1功能:Keystone的功能是负责验证身份、
校验服务规则和发布服务令牌的。
2.Keystone运维命令
用户
创建用户前要先生效配置
[root@controller ~]# source /etc/xiandian/openrc.sh
[root@controller ~]# source /etc/keystone/admin-openrc.sh
创建用户创建一个用户为aaa密码为000000邮箱为123@qq。com的用户
[root@controller ~]# openstack user create --password 000000 --email 123@qq.com --domain demo aaa
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | d229677dbeed4ed0b7d5ee7e31342afe |
| email | 123@qq.com |
| enabled | True |
| id | 2cd04d08316d4dc4b689d574e101039c |
| name | aaa |
+-----------+----------------------------------+
查询用户所有用户列表信息
[root@controller ~]# openstack user list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 07f7ba6e7b4147b48794d90e9f392cc3 | glance |
| 2cd04d08316d4dc4b689d574e101039c | aaa |
| 34304ab3a5204a529b35a997240c5b3d | neutron |
| 45519502364146a5a7d9ee7a847c142e | admin |
| 8586775b159d42d7baa220a2fa9cbe75 | demo |
| ae7203cb4497484ebbac5cd0405c0f38 | cinder |
| d7e238fe9fe041489abc446206413b0f | nova |
| fc176016b9f74bba83d5e0206c45eb5e | swift |
+----------------------------------+---------+
删除用户aaa(可以写用户名也可ID)
[root@controller ~]# openstack user delete aaa
删除后查看
[root@controller ~]# openstack user list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 07f7ba6e7b4147b48794d90e9f392cc3 | glance |
| 34304ab3a5204a529b35a997240c5b3d | neutron |
| 45519502364146a5a7d9ee7a847c142e | admin |
| 8586775b159d42d7baa220a2fa9cbe75 | demo |
| ae7203cb4497484ebbac5cd0405c0f38 | cinder |
| d7e238fe9fe041489abc446206413b0f | nova |
| fc176016b9f74bba83d5e0206c45eb5e | swift |
+----------------------------------+---------+
修改密码
改名
[root@controller ~]# openstack user set --name bbb aaa
[root@controller ~]# openstack user list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 01df42d441dd4c33a6872eb74381db5e | bbb |
| 07f7ba6e7b4147b48794d90e9f392cc3 | glance |
| 34304ab3a5204a529b35a997240c5b3d | neutron |
| 45519502364146a5a7d9ee7a847c142e | admin |
| 8586775b159d42d7baa220a2fa9cbe75 | demo |
| ae7203cb4497484ebbac5cd0405c0f38 | cinder |
| d7e238fe9fe041489abc446206413b0f | nova |
| fc176016b9f74bba83d5e0206c45eb5e | swift |
+----------------------------------+---------+
查看用户具体信息
[root@controller ~]# openstack user show aaa
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | d229677dbeed4ed0b7d5ee7e31342afe |
| email | 123@qq.com |
| enabled | True |
| id | 01df42d441dd4c33a6872eb74381db5e |
| name | aaa |
+-----------+----------------------------------+
租户
创建租户ddd
[root@controller ~]# openstack project create --domain demo ddd
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | d229677dbeed4ed0b7d5ee7e31342afe |
| enabled | True |
| id | d2fd5fbea5b140359b6efe17e89bec4d |
| is_domain | False |
| name | ddd |
| parent_id | d229677dbeed4ed0b7d5ee7e31342afe |
+-------------+----------------------------------+
查看租户
[root@controller ~]# openstack project list
+----------------------------------+---------+
| ID | Name |
+----------------------------------+---------+
| 3323ae5f958b4a88b5bebe9262f0980b | service |
| 4101720e53b54b2d9eb774baec985193 | admin |
| d2fd5fbea5b140359b6efe17e89bec4d | ddd |
| e250afaae93c478e94ea95030779b12e | demo |
+----------------------------------+---------+
查看租户具体信息
[root@controller ~]# openstack project show ddd
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | d229677dbeed4ed0b7d5ee7e31342afe |
| enabled | True |
| id | d2fd5fbea5b140359b6efe17e89bec4d |
| is_domain | False |
| name | ddd |
| parent_id | d229677dbeed4ed0b7d5ee7e31342afe |
+-------------+----------------------------------+
删除租户
[root@controller ~]# openstack project delete ddd
改名把ddd改名为eee
[root@controller ~]# openstack project set --name eee ddd
角色
创建角色
[root@controller ~]# openstack role create ggg
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | 342c8815dd8e40c4ba9db29ccba54f3e |
| name | ggg |
+-----------+----------------------------------+
查看角色
[root@controller ~]# openstack role list
+----------------------------------+-------+
| ID | Name |
+----------------------------------+-------+
| 342c8815dd8e40c4ba9db29ccba54f3e | ggg |
| 37a56c67a5de498b9b2574f55e341319 | admin |
| ea90522d7bd6409583791c075a618420 | user |
+----------------------------------+-------+
删除角色
[root@controller ~]# openstack role delete ggg
修改名称
[root@controller ~]# openstack role set --name kkk ddd
查询详细信息
[root@controller ~]# openstack role show kkk
+-----------+----------------------------------+
| Field | Value |
+-----------+----------------------------------+
| domain_id | None |
| id | c5480a59ae8b4148b234cffe2d3c316a |
| name | kkk |
+-----------+----------------------------------+
[root@controller ~]# openstack user create test --password 000000 --project admin --domain demo
+--------------------+----------------------------------+
| Field | Value |
+--------------------+----------------------------------+
| default_project_id | 4101720e53b54b2d9eb774baec985193 |
| domain_id | d229677dbeed4ed0b7d5ee7e31342afe |
| enabled | True |
| id | 3b83e8a60e4b489bbce2fcd9883ca45d |
| name | test |
+--------------------+----------------------------------+
给用户授予权限,绑定用户和项目权限
[root@controller ~]# openstack role add --user test --project eee kkk
端口地址查询
[root@controller ~]# netstat -ntpl
查询那个端口
[root@controller ~]# openstack endpoint list |grep 8776
| 3497ce764e0f46e18f91c99dc3cfa9f8 | RegionOne | cinder | volume | True | internal | http://controller:8776/v1/%(tenant_id)s |
| 4d9882f4d8fd45cba521e84bd2d6a53e | RegionOne | cinder | volume | True | public | http://controller:8776/v1/%(tenant_id)s |
| 7bea4904709d41079f04c36d7965df8f | RegionOne | cinderv2 | volumev2 | True | internal | http://controller:8776/v2/%(tenant_id)s |
| 93fa2de6683c47789bc739fcc2ef4dce | RegionOne | cinderv2 | volumev2 | True | admin | http://controller:8776/v2/%(tenant_id)s |
| da4c00c629874cebb18309d201c9ca2b | RegionOne | cinder | volume | True | admin | http://controller:8776/v1/%(tenant_id)s |
| e12b9c9e1ac142c98b4a74b78db2c1a4 | RegionOne | cinderv2 | volumev2 | True | public | http://controller:8776/v2/%(tenant_id)s |
glance
创建镜像
glance image-create --name “cirros” --disk-format qcow2
–container-format bare --progress < cirros-0.3.4-x86_64-disk.img
[root@controller ~]# glance image-create --name "cirros" --disk-format qcow2 --container-format bare --progress < cirros-0.3.4-x86_64-disk.img
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | ee1eca47dc88f4879d8a229cc70a07c6 |
| container_format | bare |
| created_at | 2020-11-20T07:25:53Z |
| disk_format | qcow2 |
| id | 3c1dbdec-8480-4b9e-9952-ed0d8c3a0223 |
| min_disk | 0 |
| min_ram | 0 |
| name | cirros |
| owner | 4101720e53b54b2d9eb774baec985193 |
| protected | False |
| size | 13287936 |
| status | active |
| tags | [] |
| updated_at | 2020-11-20T07:25:56Z |
| virtual_size | None |
| visibility | private |
+------------------+--------------------------------------+
查看镜像列表
[root@controller ~]# glance image-list
+--------------------------------------+-----------+
| ID | Name |
+--------------------------------------+-----------+
| db0c2203-92a6-4f07-870b-33285606c6eb | centos7.2 |
| 3c1dbdec-8480-4b9e-9952-ed0d8c3a0223 | cirros |
+--------------------------------------+-----------+
查看镜像列表的详细信息
[root@controller ~]# glance image-show
db0c2203-92a6-4f07-870b-33285606c6eb也可使用名称
[root@controller ~]# glance image-show db0c2203-92a6-4f07-870b-33285606c6eb
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | ea197f4c679b8e1ce34c0aa70ae2a94a |
| container_format | bare |
| created_at | 2020-11-19T18:16:32Z |
| disk_format | qcow2 |
| id | db0c2203-92a6-4f07-870b-33285606c6eb |
| min_disk | 0 |
| min_ram | 0 |
| name | centos7.2 |
| owner | 4101720e53b54b2d9eb774baec985193 |
| protected | False |
| size | 400752640 |
| status | active |
| tags | [] |
| updated_at | 2020-11-19T18:16:35Z |
| virtual_size | None |
| visibility | private |
+------------------+--------------------------------------+
删除镜像
[root@controller ~]# glance image-delete 3c1dbdec-8480-4b9e-9952-ed0d8c3a0223
更新镜像
[root@controller ~]# glance image-update --name ccc
04f78684-1afe-4f77-9acf-e2e543d00a18
Nova
创建安全组
[root@controller ~]# nova secgroup-create test 'hello'
±-------------------------------------±-----±------------+
| Id | Name | Description |
±-------------------------------------±-----±------------+
| c290dfe0-ad50-4ef4-9cc8-0cd002fae2b4 | test | hello |
±-------------------------------------±-----±------------+
引号里面为安全组的描述信息
创建云主机
[root@controller ~]# nova secgroup-create test ‘hello’
±-------------------------------------±-----±------------+
| Id | Name | Description |
±-------------------------------------±-----±------------+
| c290dfe0-ad50-4ef4-9cc8-0cd002fae2b4 | test | hello |
±-------------------------------------±-----±------------+
[root@controller ~]# nova flavor-create test 6 2048 2 1
±—±-----±----------±-----±----------±-----±------±------------±----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
±—±-----±----------±-----±----------±-----±------±------------±----------+
| 6 | test | 2048 | 2 | 0 | | 1 | 1.0 | True |
±—±-----±----------±-----±----------±-----±------±------------±----------+
名为test ID为6 内存为2048MB 磁盘为1G CPU为1
查看云主机详细信息
[root@controller ~]# nova flavor-show test
删除云主机
[root@controller ~]# nova flavor-delete 6
Neutron
查询网络服务 一般情况下nova service-list
[root@controller ~]# neutron agent-list
查询某一列
[root@controller ~]# neutron agent-list -c host
+------------+
| host |
+------------+
| controller |
| controller |
| controller |
| controller |
| compute |
| controller |
| compute |
+------------+
查询内外网详细情况
[root@controller ~]# neutron net-list
查询子网
[root@controller ~]# neutron subnet-list
可以看到关于地址池的信息
Cinder
创建云硬盘
[root@controller ~]# cinder create --name cinder-volume-demo 2
查看云硬盘信息
[root@controller ~]# cinder list
创建云硬盘卷类型
创建type标识的卷类型
[root@controller ~]# cinder type-create lvm
查看现有的卷类型
[root@controller ~]# cinder type-list
创建带标识的云硬盘
以 type 标识为例,创建一块带“lvm”标识的云硬盘
[root@controller ~]# cinder create --name type_test_demo --volume-type lvm 1
查询
[root@controller ~]# cinder show type_test_demo
swift
上传文件至容器
创建容器
```bash
[root@controller ~]#swift post test
查询容器
#swift list test
用户希望将本地的 file
目录内容递归上传到“test”容器内
```bash
# mkdir file
# touch one.txt
# touch two.doc
# touch three.png
[root@controller ~]# swift upload test file/
file/
```bash
[root@controller ~]# swift upload test/file one.txt
file/one.txt
从容器中下载文件
[root@controller ~]# swift download test file/three.png
file/three.png [auth 2.681s, headers 3.346s, total 3.346s, 0.000 MB/s]
从容器中删除文件
[root@controller ~]# swift delete test file/three.png
file/three.png
查看容器服务状态
[root@controller ~]# swift stat
Account: AUTH_4101720e53b54b2d9eb774baec985193
Containers: 1
Objects: 2
Bytes: 0
Containers in policy "policy-0": 1
Objects in policy "policy-0": 2
Bytes in policy "policy-0": 0
X-Account-Project-Domain-Id: d229677dbeed4ed0b7d5ee7e31342afe
X-Timestamp: 1605864112.22045
X-Trans-Id: tx807fecb6b60a40ceb3cb8-005fb7a0fb
Content-Type: text/plain; charset=utf-8
Accept-Ranges: bytes