openstack-port

List all ports

$ openstack port list

$ openstack port show [port_id_or_name]

$ openstack port create --network [network_id_or_name] [port_name]

$ openstack port create --network [network_id] --fixed-ip subnet=[subnet_id],ip-address=192.168.1.50 [port_name]

$ openstack port delete [port_id_or_name]

openstack port <subcommand> [options] [arguments]

Common Subcommands:
create <network> [options] Create a new network port.
delete [options] <port> [<port> ...] Delete one or more ports.
list [options] List ports.
show [options] <port> Display port details.
set [options] <port> Update port attributes.
unset [options] <port> Unset port attributes.

<network>
    The name or ID of the network to which the port will be connected (primarily for create).

<port>
    The name or ID of the port to operate on (for show, delete, set, unset).

--fixed-ip ip-address=<ip-address>[,subnet=<subnet>]
    Specify a fixed IP address for the port, optionally associating it with a specific subnet (for create, set). Can be specified multiple times.

--security-group <security-group>
    Associate the port with a security group by name or ID (for create, set). Can be specified multiple times. Use --no-security-group with set to remove all security groups.

--enable-dhcp / --disable-dhcp
    Enable or disable DHCP for the port's fixed IP addresses (for create, set).

--device-owner <owner>
    Specify the device owner of the port (e.g., compute:nova for VM ports, network:router_interface for router ports) (for create, set).

--mac-address <mac-address>
    Specify the MAC address for the port (for create, set).

--project <project> | --project-id <project-id>
    Filter or assign the port to a specific project by name or ID (for list, create).

--description <description>
    Set a human-readable description for the port (for create, set).

--tag <tag>
    Set a tag on the port. Can be specified multiple times (for create, set).

--qos-policy <qos-policy>
    Associate the port with a QoS policy by name or ID (for create, set).

The openstack port command is part of the OpenStack unified command-line client, used for managing network ports within an OpenStack cloud environment. Network ports are virtual connection points that attach resources (like virtual machines, routers, or load balancers) to virtual networks.

Each port is assigned a unique identifier, and typically has one or more IP addresses (fixed IPs), a MAC address, and is associated with a specific network. Ports can also be configured with security groups to control network traffic, Quality of Service (QoS) policies, and other attributes.

This command provides a comprehensive set of subcommands to perform various operations on ports, including creating new ports, listing existing ports with their details, displaying detailed information for a specific port, updating port attributes, and deleting ports. It is an essential tool for network administrators and cloud users to configure connectivity for their cloud resources.

Permissions are critical; users must have the necessary roles and policies to create, modify, or delete ports. Deleting a port that is attached to an active virtual machine or another resource will disrupt its network connectivity and may lead to instance failure or orphaned resources. Ensure the associated network and subnet exist and are correctly configured before creating ports. When assigning fixed IPs, ensure they are within the subnet's allocation pool and not already in use.

Create a port on a network with a specific fixed IP and security group:
openstack port create --network private-net --fixed-ip ip-address=192.168.1.10 --security-group default my-new-port

List all ports in a project:
openstack port list --project my-project-name

Show details of a specific port:
openstack port show my-new-port

Update a port to add a description and new security group:
openstack port set --description 'Port for web server' --security-group web-sg my-web-port

Delete a port:
openstack port delete my-new-port

OpenStack ports play a crucial role in the lifecycle of various cloud resources. When a virtual machine (VM) is created, OpenStack automatically provisions a port for it, typically with a device-owner of compute:nova. Similarly, routers have ports for external and internal network interfaces (e.g., network:router_interface). Understanding the device-owner attribute helps in identifying the purpose of a port and avoiding accidental deletion of ports that are managed by other OpenStack services, which could lead to service disruptions. Manually created ports often have no initial device-owner, allowing them to be attached later to instances or other services.

The functionality now provided by openstack port originated within the dedicated neutron client for OpenStack Networking (Neutron). As OpenStack evolved towards a unified command-line interface, the capabilities of the neutron client were gradually integrated into the generic openstack client. This consolidation aimed to simplify CLI interactions by providing a consistent experience across all OpenStack services, making openstack port the standard way to manage networking ports since the Kilo release (2015) and becoming the preferred method over the legacy neutron client commands.

openstack network, openstack server, openstack security group, openstack subnet, openstack router