[toc]
rocky版使用命令启动一个实例
1.创建网络
openstack network create 创建网络 --shared 创建共享网络 --provider-physical-network 指定物理网卡名称 provider网络标签 --provider-network-type 指定网络类型 flat是桥接网络 pptfz是网络名称
openstack network create --share --external \
--provider-physical-network provider \
--provider-network-type flat pptfz
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2020-05-26T12:41:05Z |
| description | |
| dns_domain | None |
| id | 26fa223a-231f-419a-a387-750d6eabf3fe |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | None |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | pptfz |
| port_security_enabled | True |
| project_id | 108d3fecb61840e3818f694c69c3ec4a |
| provider:network_type | flat |
| provider:physical_network | provider |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2020-05-26T12:41:05Z |
+---------------------------+--------------------------------------+
2.创建一个子网
创建一个名为pptfz的子网,依据的网络是第一步中创建的网络pptfz
openstack subnet create --network pptfz \
--allocation-pool start=10.0.0.101,end=10.0.0.250 \
--dns-nameserver 223.5.5.5 --gateway 10.0.0.1 \
--subnet-range 10.0.0.0/24 pptfz
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| allocation_pools | 10.0.0.101-10.0.0.250 |
| cidr | 10.0.0.0/24 |
| created_at | 2020-05-26T12:45:13Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 10.0.0.1 |
| host_routes | |
| id | ad3d939a-866f-4b2b-9321-29e98fe64f26 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | pptfz |
| network_id | 26fa223a-231f-419a-a387-750d6eabf3fe |
| project_id | 108d3fecb61840e3818f694c69c3ec4a |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2020-05-26T12:45:13Z |
+-------------------+--------------------------------------+
3.创建云主机的硬件配置方案
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
#参数说明
flavor 硬件配置方案
--id 指定编号
--vcpus cpu个数
--ram 内存(单位:M)
--disk 磁盘(单位:G)
m1.nano 方案名称
#创建其余配置
openstack flavor create --id 1 --vcpus 1 --ram 512 --disk 5 m1.tiny1
openstack flavor create --id 2 --vcpus 1 --ram 1024 --disk 5 m1.tiny2
openstack flavor create --id 3 --vcpus 1 --ram 2048 --disk 10 m1.small
openstack flavor create --id 4 --vcpus 2 --ram 4096 --disk 20 m1.medium
4.创建密钥对
ssh-keygen -q -N "" -f ~/.ssh/id_rsa && \
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | 38:66:ea:65:c2:4d:50:3c:ee:b1:86:a2:2a:af:70:03 |
| name | mykey |
| user_id | a0d3db84d1984a24ac6ba213525fe382 |
+-------------+-------------------------------------------------+
//参数说明
ssh-keygen -q -N "" -f ~/.ssh/id_rsa 非交互式生成密钥对
-q 安静模式
-N 指定加密密码
-f 密钥对存放位置
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey 上传密钥对
#验证密钥对的添加
openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 38:66:ea:65:c2:4d:50:3c:ee:b1:86:a2:2a:af:70:03 |
+-------+-------------------------------------------------+
5.创建安全组规则
默认情况下,default安全组适用于所有实例,并包括拒绝对实例进行远程访问的防火墙规则。
许可ICMP(ping)
openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2020-05-26T12:53:35Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 838f15e5-7b23-42e3-aadc-a16887830efc |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 108d3fecb61840e3818f694c69c3ec4a |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 04ea403e-40c7-4881-a8d7-e62825e6509c |
| updated_at | 2020-05-26T12:53:35Z |
+-------------------+--------------------------------------+
允许安全外壳(SSH)访问
openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2020-05-26T12:53:49Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 5e7a6e16-14c7-4204-9651-52e0559a2a92 |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 108d3fecb61840e3818f694c69c3ec4a |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 04ea403e-40c7-4881-a8d7-e62825e6509c |
| updated_at | 2020-05-26T12:53:49Z |
+-------------------+--------------------------------------+
6.启动一个实例
6.1 确定实例的选项
6.1.1 在控制器节点上,demo获取凭据以访问仅用户的CLI命令
source /opt/demo-openrc
6.1.2 指定虚拟资源分配配置文件,其中包括处理器,内存和存储,列出可用的规格
openstack flavor list
+----+-----------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+------+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
| 1 | m1.tiny1 | 512 | 5 | 0 | 1 | True |
| 2 | m1.tiny2 | 1024 | 5 | 0 | 1 | True |
| 3 | m1.small | 2048 | 10 | 0 | 1 | True |
| 4 | m1.medium | 4096 | 20 | 0 | 2 | True |
+----+-----------+------+------+-----------+-------+-----------+
6.1.3 列出可用的镜像
openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 94c96aab-d0b3-4340-835c-9a97108d0554 | cirros | active |
+--------------------------------------+--------+--------+
6.1.4 列出可用的网络
openstack network list
+--------------------------------------+-------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+-------+--------------------------------------+
| 26fa223a-231f-419a-a387-750d6eabf3fe | pptfz | ad3d939a-866f-4b2b-9321-29e98fe64f26 |
+--------------------------------------+-------+--------------------------------------+
6.1.5 列出可用的安全组
openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| e65b8ec1-3544-414c-94d0-2c87dd6eadbf | default | Default security group | 5b9ccd294c364cc68747df85f9598c89 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
6.2 启动一个实例
官网启动示例
openstack server create --flavor m1.nano --image cirros \
--nic net-id=PROVIDER_NET_ID --security-group default \
--key-name mykey provider-instance
启动实例过程中需要用到net-id,因此使用neutron net-list|awk 'NR==4{print $2}'获取
openstack server create --flavor m1.nano --image cirros \
--nic net-id=`neutron net-list|awk 'NR==4{print $2}'` --security-group default \
--key-name mykey pptfz
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+-----------------------------+-----------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | jVR6on2EN7AX |
| config_drive | |
| created | 2020-05-26T13:08:14Z |
| flavor | m1.nano (0) |
| hostId | |
| id | da4a32c7-e51e-4de0-b8a9-c0533db7e6fd |
| image | cirros (94c96aab-d0b3-4340-835c-9a97108d0554) |
| key_name | mykey |
| name | pptfz |
| progress | 0 |
| project_id | 5b9ccd294c364cc68747df85f9598c89 |
| properties | |
| security_groups | name='e65b8ec1-3544-414c-94d0-2c87dd6eadbf' |
| status | BUILD |
| updated | 2020-05-26T13:08:14Z |
| user_id | 82d945a092b44988af8d6e02ba2cc15c |
| volumes_attached | |
+-----------------------------+-----------------------------------------------+
查看示例启动状态
openstack server list
+--------------------------------------+-------+--------+------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------+--------+------------------+--------+---------+
| 3191793e-055d-4417-bab5-df6c6574aaed | pptfz | ACTIVE | pptfz=10.0.0.113 | cirros | m1.nano |
+--------------------------------------+-------+--------+------------------+--------+---------+
创建成功后会在web界面展示
点击控制台登陆虚拟机
⚠️点击控制台后提示找不到controller地址,因为没有做hosts解析,需要先做hosts解析
windows
C:\Windows\System32\drivers\etc\hosts
10.0.0.11 controller
mac
/etc/hosts
10.0.0.11 controller
解析完后刷新浏览器,会看到默认用户是cirros,密码是gocubsgo
查看主机名、IP地址、检查是否能联网
