04-OpenStack的命令行管理
原创
命令行管理
- 在计算节点安装openstack客户端管理工具
[root@computer ~]# yum install -y python-*client - 把控制节点的OpenStack客户端环境配置复制到计算节点
[root@controller ~]#scp /root/keystonerc_admin root@computer:/root- 加载环境变量
[root@computer ~]# source keystonerc_adminglance
查看帮助
#查看glance有哪些命令参数
[root@computer ~(keystone_admin)]#glance --help
Positional arguments:
<subcommand>
image-create Create a new image.
image-delete Delete specified image(s).
image-download Download a specific image.
image-list List images you can access.
image-show Describe a specific image.
image-update Update a specific image.
member-create Share a specific image with a tenant.
member-delete Remove a shared image from a tenant.
member-list Describe sharing permissions by image or tenant.
help Display help about this program or one of its
subcommands.
See "glance help COMMAND" for help on a specific command.
#查看创建镜像参数的帮助信息,记不住就可以直接复制帮助的参数信息使用
[root@computer ~(keystone_admin)]#glance help image-create
--name 镜像名称
--disk-format 镜像磁盘类型
--container-format 容器类型
--file 镜像文件地址
--is-public 是否公开
--is-protected 是否受保护
--progress 显示上传进度条上传镜像
[root@computer ~(keystone_admin)]# glance image-create --name small --disk-format qcow2 --container-format bare --file /root/small.img --is-public True --is-protected True --progress
[=============================>] 100%
+------------------+--------------------------------------+
| Property | Value |
+------------------+--------------------------------------+
| checksum | 0f3dbcece8ea9d9c5b256e7b274250f0 |
| container_format | bare |
| created_at | 2019-12-02T12:51:45 |
| deleted | False |
| deleted_at | None |
| disk_format | qcow2 |
| id | ff583762-f8ae-4a7d-873d-595e5d7d0a99 |
| is_public | True |
| min_disk | 0 |
| min_ram | 0 |
| name | small |
| owner | 59dd524747ad43b987fe796f4b3f0f84 |
| protected | True |
| size | 356777984 |
| status | active |
| updated_at | 2019-12-02T12:51:50 |
| virtual_size | None |
+------------------+--------------------------------------+查看镜像
[root@computer ~(keystone_admin)]# glance image-list --all
+--------------------------------------+---------+-------------+------------------+-----------+--------+
| ID | Name | Disk Format | Container Format | Size | Status |
+--------------------------------------+---------+-------------+------------------+-----------+--------+
| 53fb4700-e56f-4ea6-a1d9-831b45a5b28e | mysmall | qcow2 | bare | 619000832 | active |
| ff583762-f8ae-4a7d-873d-595e5d7d0a99 | small | qcow2 | bare | 356777984 | active |
+--------------------------------------+---------+-------------+------------------+-----------+--------+keystone
创建租户
创建一个ctf的租户(项目)
[root@computer ~(keystone_admin)]# keystone tenant-create --name ctf --description "CTF test platform"
+-------------+----------------------------------+
| Property | Value |
+-------------+----------------------------------+
| description | CTF test platform |
| enabled | True |
| id | 047de03e432a4060aaab88d13686ea54 |
| name | ctf |
+-------------+----------------------------------+关联租户
创建一个tuowazi用户关联ctf项目
[root@computer ~(keystone_admin)]# keystone user-create --name tuowazi --pass 123456 --tenant 047de03e432a4060aaab88d13686ea54
+----------+----------------------------------+
| Property | Value |
+----------+----------------------------------+
| email | |
| enabled | True |
| id | 7a15c14d576d48dc840e7557653d6c11 |
| name | tuowazi |
| tenantId | 047de03e432a4060aaab88d13686ea54 |
| username | tuowazi |
+----------+----------------------------------+关联角色
添加到管理员组
[root@computer ~(keystone_admin)]# keystone user-role-add --user tuowazi --role admin --tenant ctf切换到tuowazi角色
[root@computer ~(keystone_admin)]# cp keystonerc_admin keystonerc_tuowazi
[root@computer ~(keystone_admin)]# vim keystonerc_tuowazi
export OS_USERNAME=tuowazi
export OS_TENANT_NAME=ctf
export OS_PASSWORD=123456
export OS_AUTH_URL=http://192.168.150.10:5000/v2.0/
export OS_REGION_NAME=RegionOne
export PS1='[\u@\h \W(keystone_tuowazi)]\$ '
[root@computer ~(keystone_admin)]#source keystonerc_tuowazi
[root@computer ~(keystone_tuowazi)]#nova
限制项目配额
[root@computer ~(keystone_admin)]# nova quota-update ctf --cores 10 --ram 2048查看项目配额
[root@computer ~(keystone_admin)]# nova quota-show --tenant 047de03e432a4060aaab88d13686ea54
+-----------------------------+-------+
| Quota | Limit |
+-----------------------------+-------+
| instances | 10 |
| cores | 10 |
| ram | 2048 |
| floating_ips | 10 |
| fixed_ips | -1 |
| metadata_items | 128 |
| injected_files | 5 |
| injected_file_content_bytes | 10240 |
| injected_file_path_bytes | 255 |
| key_pairs | 100 |
| security_groups | 10 |
| security_group_rules | 20 |
| server_groups | 10 |
| server_group_members | 10 |
+-----------------------------+-------+创建私钥
[root@computer ~(keystone_tuowazi)]# nova keypair-add ctf-private-key
-----BEGIN RSA PRIVATE KEY-----
MIIEowIBAAKCAQEAscaZZJV4Tb0Q2zz5WE2GZiNlSKInQD/RdiDim7yyNhqIPIUC
B5TF5WIOE6ZTLyXf/ixZVtp4Ts/rDlO5oulyeu0Ln1f3cp1gbFm6rHaz6Ia75uoM
1Ctpa6x2DFm7x5r7tKg6Sgw0hts2ruenU72gMt5GV0p+4fycIik5+JXDElxrMxCH
lH6MKrZeuSFl3g6olQSYULje7r0KeMLPcVJMM3lPTEodRVpG7jMXDbf89tewi3hs
9tHBAPKDF4Z/AoZTkxdjYm9NKTzjIdMawsegA70reV3DFcHUNJ8CwHwCcZOiVKz1
LzwMi3ARwmFokgqrPH5sBBuonb6qOqZ1CSimFwIDAQABAoIBAHC+beu/a4OJw1X3
Ln9U80Z1bjeJNvFlR9bt9ikkm7T6UKppBCeAr5zQ+fJ2Sk0dbRgKUkJl3WTGMeFt
Mc7i1IqnKPbOWA0lR9CPe3cC9Qgj4qkIiEhKm9oAjwE4K4HkhXtGMWliojFgdyan
nZPbL+zy0JNtmFiD1xVHJg/EEuniCh295adgSfV4XNPAyefC/b5RJDIxlFFYDFlb
OCiq3+/k8xx4x0D/thi1xsWD5k5XOv4zJEBuN0wRtIs3FzJc9Q3mwhdt7n4LyGPm
B648orCQYjCoAU+qF5JWBUmGsJ7fU4YeY/FTvS+Sm0FRs2j2nv1+og71PJw1FcI/
KrHywqECgYEA2y7+IuWZhFRX0It3kcRYUQlQCueC1Gr/KmiHyjqsidiTrons52JV
IPiY3znyvbxWnpW0bLh4UN9nBCmHJPMpyLsS/SxnOWUARVJYdB7I2XWuGsvEOVLq
b7WJbsmbJ/JiECq7VN8DWIGKY9MwPDNiKl2oTkxWLt+9iEe0C6wJm1ECgYEAz6MM
0qTXzfKHHm3VZtSkakyJNMBo+CkJiDkIVpjpxEjLoSHiMrp6ynEJOxPaqGwSNNgC
VJ3aXEpDoZa0IBw7yNUGYF7xD2/KbqTyRhXcVtq2EH47vOwn2B3bD4E18yfDKaGW
2YdxGd5tC0E1vTIueaOBhUChN+C4YpIS0oJFgOcCgYBVqgIthWsAqy4/FaM/12tl
EKy19lHNz5u26W/Y/CGfJoRhvQpYTLhU0JR++lkDCu8XwA7qRxbPFOFgYRKuwFLe
Xy9Gv+oAJpd6gHqNt9JsG3BWjLk+Zke2LU9ve2AmtrbY9rqMqzTVjJuX9Fxvyu1c
/YngQDmWzF95Of0GatC+YQKBgQCY59Pbk3UwvrduWyfaECH7/dzUshUbGu1gGc/g
Jb+QwqLiSFeRT+55AoDvtpFBkkReEey1b4GMkUv4xUhklSYZoXaOpZwT6BlFHcck
gZi/hVSqFKvdVnOJHYNiiZ63L8Ly94JlMu7BRCE9Nopih3/eJ+CLxqpywdRHEpc1
2qVgZQKBgAxL0yCk6hyh8+NmFLa0etqjqAhxSoW0mlJrJnU/h67nIGxebDjXmhFk
3f6UpQEmYzU5gXsrnpoaK4Cs6DCUcbdInfJGZy4htTbhdugVyLQJIdpFszpYqggM
ynLJNDTXoJa3Tct3SronW74Dk1p2njV6ViMHoI5c8PZ4l02qtoA3
-----END RSA PRIVATE KEY-----把私钥复制到key0.pem文件里
[root@computer ~(keystone_tuowazi)]# vim key0.pem创建云主机
创建一个名为ServerA的云主机,并启动它
#是网络的uuid,不是子网的uuid
[root@computer ~(keystone_tuowazi)]# nova boot --flavor my.small --image mysmall --key-name ctf-private-key --security-groups ctf-src-group --nic net-id=e4e34d3d-53eb-4d96-9e28-ae904751b0e5 ServerA
+--------------------------------------+-------------------------------------------------+
| Property | Value |
+--------------------------------------+-------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | nova |
| OS-EXT-SRV-ATTR:host | - |
| OS-EXT-SRV-ATTR:hypervisor_hostname | - |
| OS-EXT-SRV-ATTR:instance_name | instance-00000003 |
| OS-EXT-STS:power_state | 0 |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | - |
| OS-SRV-USG:terminated_at | - |
| accessIPv4 | |
| accessIPv6 | |
| adminPass | iLohSw3mGbNU |
| config_drive | |
| created | 2019-12-04T01:52:14Z |
| flavor | my.small (f80da5ef-9131-4780-9dee-48e5d038e341) |
| hostId | |
| id | c8075360-eaa5-4a05-b228-e9775b3b8188 |
| image | mysmall (53fb4700-e56f-4ea6-a1d9-831b45a5b28e) |
| key_name | ctf-private-key |
| metadata | {} |
| name | ServerA |
| os-extended-volumes:volumes_attached | [] |
| progress | 0 |
| security_groups | ctf-src-group |
| status | BUILD |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
| updated | 2019-12-04T01:52:14Z |
| user_id | 7a15c14d576d48dc840e7557653d6c11 |
+--------------------------------------+-------------------------------------------------+查看云主机
[root@computer ~(keystone_tuowazi)]# nova list
+--------------------------------------+---------+--------+------------+-------------+-------------------------+
| ID | Name | Status | Task State | Power State | Networks |
+--------------------------------------+---------+--------+------------+-------------+-------------------------+
| c8075360-eaa5-4a05-b228-e9775b3b8188 | ServerA | ACTIVE | - | Running | ctf-network=172.16.50.2 |
+--------------------------------------+---------+--------+------------+-------------+-------------------------+绑定公网IP
nova add-floating-ip ServerA 192.168.150.206
nova floating-ip-associate ServerA 192.168.150.206查看VNC
[root@computer ~(keystone_tuowazi)]# nova get-vnc-console ServerA novnc
+-------+--------------------------------------------------------------------------------------+
| Type | Url |
+-------+--------------------------------------------------------------------------------------+
| novnc | https://192.168.150.10:6080/vnc_auto.html?token=892b8592-feff-493c-8ea6-2f34f7b8d665 |
+-------+--------------------------------------------------------------------------------------+neutron
创建网络
[root@computer ~(keystone_tuowazi)]# neutron net-create ctf-network
Created a new network:
+---------------------------+--------------------------------------+
| Field | Value |
+---------------------------+--------------------------------------+
| admin_state_up | True |
| id | e4e34d3d-53eb-4d96-9e28-ae904751b0e5 |
| name | ctf-network |
| provider:network_type | vxlan |
| provider:physical_network | |
| provider:segmentation_id | 13 |
| router:external | False |
| shared | False |
| status | ACTIVE |
| subnets | |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
+---------------------------+--------------------------------------+创建共享外部网络
[root@controller ~(keystone_admin)]#neutron net-create ext-net --shared --router:external=True创建子网
#neutron subnet-create --name 子网名称 开启dhcp 网络名/id dhcp地址池
[root@computer ~(keystone_tuowazi)]# neutron subnet-create --name ctf-blue-net --enable-dhcp ctf-network 172.16.50.0/24
Created a new subnet:
+-------------------+--------------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------------+
| allocation_pools | {"start": "172.16.50.2", "end": "172.16.50.254"} |
| cidr | 172.16.50.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 172.16.50.1 |
| host_routes | |
| id | f072d6d6-7a94-4346-95d8-e3c3275ffe34 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | ctf-blue-net |
| network_id | e4e34d3d-53eb-4d96-9e28-ae904751b0e5 |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
+-------------------+--------------------------------------------------+查看
子网列表
[root@computer ~(keystone_tuowazi)]# neutron subnet-list |grep ctf
| f072d6d6-7a94-4346-95d8-e3c3275ffe34 | ctf-blue-net | 172.16.50.0/24 | {"start": "172.16.50.2", "end": "172.16.50.254"} |详细信息
#其它组件加show也可以查看详细的信息
[root@computer ~(keystone_tuowazi)]# neutron subnet-show ctf-blue-net
+-------------------+--------------------------------------------------+
| Field | Value |
+-------------------+--------------------------------------------------+
| allocation_pools | {"start": "172.16.50.2", "end": "172.16.50.254"} |
| cidr | 172.16.50.0/24 |
| dns_nameservers | |
| enable_dhcp | True |
| gateway_ip | 172.16.50.1 |
| host_routes | |
| id | f072d6d6-7a94-4346-95d8-e3c3275ffe34 |
| ip_version | 4 |
| ipv6_address_mode | |
| ipv6_ra_mode | |
| name | ctf-blue-net |
| network_id | e4e34d3d-53eb-4d96-9e28-ae904751b0e5 |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
+-------------------+--------------------------------------------------+创建路由
[root@computer ~(keystone_tuowazi)]# neutron router-create ctf-router
Created a new router:
+-----------------------+--------------------------------------+
| Field | Value |
+-----------------------+--------------------------------------+
| admin_state_up | True |
| distributed | False |
| external_gateway_info | |
| ha | False |
| id | 45f834e8-7ef3-43e7-a884-5d3d65d7147a |
| name | ctf-router |
| routes | |
| status | ACTIVE |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
+-----------------------+--------------------------------------+设置网关
#查看公网的id
[root@computer ~(keystone_tuowazi)]# neutron net-list|grep pubnet
| 3cc5955a-d4f9-4a36-8f25-a0824148d5c4 | pubnet | ae0b3731-6381-4b15-8970-d179b4a553dc 192.168.150.0/24 |
#语法: neutron router-gateway-set 路由id 外网id
[root@computer ~(keystone_tuowazi)]# neutron router-gateway-set 45f834e8-7ef3-43e7-a884-5d3d65d7147a 3cc5955a-d4f9-4a36-8f25-a0824148d5c4
Set gateway for router 45f834e8-7ef3-43e7-a884-5d3d65d7147a添加路由接口
#语法: neutron router-interface-add 路由id 子网id
[root@computer ~(keystone_tuowazi)]# neutron router-interface-add 45f834e8-7ef3-43e7-a884-5d3d65d7147a f072d6d6-7a94-4346-95d8-e3c3275ffe34
Added interface a5d4b9c3-70fa-41b2-8080-72afaeda4f1b to router 45f834e8-7ef3-43e7-a884-5d3d65d7147a.
[root@computer ~(keystone_tuowazi)]# 添加公网IP
[root@computer ~(keystone_tuowazi)]# neutron floatingip-create pubnet
Created a new floatingip:
+---------------------+--------------------------------------+
| Field | Value |
+---------------------+--------------------------------------+
| fixed_ip_address | |
| floating_ip_address | 192.168.150.206 |
| floating_network_id | 3cc5955a-d4f9-4a36-8f25-a0824148d5c4 |
| id | e90e03d5-86b9-4519-8169-3e774a44f781 |
| port_id | |
| router_id | |
| status | DOWN |
| tenant_id | 047de03e432a4060aaab88d13686ea54 |
+---------------------+--------------------------------------+查看公网ip
[root@computer ~(keystone_tuowazi)]# neutron floatingip-list
+--------------------------------------+------------------+---------------------+--------------------------------------+
| id | fixed_ip_address | floating_ip_address | port_id |
+--------------------------------------+------------------+---------------------+--------------------------------------+
| 714696f8-0ac5-44ab-aa91-17af3127bc3e | 172.16.10.50 | 192.168.150.201 | a897da29-1766-4d73-aa19-ff05c0916e81 |
| e90e03d5-86b9-4519-8169-3e774a44f781 | | 192.168.150.206 | |
+--------------------------------------+------------------+---------------------+--------------------------------------+创建安全组
[root@computer ~(keystone_tuowazi)]# neutron security-group-create ctf-src-group查看安全组列表
neutron security-group-list添加规则
放行22端口
#入口
[root@computer ~(keystone_tuowazi)]# neutron security-group-rule-create --protocol tcp --port-range-min 22 --port-range-max 22 --ethertype ipv4 --remote-ip-prefix 0.0.0.0/0 ctf-src-group
#出口
[root@computer ~(keystone_tuowazi)]# neutron security-group-rule-create --protocol tcp --direction egress --port-range-min 22 --port-range-max 22 --ethertype ipv4 --remote-ip-prefix 0.0.0.0/0 ctf-src-group放行80端口
#入口
[root@computer ~(keystone_tuowazi)]# neutron security-group-rule-create --protocol tcp --port-range-min 80 --port-range-max 80 --ethertype ipv4 --remote-ip-prefix 0.0.0.0/0 ctf-src-group
#出口
neutron security-group-rule-create --protocol tcp --direction egress --port-range-min 80 --port-range-max 80 --ethertype ipv4 --remote-ip-prefix 0.0.0.0/0 ctf-src-group放行imcp
#进口
[root@computer ~(keystone_tuowazi)]# neutron security-group-rule-create --protocol icmp --ethertype ipv4 --remote-ip-prefix 0.0.0.0/0 ctf-src-group
#出口
[root@computer ~(keystone_tuowazi)]# neutron security-group-rule-create --protocol icmp --direction egress --ethertype ipv4 ctf-src-group查看安全组规则
[root@computer ~(keystone_tuowazi)]#neutron security-group-show ctf-src-groupcinder
创建云硬盘
创建一个云硬盘
[root@computer ~(keystone_tuowazi)]# cinder create --display-name disk0 1
+---------------------+--------------------------------------+
| Property | Value |
+---------------------+--------------------------------------+
| attachments | [] |
| availability_zone | nova |
| bootable | false |
| created_at | 2019-12-04T02:31:26.182203 |
| display_description | None |
| display_name | disk0 |
| encrypted | False |
| id | e09ac030-f8c4-49ce-bdc1-9989fff92e2f |
| metadata | {} |
| size | 1 |
| snapshot_id | None |
| source_volid | None |
| status | creating |
| volume_type | None |
+---------------------+--------------------------------------+加载云硬盘
[root@computer ~(keystone_tuowazi)]# nova volume-attach ServerA e09ac030-f8c4-49ce-bdc1-9989fff92e2f
+----------+--------------------------------------+
| Property | Value |
+----------+--------------------------------------+
| device | /dev/vdd |
| id | e09ac030-f8c4-49ce-bdc1-9989fff92e2f |
| serverId | c8075360-eaa5-4a05-b228-e9775b3b8188 |
| volumeId | e09ac030-f8c4-49ce-bdc1-9989fff92e2f |
+----------+--------------------------------------+删除
删除云主机
[root@controller ~(keystone_admin)]#nova delete c8075360-eaa5-4a05-b228-e9775b3b8188删除云硬盘
[root@controller ~(keystone_admin)]#cinder delete e09ac030-f8c4-49ce-bdc1-9989fff92e2f删除秘钥对
[root@computer ~(keystone_tuowazi)]# nova keypair-delete ctf-private-key删除安全组
[root@computer ~(keystone_tuowazi)]# nova secgroup-delete ctf-src-group清空网关
#查找ctf-network网络routerid
[root@controller ~(keystone_admin)]# neutron router-list |grep ctf|awk -F "|" '{print $2}'
45f834e8-7ef3-43e7-a884-5d3d65d7147a
#清空所有网关
[root@computer ~(keystone_tuowazi)]#neutron router-gateway-clear 45f834e8-7ef3-43e7-a884-5d3d65d7147a删除路由
[root@controller ~(keystone_admin)]# neutron router-delete `neutron router-list|grep ctf|awk -F"|" '{print $2}'|tr -d " "`删除dhcp分配的地址
[root@computer ~(keystone_tuowazi)]# neutron port-delete 82d7c624-2172-4998-8405-7737b876d1ef
Deleted port: 82d7c624-2172-4998-8405-7737b876d1ef删除dhcp地址池
[root@computer ~(keystone_tuowazi)]# neutron dhcp-agent-list-hosting-net ctf-network
+--------------------------------------+------------+----------------+-------+
| id | host | admin_state_up | alive |
+--------------------------------------+------------+----------------+-------+
| 3090b4df-38f8-47e2-9481-d804485aa562 | controller | True | :-) |
+--------------------------------------+------------+----------------+-------+
[root@computer ~(keystone_tuowazi)]# neutron dhcp-agent-network-remove 3090b4df-38f8-47e2-9481-d804485aa562 ctf-network
Removed network ctf-network from DHCP agent删除子网
[root@computer ~(keystone_tuowazi)]# neutron subnet-delete `neutron subnet-list |grep ctf|awk -F"|" '{print $2}'|tr -d " "`
Deleted subnet: f072d6d6-7a94-4346-95d8-e3c3275ffe34原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
原创声明:本文系作者授权腾讯云开发者社区发表,未经许可,不得转载。
如有侵权,请联系 cloudcommunity@tencent.com 删除。
评论
登录后参与评论
推荐阅读