用命令測試安裝好的OpenStack環境
OpenStack三個節點icehouse-gre模式部署一文部署了一套OpenStack環境,接下來使用命令測試一遍。html
首先要明確幾個概念:api
外網:可分配floating ip綁定到虛擬機,外部就能夠訪問虛擬機。安全
虛擬網絡(內部網絡,私有網絡):虛擬機的虛擬網卡所在的私有網絡。網絡
子網:用戶建立的每一個網絡至少要有一個子網(也能夠有多個子網)app
路由:用戶建立的每一個網絡至少有一個路由,該路由的接口要關聯這個網絡ssh
fixed ip:虛擬機網卡在虛擬網絡上的iptcp
floating ip:虛擬網絡對應的外部網絡上的ipide
interface:一個網絡接口測試
端口:子網有多個端口(通常會有MAC地址和IP地址),在GRE模式中子網中通常會有qdhcp端口,qrouter端口和爲虛擬機實例分配的端口,它們的ip地址屬於這個子網ui
1、查看nova和neutron服務,確保都是笑臉
#nova-manage service list
root@controller:~# nova-manage service list Binary Host Zone Status State Updated_At nova-cert controller internal enabled :-) 2015-01-12 00:39:05 nova-consoleauth controller internal enabled :-) 2015-01-12 00:38:59 nova-scheduler controller internal enabled :-) 2015-01-12 00:39:00 nova-conductor controller internal enabled :-) 2015-01-12 00:39:03 nova-compute compute1 nova enabled :-) 2015-01-12 00:39:03
#neutron agent-list
root@controller:~# neutron agent-list +--------------------------------------+--------------------+----------+-------+----------------+ | id | agent_type | host | alive | admin_state_up | +--------------------------------------+--------------------+----------+-------+----------------+ | 7a1f9910-62d8-4461-b31d-1a562bd0b76e | DHCP agent | network | :-) | True | | 86d1c916-8b05-4840-965c-e9152388e0c2 | Open vSwitch agent | compute1 | :-) | True | | 8809b0e3-010d-4d2f-b552-10be24002684 | Open vSwitch agent | network | :-) | True | | aca01734-7522-427a-b3f2-45400d22121c | Metadata agent | network | :-) | True | | e964a21a-4b8d-403b-9c81-2a95f387285e | L3 agent | network | :-) | True | +--------------------------------------+--------------------+----------+-------+----------------+
2、建立租戶和用戶
建立租戶
# keystone tenant-create --name TenantA
root@controller:~# keystone tenant-create --name TenantA WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +-------------+----------------------------------+ | Property | Value | +-------------+----------------------------------+ | description | | | enabled | True | | id | 60a10cd7a61b493d910eabd353c07567 | | name | TenantA | +-------------+----------------------------------+
建立用戶
# keystone user-create --name=UserA --pass=password --tenant-id TenantA --email=usera@test.com
root@controller:~# keystone user-create --name=UserA --pass=password --tenant-id TenantA --email=usera@test.com WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored). +----------+----------------------------------+ | Property | Value | +----------+----------------------------------+ | email | usera@test.com | | enabled | True | | id | be1db0d2fd134025accd2654cfc66056 | | name | UserA | | tenantId | 60a10cd7a61b493d910eabd353c07567 | | username | UserA | +----------+----------------------------------+
爲租戶添加用戶
#keystone user-role-add --tenant TenantA --user UserA --role Member
root@controller:~# keystone user-role-add --tenant TenantA --user UserA --role Member WARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
3、準備neutron網絡
建立外網
# neutron net-create Ext-Net --provider:network_type gre --provider:segmentation_id 1 --router:external true
root@controller:~# neutron net-create Ext-Net --provider:network_type gre --provider:segmentation_id 1 --router:external true Created a new network: +---------------------------+--------------------------------------+ | Field | Value | +---------------------------+--------------------------------------+ | admin_state_up | True | | id | c8699820-7c6d-4441-9602-3425f2c630ec | | name | Ext-Net | | provider:network_type | gre | | provider:physical_network | | | provider:segmentation_id | 1 | | router:external | True | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | c91d0723aaea4985a77801a15ef66438 | +---------------------------+--------------------------------------+
建立外網的子網
# neutron subnet-create --allocation-pool start=10.1.101.80,end=10.1.101.100 --gateway 10.1.101.254 Ext-Net 10.1.101.0/24 --enable_dhcp=False
root@controller:~# neutron subnet-create --allocation-pool start=10.1.101.80,end=10.1.101.100 --gateway 10.1.101.254 Ext-Net 10.1.101.0/24 --enable_dhcp=False Created a new subnet: +------------------+-------------------------------------------------+ | Field | Value | +------------------+-------------------------------------------------+ | allocation_pools | {"start": "10.1.101.80", "end": "10.1.101.100"} | | cidr | 10.1.101.0/24 | | dns_nameservers | | | enable_dhcp | False | | gateway_ip | 10.1.101.254 | | host_routes | | | id | 2c4155c9-5a2e-471c-a4d8-40a86b45ab0a | | ip_version | 4 | | name | | | network_id | c8699820-7c6d-4441-9602-3425f2c630ec | | tenant_id | c91d0723aaea4985a77801a15ef66438 | +------------------+-------------------------------------------------+
接下來建立租戶的子網和虛擬路由
建立租戶網絡
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 net-create tenantA-Net
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 net-create tenantA-Net Created a new network: +----------------+--------------------------------------+ | Field | Value | +----------------+--------------------------------------+ | admin_state_up | True | | id | 7c22bbd9-166c-4610-9a3d-3b8b92c77518 | | name | tenantA-Net | | shared | False | | status | ACTIVE | | subnets | | | tenant_id | 60a10cd7a61b493d910eabd353c07567 | +----------------+--------------------------------------+
建立租戶子網
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 subnet-create tenantA-Net 10.0.0.0/24
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 subnet-create tenantA-Net 10.0.0.0/24 Created a new subnet: +------------------+--------------------------------------------+ | Field | Value | +------------------+--------------------------------------------+ | allocation_pools | {"start": "10.0.0.2", "end": "10.0.0.254"} | | cidr | 10.0.0.0/24 | | dns_nameservers | | | enable_dhcp | True | | gateway_ip | 10.0.0.1 | | host_routes | | | id | c37d8ed0-372e-4b24-9ba2-897c38c6ddbf | | ip_version | 4 | | name | | | network_id | 7c22bbd9-166c-4610-9a3d-3b8b92c77518 | | tenant_id | 60a10cd7a61b493d910eabd353c07567 | +------------------+--------------------------------------------+
建立租戶虛擬路由
neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-create tenant-R1
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-create tenant-R1 Created a new router: +-----------------------+--------------------------------------+ | Field | Value | +-----------------------+--------------------------------------+ | admin_state_up | True | | external_gateway_info | | | id | 680944ad-679c-4fe8-ae4b-258cd8ac337f | | name | tenant-R1 | | status | ACTIVE | | tenant_id | 60a10cd7a61b493d910eabd353c07567 | +-----------------------+--------------------------------------+
增長路由接口
(替換${subnet_id}爲子網ID)
neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-interface-add tenant-R1 ${subnet_id}
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-interface-add tenant-R1 c37d8ed0-372e-4b24-9ba2-897c38c6ddbf Added interface 81388454-30e0-45e4-b3dd-b7b2e8dbf067 to router tenant-R1.
給路由增長網關
# neutron router-gateway-set tenant-R1 Ext-Net
root@controller:~# neutron router-gateway-set tenant-R1 Ext-Net Set gateway for router tenant-R1
到此爲止UserA看到的網絡拓撲以下:
4、安全組規則
安全組規則會影響到外面ping虛擬機和ssh登陸虛擬機,因此在controller節點中爲openstack設置好ICMP和TCP規則。
這裏設置安全組規則至關於打開防火牆端口,容許ssh和ping虛擬機,這是個重點,不設置這個將沒法訪問虛擬機。
得到TenantA的default安全組規則
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 security-group-list
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 security-group-list +--------------------------------------+---------+-------------+ | id | name | description | +--------------------------------------+---------+-------------+ | 8bd8fb6b-7141-4900-8321-390cc1a5d999 | default | default | +--------------------------------------+---------+-------------+
默認default規則:
設置nova中default的 ICMP/TCP/UDP安全組規則
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default tcp 1 65535 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default tcp 1 65535 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | tcp | 1 | 65535 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default udp 1 65535 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default udp 1 65535 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | udp | 1 | 65535 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default icmp -1 -1 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default icmp -1 -1 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+ | IP Protocol | From Port | To Port | IP Range | Source Group | +-------------+-----------+---------+-----------+--------------+ | icmp | -1 | -1 | 0.0.0.0/0 | | +-------------+-----------+---------+-----------+--------------+
5、起虛擬機
查看鏡像:
# glance index
root@controller:~# glance index ID Name Disk Format Container Format Size ------------------------------------ ------------------------------ -------------------- -------------------- -------------- a1de861a-be9c-4223-9a7a-cf5917489ce9 cirros-0.3.2-x86_64 qcow2 bare 13167616
起虛擬機,替換{the cirros ID from Glance}爲鏡像ID
#root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 boot --flavor 1 --image{the cirros ID from Glance} vm001
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 boot --flavor 1 --image a1de861a-be9c-4223-9a7a-cf5917489ce9 vm001 +--------------------------------------+------------------------------------------------------------+ | Property | Value | +--------------------------------------+------------------------------------------------------------+ | OS-DCF:diskConfig | MANUAL | | OS-EXT-AZ:availability_zone | nova | | OS-EXT-STS:power_state | 0 | | OS-EXT-STS:task_state | scheduling | | OS-EXT-STS:vm_state | building | | OS-SRV-USG:launched_at | - | | OS-SRV-USG:terminated_at | - | | accessIPv4 | | | accessIPv6 | | | adminPass | sCekd6U9PcvU | | config_drive | | | created | 2015-01-12T01:18:27Z | | flavor | m1.tiny (1) | | hostId | | | id | d4a05267-b610-4c61-86e0-542ae9a7d93f | | image | cirros-0.3.2-x86_64 (a1de861a-be9c-4223-9a7a-cf5917489ce9) | | key_name | - | | metadata | {} | | name | vm001 | | os-extended-volumes:volumes_attached | [] | | progress | 0 | | security_groups | default | | status | BUILD | | tenant_id | 60a10cd7a61b493d910eabd353c07567 | | updated | 2015-01-12T01:18:28Z | | user_id | be1db0d2fd134025accd2654cfc66056 | +--------------------------------------+------------------------------------------------------------+
檢查虛擬機狀態爲ACTIVE
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list +--------------------------------------+-------+--------+------------+-------------+----------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-------+--------+------------+-------------+----------------------+ | d4a05267-b610-4c61-86e0-542ae9a7d93f | vm001 | ACTIVE | - | Running | tenantA-Net=10.0.0.2 | +--------------------------------------+-------+--------+------------+-------------+----------------------+
6、爲虛擬機分配浮動IP
建立一個浮動IP
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floatingip-create Ext-Net
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floatingip-create Ext-Net Created a new floatingip: +---------------------+--------------------------------------+ | Field | Value | +---------------------+--------------------------------------+ | fixed_ip_address | | | floating_ip_address | 10.1.101.81 | | floating_network_id | c8699820-7c6d-4441-9602-3425f2c630ec | | id | 0482a808-e92b-4ae0-a830-6f149d310c30 | | port_id | | | router_id | | | status | DOWN | | tenant_id | 60a10cd7a61b493d910eabd353c07567 | +---------------------+--------------------------------------+
查看floating-ip
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-list +-------------+-----------+----------+---------+ | Ip | Server Id | Fixed Ip | Pool | +-------------+-----------+----------+---------+ | 10.1.101.81 | | - | Ext-Net | +-------------+-----------+----------+---------+
我建立了一個新的浮動IP10.1.101.82,分配的是10.1.101.82
分配浮動IP給虛擬機,替換{the vm id}爲虛擬機ID
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-associate {the vm id} 10.1.101.82
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-associate d4a05267-b610-4c61-86e0-542ae9a7d93f 10.1.101.82
檢查虛擬機狀態,如今就能夠看到浮動ip了。
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list +--------------------------------------+-------+--------+------------+-------------+-----------------------------------+ | ID | Name | Status | Task State | Power State | Networks | +--------------------------------------+-------+--------+------------+-------------+-----------------------------------+ | d4a05267-b610-4c61-86e0-542ae9a7d93f | vm001 | ACTIVE | - | Running | tenantA-Net=10.0.0.2, 10.1.101.82 | +--------------------------------------+-------+--------+------------+-------------+-----------------------------------+
7、SSH到虛擬機(虛擬機狀態爲ACTIVE,密碼是cubswin:))
替換{put_floating_ip_here}爲虛擬機的浮動IP
ssh cirros@{put_floating_ip_here}
root@controller:~# ssh cirros@10.1.101.82 The authenticity of host '10.1.101.82 (10.1.101.82)' can't be established. RSA key fingerprint is da:a3:1a:60:f1:e9:3a:e2:a7:6c:35:cb:f8:9b:b7:65. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '10.1.101.82' (RSA) to the list of known hosts. cirros@10.1.101.82's password: $ $ $ $ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=3 ttl=35 time=295.980 ms
64 bytes from 8.8.8.8: seq=7 ttl=35 time=299.047 ms
8、上傳鏡像
查看鏡像
root@sc-disk01:~/image# glance --os-username admin --os-password windawnKey --os-tenant-name admin --os-auth-url=http://10.0.101.11:35357/v2.0 image-list +--------------------------------------+---------------------+-------------+------------------+----------+--------+ | ID | Name | Disk Format | Container Format | Size | Status | +--------------------------------------+---------------------+-------------+------------------+----------+--------+ | ae63b964-230f-4ff8-bcf9-524d44b6980b | cirros-0.3.2-x86_64 | qcow2 | bare | 13167616 | active | +--------------------------------------+---------------------+-------------+------------------+----------+--------+
上傳鏡像
root@sc-disk01:~# cd image/ root@sc-disk01:~/image# ls app_2013_1127 devstack_201407171353 root@sc-disk01:~/image# glance image-create --name="app_2013_1127" --is-public=True --disk-format=qcow2 --container-format=bare < ./app_2013_1127 +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | f741693bf9297714917e27ce18394dbb | | container_format | bare | | created_at | 2015-03-16T01:53:23 | | deleted | False | | deleted_at | None | | disk_format | qcow2 | | id | 0391cd63-59da-48e2-929d-6a35a43c9bfc | | is_public | True | | min_disk | 0 | | min_ram | 0 | | name | app_2013_1127 | | owner | 49b72345ae0046e284f61503f047b587 | | protected | False | | size | 5299503104 | | status | active | | updated_at | 2015-03-16T01:57:13 | | virtual_size | None | +------------------+--------------------------------------+ root@sc-disk01:~/image#
上傳鏡像截圖
或者用如下命令上傳
root@sc-disk01:~/image# glance image-create --name="app_2014_0124_1604" --is-public=True --disk-format=qcow2 --container-format=bare --file ./app_2014_0124_1604 --progress +------------------+--------------------------------------+ | Property | Value | +------------------+--------------------------------------+ | checksum | bb39bb3b5fa5996aecfa512dc178b5d6 | | container_format | bare | | created_at | 2015-03-16T02:04:12 | | deleted | False | | deleted_at | None | | disk_format | qcow2 | | id | 02111d11-42db-432d-a840-6945794587c0 | | is_public | True | | min_disk | 0 | | min_ram | 0 | | name | app_2014_0124_1604 | | owner | 49b72345ae0046e284f61503f047b587 | | protected | False | | size | 5308547072 | | status | active | | updated_at | 2015-03-16T02:10:09 | | virtual_size | None | +------------------+--------------------------------------+
資源連接:
相關文章
- 1. 用命令測試安裝好的OpenStack環境
- 2. Monkey測試:環境安裝
- 3. 直擊PTG|OpenStack組件將獲得更好的測試環境
- 4. mac上node.js環境的安裝測試
- 5. hadoop2.5 測試環境的安裝
- 6. WAMP環境的安裝與測試
- 7. Node.js的安裝,以及測試環境
- 8. CentOS 環境下yum命令安裝MySQL
- 9. Openstack 環境下網橋的經常使用命令總結
- 10. hadoop debug很好的測試命令
- 更多相關文章...
- • R 環境安裝 - R 語言教程
- • Lua 環境安裝 - Lua 教程
- • Composer 安裝與使用
- • Docker 清理命令
相關標籤/搜索
每日一句
-
每一个你不满意的现在,都有一个你没有努力的曾经。
歡迎關注本站公眾號,獲取更多信息
