openstack多节点部署运维-睿象云平台

openstack多节点部署运维

本站部分文章、图片属于网络上可搜索到的公开信息，均用于学习和交流用途，不能代表睿象云的观点、立场或意见。我们接受网民的监督，如发现任何违法内容或侵犯了您的权益，请第一时间联系小编邮箱jiasou666@gmail.com 处理。

openstack多节点部署运维

一、packstack单点部署

1、配置虚拟机NAT网络连接

查看vmware的NAT网络默认配置

配置当前虚拟机的网络配置

配置linux网络

2、yum源配置

二、国赛双节点部署

1、准备虚拟机

创建虚拟机前，创建好vmnet2(仅主机模式),vmnet10(NAT模式)网卡，检查对应的适配器是否创建成功。准备两台vmware虚拟机，手动最小化安装2台Centos7.2系统，第一个网卡为仅主机模式，第二个网卡为NAT模式，配置CPU虚拟机，4G以上内存，50G以上硬盘。

master节点网卡：

TYPE=EthernetBOOTPROTO=staticDEFROUTE=yesPEERDNS=yesPEERROUTES=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_PEERDNS=yesIPV6_PEERROUTES=yesIPV6_FAILURE_FATAL=noNAME=eno16777736UUID=f34abd2e-89c9-4daf-a28c-54765164d59dDEVICE=eno16777736ONBOOT=yesIPADDR=192.168.16.10NETMASK=255.255.255.0

Node节点网卡：

TYPE=EthernetBOOTPROTO=staticDEFROUTE=yesPEERDNS=yesPEERROUTES=yesIPV4_FAILURE_FATAL=noIPV6INIT=yesIPV6_AUTOCONF=yesIPV6_DEFROUTE=yesIPV6_PEERDNS=yesIPV6_PEERROUTES=yesIPV6_FAILURE_FATAL=noNAME=eno16777736UUID=8bbcc106-d60f-48cc-aafd-2bde0154fa2eDEVICE=eno16777736ONBOOT=yesIPADDR=192.168.16.20NETMASK=255.255.255.0

2、镜像挂载

镜像上传到master节点，然后完成挂载即可。

# 挂载linux镜像cd /root/;mount -o loop CentOS-7-x86_64-DVD-1511.iso /mnt/;mkdir /opt/centos7.2;cp -rvf /mnt/* /opt/centos7.2/umount /mnt/;# 挂载iaas镜像cd /root/;mount -o loop XianDian-IaaS-v2.2.iso /mnt/;mkdir /opt/iaas;cp -rvf /mnt/* /opt/iaas;umount /mnt/;

3、本地yum配置

分别配置控制节点和计算节点的yum

# 控制节点：rm -rf /etc/yum.repos.d/CentOS-*;cat > /etc/yum.repos.d/local.repo <

# 计算节点：(如果没有可以后面再配)rm -rf /etc/yum.repos.d/CentOS-*;cat > /etc/yum.repos.d/local.repo << EOF[centos]name=centosbaseurl=ftp://192.168.16.10/centos7.2gpgcheck=0enabled=1[iaas]name=iassbaseurl=ftp://192.168.16.10/iaas/iaas-repogpgcheck=0enabled=1EOF

为计算节点提供ftp访问方式

# 控制节点——yum缓存清理yum clean allyum makecache# 控制节点——安装vsftpd和ftpyum install -y vsftpdyum install -y ftprpm -qa| grep vsftpd# 控制节点——修改vsftpd配置文件在/etc/vsftpd/vsftpd.conf中添加一行代码：anon_root=/opt# 控制节点——安装网络工具包yum install net-tools# 重启vsftpd服务systemctl restart vsftpd# 开机启动vsftpdsystemctl enable vsftpd# 控制节点、计算节点——关闭防火墙setenforce 0;iptables -F;iptables -X;iptables -Z;systemctl stop firewalld;systemctl disable firewalld;# 计算节点yum clean allyum makecache

4、给计算节点（node）添加新磁盘并分区

在vmware上给计算节点虚拟机添加一个新磁盘。虚拟机——》设置——》添加——》硬盘——》scsi模式——》创建新虚拟磁盘——》20G，拆分为多个文件——》完成

# 重启计算节点虚拟机reboot# 查看当前虚拟机的磁盘情况fdisk -l# 可以看到Disk /dev/sdb: 21.5 GB是完全空闲的# 创建两个空白磁盘空间fdisk /dev/sdb n,p,回车,回车,+10G n,p,回车,回车,回车 w

5、在controller和compute节点安装iaas-xiandian包

# 控制节点、计算节点分别执行，安装软件包yum install -y iaas-xiandian

控制节点、计算节点编辑修改配置文件/etc/xiandian/openrc.sh

##--------------------system Config--------------------####Controller Server Manager IP. example:x.x.x.xHOST_IP=192.168.16.10##Controller HOST Password. example:000000 HOST_PASS=000000##Controller Server hostname. example:controllerHOST_NAME=controller##Compute Node Manager IP. example:x.x.x.xHOST_IP_NODE=192.168.16.20##Compute HOST Password. example:000000 HOST_PASS_NODE=000000##Compute Node hostname. example:computeHOST_NAME_NODE=compute##--------------------Chrony Config-------------------####Controller network segment IP. example:x.x.0.0/16(x.x.x.0/24)network_segment_IP=192.168.16.0/24##--------------------Rabbit Config ------------------####user for rabbit. example:openstackRABBIT_USER=openstack##Password for rabbit user .example:000000RABBIT_PASS=000000##--------------------MySQL Config---------------------####Password for MySQL root user . exmaple:000000DB_PASS=000000##--------------------Keystone Config------------------####Password for Keystore admin user. exmaple:000000DOMAIN_NAME=demoADMIN_PASS=000000DEMO_PASS=000000##Password for Mysql keystore user. exmaple:000000KEYSTONE_DBPASS=000000##--------------------Glance Config--------------------####Password for Mysql glance user. exmaple:000000GLANCE_DBPASS=000000##Password for Keystore glance user. exmaple:000000GLANCE_PASS=000000##--------------------Nova Config----------------------####Password for Mysql nova user. exmaple:000000NOVA_DBPASS=000000##Password for Keystore nova user. exmaple:000000NOVA_PASS=000000##--------------------Neturon Config-------------------####Password for Mysql neutron user. exmaple:000000NEUTRON_DBPASS=000000##Password for Keystore neutron user. exmaple:000000NEUTRON_PASS=000000##metadata secret for neutron. exmaple:000000METADATA_SECRET=000000##Tunnel Network Interface. example:x.x.x.xINTERFACE_IP=192.168.16.10/192.168.16.20##External Network Interface. example:eth1 第二张网卡INTERFACE_NAME=eno33554960##External Network The Physical Adapter. example:providerPhysical_NAME=provider##First Vlan ID in VLAN RANGE for VLAN Network. exmaple:101minvlan=1##Last Vlan ID in VLAN RANGE for VLAN Network. example:200maxvlan=2000##--------------------Cinder Config--------------------####Password for Mysql cinder user. exmaple:000000CINDER_DBPASS=000000##Password for Keystore cinder user. exmaple:000000CINDER_PASS=000000##Cinder Block Disk. example:md126p3BLOCK_DISK=sdb1##--------------------Swift Config---------------------####Password for Keystore swift user. exmaple:000000SWIFT_PASS=000000##The NODE Object Disk for Swift. example:md126p4.OBJECT_DISK=sdb2##The NODE IP for Swift Storage Network. example:x.x.x.x.STORAGE_LOCAL_NET_IP=192.168.16.20##--------------------Heat Config----------------------####Password for Mysql heat user. exmaple:000000HEAT_DBPASS=000000##Password for Keystore heat user. exmaple:000000HEAT_PASS=000000##--------------------Zun Config-----------------------####Password for Mysql Zun user. exmaple:000000ZUN_DBPASS=000000##Password for Keystore Zun user. exmaple:000000ZUN_PASS=000000##Password for Mysql Kuryr user. exmaple:000000KURYR_DBPASS=000000##Password for Keystore Kuryr user. exmaple:000000KURYR_PASS=000000##--------------------Ceilometer Config----------------####Password for Gnocchi ceilometer user. exmaple:000000CEILOMETER_DBPASS=000000##Password for Keystore ceilometer user. exmaple:000000CEILOMETER_PASS=000000##--------------------AODH Config----------------####Password for Mysql AODH user. exmaple:000000AODH_DBPASS=000000##Password for Keystore AODH user. exmaple:000000AODH_PASS=000000##--------------------Barbican Config----------------####Password for Mysql Barbican user. exmaple:000000BARBICAN_DBPASS=000000##Password for Keystore Barbican user. exmaple:000000BARBICAN_PASS=000000

6、脚本安装openstack平台

控制节点、计算节点分别执行如下脚本安装基础服务：iaas-pre-host.sh

控制节点部署mysql数据库服务：iaas-install-mysql.sh

控制节点部署keystone服务：iaas-install-keystore.sh

控制节点部署glance服务：iaas-install-glance.sh

控制节点部署nova服务：iaas-install-nova-controller.sh计算节点部署nova服务iaas-install-nova-compute.sh

控制节点部署neutroniaas-install-neutron-controller.sh错误处理——修改脚本：vi /usr/local/bin/iaas-install-neutron-controller-gre.sh将最后一行的systemctl enabled neutron-lbaas-agent 改为 systemctl enable neutron-lbaas-agent再执行下面的脚本：iaas-install-neutron-controller-gre.sh

计算节点部署neutroniaas-install-neutron-compute.shiaas-install-neutron-compute-gre.sh

控制节点部署dashboardiaas-install-dashboard.sh

三、Openstack平台使用

两节点部署，192.168.16.10为控制节点。192.168.16.20为计算节点。

1、创建镜像

# 控制节点上，找到qcow2镜像[root@controller ~]# cd /opt/iaas/images/[root@controller images]# lsCentOS_6.5_x86_64_XD.qcow2 CentOS_7.2_x86_64_XD.qcow2 MySQL_5.6_XD.qcow2# 上传镜像致Glance服务# 在控制节点，通过glance命令，将qcow2镜像上传到平台[root@controller images]# source /etc/keystone/admin-openrc.sh[root@controller images]# glance image-create --name "centos7.2" --disk-format qcow2 --container-format bare --progress < CentOS_7.2_x86_64_XD.qcow2

2、创建虚拟机

（1）创建外部网络

（2）创建内部网络

（3）创建路由器

（4）安全组配置

管理访问策略安全组，选择菜单栏项目——》计算——》访问&安全。单击default安全组管理规则按钮。

（5）创建云主机

创建云主机，选择菜单栏项目——》计算——》云主机。单击右侧 "创建云主机"按钮。

云主机名称为：test，数量：1。选择centos7.2镜像；选择m1.small资源类型；选择int-gre网络。然后单击"启动实例"按钮创建实例。

（6）连接云主机

打开CMD窗口，通过ping命令测试连通云主机。使用secureCRT工具，连接云主机，用户名：root,密码：000000。

四、Keystone服务运维

在Openstack框架中，keystone(Openstack Identity Service)的功能是负责验证身份、校验服务规则和发布服务令牌的，它实现了Openstack的Identity API.keystone可分解为两个功能：权限管理和服务目录。

1、keystone运维命令

# 环境配置source /etc/keystone/admin-openrc.sh# 创建 hqs用户openstack user create --password ps1234 --email hqs@example.com --domain demo hqs# 创建acme项目openstack project create --domain demo acme# 创建角色openstack role create compute-user# 绑定用户和项目权限# 添加的用户需要分配一定的权限，需要把用户关联绑定到对应的项目和角色openstack role add --user hqs --project acme compute-user

2、keystone查询命令

五、Nova组件详解

计算节点通过Nova Computer进行虚拟机创建，通过libvirt调用kvm创建虚拟机，nova之间通信通过rabbitMQ队列进行通信。Nova位于Openstack架构的中心，其他服务或者组件（比如Glance、Cinder、Neutron等）对它提供支持，另外它本身的架构也比较复杂。

作用：

Nova是OpenStack最核心的服务模块，负责管理和维护云计算环境的计算资源，负责整个云环境虚拟机生命周期的管理。Nova是OpenStack的计算服务，负责维护和管理的网络和存储，提供计算服务。

1、安全组相关操作：

nova secgroup-add-default-rule Add a rule to the set of rules that will be added to the 'default' security group for new tenants (nova-network only). secgroup-add-group-rule Add a source group rule to a security group. secgroup-add-rule Add a rule to a security group. secgroup-create Create a security group. secgroup-delete Delete a security group. secgroup-delete-default-rule Delete a rule from the set of rules that will be added to the 'default' security group for new tenants (nova-network only). secgroup-delete-group-rule Delete a source group rule from a security group. secgroup-delete-rule Delete a rule from a security group. secgroup-list List security groups for the current tenant. secgroup-list-default-rules List rules that will be added to the 'default' security group for new tenants. secgroup-list-rules List rules for a security group. secgroup-update Update a security group.# 安全组查看：[root@controller ~]# nova secgroup-list+--------------------------------------+---------+------------------------+| Id | Name | Description |+--------------------------------------+---------+------------------------+| 486eaa38-8e3d-4214-96bc-e6fee9b81be6 | default | Default security group |+--------------------------------------+---------+------------------------+# 安全组创建[root@controller ~]# nova secgroup-create hqs 'Most great security group'+--------------------------------------+------+---------------------------+| Id | Name | Description |+--------------------------------------+------+---------------------------+| 1f2e9304-2fa0-45ac-a407-9816c72a1190 | hqs | Most great security group |+--------------------------------------+------+---------------------------+# 安全组更新[root@controller ~]# nova secgroup-update 218faa36-c250-40d5-9775-534049e5771a hqs111 'One of the most great security group '+--------------------------------------+--------+---------------------------------------+| Id | Name | Description |+--------------------------------------+--------+---------------------------------------+| 218faa36-c250-40d5-9775-534049e5771a | hqs111 | One of the most great security group |+--------------------------------------+--------+---------------------------------------+# 安全组删除[root@controller ~]# nova secgroup-delete hqs111# 安全组规则查看[root@controller ~]# nova secgroup-list-rules hqs +-------------+-----------+---------+----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+----------+--------------++-------------+-----------+---------+----------+--------------+[root@controller ~]# nova secgroup-list-rules default+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| tcp | 1 | 65535 | 0.0.0.0/0 | || udp | 1 | 65535 | 0.0.0.0/0 | || icmp | -1 | -1 | 0.0.0.0/0 | || | | | | default || | | | | default |+-------------+-----------+---------+-----------+--------------+# 安全组规则添加[root@controller ~]# nova secgroup-add-rule hqs icmp -1 -1 0.0.0.0/0+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| icmp | -1 | -1 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+[root@controller ~]# nova secgroup-add-rule hqs udp 1 65535 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| udp | 1 | 65535 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+[root@controller ~]# nova secgroup-add-rule hqs tcp 1 65535 0.0.0.0/0 +-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| tcp | 1 | 65535 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+# 安全组规则删除[root@controller ~]# nova secgroup-delete-rule hqs icmp -1 -1 0.0.0.0/0+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| icmp | -1 | -1 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+[root@controller ~]# nova secgroup-list-rules hqs +-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| udp | 1 | 65535 | 0.0.0.0/0 | || tcp | 1 | 65535 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+

2、云主机类型操作

nova flavor-access-add Add flavor access for the given tenant. flavor-access-list Print access information about the given flavor. flavor-access-remove Remove flavor access for the given tenant. flavor-create Create a new flavor. flavor-delete Delete a specific flavor flavor-key Set or unset extra_spec for a flavor. flavor-list Print a list of available 'flavors' (sizes of servers). flavor-show Show details about the given flavor. # 云主机类型列表查看[root@controller ~]# nova flavor-list+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+| 1 | m1.tiny | 512 | 1 | 0 | | 1 | 1.0 | True || 2 | m1.small | 2048 | 20 | 0 | | 1 | 1.0 | True || 3 | m1.medium | 4096 | 40 | 0 | | 2 | 1.0 | True || 4 | m1.large | 8192 | 80 | 0 | | 4 | 1.0 | True || 5 | m1.xlarge | 16384 | 160 | 0 | | 8 | 1.0 | True || 7645393e-4f46-473a-85bf-6ea69669dac2 | m1-hqs | 512 | 10 | 0 | | 1 | 1.0 | True |+--------------------------------------+-----------+-----------+------+-----------+------+-------+-------------+-----------+# 云主机类型添加[root@controller ~]# nova flavor-create m1.hqs 6 1024 10 1+----+--------+-----------+------+-----------+------+-------+-------------+-----------+| ID | Name | Memory_MB | Disk | Ephemeral | Swap | VCPUs | RXTX_Factor | Is_Public |+----+--------+-----------+------+-----------+------+-------+-------------+-----------+| 6 | m1.hqs | 1024 | 10 | 0 | | 1 | 1.0 | True |+----+--------+-----------+------+-----------+------+-------+-------------+-----------+# 云主机类型详情查看[root@controller ~]# nova flavor-show m1.hqs+----------------------------+--------+| Property | Value |+----------------------------+--------+| OS-FLV-DISABLED:disabled | False || OS-FLV-EXT-DATA:ephemeral | 0 || disk | 10 || extra_specs | {} || id | 6 || name | m1.hqs || os-flavor-access:is_public | True || ram | 1024 || rxtx_factor | 1.0 || swap | || vcpus | 1 |+----------------------------+--------+# 云主机类型删除[root@controller ~]# nova flavor-delete m1-hqs

3、云主机实例操作

# 实例列表查看nova list# 实例详情查看nova show # 实例创建nova boot --image [--volume ] --availability-zone nova --flavor --security-groups --nic # 1、查看镜像glance image-list# 2、查看规格nova flavor-list# 3、查看安全组nova secgroup-list# 4、查看可用的网络neutron net-listnova boot \--image centos7.2 \--availability-zone nova \--flavor m1.hqs \--security-groups hqs \--nic net-id=64306052-bcec-4209-ac4c-45b9d2de4dde \caocao-server1# 5、实例创建[root@controller images]# nova boot test-server --image centos7.2 --flavor m1.lxh --availability-zone nova --security-groups hqs --nic net-id=451fd2af-e1eb-4437-bf71-53b5f91c10b5+--------------------------------------+--------------------------------------------------+| Property | Value |+--------------------------------------+--------------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | nova || OS-EXT-SRV-ATTR:host | - || OS-EXT-SRV-ATTR:hostname | test-server || OS-EXT-SRV-ATTR:hypervisor_hostname | - || OS-EXT-SRV-ATTR:instance_name | instance-0000000d || OS-EXT-SRV-ATTR:kernel_id | || OS-EXT-SRV-ATTR:launch_index | 0 || OS-EXT-SRV-ATTR:ramdisk_id | || OS-EXT-SRV-ATTR:reservation_id | r-zoria5fn || OS-EXT-SRV-ATTR:root_device_name | - || OS-EXT-SRV-ATTR:user_data | - || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | - || OS-SRV-USG:terminated_at | - || accessIPv4 | || accessIPv6 | || adminPass | ejFD96k8DUkW || config_drive | || created | 2021-10-19T02:09:45Z || description | - || flavor | m1.lxh (111) || hostId | || host_status | || id | 22d0a54b-2a6f-4ea8-8729-dc07055c19e5 || image | centos7.2 (8aec8782-c6af-41d8-a225-ada5a2af13dc) || key_name | - || locked | False || metadata | {} || name | test-server || os-extended-volumes:volumes_attached | [] || progress | 0 || security_groups | hqs || status | BUILD || tenant_id | 386dbfcf77e444c7872e4e23d5829fcc || updated | 2021-10-19T02:09:55Z || user_id | 0f217182b5af448c988f5464c706a337 |+--------------------------------------+--------------------------------------------------+# 实例停止[root@controller ~]# nova stop hqs_serverRequest to stop server hqs_server has been accepted.# 实例启动[root@controller ~]# nova start hqs_serverRequest to start server hqs_server has been accepted.# 实例重启[root@controller ~]# nova reboot hqs_serverRequest to reboot server has been accepted.[root@controller ~]# nova list+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT | reboot_started | Running | int-gre=172.25.2.8 || c6cabeed-1176-4634-b493-b6be7c351a03 | test | SHUTOFF | - | Shutdown | int-gre=172.25.2.3, 192.168.20.4 |+--------------------------------------+------------+---------+----------------+-------------+----------------------------------+# 实例挂起[root@controller ~]# nova pause test[root@controller ~]# nova list +--------------------------------------+------------+--------+----------------+-------------+----------------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+| b51590fc-33cc-4d54-8e54-c0530e912d2b | hqs_server | REBOOT | reboot_started | Running | int-gre=172.25.2.8 || c6cabeed-1176-4634-b493-b6be7c351a03 | test | PAUSED | - | Paused | int-gre=172.25.2.3, 192.168.20.4 |+--------------------------------------+------------+--------+----------------+-------------+----------------------------------+# 实例删除[root@controller ~]# nova delete hqs_serverRequest to delete server hqs_server has been accepted.[root@controller ~]# nova list+--------------------------------------+------+--------+------------+-------------+----------------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+------+--------+------------+-------------+----------------------------------+| c6cabeed-1176-4634-b493-b6be7c351a03 | test | PAUSED | - | Paused | int-gre=172.25.2.3, 192.168.20.4 |+--------------------------------------+------+--------+------------+-------------+----------------------------------+

4、浮动IP

nova floating-ip-associate Associate a floating IP address to a server. floating-ip-bulk-create Bulk create floating IPs by range (nova-network only). floating-ip-bulk-delete Bulk delete floating IPs by range (nova- network only). floating-ip-bulk-list List all floating IPs (nova-network only). floating-ip-create Allocate a floating IP for the current tenant. floating-ip-delete De-allocate a floating IP. floating-ip-disassociate Disassociate a floating IP address from a server. floating-ip-list List floating IPs. floating-ip-pool-list List all floating IP pools.# 创建浮动IP# 语法：nova floating-ip-create [root@controller nova]# nova floating-ip-create net-gre+--------------------------------------+--------------+-----------+----------+---------+| Id | IP | Server Id | Fixed IP | Pool |+--------------------------------------+--------------+-----------+----------+---------+| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |+--------------------------------------+--------------+-----------+----------+---------+# 浮动IP的列表信息[root@controller nova]# nova floating-ip-list+--------------------------------------+--------------+-----------+----------+---------+| Id | IP | Server Id | Fixed IP | Pool |+--------------------------------------+--------------+-----------+----------+---------+| fcb2439d-ba4f-4467-ad60-34726d57aba4 | 192.168.37.5 | - | - | net-gre |+--------------------------------------+--------------+-----------+----------+---------+# 浮动IP地址池信息[root@controller nova]# nova floating-ip-pool-list +---------+| name |+---------+| net-gre |+---------+# 查看浮动IP详细信息[root@controller nova]# openstack ip floating show 192.168.37.5+---------------------+--------------------------------------+| Field | Value |+---------------------+--------------------------------------+| description | || dns_domain | || dns_name | || fixed_ip_address | None || floating_ip_address | 192.168.37.5 || floating_network_id | 847163a4-65dd-456e-a839-4f810cce80cf || id | fcb2439d-ba4f-4467-ad60-34726d57aba4 || port_id | None || project_id | 386dbfcf77e444c7872e4e23d5829fcc || router_id | None || status | DOWN |+---------------------+--------------------------------------+# 浮动ip关联给实例# 语法：nova floating-ip-associate [--fixed-address ]

# 参数：# Name or ID of server.（nova list）#

5、密钥管理

nova keypair-add Create a new key pair for use with servers. keypair-delete Delete keypair given by its name. (Supported by API versions '2.0' - '2.latest') [hint: use '--os-compute-api-version' flag to show help message for proper version] keypair-list Print a list of keypairs for a user (Supported by API versions '2.0' - '2.latest') [hint: use '--os-compute-api-version' flag to show help message for proper version] keypair-show Show details about the given keypair. (Supported by API versions '2.0' - '2.latest') [hint: use '--os-compute-api-version' flag to show help message for proper version]# 查看密钥列表[root@controller ~]# nova keypair-list+------+------+-------------------------------------------------+| Name | Type | Fingerprint |+------+------+-------------------------------------------------+| test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |+------+------+-------------------------------------------------+# 查看密钥详情[root@controller ~]# nova keypair-show test+-------------+-------------------------------------------------+| Property | Value |+-------------+-------------------------------------------------+| created_at | 2021-10-28T14:06:12.000000 || deleted | False || deleted_at | - || fingerprint | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e || id | 1 || name | test || type | ssh || updated_at | - || user_id | 0f217182b5af448c988f5464c706a337 |+-------------+-------------------------------------------------+Public key: ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDc/qEc2ihvE7aLgSVH0lt5PDBwEYXW0CqMx8sGJPT1p3r0mxdJiti9pJxBRoX+oOhA/LFssaOGvtHDK79Njs3HynrXkxvKo6UfmBNQzt2z5C3nTP2U17JY2wrOh7YyYdhuuRirCLNHQk4hM1YY9BbPrCLjLlQ8Gms6vdgDCgT1gXuRppBTfQKrIKKRk6d5vIqBMoGM3fCaM34DiqwOS/uq8gQM8T/io9h6XrTKWznmZgzaFJ2S3XUZhAliSEgkraxZIM8L3QWumMlBVryYVUX6QEKv29hNWYZF/bxUqfQx50vBuIfHlKgkcccAVDy6OoZNmd6T1rdJXEdW+MWobHu7 Generated-by-Nova# 创建密钥[root@controller ~]# nova keypair-add hqs --key-type ssh -----BEGIN RSA PRIVATE KEY-----MIIEpwIBAAKCAQEAw3YnZk1ej5j3+CjpWalgmVWxrdAVZGfpC3Qklz+0RW7p4nTnVlkGL7mWEgx7fmRaBzZuwUuSuvFB79zWhGZqh7Dt0Zeibyy48u3AtZtDY1ZVkvssVq7zOdUgg+2C8Em7KTAXsuf1I7KPxgJHX7j9pluN8zBQKiYYi4K+RPCVtisw3ev0Ey5vi7e1IuUawXpjWnGe+/yzCZWgL8X2uhyYH0cJUmO3PbFuX0aoZr/JsLbMfkeL0hCDkpKgkx8L/VD6C8FW+Z3mfJGxJtGwakb+BGyOYZ3j/Sv7bh03QKPgViqJ9CGaWL5/y8dYmFLYM45Gb60FLWPSHWLmH9SFnmV7UwIDAQABAoIBABkiGUDbU/xs8/2x7Qd9cxFkZntuFUIa5ml1nrrgEyMWdvaKh7Cfs97xIy3g8wQ2jSj+Q9GRESX+nbblE6RksvANvRbFQ7q96m46ShxQAaNFV62VpIbk6huWnx63rK2PHYTXTUTQ9MGJVVlls53IYL1CaodJwBUbXu6ZejPNJ8MLoyom7cH89uaP5K8Ej7pHObaxMBCkSylU0vcGqJp0Gu1NbnQ823EYm5QeEqUfG8xLyXKOvAq3scZHg5hqdD6SDVOYm3uQM8TF8zkYSSTYrwktj7g7vP6ZQ0zY3k/s/zxMbTIurwwNm8L93tPcgtJUMw+fPYu3OHr9nhBtaeFJ6AkCggCBANoJLHA6j5Jgj0uLy+ur8BmU8qSCJ7Nmx3JZFj2ELoZcLzjniHqH14QHqnBgFxaUAvmpy8wCMnIKrk83FdEkgk2vwSlsr1uEiz+MNHKqapWwiezR87HB5XsgtHpOsBlTpzQlOL7TJX7kCtZYgyGbQJvLMeek+cqy2YsNp28AgFulAoIAgQDlfr5dBmEMBtTVaAjZFlyhJIXpf93QeC9KTtCLJ0QXAVPpCLlnulC8W4JfuZDTFqOrgnx1y84DfyoZ4/K6zPNfqguRRzE2sxMNDLNZeyZiA10uZwEh+AJtCf54FU2xZtVP1eZ7I4QMR2jaDSj5nWgF90DYHoWLxOEeIVnTnFoplwKCAIANyxrGls3SYs1t6BAkfqIX3DZldd5xGQVxFHW1upD+6wIJxYv6xHE75wg/R7TuNrrhdH5yD4mFcWuJk2CL9JVRuNatejS1w3LTuFjxEBriEWMIWlfiXPPZkD4aprO5RnODdv9aAx2SI3cUDFFvZNT3hilIEEXFLv9YLqry+MMmCQKCAIBpG+OUN5e7KmXQWBW1V8iVBWVPzICLOoBuSCq7kQBeiP0lfhlsqKjRnBfaP+NUysmrg9f9G5r/fv6JXR2O8M+GwRsLLtAbfWj8URTTptOtkFzdI9Ag/rYdurYRybAL0E1ig1VMkLep6Ard06kwqic6lEPeuBvyJ/nzEtNRWArzgQKCAIAQDXQbP+20nzHoWqy1sFYIpOYrC+pZGX3tZb8DfAKrhrL+FkGePSe6bNwgWVDEUwTyvoPUexvAVi7nZ1sqMw/Ar+KxCXcti+dzZZZa3typLQMceOr2wFfpNMT/Kq2DTrgkXN+jpFczv/R0kNn5bOB/DIm8JUeN44k97lMzIrD7TA==-----END RSA PRIVATE KEY-----# 删除密钥[root@controller ~]# nova keypair-list+------+------+-------------------------------------------------+| Name | Type | Fingerprint |+------+------+-------------------------------------------------+| hqs | ssh | e2:cc:e9:8f:1d:06:45:b4:52:0b:38:68:0d:15:b8:b9 || test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |+------+------+-------------------------------------------------+[root@controller ~]# nova keypair-delete hqs[root@controller ~]# nova keypair-list+------+------+-------------------------------------------------+| Name | Type | Fingerprint |+------+------+-------------------------------------------------+| test | ssh | 5c:7e:d8:bd:b9:33:cb:f9:eb:b8:52:c4:04:7c:8c:1e |+------+------+-------------------------------------------------+

6、配额管理

# 待补全[root@controller ~]# openstack quota show admin+----------------------+----------------------------------+| Field | Value |+----------------------+----------------------------------+| backup_gigabytes | 1000 || backups | 10 || cores | 20 || firewall | 10 || firewall_policy | 10 || firewall_rule | 100 || fixed-ips | -1 || floating-ips | 50 || gigabytes | 1000 || health_monitor | -1 || injected-file-size | 10240 || injected-files | 5 || injected-path-size | 255 || instances | 10 || key-pairs | 100 || member | -1 || network | 10 || per_volume_gigabytes | -1 || pool | 10 || port | 50 || project | 386dbfcf77e444c7872e4e23d5829fcc || properties | 128 || ram | 51200 || rbac_policy | 10 || router | 10 || secgroup-rules | 100 || secgroups | 10 || server_group_members | 10 || server_groups | 10 || snapshots | 10 || subnet | 10 || subnetpool | -1 || vip | 10 || volumes | 10 |+----------------------+----------------------------------+

六、网络neutron

网络管理

# 查看网络列表信息[root@controller ~]# openstack network list+--------------------------------------+---------+--------------------------------------+| ID | Name | Subnets |+--------------------------------------+---------+--------------------------------------+| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre | 757f4819-48aa-4026-aff2-8e78b4161691 || 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre | d3aa832b-8bcf-4a7b-9692-540b468a711b |+--------------------------------------+---------+--------------------------------------+# 查看网络详细信息[root@controller ~]# openstack network show net-gre+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | nova || created_at | 2021-10-18T18:02:38 || description | || id | 847163a4-65dd-456e-a839-4f810cce80cf || ipv4_address_scope | None || ipv6_address_scope | None || is_default | False || mtu | 1458 || name | net-gre || port_security_enabled | True || project_id | 386dbfcf77e444c7872e4e23d5829fcc || provider:network_type | gre || provider:physical_network | None || provider:segmentation_id | 99 || router_external | Internal || shared | False || status | ACTIVE || subnets | 757f4819-48aa-4026-aff2-8e78b4161691 || tags | [] || updated_at | 2021-10-18T18:15:25 |+---------------------------+--------------------------------------+# 创建网络[root@controller ~]# openstack network create int-gre-test --project admin+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2021-10-28T14:25:07 || description | || headers | || id | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 || ipv4_address_scope | None || ipv6_address_scope | None || mtu | 1458 || name | int-gre-test || port_security_enabled | True || project_id | 386dbfcf77e444c7872e4e23d5829fcc || provider:network_type | gre || provider:physical_network | None || provider:segmentation_id | 91 || router_external | Internal || shared | False || status | ACTIVE || subnets | || tags | [] || updated_at | 2021-10-28T14:25:07 |+---------------------------+--------------------------------------+# 更新网络[root@controller ~]# openstack network set int-gre-test --enable --name int-test-gre[root@controller ~]# openstack network list+--------------------------------------+--------------+--------------------------------------+| ID | Name | Subnets |+--------------------------------------+--------------+--------------------------------------+| 847163a4-65dd-456e-a839-4f810cce80cf | net-gre | 757f4819-48aa-4026-aff2-8e78b4161691 || 64306052-bcec-4209-ac4c-45b9d2de4dde | int-gre | d3aa832b-8bcf-4a7b-9692-540b468a711b || 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 | int-test-gre | |+--------------------------------------+--------------+--------------------------------------+[root@controller ~]# openstack network show int-test-gre+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2021-10-28T14:25:07 || description | || id | 8e16c3a3-53f2-4ab7-b77f-3f1c1bf22dc6 || ipv4_address_scope | None || ipv6_address_scope | None || mtu | 1458 || name | int-test-gre || port_security_enabled | True || project_id | 386dbfcf77e444c7872e4e23d5829fcc || provider:network_type | gre || provider:physical_network | None || provider:segmentation_id | 91 || router_external | Internal || shared | False || status | ACTIVE || subnets | || tags | [] || updated_at | 2021-10-28T14:28:04 |+---------------------------+--------------------------------------+# 删除网络[root@controller ~]# openstack network delete int-gre-test