1 您需要了解
- 本篇采用 OpenStack 命令行进行操作
- 模拟弹性公网 EIP 地址段规划 :采用和控制节点、计算节点同一网段即可,如:
192.168.100.0/24 - 模拟云主机私网 IP 地址段规划 :自定义网段,如:
192.168.88.0/24 - 开源 OpenStack 环境可参考下方
G033博文进行搭建 - 文章中所提到的
公网或外网或弹性IP均为模拟网段且含义相同,本环境特指192.168.100.0/24 - 发放云主机所使用的测试镜像
cirros-0.6.1-x86_64-disk.img可 点击这里 进行下载
- 相关文章
- G003-OS-LIN-RHEL-01 红帽 8.4 安装
- G033-OP-COA-OPEN-03 CentOS Stream 8 通过 Packstack 安装开源 OpenStack(V版)
2 创建租户及用户
加载 admin 管理员环境变量进行操作。通过 packstack 工具搭建好的环境,默认会在应答文件所在目录生成 admin 用户的环境变量文件 keystonerc_admin ,直接通过 source 加载即可。
[root@controller ~]# ls
anaconda-ks.cfg cloudcs.txt keystonerc_admin
[root@controller ~]# cat keystonerc_admin
unset OS_SERVICE_TOKEN
export OS_USERNAME=admin
export OS_PASSWORD='redhat'
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://192.168.100.128:5000/v3
export PS1='[\u@\h \W(keystone_admin)]\$ '
export OS_PROJECT_NAME=admin
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
#加载 admin 环境变量
[root@controller ~]# source keystonerc_admin
2.1 创建租户
[root@controller ~(keystone_admin)]# openstack project create henry
+-------------+----------------------------------+
| Field | Value |
+-------------+----------------------------------+
| description | |
| domain_id | default |
| enabled | True |
| id | 907d9d1e053d4977891bb52ae2889200 |
| is_domain | False |
| name | henry |
| options | {} |
| parent_id | default |
| tags | [] |
+-------------+----------------------------------+
[root@controller ~(keystone_admin)]# openstack project list
+----------------------------------+----------+
| ID | Name |
+----------------------------------+----------+
| 1d842745c80141609d2a19e432a33e03 | admin |
| 2899a5b164cb44db9a3aac538ece552c | cloudcs |
| 907d9d1e053d4977891bb52ae2889200 | henry |
| f275127160ea42f2b623718ec4ed959b | services |
+----------------------------------+----------+
2.2 创建用户
[root@controller ~(keystone_admin)]# openstack user create --password redhat --project henry henry
+---------------------+----------------------------------+
| Field | Value |
+---------------------+----------------------------------+
| default_project_id | 907d9d1e053d4977891bb52ae2889200 |
| domain_id | default |
| enabled | True |
| id | ea28ae0d22bd4a2e80d0e57a3ae3c8a6 |
| name | henry |
| options | {} |
| password_expires_at | None |
+---------------------+----------------------------------+
[root@controller ~(keystone_admin)]# openstack user list
+----------------------------------+------------+
| ID | Name |
+----------------------------------+------------+
| 8f9865cd2ed94cda8cb0fcd32ce5b63d | admin |
| e651a0473e18433ab57b7bf2d2efd17e | heat_admin |
| 9c57af61dd414d889bc2a66c6bb3c033 | glance |
| fb328e17d33446e29515dc2bf19dd149 | cinder |
| a68c4ed0045c42cf92ed79ebb2be5b19 | nova |
| 8ac5bbcf4bb04b0eabd539829ffe7e7f | placement |
| 07598e02027c48e3abaca7071f4c8afb | neutron |
| 6375085c76fc497cacc9a950c0c288d1 | swift |
| d96ef8a716284164b8fe903a1782a910 | heat |
| 65b89d637a5743f4a571cc9ab463c8f3 | heat-cfn |
| a7bd1b1dd64b4aa9be5db05b134aa3e1 | gnocchi |
| 431c4f7b9e894cb7a52706b9b6ca2544 | ceilometer |
| 2d567b202a254814a292e025161e2e65 | aodh |
| 2d37c2ed3c1a49f2b7a27d2ecb2f0d49 | cloudcs |
| ea28ae0d22bd4a2e80d0e57a3ae3c8a6 | henry |
+----------------------------------+------------+
2.3 绑定用户与项目
[root@controller ~(keystone_admin)]# openstack role list
+----------------------------------+------------------+
| ID | Name |
+----------------------------------+------------------+
| 149ab3faadbb4ebe96d9079c69b814b6 | ResellerAdmin |
| 617422dd8a884f45b801cd38f7cce3d8 | admin |
| b3f56d82df034af3bf78c815083bef98 | heat_stack_owner |
| b454d6e633de4474804b6e185f17492e | reader |
| bd412f4c774c4dd49547bfd87a1226ef | heat_stack_user |
| de4f865d5aa14ad2ac4da4f5ec61ab03 | _member_ |
| eed9ca0a33f540649badd3a663b06908 | member |
| f0c07640336c4e218c8a416a469b8d7c | SwiftOperator |
+----------------------------------+------------------+
[root@controller ~(keystone_admin)]# openstack role add --user henry --project henry _member_
3 创建规格
加载 admin 管理员环境变量进行操作。
[root@controller ~(keystone_admin)]# openstack flavor list
+----+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+----+-----------+-------+------+-----------+-------+-----------+
[root@controller ~(keystone_admin)]# openstack flavor create --ram 1024 --disk 1 --vcpus 1 m2.tiny
+----------------------------+--------------------------------------+
| Field | Value |
+----------------------------+--------------------------------------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 31c5b46c-18d5-461a-8ad6-d52eb9f488c5 |
| name | m2.tiny |
| os-flavor-access:is_public | True |
| properties | |
| ram | 1024 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+--------------------------------------+
[root@controller ~(keystone_admin)]# openstack flavor list
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 31c5b46c-18d5-461a-8ad6-d52eb9f488c5 | m2.tiny | 1024 | 1 | 0 | 1 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
4 创建镜像
加载 admin 管理员环境变量进行操作。
[root@controller ~(keystone_admin)]# ls /tmp/cirros-0.6.1-x86_64-disk.img
/tmp/cirros-0.6.1-x86_64-disk.img
[root@controller ~(keystone_admin)]# openstack image create --disk-format qcow2 --container-format bare --public --file /tmp/cirros-0.6.1-x86_64-disk.img centos
[root@controller ~(keystone_admin)]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 169cec1e-5c13-4d5e-bf55-52e640ed046d | centos | active |
+--------------------------------------+--------+--------+
5 创建网络(公网)
加载 admin 管理员环境变量进行操作。
- 创建公网
[root@controller ~(keystone_admin)]# openstack network create --provider-network-type flat --provider-physical-network extnet --external --share public
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-05-13T07:42:51Z |
| description | |
| dns_domain | None |
| id | 24206160-90bf-423d-9160-b0b247ec1df1 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1500 |
| name | public |
| port_security_enabled | True |
| project_id | 1d842745c80141609d2a19e432a33e03 |
| provider:network_type | flat |
| provider:physical_network | extnet |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2023-05-13T07:42:51Z |
+---------------------------+--------------------------------------+
[root@controller ~(keystone_admin)]# openstack network list
+--------------------------------------+--------+---------+
| ID | Name | Subnets |
+--------------------------------------+--------+---------+
| 24206160-90bf-423d-9160-b0b247ec1df1 | public | |
+--------------------------------------+--------+---------+
- 创建公网-子网
[root@controller ~(keystone_admin)]# openstack subnet create --subnet-range 192.168.100.0/24 --gateway 192.168.100.2 --dhcp --allocation-pool start=192.168.100.200,end=192.168.100.210 --network public public_sub
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 192.168.100.200-192.168.100.210 |
| cidr | 192.168.100.0/24 |
| created_at | 2023-05-13T08:01:48Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 192.168.100.2 |
| host_routes | |
| id | ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | public_sub |
| network_id | 24206160-90bf-423d-9160-b0b247ec1df1 |
| prefix_length | None |
| project_id | 1d842745c80141609d2a19e432a33e03 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2023-05-13T08:01:48Z |
+----------------------+--------------------------------------+
[root@controller ~(keystone_admin)]# openstack subnet list
+--------------------------------------+------------+--------------------------------------+------------------+
| ID | Name | Network | Subnet |
+--------------------------------------+------------+--------------------------------------+------------------+
| ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f | public_sub | 24206160-90bf-423d-9160-b0b247ec1df1 | 192.168.100.0/24 |
+--------------------------------------+------------+--------------------------------------+------------------+
6 创建网络(私网)
加载 henry 用户环境变量进行操作。
- 设置变量文件并加载
[root@controller ~(keystone_admin)]# ls
abc anaconda-ks.cfg cloudcs.txt keystonerc_admin
[root@controller ~(keystone_admin)]# cp keystonerc_admin keystonerc_henry
[root@controller ~(keystone_admin)]# vim keystonerc_henry
[root@controller ~(keystone_admin)]# cat keystonerc_henry
unset OS_SERVICE_TOKEN
export OS_USERNAME=henry
export OS_PASSWORD='redhat'
export OS_REGION_NAME=RegionOne
export OS_AUTH_URL=http://192.168.100.128:5000/v3
export PS1='[\u@\h \W(keystone_henry)]\$ '
export OS_PROJECT_NAME=henry
export OS_USER_DOMAIN_NAME=Default
export OS_PROJECT_DOMAIN_NAME=Default
export OS_IDENTITY_API_VERSION=3
[root@controller ~(keystone_admin)]# source keystonerc_henry
[root@controller ~(keystone_henry)]#
- 创建私网
[root@controller ~(keystone_henry)]# openstack network create private
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-05-13T08:27:33Z |
| description | |
| dns_domain | None |
| id | fec7d5f5-d8e0-453d-8433-cd1088bc9a05 |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | False |
| is_vlan_transparent | None |
| mtu | 1442 |
| name | private |
| port_security_enabled | True |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| provider:network_type | None |
| provider:physical_network | None |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | Internal |
| segments | None |
| shared | False |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2023-05-13T08:27:33Z |
+---------------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 24206160-90bf-423d-9160-b0b247ec1df1 | public | ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f |
| fec7d5f5-d8e0-453d-8433-cd1088bc9a05 | private | |
+--------------------------------------+---------+--------------------------------------+
- 创建私网-子网
[root@controller ~(keystone_henry)]# openstack subnet create --subnet-range 192.168.88.0/24 --gateway 192.168.88.254 --dhcp --network private private_sub
+----------------------+--------------------------------------+
| Field | Value |
+----------------------+--------------------------------------+
| allocation_pools | 192.168.88.1-192.168.88.253 |
| cidr | 192.168.88.0/24 |
| created_at | 2023-05-13T08:29:50Z |
| description | |
| dns_nameservers | |
| dns_publish_fixed_ip | None |
| enable_dhcp | True |
| gateway_ip | 192.168.88.254 |
| host_routes | |
| id | ca2955af-1a5e-47c5-9181-2223506d8c3e |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| name | private_sub |
| network_id | fec7d5f5-d8e0-453d-8433-cd1088bc9a05 |
| prefix_length | None |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2023-05-13T08:29:50Z |
+----------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 24206160-90bf-423d-9160-b0b247ec1df1 | public | ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f |
| fec7d5f5-d8e0-453d-8433-cd1088bc9a05 | private | ca2955af-1a5e-47c5-9181-2223506d8c3e |
+--------------------------------------+---------+--------------------------------------+
7 创建路由
加载 henry 用户环境变量进行操作。
7.1 创建路由
[root@controller ~(keystone_henry)]# openstack router create router01
+-------------------------+--------------------------------------+
| Field | Value |
+-------------------------+--------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-05-13T08:32:00Z |
| description | |
| external_gateway_info | null |
| flavor_id | None |
| id | f572073e-07d5-466e-a2e3-09ca7059c0d4 |
| name | router01 |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| revision_number | 1 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2023-05-13T08:32:00Z |
+-------------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack router list
+--------------------------------------+----------+--------+-------+----------------------------------+
| ID | Name | Status | State | Project |
+--------------------------------------+----------+--------+-------+----------------------------------+
| f572073e-07d5-466e-a2e3-09ca7059c0d4 | router01 | ACTIVE | UP | 907d9d1e053d4977891bb52ae2889200 |
+--------------------------------------+----------+--------+-------+----------------------------------+
7.2 创建路由网关
[root@controller ~(keystone_henry)]# openstack router set router01 --external-gateway public
[root@controller ~(keystone_henry)]# openstack router show router01
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-05-13T08:32:00Z |
| description | |
| external_gateway_info | {"network_id": "24206160-90bf-423d-9160-b0b247ec1df1", "external_fixed_ips": [{"subnet_id": "ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f", "ip_address": "192.168.100.201"}], "enable_snat": true} |
| flavor_id | None |
| id | f572073e-07d5-466e-a2e3-09ca7059c0d4 |
| interfaces_info | [] |
| name | router01 |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| revision_number | 3 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2023-05-13T08:41:01Z |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
7.3 创建路由子接口
[root@controller ~(keystone_henry)]# openstack router add subnet router01 private_sub
[root@controller ~(keystone_henry)]# openstack router show router01
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2023-05-13T08:32:00Z |
| description | |
| external_gateway_info | {"network_id": "24206160-90bf-423d-9160-b0b247ec1df1", "external_fixed_ips": [{"subnet_id": "ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f", "ip_address": "192.168.100.201"}], "enable_snat": true} |
| flavor_id | None |
| id | f572073e-07d5-466e-a2e3-09ca7059c0d4 |
| interfaces_info | [{"port_id": "58d743b1-687b-4cc3-9c45-22c5bce1b5e5", "ip_address": "192.168.88.254", "subnet_id": "ca2955af-1a5e-47c5-9181-2223506d8c3e"}] |
| name | router01 |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| revision_number | 4 |
| routes | |
| status | ACTIVE |
| tags | |
| updated_at | 2023-05-13T08:44:34Z |
+-------------------------+---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
8 配置安全组
加载 henry 用户环境变量进行操作。
[root@controller ~(keystone_henry)]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | default | Default security group | 907d9d1e053d4977891bb52ae2889200 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
[root@controller ~(keystone_henry)]# openstack security group rule list
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| ID | IP Protocol | Ethertype | IP Range | Port Range | Remote Security Group | Security Group |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| 15cfe633-2442-4bb3-91d0-b5541a27a668 | None | IPv4 | 0.0.0.0/0 | | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 3049e5be-17a4-4dae-98dd-3981137b6d77 | None | IPv6 | ::/0 | | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 65bc99b6-ae56-4561-aaae-fece94e7dd96 | None | IPv6 | ::/0 | | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 8394212d-5122-4398-a53c-514632c30917 | None | IPv4 | 0.0.0.0/0 | | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack security group rule create --protocol icmp --ingress default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2023-05-13T08:58:06Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | a0d406f0-3795-46d2-b282-093fbda317d3 |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| tags | [] |
| updated_at | 2023-05-13T08:58:06Z |
+-------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack security group rule create --protocol tcp --dst-port 22:22 --ingress default
+-------------------+--------------------------------------+
| Field | Value |
+-------------------+--------------------------------------+
| created_at | 2023-05-13T08:59:05Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | e68b6487-876c-4a92-b909-45c48fbcdcfa |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| tags | [] |
| updated_at | 2023-05-13T08:59:05Z |
+-------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack security group rule list
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| ID | IP Protocol | Ethertype | IP Range | Port Range | Remote Security Group | Security Group |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
| 15cfe633-2442-4bb3-91d0-b5541a27a668 | None | IPv4 | 0.0.0.0/0 | | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 3049e5be-17a4-4dae-98dd-3981137b6d77 | None | IPv6 | ::/0 | | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 65bc99b6-ae56-4561-aaae-fece94e7dd96 | None | IPv6 | ::/0 | | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| 8394212d-5122-4398-a53c-514632c30917 | None | IPv4 | 0.0.0.0/0 | | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| a0d406f0-3795-46d2-b282-093fbda317d3 | icmp | IPv4 | 0.0.0.0/0 | | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
| e68b6487-876c-4a92-b909-45c48fbcdcfa | tcp | IPv4 | 0.0.0.0/0 | 22:22 | None | 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 |
+--------------------------------------+-------------+-----------+-----------+------------+--------------------------------------+--------------------------------------+
9 发放云主机
加载 henry 用户环境变量进行操作。
- 获取实例所需参数
[root@controller ~(keystone_henry)]# openstack flavor list
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
| 1 | m1.tiny | 512 | 1 | 0 | 1 | True |
| 2 | m1.small | 2048 | 20 | 0 | 1 | True |
| 3 | m1.medium | 4096 | 40 | 0 | 2 | True |
| 31c5b46c-18d5-461a-8ad6-d52eb9f488c5 | m2.tiny | 1024 | 1 | 0 | 1 | True |
| 4 | m1.large | 8192 | 80 | 0 | 4 | True |
| 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |
+--------------------------------------+-----------+-------+------+-----------+-------+-----------+
[root@controller ~(keystone_henry)]# openstack image list
+--------------------------------------+--------+--------+
| ID | Name | Status |
+--------------------------------------+--------+--------+
| 169cec1e-5c13-4d5e-bf55-52e640ed046d | centos | active |
+--------------------------------------+--------+--------+
[root@controller ~(keystone_henry)]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 47352da6-c2f9-4b84-8197-e1b9d36bb6b8 | default | Default security group | 907d9d1e053d4977891bb52ae2889200 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
[root@controller ~(keystone_henry)]# openstack network list
+--------------------------------------+---------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+---------+--------------------------------------+
| 24206160-90bf-423d-9160-b0b247ec1df1 | public | ccdfc079-fd65-4fad-a1f8-5fa3b5a4535f |
| fec7d5f5-d8e0-453d-8433-cd1088bc9a05 | private | ca2955af-1a5e-47c5-9181-2223506d8c3e |
+--------------------------------------+---------+--------------------------------------+
- 启动实例
[root@controller ~(keystone_henry)]# openstack server create --flavor m2.tiny --image centos --min 1 --security-group default --nic net-id=fec7d5f5-d8e0-453d-8433-cd1088bc9a05 ecs01
+-----------------------------+------------------------------------------------+
| Field | Value |
+-----------------------------+------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | dGhTthvD6hHj |
| config_drive | |
| created | 2023-05-13T09:20:52Z |
| flavor | m2.tiny (31c5b46c-18d5-461a-8ad6-d52eb9f488c5) |
| hostId | |
| id | 3a2dc2ea-cd2d-4b62-82e8-c903af660dd6 |
| image | centos (169cec1e-5c13-4d5e-bf55-52e640ed046d) |
| key_name | None |
| name | ecs01 |
| progress | 0 |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| properties | |
| security_groups | name='47352da6-c2f9-4b84-8197-e1b9d36bb6b8' |
| status | BUILD |
| updated | 2023-05-13T09:20:52Z |
| user_id | 2bfa4750b08e40feb012a59c06ee444f |
| volumes_attached | |
+-----------------------------+------------------------------------------------+
[root@controller ~(keystone_henry)]# openstack server list
+--------------------------------------+-------+--------+------------------------+--------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-------+--------+------------------------+--------+---------+
| 3a2dc2ea-cd2d-4b62-82e8-c903af660dd6 | ecs01 | ACTIVE | private=192.168.88.122 | centos | m2.tiny |
+--------------------------------------+-------+--------+------------------------+--------+---------+
10 绑定EIP并访问实例
加载 henry 用户环境变量进行操作。
10.1 分配及绑定EIP
- 分配EIP
[root@controller ~(keystone_henry)]# openstack floating ip create public
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| created_at | 2023-05-13T09:23:19Z |
| description | |
| dns_domain | None |
| dns_name | None |
| fixed_ip_address | None |
| floating_ip_address | 192.168.100.205 |
| floating_network_id | 24206160-90bf-423d-9160-b0b247ec1df1 |
| id | 61c99088-00e9-4a68-bb88-8d9634ab7ead |
| name | 192.168.100.205 |
| port_details | None |
| port_id | None |
| project_id | 907d9d1e053d4977891bb52ae2889200 |
| qos_policy_id | None |
| revision_number | 0 |
| router_id | None |
| status | DOWN |
| subnet_id | None |
| tags | [] |
| updated_at | 2023-05-13T09:23:19Z |
+---------------------+--------------------------------------+
[root@controller ~(keystone_henry)]# openstack floating ip list
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| ID | Floating IP Address | Fixed IP Address | Port | Floating Network | Project |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
| 61c99088-00e9-4a68-bb88-8d9634ab7ead | 192.168.100.205 | None | None | 24206160-90bf-423d-9160-b0b247ec1df1 | 907d9d1e053d4977891bb52ae2889200 |
+--------------------------------------+---------------------+------------------+------+--------------------------------------+----------------------------------+
- 绑定EIP
[root@controller ~(keystone_henry)]# openstack server add floating ip ecs01 192.168.100.205
10.2 测试并访问
- 测试连通性
[root@controller ~(keystone_henry)]# ping 192.168.100.205
PING 192.168.100.205 (192.168.100.205) 56(84) bytes of data.
64 bytes from 192.168.100.205: icmp_seq=1 ttl=63 time=5.06 ms
64 bytes from 192.168.100.205: icmp_seq=2 ttl=63 time=1.27 ms
64 bytes from 192.168.100.205: icmp_seq=3 ttl=63 time=0.700 ms
64 bytes from 192.168.100.205: icmp_seq=4 ttl=63 time=0.751 ms
64 bytes from 192.168.100.205: icmp_seq=5 ttl=63 time=0.737 ms
^C
--- 192.168.100.205 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4090ms
rtt min/avg/max/mdev = 0.700/1.702/5.055/1.689 ms
- 测试访问
[root@controller ~(keystone_henry)]# ssh cirros@192.168.100.205
The authenticity of host '192.168.100.205 (192.168.100.205)' can't be established.
ECDSA key fingerprint is SHA256:gLl7HS9xn5PBUclci6QdHtkPQE76TctbLdxK7IfwpQE.
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '192.168.100.205' (ECDSA) to the list of known hosts.
cirros@192.168.100.205's password:
$ sudo -i
# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1442 qdisc pfifo_fast qlen 1000
link/ether fa:16:3e:0c:09:cd brd ff:ff:ff:ff:ff:ff
inet 192.168.88.122/24 brd 192.168.88.255 scope global dynamic noprefixroute eth0
valid_lft 42671sec preferred_lft 37271sec
inet6 fe80::f816:3eff:fe0c:9cd/64 scope link
valid_lft forever preferred_lft forever
# ping www.51cto.com
PING 203.107.44.140 (203.107.44.140) 56(84) bytes of data.
64 bytes from www.51cto.com (203.107.44.140): icmp_seq=1 ttl=127 time=27.0 ms
64 bytes from www.51cto.com (203.107.44.140): icmp_seq=2 ttl=127 time=26.4 ms
64 bytes from www.51cto.com (203.107.44.140): icmp_seq=3 ttl=127 time=25.5 ms
64 bytes from www.51cto.com (203.107.44.140): icmp_seq=4 ttl=127 time=25.4 ms
^C
--- 203.107.44.140 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3006ms
rtt min/avg/max/mdev = 25.396/26.090/26.994/0.655 ms
#
- END
