Openstack项目实训

项目要求:

1、生效管理员环境变量并创建镜像,要求名为Centos7.4(配置所需文件已存在root用户家目录下)

2、创建租户并设置租户配额,具体要求如下:

(1)项目名称:cloud

(2)管理用户:user1 用户密码:123456

(3)配额:虚拟内核10个、内存10G、实例10个,其他配置默认。

(4)编写user1环境变量

3、创建云主机类型,要求如下:

(1)名称:my_flavor、vcpu:1个、ram:512M、磁盘:20G

4、创建共享网络和私有网络,要求如下:

(1)共享网络名:publict,由admin用户创建,并设置共享

(2)创建共享网络子网:sub_public,网段为本地eth0

(3)私有网络名:private,由user1用户创建

(4)创建私有网络子网:sub_private,网段为192.168.10网段

5、创建路由,并关联内外网,要求为:

(1)名称:my_router

(2)设置外部网关

(3)设置内部接口

6、创建安全组,要求为:

(1)名称:my_sec

(2)开放22号端口

(3)开放80号端口

7、生成密钥对,要求为:

(1)名称:my_key

(2)密钥需保存在本地:/root/key1.pem

(3)设置密钥文件为仅可读

8、发放云主机,并分配浮动IP,要求如下:

(1)使用镜像:Centos7.4、使用云主机类型:my_flavor、使用网络:private、使用安全组:my_sec、使用密钥对:my_key

(2)生成浮动IP

(3)给云主机绑定浮动IP

9、远程连接云主机,并查看网络信息

一、虚拟机信息

主机名IP地址网卡网关DNS虚拟网卡操作系统
openstack10.0.15.100VM net810.0.15.2114.114.114.114br-excentos7.4

二、项目环境介绍

1、Openstack的版本为: Stein

2、Openstack为all in one安装

3、Openstack原有的网络和路由已删除

4、Openstack原有的镜像已删除

三、项目实施

1、生效管理员环境变量并创建镜像,要求名为Centos7.4(配置所需文件已存在控制节点root用户家目录下)

[root@openstack ~]# ls
admin.openrc  anaconda-ks.cfg  centos7.qcow2  packstack-answers-20220307-042836.txt
[root@openstack ~]# source admin.openrc
[root@openstack ~]# openstack image create --file ~/centos7.qcow2 --disk-format qcow2 --public centos7.4


[root@openstack ~]# openstack image list
+--------------------------------------+-----------+--------+
| ID                                   | Name      | Status |
+--------------------------------------+-----------+--------+
| 635d5cf2-76ec-400f-b08f-82bd548bd0e3 | centos7.4 | active |
+--------------------------------------+-----------+--------+

2、创建租户并设置租户配额

(1)项目名称:cloud

[root@openstack ~]# openstack project create --enable cloud


[root@openstack ~]# openstack project list 
+----------------------------------+----------+
| ID                               | Name     |
+----------------------------------+----------+
| 105839a13a764e7ea6780217616db0fc | demo     |
| 3939352a876345b78e41272c092ad694 | cloud    |
| dc7c1b93e8ac443c9896b57bbe1df29a | services |
| ee0645b846e1478092efec1eae850174 | admin    |
+----------------------------------+----------+

(2)管理用户:user1 用户密码:123456

[root@openstack ~]# openstack user create   --project cloud --password 123456 --enable  user01

[root@openstack ~]# openstack user list  | grep user01
| 58832fa80d5b4154accadd2e26fcf569 | user01     |

[root@openstack ~]# openstack role add --project cloud  --user user01 admin

(3)配额:虚拟内核10个、内存10G、实例10个,其他配置默认。

[root@openstack ~]# openstack quota set --ram 10240 --instances 10 --cores 10 cloud

[root@openstack ~]# openstack quota show cloud  | grep -E  "ram|instances|cores"
| cores                | 10                                                                                                                                                                                          |
| instances            | 10                                                                                                                                                                                          |
| ram                  | 10240                                                                                                                                                                                       |

(4)编写user1环境变量

[root@openstack ~]# cp admin.openrc user01.openrc
[root@openstack ~]# vim user01.openrc 
unset OS_SERVICE_TOKEN
export OS_USERNAME=user01
export OS_PASSWORD=123456
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://10.0.15.100:5000/v3

export OS_PROJECT_NAME=cloud
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3

3、创建云主机类型

(1)名称:my_flavor、vcpu:1个、ram:512M、磁盘:20G

[root@openstack ~]# openstack flavor create --ram 2048 --vcpus 1 --disk 10 --public  my_flavor

[root@openstack ~]# openstack flavor list 
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| ID                                   | Name      |   RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| 1                                    | m1.tiny   |   512 |    1 |         0 |     1 | True      |
| 2                                    | m1.small  |  2048 |   20 |         0 |     1 | True      |
| 3                                    | m1.medium |  4096 |   40 |         0 |     2 | True      |
| 4                                    | m1.large  |  8192 |   80 |         0 |     4 | True      |
| 5                                    | m1.xlarge | 16384 |  160 |         0 |     8 | True      |
| e183b92e-e16d-4eeb-9f5d-3a3f6635e4f8 | my_flavor |  2048 |   10 |         0 |     1 | True      |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+

4、创建共享网络和私有网络

(1)共享网络名:publict,由admin用户创建,并设置共享

#查看物理网络类型
[root@openstack ~]# grep type_drivers /etc/neutron/plugin.ini 
type_drivers=geneve,flat

#显示网络类型为flat

#查看物理网络名称

#all in one需查看家目录下的自动应答文件
[root@openstack ~]# cat packstack-answers-20220307-042836.txt | grep br-ex | grep -v '#'
CONFIG_NEUTRON_L3_EXT_BRIDGE=br-ex
CONFIG_NEUTRON_OVS_BRIDGE_MAPPINGS=extnet:br-ex
CONFIG_NEUTRON_OVN_BRIDGE_MAPPINGS=extnet:br-ex
		#显示网络名称为extnet

#非all in one查看
[root@openstack ~]# grep ^flat /etc/neutron/plugin.ini 
flat_networks=*
		#在*的地方会显示物理网络名称


[root@openstack ~]# openstack --os-username admin network create  --external --enable --share --provider-network-type flat --provider-physical-network extnet public

[root@openstack ~]# openstack network list 
+--------------------------------------+--------+---------+
| ID                                   | Name   | Subnets |
+--------------------------------------+--------+---------+
| aa7035f7-9ac3-453d-acd9-e6c31516bf3a | public |         |
+--------------------------------------+--------+---------+

(2)创建共享网络子网:sub_public,网段为本地eth0

[root@openstack ~]# hostname -I
10.0.15.100 
[root@openstack ~]# openstack subnet create --subnet-range 10.0.15.0/24 --gateway 10.0.0.2 --network public --dns-nameserver 114.114.114.114 --allocation-pool start=10.0.15.151,end=10.0.15.200 --dhcp sub_public

[root@openstack ~]# openstack subnet list
+--------------------------------------+------------+--------------------------------------+--------------+
| ID                                   | Name       | Network                              | Subnet       |
+--------------------------------------+------------+--------------------------------------+--------------+
| 6cd9918a-3f20-40de-b224-3e871fccdd69 | sub_public | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | 10.0.15.0/24 |
+--------------------------------------+------------+--------------------------------------+--------------+

(3)私有网络名:private,由user1用户创建

[root@openstack ~]# source user01.openrc 
[root@openstack ~]# openstack --os-username user01 network create   --enable private


[root@openstack ~]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID                                   | Name    | Subnets                              |
+--------------------------------------+---------+--------------------------------------+
| 21f72db1-71bd-46ac-9095-39bb283f5c30 | private |                                      |
| aa7035f7-9ac3-453d-acd9-e6c31516bf3a | public  | 6cd9918a-3f20-40de-b224-3e871fccdd69 |
+--------------------------------------+---------+--------------------------------------+

(4)创建私有网络子网:sub_private,网段为192.168.10网段

[root@openstack ~]# openstack subnet create --subnet-range 192.168.10.0/24 --gateway 192.168.10.254 --network private --dns-nameserver 8.8.8.8 --allocation-pool start=192.168.10.151,end=192.168.10.200 --dhcp sub_private
[root@openstack ~]# openstack subnet list
+--------------------------------------+-------------+--------------------------------------+-----------------+
| ID                                   | Name        | Network                              | Subnet          |
+--------------------------------------+-------------+--------------------------------------+-----------------+
| 6cd9918a-3f20-40de-b224-3e871fccdd69 | sub_public  | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | 10.0.15.0/24    |
| aa7a3c3d-13f1-478d-93f2-637edcf81da3 | sub_private | 21f72db1-71bd-46ac-9095-39bb283f5c30 | 192.168.10.0/24 |
+--------------------------------------+-------------+--------------------------------------+-----------------+

5、创建路由,并关联内外网

(1)名称:my_router

[root@openstack ~]# source admin.openrc 
[root@openstack ~]# openstack router create --enable  my_router

[root@openstack ~]# openstack router list
+--------------------------------------+-----------+--------+-------+----------------------------------+
| ID                                   | Name      | Status | State | Project                          |
+--------------------------------------+-----------+--------+-------+----------------------------------+
| 63893cfd-9ced-4c57-9e9e-d63feb302a7e | my_router | ACTIVE | UP    | ee0645b846e1478092efec1eae850174 |
+--------------------------------------+-----------+--------+-------+----------------------------------+

(2)设置外部网关

[root@openstack ~]# openstack router set --external-gateway public my_router

[root@openstack ~]# openstack router show my_router | grep external_gateway
| external_gateway_info   | {"network_id": "aa7035f7-9ac3-453d-acd9-e6c31516bf3a", "enable_snat": true, "external_fixed_ips": [{"subnet_id": "6cd9918a-3f20-40de-b224-3e871fccdd69", "ip_address": "10.0.15.172"}]}     |

(3)设置内部接口

[root@openstack ~]# openstack router add subnet my_router sub_private

[root@openstack ~]# openstack router show my_router | grep interfaces_info
| interfaces_info         | [{"subnet_id": "aa7a3c3d-13f1-478d-93f2-637edcf81da3", "ip_address": "192.168.10.254", "port_id": "b485de35-834b-4b2b-b94e-f7c3c91ca1fe"}] 

6、创建安全组

(1)名称:my_sec

[root@openstack ~]# openstack security group create my_sec

[root@openstack ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID                                   | Name    | Description            | Project                          | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| a6577879-9956-4181-8f31-ccff959c1413 | my_sec  | my_sec                 | ee0645b846e1478092efec1eae850174 | []   |
| eba0c99b-06ea-4b06-9e44-2e9125054faf | default | Default security group | ee0645b846e1478092efec1eae850174 | []   |
+--------------------------------------+---------+------------------------+----------------------------------+------+

(2)开放22号端口

[root@openstack ~]# openstack security group rule create --protocol tcp --dst-port 22  --ethertype IPv4 --ingress  my_sec
[root@openstack ~]# openstack security group rule list  my_sec
+--------------------------------------+-------------+-----------+------------+-----------------------+
| ID                                   | IP Protocol | IP Range  | Port Range | Remote Security Group |
+--------------------------------------+-------------+-----------+------------+-----------------------+
| 5552d1e6-f88c-4c60-a5cc-2ddbe733580f | tcp         | 0.0.0.0/0 | 22:22      | None                  |
| 77247a69-76bf-4573-9f4b-56ad51278d2f | None        | None      |            | None                  |
| a2c1ae71-4154-4b2d-b13d-f5d5723eb152 | None        | None      |            | None                  |
+--------------------------------------+-------------+-----------+------------+-----------------------+

(3)开放80号端口

[root@openstack ~]# openstack security group rule create --protocol tcp --dst-port 80  --ethertype IPv4 --ingress  my_sec
[root@openstack ~]# openstack security group rule list  my_sec
+--------------------------------------+-------------+-----------+------------+-----------------------+
| ID                                   | IP Protocol | IP Range  | Port Range | Remote Security Group |
+--------------------------------------+-------------+-----------+------------+-----------------------+
| 07f8fda9-59f7-44a9-9b18-231dac431aff | tcp         | 0.0.0.0/0 | 80:80      | None                  |
| 5552d1e6-f88c-4c60-a5cc-2ddbe733580f | tcp         | 0.0.0.0/0 | 22:22      | None                  |
| 77247a69-76bf-4573-9f4b-56ad51278d2f | None        | None      |            | None                  |
| a2c1ae71-4154-4b2d-b13d-f5d5723eb152 | None        | None      |            | None                  |
+--------------------------------------+-------------+-----------+------------+-----------------------+

7、生成密钥对

(1)名称:my_key

[root@openstack ~]# openstack keypair create my_key > ~/key1.pem

(2)密钥需保存在本地:/root/key1.pem

[root@openstack ~]# ll
total 644804
-rw-------  1 root root       309 Apr 11 01:58 admin.openrc
-rw-------. 1 root root      1304 Dec  4 17:36 anaconda-ks.cfg
-rw-rw-rw-  1 root root 660209664 Apr 11 02:07 centos7.qcow2
-rw-r--r--  1 root root      1676 Apr 11 05:08 key1.pem
-rw-------  1 root root     51753 Mar  7 04:35 packstack-answers-20220307-042836.txt
-rw-------  1 root root       266 Apr 11 04:50 user01.openrc

(3)设置密钥文件为仅可读

[root@openstack ~]# chmod 400 key1.pem 
[root@openstack ~]# ll
total 644804
-rw-------  1 root root       309 Apr 11 01:58 admin.openrc
-rw-------. 1 root root      1304 Dec  4 17:36 anaconda-ks.cfg
-rw-rw-rw-  1 root root 660209664 Apr 11 02:07 centos7.qcow2
-r--------  1 root root      1676 Apr 11 05:08 key1.pem
-rw-------  1 root root     51753 Mar  7 04:35 packstack-answers-20220307-042836.txt
-rw-------  1 root root       266 Apr 11 04:50 user01.openrc

8、发放云主机,并分配浮动IP

(1)使用镜像:Centos7.4、使用云主机类型:my_flavor、使用网络:private、使用安全组:my_sec、使用密钥对:my_key,名称:my_cloud

[root@openstack ~]# openstack server create   --image centos7.4 --key-name my_key --security-group my_sec --flavor my_flavor  --network private my_cloud

[root@openstack ~]# openstack server list
+--------------------------------------+----------+--------+----------+-----------+-----------+
| ID                                   | Name     | Status | Networks | Image     | Flavor    |
+--------------------------------------+----------+--------+----------+-----------+-----------+
| bb8e096e-36cf-4d3e-98cb-ebfb939e86ce | my_cloud | BUILD  |          | centos7.4 | my_flavor |
+--------------------------------------+----------+--------+----------+-----------+-----------+

(2)生成浮动IP

[root@openstack ~]# openstack floating ip create  public

[root@openstack ~]# openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID                                   | Floating IP Address | Fixed IP Address | Port | Floating Network                     | Project                          |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 5d464fbf-4a78-4137-ad03-369bbd923587 | 10.0.15.194         | None             | None | aa7035f7-9ac3-453d-acd9-e6c31516bf3a | ee0645b846e1478092efec1eae850174 |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+

(3)给云主机绑定浮动IP

[root@openstack ~]# openstack server add floating ip my_cloud 10.0.15.194

[root@openstack ~]# openstack server list 
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+
| ID                                   | Name     | Status | Networks                            | Image     | Flavor    |
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+
| 1785b04b-48e7-4357-8f61-62608d5a265b | my_cloud | ACTIVE | private=192.168.10.196, 10.0.15.194 | centos7.4 | my_flavor |
+--------------------------------------+----------+--------+-------------------------------------+-----------+-----------+

9、远程连接云主机,并查看网络信息

[root@openstack ~]# ssh -i key1.pem root@10.0.15.194
The authenticity of host '10.0.15.194 (10.0.15.194)' can't be established.
ECDSA key fingerprint is SHA256:K5V6gPGJUsE7aEqkSBSkMiANTmn7CM4SUXmgAarOsx0.
ECDSA key fingerprint is MD5:72:c8:27:3e:87:23:d2:2f:cf:e9:90:a3:18:14:5e:ba.
Are you sure you want to continue connecting (yes/no)? yes
Last login: Mon Apr 11 05:19:07 2022 from 10.0.15.100
[root@localhost ~]# ifconfig 
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1442
        inet 192.168.10.176  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 fe80::223e:8b13:21b6:ebbe  prefixlen 64  scopeid 0x20<link>
        ether fa:16:3e:69:46:9d  txqueuelen 1000  (Ethernet)
        RX packets 554  bytes 124065 (121.1 KiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 582  bytes 110921 (108.3 KiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING>  mtu 65536
        inet 127.0.0.1  netmask 255.0.0.0
        inet6 ::1  prefixlen 128  scopeid 0x10<host>
        loop  txqueuelen 1  (Local Loopback)
        RX packets 0  bytes 0 (0.0 B)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 0  bytes 0 (0.0 B)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0
  • 0
    点赞
  • 3
    收藏
    觉得还不错? 一键收藏
  • 0
    评论

“相关推荐”对你有帮助么?

  • 非常没帮助
  • 没帮助
  • 一般
  • 有帮助
  • 非常有帮助
提交
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值