在控制节点上建hzb-openrc.sh
export OS_PROJECT_DOMAIN_ID=default export OS_USER_DOMAIN_ID=default export OS_PROJECT_NAME=hzb_tenant export OS_TENANT_NAME=hzb_tenant export OS_USERNAME=huzhengbo export OS_PASSWORD=huzhengbo export OS_AUTH_URL=http://172.16.12.7:35357/v3 export OS_IDENTITY_API_VERSION=3
source hzb-openrc.sh
以上主要是认证,使得后面创建的资源落在hzb_tenant租户上
1、创建虚拟机
1)查看一下规格
[root@cc07 ~]# nova flavor-list|grep vcpus_1 | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_16384_disk_50_eph_0 | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_16384_disk_50_eph_0 | 16384 | 50 | 0 | | 16 | 1.0 | True | | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_32768_disk_50_eph_0 | vcpus_16_cpu_cores_8_cpu_sockets_2_ram_32768_disk_50_eph_0 | 32768 | 50 | 0 | | 16 | 1.0 | True | | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_10_eph_0 | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_10_eph_0 | 1024 | 10 | 0 | | 1 | 1.0 | True | | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 | 1024 | 1 | 0 | | 1 | 1.0 | True |
2)查看一下镜像
[root@cc07 ~]# glance image-list|grep test-boshen
| 7dbda9ff-b13f-410b-8152-2c27c6bba4b6 | test-boshen1g |
3)查看一下网络
[root@cc07 ~]# neutron net-list --tenant-id=26a8e1feb372493d831c19d4d9e28d73 +--------------------------------------+--------------+---------------------------------------------------+ | id | name | subnets | +--------------------------------------+--------------+---------------------------------------------------+ | 0575cad8-38b0-4d0a-833c-86779f4f43bb | hzb-pub1 | | | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | hzb-privnet1 | 0ba19972-c2f6-4cbb-80f6-a642a2f698a8 10.30.0.0/24 | +--------------------------------------+--------------+---------------------------------------------------+
4)查看一下安全组
(nova-compute)[root@nc12 ~]# nova secgroup-list --all-tenant|grep hzb | 970a4d5f-cd19-4e1e-ab22-6355044bf79b | hzb-sg-1 | | 17b117b7731e46d6bc0f9f34d767a61b | | fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e | hzb-sg | | 26a8e1feb372493d831c19d4d9e28d73 |
5)创建秘钥
(neutron-server)[root@cc07 /]# openstack keypair create hzb-keypaire-priv -----BEGIN RSA PRIVATE KEY----- MIIEqAIBAAKCAQEA02eI9yEc8EvEDLBiXqPGFZtuQ/wa4dMH44mPLvadOW7xrkt2 5kQh1STcCYX6aJT9vX8IIrQlkx9rc2Y5mdWO/L39nvmLdWgsOUSCx/AgMj5kZj6L +en3UYULXSFKnA8uw4jspf0DgzAjT69YXVaAPzVmZSwriNtye7Jz3byZ5/pddQQh /C3KC7t1hay3lYkgpqURaQT31UqIkN+VTYehKIHMAsyY2IVxEtUVsQegbMDIZrrZ mDRTewCLZDfVwFQf7cmDdDQsrsb+xEo6PinH8CJWwT3xO5HC3MbJahUK+nFcgDRH sbHuFfMBpzuGrtFPYmbW7IjiqvcYt37NFubi0QIDAQABAoIBAQCPXuIWp9BWbyvQ ZzbvdCZ8tOK9HJamnFX3TG1crkfGkaU6TVefpolDYjIQC1rd3l2PTD2aO45YDrDy nFtoJttIMRl13UtlHncPh5UiP4m2SXYRmU2Y+cGO+anRSSiuWeWfGpdToxnkuJra CdLlyipDs9Vzu9byg9FKbqYBtUyzc26pAb910F0dfraz6Qiy/Nm8iQGugCdDfvq4 p2Xf8ySQGKRqe5pvQY9AfN6oyGuSyqJoRqCyK624E5wxrHCCcZC07eiLXmGDNJKi n0PwvqemtTB+Mnfz95V/PI53VXt5pUrHekI1niXxx6dQN+xwNg7CzAiJT2fOfpJQ 25UFRM8ZAoIAgQDlzG9mJHQ5lzfpQtyCRNiXMjrR+vKrhCamiKTTpOjtbnaiEeUW 1VkvDOKB9grGZvKKS8Ug67OR73ATP5E4cHO8WUnYsk1vu/lYzPOvwcit3uccLz7b 7pCG1eKi8AD/+T6k27yRNVBXKOva4nQyan916wBmT3ho7OmyYBkKQOJt0wKCAIEA 64IyAhSGvAXnV01DWsnPKdKVXUezXdE2sXTEN38TDApUCKp8I9K+mZVatSaY+YWU bivdWhH//ZkmWWbH/Ff2fQwLp/xBF7ydWPlMBTQ9ex+jNZMHE7Jy9YK/5lwDL2Zt i6UJoiSZjeUa0hPLwqt/diO3nF5l6PQCCWqFR4Z8sksCggCAedx5zs7SG6BHdBmS 2josKbHnY2cSvUXtQS8BSYMQSqjjnHqk5ADrtHm+vHB/skrxn8kilpyns2IoKuzw 098+YMlw0ctsKS6jwiWdrLy08Q9du6KKURMn7XkLIKDpxtSkFcS5ML/3BOGcgYzJ VdsIEL44jgjir7HDFGbFoJxb9yUCggCAHJCdGi19Lh8VMTyY19E0hGEbZsYElnOC y8Fa71RFbidui+KJzhqIrb4001YMJe+y0i4V2g/m2c6SnTNfPFc6+W3VmBl7l7Jz 70/FjbgJYP60YBImQJhbYzXpqrosVLp6vP5Wjckcqt5IA4UNKN5+RkkMwzWb7MZz 3MqDweopA8MCggCAfEeYBQ90WWOleGduw+jYl2WT8+5MZt+HmkdPIrd3sSt0r9nJ NT+TN3cwZDUqpnweo3hZzzvZDv+aIlItT4TueifX5EnsBmrVZ7el0KvIM9MoDOWl +wlGPcs9Np1Dkr2mxMX6BWrGCo0KW5hxlz663/pbC6FxE5XRua4IkbW8ghE= -----END RSA PRIVATE KEY-----
6)查看主机
[root@cc07 ~]# nova service-list +----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+ | Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | +----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+ | 17 | nova-consoleauth | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:24.000000 | - | | 18 | nova-scheduler | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:24.000000 | - | | 20 | nova-conductor | cc07.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:28.000000 | - | | 28 | nova-compute | nc12.chinacloud.com | region-1 | enabled | up | 2018-10-26T07:25:28.000000 | - | | 29 | nova-compute | nc09.chinacloud.com | nova | enabled | up | 2018-10-26T07:25:26.000000 | - | | 30 | nova-compute | nc11.chinacloud.com | AZ_kvm | enabled | up | 2018-10-26T07:25:24.000000 | - | | 31 | nova-compute | nc10.chinacloud.com | nova | enabled | up | 2018-10-26T07:25:30.000000 | - | | 34 | nova-compute | cc07.chinacloud.com | bare_az | enabled | up | 2018-10-26T07:25:27.000000 | - | | 35 | nova-conductor | nc09.chinacloud.com | internal | enabled | up | 2018-10-26T07:25:28.000000 | - | | 40 | nova-compute | CLS1_172.16.0.9_dummydriver | nova | enabled | up | 2018-10-26T07:25:26.000000 | - | | 41 | nova-compute | CLS1_172.16.0.9_driver | vmvare-09 | enabled | up | 2018-10-26T07:25:24.000000 | - | | 43 | nova-compute | compute.chinacloud.com | nova | enabled | down | 2018-10-25T07:34:11.000000 | - | +----+------------------+-----------------------------+-----------+---------+-------+----------------------------+-----------------+
准备建在AZ_kvm这个可用域里面的 nc11.chinacloud.com 节点上
7)、创建虚拟机
[root@cc07 ~]# nova boot --flavor vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 --image 7dbda9ff-b13f-410b-8152-2c27c6bba4b6 --nic net-id=2193270e-c4c9-469c-99ae-87ebdb4ba535 --security-groups fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e --key-name hzb-keypaire-priv --availability-zone AZ_kvm:nc11.chinacloud.com hzb-boot-test +--------------------------------------+-------------------------------------------------------------------------------------------------------------------+ | Property | Value | +--------------------------------------+-------------------------------------------------------------------------------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | AZ_kvm | | OS-EXT-SRV-ATTR:host | - | | OS-EXT-SRV-ATTR:hypervisor_hostname | - | | OS-EXT-SRV-ATTR:instance_name | instance-000001ed | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | - | | OS-SRV-USG:terminated_at | - | | accessIPv4 | | | accessIPv6 | | | adminPass | | | config_drive | | | created | 2018-10-26T08:01:38Z | | flavor | vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0 (vcpus_1_cpu_cores_1_cpu_sockets_1_ram_1024_disk_1_eph_0) | | hostId | | | id | 046eade8-4f8f-4d4b-a1cf-1f7d7739e2d7 | | image | test-xulang1g (7dbda9ff-b13f-410b-8152-2c27c6bba4b6) | | key_name | hzb-keypaire-priv | | metadata | {"hypervisor_type": "qemu", "isvm": "1"} | | name | hzb-boot-test | | os-extended-volumes:volumes_attached | [] | | progress | 0 | | security_groups | fdbffd7a-5f5e-413a-8d78-5f26bdc23c4e | | status | BUILD | | tenant_id | 26a8e1feb372493d831c19d4d9e28d73 | | updated | 2018-10-26T08:01:41Z | | user_id | b735c8ddd7b54e228e8c068533a0de69 | +--------------------------------------+-------------------------------------------------------------------------------------------------------------------+
2、停止虚拟机
[root@cc07 ~]# nova stop hzb-test Request to stop server hzb-test has been accepted. [root@cc07 ~]# nova list +--------------------------------------+----------+---------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+---------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | SHUTOFF | - | Shutdown | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+---------+------------+-------------+-------------------------+
3、启动虚拟机
[root@cc07 ~]# nova start hzb-test Request to start server hzb-test has been accepted. [root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+--------+------------+-------------+-------------------------+
4、挂起虚拟机
[root@cc07 ~]# nova suspend hzb-test [root@cc07 ~]# nova list +--------------------------------------+----------+-----------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+-----------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | SUSPENDED | - | Shutdown | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+-----------+------------+-------------+-------------------------+
5、恢复挂起虚拟机
[root@cc07 ~]# nova resume hzb-test [root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+--------+------------+-------------+-------------------------+
6、暂停虚拟机
[root@cc07 ~]# nova pause hzb-test
[root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | PAUSED | - | Paused | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+--------+------------+-------------+-------------------------+
7、恢复暂停
[root@cc07 ~]# nova unpause hzb-test
[root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+--------+------------+-------------+-------------------------+
8、重启虚拟机
[root@cc07 ~]# nova reboot hzb-test Request to reboot server hzb-test (bf681562-161c-4d3c-8844-fed602903c6e) has been accepted. [root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+-------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65 | +--------------------------------------+----------+--------+------------+-------------+-------------------------+
9、挂载数据卷
usage: nova volume-attach <server> <volumeId>
[root@cc07 ~]# nova volume-attach hzb-test 48e23242-6ce6-486f-8841-417693b5f37c +----------+--------------------------------------+ | Property | Value | +----------+--------------------------------------+ | device | /dev/vdb | | id | 48e23242-6ce6-486f-8841-417693b5f37c | | serverId | bf681562-161c-4d3c-8844-fed602903c6e | | volumeId | 48e23242-6ce6-486f-8841-417693b5f37c | +----------+--------------------------------------+
10、查看虚拟机挂载的所有数据卷
nova volume-attachments <server>
[root@cc07 ~]# nova volume-attachments hzb-test +--------------------------------------+----------+--------------------------------------+--------------------------------------+ | ID | DEVICE | SERVER ID | VOLUME ID | +--------------------------------------+----------+--------------------------------------+--------------------------------------+ | 48e23242-6ce6-486f-8841-417693b5f37c | /dev/vdb | bf681562-161c-4d3c-8844-fed602903c6e | 48e23242-6ce6-486f-8841-417693b5f37c | +--------------------------------------+----------+--------------------------------------+--------------------------------------+
11、虚拟机卸载数据卷
nova volume-detach hzb-test 48e23242-6ce6-486f-8841-417693b5f37c
12、虚拟机挂载网卡
usage: nova interface-attach [--port-id <port_id>] [--net-id <net_id>] [--fixed-ip <fixed_ip>] <server>
[root@cc07 ~]# neutron net-list|grep hzb | 0575cad8-38b0-4d0a-833c-86779f4f43bb | hzb-pub1 | | | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | hzb-net | d0ef28a3-68fe-4b66-bb66-e723825fab82 10.23.2.0/24 | | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | hzb-privnet1 | 0ba19972-c2f6-4cbb-80f6-a642a2f698a8 10.30.0.0/24 |
[root@cc07 ~]# nova interface-attach --net-id 7856011d-32e7-42a7-887d-2f9dc3c730e7 hzb-test [root@cc07 ~]# nova list +--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+ | bf681562-161c-4d3c-8844-fed602903c6e | hzb-test | ACTIVE | - | Running | hzb-privnet1=10.30.0.65; hzb-net=10.23.2.4 | +--------------------------------------+----------+--------+------------+-------------+--------------------------------------------+
可以绑多个网卡
13、查看虚拟机的网卡信息
[root@cc07 ~]# nova interface-list hzb-test +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | Port State | Port ID | Net ID | IP addresses | MAC Addr | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 | | ACTIVE | 441965ed-bbc0-4ec8-8498-d292c5649881 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.4 | fa:16:3e:7b:6c:6a | | ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff | | ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b | | ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+
14、卸载虚拟机的网卡
usage: nova interface-detach <server> <port_id>
卸载网卡,必须指定port-id,因为同一个虚拟机的可能绑定了同一个子网的多个ip,每个ip和port是一一对应的。
[root@cc07 ~]# nova interface-detach hzb-test 441965ed-bbc0-4ec8-8498-d292c5649881 [root@cc07 ~]# nova interface-list hzb-test +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | Port State | Port ID | Net ID | IP addresses | MAC Addr | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 | | ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff | | ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b | | ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+
15、绑定浮动ip
usage: nova floating-ip-associate [--fixed-address <fixed_address>] <server> <address>
1)看有哪些可用的浮动IP
(nova-api)[root@cc07 nova]# nova floating-ip-list +--------------------------------------+---------------+-----------+----------+-----------+ | Id | IP | Server Id | Fixed IP | Pool | +--------------------------------------+---------------+-----------+----------+-----------+ | 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 | | bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | - | - | vlan_1612 | +--------------------------------------+---------------+-----------+----------+-----------+
2)将虚拟机hzb-test的10.33.0.66这个固定ip绑定到浮动IP172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-associate --fixed-address=10.33.0.66 hzb-test 172.16.12.218 ERROR (BadRequest): Unable to associate floating IP 172.16.12.218 to fixed IP 10.33.0.66 for instance bf681562-161c-4d3c-8844-fed602903c6e. Error: External network 519386bf-542a-4769-ac87-1b15ab96550c is not reachable from subnet d0ef28a3-68fe-4b66-bb66-e723825fab82. Therefore, cannot associate Port f615713a-1551-48e1-9d0e-f250fb082607 with a Floating IP. Neutron server returns request_ids: ['req-c59a64e0-9477-4bcc-a34b-bc5cd90fc94a'] (HTTP 400) (Request-ID: req-f28973b4-a31b-48ee-b137-806a7d6420a0)
上面报错是由于两个网段不能直接访问,可以用一个路由把他们绑定起来。
创建一个路由
(nova-api)[root@cc07 nova]# neutron router-create hzb-route-test Created a new router: +-------------------------+--------------------------------------+ | Field | Value | +-------------------------+--------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | | | description | | | distributed | False | | external_gateway_info | | | ha | False | | id | f1a45281-68a1-481a-b62a-ab735c8c2e8e | | name | hzb-route-test | | routes | | | rx | -1 | | status | ACTIVE | | tenant_id | 26a8e1feb372493d831c19d4d9e28d73 | | tx | -1 | +-------------------------+--------------------------------------+
将路由绑定到外部网络也就是刚才的浮动ip所在的网络
(nova-api)[root@cc07 nova]# neutron router-gateway-set f1a45281-68a1-481a-b62a-ab735c8c2e8e vlan_1612 Set gateway for router f1a45281-68a1-481a-b62a-ab735c8c2e8e (nova-api)[root@cc07 nova]# neutron router-show hzb-route-test +-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | Field | Value | +-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+ | admin_state_up | True | | availability_zone_hints | | | availability_zones | nova | | description | | | distributed | False | | external_gateway_info | {"network_id": "519386bf-542a-4769-ac87-1b15ab96550c", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "732a6431-e412-4db6-a5ec-bd9913699bab", "ip_address": "172.16.12.235"}]} | | ha | False | | id | f1a45281-68a1-481a-b62a-ab735c8c2e8e | | name | hzb-route-test | | routes | | | rx | -1 | | status | ACTIVE | | tenant_id | 26a8e1feb372493d831c19d4d9e28d73 | | tx | -1 | +-------------------------+-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
将路由绑定子网(hzb-sub-net2)也就是10.33.0.66所在的子网
(nova-api)[root@cc07 nova]# neutron router-interface-add f1a45281-68a1-481a-b62a-ab735c8c2e8e hzb-sub-net2 Added interface 3ad406ae-4c83-45d9-9d92-d1ac6d711594 to router f1a45281-68a1-481a-b62a-ab735c8c2e8e.
现在开始再次:虚拟机hzb-test的10.33.0.66这个固定ip绑定到浮动IP172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-associate --fixed-address=10.33.0.66 hzb-test 172.16.12.218
(nova-api)[root@cc07 nova]# nova floating-ip-list +--------------------------------------+---------------+--------------------------------------+------------+-----------+ | Id | IP | Server Id | Fixed IP | Pool | +--------------------------------------+---------------+--------------------------------------+------------+-----------+ | 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 | | bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | bf681562-161c-4d3c-8844-fed602903c6e | 10.33.0.66 | vlan_1612 | +--------------------------------------+---------------+--------------------------------------+------------+-----------+
16、解绑浮动IP
usage: nova floating-ip-disassociate <server> <address>
(nova-api)[root@cc07 nova]# nova floating-ip-disassociate hzb-test 172.16.12.218 (nova-api)[root@cc07 nova]# nova floating-ip-list +--------------------------------------+---------------+-----------+----------+-----------+ | Id | IP | Server Id | Fixed IP | Pool | +--------------------------------------+---------------+-----------+----------+-----------+ | 7bb93e28-bf36-4791-aebf-94fafa27d5fa | 172.16.12.219 | - | - | vlan_1612 | | bc258041-139e-4151-98c1-a6ba7960ad59 | 172.16.12.218 | - | - | vlan_1612 | +--------------------------------------+---------------+-----------+----------+-----------+
17、列出虚拟机的安全组
usage: nova list-secgroup <server>
(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test +--------------------------------------+---------+------------------------+ | Id | Name | Description | +--------------------------------------+---------+------------------------+ | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | +--------------------------------------+---------+------------------------+
上面有4个安全组,是因为虚拟机hzb-test绑定了4个ip,每个ip默认绑定了一个default安全组
18、绑定安全组
(nova-api)[root@cc07 nova]# nova add-secgroup hzb-test boshen-sg2 (nova-api)[root@cc07 nova]# nova list-secgroup hzb-test +--------------------------------------+------------+------------------------+ | Id | Name | Description | +--------------------------------------+------------+------------------------+ | db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx | | db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx | | db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx | | db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | +--------------------------------------+------------+------------------------+
上面的方法会给所有的ip都应用了安全组,boshen-sg2
如果我们只是想给具体的某一个ip应用安全组,那么只能更新具体的port
(nova-api)[root@cc07 nova]# nova list-secgroup hzb-test +--------------------------------------+---------+------------------------+ | Id | Name | Description | +--------------------------------------+---------+------------------------+ | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | +--------------------------------------+---------+------------------------+ (nova-api)[root@cc07 nova]# nova interface-list hzb-test +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | Port State | Port ID | Net ID | IP addresses | MAC Addr | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+ | ACTIVE | 18d5e605-d058-4f27-95db-723836d66eb5 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.33.0.66 | fa:16:3e:db:33:57 | | ACTIVE | 5f51e282-a65d-4277-8d18-e4ed3618cbef | 2193270e-c4c9-469c-99ae-87ebdb4ba535 | 10.30.0.65 | fa:16:3e:06:40:ff | | ACTIVE | a0152728-08b5-4c95-9206-a4439ca19453 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.6 | fa:16:3e:7d:03:5b | | ACTIVE | f615713a-1551-48e1-9d0e-f250fb082607 | 7856011d-32e7-42a7-887d-2f9dc3c730e7 | 10.23.2.5 | fa:16:3e:94:b0:4c | +------------+--------------------------------------+--------------------------------------+--------------+-------------------+
现在我们将安全组boshen-sg2应用到10.23.2.5这个port上
(nova-api)[root@cc07 nova]# neutron port-update --security-group=boshen-sg2 f615713a-1551-48e1-9d0e-f250fb082607 Updated port: f615713a-1551-48e1-9d0e-f250fb082607 (nova-api)[root@cc07 nova]# nova list-secgroup hzb-test +--------------------------------------+------------+------------------------+ | Id | Name | Description | +--------------------------------------+------------+------------------------+ | db7599e0-be38-4955-93d9-ed20f2a8a298 | boshen-sg2 | xxxxxxxxx | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | +--------------------------------------+------------+------------------------+
19、卸载安全组
(nova-api)[root@cc07 nova]# nova remove-secgroup hzb-test boshen-sg2 (nova-api)[root@cc07 nova]# nova list-secgroup hzb-test +--------------------------------------+---------+------------------------+ | Id | Name | Description | +--------------------------------------+---------+------------------------+ | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | | 6a5dd6bb-600f-49bb-b37b-91059ff4074b | default | Default security group | +--------------------------------------+---------+------------------------+
上面的方法会给所有的ip都卸载了安全组,boshen-sg2
20、查看vnc
(nova-api)[root@cc07 nova]# nova get-vnc-console hzb-test novnc +-------+----------------------------------------------------------------------------------+ | Type | Url | +-------+----------------------------------------------------------------------------------+ | novnc | http://172.16.12.7:6080/vnc_auto.html?token=cf81ba3f-3103-4f49-9b9c-85a910f74848 | +-------+----------------------------------------------------------------------------------+
21、resize(通过设置不同的flavor实现的)
nova resize hzb-test vcpus_1_cpu_cores_1_cpu_sockets_1_ram_2048_disk_60_eph_0
22、lock/unlock
lock后,可以防止对其进行其他误操作
nova lock hzb-test nova unlock hzb-test
23、创建快照
其工作原理是对 instance的镜像文件(系统盘)进行全量备份,生成一个类型为 snapshot的 image,然后将其保存到 Glance上。快照之前,最好先pause虚拟机
nova create-image hzb-test hzb-test-snapshot
24、重建
nova rebuild hzb-test-snapshot
25、shelve/unshelve
1)、shelve 将 instance 保存到 Glance 上,之后可通过 Unshelve 重新部署。 Shelve 操作成功后,instance 会从原来的计算节点上删除。
[root@cc07 ~]# nova shelve h001 [root@cc07 ~]# nova list +--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+ | 4c46b8fd-dfff-4971-83c7-6ac8e46b99e9 | h001 | ACTIVE | shelving_image_pending_upload | Running | hzb-privnet1=10.30.0.66 | +--------------------------------------+------+--------+-------------------------------+-------------+-------------------------+
[root@cc07 ~]# glance image-list|grep h001 | 32e9c33f-ae53-4ff2-9885-1f3909a7b094 | h001-shelved |
会自动生成镜像h001-shelved
2)unshelve, 会重新选择节点部署,可能不是原节点。
usage: nova unshelve <server>
26,migrate/live-migration
1)、migrate,将 instance 迁移到其他计算节点。 迁移之前,instance 会被 Shut Off,支持共享存储和非共享存储。不支持指定迁移到哪个计算节点
usage: nova migrate [--poll] <server> Migrate a server. The new host will be selected by the scheduler. Positional arguments: <server> Name or ID of server. Optional arguments: --poll Report the server migration progress until it completes.
nova migrate cc64cd70-a4d2-4850-aec9-dd9147866956
2)live-migration,能不停机在线地迁移 instance,保证了业务的连续性。也支持共享存储和非共享存储(Block Migration)
usage: nova live-migration [--block-migrate] [--force] <server> [<host>] Migrate running server to a new machine. Positional arguments: <server> Name or ID of server. <host> Destination host name. If no host is specified, the scheduler will choose one. Optional arguments: --block-migrate True in case of block_migration. (Default=auto:live_migration) (Supported by API versions '2.25' - '2.latest') --force Force a live-migration by not verifying the provided destination host by the scheduler. WARNING: This could result in failures to actually live migrate the server to the specified host. It is recommended to either not specify a host so that the scheduler will pick one, or specify a host without --force. (Supported by API versions '2.30' - '2.latest')
nova live-migration cc64cd70-a4d2-4850-aec9-dd9147866956 compute.chinacloud.com