This guide will explain basic networking functions in OpenStack including how to create a network, a router, and allocate and assign floating IPs.
The idea of this guide is it will explain how to create a private network with the intent to place virtual machines or instances on this network.
It is generally recommended that private networks be used where possible and to only expose the portions of your cloud to a public network when needed.
Neutron is the name of the service that handles networking in OpenStack. It provides “network connectivity as a service” between interfaces and uses the OpenStack Networking API.
Neutron allows networks, routers, floating IPs, and security groups to be created.
Table of Contents
- Exercises covered in this guide
- Common terms
- Create a network and router
- Floating IPs
Exercises covered in this guide
This guide will explain how to:
- Create a private network
- Create a router
- Associate an instance with a private network
- Allocate floating IPs
- Assign a floating IP to an instance
- a network that has been mapped to physical networking devices
- this network comes already setup and is Internet-accessible
- public facing and allows external communication
- attach to an instance on a private network to allow access to the Internet
- allocated from the provider network
- typically created as a result of another action (creating an instance)
- associated with instances, routers, floating IPs, and essentially anything that can be connected to a network
Create a network and router
Networks and routers can be created in OpenStack. To make a private network accessible from the provider network, a router must be created.
This section will go over how to make a network and router in Horizon, then connect the public network to a private network using the router.
Create a network
To make a network in Horizon, find the Network tab on the left, then navigate to the Networks tab under that. Finally, locate the Create Network button near the top right. You’ll be presented with the form to create a network.
Create a Network:
Specify a name for the network under Network Name on the first page. In this example, the network will be called Internal. Fill out any other needed details and navigate to the Subnet tab.
Create a Subnet:
- Under Subnet Name specify a name for the subnet
- For Network Address choose a network in CIDR notation. This example uses 192.168.0.0/24.
- Finally under Gateway IP specify the gateway IP for this network. If the gateway IP is not filled out, one will be chosen by the neutron service. The final tab is called Subnet Details. This tab does not need to be filled out to create the network and subnet. This example will stop here, however on this page you can enable or disable DHCP, specify specific IPs to be allocated, set DNS name servers, and set Host Routes.
With the previous steps done, the network has been created. Loading the Network -> Networks tab will display the new network:
Internal network created:
Create a router
With a network created, the next step is to creater a router which will bridge the connection from the External or provider network to the private network.
To make a router in Horizon, find the Network tab on the left, then locate the Routers tab under that. This page will list current routers and allows you to create a router.
To create a new router, click the Create Router button near the top right.
Create a router:
Create a router form:
Under Router Name choose a name for the router. This example router will be called router_1.
The router will need to be connected to an external network, which will be the provider network. The network called External will be used.
Once created it will show in the list of routers.
This takes care of creating the router with the External network attached. To allow the router to communicate with the External and the Internal network, the Internal network will need to be attached. The remaining steps demonstrate how to do this.
Attach Internal network
First, pull up the newly created router from the Network -> Routers section of Horizon.
Next, to add an interface to this router, click the router’s name in the listing of routers, then click the Add Interface button near the top right.
Add Interface to Router:
In the form that appears choose the subnet to connect the router to and optionally choose an IP address for the interface. If you don’t choose an IP, the gateway IP of the subnet will be used.
With the interface added to the router, the External and Internal networks are now connected. This can visually be seen by navigating to the Network tab on the left, then the Network Topology tab under that.
Floating IPs in OpenStack are publicy routable IP addresses that can be attached and detached to instances. For example if there’s an instance associated with a private network but needs to be accessed from the Internet, a floating IP can be associated with the instance, allowing communication from the Internet.
Allocate and Assign Floating IPs using Horizon
To use Floating IPs they will first need to be allocated from the provider network’s pool of IPs.
To allocate floating IPs in Horizon, navigate to the Network tab on the left, and look for Floating IPs.
Click the Allocate IP To Project to allocate a new IP.
Allocate IP To Project:
The IP will be obtained from the provider network. In this example, the name of that network is External.
Once the IP is added, it will appear in the floating IP list.
Floating IP list:
Now that an IP has been allocated, it can be assigned to an instance. Use the Associate button from the drop down on the right.
Associate floating IP:
Choose the floating IP and the port to associate it to.
NOTE! — This section will be need to be updated and is incomplete.
Check neutron docker containers
In Private Cloud Core, OpenStack has been deployed using
This means each service is running in a Docker container on the hardware
You can check the status of the neutron Docker containers to see if they are running:
# docker ps | grep -i neutron 66c57a96ecf5 kolla/centos-binary-neutron-metering-agent:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 7 weeks neutron_metering_agent b407dda02505 kolla/centos-binary-neutron-metadata-agent:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 5 days neutron_metadata_agent 93ce576891db kolla/centos-binary-neutron-l3-agent:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 2 days neutron_l3_agent 5531d47d6405 kolla/centos-binary-neutron-dhcp-agent:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 2 days neutron_dhcp_agent d3e20fd98aef kolla/centos-binary-neutron-openvswitch-agent:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 2 days neutron_openvswitch_agent 2802a09606e5 kolla/centos-binary-neutron-server:train-centos8 "dumb-init --single-â€¦" 3 months ago Up 2 days neutron_server