Create a Network using OpenStackClient


This guide will explain basic networking functions in OpenStack including how to create a private network, a router, and allocate and assign floating IPs. Neutron is the name of the service that handles networking in OpenStack. It provides “network connectivity as a service” between interfaces and uses the OpenStack Networking API. Neutron allows networks, routers, floating IPs, and security groups to be created.

Exercises covered in this guide

This guide will explain how to:
  • Create a private network
  • Create a router
  • Associate an instance with a private network network
  • Allocate floating IPs
  • Assign a floating IP to an instance

 

Common terms

  • Provider Network
    • a network that has been mapped to physical networking devices
    • this network comes already setup and is Internet-accessible
  • Floating IP
    • public facing and allows external communication
    • attach to an instance on a private network to allow access to the Internet
    • allocated from the provider network
  • Port
    • typically created as a result of another action (creating an instance)
    • associated with instances, routers, floating IPs, and essentially anything that can be connected to a network

 

Create a network and router

Networks and routers can be created in OpenStack. To make a private network accessible from the provider network, a router must be created. This will go over how to make a network and router using the command line with OpenStackClient.

Create a network

Listed are the steps needed to create a private network. Variables are presented in all capital and should be replaced accordingly. Note the output of most of the commands has been truncated. Use this command to create a network, replacing NETWORK_NAME with the name of the network:
$ openstack network create NETWORK_NAME
Create a network called private_network:
$ openstack network create private_network --fit-width
+---------------------------+-------------------------------------------------------------------------------------+
| Field                     | Value                                                                               |
+---------------------------+-------------------------------------------------------------------------------------+
| admin_state_up            | UP                                                                                  |
| availability_zone_hints   |                                                                                     |
| availability_zones        |                                                                                     |
| created_at                | 2020-10-30T20:57:16Z                                                                |
| description               |                                                                                     |
| dns_domain                |                                                                                     |
| id                        | 890e5ab6-a5d7-44c2-bf84-351342006cdd                                                |
Next, a subnet will need to be created. Use this command to create a subnet, replacing NETWORK_NAME and SUBNET_NAME with the respective names of the network and subnet and replace SUBNET_RANGE with the subnet to use. An example subnet range could be 10.0.0.0/24:
$ openstack subnet create --subnet-range SUBNET_RANGE --network NETWORK_NAME 
SUBNET_NAME
Create a subnet called private with subnet range of 10.0.0.0/24:
$ openstack subnet create --subnet-range 10.0.0.0/24 --network private_network private --fit-width
+----------------------+------------------------------------------------------------------------------------------+
| Field                | Value                                                                                    |
+----------------------+------------------------------------------------------------------------------------------+
| allocation_pools     | 10.0.0.2-10.0.0.254                                                                      |
| cidr                 | 10.0.0.0/24                                                                              |
| created_at           | 2020-10-30T21:03:50Z                                                                     |
| description          |                                                                                          |
| dns_nameservers      |                                                                                          |
| dns_publish_fixed_ip | None                                                                                     |
| enable_dhcp          | True                                                                                     |
| gateway_ip           | 10.0.0.1                                                                                 |
| host_routes          |                                                                                          |
| id                   | 46d0b88c-f1cf-4e40-a395-9281a7dd59d9                                                     |

Create a router

The following are the commands required to create a router. To make a router, use this base command, replacing ROUTER_NAME with the name of the router:
$ openstack router create ROUTER_NAME
Create a router called router_1:
$ openstack router create router_1 --fit-width
+-------------------------+---------------------------------------------------------------------------------------+
| Field                   | Value                                                                                 |
+-------------------------+---------------------------------------------------------------------------------------+
| admin_state_up          | UP                                                                                    |
| availability_zone_hints |                                                                                       |
| availability_zones      |                                                                                       |
| created_at              | 2020-10-30T21:08:38Z                                                                  |
| description             |                                                                                       |
| distributed             | False                                                                                 |
| external_gateway_info   | null                                                                                  |
| flavor_id               | None                                                                                  |
| ha                      | True                                                                                  |
| id                      | a700e1b1-36ac-4e4f-b4c7-fa80be513656                                                  |
With the router created, a subnet needs to be attached to it along with the external or, provider network. To add a subnet, use this command, replacing ROUTER_NAME and SUBNET_NAME with the names of the respective router and subnet:
$ openstack router add subnet ROUTER_NAME SUBNET_NAME
Add subnet private to the router called router_1:
$ openstack router add subnet router_1 private
The command to add the subnet to the router returns no output if successful. Finally the router also needs the external network connected to it. Use this command to add an external network, replacing EXTERNAL_NETWORK_UUID with the UUID of the network:
$ openstack router set --external-gateway EXTERNAL_NETWORK_UUID 
ROUTER_NAME
You can get the UUID of the network to use by running openstack network list. The UUID will be listed in the first column. Add the external network to the router called router_1:
$ openstack router set --external-gateway 
55d31bd5-77ba-4ed0-ab6e-99554b33aa90 router_1
With these steps completed, you have a router that connects the external network to the private network. You can see the details of the router by running this, replacing ROUTER_NAME with the name of the router:
$ openstack router show ROUTER_NAME
Show the details for the router called router_1, including the interfaces that were previously attached:
$ openstack router show router_1 --fit-width
+-------------------------+---------------------------------------------------------------------------------------+
| Field                   | Value                                                                                 |
+-------------------------+---------------------------------------------------------------------------------------+
| admin_state_up          | UP                                                                                    |
| availability_zone_hints |                                                                                       |
| availability_zones      | nova                                                                                  |
| created_at              | 2020-10-30T21:08:38Z                                                                  |
| description             |                                                                                       |
| distributed             | False                                                                                 |
| external_gateway_info   | {"network_id": "55d31bd5-77ba-4ed0-ab6e-99554b33aa90", "external_fixed_ips":          |
|                         | [{"subnet_id": "ca55b96b-0d70-4cbc-92fc-7bf5ce74cfa4", "ip_address":                  |
|                         | "173.231.202.88"}], "enable_snat": true}                                              |
| flavor_id               | None                                                                                  |
| ha                      | True                                                                                  |
| id                      | a700e1b1-36ac-4e4f-b4c7-fa80be513656                                                  |
| interfaces_info         | [{"port_id": "8c45b709-9f74-486d-bb13-0d8b459066dd", "ip_address": "169.254.192.173", |
|                         | "subnet_id": "52df9b51-8a5a-45f0-bf22-693eb9712c32"}, {"port_id":                     |
|                         | "d0233252-3756-44b2-8bad-e3e82781f96d", "ip_address": "169.254.193.147", "subnet_id": |
|                         | "52df9b51-8a5a-45f0-bf22-693eb9712c32"}, {"port_id":                                  |
|                         | "e4bd63c8-8272-4285-85b2-f98e9f028471", "ip_address": "169.254.195.229", "subnet_id": |
|                         | "52df9b51-8a5a-45f0-bf22-693eb9712c32"}, {"port_id":                                  |
|                         | "e8d5407c-1574-45e4-8f04-77dc1a848591", "ip_address": "10.0.0.1", "subnet_id":        |
|                         | "46d0b88c-f1cf-4e40-a395-9281a7dd59d9"}]                                              |

 

Floating IPs

Floating IPs in OpenStack are publicy routable IP addresses that can be attached and detached to instances. For example if there’s an instance associated with a private network but needs to be accessed from the Internet, a floating IP can be associated with the instance, allowing communication from the Internet.

Allocate and Assign Floating IPs using OpenStackClient

OpenStackClient can be used to manage Floating IPs. The following is a list of commands used to manage floating IPs. Allocate additional floating IPs where NETWORK is the UUID of the network to allocate IPs from:
$ openstack floating ip create NETWORK

$ openstack floating ip create 55d31bd5-77ba-4ed0-ab6e-99554b33aa90 --fit-width
+---------------------+-------------------------------------------------------------------------------------------+
| Field               | Value                                                                                     |
+---------------------+-------------------------------------------------------------------------------------------+
| created_at          | 2020-10-29T20:05:53Z                                                                      |
| description         |                                                                                           |
| dns_domain          |                                                                                           |
| dns_name            |                                                                                           |
| fixed_ip_address    | None                                                                                      |
| floating_ip_address | 50.50.50.50                                                                            |
| floating_network_id | 55d31bd5-77ba-4ed0-ab6e-99554b33aa90                                                      |
| id                  | e1818df0-ce58-4f36-94ff-170a5a0c1f9f                                                      |
Some of the output is truncated. View floating IPs:
$ openstack floating ip list --fit-width
+---------------------+---------------------+------------------+------+---------------------+---------------------+
| ID                  | Floating IP Address | Fixed IP Address | Port | Floating Network    | Project             |
+---------------------+---------------------+------------------+------+---------------------+---------------------+
| e1818df0-ce58-4f36- | 50.50.50.50         | None             | None | 55d31bd5-77ba-4ed0- | 5ad1f9e795604f4390d |
| 94ff-170a5a0c1f9f   |                     |                  |      | ab6e-99554b33aa90   | 274d7388c4b9f       |
+---------------------+---------------------+------------------+------+---------------------+---------------------+
Assign floating IPs to an instance:
$ openstack floating ip set FLOATING_IP

 

Associate an instance with a private network

This section will explain how to take an instance created on the provider network and associate that with a private network. This may not be a very common task assuming an instance was created on the appropriate network to begin with. In the event an instance was created but on the wrong network, you can have it associated with another network. The commands needed to add and remove networks an instance is associated with are:
  • openstack server add network SERVER NETWORK
  • openstack server remove network SERVER NETWORK
SERVER and NETWORK are placeholders and should be replaced with the UUIDs of the server and network needed. To change the network for instance, some information is needed first:
  • Instance UUID
  • UUID of network to which the instance is moving
  • UUID of network from which the instance is moving
To obtain the UUID of the instance use:
$ openstack server list
Obtain UUID of instance called Server 1:
$ openstack server list --fit-width
+--------------------------------------+----------+--------+-------------------------+-------+-----------+
| ID                                   | Name     | Status | Networks                | Image | Flavor    |
+--------------------------------------+----------+--------+-------------------------+-------+-----------+
| 4208022c-3afa-4233-84ed-8df04bb2c4ce | Server 1 | ACTIVE | External=173.231.202.87 |       | hc1.small |
+--------------------------------------+----------+--------+-------------------------+-------+-----------+
This instance is shown to be on the External network and instead it should be associated with another network, called private_network. To move this instance to the private_network, the UUID of both networks is needed. Use the following to list network UUIDs:
$ openstack network list
List the UUID of each network:
$ openstack network list --fit-width
+--------------------------------------+---------------------------------------+--------------------------------------+
| ID                                   | Name                                  | Subnets                              |
+--------------------------------------+---------------------------------------+--------------------------------------+
| 3eb74273-45aa-45e7-977e-3c706c0499fb | Internal                              | c6bb7ad7-7911-47ad-93e5-6d5fb7a1b466 |
| 55d31bd5-77ba-4ed0-ab6e-99554b33aa90 | External                              | ca55b96b-0d70-4cbc-92fc-7bf5ce74cfa4 |
| 8346bc1d-2b69-421d-ab7f-008b9af53c5d | HA network tenant                     | 52df9b51-8a5a-45f0-bf22-693eb9712c32 |
| 890e5ab6-a5d7-44c2-bf84-351342006cdd | private_network                       | 46d0b88c-f1cf-4e40-a395-9281a7dd59d9 |
+--------------------------------------+---------------------------------------+--------------------------------------+
From this output, the UUIDs can be obtained. Next the instance will need to be associated with the network called private_network. Associate Server 1 with private_network using the UUIDs from above:
$ openstack server add network 4208022c-3afa-4233-84ed-8df04bb2c4ce 
890e5ab6-a5d7-44c2-bf84-351342006cdd
Disassociate Server 1 from the External network:
$ openstack server remove network 4208022c-3afa-4233-84ed-8df04bb2c4ce 
55d31bd5-77ba-4ed0-ab6e-99554b33aa90
Both the add and remove network commands do not return any output if they are successful. To be sure the network has been associated correctly, use openstack server show SERVER_UUID to confirm, replacing SERVER_UUID with the UUID of the server you are working with. Confirm new network for Server 1:
$ openstack server show 4208022c-3afa-4233-84ed-8df04bb2c4ce --fit-width
+-------------------------------------+----------------------------------------------------------+
| Field                               | Value                                                    |
+-------------------------------------+----------------------------------------------------------+
| OS-DCF:diskConfig                   | AUTO                                                     |
| OS-EXT-AZ:availability_zone         | nova                                                     |
| OS-EXT-SRV-ATTR:host                | hc1.example.com                                          |
| OS-EXT-SRV-ATTR:hypervisor_hostname | hc1.example.com                                          |
| OS-EXT-SRV-ATTR:instance_name       | instance-00000096                                        |
| OS-EXT-STS:power_state              | Running                                                  |
| OS-EXT-STS:task_state               | None                                                     |
| OS-EXT-STS:vm_state                 | active                                                   |
| OS-SRV-USG:launched_at              | 2020-10-23T20:52:15.000000                               |
| OS-SRV-USG:terminated_at            | None                                                     |
| accessIPv4                          |                                                          |
| accessIPv6                          |                                                          |
| addresses                           | private_network=10.0.0.192                               |
| config_drive                        |                                                          |
| created                             | 2020-10-23T20:51:27Z                                     |
| flavor                              | hc1.small (hc1.small)                                    |
| hostId                              | fc32f234767ef0316a30779802b178074140cb60635ff81fa1cd59be |
| id                                  | 4208022c-3afa-4233-84ed-8df04bb2c4ce                     |
The addresses field confirms this instance is now associated with the network called private_network.
 

Troubleshooting

NOTE! — This section will be need to be updated and is incomplete.

Check neutron docker containers

In Private Cloud Core, OpenStack has been deployed using kolla-ansible. This means each service is running in a Docker container on the hardware nodes. You can check the status of the neutron Docker containers to see if they are running:
# docker ps | grep -i neutron
66c57a96ecf5        kolla/centos-binary-neutron-metering-agent:train-centos8      "dumb-init --single-…"   3 months ago        Up 7 weeks                                         neutron_metering_agent
b407dda02505        kolla/centos-binary-neutron-metadata-agent:train-centos8      "dumb-init --single-…"   3 months ago        Up 5 days                                          neutron_metadata_agent
93ce576891db        kolla/centos-binary-neutron-l3-agent:train-centos8            "dumb-init --single-…"   3 months ago        Up 2 days                                          neutron_l3_agent
5531d47d6405        kolla/centos-binary-neutron-dhcp-agent:train-centos8          "dumb-init --single-…"   3 months ago        Up 2 days                                          neutron_dhcp_agent
d3e20fd98aef        kolla/centos-binary-neutron-openvswitch-agent:train-centos8   "dumb-init --single-…"   3 months ago        Up 2 days                                          neutron_openvswitch_agent
2802a09606e5        kolla/centos-binary-neutron-server:train-centos8              "dumb-init --single-…"   3 months ago        Up 2 days                                          neutron_server

 

Next Steps

The next guide will explain how to make an instance. With this guide complete, you should have all that is needed to create an instance. Navigate to the create an instance with the command line guide to continue this series. Should you want to learn to the make the instance using Horizon, see the create an instance using Horizon guide.
NW
Nick West Team Lead for Managed Hosting

Nick is an avid aggressive inline skater, nature enthusiast, and loves working with open source software in a Linux environment.

More Articles by Nick

Was this article helpful? Let us know!