get to later, as we’ll need it to
create our Network. From here on, this id will be referenced as $COPIED_ID.

-2-
Managing Networks Linux Academy + Cloud Assessments

Add a User to a Role


With the project created, we are ready to add a role to our demo user. First, we need to review
the role list:

[root@$host ~]# openstack role list


+-----+-----------------+
| ID | Name |
+-----+-----------------+
| $ID | ResellerAdmin |
| $ID | admin |
| $ID | anotherrole |
| $ID | service |
| $ID | Member |
| $ID | heat_stack_user |
+-----+-----------------+

We see six current roles, though the only one we want is the Member role. We need to give this
role to our demo user on our corporate project:

[root@$host ~]# openstack role add --user demo --project corporate


Member
+-------+----------------------------------+
| Field | Value |
+-------+----------------------------------+
| id | $ID |
| name | Member |
+-------+----------------------------------+

-3-
Managing Networks Linux Academy + Cloud Assessments

Create External Network


With the base information in place, we can create our network. The network is to be named
acme-ext, our type set to shared, our router to external, the network type set to flat, and the
physical network set as default. For the tenant-id, enter the ID we copied earlier:

[root@$host ~]# neutron net-create acme-ext --tenant-id $COPIED_


ID --shared --router:external True --provider:network_type flat
--provider:physical_network default

+---------------------------+------------------------------------+
| Field | Value |
+---------------------------+------------------------------------+
| admin_state_up | True |
| id | d81c31e6-6c4f-456b-b064-860c6b481d |
| mtu | 0 |
| name | acme-ext |
| port_security_enabled | True |
| provider:network_type | flat |
| provider:physical_network | default |
| provider:segmentation_id | |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | $COPIED_ID |
+---------------------------+------------------------------------+

We have successfully created our first network.

-4-
Managing Networks Linux Academy + Cloud Assessments

Create Internal Network for Demo


Now, just as we created a file for our admin, we need to do the same for the corporate project.
We can either create a new file, as we did for admin, or we can change the credrc.sh file to have
the information we need. For this lab, we will be changing the credrc.sh file:

[root@$host ~]# $EDITOR credrc.sh

The following information appears:

export OS_AUTH_URL=http://127.0.0.1:5000/v2.0

export OS_TENANT_NAME=”demo”

export OS_USERNAME=”demo”

export OS_PASSWORD=”openstack”

We need to change the OS_TENANT_NAME value from demo to corporate:

export OS_AUTH_URL=http://127.0.0.1:5000/v2.0

export OS_TENANT_NAME=”corporate”

export OS_USERNAME=”demo”

export OS_PASSWORD=”openstack”

Now that our file is set up to work with our corporate project, source the credrc.sh file:

[root@$host ~]# source credrc.sh

-5-
Managing Networks Linux Academy + Cloud Assessments

With everything in place, we can now create our internal network. This network will be called
acme-int:

[root@$host ~]# neutron net-create acme-int


+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| id | $ID |
| mtu | 1450 |
| name | acme-int |
| port_security_enabled | True |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 6ce126c6838b4422bd93668b57cb2b3e |
+-----------------------+--------------------------------------+

Note that not all of the information shown will match what we get back.

From here, we need to create the subnet for our internal network. For this network, we will
be setting up to a subnet. Use 8.8.8.8 as a nameserver, a gateway of 192.168.1.1, and the
allocation pool between 192.168.1.50 and 192.168.1.100 Name it acme-int-subnet, place it on
the acme-int network, and give it an IP range of 192.168.1.0/24:

[root@$host ~]# neutron subnet-create --dns-nameserver 8.8.8.8


--gateway 192.168.1.1 --allocation-pool start=192.168.1.50,e
nd=192.168.1.100 --name acme-int-subnet acme-int 192.168.1.0/24

+-------------------+--------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------+
| allocation_pools |{start:"192.168.1.50",end :"192.168.1.100"} |
| cidr | 192.168.1.0/24 |
| dns_nameservers | 8.8.8.8 |
| enable_dhcp | True |
| gateway_ip | 192.168.1.1 |
| host_routes | |
| id | f3396b05-7820-4ae3-904b-94206c2e878b |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | acme-int-subnet |
| network_id | e5ccf713-2ca8-421d-a5a3-dad0840e722a |
| subnetpool_id | |
| tenant_id | 6ce126c6838b4422bd93668b57cb2b3e |
+-------------------+--------------------------------------------+

Note that not all of the information shown will match your own.

-6-
Managing Networks Linux Academy + Cloud Assessments

With our subnet created, we need to create a router for it. We will name it acme-rtr:

[root@$host ~]# neutron router-create acme-rtr


+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | $ID |
| name | acme-rtr |
| routes | |
| status | ACTIVE |
| tenant_id | 6ce126c6838b4422bd93668b57cb2b3e |
+-----------------------+--------------------------------------+

Note that not all of the information shown will match your own.

Connect the router acme-rtr to the subnet acme-int-subnet with the neutron router-interface-add
command:

[root@$host ~]# neutron router-interface-add acme-rtr acme-int-


subnet
Added interface $ID to router acme-rtr.

Lastly, we’ll connect our gateway to the router and external network:

[root@$host ~]# neutron router-gateway-set acme-rtr acme-ext


Set gateway for router acme-rtr.

Delete Our Network


Now that we’ve created a network from the command line, we need to delete it so that we
can perform the same process again, but this time using the dashboard. Usually, we wouldn’t
do this, but this helps us get some practice creating a network both ways, and also removing
unneeded networks.

To get started, we need to delete our router interface:

[root@$host ~]# neutron router-interface-delete acme-rtr acme-int-


subnet
Removed interface from router amce-rtr

With the interface removed, we can go through and delete the router:

[root@$host ~]# neutron router-delete acme-rtr


Deleted router: acme-rtr

-7-
Managing Networks Linux Academy + Cloud Assessments

After the router, we delete the subnet:

[root@$host ~]# neutron subnet-delete acme-int-subnet


Deletedsubnet: acme-nt-subnet

Next we’ll delete the internal network connection:

[root@$host ~]# neutron net-delete acme-int


Deleted network: acme-int

With everything removed, we can delete the acme-ext network. But, before we can do that, we
need to source our admin credentials as only the admin user can delete a network:

[root@$host ~]# source adminrc.sh


[root@$host ~]# neutron net-delete acme-ext
Deleted network: acme-ext

With the network removed, we can start on our second scenario; making a network from the
OpenStack Dashboard.

-8-
Managing Networks Linux Academy + Cloud Assessments

Scenario 2
Using the information provided by the lab, sign in to OpenStack. We need to make sure we sign
in using admin and that we are in the demo project.

Create an External Network


Once logged into OpenStack, select Networks from the sidebar. On the page that appears,
select the Create Network button. In the box that opens, fill out the information as follows:

• Name: acme-ext

• Project: corporate

• Provider Network Type: Flat

• Physical Network: default

• Admin State: UP

• Check the Shared and External Network checkboxes

Once everything is set up, select Create Network.

With our network created, we can now create the other parts that will go with it.

Create an Internal Network


Before we create our internal network, sign out and then back in using the demo username.
This will confirm that adding the Member role to our demo user worked correctly.

Once logged in as the demo user, make sure we are in the corporate project at the top of the
page, not the demo project. Once in the correct project, select the Network drop-down, then
select Networks from the sidebar. On the page that opens, select Create Network.

-9-
Managing Networks Linux Academy + Cloud Assessments

Name the network acme-int, leave the Admin State as UP, and then select Next. For the next
section, enter the following:

• Name: acme-int-subnet

• Address: 192.168.1.0/24

• IP Version: IPv4

• Gateway IP: 192.168.1.1

• Leave the Disable Gateway box unchecked

Once everything is filled out, select Next.

On the details page, enter the following: * Allocation Pools: 192.168.1.50,192.168.1.100 * DNS
Name Servers: 8.8.8.8

Select Create.

Create the Router


With our network set up, we can get our router created. Under the Network drop-down, select
Routers. Select Create Router. Set the name to acme-rtr and set the External Network to
acme-ext.

Once created, select acme-rtr from the router list. We are taken to a page with information over
the router. Here, select the Interfaces tab, and then select Add Interface. From the Subnet
dropdown, select our acme-int subnet. Leave the others as the default and then select Add
Interface.

With that all set up, select Network Topology from the sidebar. Here we can see how all of our
pieces fit together in a nodular map. Everything we did above can also be done from this page
by selecting a node. For example, selecting the acme-rtr node gives you the option to add an
interface.

- 10 -
Managing Networks Linux Academy + Cloud Assessments

Clean Up the Network


To clean up our network, we will be using the nodes on the Topology page. Select acme-
rtr and select Delete Interface. Next select acme-int and delete the Subnet and Network.
Finally, delete the Router.

To finish the cleanup process, we need to log out and then back in as the admin user. You can
only delete the Network as an admin.

Once signed in as the admin, select Networks from the sidebar. Check the box next to the
corporate network, and then select Delete Networks. The network will cease to exist.

Review
In this lab, we’ve managed to complete all sorts of networking tasks. From a command line,
we set up a user and manipulated credentials. After that, we created both internal and external
networks, then the routers, interfaces, and subrouters to get the two networks connected.
Finally, we got rid of the network pieces, cleaned up the networks, and then left the command
line altogether to set those pieces up again, but this time using the graphical front end. We now
have experience in both environments. Congratulations on completing the lab! Feel free to keep
practicing within the lab environment, as more time than needed to complete the lab has been
given.

- 11 -

You might also like