장영호오픈 스택으로 private 네트웍을 구축하기 위해서는 provider 네트웍, private 네트웍, 각 네트웍의 subnet, 라우터 등 네트웍 리소스를 생성해야 합니다.
오픈 스택 mitaka 버전에서 네트웍 리소스 생성후 인스턴스 생성 까지 테스트 진행 해보겠으며 해당 작업은 대시보드가 아닌 쉘에서 진행하였습니다.
- provier 네트워크 생성(admin 계정에서 생성)
root@controller:~# source /root/jyh_env/admin_openrc
root@controller:~# neutron net-create --provider:physical_network provider --provider:network_type flat --router:external provider
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2017-04-28T05:44:55 |
| description | |
| id | 782855d1-2321-4def-af4b-48bb12e8eeb3 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| is_default | False |a
| mtu | 1500 |
| name | provider |
| port_security_enabled | True |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | |
| router:external | True |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 8275c52148284b468a95963a6477d2ee |
| updated_at | 2017-04-28T05:44:55 |
+---------------------------+--------------------------------------+
root@controller:~# neutron subnet-create --name provider --allocation-pool start=115.xxx.xxx.170,end=115.xxx.xxx.254 \
> --dns-nameserver 8.8.8.8 --gateway 115.xxx.xxx.1 provider 115.xxx.xxx.0/24
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "115.xxx.xxxx.170", "end": "115.xxx.xxx.254"} |
| cidr | 115.xxx.xxx.0/24 |
| created_at | 2017-04-28T05:47:20 |
| description | |
| dns_nameservers | 8.8.8.8 |
| enable_dhcp | True |
| gateway_ip | 115.xxx.xxx.1 |
| host_routes | |
| id | 412a6f70-9e2f-462d-9de2-ca8ccd5e962a |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | provider |
| network_id | 782855d1-2321-4def-af4b-48bb12e8eeb3 |
| subnetpool_id | |
| tenant_id | 8275c52148284b468a95963a6477d2ee |
| updated_at | 2017-04-28T05:47:20 |
+-------------------+------------------------------------------------------+
- 사용자 네트워크 생성(사용자 계정에서 생성)
root@controller:~# source /root/jyh_env/jyh1_openrc
root@controller:~# neutron net-create jyh1
Created a new network:
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2017-04-28T05:52:56 |
| description | |
| id | 673e2ecb-e09e-446b-8d8c-43c6d525ad56 |
| ipv4_address_scope | |
| ipv6_address_scope | |
| mtu | 1450 |
| name | jyh1 |
| port_security_enabled | True |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| tenant_id | 678eeadf913345c3a8adfcca709c1092 |
| updated_at | 2017-04-28T05:52:56 |
+-------------------------+--------------------------------------+
root@controller:~# neutron subnet-create --name jyh1 --dns-nameserver 8.8.8.8 --gateway 172.16.0.1 jyh1 172.16.0.0/16
Created a new subnet:
+-------------------+--------------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------------+
| allocation_pools | {"start": "172.16.0.2", "end": "172.16.255.254"} |
| cidr | 172.16.0.0/16 |
| created_at | 2017-04-28T05:54:49 |
| description | |
| dns_nameservers | 8.8.8.8 |
| enable_dhcp | True |
| gateway_ip | 172.16.0.1 |
| host_routes | |
| id | 717b7ab7-9901-4a5c-8587-eaf0772f7b04 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | jyh1 |
| network_id | 673e2ecb-e09e-446b-8d8c-43c6d525ad56 |
| subnetpool_id | |
| tenant_id | 678eeadf913345c3a8adfcca709c1092 |
| updated_at | 2017-04-28T05:54:49 |
+-------------------+--------------------------------------------------+
# 인스턴스들의 내부 통신을 위한 사설 네트웍크 생성
- 내부와 외부를 연결하는 라우터 생성(사용자 계정에서 생성)
root@controller:~# neutron router-create jyh1
Created a new router:
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | True |
| availability_zone_hints | |
| availability_zones | |
| description | |
| external_gateway_info | |
| id | 9d8a777d-fa60-453f-abce-cc8c4b09959a |
| name | jyh1 |
| routes | |
| status | ACTIVE |
| tenant_id | 678eeadf913345c3a8adfcca709c1092 |
+-------------------------+--------------------------------------+
root@controller:~# neutron router-interface-add jyh1 jyh1
Added interface 53d2276a-65d6-487e-ba14-715826fd71ac to router jyh1.
# 라우터 jyh1과 사설 네트워크 jyh1 연결
root@controller:~# neutron router-gateway-set jyh1 provider
Set gateway for router jyh1
# 라우터 jyh1과 provider 네트워크 연결
- 인스턴스 생성후 공인 아이피 연결
root@controller:~# source /root/jyh_env/admin_openrc
root@controller:~# openstack image create "ubuntu16" --file ubuntu16.qcow2 --disk-format qcow2 --container-format bare --public
+------------------+---------------------------------------------------------------------------------+
| Field | Value |
+------------------+---------------------------------------------------------------------------------+
| checksum | 889bfa86aefd34736e450a4579d79dfd |
| container_format | bare |
| created_at | 2017-04-28T06:06:44Z |
| disk_format | qcow2 |
| file | /v2/images/e4bf8e50-aa42-4af6-bf31-24dd8e24b86a/file |
| id | e4bf8e50-aa42-4af6-bf31-24dd8e24b86a |
| min_disk | 0 |
| min_ram | 0 |
| name | ubuntu16 |
| owner | 8275c52148284b468a95963a6477d2ee |
| properties | direct_url='file:///var/lib/glance/images/e4bf8e50-aa42-4af6-bf31-24dd8e24b86a' |
| protected | False |
| schema | /v2/schemas/image |
| size | 2267021312 |
| status | active |
| tags | |
| updated_at | 2017-04-28T06:06:57Z |
| virtual_size | None |
| visibility | public |
+------------------+---------------------------------------------------------------------------------+
# 고객에게 제공하는 이미지는 admin 계정에서 작업한다.
root@controller:~# nova flavor-create smile3 3 1024 25 3
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
| 3 | smile3 | 1024 | 25 | 0 | | 3 | 1.0 | True |
+----+--------+-----------+------+-----------+------+-------+-------------+-----------+
# flavor 생성 작업은 모두 admin 계정에서 작업한다.
root@controller:~# source /root/jyh_env/jyh1_openrc
# 인스턴스 생성하기 위해 사용자 환경 설정 파일 로드
root@controller:~# nova net-list
+--------------------------------------+----------+------+
| ID | Label | CIDR |
+--------------------------------------+----------+------+
| 673e2ecb-e09e-446b-8d8c-43c6d525ad56 | jyh1 | None |
| 782855d1-2321-4def-af4b-48bb12e8eeb3 | provider | None |
+--------------------------------------+----------+------+
# jyh1 네트워크 id 확인한다.
root@controller:~# nova boot --image ubuntu16 --flavor smile3 --nic net-id=673e2ecb-e09e-446b-8d8c-43c6d525ad56 --user-data change_pwd.sh instance1
+--------------------------------------+-------------------------------------------------+
| Property | Value |
+--------------------------------------+-------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | DgHZebcFP2mg |
| config_drive | |
| created | 2017-04-28T06:09:42Z |
| description | - |
| flavor | smile3 (3) |
| hostId | |
| id | 62ef542a-89d4-4d1c-8d07-3484773aad4d |
| image | ubuntu16 (e4bf8e50-aa42-4af6-bf31-24dd8e24b86a) |
| key_name | - |
| locked | False |
| metadata | {} |
| name | instance1 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | default |
| status | BUILD |
| tenant_id | 678eeadf913345c3a8adfcca709c1092 |
| updated | 2017-04-28T06:09:43Z |
| user_id | be02b5975e52413790408697148e8ced |
+--------------------------------------+-------------------------------------------------+
# 서버 생성한다.
root@controller:~# cat change_pwd.sh
#cloud-config
chpasswd:
list: |
root:smileserv
expire: False
# 서버 생성시 빨갛게 보이는 부분은 서버 처음 실행시 root 패스워드 관련된 부분이다.
root@controller:~# nova list
+--------------------------------------+-----------+--------+------------+-------------+-----------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-----------+--------+------------+-------------+-----------------+
| 62ef542a-89d4-4d1c-8d07-3484773aad4d | instance1 | ACTIVE | - | Running | jyh1=172.16.0.4 |
+--------------------------------------+-----------+--------+------------+-------------+-----------------+
root@controller:~# nova floating-ip-create provider
+--------------------------------------+----------------+-----------+----------+----------+
| Id | IP | Server Id | Fixed IP | Pool |
+--------------------------------------+----------------+-----------+----------+----------+
| 96443722-8141-4bed-ba64-41ad9d291d76 | 115.xxx.xxx.172 | - | - | provider |
+--------------------------------------+----------------+-----------+----------+----------+
root@controller:~# nova floating-ip-associate instance1 115.xxx.xxx.172
root@controller:~# nova list
+--------------------------------------+-----------+--------+------------+-------------+---------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-----------+--------+------------+-------------+---------------------------------+
| 62ef542a-89d4-4d1c-8d07-3484773aad4d | instance1 | ACTIVE | - | Running | jyh1=172.16.0.4, 115.xxx.xxx.172 |
+--------------------------------------+-----------+--------+------------+-------------+---------------------------------+
# provider 네트웍에서 공인 아이피 생성후 인스턴스에 맵핑한다.