建立 OpenStack雲主機 [六]
建立 OpenStack雲主機 [六]
建立 OpenStack雲主機 [六]
openstack 時間:2016年11月28日html
建立虛擬網絡
建立m1.nano規格的主機(相等於定義虛擬機的硬件配置)生成一個密鑰對(openstack的原理是不使用密碼鏈接,而是使用密鑰對進行鏈接)
增長安全組規則(用iptables作的安全組)
啓動一個實例(使用命令啓動,啓動虛擬機有三種方式:1.命令CLI 2.api 3.Dashboard)其實Dashboard也是經過api進行鏈接塊設備存儲編排共享文件系統html5
虛擬網絡分爲提供者網絡和私有網絡,提供者網絡就是跟主機在同一個網絡裏,私有網絡至關於單首創建一個路由器,跟主機不在一個網絡node
提供者網絡架構 
linux
一、建立虛擬網絡web
提示:虛擬網絡必須使用admin權限進行建立shell
[root@linux-node1 ~]# source admin-openstack.sh[root@linux-node1 ~]# neutron net-create --shared --provider:physical_network public --provider:network_type flat public-netCreated a new network:+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | True || availability_zone_hints | || availability_zones | || created_at | 2016-11-22T01:52:36 || description | || id | b9f2214e-14a6-4988-b199-ad72eff0d6b9 || ipv4_address_scope | || ipv6_address_scope | || mtu | 1500 || name | public-net || port_security_enabled | True || provider:network_type | flat || provider:physical_network | public || provider:segmentation_id | || router:external | False || shared | True || status | ACTIVE || subnets | || tags | || tenant_id | 026a58f98402437fa95ef4a21fbd4d1a || updated_at | 2016-11-22T01:52:36 |+---------------------------+--------------------------------------+#neutron net-create --shared(共享網絡) --provider:physical_network(物理網絡) public(物理網絡的名稱) --provider:network_type(建立的網絡類型爲flat) flat public-net(自定義一個名稱)
檢查是否建立成功api
[root@linux-node1 ~]# neutron net-list+--------------------------------------+------------+---------+| id | name | subnets |+--------------------------------------+------------+---------+| b9f2214e-14a6-4988-b199-ad72eff0d6b9 | public-net | |+--------------------------------------+------------+---------+
如今咱們還須要建立子網瀏覽器
[root@linux-node1 ~]# neutron subnet-create --name public-subnet --allocation-pool start=192.168.56.100,end=192.168.56.200 --dns-nameserver 223.5.5.5 --gateway 192.168.56.2 public-net 192.168.56.0/24Created a new subnet:+-------------------+------------------------------------------------------+| Field | Value |+-------------------+------------------------------------------------------+| allocation_pools | {"start": "192.168.56.100", "end": "192.168.56.200"} || cidr | 192.168.56.0/24 || created_at | 2016-11-22T02:05:06 || description | || dns_nameservers | 223.5.5.5 || enable_dhcp | True || gateway_ip | 192.168.56.2 || host_routes | || id | 696eb806-f548-46c2-a653-d05724446daf || ip_version | 4 || ipv6_address_mode | || ipv6_ra_mode | || name | public-subnet || network_id | b9f2214e-14a6-4988-b199-ad72eff0d6b9 || subnetpool_id | || tenant_id | 026a58f98402437fa95ef4a21fbd4d1a || updated_at | 2016-11-22T02:05:06 |+-------------------+------------------------------------------------------+neutron subnet-create 子網建立--name (名稱)--allocation—pool 分配地址池start=開始IP地址end=結束IP地址dns-nameserver DNS地址--gateway 網關provider 提供者的網絡(要跟建立網絡的名稱對應起來)
檢查是否關聯成功安全
[root@linux-node1 ~]# neutron net-list+--------------------------------------+------------+------------------------------------------------------+| id | name | subnets |+--------------------------------------+------------+------------------------------------------------------+| b9f2214e-14a6-4988-b199-ad72eff0d6b9 | public-net | 696eb806-f548-46c2-a653-d05724446daf 192.168.56.0/24 |+--------------------------------------+------------+------------------------------------------------------+
查看子網網絡
[root@linux-node1 ~]# neutron subnet-list+--------------------------------------+---------------+-----------------+------------------------------------------------------+| id | name | cidr | allocation_pools |+--------------------------------------+---------------+-----------------+------------------------------------------------------+| 696eb806-f548-46c2-a653-d05724446daf | public-subnet | 192.168.56.0/24 | {"start": "192.168.56.100", "end": "192.168.56.200"} |+--------------------------------------+---------------+-----------------+------------------------------------------------------+
2.建立m1.nano規格的主機
默認的最小規格的主機須要512 MB內存。對於環境中計算節點內存不足4 GB的,咱們推薦建立只須要64 MB的m1.nano規格的主機。若單純爲了測試的目的,請使用m1.nano規格的主機來加載CirrOS鏡像
[root@linux-node1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano+----------------------------+---------+| Field | Value |+----------------------------+---------+| OS-FLV-DISABLED:disabled | False || OS-FLV-EXT-DATA:ephemeral | 0 || disk | 1 || id | 0 || name | m1.nano || os-flavor-access:is_public | True || ram | 64 || rxtx_factor | 1.0 || swap | || vcpus | 1 |+----------------------------+---------+openstack flavor create 建立主機--id 主機ID--vcpus cpu--ram 64兆(若是想加G,直接寫64G便可)--disk 磁盤(單位是G)
查看
[root@linux-node1 ~]# openstack flavor list+----+-----------+-------+------+-----------+-------+-----------+| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |+----+-----------+-------+------+-----------+-------+-----------+| 0 | m1.nano | 64 | 1 | 0 | 1 | True || 1 | m1.tiny | 512 | 1 | 0 | 1 | True || 2 | m1.small | 2048 | 20 | 0 | 1 | True || 3 | m1.medium | 4096 | 40 | 0 | 2 | True || 4 | m1.large | 8192 | 80 | 0 | 4 | True || 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |+----+-----------+-------+------+-----------+-------+-----------+
提示:1-5是默認的,0是咱們建立的
生成一個鍵值對
大部分雲鏡像支持公共密鑰認證而不是傳統的密碼認證。在啓動實例前,你必須添加一個公共密鑰到計算服務。
提示:咱們使用demo用戶進行操做
生成密鑰
[root@linux-node1 ~]# source demo-openstack.sh [root@linux-node1 ~]# ssh-keygen -q -N ""Enter file in which to save the key (/root/.ssh/id_rsa):
在openstack上建立密鑰對
[root@linux-node1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey+-------------+-------------------------------------------------+| Field | Value |+-------------+-------------------------------------------------+| fingerprint | 9e:92:7a:89:b8:cc:86:fa:5d:2d:e9:5f:35:cd:43:01 || name | mykey || user_id | a78ec26501374df4a574bd3f8153d67f |+-------------+-------------------------------------------------+
驗證規則
[root@linux-node1 ~]# openstack keypair list+-------+-------------------------------------------------+| Name | Fingerprint |+-------+-------------------------------------------------+| mykey | 9e:92:7a:89:b8:cc:86:fa:5d:2d:e9:5f:35:cd:43:01 |+-------+-------------------------------------------------+
增長安全組
默認狀況下,default安全組適用於全部實例而且包括拒絕訪問實例的防火牆規則,對這樣的Linux鏡像,咱們推薦至少容許ICMP(ping)和安全shell(SSH)規則
添加規則到default安全組 容許ICMP(ping)
[root@linux-node1 ~]# openstack security group rule create --proto icmp default+-----------------------+--------------------------------------+| Field | Value |+-----------------------+--------------------------------------+| id | 2a2af0f1-e3ab-426d-9716-10615bec3e75 || ip_protocol | icmp || ip_range | 0.0.0.0/0 || parent_group_id | 58ed4e26-8cc1-4bdb-b9d1-c8606637e8b4 || port_range | || remote_security_group | |+-----------------------+--------------------------------------+
容許安全 shell (SSH) 的訪問:
[root@linux-node1 ~]# openstack security group rule create --proto tcp --dst-port 22 default+-----------------------+--------------------------------------+| Field | Value |+-----------------------+--------------------------------------+| id | 94aa695c-58dc-4033-8c26-58f7f5482051 || ip_protocol | tcp || ip_range | 0.0.0.0/0 || parent_group_id | 58ed4e26-8cc1-4bdb-b9d1-c8606637e8b4 || port_range | 22:22 || remote_security_group | |+-----------------------+--------------------------------------+
啓動一個實例
在公有網絡上建立實例肯定實例選項
啓動一臺實例,您必須至少指定一個類型、鏡像名稱、網絡、安全組、密鑰和實例名稱
咱們仍是使用demo用戶進行設置
列出可用類型
[root@linux-node1 ~]# source demo-openstack.sh [root@linux-node1 ~]# openstack flavor list+----+-----------+-------+------+-----------+-------+-----------+| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |+----+-----------+-------+------+-----------+-------+-----------+| 0 | m1.nano | 64 | 1 | 0 | 1 | True || 1 | m1.tiny | 512 | 1 | 0 | 1 | True || 2 | m1.small | 2048 | 20 | 0 | 1 | True || 3 | m1.medium | 4096 | 40 | 0 | 2 | True || 4 | m1.large | 8192 | 80 | 0 | 4 | True || 5 | m1.xlarge | 16384 | 160 | 0 | 8 | True |+----+-----------+-------+------+-----------+-------+-----------+
由於咱們在上面已經建立的,名字是m1.nano
列出可用的鏡像
[root@linux-node1 ~]# openstack p_w_picpath list+--------------------------------------+--------+--------+| ID | Name | Status |+--------------------------------------+--------+--------+| fc67361d-ad30-40b2-9d96-941e50fc17f5 | cirros | active |+--------------------------------------+--------+--------+
列出可用的網絡
[root@linux-node1 ~]# openstack network list+--------------------------------------+------------+--------------------------------------+| ID | Name | Subnets |+--------------------------------------+------------+--------------------------------------+| b9f2214e-14a6-4988-b199-ad72eff0d6b9 | public-net | 696eb806-f548-46c2-a653-d05724446daf |+--------------------------------------+------------+--------------------------------------+
建立網絡的時候使用的不是名稱,而是ID
列出可用的安全組
[root@linux-node1 ~]# openstack security group list+--------------------------------------+---------+------------------------+----------------------------------+| ID | Name | Description | Project |+--------------------------------------+---------+------------------------+----------------------------------+| 58ed4e26-8cc1-4bdb-b9d1-c8606637e8b4 | default | Default security group | ff5398ee1b2e4d00bafd57f82dc150e6 |+--------------------------------------+---------+------------------------+----------------------------------+
建立實例
啓動實例:
使用provider公有網絡的ID替換PUBLIC_NET_ID。
[root@linux-node1 ~]# openstack server create --flavor m1.nano --p_w_picpath cirros \ --nic net-id=b9f2214e-14a6-4988-b199-ad72eff0d6b9 --security-group default \ --key-name mykey provider-instance+--------------------------------------+----------------------------------------------------------+| Field | Value |+--------------------------------------+----------------------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | nova || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | block_device_mapping || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | None || OS-SRV-USG:terminated_at | None || accessIPv4 | || accessIPv6 | || addresses | || adminPass | e6aHhdr43Hjz || config_drive | || created | 2016-11-22T03:48:01Z || flavor | m1.nano (0) || hostId | 6248511bd1ebfa25a7a99fe7c357194cc5fe54249b0228cc94fd51fd || id | 55877c1a-7a08-4ddd-95a6-3c5376ba5c55 || p_w_picpath | cirros (fc67361d-ad30-40b2-9d96-941e50fc17f5) || key_name | mykey || name | provider-instance || os-extended-volumes:volumes_attached | [] || progress | 0 || project_id | ff5398ee1b2e4d00bafd57f82dc150e6 || properties | || security_groups | [{u'name': u'default'}] || status | BUILD || updated | 2016-11-22T03:48:02Z || user_id | a78ec26501374df4a574bd3f8153d67f |+--------------------------------------+----------------------------------------------------------+
openstack server create 建立實例--flavor 建立的類型--p_w_picpath 鏡像--nic net-id= 網絡ID--security-group 設置安全組--key-name key設置最後一個是實例名稱
檢查
[root@linux-node1 ~]# openstack server list+--------------------------------------+-------------------+--------+---------------------------+| ID | Name | Status | Networks |+--------------------------------------+-------------------+--------+---------------------------+| 55877c1a-7a08-4ddd-95a6-3c5376ba5c55 | provider-instance | ACTIVE | public-net=192.168.56.101 |+--------------------------------------+-------------------+--------+---------------------------+
若是沒法建立虛擬機,咱們須要查看全部的日誌,能夠直接使用
grep 'ERROR' /var/log/nova/*grep 'ERROR' /var/log/neutron/*grep 'ERROR' /var/log/glance/*grep 'ERROR' /var/log/keystone/*
以及查看iptables selinux時間同步等!
提示:須要在控制節點和計算節點都進行操做,由於建立虛擬機是在計算節點。最好提早把日誌清空
測試IP
[root@linux-node1 ~]# ping 192.168.56.101PING 192.168.56.101 (192.168.56.101) 56(84) bytes of data.64 bytes from 192.168.56.101: icmp_seq=1 ttl=64 time=0.784 ms64 bytes from 192.168.56.101: icmp_seq=2 ttl=64 time=0.578 ms64 bytes from 192.168.56.101: icmp_seq=3 ttl=64 time=0.426 ms
刪除虛擬機
[root@linux-node1 ~]# openstack server list+--------------------------------------+-------------------+--------+---------------------------+| ID | Name | Status | Networks |+--------------------------------------+-------------------+--------+---------------------------+| 55877c1a-7a08-4ddd-95a6-3c5376ba5c55 | provider-instance | ACTIVE | public-net=192.168.56.101 |+--------------------------------------+-------------------+--------+---------------------------+[root@linux-node1 ~]# openstack server delete 55877c1a-7a08-4ddd-95a6-3c5376ba5c55[root@linux-node1 ~]# openstack server list
檢查
nova service-listneutron anget-listnova p_w_picpath-list
提示:咱們建立虛擬機使用的是demo,因此咱們若是想查看主機也要使用demo的腳本進行查看
使用虛擬控制檯訪問實例
獲取你實例的Virtual Network Computing (VNC)會話URL並從web瀏覽器訪問它:
[root@linux-node1 ~]# openstack server list+--------------------------------------+-------------------+--------+---------------------------+| ID | Name | Status | Networks |+--------------------------------------+-------------------+--------+---------------------------+| 62d3f70e-ed8e-4840-8104-99fd2de7e689 | provider-instance | ACTIVE | public-net=192.168.56.104 |+--------------------------------------+-------------------+--------+---------------------------+
show後面填寫的是咱們server的名稱
[root@linux-node1 ~]# openstack console url show provider-instance+-------+------------------------------------------------------------------------------------+| Field | Value |+-------+------------------------------------------------------------------------------------+| type | novnc || url | http://192.168.56.11:6080/vnc_auto.html?token=4b7925f4-773f-4a24-89f7-f5daea6a591c |+-------+------------------------------------------------------------------------------------+
咱們複製這個url進行訪問
帳號:cirros
密碼:cubswin:)
提示:要使用火狐或者谷歌訪問,其餘瀏覽器可能沒法打開,由於這個頁面是html5 咱們在這個6080端口這個頁面操做的信息會被轉發到192.168.56.12:5900端口。由於12是計算節點
相關文章
- 1. 創建 OpenStack雲主機 [六]
- 2. 建立 OpenStack雲主機
- 3. openstack學習-建立一臺雲主機(七)
- 4. Openstack : 二、devstack建立虛擬主機
- 5. Openstack建立雲主機的流程-小小白(linuxzkq)
- 6. Openstack新建雲主機的流程
- 7. OpenStack新建雲主機流程圖
- 8. Openstack新建雲主機流程圖
- 9. 雲端雲主機建立和管理
- 10. openstack雲主機冷遷移
- 更多相關文章...
- • SQL 主機 - SQL 教程
- • 網站主機 技術 - 網站主機教程
- • 漫談MySQL的鎖機制
- • RxJava操作符(六)Utility
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
