头盘
版本选择
本指南部分图片来自 OpenStack 官方 OpenStack
本指南以CentOS作为底层系统,OpenStack同样支持多种Linux系统,具体系统要求参考:https://docs.openstack.org/install-guide/preface.html
近五年时间内,CentOS相继发布了多个版本,8、Stream 8、9,以至于时间段内的OpenStack大版本对底层系统的要求有极大不同。
具体版本对照见下表
| OpenStack 版本 | CentOS 版本 |
|---|---|
| Train 以及更早 | 7 |
| Ussuri and Victoria | 8 |
| Wallaby 到 Yoga | Stream 8 |
后续将选择 CentOS-Stream-8-x86_64-20220712-boot作为底层系统安部署OpenStack Yoga
OpenStack 版本发布时间表
节点准备
使用三节点规格最小化部署 OpenStack Yoga
具体节点规格见下表
| 节点名称 | 主机名 | 处理器核心数 | 内存(GB) | 硬盘 1(GB) | 硬盘 2 (GB) | 网卡 1 地址 | 网卡 2 地址 |
|---|---|---|---|---|---|---|---|
| 控制节点 | controller | 4 | 8 | 200 | 无 | 10.0.0.10 | 192.168.0.10 |
| 计算节点 | computer | 16 | 32 | 100 | 无 | 10.0.0.20 | 192.168.0.20 |
| 块存储节点 | block | 2 | 4 | 100 | 1000 | 10.0.0.30 |
网络架构
物理网络
以官方给出的最小化安装架构为蓝图构建网络拓扑
设定 10.0.0.0/24 为 OpenStack 管理网络的网段,三节点的网卡 1 均以固定 IP 的形式接入该网段。
设定 192.168.0.0/24 为 OpenStack 对外提供服务的网段,三节点的网卡 2 均以固定 IP 的形式接入该网段,由于 yum 安装 OpenStack 服务需连接互联网下载相关包,则网卡 2 设定时指定网关以连接至互联网。
虚拟网络
OpenStack 提供两种虚拟网络结构供用户选择:网络选项 1(提供商网络),该选项将将虚拟网络连接到物理网络,并依赖物理网络基础设施提供第 3 层(路由)服务,是最简单的部署方式;网络选项 2(自助服务网络),该选项增强了提供商网络选项,并使用例如 VXLAN 等上层分段方式将本地网络划分为多个虚拟网络而不需要依赖于物理网络的基础架构(NAT 等),可将实例网络分为内部网络与外部网络,互不相关联。
提供商网络
自助服务网络
后续部署默认将选择网络选项 2(自助服务网络)进行安装,不再赘述缘由。
各节点所需安装的服务
以官方给出的最小化安装架构为蓝图,选择网络选项 2 进行安装,这样部署云平台即可创建内部网络,为不同项目、组织划分不同网络,更贴近于实际私有云环境。
具体节点所安装服务见下表
| 节点名称 | OpenStack 服务 |
|---|---|
| 控制节点 | MariaDB RabbitMQ Memcache Etcd Keystone Placement Glance Nova Neutron Cinder Horizon |
| 计算节点 | Nova Neutron |
| 块存储节点 | Cinder |
汤
安全性
OpenStack 各组件都需要在控制节点数据库中注册专属账户以存放数据信息,故需要设置密码,强烈建议各组件的密码以及宿主机密码各不相同。
具体密码设置见下表
| OpenStack 组件 | 密码 |
|---|---|
| 控制节点 root | ROOT_PASS_controller |
| 计算节点 root | ROOT_PASS_computer |
| 块存储节点 root | ROOT_PASS_block |
| Mariadb root 账户 | MARIADB_PASS |
| RabbitMQ 服务 | RABBIT_PASS |
| OpenStack admin | ADMIN_PASS |
| Placement 服务 | PLACEMENT_PASS |
| Keystone 数据库 | KEYSTONE_DBPASS |
| Glance 服务 | GLANCE_PASS |
| Glance 数据库 | GLANCE_DBPASS |
| Nova 服务 | NOVA_PASS |
| Nova 数据库 | NOVA_DBPASS |
| Neutron 服务 | NEUTRON_PASS |
| Neutron 数据库 | NEUTRON_DBPASS |
| Cinder 服务 | CINDER_PASS |
| Cinder 数据库 | CINDER_DBPASS |
| Horizon 数据库 | DASH_DBPASS |
| Metadata 元数据密钥 | METADATA_SECRET |
云环境
云创建时将需要键入初始域名与项目名(OpenStack 域名特指数据中心区域而非互联网 DNS 解析域名)
本指南后续配置域名及项目名等如下表所示
| 键 | 值 |
|---|---|
| 系统默认项目名 | Yoga |
| 系统默认域名 | default |
| admin 用户所属域名 | RegionOne |
| 项目域名 | RegionOne |
| Keystone 服务 URL | http://controller:5000/v3 |
| Keystone 服务 API 版本 | 3 |
| Glance 服务 API 版本 | 2 |
不建议将云实例部署在 default 域名,此域名用以 OpenStack 服务间通信
控制节点管理 OpenStack 服务时需要进行身份认证,可将认证信息导入到控制节点环境变量中,方便后续安装配置使用。
admin-openrc.sh 文件需提前编写并放入控制节点中,后续安装将不再说明由来
vi admin-openrc.sh
export OS_PROJECT_DOMAIN_NAME=Default
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_NAME=admin
export OS_USERNAME=admin
export OS_PASSWORD=ADMIN_PASS
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
vi user_dog-openrc.sh
export OS_USERNAME=user_dog
export OS_PASSWORD=DOG_PASS
export OS_PROJECT_NAME=Yoga
export OS_USER_DOMAIN_NAME=RegionOne
export OS_PROJECT_DOMAIN_NAME=RegionOne
export OS_AUTH_URL=http://controller:5000/v3
export OS_IDENTITY_API_VERSION=3
export OS_IMAGE_API_VERSION=2
# OS_USERNAME 登录 OpenStack 服务的用户名
# OS_PASSWORD 登录 OpenStack 服务的用户密码
# OS_PROJECT_NAME 登录时进入的项目名
# OS_USER_DOMAIN_NAME 登录时进入的域名
# OS_PROJECT_DOMAIN_NAME 登录时进入的项目域名
# OS_AUTH_URL 指定 Keystone(身份认证服务)的 URL
# 如未部署 DNS 服务器,则需要在 hosts中指定 controller 映射,或将 controller 用控制节点 IP 替代
# OS_IDENTITY_API_VERSION 身份认证服务的 API 版本号
# OS_IMAGE_API_VERSION 镜像服务的 API 版本号
用户
全部部署过程将创建两个账户:admin、user_dog,admin 为全局最高权限账户,user_dog 为普通权限账户用于模拟租户使用云服务。
用户名及密码对照表如下表
| 用户名 | 密码 |
|---|---|
| admin | ADMIN_PASS |
| user_dog | DOG_PASS |
副菜
本章节内容:各个节点的基础环境配置。
指南默认以最小化安装 CentOS Stream 8 为基础进行后续安装,具体系统安装方法自行搜索获取不再赘述
- 设置主机名
# 控制节点
hostnamectl set-hostname controller
# 计算节点
hostnamectl set-hostname computer
# 块存储节点
hostnamectl set-hostname block
- 配置网卡
# 各节点
ip address
# 确定网卡 1 2 的网卡名称 以 eth0 eth1 为例
# 控制节点
# 网卡 1
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
DEFROUTE=no
IPADDR=10.0.0.10
NETMASK=255.255.255.0
GATEWAY=10.0.0.1
# 网卡2
vi /etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=static
IPADDR=192.168.0.10
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
# 计算节点
# 网卡 1
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
DEFROUTE=no
IPADDR=10.0.0.20
NETMASK=255.255.255.0
GATEWAY=10.0.0.1
# 网卡2
vi /etc/sysconfig/network-scripts/ifcfg-eth1
BOOTPROTO=static
IPADDR=192.168.0.20
NETMASK=255.255.255.0
GATEWAY=192.168.0.1
# 块存储节点
# 网卡 1
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=static
DEFROUTE=no
IPADDR=10.0.0.30
NETMASK=255.255.255.0
GATEWAY=10.0.0.1
# 网卡2 用以 yum 安装服务包
vi /etc/sysconfig/network-scripts/ifcfg-eth0
BOOTPROTO=dhcp
# 各节点
reboot
ping baidu.com
# 如无法连接至互联网则检查 NAT 服务以及默认路由优先级
ip address
ip route
- 配置 Hosts
# 各节点
vi /etc/hosts
10.0.0.10 controller
10.0.0.20 computer
10.0.0.30 block
ping controller
ping computer
ping block
- SSH 免密
# 控制节点
ssh-keygen -t rsa -P "" -f /root/.ssh/id_rsa
ssh-copy-id -i /root/.ssh/id_rsa.pub root@computer
# /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
# The authenticity of host 'computer (10.0.0.20)' can't be established.
# ECDSA key fingerprint is SHA256:9wGS0ZxFE0TAqu8jOUlvCUDoF55pr47Ci5fUC3pS8vQ.
# Are you sure you want to continue connecting (yes/no/[fingerprint])? yes 输入 yes
# /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
# /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
# root@computer's password: 输入节点 root 密码
# Number of key(s) added: 1
# Now try logging into the machine, with: "ssh 'root@computer'"
# and check to make sure that only the key(s) you wanted were added.
ssh-copy-id -i /root/.ssh/id_rsa.pub root@block
# /usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
# The authenticity of host 'block (10.0.0.30)' can't be established.
# ECDSA key fingerprint is SHA256:9wGS0ZxFE0TAqu8jOUlvCUDoF55pr47Ci5fUC3pS8vQ.
# Are you sure you want to continue connecting (yes/no/[fingerprint])? yes 输入 yes
# /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
# /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
# root@block's password: 输入节点 root 密码
# Number of key(s) added: 1
# Now try logging into the machine, with: "ssh 'root@block'"
# and check to make sure that only the key(s) you wanted were added.
ssh computer
ssh block
- 更改 Yum 源为清华源
# 各节点
cp /etc/yum.repos.d/CentOS-Stream-BaseOS.repo /etc/yum.repos.d/CentOS-Stream-BaseOS.repo.bak
sed -i 's/mirrorlist/#mirrorlist/' /etc/yum.repos.d/CentOS-Stream-BaseOS.repo
sed -i 's/#baseurl=http:\/\/mirror.centos.org/baseurl=http:\/\/mirrors.tuna.tsinghua.edu.cn/' /etc/yum.repos.d/CentOS-Stream-BaseOS.repo
yum makecache
- 关闭防火墙
# 各节点
systemctl stop firewalld
systemctl disable firewalld
- 关闭 SELinux
# 各节点
setenforce 0
sed -i 's/^SELINUX=.*/SELINUX=disabled/' /etc/selinux/config
- 修改时区,配置时间同步
# 控制节点
timedatectl set-timezone Asia/Shanghai
# 各节点
yum install chrony -y
cp /etc/chrony.conf /etc/chrony.conf.bak
# 控制节点
vi /etc/chrony.conf
#pool 2.centos.pool.ntp.org iburst
server time1.aliyun.com iburst
allow 10.0.0.0/24
# 计算节点 块存储节点
vi /etc/chrony.conf
#pool 2.centos.pool.ntp.org iburst
server controller iburst
# 各节点
systemctl enable --now chronyd
systemctl status chronyd
chronyc sources
# 控制节点
# MS Name/IP address Stratum Poll Reach LastRx Last sample
# ===============================================================================
# ^* 203.107.6.88 2 6 17 1 +250us[ +296us] +/- 36ms
# 计算节点及块存储节点
# MS Name/IP address Stratum Poll Reach LastRx Last sample
# ===============================================================================
# ^* controller 3 6 17 3 -2592ns[ -21us] +/- 35ms
# ^* 代表同步成功
- 安装 OpenStack packages
yum install centos-release-openstack-yoga -y
yum config-manager --set-enabled powertools
yum upgrade -y
yum install python3-openstackclient -y
yum install openstack-selinux -y
主菜
本章节内容:各个节点的所需服务的安装步骤。
控制节点
- 数据库
yum install mariadb mariadb-server python3-PyMySQL -y
cp /etc/my.cnf.d/openstack.cnf /etc/my.cnf.d/openstack.cnf.bak
# 没有则新建
vi /etc/my.cnf.d/openstack.cnf
[mysqld]
bind-address = 10.0.0.10
# 根据控制节点管理网络 IP 修改
default-storage-engine = innodb
innodb_file_per_table = on
max_connections = 4096
collation-server = utf8_general_ci
character-set-server = utf8
:wq
systemctl enable mariadb --now
systemctl status mariadb
mysql_secure_installation
Enter current password for root (enter for none): 回车
Set root password? [Y/n] y
# 将要求输入数据库 root 账户密码 MARIADB_PASS
Remove anonymous users? [Y/n] y
Disallow root login remotely? [Y/n] n
Remove test database and access to it? [Y/n] y
Reload privilege tables now? [Y/n] y
# 验证
mysql -u root -p
- 消息队列
yum install rabbitmq-server -y
systemctl enable rabbitmq-server --now
systemctl status rabbitmq-server
rabbitmqctl add_user openstack RABBIT_PASS
# 注意将 RABBIT_PASS 修改为 消息队列密码
rabbitmqctl set_permissions openstack ".*" ".*" ".*"
- 内存对象缓存
yum install memcached python3-memcached -y
cp /etc/sysconfig/memcached /etc/sysconfig/memcached.bak
vi /etc/sysconfig/memcached
OPTIONS="-l 127.0.0.1,::1,controller"
# 如启动出现绑定失败问题,则修改为
# OPTIONS="-l 127.0.0.1,::1,管理网络IP地址"
:wq
systemctl enable memcached --now
systemctl status memcached
- 环境数据一致性同步
yum install etcd -y
cp /etc/etcd/etcd.conf /etc/etcd/etcd.conf.bak
vi /etc/etcd/etcd.conf
#[Member]
ETCD_DATA_DIR="/var/lib/etcd/default.etcd"
ETCD_LISTEN_PEER_URLS="http://10.0.0.10:2380"
ETCD_LISTEN_CLIENT_URLS="http://10.0.0.10:2379"
ETCD_NAME="controller"
#[Clustering]
ETCD_INITIAL_ADVERTISE_PEER_URLS="http://10.0.0.10:2380"
ETCD_ADVERTISE_CLIENT_URLS="http://10.0.0.10:2379"
ETCD_INITIAL_CLUSTER="controller=http://10.0.0.10:2380"
ETCD_INITIAL_CLUSTER_TOKEN="etcd-cluster-01"
ETCD_INITIAL_CLUSTER_STATE="new"
# 注意 controller 为 控制节点的 hostname 10.0.0.10 为控制节点管理网络的 IP 确保一致性
systemctl enable etcd --now
systemctl status etcd
- 认证服务 Keystone
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)]> CREATE DATABASE keystone;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'localhost' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON keystone.* TO 'keystone'@'%' \
IDENTIFIED BY 'KEYSTONE_DBPASS';
# KEYSTONE_DBPASS 为 Keystone 数据库密码
MariaDB [(none)]> exit
yum install openstack-keystone httpd python3-mod_wsgi -y
cp /etc/keystone/keystone.conf /etc/keystone/keystone.conf.bak
vi /etc/keystone/keystone.conf
[database]
# ...
connection = mysql+pymysql://keystone:KEYSTONE_DBPASS@controller/keystone
# KEYSTONE_DBPASS 为 Keystone 数据库账户密码
[token]
# ...
provider = fernet
:wq
su -s /bin/sh -c "keystone-manage db_sync" keystone
keystone-manage fernet_setup --keystone-user keystone --keystone-group keystone
keystone-manage credential_setup --keystone-user keystone --keystone-group keystone
keystone-manage bootstrap --bootstrap-password ADMIN_PASS \
--bootstrap-admin-url http://controller:5000/v3/ \
--bootstrap-internal-url http://controller:5000/v3/ \
--bootstrap-public-url http://controller:5000/v3/ \
--bootstrap-region-id RegionOne
# ADMIN_PASS 为 admin 账户密码
cp /etc/httpd/conf/httpd.conf /etc/httpd/conf/httpd.conf.bak
vi /etc/httpd/conf/httpd.conf
ServerName controller
ln -s /usr/share/keystone/wsgi-keystone.conf /etc/httpd/conf.d/
systemctl enable httpd --now
systemctl status httpd
source admin-openrc.sh
# service 项目 创建在 default 用于 OpenStack 服务
openstack project create --domain default \
--description "Service Project" service
# +-------------+----------------------------------+
# | Field | Value |
# +-------------+----------------------------------+
# | description | Service Project |
# | domain_id | default |
# | enabled | True |
# | id | 9696d33d99334266a7dcc735ad068550 |
# | is_domain | False |
# | name | service |
# | options | {} |
# | parent_id | default |
# | tags | [] |
# +-------------+----------------------------------+
# 创建一个 RegionOne 域名作为后续云实例创建域名
openstack domain create --description "RegionOne Domain" RegionOne
# 在 RegionOne 域中创建一个 Yoga 项目
openstack project create --domain RegionOne \
--description "Yoga Project" Yoga
# 在 RegionOne 域中创建普通用户 user_dog
openstack user create --domain RegionOne \
--password-prompt user_dog
# 创建普通用户 user_dog 的规则 user_dog_role
openstack role create user_dog_role
# 将规则与用户绑定
openstack role add --project Yoga --user user_dog user_dog_role
# 注:可以重复上边步骤以创建更多项目、用户及规则
# 验证服务可用性
# 卸载 admin 用户的环境
unset OS_AUTH_URL OS_PASSWORD
# 验证 admin 用户可用性
openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name Default --os-user-domain-name Default \
--os-project-name admin --os-username admin token issue
# 输入后将要求输入 管理员 admin 的密码
# 返回 token 信息则服务正常
# 验证 user_dog 用户可用性
openstack --os-auth-url http://controller:5000/v3 \
--os-project-domain-name RegionOne --os-user-domain-name RegionOne \
--os-project-name Yoga --os-username user_dog token issue
source admin-openrc.sh
# 列举当前所有域名
openstack domain list
# +----------------------------------+-----------+---------+--------------------+
# | ID | Name | Enabled | Description |
# +----------------------------------+-----------+---------+--------------------+
# | d1eb84f97aa14741a3911f76e0bad1e7 | RegionOne | True | RegionOne Domain |
# | default | Default | True | The default domain |
# +----------------------------------+-----------+---------+--------------------+
- 镜像服务 Glance
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)]> CREATE DATABASE glance;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'localhost' \
IDENTIFIED BY 'GLANCE_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON glance.* TO 'glance'@'%' \
IDENTIFIED BY 'GLANCE_DBPASS';
将 GLANCE_DBPASS 替换为 glance 服务的密码
MariaDB [(none)]> exit
source admin-openrc.sh
openstack user create --domain default --password-prompt glance
# User Password: GLANCE_PASS
# Repeat User Password: GLANCE_PASS
# 为 Glance 用户添加 admin 规则到系统项目 service
openstack role add --project service --user glance admin
# 没有输出内容
# 为 Glance 添加管理镜像的服务
openstack service create --name glance \
--description "OpenStack Image" image
# +-------------+----------------------------------+
# | Field | Value |
# +-------------+----------------------------------+
# | description | OpenStack Image |
# | enabled | True |
# | id | 97a0f2713e504751a263d852bca8c5c6 |
# | name | glance |
# | type | image |
# +-------------+----------------------------------+
# 为 RegionOne 域名添加服务接口
openstack endpoint create --region RegionOne \
image public http://controller:9292
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | aadbbde7bd9948258dc5f35acdbee92a |
# | interface | public |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 97a0f2713e504751a263d852bca8c5c6 |
# | service_name | glance |
# | service_type | image |
# | url | http://controller:9292 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
image internal http://controller:9292
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | 4a3ca38a9f50426d9fa215e4277ad4d6 |
# | interface | internal |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 97a0f2713e504751a263d852bca8c5c6 |
# | service_name | glance |
# | service_type | image |
# | url | http://controller:9292 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
image admin http://controller:9292
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | 155f303412c44aad8e375ef982e505da |
# | interface | admin |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 97a0f2713e504751a263d852bca8c5c6 |
# | service_name | glance |
# | service_type | image |
# | url | http://controller:9292 |
# +--------------+----------------------------------+
# 指定 glance 服务的限额
# 每个上传镜像的大小 不大于 1000 MB
openstack registered limit create \
--service glance --default-limit 1000 --region RegionOne image_size_total
openstack registered limit create \
--service glance --default-limit 1000 --region RegionOne image_stage_total
# 镜像的总数
openstack registered limit create \
--service glance --default-limit 100 --region RegionOne image_count_total
# 镜像的上传数量
openstack registered limit create \
--service glance --default-limit 100 --region RegionOne image_count_uploading
pip3 install boto3
yum install openstack-glance -y
cp /etc/glance/glance-api.conf /etc/glance/glance-api.conf.bak
vi /etc/glance/glance-api.conf
[DEFAULT]
use_keystone_quotas = True
log_file = /var/log/glance/glance.log
[database]
# ...
connection = mysql+pymysql://glance:GLANCE_DBPASS@controller/glance
# GLANCE_DBPASS 为 Glance 服务的数据库账户密码
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = glance
password = GLANCE_PASS
service_token_roles_required = true
# GLANCE_DBPASS 为 Glance 服务的数据库账户密码
[paste_deploy]
# ...
flavor = keystone
[glance_store]
# ...
# stores = file,http
# default_store = file
default_backend = {'store_one': 'http', 'store_two': 'file'}
filesystem_store_datadir = /var/lib/glance/images/
# 具体多后端配置信息见官方链接 https://docs.openstack.org/glance_store/yoga/reference/api/glance_store.multi_backend.html
# 注:可忽略
[oslo_limit]
auth_url = http://controller:5000
auth_type = password
user_domain_id = default
username = admin
# 使用 admin
system_scope = all
password = ADMIN_PASS
# 使用 admin 用户的密码
endpoint_id = ENDPOINT_ID
# 使用 openstack endpoint list 查询 glance 服务 对应 admin 用户的 endpoint_id
region_name = RegionOne
:wq
# 同步 Glance 数据到数据库
su -s /bin/sh -c "glance-manage db_sync" glance
systemctl enable openstack-glance-api --now
systemctl status openstack-glance-api
# 验证服务可用性
source admin-openrc.sh
wget http://download.cirros-cloud.net/0.5.2/cirros-0.5.2-x86_64-disk.img
glance image-create --name "cirros" \
--file cirros-0.5.2-x86_64-disk.img \
--disk-format qcow2 --container-format bare \
--visibility=public
# +------------------+----------------------------------------------------------------------------------+
# | Property | Value |
# +------------------+----------------------------------------------------------------------------------+
# | checksum | b874c39491a2377b8490f5f1e89761a4 |
# | container_format | bare |
# | created_at | 2022-07-24T17:50:11Z |
# | disk_format | qcow2 |
# | id | 4e022193-03c2-40c4-872f-0adb606f31e4 |
# | min_disk | 0 |
# | min_ram | 0 |
# | name | cirros |
# | os_hash_algo | sha512 |
# | os_hash_value | 6b813aa46bb90b4da216a4d19376593fa3f4fc7e617f03a92b7fe11e9a3981cbe8f0959dbebe3622 |
# | | 5e5f53dc4492341a4863cac4ed1ee0909f3fc78ef9c3e869 |
# | os_hidden | False |
# | owner | e4bf08c8bd814c288852ec8bd48936d4 |
# | protected | False |
# | size | 16300544 |
# | status | active |
# | tags | [] |
# | updated_at | 2022-07-24T17:50:11Z |
# | virtual_size | 117440512 |
# | visibility | public |
# +------------------+----------------------------------------------------------------------------------+
openstack image list
# +--------------------------------------+--------+--------+
# | ID | Name | Status |
# +--------------------------------------+--------+--------+
# | 4e022193-03c2-40c4-872f-0adb606f31e4 | cirros | active |
# +--------------------------------------+--------+--------+
- 安置服务Placement
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)]> CREATE DATABASE placement;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'localhost' \
IDENTIFIED BY 'PLACEMENT_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON placement.* TO 'placement'@'%' \
IDENTIFIED BY 'PLACEMENT_DBPASS';
#PLACEMENT_DBPASS 为 placement 服务的密码
MariaDB [(none)]> exit
openstack user create --domain default --password-prompt placement
# 执行后将要求输入 placement 服务的密码 PLACEMENT_PASS
# User Password: PLACEMENT_PASS
# Repeat User Password: PLACEMENT_PASS
# +---------------------+----------------------------------+
# | Field | Value |
# +---------------------+----------------------------------+
# | domain_id | default |
# | enabled | True |
# | id | d6257b9730fd45c6864a5092d237a6a5 |
# | name | placement |
# | options | {} |
# | password_expires_at | None |
# +---------------------+----------------------------------+
openstack role add --project service --user placement admin
openstack service create --name placement \
--description "Placement API" placement
# +-------------+----------------------------------+
# | Field | Value |
# +-------------+----------------------------------+
# | description | Placement API |
# | enabled | True |
# | id | 3fe738e12ef24c59ad98fab578b263ca |
# | name | placement |
# | type | placement |
# +-------------+----------------------------------+
openstack endpoint create --region RegionOne \
placement public http://controller:8778
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | ece91ac8a6054ce8920392fd88c88c1a |
# | interface | public |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 3fe738e12ef24c59ad98fab578b263ca |
# | service_name | placement |
# | service_type | placement |
# | url | http://controller:8778 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
placement internal http://controller:8778
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | 1d3931e0d4ad47ee9e38c0c66736f87f |
# | interface | internal |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 3fe738e12ef24c59ad98fab578b263ca |
# | service_name | placement |
# | service_type | placement |
# | url | http://controller:8778 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
placement admin http://controller:8778
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | 37bd6f1c52454a87909f039c7ff5b4fb |
# | interface | admin |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | 3fe738e12ef24c59ad98fab578b263ca |
# | service_name | placement |
# | service_type | placement |
# | url | http://controller:8778 |
# +--------------+----------------------------------+
yum install openstack-placement-api -y
cp /etc/placement/placement.conf /etc/placement/placement.conf.bak
vi /etc/placement/placement.conf
[placement_database]
# ...
connection = mysql+pymysql://placement:PLACEMENT_DBPASS@controller/placement
# PLACEMENT_DBPASS 为 placement 服务的数据库账户密码
[api]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
auth_url = http://controller:5000/v3
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = placement
password = PLACEMENT_PASS
# PLACEMENT_PASS 为 placement 服务的密码
:wq
su -s /bin/sh -c "placement-manage db sync" placement
systemctl restart httpd
systemctl status httpd
cp /etc/placement/policy.json /etc/placement/policy.json.bak
oslopolicy-convert-json-to-yaml --namespace placement \
--policy-file /etc/placement/policy.json \
--output-file /etc/placement/policy.yaml
rm -f /etc/placement/policy.json
# 验证服务
source admin-openrc.sh
placement-status upgrade check
# +-------------------------------------------+
# | Upgrade Check Results |
# +-------------------------------------------+
# | Check: Missing Root Provider IDs |
# | Result: Success |
# | Details: None |
# +-------------------------------------------+
# | Check: Incomplete Consumers |
# | Result: Success |
# | Details: None |
# +-------------------------------------------+
# | Check: Policy File JSON to YAML Migration |
# | Result: Success |
# | Details: None |
# +-------------------------------------------+
yum install python3-osc-placement -y
cp /etc/httpd/conf.d/00-placement-api.conf /etc/httpd/conf.d/00-placement-api.conf.bak
vi /etc/httpd/conf.d/00-placement-api.conf
# 在 listen 8778 下一行处添加
<Files "placement-api">
Require all granted
</Files>
:wq
systemctl restart httpd
systemctl status httpd
# 验证
openstack --os-placement-api-version 1.2 resource class list --sort-column name
# +----------------------------------------+
# | name |
# +----------------------------------------+
# | DISK_GB |
# | FPGA |
# | IPV4_ADDRESS |
# | MEMORY_MB |
# | MEM_ENCRYPTION_CONTEXT |
# | NET_BW_EGR_KILOBIT_PER_SEC |
# | NET_BW_IGR_KILOBIT_PER_SEC |
# | NET_PACKET_RATE_EGR_KILOPACKET_PER_SEC |
# | NET_PACKET_RATE_IGR_KILOPACKET_PER_SEC |
# | NET_PACKET_RATE_KILOPACKET_PER_SEC |
# | NUMA_CORE |
# | NUMA_MEMORY_MB |
# | NUMA_SOCKET |
# | NUMA_THREAD |
# | PCI_DEVICE |
# | PCPU |
# | PGPU |
# | SRIOV_NET_VF |
# | VCPU |
# | VGPU |
# | VGPU_DISPLAY_HEAD |
# +----------------------------------------+
openstack --os-placement-api-version 1.6 trait list --sort-column name
# +---------------------------------------+
# | name |
# +---------------------------------------+
# | COMPUTE_ACCELERATORS |
# | COMPUTE_ARCH_AARCH64 |
# | COMPUTE_ARCH_MIPSEL |
# | COMPUTE_ARCH_PPC64LE |
# | COMPUTE_ARCH_RISCV64 |
# | COMPUTE_ARCH_S390X |
# | COMPUTE_ARCH_X86_64 |
# | COMPUTE_DEVICE_TAGGING |
# ...
- 计算服务Nova
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)]> CREATE DATABASE nova_api;
MariaDB [(none)]> CREATE DATABASE nova;
MariaDB [(none)]> CREATE DATABASE nova_cell0;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_api.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'localhost' \
IDENTIFIED BY 'NOVA_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON nova_cell0.* TO 'nova'@'%' \
IDENTIFIED BY 'NOVA_DBPASS';
# NOVA_DBPASS 为 nova 服务的密码
MariaDB [(none)]> exit
source admin-openrc.sh
openstack user create --domain default --password-prompt nova
# 将要求输入 nova 服务的密码 NOVA_PASS
# User Password: NOVA_PASS
# Repeat User Password: NOVA_PASS
# +---------------------+----------------------------------+
# | Field | Value |
# +---------------------+----------------------------------+
# | domain_id | default |
# | enabled | True |
# | id | ea8cc01ac5094751bdac3c49ead28bec |
# | name | nova |
# | options | {} |
# | password_expires_at | None |
# +---------------------+----------------------------------+
openstack role add --project service --user nova admin
openstack service create --name nova \
--description "OpenStack Compute" compute
# +-------------+----------------------------------+
# | Field | Value |
# +-------------+----------------------------------+
# | description | OpenStack Compute |
# | enabled | True |
# | id | b427b5b5434f4edba1dd157a01a45d12 |
# | name | nova |
# | type | compute |
# +-------------+----------------------------------+
openstack endpoint create --region RegionOne \
compute public http://controller:8774/v2.1
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | e8689643fe714c459c2b7d1b885ec72d |
# | interface | public |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | b427b5b5434f4edba1dd157a01a45d12 |
# | service_name | nova |
# | service_type | compute |
# | url | http://controller:8774/v2.1 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
compute internal http://controller:8774/v2.1
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | d6ac010e63c8455f98ea04f6886adfb5 |
# | interface | internal |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | b427b5b5434f4edba1dd157a01a45d12 |
# | service_name | nova |
# | service_type | compute |
# | url | http://controller:8774/v2.1 |
# +--------------+----------------------------------+
openstack endpoint create --region RegionOne \
compute admin http://controller:8774/v2.1
# +--------------+----------------------------------+
# | Field | Value |
# +--------------+----------------------------------+
# | enabled | True |
# | id | 695e0d4dba934af2844fef47488630bc |
# | interface | admin |
# | region | RegionOne |
# | region_id | RegionOne |
# | service_id | b427b5b5434f4edba1dd157a01a45d12 |
# | service_name | nova |
# | service_type | compute |
# | url | http://controller:8774/v2.1 |
# +--------------+----------------------------------+
yum install -y \
openstack-nova-api \
openstack-nova-scheduler \
openstack-nova-conductor \
openstack-nova-novncproxy \
iptables
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
vi /etc/nova/nova.conf
[DEFAULT]
# …
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@controller:5672/
# RABBIT_PASS rabbitmq 密码
my_ip = 10.0.0.10
# 控制节点控制网络的 IP
log_file = /var/log/nova/nova-controller.log
rootwrap_config = /etc/nova/rootwrap.conf
[api_database]
# ...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova_api
# NOVA_DBPASS 为数据库 Nova 账户密码
[database]
# ...
connection = mysql+pymysql://nova:NOVA_DBPASS@controller/nova
# NOVA_DBPASS 为数据库 Nova 账户密码
[api]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
# NOVA_PASS 为 Nova 服务的密码
[vnc]
enabled = true
# ...
server_listen = $my_ip
server_proxyclient_address = $my_ip
[glance]
# ...
api_servers = http://controller:9292
[oslo_concurrency]
# ...
lock_path = /var/run/nova
[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS
# PLACEMENT_PASS 为 placement 服务的密码
:wq
su -s /bin/sh -c "nova-manage api_db sync" nova
cp /etc/nova/policy.json /etc/nova/policy.json.bak
oslopolicy-convert-json-to-yaml --namespace nova \
--policy-file /etc/nova/policy.json \
--output-file /etc/nova/policy.yaml
rm -f /etc/nova/policy.json
su -s /bin/sh -c "nova-manage cell_v2 map_cell0" nova
su -s /bin/sh -c "nova-manage cell_v2 create_cell --name=cell1 --verbose" nova
# --transport-url not provided in the command line, using the value [DEFAULT]/transport_url from the configuration file
# --database_connection not provided in the command line, using the value [database]/connection from the configuration file
# ab6ff38c-d05a-40b9-bbb6-8306a048e38e
# 如有以上提示请忽略,cell 将以 nova.conf 配置文件内的地址进行创建
su -s /bin/sh -c "nova-manage db sync" nova
# 验证
su -s /bin/sh -c "nova-manage cell_v2 list_cells" nova
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| Name | UUID | Transport URL | Database Connection | Disabled |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
| cell0 | 00000000-0000-0000-0000-000000000000 | none:/ | mysql+pymysql://nova:****@controller/nova_cell0 | False |
| cell1 | ab6ff38c-d05a-40b9-bbb6-8306a048e38e | rabbit://openstack:****@controller:5672/ | mysql+pymysql://nova:****@controller/nova | False |
+-------+--------------------------------------+------------------------------------------+-------------------------------------------------+----------+
systemctl enable --now \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
systemctl status \
openstack-nova-api.service \
openstack-nova-scheduler.service \
openstack-nova-conductor.service \
openstack-nova-novncproxy.service
- 网络服务Neutron
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)] CREATE DATABASE neutron;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'localhost' \
IDENTIFIED BY 'NEUTRON_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON neutron.* TO 'neutron'@'%' \
IDENTIFIED BY 'NEUTRON_DBPASS';
# NEUTRON_DBPASS 为数据库 neutron 账户的密码
MariaDB [(none)]> exit
source admin-openrc.sh
openstack user create --domain default --password-prompt neutron
# 将要求输入密码 此密码为 neutron 服务的密码 NEUTRON_PASS
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 33703cb73a484af4b6ec741e2c02e348 |
| name | neutron |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
openstack role add --project service --user neutron admin
openstack service create --name neutron \
--description "OpenStack Networking" network
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Networking |
| enabled | True |
| id | 76470167718f4710a721374a929ab204 |
| name | neutron |
| type | network |
+-------------+----------------------------------+
openstack endpoint create --region RegionOne \
network public http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 1b706912b617465892e1a7e1e5d3a924 |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 76470167718f4710a721374a929ab204 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
network internal http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 27a6cddb66e443fa801a72b56bacb5c4 |
| interface | internal |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 76470167718f4710a721374a929ab204 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
openstack endpoint create --region RegionOne \
network admin http://controller:9696
+--------------+----------------------------------+
| Field | Value |
+--------------+----------------------------------+
| enabled | True |
| id | 9fbeeec5c30a4c7e86ad3052c78c4084 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | 76470167718f4710a721374a929ab204 |
| service_name | neutron |
| service_type | network |
| url | http://controller:9696 |
+--------------+----------------------------------+
# 选择安装 大二层 网络
yum install openstack-neutron openstack-neutron-ml2 \
openstack-neutron-linuxbridge ebtables -y
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
vi /etc/neutron/neutron.conf
[database]
# ...
connection = mysql+pymysql://neutron:NEUTRON_DBPASS@controller/neutron
# NEUTRON_DBPASS为 数据库 neutron 账户密码
[DEFAULT]
# ...
core_plugin = ml2
service_plugins = router
allow_overlapping_ips = true
transport_url = rabbit://openstack:RABBIT_PASS@controller
auth_strategy = keystone
notify_nova_on_port_status_changes = true
notify_nova_on_port_data_changes = true
# RABBIT_PASS 为 消息队列密码
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
# NEUTRON_PASS为 neutron 服务密码
[nova]
# ...
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = nova
password = NOVA_PASS
# [nova] 没有则添加
# NOVA_PASS 为 Nova 服务密码
[oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp
:wq
cp /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugins/ml2/ml2_conf.ini.bak
vi /etc/neutron/plugins/ml2/ml2_conf.ini
[ml2]
# ...
type_drivers = flat,vlan,vxlan
tenant_network_types = vxlan
mechanism_drivers = linuxbridge,l2population
extension_drivers = port_security
[ml2_type_flat]
# ...
flat_networks = provider
[ml2_type_vxlan]
# ...
vni_ranges = 1:1000
[securitygroup]
# ...
enable_ipset = true
# 没有则添加
:wq
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME
# PROVIDER_INTERFACE_NAME 为 服务提供网络所对应的网卡编号
[vxlan]
enable_vxlan = true
local_ip = OVERLAY_INTERFACE_IP_ADDRESS
l2_population = true
# OVERLAY_INTERFACE_IP_ADDRESS 为管理网络 控制节点的 IP 即 controller IP
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
# 没有则添加
:wq
modprobe br_netfilter
cat >>/etc/rc.sysinit<<EOF
#!/bin/bash
for file in /etc/sysconfig/modules/*.modules ; do
[ -x $file ] && $file
done
EOF
echo "modprobe br_netfilter" >/etc/sysconfig/modules/br_netfilter.modules
chmod 755 /etc/sysconfig/modules/br_netfilter.modules
sysctl -a | grep net.bridge.bridge-nf-call
# net.bridge.bridge-nf-call-arptables = 1
# net.bridge.bridge-nf-call-ip6tables = 1
# net.bridge.bridge-nf-call-iptables = 1
cp /etc/neutron/l3_agent.ini /etc/neutron/l3_agent.ini.bak
vi /etc/neutron/l3_agent.ini
[DEFAULT]
# ...
interface_driver = linuxbridge
cp /etc/neutron/dhcp_agent.ini /etc/neutron/dhcp_agent.ini.bak
vi /etc/neutron/dhcp_agent.ini
[DEFAULT]
# ...
interface_driver = linuxbridge
dhcp_driver = neutron.agent.linux.dhcp.Dnsmasq
enable_isolated_metadata = true
cp /etc/neutron/metadata_agent.ini /etc/neutron/metadata_agent.ini.bak
vi /etc/neutron/metadata_agent.ini
[DEFAULT]
# ...
nova_metadata_host = controller
metadata_proxy_shared_secret = METADATA_SECRET
# METADATA_SECRET 为 元数据 的密钥
vi /etc/nova/nova.conf
[neutron]
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
service_metadata_proxy = true
metadata_proxy_shared_secret = METADATA_SECRET
# NEUTRON_PASS 为 neutron 服务的密码
# METADATA_SECRET 为上边设置的元数据密钥
:wq
ln -s /etc/neutron/plugins/ml2/ml2_conf.ini /etc/neutron/plugin.ini
su -s /bin/sh -c "neutron-db-manage --config-file /etc/neutron/neutron.conf \
--config-file /etc/neutron/plugins/ml2/ml2_conf.ini upgrade head" neutron
systemctl restart openstack-nova-api
systemctl status openstack-nova-api
systemctl enable --now neutron-server.service \
neutron-linuxbridge-agent.service neutron-dhcp-agent.service \
neutron-metadata-agent.service neutron-l3-agent.service
systemctl status neutron-server.service neutron-linuxbridge-agent.service neutron-dhcp-agent.service neutron-metadata-agent.service neutron-l3-agent.service
# 等待 计算节点 安装 neutron 后进行验证
- 块存储服务Cinder
mysql -u root -p
# MARIADB_PASS
MariaDB [(none)]> CREATE DATABASE cinder;
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'localhost' \
IDENTIFIED BY 'CINDER_DBPASS';
MariaDB [(none)]> GRANT ALL PRIVILEGES ON cinder.* TO 'cinder'@'%' \
IDENTIFIED BY 'CINDER_DBPASS';
# CINDER_DBPASS 为 cinder 数据库账户密码
MariaDB [(none)]> exit
source admin-openrc.sh
openstack user create --domain default --password-prompt cinder
# 将要求输入 cinder 服务的密码 CINDER_PASS
User Password:
Repeat User Password:
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| domain_id | default |
| enabled | True |
| id | 6aebd9fadf2d4d1fa16a6dd87ed704c5 |
| name | cinder |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
openstack role add --project service --user cinder admin
openstack service create --name cinderv3 \
--description "OpenStack Block Storage" volumev3
openstack endpoint create --region RegionOne \
volumev3 public http://controller:8776/v3/%\(project_id\)s
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | OpenStack Block Storage |
| enabled | True |
| id | fef484b5fc364720a7bd613fc60eb814 |
| name | cinderv3 |
| type | volumev3 |
+-------------+----------------------------------+
openstack endpoint create --region RegionOne \
volumev3 internal http://controller:8776/v3/%\(project_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | fa2322b2a3014d8a9b23932978330f4b |
| interface | public |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fef484b5fc364720a7bd613fc60eb814 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://controller:8776/v3/%(project_id)s |
+--------------+------------------------------------------+
openstack endpoint create --region RegionOne \
volumev3 admin http://controller:8776/v3/%\(project_id\)s
+--------------+------------------------------------------+
| Field | Value |
+--------------+------------------------------------------+
| enabled | True |
| id | 34f4c7d3a2714a4ab9be1e42c319de98 |
| interface | admin |
| region | RegionOne |
| region_id | RegionOne |
| service_id | fef484b5fc364720a7bd613fc60eb814 |
| service_name | cinderv3 |
| service_type | volumev3 |
| url | http://controller:8776/v3/%(project_id)s |
+--------------+------------------------------------------+
yum install openstack-cinder -y
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
vi /etc/cinder/cinder.conf
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
auth_strategy = keystone
my_ip = 10.0.0.10
# 控制节点管理网络 IP
[database]
# ...
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
# CINDER_DBPASS 为数据库 Cinder 账户密码
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
# CINDER_PASS 为 Cinder 服务密码
[oslo_concurrency]
# ...
lock_path = /var/lib/cinder/tmp
:wq
su -s /bin/sh -c "cinder-manage db sync" cinder
vi /etc/nova/nova.conf
[cinder]
os_region_name = RegionOne
systemctl restart openstack-nova-api.service
systemctl status openstack-nova-api.service
systemctl enable --now openstack-cinder-api.service openstack-cinder-scheduler.service
systemctl status openstack-cinder-api.service openstack-cinder-scheduler.service
# 等待块存储节点 Cinder 安装完成后进行验证
- Web 管理页面(Dashboard)horizon
yum install openstack-dashboard -y
cp /etc/openstack-dashboard/local_settings /etc/openstack-dashboard/local_settings.bak
vi /etc/openstack-dashboard/local_settings
OPENSTACK_HOST = "controller"
ALLOWED_HOSTS = ['*']
SESSION_ENGINE = 'django.contrib.sessions.backends.cache'
CACHES = {
'default': {
'BACKEND': 'django.core.cache.backends.memcached.MemcachedCache',
'LOCATION': 'controller:11211',
}
}
OPENSTACK_KEYSTONE_URL = "http://%s:5000/identity/v3" % OPENSTACK_HOST
OPENSTACK_KEYSTONE_MULTIDOMAIN_SUPPORT = True
OPENSTACK_API_VERSIONS = {
"identity": 3,
"image": 2,
"volume": 3,
}
OPENSTACK_KEYSTONE_DEFAULT_DOMAIN = "Default"
OPENSTACK_KEYSTONE_DEFAULT_ROLE = "user"
TIME_ZONE = "Asia/Shanghai"
# 有则修改没有则添加
:wq
cp /etc/httpd/conf.d/openstack-dashboard.conf /etc/httpd/conf.d/openstack-dashboard.conf.bak
python3 /usr/share/openstack-dashboard/manage.py make_web_conf --apache > /etc/httpd/conf.d/openstack-dashboard.conf
systemctl restart httpd
systemctl status httpd
# 验证
# 访问 http://部署 Dashboard 的控制节点 ip
# 登录用户密码 可使用 admin 或 user_dog
# 域名 使用 RegionOne
计算节点
- 计算服务Nova
yum install openstack-nova-compute -y
cp /etc/nova/nova.conf /etc/nova/nova.conf.bak
vi /etc/nova/nova.conf
[DEFAULT]
# ...
enabled_apis = osapi_compute,metadata
transport_url = rabbit://openstack:RABBIT_PASS@controller
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
compute_driver=libvirt.LibvirtDriver
log_file = /var/log/nova/nova-computer.log
# MANAGEMENT_INTERFACE_IP_ADDRESS 替换为 管理网络 IP 地址
[api]
# ...
auth_strategy = keystone
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000/
auth_url = http://controller:5000/
memcached_servers = controller:11211
auth_type = password
project_domain_name = Default
user_domain_name = Default
project_name = service
username = nova
password = NOVA_PASS
[vnc]
# ...
enabled = true
server_listen = 0.0.0.0
server_proxyclient_address = $my_ip
novncproxy_base_url = http://ManagementIP:6080/vnc_auto.html
# 将 ManagementIP 修改为控制节点管理网络 IP
[glance]
# ...
api_servers = http://controller:9292
[oslo_concurrency]
# ...
lock_path = /var/lib/nova/tmp
[placement]
# ...
region_name = RegionOne
project_domain_name = Default
project_name = service
auth_type = password
user_domain_name = Default
auth_url = http://controller:5000/v3
username = placement
password = PLACEMENT_PASS
# PLACEMENT_PASS 为 Placement 服务密码
[neutron]
# ...
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
# NEUTRON_PASS 为 Neutron 服务密码
:wq
egrep -c '(vmx|svm)' /proc/cpuinfo
# 如果返回值大于 1 则说明已经开启硬件虚拟化,无需配置 qemu
# 如等于 0 ,则需要配置 qemu 以代替默认的 kvm
vi /etc/nova/nova.conf
[libvirt]
# ...
virt_type = qemu
# 以上配置仅当 egrep -c '(vmx|svm)' /proc/cpuinfo 结果为 0 时才进行配置
mkdir -p /usr/lib/python3.6/site-packages/instances
chmod +777 /usr/lib/python3.6/site-packages/instances
systemctl enable libvirtd.service openstack-nova-compute.service --now
systemctl status libvirtd.service openstack-nova-compute.service
# 在控制节点执行验证
source admin-openrc.sh
openstack compute service list --service nova-compute
+--------------------------------------+--------------+----------+------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+--------------------------------------+--------------+----------+------+---------+-------+----------------------------+
| 542d6911-ba76-450a-b235-014bb722097b | nova-compute | computer | nova | enabled | up | 2022-07-27T08:34:59.000000 |
+--------------------------------------+--------------+----------+------+---------+-------+----------------------------+
su -s /bin/sh -c "nova-manage cell_v2 discover_hosts --verbose" nova
# Found 2 cell mappings.
# Skipping cell0 since it does not contain hosts.
# Getting computes from cell 'cell1': ab6ff38c-d05a-40b9-bbb6-8306a048e38e
# Checking host mapping for compute host 'computer': f5c0a1d3-4380-4d5d-8579-4667998ca06a
# Creating host mapping for compute host 'computer': f5c0a1d3-4380-4d5d-8579-4667998ca06a
# Found 1 unmapped computes in cell: ab6ff38c-d05a-40b9-bbb6-8306a048e38e
openstack compute service list
+--------------------------------------+----------------+------------+----------+---------+-------+----------------------------+
| ID | Binary | Host | Zone | Status | State | Updated At |
+--------------------------------------+----------------+------------+----------+---------+-------+----------------------------+
| 36fcb09d-1ef3-4e18-b5f5-26671d900e39 | nova-conductor | controller | internal | enabled | up | 2022-07-27T08:37:13.000000 |
| 8f2e62b2-92cd-4a19-a25a-cbdebac5670f | nova-scheduler | controller | internal | enabled | up | 2022-07-27T08:37:13.000000 |
| 542d6911-ba76-450a-b235-014bb722097b | nova-compute | computer | nova | enabled | up | 2022-07-27T08:37:09.000000 |
+--------------------------------------+----------------+------------+----------+---------+-------+----------------------------+
openstack catalog list
+-----------+-----------+----------------------------------------------------------------------+
| Name | Type | Endpoints |
+-----------+-----------+----------------------------------------------------------------------+
| placement | placement | RegionOne |
| | | internal: http://controller:8778 |
| | | RegionOne |
| | | admin: http://controller:8778 |
| | | RegionOne |
| | | public: http://controller:8778 |
| | | |
| keystone | identity | RegionOne |
| | | admin: http://controller:5000/v3/ |
| | | RegionOne |
| | | internal: http://controller:5000/v3/ |
| | | RegionOne |
| | | public: http://controller:5000/v3/ |
| | | |
| neutron | network | RegionOne |
| | | public: http://controller:9696 |
| | | RegionOne |
| | | internal: http://controller:9696 |
| | | RegionOne |
| | | admin: http://controller:9696 |
| | | |
| glance | image | RegionOne |
| | | admin: http://controller:9292 |
| | | RegionOne |
| | | internal: http://controller:9292 |
| | | RegionOne |
| | | public: http://controller:9292 |
| | | |
| nova | compute | RegionOne |
| | | admin: http://controller:8774/v2.1 |
| | | RegionOne |
| | | internal: http://controller:8774/v2.1 |
| | | RegionOne |
| | | public: http://controller:8774/v2.1 |
| | | |
| cinderv3 | volumev3 | RegionOne |
| | | admin: http://controller:8776/v3/e4bf08c8bd814c288852ec8bd48936d4 |
| | | RegionOne |
| | | public: http://controller:8776/v3/e4bf08c8bd814c288852ec8bd48936d4 |
| | | |
+-----------+-----------+----------------------------------------------------------------------+
openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 4e022193-03c2-40c4-872f-0adb606f31e4 | cirros | active |
+--------------------------------------+--------+--------+
nova-status upgrade check
+-------------------------------------------+
| Upgrade Check Results |
+-------------------------------------------+
| Check: Cells v2 |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: Placement API |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: Cinder API |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: Policy Scope-based Defaults |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: Policy File JSON to YAML Migration |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: Older than N-1 computes |
| Result: Success |
| Details: None |
+-------------------------------------------+
| Check: hw_machine_type unset |
| Result: Success |
| Details: None |
+-------------------------------------------+
- 网络服务Neutron
yum install openstack-neutron-linuxbridge ebtables ipset -y
cp /etc/neutron/neutron.conf /etc/neutron/neutron.conf.bak
vi /etc/neutron/neutron.conf
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
# RABBIT_PASS 为 控制节点 消息队列 密码
auth_strategy = keystone
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = neutron
password = NEUTRON_PASS
# NEUTRON_PASS 为控制节点 neutron 服务密码
[oslo_concurrency]
# ...
lock_path = /var/lib/neutron/tmp
:wq
cp /etc/neutron/plugins/ml2/linuxbridge_agent.ini /etc/neutron/plugins/ml2/linuxbridge_agent.ini.bak
vi /etc/neutron/plugins/ml2/linuxbridge_agent.ini
[linux_bridge]
physical_interface_mappings = provider:PROVIDER_INTERFACE_NAME
# PROVIDER_INTERFACE_NAME 为 计算节点 服务提供网络对应的网卡名
[vxlan]
enable_vxlan = true
local_ip = OVERLAY_INTERFACE_IP_ADDRESS
l2_population = true
# OVERLAY_INTERFACE_IP_ADDRESS 为 计算节点 管理网络的 IP 地址
[securitygroup]
# ...
enable_security_group = true
firewall_driver = neutron.agent.linux.iptables_firewall.IptablesFirewallDriver
:wq
modprobe br_netfilter
cat >>/etc/rc.sysinit<<EOF
#!/bin/bash
for file in /etc/sysconfig/modules/*.modules ; do
[ -x $file ] && $file
done
EOF
echo "modprobe br_netfilter" >/etc/sysconfig/modules/br_netfilter.modules
chmod 755 /etc/sysconfig/modules/br_netfilter.modules
sysctl -a | grep net.bridge.bridge-nf-call
# net.bridge.bridge-nf-call-arptables = 1
# net.bridge.bridge-nf-call-ip6tables = 1
# net.bridge.bridge-nf-call-iptables = 1
vi /etc/nova/nova.conf
[neutron]
# ...
auth_url = http://controller:5000
auth_type = password
project_domain_name = default
user_domain_name = default
region_name = RegionOne
project_name = service
username = neutron
password = NEUTRON_PASS
# NEUTRON_PASS 为 Neutron 服务密码
systemctl restart openstack-nova-compute.service
systemctl enable neutron-linuxbridge-agent.service --now
systemctl status neutron-linuxbridge-agent.service
# 验证
# 控制节点执行
source admin-openrc.sh
openstack network agent list
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| ID | Agent Type | Host | Availability Zone | Alive | State | Binary |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
| 17ad640e-4133-4cb7-b6b0-ad8fe928d2ef | Linux bridge agent | computer | None | :-) | UP | neutron-linuxbridge-agent |
| 935d609d-2a90-4c3c-8676-a577d5f755a4 | DHCP agent | controller | nova | :-) | UP | neutron-dhcp-agent |
| af61a325-8aee-41b5-9997-6ff9a92e928e | L3 agent | controller | nova | :-) | UP | neutron-l3-agent |
| c4ad2fee-93b7-4dd8-813f-0fbc2ec9dd2e | Linux bridge agent | controller | None | :-) | UP | neutron-linuxbridge-agent |
| e4889820-19b4-4fd3-a5af-98f8586c2882 | Metadata agent | controller | None | :-) | UP | neutron-metadata-agent |
+--------------------------------------+--------------------+------------+-------------------+-------+-------+---------------------------+
# 确保以上五个 Agent 都为 :-) 及 UP
块存储节点
- 块存储服务Cinder
yum install lvm2 device-mapper-persistent-data -y
systemctl enable lvm2-lvmetad.service --now
# 如显示不存在则说明系统默认安装了 lvm 以上步骤可忽略
fdisk -l
# 查看 块存储 所部署的 磁盘 代号
pvcreate /dev/sdb
# Physical volume "/dev/sdb" successfully created.
vgcreate cinder-volumes /dev/sdb
# Volume group "cinder-volumes" successfully created
# sdb 为划分给块存储使用的磁盘
# 如有多个磁盘,则需重复以上两个命令
cp /etc/lvm/lvm.conf /etc/lvm/lvm.conf.bak
vi /etc/lvm/lvm.conf
devices {
...
filter = [ "a/sdb/", "r/.*/"]
}
# 如有多个磁盘,则将磁盘编号以固定格式添加到过滤设备中,例如有两个磁盘 sdb sdc ,则为 filter = [ "a/sdb/", "a/sdc/","r/.*/"]
yum install openstack-cinder targetcli -y
cp /etc/cinder/cinder.conf /etc/cinder/cinder.conf.bak
vi /etc/cinder/cinder.conf
[DEFAULT]
# ...
transport_url = rabbit://openstack:RABBIT_PASS@controller
auth_strategy = keystone
my_ip = MANAGEMENT_INTERFACE_IP_ADDRESS
enabled_backends = lvm
glance_api_servers = http://controller:9292
# MANAGEMENT_INTERFACE_IP_ADDRESS 为块存储节点 管理网络 的接口IP
[database]
# ...
connection = mysql+pymysql://cinder:CINDER_DBPASS@controller/cinder
# CINDER_DBPASS 为数据库 Cinder 账户密码
[keystone_authtoken]
# ...
www_authenticate_uri = http://controller:5000
auth_url = http://controller:5000
memcached_servers = controller:11211
auth_type = password
project_domain_name = default
user_domain_name = default
project_name = service
username = cinder
password = CINDER_PASS
# CINDER_PASS 为 cinder 数据库账户密码
[lvm]
volume_driver = cinder.volume.drivers.lvm.LVMVolumeDriver
volume_group = cinder-volumes
target_protocol = iscsi
target_helper = lioadm
# [lvm] 没有则新建
[oslo_concurrency]
# ...
lock_path = /var/lib/cinder/tmp
:wq
systemctl enable openstack-cinder-volume.service target.service --now
systemctl status openstack-cinder-volume.service target.service
# 验证
# 控制节点执行
source admin-openrc.sh
openstack volume service list
+------------------+------------+------+---------+-------+----------------------------+
| Binary | Host | Zone | Status | State | Updated At |
+------------------+------------+------+---------+-------+----------------------------+
| cinder-scheduler | controller | nova | enabled | up | 2022-07-27T08:54:07.000000 |
| cinder-volume | block@lvm | nova | enabled | up | 2022-07-27T08:54:04.000000 |
+------------------+------------+------+---------+-------+----------------------------+
蔬菜
本章节内容:检查所有组件日志,确保正常运行。
控制节点
- 身份认证服务 Keystone
tail -10 /var/log/keystone/keystone.log | grep ERROR
- 镜像服务 Glance
tail -10 /var/log/glance/glance.log | grep ERROR
- 安置服务 Placement
tail -10 /var/log/placement/placement-api.log | grep ERROR
- 计算服务 Nova
tail -10 /var/log/nova/nova-controller.log | grep ERROR
- 网络服务 Neutron
# dhcp 服务
tail -10 /var/log/neutron/dhcp-agent.log | grep ERROR
# Linux 网桥服务
tail -10 /var/log/neutron/linuxbridge-agent.log | grep ERROR
# Neutron 服务
tail -10 /var/log/neutron/server.log | grep ERROR
# 三层服务
tail -10 /var/log/neutron/l3-agent.log | grep ERROR
# 元数据服务
tail -10 /var/log/neutron/metadata-agent.log | grep ERROR
- 块存储服务 Cinder
tail -10 /var/log/cinder/api.log | grep ERROR
tail -10 /var/log/cinder/scheduler.log | grep ERROR
- Dashboard Horizon
# Apache 登录日志
tail -100 /var/log/httpd/access_log
# Apache 错误日志
tail -100 /var/log/httpd/error_log
# Keystone 登录日志
tail -10 /var/log/httpd/keystone_access.log | grep ERROR
# Keystone 日志
tail -10 /var/log/httpd/keystone.log | grep ERROR
# Dashboard 登录日志
tail -10 /var/log/httpd/openstack_dashboard-access.log | grep ERROR
# Dashboard 错误日志
tail -10 /var/log/httpd/openstack_dashboard-error.log | grep ERROR
计算节点
- 计算服务 Nova
# Nova 服务
tail -10 /var/log/nova/nova-computer.log | grep ERROR
# libvirt 服务 连接底层虚拟化
ll /var/log/libvirt/
- 网络服务 Neutron
tail -10 /var/log/cinder/volume.log | grep ERROR
块存储节点
tail -10 /var/log/cinder/volume.log | grep ERROR
甜点
本章节内容:使用 Dashboard 部署一个实例。
1. 登录Dashboard
将管理计算机接入 OpenStack 管理网络,通过浏览器打开控制节点 IP 地址,此处为 10.0.0.10
http://10.0.0.10
如严格按照以上步骤部署 OpenStack ,那么目前系统中包含两个账户、两个域名及一个项目,分别为 admin 与 user_dog 账户、default 与 RegionOne 域名、Yoga 项目,后续将演示使用 admin 账户进行云实例创建。
注意:admin 默认在 default 域中,如有需要可以将其添加入 RegionOne 域
2. 创建一个最小实例规格
左侧选择管理员,点击计算,点击实例类型,右侧点击创建实例类型。
根据以上图片步骤依次填入:实例名称、VCPU数量、内存大小、根磁盘大小,确认无误后点击创建实例类型。
创建完成。
3. 上传系统镜像
左侧选择管理员,点击计算,点击镜像,右侧点击创建镜像。
根据以上图片步骤依次填入:镜像名称、选择文件、镜像格式、最小磁盘、最低内存,确认无误后点击创建镜像。
注:演示上传的 img 镜像格式需选用 QCOW2 - QEMU模拟器 才可正常加载。
4. 创建虚拟网络
注:演示仅创建内部网络
左侧选择管理员,点击网络,点击网络,右侧点击创建网络。
根据以上图片步骤依次填入:名称、项目、供应商网络类型、段ID、共享的,确认无误后点击下一步。
根据以上图片步骤依次填入:子网名称、网络地址、网关IP,确认无误后点击下一步。
根据以上图片步骤填入:分配地址池,然后点击创建。
5. 创建虚拟机实例
左侧选择项目,点击计算,点击实例,右侧点击创建实例。
填写实例名称
选择卷大小,将删除实例时删除卷选上(否者删除实例后系统不会自行删除旧卷,照成空间浪费),选择可用的镜像
选择可用的实例类型
选择可用的内部网络,并点击创建实例,等待系统调度部署实例。
6. 连接虚拟机实例
连接云内虚拟机实例有两种常用方式:远程连接协议 与 VNC。
方式一,远程连接协议:
使用远程连接协议管理虚拟机需要为虚拟机所在网络添加通向外部的路由,以下演示将虚拟机网络与 OpenStack 服务提供网络打通,实现通过外网管理虚拟机且能向互联网提供服务。
方式二,VNC:
VNC常用于外网无法连接到虚拟机,通过 OpenStack 平台页面管理,修复问题。
热饮
OpenStack 命令查询表
用法:
source admin-openrc.sh
openstack 命令
| 服务 | 命令 | 说明 |
|---|---|---|
| openstack.cli | command list | 命令列表 |
| | module list | 模块列表 |
| openstack.common | availability zone list | 可用域列表 |
| | configuration show | 显示配置信息 |
| | extension list | 拓展列表 |
| | extension show | 拓展配置信息 |
| | limits show | 限额信息 |
| | project cleanup | 清空项目 |
| | project purge | 项目清理 |
| | quota list | 限额列表 |
| | quota set | 设置限额 |
| | quota show | 限额信息 |
| | versions show | 版本信息 |
| openstack.compute.v2 | aggregate add host | 聚合添加主机 |
| | aggregate cache image | 聚合缓存镜像 |
| | aggregate create | 添加聚合 |
| | aggregate delete | 删除聚合 |
| | aggregate list | 聚合列表 |
| | aggregate remove host | 聚合移除主机 |
| | aggregate set | 设置聚合 |
| | aggregate show | 显示聚合信息 |
| | aggregate unset | 聚合取消设置 |
| | compute agent create | 创建计算节点 |
| | compute agent delete | 删除计算节点 |
| | compute agent list | 计算节点列表 |
| | compute agent set | 设置计算节点 |
| | compute service delete | 删除计算服务 |
| | compute service list | 计算服务列表 |
| | compute service set | 设置计算服务 |
| | console log show | 显示终端日志 |
| | console url show | 显示终端 URL |
| | flavor create | 创建风格 |
| | flavor delete | 删除风格 |
| | flavor list | 风格列表 |
| | flavor set | 设置风格 |
| | flavor show | 风格信息 |
| | flavor unset | 取消设置风格 |
| | host list | 主机列表 |
| | host set | 主机设置 |
| | host show | 主机信息 |
| | hypervisor list | hypervisor 列表 |
| | hypervisor show | hypervisor 信息 |
| | hypervisor stats show | hypervisor 状态信息 |
| | keypair create | 创建密钥对 |
| | keypair delete | 删除密钥对 |
| | keypair list | 密钥对列表 |
| | keypair show | 密钥对信息 |
| | server add fixed ip | 实例添加静态IP |
| | server add floating ip | 实例添加浮动IP |
| | server add network | 实例添加网络 |
| | server add port | 实例添加端口 |
| | server add security group | 实例添加安全组 |
| | server add volume | 实例添加卷 |
| | server backup create | 实例添加备份 |
| | server create | 创建实例 |
| | server delete | 删除实例 |
| | server dump create | 创建实例转储 |
| | server evacuate | 实例撤离 |
| | server event list | 实例事件列表 |
| | server event show | 实例事件信息 |
| | server group create | 创建实例组 |
| | server group delete | 删除实例组 |
| | server group list | 实例组列表 |
| | server group show | 实例组信息 |
| | server image create | 创建实例镜像 |
| | server list | 实例列表 |
| | server lock | 锁定实例 |
| | server migrate | 实例迁移 |
| | server migrate confirm | 实例迁移确认 |
| | server migrate revert | 实例迁移还原 |
| | server migration abort | 实例迁移终止 |
| | server migration confirm | 实例迁移确认 |
| | server migration force complete | 强制完成实例迁移 |
| | server migration list | 实例迁移列表 |
| | server migration revert | 实例迁移还原 |
| | server migration show | 实例迁移信息 |
| | server pause | 暂停实例 |
| | server reboot | 重启实例 |
| | server rebuild | 重建实例 |
| | server remove fixed ip | 实例移除静态IP |
| | server remove floating ip | 实例移除浮动IP |
| | server remove network | 实例移除网络 |
| | server remove port | 实例移除端口 |
| | server remove security group | 实例移除安全组 |
| | server remove volume | 实例移除卷 |
| | server rescue | 实例救援 |
| | server resize | 实例修改规格 |
| | server resize confirm | 实例修改规格确认 |
| | server resize revert | 实例修改规格还原 |
| | server restore | 实例还原 |
| | server resume | 实例恢复 |
| | server set | 设置实例 |
| | server shelve | 搁置实例 |
| | server show | 实例信息 |
| | server ssh | SSH 连接实例 |
| | server start | 启动实例 |
| | server stop | 停止实例 |
| | server suspend | 挂起实例 |
| | server unlock | 解锁实例 |
| | server unpause | 实例取消暂停 |
| | server unrescue | 实例取消救援 |
| | server unset | 取消设置实例 |
| | server unshelve | 下架实例 |
| | server volume list | 实例卷列表 |
| | server volume update | 实例卷更新 |
| | usage list | 用法列表 |
| | usage show | 用法信息 |
| openstack.identity.v3 | access rule delete | 删除访问规则 |
| access rule list | 访问规则列表 | |
| access rule show | 访问规则信息 | |
| access token create | 创建访问 Token | |
| application credential create | 创建应用凭证 | |
| application credential delete | 删除应用凭证 | |
| application credential list | 应用凭证列表 | |
| application credential show | 应用凭证信息 | |
| catalog list | 目录列表 | |
| catalog show | 目录信息 | |
| consumer create | 创建消费者 | |
| consumer delete | 删除消费者 | |
| consumer list | 消费者列表 | |
| consumer set | 设置消费者 | |
| consumer show | 消费者信息 | |
| credential create | 创建凭证 | |
| credential delete | 删除凭证 | |
| credential list | 凭证列表 | |
| credential set | 设置凭证 | |
| credential show | 凭证信息 | |
| domain create | 创建域 | |
| domain delete | 删除域 | |
| domain list | 域列表 | |
| domain set | 设置域 | |
| domain show | 域信息 | |
| ec2 credentials create | 创建 ec2 凭证 | |
| ec2 credentials delete | 删除 ec2 凭证 | |
| ec2 credentials list | ec2 凭证列表 | |
| ec2 credentials show | ec2 凭证信息 | |
| endpoint add project | 终端添加项目 | |
| endpoint create | 创建终端 | |
| endpoint delete | 删除终端 | |
| endpoint group add project | 终端组添加项目 | |
| endpoint group create | 创建终端组 | |
| endpoint group delete | 删除终端组 | |
| endpoint group list | 终端组列表 | |
| endpoint group remove project | 终端组移除项目 | |
| endpoint group set | 设置终端组 | |
| endpoint group show | 终端组信息 | |
| endpoint list | 终端列表 | |
| endpoint remove project | 终端移除项目 | |
| endpoint set | 设置终端 | |
| endpoint show | 终端信息 | |
| federation domain list | 联合域列表 | |
| federation project list | 联合项目列表 | |
| federation protocol create | 创建联合项目 | |
| federation protocol delete | 删除联合项目 | |
| federation protocol list | 联合项目列表 | |
| federation protocol set | 设置联合项目 | |
| federation protocol show | 联合项目信息 | |
| group add user | 组添加用户 | |
| group contains user | 组包含用户 | |
| group create | 创建组 | |
| group delete | 删除组 | |
| group list | 组列表 | |
| group remove user | 组移除用户 | |
| group set | 设置组 | |
| group show | 组信息 | |
| identity provider create | 创建身份提供者 | |
| identity provider delete | 删除身份提供者 | |
| identity provider list | 身份提供者列表 | |
| identity provider set | 设置身份提供者 | |
| identity provider show | 身份提供者信息 | |
| implied role create | 创建隐含角色 | |
| implied role delete | 删除隐含角色 | |
| implied role list | 隐含角色列表 | |
| limit create | 创建限制 | |
| limit delete | 删除限制 | |
| limit list | 限制列表 | |
| limit set | 设置限制 | |
| limit show | 限制信息 | |
| mapping create | 创建映射 | |
| mapping delete | 删除映射 | |
| mapping list | 映射列表 | |
| mapping set | 设置映射 | |
| mapping show | 映射信息 | |
| policy create | 创建政策 | |
| policy delete | 删除政策 | |
| policy list | 政策列表 | |
| policy set | 设置政策 | |
| policy show | 政策信息 | |
| project create | 创建项目 | |
| project delete | 删除项目 | |
| project list | 项目列表 | |
| project set | 设置项目 | |
| project show | 项目信息 | |
| region create | 创建区域 | |
| region delete | 删除区域 | |
| region list | 区域列表 | |
| region set | 设置区域 | |
| region show | 区域信息 | |
| registered limit create | 创建注册限制 | |
| registered limit delete | 注册限制 | |
| registered limit list | 注册限制 | |
| registered limit set | 注册限制 | |
| registered limit show | 注册限制 | |
| request token authorize | 请求 Token 授权 | |
| request token create | 创建请求 Token | |
| role add | 添加角色 | |
| role assignment list | 角色分配列表 | |
| role create | 创建角色 | |
| role delete | 删除角色 | |
| role list | 角色列表 | |
| role remove | 移除角色 | |
| role set | 设置角色 | |
| role show | 角色信息 | |
| service create | 创建服务 | |
| service delete | 删除服务 | |
| service list | 服务列表 | |
| service provider create | 创建服务提供者 | |
| service provider delete | 删除服务提供者 | |
| service provider list | 服务提供者列表 | |
| service provider set | 设置服务提供者 | |
| service provider show | 服务提供者信息 | |
| service set | 设置服务 | |
| service show | 服务信息 | |
| token issue | Token 颁发 | |
| token revoke | Token 回收 | |
| trust create | 创建信任 | |
| trust delete | 删除信任 | |
| trust list | 信任列表 | |
| trust show | 信任信息 | |
| user create | 创建用户 | |
| user delete | 删除用户 | |
| user list | 用户列表 | |
| user password set | 设置用户密码 | |
| user set | 设置用户 | |
| user show | 用户信息 | |
| openstack.image.v2 | image add project | 镜像添加项目 |
| image create | 创建镜像 | |
| image delete | 删除镜像 | |
| image list | 镜像列表 | |
| image member list | 镜像成员列表 | |
| image remove project | 镜像移除项目 | |
| image save | 镜像保存 | |
| image set | 设置镜像 | |
| image show | 镜像信息 | |
| image unset | 镜像取消设置 | |
| openstack.network.v2 | address group create | 创建地址组 |
| address group delete | 删除地址组 | |
| address group list | 地址组列表 | |
| address group set | 设置地址组 | |
| address group show | 地址组信息 | |
| address group unset | 地址组取消设置 | |
| address scope create | 创建地址范围 | |
| address scope delete | 删除地址范围 | |
| address scope list | 地址范围列表 | |
| address scope set | 设置地址范围 | |
| address scope show | 地址范围信息 | |
| floating ip create | 创建浮动 IP | |
| floating ip delete | 删除浮动 IP | |
| floating ip list | 浮动 IP列表 | |
| floating ip pool list | 浮动 IP列表 | |
| floating ip port forwarding create | 创建浮动 IP 端口转发 | |
| floating ip port forwarding delete | 删除浮动 IP 端口转发 | |
| floating ip port forwarding list | 浮动 IP 端口转发列表 | |
| floating ip port forwarding set | 设置浮动 IP 端口转发 | |
| floating ip port forwarding show | 浮动 IP 端口转发信息 | |
| floating ip set | 设置浮动 IP | |
| floating ip show | 浮动 IP | |
| floating ip unset | 浮动 IP取消设置 | |
| ip availability list | ip 可用性列表 | |
| ip availability show | ip 可用性信息 | |
| local ip association create | 创建本地 ip 关联 | |
| local ip association delete | 删除本地 ip 关联 | |
| local ip association list | 本地 ip 关联列表 | |
| local ip create | 创建本地 ip | |
| local ip delete | 删除本地 ip | |
| local ip list | 本地 ip列表 | |
| local ip set | 设置本地 ip | |
| local ip show | 本地 ip信息 | |
| network agent add network | 网络实例 | |
| network agent add router | 网络实例 | |
| network agent delete | 删除网络实例 | |
| network agent list | 网络实例列表 | |
| network agent remove network | 网络实例 | |
| network agent remove router | 网络实例 | |
| network agent set | 设置网络实例 | |
| network agent show | 网络实例信息 | |
| network auto allocated topology create | 创建网络自动分配拓扑 | |
| network auto allocated topology delete | 删除网络自动分配拓扑 | |
| network create | 创建网络 | |
| network delete | 删除网络 | |
| network flavor add profile | 网络风味添加配置文件 | |
| network flavor create | 创建网络风味 | |
| network flavor delete | 删除网络风味 | |
| network flavor list | 网络风味列表 | |
| network flavor profile create | 创建网络风味配置文件 | |
| network flavor profile delete | 删除网络风味配置文件 | |
| network flavor profile list | 网络风味配置文件列表 | |
| network flavor profile set | 设置网络风味配置文件 | |
| network flavor profile show | 网络风味配置文件信息 | |
| network flavor remove profile | 移除网络风味配置文件 | |
| network flavor set | 设置网络风味 | |
| network flavor show | 网络风味信息 | |
| network l3 conntrack helper create | 创建三层网络连接跟踪助手 | |
| network l3 conntrack helper delete | 删除三层网络连接跟踪助手 | |
| network l3 conntrack helper list | 三层网络连接跟踪助手列表 | |
| network l3 conntrack helper set | 设置三层网络连接跟踪助手 | |
| network l3 conntrack helper show | 三层网络连接跟踪助手信息 | |
| network list | 网络列表 | |
| network meter create | 创建网络流量监测器 | |
| network meter delete | 删除网络流量监测器 | |
| network meter list | 网络流量监测器列表 | |
| network meter rule create | 创建网络流量监测器规则 | |
| network meter rule delete | 删除网络流量监测器规则 | |
| network meter rule list | 网络流量监测器规则列表 | |
| network meter rule show | 网络流量监测器规则信息 | |
| network meter show | 网络流量监测器信息 | |
| network qos policy create | 创建网络服务质量策略 | |
| network qos policy delete | 删除网络服务质量策略 | |
| network qos policy list | 网络服务质量策略列表 | |
| network qos policy set | 设置网络服务质量策略 | |
| network qos policy show | 网络服务质量策略信息 | |
| network qos rule create | 创建网络服务质量规则 | |
| network qos rule delete | 删除网络服务质量规则 | |
| network qos rule list | 网络服务质量规则列表 | |
| network qos rule set | 设置网络服务质量规则 | |
| network qos rule show | 网络服务质量规则西悉 | |
| network qos rule type list | 网络服务质量规则类型列表 | |
| network qos rule type show | 网络服务质量规则类型信息 | |
| network rbac create | 创建网络基于角色的访问控制 | |
| network rbac delete | 删除网络基于角色的访问控制 | |
| network rbac list | 网络基于角色的访问控制列表 | |
| network rbac set | 设置网络基于角色的访问控制 | |
| network rbac show | 网络基于角色的访问控制信息 | |
| network segment create | 创建网段 | |
| network segment delete | 删除网段 | |
| network segment list | 网段列表 | |
| network segment range create | 创建网段范围 | |
| network segment range delete | 删除网段范围 | |
| network segment range list | 网段范围列表 | |
| network segment range set | 网段范围设置 | |
| network segment range show | 网段范围信息 | |
| network segment set | 设置网段 | |
| network segment show | 网段信息 | |
| network service provider list | 网络服务提供商列表 | |
| network set | 设置网络 | |
| network show | 网络 | |
| network unset | 网络取消设置 | |
| port create | 创建端口 | |
| port delete | 删除端口 | |
| port list | 端口列表 | |
| port set | 设置端口 | |
| port show | 端口信息 | |
| port unset | 端口取消设置 | |
| router add port | 路由器添加端口 | |
| router add route | 路由器添加路由 | |
| router add subnet | 路由器添加子网 | |
| router create | 创建路由器 | |
| router delete | 删除路由器 | |
| router list | 路由器列表 | |
| router remove port | 路由器移除端口 | |
| router remove route | 路由器移除路由 | |
| router remove subnet | 路由器移除子网 | |
| router set | 设置路由器 | |
| router show | 路由器信息 | |
| router unset | 路由器取消设置 | |
| security group create | 创建安全组 | |
| security group delete | 删除安全组 | |
| security group list | 安全组列表 | |
| security group rule create | 创建安全组规则 | |
| security group rule delete | 删除安全组规则 | |
| security group rule list | 安全组规则列表 | |
| security group rule show | 安全组规则信息 | |
| security group set | 设置安全组 | |
| security group show | 安全组信息 | |
| security group unset | 安全组取消设置 | |
| subnet create | 创建子网 | |
| subnet delete | 删除子网 | |
| subnet list | 子网列表 | |
| subnet pool create | 创建子网池 | |
| subnet pool delete | 删除子网池 | |
| subnet pool list | 子网池列表 | |
| subnet pool set | 设置子网池 | |
| subnet pool show | 子网池信息 | |
| subnet pool unset | 子网池取消设置 | |
| subnet set | 子网设置 | |
| subnet show | 子网信息 | |
| subnet unset | 子网取消设置 | |
| openstack.neutronclient.v2 | bgp dragent add speaker | bgp DRAgent 添加发言人 |
| bgp dragent list | BGP DRAgent 列表 | |
| bgp dragent remove speaker | BGP DRAgent 移除发言人 | |
| bgp peer create | 创建 BGP 邻居 | |
| bgp peer delete | 删除BGP 邻居 | |
| bgp peer list | BGP 邻居列表 | |
| bgp peer set | 设置BGP 邻居 | |
| bgp peer show | BGP 邻居信息 | |
| bgp speaker add network | BGP 发言人添加网络 | |
| bgp speaker add peer | BGP 发言人添加邻居 | |
| bgp speaker create | 创建 BGP 发言人 | |
| bgp speaker delete | 删除 BGP 发言人 | |
| bgp speaker list | BGP 发言人列表 | |
| bgp speaker list advertised routes | BGP 发言人通告路由条目列表 | |
| bgp speaker remove network | BGP 发言人移除网络 | |
| bgp speaker remove peer | BGP 发言人移除邻居 | |
| bgp speaker set | 设置BGP 发言人 | |
| bgp speaker show | BGP 发言人信息 | |
| bgp speaker show dragents | BGP 发言人 DRAgent 信息 | |
| bgpvpn create | 创建 BGP VPN | |
| bgpvpn delete | 删除 BGP VPN | |
| bgpvpn list | BGP VPN 列表 | |
| bgpvpn network association create | 创建 BGP VPN 网络关联 | |
| bgpvpn network association delete | 删除 BGP VPN 网络关联 | |
| bgpvpn network association list | BGP VPN 网络关联列表 | |
| bgpvpn network association show | BGP VPN 网络关联信息 | |
| bgpvpn port association create | 创建 BGP VPN 端口关联 | |
| bgpvpn port association delete | 删除 BGP VPN 端口关联 | |
| bgpvpn port association list | BGP VPN 端口关联列表 | |
| bgpvpn port association set | 设置 BGP VPN 端口关联 | |
| bgpvpn port association show | BGP VPN 端口关联信息 | |
| bgpvpn port association unset | 取消设置 BGP VPN 端口关联 | |
| bgpvpn router association create | 创建 BGP VPN 路由关联 | |
| bgpvpn router association delete | 删除 BGP VPN 路由关联 | |
| bgpvpn router association list | BGP VPN 路由关联列表 | |
| bgpvpn router association set | 设置 BGP VPN 路由关联 | |
| bgpvpn router association show | BGP VPN 路由关联信息 | |
| bgpvpn router association unset | 取消设置 BGP VPN 路由关联 | |
| bgpvpn set | 设置 BGP VPN | |
| bgpvpn show | BGP VPN 信息 | |
| bgpvpn unset | 取消设置 BGP VPN | |
| firewall group create | 创建防火墙组 | |
| firewall group delete | 删除防火墙组 | |
| firewall group list | 防火墙组列表 | |
| firewall group policy add rule | 防火墙组策略添加规则 | |
| firewall group policy create | 创建防火墙组策略 | |
| firewall group policy delete | 删除防火墙组策略 | |
| firewall group policy list | 防火墙组策略列表 | |
| firewall group policy remove rule | 防火墙组策略移除规则 | |
| firewall group policy set | 设置防火墙组策略 | |
| firewall group policy show | 防火墙组策略信息 | |
| firewall group policy unset | 取消设置防火墙组策略 | |
| firewall group rule create | 创建防火墙组规则 | |
| firewall group rule delete | 删除防火墙组规则 | |
| firewall group rule list | 防火墙组规则列表 | |
| firewall group rule set | 设置防火墙组规则 | |
| firewall group rule show | 防火墙组规则信息 | |
| firewall group rule unset | 取消设置防火墙组规则 | |
| firewall group set | 设置防火墙组 | |
| firewall group show | 防火墙组信息 | |
| firewall group unset | 取消设置防火墙组 | |
| network log create | 创建网络日志 | |
| network log delete | 删除网络日志 | |
| network log list | 网络日志 列表 | |
| network log set | 设置网络日志 | |
| network log show | 网络日志信息 | |
| network loggable resources list | 网络可记录资源列表 | |
| network onboard subnets | 网络板载子网 | |
| network subport list | 网络子接口列表 | |
| network trunk create | 创建网络中继 | |
| network trunk delete | 删除网络中继 | |
| network trunk list | 网络中继列表 | |
| network trunk set | 设置网络中继 | |
| network trunk show | 网络中继信息 | |
| network trunk unset | 取消设置网络中继 | |
| sfc flow classifier create | 创建服务功能链流分类器 | |
| sfc flow classifier delete | 删除服务功能链流分类器 | |
| sfc flow classifier list | 服务功能链流分类器列表 | |
| sfc flow classifier set | 设置服务功能链流分类器 | |
| sfc flow classifier show | 服务功能链流分类器信息 | |
| sfc port chain create | 创建服务功能链端口链 | |
| sfc port chain delete | 删除服务功能链端口链 | |
| sfc port chain list | 服务功能链端口链列表 | |
| sfc port chain set | 设置服务功能链端口链 | |
| sfc port chain show | 服务功能链端口链信息 | |
| sfc port chain unset | 取消设置服务功能链端口链 | |
| sfc port pair create | 创建服务功能链端口对 | |
| sfc port pair delete | 删除服务功能链端口对 | |
| sfc port pair group create | 创建服务功能链端口对组 | |
| sfc port pair group delete | 删除服务功能链端口对组 | |
| sfc port pair group list | 服务功能链端口对组列表 | |
| sfc port pair group set | 设置服务功能链端口对组 | |
| sfc port pair group show | 服务功能链端口对组信息 | |
| sfc port pair group unset | 取消设置服务功能链端口对组 | |
| sfc port pair list | 服务功能链端口对列表 | |
| sfc port pair set | 设置服务功能链端口对 | |
| sfc port pair show | 服务功能链端口对信息 | |
| sfc service graph create | 创建服务功能链服务图 | |
| sfc service graph delete | 删除服务功能链服务图 | |
| sfc service graph list | 服务功能链服务图列表 | |
| sfc service graph set | 设置服务功能链服务图 | |
| sfc service graph show | 服务功能链服务图信息 | |
| vpn endpoint group create | 创建 VPN 终端组 | |
| vpn endpoint group delete | 删除 VPN 终端组 | |
| vpn endpoint group list | VPN 终端组列表 | |
| vpn endpoint group set | 设置 VPN 终端组 | |
| vpn endpoint group show | VPN 终端组信息 | |
| vpn ike policy create | 创建 VPN IKE 策略 | |
| vpn ike policy delete | 删除 VPN IKE 策略 | |
| vpn ike policy list | VPN IKE 策略列表 | |
| vpn ike policy set | 设置 VPN IKE 策略 | |
| vpn ike policy show | VPN IKE 策略信息 | |
| vpn ipsec policy create | 创建 VPN IPSEC 策略 | |
| vpn ipsec policy delete | 删除 VPN IPSEC 策略 | |
| vpn ipsec policy list | VPN IPSEC 策略列表 | |
| vpn ipsec policy set | 设置 VPN IPSEC 策略 | |
| vpn ipsec policy show | VPN IPSEC 策略信息 | |
| vpn ipsec site connection create | 创建 VPN IPSEC 站点连接 | |
| vpn ipsec site connection delete | 删除 VPN IPSEC 站点连接 | |
| vpn ipsec site connection list | VPN IPSEC 站点连接列表 | |
| vpn ipsec site connection set | 设置 VPN IPSEC 站点连接 | |
| vpn ipsec site connection show | VPN IPSEC 站点连接信息 | |
| vpn service create | 创建 VPN 服务 | |
| vpn service delete | 删除 VPN 服务 | |
| vpn service list | VPN 服务列表 | |
| vpn service set | 设置 VPN 服务 | |
| vpn service show | VPN 服务信息 | |
| openstack.object_store.v1 | container create | 创建容器 |
| container delete | 删除容器 | |
| container list | 容器列表 | |
| container save | 保存容器 | |
| container set | 设置容器 | |
| container show | 容器信息 | |
| container unset | 取消设置容器 | |
| object create | 创建对象 | |
| object delete | 删除对象 | |
| object list | 对象列表 | |
| object save | 保存对象 | |
| object set | 设置对象 | |
| object show | 对象信息 | |
| object store account set | 设置对象存储账户 | |
| object store account show | 对象存储账户信息 | |
| object store account unset | 取消设置对象存储账户 | |
| object unset | 取消设置对象 | |
| openstack.volume.v3 | consistency group add volume | 一致性组添加卷 |
| consistency group create | 创建一致性组 | |
| consistency group delete | 删除一致性组 | |
| consistency group list | 一致性组列表 | |
| consistency group remove volume | 一致性组移除卷 | |
| consistency group set | 设置一致性组 | |
| consistency group show | 一致性组信息 | |
| consistency group snapshot create | 创建一致性组快照 | |
| consistency group snapshot delete | 删除一致性组快照 | |
| consistency group snapshot list | 一致性组快照列表 | |
| consistency group snapshot show | 一致性组快照信息 | |
| volume attachment complete | 完成卷绑定 | |
| volume attachment create | 创建卷绑定 | |
| volume attachment delete | 删除卷绑定 | |
| volume attachment list | 卷绑定列表 | |
| volume attachment set | 设置卷绑定 | |
| volume attachment show | 卷绑定信息 | |
| volume backup create | 创建卷备份 | |
| volume backup delete | 删除卷备份 | |
| volume backup list | 卷备份列表 | |
| volume backup record export | 导出卷备份记录 | |
| volume backup record import | 导入卷备份记录 | |
| volume backup restore | 卷备份还原 | |
| volume backup set | 设置卷备份 | |
| volume backup show | 卷备份信息 | |
| volume backup unset | 取消设置卷备份 | |
| volume create | 创建卷 | |
| volume delete | 删除卷 | |
| volume group create | 创建卷组 | |
| volume group delete | 删除卷组 | |
| volume group failover | 卷组故障转移 | |
| volume group list | 卷组列表 | |
| volume group set | 设置卷组 | |
| volume group show | 卷组信息 | |
| volume group snapshot create | 创建卷组快照 | |
| volume group snapshot delete | 删除卷组快照 | |
| volume group snapshot list | 卷组快照列表 | |
| volume group snapshot show | 卷组快照信息 | |
| volume group type create | 创建卷组类型 | |
| volume group type delete | 删除卷组类型 | |
| volume group type list | 卷组类型列表 | |
| volume group type set | 设置卷组类型 | |
| volume group type show | 卷组类型信息 | |
| volume host set | 设置卷主机 | |
| volume list | 卷列表 | |
| volume message delete | 删除卷信息 | |
| volume message list | 卷信息列表 | |
| volume message show | 卷信息信息 | |
| volume migrate | 卷迁移 | |
| volume qos associate | 卷 QOS 关联 | |
| volume qos create | 创建卷 QOS | |
| volume qos delete | 删除卷 QOS | |
| volume qos disassociate | 卷 QOS | |
| volume qos list | 卷 QOS 列表 | |
| volume qos set | 设置卷 QOS | |
| volume qos show | 卷 QOS 信息 | |
| volume qos unset | 取消设置卷 QOS | |
| volume service list | 卷服务列表 | |
| volume service set | 设置卷服务 | |
| volume set | 设置卷 | |
| volume show | 卷信息 | |
| volume snapshot create | 创建卷快照 | |
| volume snapshot delete | 删除卷快照 | |
| volume snapshot list | 卷快照列表 | |
| volume snapshot set | 设置卷快照 | |
| volume snapshot show | 卷快照信息 | |
| volume snapshot unset | 取消设置卷快照 | |
| volume transfer request accept | 卷转移请求接受 | |
| volume transfer request create | 创建卷转移请求 | |
| volume transfer request delete | 删除卷转移请求 | |
| volume transfer request list | 卷转移请求列表 | |
| volume transfer request show | 卷转移请求信息 | |
| volume type create | 创建卷类型 | |
| volume type delete | 删除卷类型 | |
| volume type list | 卷类型列表 | |
| volume type set | 设置卷类型 | |
| volume type show | 卷类型信息 | |
| volume type unset | 取消设置卷类型 | |
| volume unset | 取消设置卷 |
4417
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
