All of the commands below can be executed on the network node.
Note please ensure that the following environment variables are set. These are used by the various clients to access Keystone.
export OS_USERNAME=admin export OS_PASSWORD=adminpassword export OS_TENANT_NAME=admin export OS_AUTH_URL=http://127.0.0.1:5000/v2.0/
Get the tenant ID (Used as $TENANT_ID later):
keystone tenant-list
+----------------------------------+---------+---------+ | id | name | enabled | +----------------------------------+---------+---------+ | 247e478c599f45b5bd297e8ddbbc9b6a | TenantA | True | | 2b4fec24e62e4ff28a8445ad83150f9d | TenantC | True | | 3719a4940bf24b5a8124b58c9b0a6ee6 | TenantB | True | | 5fcfbc3283a142a5bb6978b549a511ac | demo | True | | b7445f221cda4f4a8ac7db6b218b1339 | admin | True | +----------------------------------+---------+---------+
Get the User information:
keystone user-list
+----------------------------------+-------+---------+-------------------+ | id | name | enabled | email | +----------------------------------+-------+---------+-------------------+ | 5a9149ed991744fa85f71e4aa92eb7ec | demo | True | | | 5b419c74980d46a1ab184e7571a8154e | admin | True | admin@example.com | | 8e37cb8193cb4873a35802d257348431 | UserC | True | | | c11f6b09ed3c45c09c21cbbc23e93066 | UserB | True | | | ca567c4f6c0942bdac0e011e97bddbe3 | UserA | True | | +----------------------------------+-------+---------+-------------------+
Create a internal shared network on the demo tenant ($TENANT_ID will be b7445f221cda4f4a8ac7db6b218b1339):
quantum net-create --tenant-id $TENANT_ID sharednet1 --shared --provider:network_type flat --provider:physical_network physnet1
Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | 04457b44-e22a-4a5c-be54-a53a9b2818e7 | | name | sharednet1 | | provider:network_type | flat | | provider:physical_network | physnet1 | | provider:segmentation_id | | | router:external | False | | shared | True | | status | ACTIVE | | subnets | | | tenant_id | b7445f221cda4f4a8ac7db6b218b1339 | +---------------------------+--------------------------------------+
Create a subnet on the network:
quantum subnet-create --tenant-id $TENANT_ID sharednet1 30.0.0.0/24
Created a new subnet: +------------------+--------------------------------------------+ | Field | Value | +------------------+--------------------------------------------+ | allocation_pools | {"start": "30.0.0.2", "end": "30.0.0.254"} | | cidr | 30.0.0.0/24 | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 30.0.0.1 | | host_routes | | | id | b8e9a88e-ded0-4e57-9474-e25fa87c5937 | | ip_version | 4 | | name | | | network_id | 04457b44-e22a-4a5c-be54-a53a9b2818e7 | | tenant_id | 5fcfbc3283a142a5bb6978b549a511ac | +------------------+--------------------------------------------+
Create a server for tenant A:
nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 boot --image tty --flavor 1 --nic net-id=04457b44-e22a-4a5c-be54-a53a9b2818e7 TenantA_VM1
nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list +--------------------------------------+-------------+--------+---------------------+ | ID | Name | Status | Networks | +--------------------------------------+-------------+--------+---------------------+ | 09923b39-050d-4400-99c7-e4b021cdc7c4 | TenantA_VM1 | ACTIVE | sharednet1=30.0.0.3 | +--------------------------------------+-------------+--------+---------------------+
Ping the server of tenant A:
sudo ip addr flush eth0 sudo ip addr add 30.0.0.201/24 dev br-eth0 ping 30.0.0.3
Note: if nova filter is using, please set right security group rule.
Ping the public network within the server of tenant A:
ping 192.168.1.1 PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data. 64 bytes from 192.168.1.1: icmp_req=1 ttl=64 time=1.74 ms 64 bytes from 192.168.1.1: icmp_req=2 ttl=64 time=1.50 ms 64 bytes from 192.168.1.1: icmp_req=3 ttl=64 time=1.23 ms ^C --- 192.168.1.1 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 2003ms rtt min/avg/max/mdev = 1.234/1.495/1.745/0.211 ms
Note: The 192.168.1.1 is an IP on public network that the router is connecting.
Create servers for other tenants
We can create servers for other tenants with similar commands. Since all these VMs share the same subnet, they will be able to access each other.