Openstack之路(六)创建云主机实例

创建云主机网络

  • 在控制节点上,加载admin凭证来获取管理员能执行的命令访问权限
[[email protected] ~]# source admin-openrc
  • 创建网络
[[email protected] ~]# openstack network create --share --external --provider-physical-network provider --provider-network-type flat provider
+---------------------------+--------------------------------------+
| Field                     | Value                                |
+---------------------------+--------------------------------------+
| admin_state_up            | UP                                   |
| availability_zone_hints   |                                      |
| availability_zones        |                                      |
| created_at                | 2018-01-22T06:05:17Z                 |
| description               |                                      |
| headers                   |                                      |
| id                        | d8acc6f1-8aed-4f7c-a630-83225f592039 |
| ipv4_address_scope        | None                                 |
| ipv6_address_scope        | None                                 |
| mtu                       | 1500                                 |
| name                      | provider                             |
| port_security_enabled     | True                                 |
| project_id                | 14055178975d417987c5a94f030c7acf     |
| project_id                | 14055178975d417987c5a94f030c7acf     |
| provider:network_type     | flat                                 |
| provider:physical_network | provider                             |
| provider:segmentation_id  | None                                 |
| revision_number           | 4                                    |
| router:external           | External                             |
| shared                    | True                                 |
| status                    | ACTIVE                               |
| subnets                   |                                      |
| tags                      | []                                   |
| updated_at                | 2018-01-22T06:05:18Z                 |
+---------------------------+--------------------------------------+

[[email protected] ~]# neutron net-list
+--------------------------------------+----------+---------+
| id                                   | name     | subnets |
+--------------------------------------+----------+---------+
| d8acc6f1-8aed-4f7c-a630-83225f592039 | provider |         |
+--------------------------------------+----------+---------+
  • 在网络上创建一个子网
[[email protected] ~]# openstack subnet create --network provider --allocation-pool start=192.168.56.100,end=192.168.56.200 --dns-nameserver 192.168.56.2 --gateway 192.168.56.2 --subnet-range 192.168.56.0/24 provider-subnet
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| allocation_pools  | 192.168.56.100-192.168.56.200        |
| cidr              | 192.168.56.0/24                      |
| created_at        | 2018-01-22T06:13:27Z                 |
| description       |                                      |
| dns_nameservers   | 192.168.56.2                         |
| enable_dhcp       | True                                 |
| gateway_ip        | 192.168.56.2                         |
| headers           |                                      |
| host_routes       |                                      |
| id                | 5ae96c6c-2295-4cef-8ce5-cc19f4596c90 |
| ip_version        | 4                                    |
| ipv6_address_mode | None                                 |
| ipv6_ra_mode      | None                                 |
| name              | provider-subnet                      |
| network_id        | d8acc6f1-8aed-4f7c-a630-83225f592039 |
| project_id        | 14055178975d417987c5a94f030c7acf     |
| project_id        | 14055178975d417987c5a94f030c7acf     |
| revision_number   | 2                                    |
| service_types     | []                                   |
| subnetpool_id     | None                                 |
| updated_at        | 2018-01-22T06:13:27Z                 |
+-------------------+--------------------------------------+

[[email protected] ~]# neutron subnet-list
+--------------------------------------+-----------------+-----------------+-------------------------------------------+
| id                                   | name            | cidr            | allocation_pools                          |
+--------------------------------------+-----------------+-----------------+-------------------------------------------+
| 5ae96c6c-2295-4cef-8ce5-cc19f4596c90 | provider-subnet | 192.168.56.0/24 | {"start": "192.168.56.100", "end":        |
|                                      |                 |                 | "192.168.56.200"}                         |
+--------------------------------------+-----------------+-----------------+-------------------------------------------+

[[email protected] ~]# neutron net-list
+--------------------------------------+----------+------------------------------------------------------+
| id                                   | name     | subnets                                              |
+--------------------------------------+----------+------------------------------------------------------+
| d8acc6f1-8aed-4f7c-a630-83225f592039 | provider | 5ae96c6c-2295-4cef-8ce5-cc19f4596c90 192.168.56.0/24 |
+--------------------------------------+----------+------------------------------------------------------+

创建云主机类型

默认的最小规格的主机需要512MB内存,对于环境中计算节点内存不足4 GB的,我们推荐创建只需要64MB的keywa.com规格的主机。若单纯为了测试的目的,请使用keywa.com规格的主机来加载CirrOS镜像。

[[email protected] ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 keywa.com
+----------------------------+-----------+
| Field                      | Value     |
+----------------------------+-----------+
| OS-FLV-DISABLED:disabled   | False     |
| OS-FLV-EXT-DATA:ephemeral  | 0         |
| disk                       | 1         |
| id                         | 0         |
| name                       | keywa.com |
| os-flavor-access:is_public | True      |
| properties                 |           |
| ram                        | 64        |
| rxtx_factor                | 1.0       |
| swap                       |           |
| vcpus                      | 1         |
+----------------------------+-----------+

创建密钥

  • 导入demo项目凭证
[[email protected] ~]# source demo-openrc
  • 生成和添加秘钥对
[[email protected] ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa):
[[email protected] ~]# ls -l .ssh/
total 8
-rw------- 1 root root 1679 Jan 22 14:28 id_rsa
-rw-r--r-- 1 root root  398 Jan 22 14:28 id_rsa.pub
[[email protected] ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field       | Value                                           |
+-------------+-------------------------------------------------+
| fingerprint | 6d:5f:c6:92:ac:5e:49:40:5c:3e:b4:14:9c:f9:59:8c |
| name        | mykey                                           |
| user_id     | 48cd83bd3ce54b8ebece24680e8c8b0a                |
+-------------+-------------------------------------------------+
  • 验证公钥的添加
[[email protected] ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name  | Fingerprint                                     |
+-------+-------------------------------------------------+
| mykey | 6d:5f:c6:92:ac:5e:49:40:5c:3e:b4:14:9c:f9:59:8c |
+-------+-------------------------------------------------+

创建安全组规则

默认情况下,default安全组适用于所有实例并且包括拒绝远程访问实例的防火墙规则。对诸如CirrOS这样的Linux镜像,我们推荐至少允许ICMP (ping))和安全Shell(SSH)规则。

  • 允许ICMP请求
[[email protected] ~]# openstack security group rule create --proto icmp default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2018-01-22T06:46:59Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| headers           |                                      |
| id                | 51ed729f-b268-4a99-b8a6-3a2ba0d31c77 |
| port_range_max    | None                                 |
| port_range_min    | None                                 |
| project_id        | 8a788702c6ea46419bb85b4e4600e3c4     |
| project_id        | 8a788702c6ea46419bb85b4e4600e3c4     |
| protocol          | icmp                                 |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 1                                    |
| security_group_id | 20346c59-a0c4-4cc3-90be-f94c3581edab |
| updated_at        | 2018-01-22T06:46:59Z                 |
+-------------------+--------------------------------------+
  • 允许安全Shell(SSH)的访问
[[email protected] ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+--------------------------------------+
| Field             | Value                                |
+-------------------+--------------------------------------+
| created_at        | 2018-01-22T06:49:46Z                 |
| description       |                                      |
| direction         | ingress                              |
| ethertype         | IPv4                                 |
| headers           |                                      |
| id                | 950a1be7-6fd3-4c80-ba60-7f4f0b573771 |
| port_range_max    | 22                                   |
| port_range_min    | 22                                   |
| project_id        | 8a788702c6ea46419bb85b4e4600e3c4     |
| project_id        | 8a788702c6ea46419bb85b4e4600e3c4     |
| protocol          | tcp                                  |
| remote_group_id   | None                                 |
| remote_ip_prefix  | 0.0.0.0/0                            |
| revision_number   | 1                                    |
| security_group_id | 20346c59-a0c4-4cc3-90be-f94c3581edab |
| updated_at        | 2018-01-22T06:49:46Z                 |
+-------------------+--------------------------------------+

启动云主机实例

启动一台实例,您必须至少指定一个类型、镜像名称、网络、安全组、密钥和实例名称。

  • 在控制节点上,获得admin凭证来获取只有管理员能执行的命令的访问权限
[[email protected] ~]# source demo-openrc
  • 一个实例指定了虚拟机资源的大致分配,包括处理器、内存和存储

列出可用类型

[[email protected] ~]# openstack flavor list
+----+-----------+-----+------+-----------+-------+-----------+
| ID | Name      | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+-----+------+-----------+-------+-----------+
| 0  | keywa.com |  64 |    1 |         0 |     1 | True      |
+----+-----------+-----+------+-----------+-------+-----------+

列出可用镜像

[[email protected] ~]# openstack image list
+--------------------------------------+--------+--------+
| ID                                   | Name   | Status |
+--------------------------------------+--------+--------+
| cd96090c-87ca-4eb3-b964-a7457639bc1e | cirros | active |
+--------------------------------------+--------+--------+

列出可用网络

[[email protected] ~]# openstack network list
+--------------------------------------+----------+--------------------------------------+
| ID                                   | Name     | Subnets                              |
+--------------------------------------+----------+--------------------------------------+
| d8acc6f1-8aed-4f7c-a630-83225f592039 | provider | 5ae96c6c-2295-4cef-8ce5-cc19f4596c90 |
+--------------------------------------+----------+--------------------------------------+

列出可用的安全组

[[email protected] ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+
| ID                                   | Name    | Description            | Project                          |
+--------------------------------------+---------+------------------------+----------------------------------+
| 20346c59-a0c4-4cc3-90be-f94c3581edab | default | Default security group | 8a788702c6ea46419bb85b4e4600e3c4 |
+--------------------------------------+---------+------------------------+----------------------------------+
  • 启动实例
[[email protected] ~]# openstack server create --flavor keywa.com --image cirros --nic net-id=d8acc6f1-8aed-4f7c-a630-83225f592039 --security-group default --key-name mykey demo-instance
+--------------------------------------+-----------------------------------------------+
| Field                                | Value                                         |
+--------------------------------------+-----------------------------------------------+
| OS-DCF:diskConfig                    | MANUAL                                        |
| OS-EXT-AZ:availability_zone          |                                               |
| OS-EXT-STS:power_state               | NOSTATE                                       |
| OS-EXT-STS:task_state                | scheduling                                    |
| OS-EXT-STS:vm_state                  | building                                      |
| OS-SRV-USG:launched_at               | None                                          |
| OS-SRV-USG:terminated_at             | None                                          |
| accessIPv4                           |                                               |
| accessIPv6                           |                                               |
| addresses                            |                                               |
| adminPass                            | MowXppdE5ayJ                                  |
| config_drive                         |                                               |
| created                              | 2018-01-22T07:13:02Z                          |
| flavor                               | keywa.com (0)                                 |
| hostId                               |                                               |
| id                                   | 3b5f20c8-8b17-48a2-9b72-70cc74f6fc8f          |
| image                                | cirros (cd96090c-87ca-4eb3-b964-a7457639bc1e) |
| key_name                             | mykey                                         |
| name                                 | demo-instance                                 |
| os-extended-volumes:volumes_attached | []                                            |
| progress                             | 0                                             |
| project_id                           | 8a788702c6ea46419bb85b4e4600e3c4              |
| properties                           |                                               |
| security_groups                      | [{u‘name‘: u‘default‘}]                       |
| status                               | BUILD                                         |
| updated                              | 2018-01-22T07:13:02Z                          |
| user_id                              | 48cd83bd3ce54b8ebece24680e8c8b0a              |
+--------------------------------------+-----------------------------------------------+
  • 检查实例的状态,状态为ACTIVE那台虚拟机已经成功创建
[[email protected] ~]# openstack server list
+--------------------------------------+---------------+--------+-------------------------+------------+
| ID                                   | Name          | Status | Networks                | Image Name |
+--------------------------------------+---------------+--------+-------------------------+------------+
| 3b5f20c8-8b17-48a2-9b72-70cc74f6fc8f | demo-instance | ACTIVE | provider=192.168.56.110 | cirros     |
+--------------------------------------+---------------+--------+-------------------------+------------+

验证操作

  • 使用SSH加密连接实例
[[email protected] ~]# ssh [email protected]
The authenticity of host ‘192.168.56.110 (192.168.56.110)‘ can‘t be established.
RSA key fingerprint is 2f:58:9f:5e:da:c5:1f:46:43:e1:c4:64:da:ee:2e:e6.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘192.168.56.110‘ (RSA) to the list of known hosts.
$
  • 验证能否ping通公有网络的网关
$ ping -c 4 114.114.114.114
PING 114.114.114.114 (114.114.114.114): 56 data bytes
64 bytes from 114.114.114.114: seq=0 ttl=128 time=29.289 ms
64 bytes from 114.114.114.114: seq=1 ttl=128 time=29.160 ms
64 bytes from 114.114.114.114: seq=2 ttl=128 time=34.413 ms
64 bytes from 114.114.114.114: seq=3 ttl=128 time=29.153 ms

--- 114.114.114.114 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 29.153/30.503/34.413 ms
  • 验证能否连接到互联网
$ ping -c 4 www.baidu.com
PING www.baidu.com (14.215.177.39): 56 data bytes
64 bytes from 14.215.177.39: seq=0 ttl=128 time=12.611 ms
64 bytes from 14.215.177.39: seq=1 ttl=128 time=8.424 ms
64 bytes from 14.215.177.39: seq=2 ttl=128 time=10.575 ms
64 bytes from 14.215.177.39: seq=3 ttl=128 time=11.595 ms

--- www.baidu.com ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 8.424/10.801/12.611 ms
  • 使用虚拟控制台访问实例
[[email protected] ~]# openstack console url show demo-instance
+-------+------------------------------------------------------------------------------------+
| Field | Value                                                                              |
+-------+------------------------------------------------------------------------------------+
| type  | novnc                                                                              |
| url   | http://192.168.56.11:6080/vnc_auto.html?token=aff15e93-1ebe-49f3-877b-3213e6faa027 |
+-------+------------------------------------------------------------------------------------+
  • 浏览器访问192.168.56.11:6080/vnc_auto.html?token=aff15e93-1ebe-49f3-877b-3213e6faa027

原文地址:http://blog.51cto.com/11097612/2063687

时间: 2024-10-19 10:08:46

Openstack之路(六)创建云主机实例的相关文章

【openstack N版】——创建云主机

一.启动实例 1.1 已准备服务介绍 MySql:为各个服务提供数据存储. RabbitMQ:为各个服务之间通信提供交通枢纽. keystone:为各个服务之间通信提供认证和服务注册. Glance:为虚拟机提供镜像管理. Nova:为虚拟机提供计算资源. Neutron:为虚拟机提供网络资源. 1.2 网络(flat) 1.2.1创建虚拟网络 1 #share 允许所有项目使用虚拟网络 2 [[email protected] ~]# openstack network create --sh

Openstack之路(八)创建云主机镜像

准备CentOS-7.x镜像,可以从网上直接下载,我这里准备的镜像是CentOS-7.2-x86_64 [[email protected] ~]# ls -l /tmp/CentOS-7-x86_64-DVD-1511.iso -rw-r--r-- 1 root root 4329570304 Jan 7 2016 /tmp/CentOS-7-x86_64-DVD-1511.iso 安装相关软件 [[email protected] ~]# yum -y install qemu-kvm li

Openstack创建云主机的流程-小小白(linuxzkq)

博主自从之前换了工作到现在,因为工作太忙的原因,已经好久没有更新博客了,深表歉意,还望大家理解...... 今天正好有点时间,整理下Openstack创建云主机的流程,大神勿喷. 一.流程图 二.虚拟机创建流程如下 客户(用户)端通过命令行CLI或Dashboard Horizon使用自己的用户名密码请求认证组件keystone进行用户的验证: keystone通过查询在keystone的数据库user表中是否存在user的相关信息,包括password加密后的hash值,并返回一个token_

zstack 创建云主机 (三)

扁平网络 Flat Network 1. 介绍 扁平网络在私有云网络环境中非常的流行.它的网络拓扑很简单,所有的云主机都是直接接在公司内部的一个大二层的网络上.扁平网络也非常容易搭建.由于所有的云主机和物理主机都在一个二层广播域,在这个二层网络上的云主机可以通过数据中心的核心路由器链接到Internet.在这个教程里,我们假定您拥有一个可以访问Internet的IP网络. 2. 前提 我们假定您已经根据安装手册里的方法成功的安装并且启动了ZStack.您可以在Chrome浏览器或者FireFox

使用aliyun cli工具快速创建云主机

参考文档: https://help.aliyun.com/document_detail/25484.html?spm=a2c4g.11186623.3.2.b57vQp 步骤 创建AccessID 下载aliyun-cli工具 建议整 golang 版本, 一个二进制,没有任何依赖 配置AccessID 还是前面那个链接,配置阿里云CLI段落 创建云主机(创建后是未启动状态) 指令 aliyun ecs CreateInstance --ImageId="ubuntu_16_0402_64_

openstack学习笔记三 创建第一个实例

登陆admin 创建一个基本网络 镜像   已经安装好操作系统的硬盘文件 计算--镜像--创建镜像 名称  centos7.2-1511 镜像源  镜像地址 镜像地址    http://mirrors.163.com/centos/7.2.1511/isos/x86_64/CentOS-7-x86_64-DVD-1511.iso 镜像格式iso 最小硬盘 10GB 最低内存  1024MB 数据复制  不选 公有 选择 计算--实例--启动云主机 云主机名称  test1 云主机启动源   c

openstack iptables nat模块引发云主机访问redis超时问题解决办法

问题描述: 电商新申请的云主机访问同机房的redis ,出现小部分超时,时段时序,很是头疼,经过排查,宿主机iptables 规则导致,卸载iptables 解决不了问题,需要彻底卸载iptalbes nat 模块,搞定! 操作方法: # rmmod ip_tables ERROR: Module ip_tables is in use by iptable_filter rmmod ip_tables 提示已使用,采用modprobe -r 强制卸载 # modprobe -r iptable

OpenStack平台上,windows云主机可以ping通百度但是无法打开网页,部分其它网页可以打开

问题描述: 在OpenStack平台上的64位Windows7虚拟机,可以ping通百度,但是却无法打开百度网页. 于是,笔者又对其它网址进行的测试,发现淘宝.京东.携程部分网页可以打开,而新浪等等网页依然打不开,瞬间郁闷了. 按照百度网上的搜索结果进行了各种尝试,包括重启路由.重装virtio驱动.重置winsoc文件(CMD命令:netsh winsock reset).重装TCP/IP协议等各种方法,均不见效. 然后看到网上有说旗舰版windows7系统中有这样的问题存在,于是笔者对同一个

免费的新一代私有云平台Nano v0.3.1发布:云主机快照及媒体管理

官方网站: https://nanos.cloud/zh-cn/ 下载地址: https://nanos.cloud/zh-cn/download.html 详细更新记录:https://nanos.cloud/zh-cn/changelog.html 主要变更: 增加云主机快照管理:快照创建.删除.恢复.查询 支持实时在云主机中插入光盘镜像和弹出光盘镜像,状态界面增加显示是否有镜像插入标识 长时间运行的磁盘操作执行时锁定磁盘卷,避免多任务同时读写影响数据 增加镜像创建.修改时间和实例创建时间