This section covers essential networking concepts and operations in our OpenStack environment, including creating private networks, configuring internet access, and managing security groups.

Dashboard tutorial

1. Accessing the Network Dashboard

  • Navigate to the Network tab in the left-hand sidebar.
  • Select Networks.

This view gives you a comprehensive list of all networks available to your project, organized by tabs.

2. Understanding Network Types

The main panel is divided into tabs that categorize your networks:

  • Current Project Networks: These are the Private Networks that you have created. They are isolated to your project and are used for internal communication between your instances (e.g., connecting a database VM to a web server VM).
  • External Networks: These are public networks provided by the cloud infrastructure. You cannot modify these, but you will link your Routers to them to provide internet access to your instances.
  • Shared Networks: Networks that are shared with your project by administrators or other projects.

3. Creating a Network & Subnet

When you click Create Network, a pop up opens to guide you through the configuration. It is divided into three main steps:

Step 1: Network Information

This step defines the container for your network.

  • Name: Give your network a recognizable name (e.g., private-net-01).
  • Description: (Optional) useful for identifying the purpose (e.g., “Backend Database Network”).
  • MTU:
    • Set to 1440 if you plan to connect this network to a Public network via a vRouter
    • Can be set up to 8940 for closed networks with no external connectivity (or leave blank for default)

Step 2: Subnet Configuration

Every network needs a “Subnet” to define the range of IP addresses available for your Virtual Machines (VMs).

  • Create Subnet: Ensure this checkbox is selected.
  • Subnet Name: Usually matches the network name or describes the range (e.g., subnet-192-168-0-x).
  • Network Address (CIDR): This is the most critical field. You must define the IP range in CIDR format.
    • Example: 192.168.0.0/24 (This provides IPs from 192.168.0.1 to 192.168.0.254).
  • Gateway IP: You can usually leave this blank. The system will automatically assign the first IP (e.g., 192.168.0.1) as the gateway.

Step 3: DHCP & DNS (Subnet Details)

This step ensures your VMs automatically get an IP address and can resolve domain names.

  • Expand Advanced Options
  • Enable DHCP: Keep this checked. If unchecked, you will have to manually configure network interfaces inside every OS you deploy.
  • DNS Name Servers: To ensure your servers can resolve internet addresses (like shadow.tech or apt-get repositories), enter public DNS resolvers here (one per line).
    • Google DNS: 8.8.8.8
    • Cloudflare DNS: 1.1.1.1
    • Quad9 DNS: 9.9.9.9

Click OK to finish.

Step 4: Connecting to the Internet (Router)

Creating a network creates an isolated private island. To give your instances internet access, you must connect this new private network to a public Router.

  • Navigate to Network -> Routers.

  • Click Create Router.

    • Name it (e.g., router-01).
    • Tick the Open External Gateway checkbox.
    • External Network: Select the public network available in the dropdown.
    • Click OK to finish.

  • Once the router is created, click on its Name to open its details.

  • Click on More in the top right corner and select Connect Subnet.

    • Select the Private Network & Subnet you just created in the previous section.
    • Click OK to finish.

Your private network is now bridged to the internet. Instances launched on this network will have outbound internet access.

4. Key Network Components

The Skyline sidebar provides quick access to other essential networking components. Here is a quick glossary of the most common tools:

  • Routers: Used to connect your private Project Networks to the External Network (Internet).
  • Floating IPs: Public IP addresses that you can dynamically assign to your instances to make them accessible from the internet.
  • Security Groups: Your virtual firewall. Use this to define rules allowing specific traffic (like SSH or HTTP) to reach your instances.
  • Topology: A visual graph showing how your instances, routers, and networks are connected.
  • Load Balancing: Distribute incoming traffic across multiple instances for better performance and redundancy.

Best Practices

  1. Use meaningful names for networks, routers, and security groups
  2. Regularly audit your security group rules
  3. Minimize open ports and restrict access to necessary IP ranges only
  4. Use private networks for internal communication between instances
  5. Document your network topology and IP address allocations