3.10. Managing compute networks

3.10. Managing compute networks

3.10.1. vinfra service compute network create

Create a compute network:

usage: vinfra service compute network create [--dhcp | --no-dhcp]
                                             [--dns-nameserver <dns-nameserver>]
                                             [--allocation-pool <allocation-pool>]
                                             [--gateway <gateway> | --no-gateway]
                                             [--rbac-policies <rbac-policies>]
                                             [--ip-version <ip-version>]
                                             [--physical-network <physical-network>]
                                             [--vlan-network <vlan-network>]
                                             [--vlan <vlan>] [--cidr <cidr>]
                                             <network-name>
--dhcp
Enable DHCP.
--no-dhcp
Disable DHCP.
--dns-nameserver <dns-nameserver>
DNS server IP address. This option can be used multiple times.
--allocation-pool <allocation-pool>
Allocation pool to create inside the network in the format: ip_addr_start-ip_addr_end. This option can be used multiple times.
--gateway <gateway>
Gateway IP address
--no-gateway
Do not configure a gateway for this network.
--rbac-policies <rbac-policies>

Comma-separated list of RBAC policies in the format: <target>:<target_id>:<action> | none. Valid targets: project, domain. Valid actions: shared, full, routed. ‘*’ is valid target_id for all targets. Pass none to clear out all existing policies.

Example: domain:default:routed,project:uuid1:full

--ip-version <ip-version>
Network IP version
--physical-network <physical-network>
An infrastructure network to link to a physical network
--vlan-network <vlan-network>
A VLAN network to link
--vlan <vlan>
Virtual network VLAN ID
--cidr <cidr>
Subnet range in CIDR notation
<network-name>
Network name

Example 1. Creating a virtual network:

# vinfra service compute network create myprivnet
+------------------+--------------------------------------+
| Field            | Value                                |
+------------------+--------------------------------------+
| allocation_pools |                                      |
| cidr             |                                      |
| dns_nameservers  |                                      |
| enable_dhcp      |                                      |
| gateway_ip       |                                      |
| id               | a0019b43-fe64-4b30-8feb-ff772e293769 |
| ip_version       |                                      |
| ipam_enabled     | False                                |
| name             | myprivnet                            |
| physical_network |                                      |
| project_id       | 6b04700556634b60895804e7ef52df3d     |
| rbac_policies    | []                                   |
| router_external  | False                                |
| shared           | False                                |
| tags             | []                                   |
| type             | virtual                              |
| vlan_id          |                                      |
+------------------+--------------------------------------+

This command creates a virtual network myprivnet with disabled IP management.

Example 2. Creating an untagged physical network and sharing it with a particular domain:

# vinfra service compute network create mypubnet --physical-network Public \
--cidr 10.136.16.0/22 --gateway 10.136.16.1 --dns-nameserver 10.35.11.7 \
--allocation-pool 10.136.18.141-10.136.18.148 \
--rbac-policies domain:cd421db9f3e84e3e8cd2c932c1f7a698:full
+---------+--------------------------------------+
| Field   | Value                                |
+---------+--------------------------------------+
| task_id | 00551a29-c240-4273-ad8f-88535c6113ac |
+---------+--------------------------------------+

This command creates a task to create an untagged physical network over the Public infrastructure network, with enabled IP management, the specified network parameters, and full network access between all the projects within the specified domain.

Task outcome:

# vinfra task show 00551a29-c240-4273-ad8f-88535c6113ac
+---------+-----------------------------------------------------------------+
| Field   | Value                                                           |
+---------+-----------------------------------------------------------------+
| details |                                                                 |
| name    | backend.presentation.compute.network.tasks.CreateComputeNetwork |
| result  | id: 22674f9d-1c94-4953-b79b-7f6029ee9bd0                        |
|         | ipam_enabled: true                                              |
|         | name: mypubnet                                                  |
|         | physical_network: Public                                        |
|         | project_id: c22613639b3147e0b22ef057b87698fe                    |
|         | rbac_policies:                                                  |
|         | - actions:                                                      |
|         |   - routed                                                      |
|         |   - shared                                                      |
|         |   target_project: f59a0d9a4cd543daa73160575d48611b              |
|         | router_external: false                                          |
|         | shared: false                                                   |
|         | subnet:                                                         |
|         |   allocation_pools:                                             |
|         |   - end: 10.136.18.148                                          |
|         |     start: 10.136.18.141                                        |
|         |   cidr: 10.136.16.0/22                                          |
|         |   dns_nameservers:                                              |
|         |   - 10.35.11.7                                                  |
|         |   enable_dhcp: true                                             |
|         |   gateway_ip: 10.136.16.1                                       |
|         |   ip_version: 4                                                 |
|         | tags: []                                                        |
|         | type: flat                                                      |
|         | vlan_id: null                                                   |
| state   | success                                                         |
| task_id | 00551a29-c240-4273-ad8f-88535c6113ac                            |
+---------+-----------------------------------------------------------------+

Example 3. Creating a VLAN-based physical network and sharing it between all projects:

# vinfra service compute network create mypubnet_vlan --vlan 10 --physical-network Public \
--cidr 10.136.16.0/22 --gateway 10.136.16.1 --dns-nameserver 10.35.11.7 \
--allocation-pool 10.136.18.131-10.136.18.138 --rbac-policies project:*:shared
+---------+--------------------------------------+
| Field   | Value                                |
+---------+--------------------------------------+
| task_id | 3ec1afee-8fe5-4d0c-89da-84c971bf23cd |
+---------+--------------------------------------+

This command creates a task to create a VLAN-based physical network over the Public infrastructure network, with the VLAN ID 10, enabled IP management, the specified network parameters, and direct (shared) network access between all the projects in the infrastructure.

Task outcome:

# vinfra task show 3ec1afee-8fe5-4d0c-89da-84c971bf23cd
+---------+-----------------------------------------------------------------+
| Field   | Value                                                           |
+---------+-----------------------------------------------------------------+
| details |                                                                 |
| name    | backend.presentation.compute.network.tasks.CreateComputeNetwork |
| result  | id: 8f0dc747-4c8f-42ad-9a4b-31d7d81c61fd                        |
|         | ipam_enabled: true                                              |
|         | name: mypubnet_vlan                                             |
|         | physical_network: Public                                        |
|         | project_id: c22613639b3147e0b22ef057b87698fe                    |
|         | rbac_policies:                                                  |
|         | - actions:                                                      |
|         |   - shared                                                      |
|         |   target_project: '*'                                           |
|         | router_external: false                                          |
|         | shared: false                                                   |
|         | subnet:                                                         |
|         |   allocation_pools:                                             |
|         |   - end: 10.136.18.138                                          |
|         |     start: 10.136.18.131                                        |
|         |   cidr: 10.136.16.0/22                                          |
|         |   dns_nameservers:                                              |
|         |   - 10.35.11.7                                                  |
|         |   enable_dhcp: true                                             |
|         |   gateway_ip: 10.136.16.1                                       |
|         |   ip_version: 4                                                 |
|         | tags: []                                                        |
|         | type: vlan                                                      |
|         | vlan_id: 10                                                     |
| state   | success                                                         |
| task_id | 3ec1afee-8fe5-4d0c-89da-84c971bf23cd                            |
+---------+-----------------------------------------------------------------+

3.10.2. vinfra service compute network list

List compute networks:

usage: vinfra service compute network list [--long] [--limit <num>]
                                           [--marker <network>]
                                           [--name <name>] [--id <id>]
                                           [--project <project>]
                                           [--type <type>]
--long
Enable access and listing of all fields of objects.
--limit <num>
The maximum number of networks to list. To list all networks, set the option to -1.
--marker <network>
List networks after the marker.
--name <name>
List networks with the specified name or use a filter. Supported filter operator: contains. The filter format is <operator>:<value1>[,<value2>,...].
--id <id>
Show a network with the specified ID or list networks using a filter. Supported filter operator: in. The filter format is <operator>:<value1>[,<value2>,...].
--project <project>
List networks that belong to the specified project ID. Can only be performed by system administrators.
--type <type>
List networks with the specified type.

Example:

# vinfra service compute network list -c id -c name -c cidr -c allocation_pools
+----------------+---------------+------------------+-------------------------------+
| id             | name          | cidr             | allocation_pools              |
+----------------+---------------+------------------+-------------------------------+
| 22674f9d-<...> | mypubnet      | 10.136.16.0/22   | 10.136.18.141-10.136.18.148   |
| 8f0dc747-<...> | mypubnet_vlan | 10.136.16.0/22   | 10.136.18.131-10.136.18.138   |
| a0019b43-<...> | myprivnet     |                  |                               |
+----------------+---------------+------------------+-------------------------------+

This command lists networks used in the compute cluster.

3.10.3. vinfra service compute network show

Display compute network details:

usage: vinfra service compute network show <network>
<network>
Network ID or name

Example:

# vinfra service compute network show mypubnet
+------------------+----------------------------------------------------+
| Field            | Value                                              |
+------------------+----------------------------------------------------+
| allocation_pools | 10.136.18.141-10.136.18.148                        |
| cidr             | 10.136.16.0/22                                     |
| dns_nameservers  | 10.35.11.7                                         |
| enable_dhcp      | True                                               |
| gateway_ip       | 10.136.16.1                                        |
| id               | 22674f9d-1c94-4953-b79b-7f6029ee9bd0               |
| ip_version       | 4                                                  |
| ipam_enabled     | True                                               |
| name             | mypubnet                                           |
| physical_network | Public                                             |
| project_id       | c22613639b3147e0b22ef057b87698fe                   |
| rbac_policies    | - actions:                                         |
|                  |   - routed                                         |
|                  |   - shared                                         |
|                  |   target_domain: cd421db9f3e84e3e8cd2c932c1f7a698  |
|                  |   target_project: f59a0d9a4cd543daa73160575d48611b |
| router_external  | True                                               |
| shared           | False                                              |
| tags             | []                                                 |
| type             | physical                                           |
| vlan_id          |                                                    |
+------------------+----------------------------------------------------+

This command shows the details of the compute network mypubnet.

3.10.4. vinfra service compute network set

Modify compute network parameters:

usage: vinfra service compute network set [--dhcp | --no-dhcp]
                                          [--dns-nameserver <dns-nameserver>]
                                          [--allocation-pool <allocation-pool>]
                                          [--gateway <gateway> | --no-gateway]
                                          [--rbac-policies <rbac-policies>]
                                          [--name <name>] <network>
--dhcp
Enable DHCP.
--no-dhcp
Disable DHCP.
--dns-nameserver <dns-nameserver>
DNS server IP address. This option can be used multiple times.
--allocation-pool <allocation-pool>
Allocation pool to create inside the network in the format: ip_addr_start-ip_addr_end. This option can be used multiple times.
--gateway <gateway>
Gateway IP address
--no-gateway
Do not configure a gateway for this network.
--rbac-policies <rbac-policies>

Comma-separated list of RBAC policies in the format: <target>:<target_id>:<action> | none. Valid targets: project, domain. Valid actions: shared, full, routed. ‘*’ is valid target_id for all targets. Pass none to clear out all existing policies.

Example: domain:default:routed,project:uuid1:full

--name <name>
A new name for the network
<network>
Network ID or name

Example:

# vinfra service compute network set mypubnet --rbac-policies none
+------------------+--------------------------------------+
| Field            | Value                                |
+------------------+--------------------------------------+
| allocation_pools | 10.136.18.141-10.136.18.148          |
| cidr             | 10.136.16.0/22                       |
| dns_nameservers  | 10.35.11.7                           |
| enable_dhcp      | True                                 |
| gateway_ip       | 10.136.16.1                          |
| id               | 22674f9d-1c94-4953-b79b-7f6029ee9bd0 |
| ip_version       | 4                                    |
| ipam_enabled     | True                                 |
| name             | mypubnet                             |
| physical_network | Public                               |
| project_id       | c22613639b3147e0b22ef057b87698fe     |
| rbac_policies    | []                                   |
| router_external  | False                                |
| shared           | False                                |
| tags             | []                                   |
| type             | physical                             |
| vlan_id          |                                      |
+------------------+--------------------------------------+

This command disables network access for the compute network mypubnet.

3.10.5. vinfra service compute network delete

Delete a compute network:

usage: vinfra service compute network delete <network>
<network>
Network ID or name

Example:

# vinfra service compute network delete myprivnet
Operation accepted.

This command deletes the compute network myprivnet.