2. 云主机发放
2.1 准备工作
N版后所有的命令前都需要加openstack
查看云主机
[root@openstack cinder]# nova --os-username bruce --os-tenant-name SCTCC --os-auth-url=http://192.168.19.201:5000/v2.0 --os-password 123 list
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
| b05035fa-0a6d-4ed3-abdf-8ec734d3db65 | Web02 | SHUTOFF | - | Shutdown | SCTCC=192.168.201.12 |
| 70e03e16-eda5-438b-8b56-26ede7d009b4 | web01 | SHUTOFF | - | Shutdown | SCTCC=192.168.200.11, 192.168.19.211 |
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
# password是用户的密码
[root@openstack cinder]# cinder --os-username bruce --os-tenant-name SCTCC --os-auth-url=http://192.168.19.201:5000/v2.0 --os-password 123 list
+----+--------+--------------+------+-------------+----------+-------------+
| ID | Status | Display Name | Size | Volume Type | Bootable | Attached to |
+----+--------+--------------+------+-------------+----------+-------------+
+----+--------+--------------+------+-------------+----------+-------------+
需要手工输入很多信息,很麻烦,可以使用变量的方式来将这些信息先导入,由于在做应答文件的时候选择了建立客户端(CONFIG_CLIENT_INSTALL=y),因此OpenStack部署好后在控制器服务器上是有一个环境变量文件的,可以以这个文件为基础来修改自己的:
[root@openstack ~]# ls
anaconda-ks.cfg keystonerc_admin
[root@openstack ~]# cp keystonerc_admin keystonerc_bruce
[root@openstack ~]# vim keystonerc_bruce
export OS_USERNAME=bruce
export OS_TENANT_NAME=SCTCC
export OS_PASSWORD=123
export OS_AUTH_URL=http://192.168.19.201:5000/v2.0/
export OS_REGION_NAME=RegionOne
export PS1='[\u@\h \W(keystone_bruce)]\$ '
[root@openstack ~]# . keystonerc_bruce
[root@openstack ~(keystone_bruce)]# nova list
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
| b05035fa-0a6d-4ed3-abdf-8ec734d3db65 | Web02 | SHUTOFF | - | Shutdown | SCTCC=192.168.201.12 |
| 70e03e16-eda5-438b-8b56-26ede7d009b4 | web01 | SHUTOFF | - | Shutdown | SCTCC=192.168.200.11, 192.168.19.211 |
+--------------------------------------+-------+---------+------------+-------------+--------------------------------------+
[root@openstack ~(keystone_bruce)]# glance image-list
+--------------------------------------+---------------+
| ID | Name |
+--------------------------------------+---------------+
| 9ded416e-e660-470b-9275-b3d96c9c8754 | CentOS7-64bit |
+--------------------------------------+---------------+
2.2 云主机发放流程
管理员操作
- 创建租户、创建用户、用户关联租户
[root@openstack glance(keystone_admin)]# keystone tenant-create --name SCTCC
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | |
| enabled | True |
| id | 668b9defbdf04ce3aeca8bae0e451e13 |
| name | SCTCC |
+-------------+----------------------------------+
[root@openstack glance(keystone_admin)]# keystone user-create --name bruce --pass 123 --tenant SCTCC
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 67dc3389c42648298bcabb7b60290ac7 |
| name | bruce |
| tenantId | 668b9defbdf04ce3aeca8bae0e451e13 |
| username | bruce |
+----------+----------------------------------+
- 上传镜像
需要先将镜像文件上传到本地
[root@openstack ~(keystone_admin)]# glance image-create --name rhel7-64bit --disk-format qcow2 --container-format bare --file /root/small.img --is-public True --progress
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 0f3dbcece8ea9d9c5b256e7b274250f0 |
| container_format | bare |
| created_at | 2023-07-31T14:16:27 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | 37cf0b4b-4911-4763-96bb-3e539b8f8b8a |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | rhel7-64bit |
| owner | f3cea6e5ecad42abae0aebdb7f5c3d06 |
| protected | False |
| size | 356777984 |
| status | active |
| updated_at | 2023-07-31T14:16:32 |
| virtual_size | None |
+------------------+--------------------------------------+
- 创建外部网络
[root@openstack ~(keystone_admin)]# neutron net-create --tenant-id admin --shared public
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | f1954bf7-de9e-45b1-8a66-8492df268bab |
| name | public |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 10 |
| router:external | False |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | admin |
+---------------------------+--------------------------------------+
# 创建时能设置的参数不多,因此需要创建后根据需要修改
[root@openstack ~(keystone_admin)]# neutron net-update --help
usage: neutron net-update [-h] [--request-format {json,xml}] NETWORK
Update network's information.
positional arguments:
NETWORK ID or name of network to update.
optional arguments:
-h, --help show this help message and exit
--request-format {json,xml}
The XML or JSON request format.
[root@openstack ~(keystone_admin)]# neutron net-update --router:external=True public
Updated network: public
[root@openstack ~(keystone_admin)]# neutron net-show public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | f1954bf7-de9e-45b1-8a66-8492df268bab |
| name | public |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 10 |
| router:external | True |
| shared | True |
| status | ACTIVE |
| subnets | |
| tenant_id | admin |
+---------------------------+--------------------------------------+
[root@openstack ~(keystone_admin)]# neutron subnet-create --name public-sub1 --allocation-pool start=192.169.19.121,end=192.168.19.130 --disable-dhcp public 192.168.19.0/24
Bad Request (HTTP 400) (Request-ID: req-094c4fd2-36c7-46dd-950e-7c6affcf7a31)
# 直接创建一直报错,因此先创建,再修改参数
[root@openstack ~(keystone_admin)]# neutron subnet-create --name public-sub1 public 192.168.19.0/24
Created a new subnet:
+-------------------+----------------------------------------------------+
| Field | Value |
+-------------------+----------------------------------------------------+
| allocation_pools | {"start": "192.168.19.2", "end": "192.168.19.254"} |
| cidr | 192.168.19.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.19.1 |
| host_routes | |
| id | 869ab04f-8c2b-433d-8fb1-d620619954e2 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | public-sub1 |
| network_id | f1954bf7-de9e-45b1-8a66-8492df268bab |
| tenant_id | f3cea6e5ecad42abae0aebdb7f5c3d06 |
+-------------------+----------------------------------------------------+
[root@openstack ~(keystone_admin)]# neutron subnet-update --allocation-pool start=192.168.19.151,end=192.168.19.160 public-sub1
Updated subnet: public-sub1
[root@openstack ~(keystone_admin)]# neutron subnet-update --disable-dhcp public-sub1
Updated subnet: public-sub1
[root@openstack ~(keystone_admin)]# neutron subnet-show public-sub1
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.19.151", "end": "192.168.19.160"} |
| cidr | 192.168.19.0/24 |
| dns_nameservers | |
| enable_dhcp | False |
| gateway_ip | 192.168.19.1 |
| host_routes | |
| id | 869ab04f-8c2b-433d-8fb1-d620619954e2 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | public-sub1 |
| network_id | f1954bf7-de9e-45b1-8a66-8492df268bab |
| tenant_id | f3cea6e5ecad42abae0aebdb7f5c3d06 |
+-------------------+------------------------------------------------------+
- 创建规格
[root@openstack glance(keystone_admin)]# nova flavor-create rhel.little auto 1024 10 2
+--------------------------------------+-------------+-----------+------+-----------+------+-------+-------------+-----------+
| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |
+--------------------------------------+-------------+-----------+------+-----------+------+-------+-------------+-----------+
| 7a063e20-6b58-4fe8-be10-39801a4cd9f9 | rhel.little | 1024 | 10 | 0 | | 2 | 1.0 | True |
+--------------------------------------+-------------+-----------+------+-----------+------+-------+-------------+-----------
租户操作
- 使用普通用户登陆
[root@openstack ~(keystone_admin)]# source keystonerc_bruce
# 创建子网
[root@openstack ~(keystone_bruce)]# neutron net-create private
Created a new network:
+-----------------+--------------------------------------+
| Field | Value |
+-----------------+--------------------------------------+
| admin_state_up | True |
| id | 2275ace3-0507-4f64-b971-8f42902c8ad2 |
| name | private |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+-----------------+--------------------------------------+
[root@openstack ~(keystone_bruce)]# neutron subnet-create --name tech01 private 192.168.119.0/24
Created a new subnet:
+-------------------+------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------+
| allocation_pools | {"start": "192.168.119.2", "end": "192.168.119.254"} |
| cidr | 192.168.119.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 192.168.119.1 |
| host_routes | |
| id | 83a2e014-aa76-4784-a355-86a6587d6672 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | tech01 |
| network_id | 2275ace3-0507-4f64-b971-8f42902c8ad2 |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+-------------------+------------------------------------------------------+
# 创建路由器并设置网关
[root@openstack ~(keystone_bruce)]# neutron router-create router01
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| external_gateway_info | |
| id | 39a24f01-150e-4ef7-b77c-01c24066b9d6 |
| name | router01 |
| routes | |
| status | ACTIVE |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+-----------------------+--------------------------------------+
[root@openstack ~(keystone_bruce)]# neutron router-gateway-set
usage: neutron router-gateway-set [-h] [--request-format {json,xml}]
[--disable-snat]
router-id external-network-id
neutron router-gateway-set: error: too few arguments
[root@openstack ~(keystone_bruce)]# neutron router-gateway-set router01 public
Set gateway for router router01
# 添加路由器的内部接口
[root@openstack ~(keystone_bruce)]# neutron router-interface-add router01 tech01
Added interface e7edab5f-c498-4a66-9b8f-9615ef90b229 to router router01.
# 创建安全组并添加规则
[root@openstack ~(keystone_bruce)]# neutron security-group-create SG01
[root@openstack ~(keystone_bruce)]# neutron security-group-rule-create --direction ingress --ethertype ipv4 --protocol tcp --port-range-min 22 --port-range-max 22 SG01
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | 102d556b-e18a-4b9e-be9e-2954c9307366 |
| port_range_max | 22 |
| port_range_min | 22 |
| protocol | tcp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | a776760a-b866-435d-ac3b-60623ebfe39b |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+-------------------+--------------------------------------+
[root@openstack ~(keystone_bruce)]# neutron security-group-rule-create --direction ingress --ethertype ipv4 --protocol icmp SG01
Created a new security_group_rule:
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| direction | ingress |
| ethertype | IPv4 |
| id | a575cca5-7151-4b0a-adaf-2a502e25f071 |
| port_range_max | |
| port_range_min | |
| protocol | icmp |
| remote_group_id | |
| remote_ip_prefix | |
| security_group_id | a776760a-b866-435d-ac3b-60623ebfe39b |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+-------------------+--------------------------------------+
# 创建密钥对并将密钥放在本地
[root@openstack ~(keystone_bruce)]# nova keypair-add key001 > key001.pem
[root@openstack ~(keystone_bruce)]# chmod 400 key001.pem
# 分配浮动IP
[root@openstack ~(keystone_bruce)]# neutron floatingip-create public
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 192.168.19.152 |
| floating_network_id | f1954bf7-de9e-45b1-8a66-8492df268bab |
| id | 1a2d0422-8ebf-4ee8-a8e3-c02a643520e8 |
| port_id | |
| router_id | |
| status | DOWN |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
+---------------------+--------------------------------------+
# 创建云主机
[root@openstack ~(keystone_bruce)]# nova boot --flavor rhel.little --image rhel7-64bit --key-name key001 --security-group SG01 --nic net-id=2275ace3-0507-4f64-b971-8f42902c8ad2 web01
+--------------------------------------+----------------------------------------------------+
| Property | Value |
+--------------------------------------+----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | qvF2XmH2pgzL |
| config_drive | |
| created | 2023-07-31T15:43:35Z |
| flavor | rhel.little (7a063e20-6b58-4fe8-be10-39801a4cd9f9) |
| hostId | |
| id | 3c33a084-a32f-4cc7-99ae-17aaa1b8dfdb |
| image | rhel7-64bit (37cf0b4b-4911-4763-96bb-3e539b8f8b8a) |
| key_name | key001 |
| metadata | {} |
| name | web01 |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | SG01 |
| status | BUILD |
| tenant_id | 668b9defbdf04ce3aeca8bae0e451e13 |
| updated | 2023-07-31T15:43:36Z |
| user_id | 67dc3389c42648298bcabb7b60290ac7 |
+--------------------------------------+----------------------------------------------------+
[root@openstack ~(keystone_bruce)]# nova list
+--------------------------------------+-------+--------+------------+-------------+-----------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+--------+------------+-------------+-----------------------+
| 3c33a084-a32f-4cc7-99ae-17aaa1b8dfdb | web01 | ACTIVE | - | Running | private=192.168.119.2 |
+--------------------------------------+-------+--------+------------+-------------+-----------------------+
# 分配浮动IP
[root@openstack ~(keystone_bruce)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+---------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+---------+
| 1a2d0422-8ebf-4ee8-a8e3-c02a643520e8 | | 192.168.19.152 | |
+--------------------------------------+------------------+---------------------+---------+
[root@openstack ~(keystone_bruce)]# neutron port-list
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| id | name | mac_address | fixed_ips |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
| 06121dd5-fae4-4846-8af7-10cdedd2f3b9 | | fa:16:3e:14:d1:83 | {"subnet_id": "83a2e014-aa76-4784-a355-86a6587d6672", "ip_address": "192.168.119.3"} |
| 6be31818-367e-453c-99de-5f24508ee419 | | fa:16:3e:54:8a:32 | {"subnet_id": "83a2e014-aa76-4784-a355-86a6587d6672", "ip_address": "192.168.119.2"} |
| e7edab5f-c498-4a66-9b8f-9615ef90b229 | | fa:16:3e:2f:5b:68 | {"subnet_id": "83a2e014-aa76-4784-a355-86a6587d6672", "ip_address": "192.168.119.1"} |
+--------------------------------------+------+-------------------+--------------------------------------------------------------------------------------+
[root@openstack ~(keystone_bruce)]# neutron floatingip-associate 1a2d0422-8ebf-4ee8-a8e3-c02a643520e8 6be31818-367e-453c-99de-5f24508ee419
Associated floating IP 1a2d0422-8ebf-4ee8-a8e3-c02a643520e8
# 登陆服务器成功
[root@openstack ~(keystone_bruce)]# ssh -i key001.pem cloud-user@192.168.19.152
The authenticity of host '192.168.19.152 (192.168.19.152)' can't be established.
ECDSA key fingerprint is 44:bb:59:5b:53:3e:f3:e5:aa:e1:ce:58:9e:f9:b3:ca.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.19.152' (ECDSA) to the list of known hosts.
[cloud-user@web01 ~]$
[root@openstack ~(keystone_bruce)]# nova list
+--------------------------------------+-------+--------+------------+-------------+---------------------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+-------+--------+------------+-------------+---------------------------------------+
| 3c33a084-a32f-4cc7-99ae-17aaa1b8dfdb | web01 | ACTIVE | - | Running | private=192.168.119.2, 192.168.19.152 |
+--------------------------------------+-------+--------+------------+-------------+---------------------------------------+
254
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
