-
Notifications
You must be signed in to change notification settings - Fork 0
quantum
irixjp edited this page Nov 17, 2012
·
6 revisions
まずはネットワークの入れ物を作る
$ quantum net-create mynet1
Created a new network:
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| admin_state_up | True |
| id | fd4e5c96-2333-4832-b383-24fedc2765bf |
| name | mynet1 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 1dc53175e77349ec866dd3a82c0c0e9d |
+-----------------+--------------------------------------+
ネットワークに割当てるIPレンジやGatewayを設定する。
$ quantum subnet-create --ip-version 4 --gateway 172.26.0.254 fd4e5c96-2333-4832-b383-24fedc2765bf 172.26.0.0/24
Created a new subnet:
+------------------+------------------------------------------------+
| Field | Value |
+------------------+------------------------------------------------+
| allocation_pools | {"start": "172.26.0.1", "end": "172.26.0.253"} |
| cidr | 172.26.0.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 172.26.0.254 |
| host_routes | |
| id | b26e1665-991c-4e58-bcc6-cfab08117f35 |
| ip_version | 4 |
| name | |
| network_id | fd4e5c96-2333-4832-b383-24fedc2765bf |
| tenant_id | 1dc53175e77349ec866dd3a82c0c0e9d |
+------------------+------------------------------------------------+
$ quantum router-create myrouter1
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 3a4b0ce1-2458-481e-b72f-083b98f758ff |
| name | myrouter1 |
| status | ACTIVE |
| tenant_id | 1dc53175e77349ec866dd3a82c0c0e9d |
+-----------------------+--------------------------------------+
$ sudo ip netns exec qrouter-3a4b0ce1-2458-481e-b72f-083b98f758ff route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
$ quantum net-list
+--------------------------------------+---------+--------------------------------------+
| id | name | subnets |
+--------------------------------------+---------+--------------------------------------+
| f13a74ab-aabb-4985-bcd1-d07d61680569 | ext_net | 89e3b82b-0ce9-4596-a79a-38d88f7f199c |
| fd4e5c96-2333-4832-b383-24fedc2765bf | mynet1 | b26e1665-991c-4e58-bcc6-cfab08117f35 |
+--------------------------------------+---------+--------------------------------------+
ext_netをGatewayとして設定
$ quantum router-gateway-set 3a4b0ce1-2458-481e-b72f-083b98f758ff f13a74ab-aabb-4985-bcd1-d07d61680569
Set gateway for router 3a4b0ce1-2458-481e-b72f-083b98f758ff
$ quantum router-show 3a4b0ce1-2458-481e-b72f-083b98f758ff
+-----------------------+--------------------------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------------------------+
| admin_state_up | True |
| external_gateway_info | {"network_id": "f13a74ab-aabb-4985-bcd1-d07d61680569"} |
| id | 3a4b0ce1-2458-481e-b72f-083b98f758ff |
| name | myrouter1 |
| status | ACTIVE |
| tenant_id | 1dc53175e77349ec866dd3a82c0c0e9d |
+-----------------------+--------------------------------------------------------+
$ sudo ip netns exec qrouter-3a4b0ce1-2458-481e-b72f-083b98f758ff route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 qg-3b286887-a4
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-3b286887-a4
$ quantum router-interface-add 3a4b0ce1-2458-481e-b72f-083b98f758ff b26e1665-991c-4e58-bcc6-cfab08117f35
Added interface to router 3a4b0ce1-2458-481e-b72f-083b98f758ff
$ sudo ip netns exec qrouter-3a4b0ce1-2458-481e-b72f-083b98f758ff route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 qg-3b286887-a4
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qg-3b286887-a4
172.26.0.0 0.0.0.0 255.255.255.0 U 0 0 0 qr-ba7857fb-cd
$ quantum port-show ba7857fb-cd83-4a29-b7f9-e521d08891f9
+----------------+-------------------------------------------------------------------------------------+
| Field | Value |
+----------------+-------------------------------------------------------------------------------------+
| admin_state_up | True |
| device_id | 3a4b0ce1-2458-481e-b72f-083b98f758ff |
| device_owner | network:router_interface |
| fixed_ips | {"subnet_id": "b26e1665-991c-4e58-bcc6-cfab08117f35", "ip_address": "172.26.0.254"} |
| id | ba7857fb-cd83-4a29-b7f9-e521d08891f9 |
| mac_address | fa:16:3e:df:ba:1a |
| name | |
| network_id | fd4e5c96-2333-4832-b383-24fedc2765bf |
| status | ACTIVE |
| tenant_id | 1dc53175e77349ec866dd3a82c0c0e9d |
+----------------+-------------------------------------------------------------------------------------+
プールされているFloating IPを払い出す。
$ quantum floatingip-create ext_net
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 10.0.0.4 |
| floating_network_id | f13a74ab-aabb-4985-bcd1-d07d61680569 |
| id | 131decaf-ea09-43f4-aeb1-974dffb0e386 |
| port_id | |
| router_id | |
| tenant_id | ad6bc57213b04c7f867aadbab97519e3 |
+---------------------+--------------------------------------+
仮想マシンの接続されているポートを確認
$ quantum port-list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| 2d67b3d4-61e7-4b84-8cd2-25a75502b4b4 | | fa:16:3e:f7:0e:93 | {"subnet_id": "f70c420e-397d-4a38-a78d-e6fd61124791", "ip_address": "172.24.17.254"} |
| 40217e48-0137-4736-b576-f864a11ff150 | | fa:16:3e:5a:6b:56 | {"subnet_id": "f70c420e-397d-4a38-a78d-e6fd61124791", "ip_address": "172.24.17.2"} |
| 6056d371-3c42-42c5-8a7a-2cf36750c348 | | fa:16:3e:37:6f:8c | {"subnet_id": "f70c420e-397d-4a38-a78d-e6fd61124791", "ip_address": "172.24.17.1"} |
| bf58fea1-f2ee-4b9a-984b-4b595816fade | | fa:16:3e:1f:cb:3b | {"subnet_id": "f70c420e-397d-4a38-a78d-e6fd61124791", "ip_address": "172.24.17.3"} |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
払いだしたIPと、仮想マシンを関連付ける
$ quantum floatingip-associate 131decaf-ea09-43f4-aeb1-974dffb0e386 bf58fea1-f2ee-4b9a-984b-4b595816fade
Associated floatingip 131decaf-ea09-43f4-aeb1-974dffb0e386
$ quantum floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 131decaf-ea09-43f4-aeb1-974dffb0e386 | 172.24.17.3 | 10.0.0.4 | bf58fea1-f2ee-4b9a-984b-4b595816fade |
+--------------------------------------+------------------+---------------------+--------------------------------------+
アドレスの確認
$ sudo ip netns exec qrouter-132c24b2-66bd-408b-8b29-6392c259a29a ip addr
7: qr-2d67b3d4-61: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether fa:16:3e:f7:0e:93 brd ff:ff:ff:ff:ff:ff
inet 172.24.17.254/24 brd 172.24.17.255 scope global qr-2d67b3d4-61
inet6 fe80::f816:3eff:fef7:e93/64 scope link
valid_lft forever preferred_lft forever
8: qg-53df3f9f-c3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN
link/ether fa:16:3e:0f:60:01 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.2/24 brd 10.0.0.255 scope global qg-53df3f9f-c3
inet 10.0.0.4/32 brd 10.0.0.4 scope global qg-53df3f9f-c3
inet6 fe80::f816:3eff:fe0f:6001/64 scope link
valid_lft forever preferred_lft forever
11: lo: <LOOPBACK,UP,LOWER_UP> mtu 16436 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
iptablesの状態
$ sudo ip netns exec qrouter-132c24b2-66bd-408b-8b29-6392c259a29a iptables -nvL -t nat
Chain PREROUTING (policy ACCEPT 3 packets, 924 bytes)
pkts bytes target prot opt in out source destination
3 924 quantum-l3-agent-PREROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INPUT (policy ACCEPT 3 packets, 924 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 quantum-l3-agent-OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 quantum-l3-agent-POSTROUTING all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 quantum-postrouting-bottom all -- * * 0.0.0.0/0 0.0.0.0/0
Chain quantum-l3-agent-OUTPUT (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT all -- * * 0.0.0.0/0 10.0.0.4 to:172.24.17.3
Chain quantum-l3-agent-POSTROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 ACCEPT all -- !qg-53df3f9f-c3 !qg-53df3f9f-c3 0.0.0.0/0 0.0.0.0/0 ! ctstate DNAT
0 0 ACCEPT all -- * * 172.24.17.0/24 157.7.133.23
Chain quantum-l3-agent-PREROUTING (1 references)
pkts bytes target prot opt in out source destination
0 0 DNAT tcp -- * * 0.0.0.0/0 169.254.169.254 tcp dpt:80 to:157.7.133.23:8775
0 0 DNAT all -- * * 0.0.0.0/0 10.0.0.4 to:172.24.17.3
Chain quantum-l3-agent-float-snat (1 references)
pkts bytes target prot opt in out source destination
0 0 SNAT all -- * * 172.24.17.3 0.0.0.0/0 to:10.0.0.4
Chain quantum-l3-agent-snat (1 references)
pkts bytes target prot opt in out source destination
0 0 quantum-l3-agent-float-snat all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 SNAT all -- * * 172.24.17.0/24 0.0.0.0/0 to:10.0.0.2
Chain quantum-postrouting-bottom (1 references)
pkts bytes target prot opt in out source destination
0 0 quantum-l3-agent-snat all -- * * 0.0.0.0/0 0.0.0.0/0
ネットワークネームスペースの状態
ネットワークネームスペース内でのコマンド実行
ovsの状態を確認
ip addr ip link ip route ip tuntap
ブリッジの状態確認