Ubuntu 24.04
Sponsored Link

OpenStack Caracal : Neutron नेटवर्क (FLAT)2024/05/21

 

OpenStack नेटवर्क सेवा (Neutron) द्वारा वर्चुअल नेटवर्किंग कॉन्फ़िगर करें।

उदाहरण के लिए, यहां FLAT प्रकार की नेटवर्किंग कॉन्फ़िगर करें।
नियंत्रण नोड, नेटवर्क नोड, नोड की गणना करें, कंप्यूट नोड पर बुनियादी सेटिंग्स कॉन्फ़िगर करें।

इसके अलावा, यह उदाहरण उस वातावरण पर आधारित है जिसमें नेटवर्क नोड और कंप्यूट नोड में 2 नेटवर्क इंटरफेस हैं।
और [eth1] बिना आईपी एड्रेस के भी चालू है, Netplan पर अनाम इंटरफ़ेस को बढ़ाने के लिए यहां [1] देखें।

------------+--------------------------+--------------------------+------------
            |                          |                          |
        eth0|10.0.0.30             eth0|10.0.0.50             eth0|10.0.0.51
+-----------+-----------+  +-----------+-----------+  +-----------+-----------+
|   [ dlp.srv.world ]   |  | [ network.srv.world ] |  |  [ node01.srv.world ] |
|     (Control Node)    |  |     (Network Node)    |  |     (Compute Node)    |
|                       |  |                       |  |                       |
|  MariaDB    RabbitMQ  |  |  Neutron L2/L3 Agent  |  |        Libvirt        |
|  Memcached  Nginx     |  |   Neutron Metadata    |  |      Nova Compute     |
|  Keystone   httpd     |  |     Open vSwitch      |  |    Neutron L2 Agent   |
|  Glance     Nova API  |  |                       |  |      Open vSwitch     |
|  Neutron Server       |  |                       |  |                       |
|  Neutron Metadata     |  |                       |  |                       |
+-----------------------+  +-----------+-----------+  +-----------+-----------+
                                   eth1|(UP with no IP)       eth1|(UP with no IP)

[1] नेटवर्क नोड और कंप्यूट नोड दोनों पर निम्नानुसार सेटिंग बदलें।
# पुल जोड़ें

root@network:~#
ovs-vsctl add-br br-eth1
# उपरोक्त पुल के पोर्ट में [eth1] जोड़ें
# इंटरफ़ेस नाम [eth1] को अपने परिवेश में बदलें

root@network:~#
ovs-vsctl add-port br-eth1 eth1
root@network:~#
vi /etc/neutron/plugins/ml2/ml2_conf.ini
# पंक्ति 219 : जोड़ें

[ml2_type_flat]
flat_networks = physnet1
root@network:~#
vi /etc/neutron/plugins/ml2/openvswitch_agent.ini
# पंक्ति 302 : जोड़ें

[ovs]
bridge_mappings = physnet1:br-eth1
root@network:~#
systemctl restart neutron-openvswitch-agent

[2] नेटवर्क बनाएं। किसी भी नोड पर काम करना ठीक है। (नीचे उदाहरण नियंत्रण नोड पर है)
root@dlp ~(keystone)#
projectID=$(openstack project list | grep service | awk '{print $2}')
# [sharednet1] नामक नेटवर्क बनाएं

root@dlp ~(keystone)#
openstack network create --project $projectID \
--share --provider-network-type flat --provider-physical-network physnet1 sharednet1

+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2024-05-21T06:48:16Z                 |
| description               |                                      |
| dns_domain                | None                                 |
| id                        | 9b1bde5c-6671-455e-bd14-ab662ee56f89 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| is_default                | False                                |
| is_vlan_transparent       | None                                 |
| mtu                       | 1500                                 |
| name                      | sharednet1                           |
| port_security_enabled     | True                                 |
| project_id                | ab9749e59bdb48e4807a18abb83c9f99     |
| provider:network_type     | flat                                 |
| provider:physical_network | physnet1                             |
| provider:segmentation_id  | None                                 |
| qos_policy_id             | None                                 |
| revision_number           | 1                                    |
| router:external           | Internal                             |
| segments                  | None                                 |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      |                                      |
| tenant_id                 | ab9749e59bdb48e4807a18abb83c9f99     |
| updated_at                | 2024-05-21T06:48:16Z                 |
+---------------------------+--------------------------------------+

# [sharednet1] में सबनेट [10.0.0.0/24] बनाएं

root@dlp ~(keystone)#
openstack subnet create subnet1 --network sharednet1 \
--project $projectID --subnet-range 10.0.0.0/24 \
--allocation-pool start=10.0.0.200,end=10.0.0.254 \
--gateway 10.0.0.1 --dns-nameserver 10.0.0.10

+----------------------+--------------------------------------+
| Field                | Value                                |
+----------------------+--------------------------------------+
| allocation_pools     | 10.0.0.200-10.0.0.254                |
| cidr                 | 10.0.0.0/24                          |
| created_at           | 2024-05-21T06:48:46Z                 |
| description          |                                      |
| dns_nameservers      | 10.0.0.10                            |
| dns_publish_fixed_ip | None                                 |
| enable_dhcp          | True                                 |
| gateway_ip           | 10.0.0.1                             |
| host_routes          |                                      |
| id                   | bcfd4b7f-baf7-472f-baaa-b30805f21459 |
| ip_version           | 4                                    |
| ipv6_address_mode    | None                                 |
| ipv6_ra_mode         | None                                 |
| name                 | subnet1                              |
| network_id           | 9b1bde5c-6671-455e-bd14-ab662ee56f89 |
| project_id           | ab9749e59bdb48e4807a18abb83c9f99     |
| revision_number      | 0                                    |
| segment_id           | None                                 |
| service_types        |                                      |
| subnetpool_id        | None                                 |
| tags                 |                                      |
| updated_at           | 2024-05-21T06:48:46Z                 |
+----------------------+--------------------------------------+

# सेटिंग्स की पुष्टि करें

root@dlp ~(keystone)#
openstack network list

+--------------------------------+------------+--------------------------------+
| ID                             | Name       | Subnets                        |
+--------------------------------+------------+--------------------------------+
| 9b1bde5c-6671-455e-bd14-       | sharednet1 | bcfd4b7f-baf7-472f-baaa-       |
| ab662ee56f89                   |            | b30805f21459                   |
+--------------------------------+------------+--------------------------------+
[3] ऊपर बनाए गए नेटवर्क के साथ एक वर्चुअल मशीन इंस्टेंस बनाएं और शुरू करें।
# उपलब्ध [flavor] सूची की पुष्टि करें

ubuntu@dlp ~(keystone)$
openstack flavor list

+----+-----------+------+------+-----------+-------+-----------+
| ID | Name      |  RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+------+------+-----------+-------+-----------+
| 1  | m1.tiny   | 2048 |   10 |         0 |     1 | True      |
| 2  | m1.small  | 4096 |   10 |         0 |     2 | True      |
| 3  | m1.medium | 8192 |   10 |         0 |     4 | True      |
| 4  | m2.medium | 8192 |   10 |        10 |     4 | True      |
+----+-----------+------+------+-----------+-------+-----------+

# उपलब्ध छवि सूची की पुष्टि करें

ubuntu@dlp ~(keystone)$
openstack image list

+--------------------------------------+------------+--------+
| ID                                   | Name       | Status |
+--------------------------------------+------------+--------+
| 7620a182-99f2-4132-9c6e-4b2da962b241 | Ubuntu2404 | active |
+--------------------------------------+------------+--------+

# उपलब्ध नेटवर्क सूची की पुष्टि करें

ubuntu@dlp ~(keystone)$
openstack network list

+--------------------------------+------------+--------------------------------+
| ID                             | Name       | Subnets                        |
+--------------------------------+------------+--------------------------------+
| 9b1bde5c-6671-455e-bd14-       | sharednet1 | bcfd4b7f-baf7-472f-baaa-       |
| ab662ee56f89                   |            | b30805f21459                   |
+--------------------------------+------------+--------------------------------+

# उदाहरण के लिए एक सुरक्षा समूह बनाएं

ubuntu@dlp ~(keystone)$
openstack security group create secgroup01

+-----------------+------------------------------------------------------------+
| Field           | Value                                                      |
+-----------------+------------------------------------------------------------+
| created_at      | 2024-05-21T06:51:23Z                                       |
| description     | secgroup01                                                 |
| id              | a7489a36-5a3c-47a6-9d97-7e09d2707004                       |
| name            | secgroup01                                                 |
| project_id      | 18ede7365bdc430093e8fd4a90f77369                           |
| revision_number | 1                                                          |
| rules           | created_at='2024-05-21T06:51:23Z', direction='egress',     |
|                 | ethertype='IPv6',                                          |
|                 | id='43129404-8e03-4b29-a19e-d438cc9bca67',                 |
|                 | standard_attr_id='20', updated_at='2024-05-21T06:51:23Z'   |
|                 | created_at='2024-05-21T06:51:23Z', direction='egress',     |
|                 | ethertype='IPv4',                                          |
|                 | id='8088bea8-9608-4264-971e-d8398ffe0863',                 |
|                 | standard_attr_id='21', updated_at='2024-05-21T06:51:23Z'   |
| shared          | False                                                      |
| stateful        | True                                                       |
| tags            | []                                                         |
| updated_at      | 2024-05-21T06:51:23Z                                       |
+-----------------+------------------------------------------------------------+

# इंस्टेंस से कनेक्ट करने के लिए एक SSH कीपेयर बनाएं

ubuntu@dlp ~(keystone)$
ssh-keygen -q -N ""

Enter file in which to save the key (/home/ubuntu/.ssh/id_ed25519):
# सार्वजनिक कुंजी जोड़ें

ubuntu@dlp ~(keystone)$
openstack keypair create --public-key ~/.ssh/id_ed25519.pub mykey

+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| created_at  | None                                            |
| fingerprint | 09:d5:f0:34:e3:d0:90:c2:28:74:98:01:1f:ea:76:cc |
| id          | mykey                                           |
| is_deleted  | None                                            |
| name        | mykey                                           |
| type        | ssh                                             |
| user_id     | b9371d015e0d43dca74f29161448ffd2                |
+-------------+-------------------------------------------------+

ubuntu@dlp ~(keystone)$
netID=$(openstack network list | grep sharednet1 | awk '{ print $2 }')

ubuntu@dlp ~(keystone)$
openstack server create --flavor m1.small --image Ubuntu2404 --security-group secgroup01 --nic net-id=$netID --key-name mykey Ubuntu-2404
ubuntu@dlp ~(keystone)$
openstack server list

+--------------+-------------+--------+---------------+------------+----------+
| ID           | Name        | Status | Networks      | Image      | Flavor   |
+--------------+-------------+--------+---------------+------------+----------+
| 314d9a1b-    | Ubuntu-2404 | ACTIVE | sharednet1=10 | Ubuntu2404 | m1.small |
| f50e-40b3-   |             |        | .0.0.212      |            |          |
| 8e94-        |             |        |               |            |          |
| 91eba3ba5d70 |             |        |               |            |          |
+--------------+-------------+--------+---------------+------------+----------+
[4] SSH और ICMP तक पहुँचने के लिए आपके द्वारा ऊपर बनाए गए सुरक्षा समूह के लिए सुरक्षा सेटिंग्स कॉन्फ़िगर करें।
# अनुमति ICMP

ubuntu@dlp ~(keystone)$
openstack security group rule create --protocol icmp --ingress secgroup01

+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| belongs_to_default_sg   | False                                |
| created_at              | 2024-05-21T06:55:08Z                 |
| description             |                                      |
| direction               | ingress                              |
| ether_type              | IPv4                                 |
| id                      | c2495ff4-cae1-4390-b555-6ba79e1ba778 |
| name                    | None                                 |
| normalized_cidr         | 0.0.0.0/0                            |
| port_range_max          | None                                 |
| port_range_min          | None                                 |
| project_id              | 18ede7365bdc430093e8fd4a90f77369     |
| protocol                | icmp                                 |
| remote_address_group_id | None                                 |
| remote_group_id         | None                                 |
| remote_ip_prefix        | 0.0.0.0/0                            |
| revision_number         | 0                                    |
| security_group_id       | a7489a36-5a3c-47a6-9d97-7e09d2707004 |
| tags                    | []                                   |
| updated_at              | 2024-05-21T06:55:08Z                 |
+-------------------------+--------------------------------------+

# अनुमति SSH

ubuntu@dlp ~(keystone)$
openstack security group rule create --protocol tcp --dst-port 22:22 secgroup01

+-------------------------+--------------------------------------+
| Field                   | Value                                |
+-------------------------+--------------------------------------+
| belongs_to_default_sg   | False                                |
| created_at              | 2024-05-21T06:55:35Z                 |
| description             |                                      |
| direction               | ingress                              |
| ether_type              | IPv4                                 |
| id                      | 2a54b381-dd4e-4f53-a843-1ae6699e653c |
| name                    | None                                 |
| normalized_cidr         | 0.0.0.0/0                            |
| port_range_max          | 22                                   |
| port_range_min          | 22                                   |
| project_id              | 18ede7365bdc430093e8fd4a90f77369     |
| protocol                | tcp                                  |
| remote_address_group_id | None                                 |
| remote_group_id         | None                                 |
| remote_ip_prefix        | 0.0.0.0/0                            |
| revision_number         | 0                                    |
| security_group_id       | a7489a36-5a3c-47a6-9d97-7e09d2707004 |
| tags                    | []                                   |
| updated_at              | 2024-05-21T06:55:35Z                 |
+-------------------------+--------------------------------------+

ubuntu@dlp ~(keystone)$
openstack security group rule list secgroup01

+----------+-------------+-----------+----------+------------+-----------+-----------------------+----------------------+
| ID       | IP Protocol | Ethertype | IP Range | Port Range | Direction | Remote Security Group | Remote Address Group |
+----------+-------------+-----------+----------+------------+-----------+-----------------------+----------------------+
| 2a54b381 | tcp         | IPv4      | 0.0.0.0/ | 22:22      | ingress   | None                  | None                 |
| -dd4e-   |             |           | 0        |            |           |                       |                      |
| 4f53-    |             |           |          |            |           |                       |                      |
| a843-    |             |           |          |            |           |                       |                      |
| 1ae6699e |             |           |          |            |           |                       |                      |
| 653c     |             |           |          |            |           |                       |                      |
| 43129404 | None        | IPv6      | ::/0     |            | egress    | None                  | None                 |
| -8e03-   |             |           |          |            |           |                       |                      |
| 4b29-    |             |           |          |            |           |                       |                      |
| a19e-    |             |           |          |            |           |                       |                      |
| d438cc9b |             |           |          |            |           |                       |                      |
| ca67     |             |           |          |            |           |                       |                      |
| 8088bea8 | None        | IPv4      | 0.0.0.0/ |            | egress    | None                  | None                 |
| -9608-   |             |           | 0        |            |           |                       |                      |
| 4264-    |             |           |          |            |           |                       |                      |
| 971e-    |             |           |          |            |           |                       |                      |
| d8398ffe |             |           |          |            |           |                       |                      |
| 0863     |             |           |          |            |           |                       |                      |
| c2495ff4 | icmp        | IPv4      | 0.0.0.0/ |            | ingress   | None                  | None                 |
| -cae1-   |             |           | 0        |            |           |                       |                      |
| 4390-    |             |           |          |            |           |                       |                      |
| b555-    |             |           |          |            |           |                       |                      |
| 6ba79e1b |             |           |          |            |           |                       |                      |
| a778     |             |           |          |            |           |                       |                      |
+----------+-------------+-----------+----------+------------+-----------+-----------------------+----------------------+
[5] उदाहरण के लिए लॉगिन करें।
ubuntu@dlp ~(keystone)$
ssh ubuntu@10.0.0.212

The authenticity of host '10.0.0.212 (10.0.0.212)' can't be established.
ED25519 key fingerprint is SHA256:jqdqp/JwCSgi78lgCw8XMYVd7d1p3VApbZQpT1mX1iw.
This key is not known by any other names.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '10.0.0.212' (ED25519) to the list of known hosts.
Welcome to Ubuntu 24.04 LTS (GNU/Linux 6.8.0-31-generic x86_64)

.....
.....

To run a command as administrator (user "root"), use "sudo <command>".
See "man sudo_root" for details.

ubuntu@ubuntu-2404:~$     # में लॉग इन
मिलान सामग्री