20210716(금) 네트워크 실습
내부 네트워크 하나에 인스턴스 2개를 연결 (172.160.0.0/24)
cirros 이미지로 생성 보안그룹은 default
내부 네트워크 하나 더 생성 인스턴스 1개 추가 (172.160.100.0/24)
cirros 이미지로 생성 보안 그룹 default
172.160.100.0/24 네트워크에 인스턴스 추가
단, 보안 그룹은 새로 만들어서 설정
이 상태에서 상호간 통신 확인
[root@controller ~(keystone_admin)]# openstack network create --share 16netnet
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2021-07-16T02:11:49Z |
| description | |
| dns_domain | None |
| id | 90a314d8-d67d-41de-92ed-711d4e501fc3 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1450 |
| name | 16netnet |
| port_security_enabled | True |
| project_id | f21117852a8c4b8282852213e79b96c6 |
| provider:network_type | vxlan |
| provider:physical_network | None |
| provider:segmentation_id | 98 |
| qos_policy_id | None |
| revision_number | 2 |
| router:external | Internal |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2021-07-16T02:11:49Z |
+---------------------------+--------------------------------------+
[root@controller ~(keystone_admin)]# openstack subnet create --subnet-range 172.160.0.0/24 --network 16netnet 16netsub
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 172.160.0.2-172.160.0.254 |
| cidr | 172.160.0.0/24 |
| created_at | 2021-07-16T02:12:54Z |
| description | |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 172.160.0.1 |
| host_routes | |
| id | 2b789d65-9766-45ad-a028-dcaf7aa84ffc |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | 16netsub |
| network_id | 90a314d8-d67d-41de-92ed-711d4e501fc3 |
| prefix_length | None |
| project_id | f21117852a8c4b8282852213e79b96c6 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2021-07-16T02:12:54Z |
+-------------------+--------------------------------------+
[root@controller ~(keystone_admin)]# openstack server create --image 2mg --flavor m1.tiny --network 16netnet 16_1vm
[root@controller ~(keystone_admin)]# openstack server create --image 2mg --flavor m1.tiny --network 16netnet 16_2vm --wait
[root@controller ~(keystone_admin)]# openstack network create --share 17netnet
[root@controller ~(keystone_admin)]# openstack subnet create --network 17netnet --subnet-range 172.160.100.0/24 17netsub
[root@controller ~(keystone_admin)]# openstack server create --image 2mg --flavor m1.tiny --network 17netnet 16_3vm --wait
[root@controller ~(keystone_admin)]# openstack router create 16rt
[root@controller ~(keystone_admin)]# openstack router set --external-gateway 1pubnet 16rt
[root@controller ~(keystone_admin)]# openstack router add subnet 16rt 16netsub
[root@controller ~(keystone_admin)]# openstack router add subnet 16rt 17netsub
[root@controller ~(keystone_admin)]# openstack server add floating ip 16_1vm 10.0.2.52
[root@controller ~(keystone_admin)]# openstack server add floating ip 16_3vm 10.0.2.58
[root@controller ~(keystone_admin)]# openstack security group create 17r
[root@controller ~(keystone_admin)]# openstack security group rule create --protocol icmp --dst-port 22:22
--ingress 17r
[root@controller ~(keystone_admin)]# openstack server remove security group 16_3vm default
[root@controller ~(keystone_admin)]# openstack server add security group 16_3vm 17r
[root@controller ~(keystone_admin)]# openstack server remove security group 16_1vm default
[root@controller ~(keystone_admin)]# openstack server add security group 16_1vm 17r
===============================
내부서버/서브넷
외부서버/서브넷
라우터생성
내부 서브넷 연결 / 외부 게이트웨이네트워크 연결
유동ip생성
인스턴스(서버)생성 (내부 네트워크 연결) → 인스턴스-내부네트워크-라우터-외부네트워크 연결
유동ip부여
서버 가동
[root@controller ~(keystone_admin)]# openstack network create --share 1netnet
[root@controller ~(keystone_admin)]# openstack subnet create --subnet-range 192.168.56.0/24 --network 1netnet 1netsub
[root@controller ~(keystone_admin)]# openstack network create --external --share --provider-network-type flat --provider-physical
-network extnet 1pubnet
[root@controller ~(keystone_admin)]# openstack subnet create --subnet-range 10.0.4.0/24 --no-dhcp --gateway 10.0.4.1 --allocation
-pool start=10.0.4.20,end=10.0.4.30 --network 1pubnet 1pubsub
[root@controller ~(keystone_admin)]# openstack router create 1rt
[root@controller ~(keystone_admin)]# openstack router add subnet 1rt 1netsub
[root@controller ~(keystone_admin)]# openstack router set --external-gateway 1pubnet 1rt
[root@controller ~(keystone_admin)]# openstack floating ip create --subnet 1pubsub 1pubnet
[root@controller ~(keystone_admin)]# openstack server create --image 1mg --flavor 1flavor --network 1netnet --key-name 0713key --wait 1vm
[root@controller ~(keystone_admin)]# openstack server add floating ip 1vm 10.0.4.20