@[TOC](openstack 创建cirros虚拟机(小节7))
controller1
导入环境变量
[root@controller1 ~]# source scripts/admin_stein.sh
创建网络
[root@controller1 ~]# openstack network create --share --external \
--provider-physical-network external \ <--此处名称必须与'/etc/neutron/plugins/ml2/linuxbridge_agent.ini'中的'physical_interface_mappings = external:eth0'相等
--provider-network-type flat external-net
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| admin_state_up | UP |
| availability_zone_hints | |
| availability_zones | |
| created_at | 2022-09-23T01:25:22Z |
| description | |
| dns_domain | None |
| id | 8da22e8c-e478-460e-818b-7ea2805e137f |
| ipv4_address_scope | None |
| ipv6_address_scope | None |
| is_default | None |
| is_vlan_transparent | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'admin', 'id': u'c26c5975bb5a4519a7894f3191b0b425'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| mtu | 1500 |
| name | external-net |
| port_security_enabled | True |
| project_id | c26c5975bb5a4519a7894f3191b0b425 |
| provider:network_type | flat |
| provider:physical_network | external |
| provider:segmentation_id | None |
| qos_policy_id | None |
| revision_number | 1 |
| router:external | External |
| segments | None |
| shared | True |
| status | ACTIVE |
| subnets | |
| tags | |
| updated_at | 2022-09-23T01:25:22Z |
+---------------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
查看网络是否创建
[root@controller1 ~]# openstack network list
+--------------------------------------+--------------+---------+
| ID | Name | Subnets |
+--------------------------------------+--------------+---------+
| 8da22e8c-e478-460e-818b-7ea2805e137f | external-net | |
+--------------------------------------+--------------+---------+
创建子网
[root@controller1 ~]# openstack subnet create --network external-net \
> --allocation-pool start=192.168.37.180,end=192.168.37.230 \
> --dns-nameserver 223.5.5.5 --gateway 192.168.37.2 \
> --subnet-range 192.168.37.0/21 external-sub
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| allocation_pools | 192.168.37.180-192.168.37.230 |
| cidr | 192.168.32.0/21 |
| created_at | 2022-09-23T04:04:28Z |
| description | |
| dns_nameservers | 223.5.5.5 |
| enable_dhcp | True |
| gateway_ip | 192.168.37.2 |
| host_routes | |
| id | 7c81426c-7147-44cf-88d7-e794a4a30d08 |
| ip_version | 4 |
| ipv6_address_mode | None |
| ipv6_ra_mode | None |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'admin', 'id': u'c26c5975bb5a4519a7894f3191b0b425'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | external-sub1 |
| network_id | 8da22e8c-e478-460e-818b-7ea2805e137f |
| prefix_length | None |
| project_id | c26c5975bb5a4519a7894f3191b0b425 |
| revision_number | 0 |
| segment_id | None |
| service_types | |
| subnetpool_id | None |
| tags | |
| updated_at | 2022-09-23T04:04:28Z |
+-------------------+------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
[root@controller1 ~]# openstack subnet list
+--------------------------------------+---------------+--------------------------------------+-----------------+
| ID | Name | Network | Subnet |
+--------------------------------------+---------------+--------------------------------------+-----------------+
| 7c81426c-7147-44cf-88d7-e794a4a30d08 | external-sub1 | 8da22e8c-e478-460e-818b-7ea2805e137f | 192.168.32.0/21 |
+--------------------------------------+---------------+--------------------------------------+-----------------+
在虚拟网络上创建新的实例
[root@controller1 ~]# openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
+----------------------------+---------+
| Field | Value |
+----------------------------+---------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 1 |
| id | 0 |
| name | m1.nano |
| os-flavor-access:is_public | True |
| properties | |
| ram | 64 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 1 |
+----------------------------+---------+
[root@controller1 ~]# openstack flavor create --id 1 --vcpus 2 --ram 2048 --disk 20 2C-2G-20G
+----------------------------+-----------+
| Field | Value |
+----------------------------+-----------+
| OS-FLV-DISABLED:disabled | False |
| OS-FLV-EXT-DATA:ephemeral | 0 |
| disk | 20 |
| id | 1 |
| name | 2C-2G-20G |
| os-flavor-access:is_public | True |
| properties | |
| ram | 2048 |
| rxtx_factor | 1.0 |
| swap | |
| vcpus | 2 |
+----------------------------+-----------+
查看openstack的flavor表
[root@controller1 ~]# openstack flavor list
+----+-----------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+------+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
| 1 | 2C-2G-20G | 2048 | 20 | 0 | 2 | True | <--更改自己创建的
+----+-----------+------+------+-----------+-------+-----------+
导入'demo用户'环境变量
[root@controller1 ~]# source scripts/demo_stein.sh
生成密钥对
[root@controller1 ~]# ssh-keygen -q -N ""
Enter file in which to save the key (/root/.ssh/id_rsa): <--回车
创建密钥对
[root@controller1 ~]# openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
+-------------+-------------------------------------------------+
| Field | Value |
+-------------+-------------------------------------------------+
| fingerprint | 40:bc:18:6b:2a:23:ee:42:3f:24:05:30:b4:9e:cb:a4 |
| name | mykey |
| user_id | 0f584dfa1d2e47599ac6c4235dfeb80d |
+-------------+-------------------------------------------------+
验证密钥对是否创建成功
[root@controller1 ~]# openstack keypair list
+-------+-------------------------------------------------+
| Name | Fingerprint |
+-------+-------------------------------------------------+
| mykey | 40:bc:18:6b:2a:23:ee:42:3f:24:05:30:b4:9e:cb:a4 |
+-------+-------------------------------------------------+
添加安全组规则
允许ICMP(ping)
[root@controller1 ~]# openstack security group rule create --proto icmp default
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2022-09-23T04:35:52Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 56c11d94-e5fb-497a-87a4-f76c91efb442 |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'demo', 'id': u'9ae23bbf84374725894dc57c4a040ea9'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | None |
| port_range_max | None |
| port_range_min | None |
| project_id | 9ae23bbf84374725894dc57c4a040ea9 |
| protocol | icmp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 834dbd5f-c2fc-462e-ad9f-2ebcf5f62c4a |
| tags | [] |
| updated_at | 2022-09-23T04:35:52Z |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
允许安全shell(SSH)访问
[root@controller1 ~]# openstack security group rule create --proto tcp --dst-port 22 default
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| Field | Value |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
| created_at | 2022-09-23T04:36:43Z |
| description | |
| direction | ingress |
| ether_type | IPv4 |
| id | 66fc3718-8a64-46a6-a26a-f3f9bdc8c095 |
| location | Munch({'project': Munch({'domain_name': 'Default', 'domain_id': None, 'name': 'demo', 'id': u'9ae23bbf84374725894dc57c4a040ea9'}), 'cloud': '', 'region_name': '', 'zone': None}) |
| name | None |
| port_range_max | 22 |
| port_range_min | 22 |
| project_id | 9ae23bbf84374725894dc57c4a040ea9 |
| protocol | tcp |
| remote_group_id | None |
| remote_ip_prefix | 0.0.0.0/0 |
| revision_number | 0 |
| security_group_id | 834dbd5f-c2fc-462e-ad9f-2ebcf5f62c4a |
| tags | [] |
| updated_at | 2022-09-23T04:36:43Z |
+-------------------+-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------+
列出可用的flavors
[root@controller1 ~]# openstack flavor list
+----+-----------+------+------+-----------+-------+-----------+
| ID | Name | RAM | Disk | Ephemeral | VCPUs | Is Public |
+----+-----------+------+------+-----------+-------+-----------+
| 0 | m1.nano | 64 | 1 | 0 | 1 | True |
| 1 | 2C-2G-20G | 2048 | 20 | 0 | 2 | True |
+----+-----------+------+------+-----------+-------+-----------+
验证镜像
[root@controller1 ~]# openstack image list
+--------------------------------------+--------------+--------+
| ID | Name | Status |
+--------------------------------------+--------------+--------+
| a36cbc0c-1813-46e7-9698-deef028a2a71 | cirros-0.4.0 | active |
+--------------------------------------+--------------+--------+
列出可用网络
[root@controller1 ~]# openstack network list
+--------------------------------------+--------------+--------------------------------------+
| ID | Name | Subnets |
+--------------------------------------+--------------+--------------------------------------+
| 8da22e8c-e478-460e-818b-7ea2805e137f | external-net | 7c81426c-7147-44cf-88d7-e794a4a30d08 |
+--------------------------------------+--------------+--------------------------------------+
列出安全组
[root@controller1 ~]# openstack security group list
+--------------------------------------+---------+------------------------+----------------------------------+------+
| ID | Name | Description | Project | Tags |
+--------------------------------------+---------+------------------------+----------------------------------+------+
| 834dbd5f-c2fc-462e-ad9f-2ebcf5f62c4a | default | Default security group | 9ae23bbf84374725894dc57c4a040ea9 | [] |
+--------------------------------------+---------+------------------------+----------------------------------+------+
启动实例
[root@controller1 ~]# openstack server create --flavor m1.nano --image cirros-0.4.0 \ <--类型'--flavor m1.nano'在'openstack flavor list'中查看、镜像名称'--image cirros-0.4.0'在'openstack image list'中查看
--nic net-id=8da22e8c-e478-460e-818b-7ea2805e137f --security-group default \ <--网络'net-id'在'openstack network list'中查看
--key-name mykey linux-vm1
+-----------------------------+-----------------------------------------------------+
| Field | Value |
+-----------------------------+-----------------------------------------------------+
| OS-DCF:diskConfig | MANUAL |
| OS-EXT-AZ:availability_zone | |
| OS-EXT-STS:power_state | NOSTATE |
| OS-EXT-STS:task_state | scheduling |
| OS-EXT-STS:vm_state | building |
| OS-SRV-USG:launched_at | None |
| OS-SRV-USG:terminated_at | None |
| accessIPv4 | |
| accessIPv6 | |
| addresses | |
| adminPass | s56ae5ZwHtFF |
| config_drive | |
| created | 2022-09-23T05:32:59Z |
| flavor | m1.nano (0) |
| hostId | |
| id | 8c473aa3-0b38-4817-95f0-78a6d089eda2 |
| image | cirros-0.4.0 (a36cbc0c-1813-46e7-9698-deef028a2a71) |
| key_name | mykey |
| name | linux-vm1 |
| progress | 0 |
| project_id | 9ae23bbf84374725894dc57c4a040ea9 |
| properties | |
| security_groups | name='834dbd5f-c2fc-462e-ad9f-2ebcf5f62c4a' |
| status | BUILD |
| updated | 2022-09-23T05:33:03Z |
| user_id | 0f584dfa1d2e47599ac6c4235dfeb80d |
| volumes_attached | |
+-----------------------------+-----------------------------------------------------+
openstack服务器列表('Status'中一定要是'ACTIVE'、并且分配的IP地址'192.168.37.229')
[root@controller1 ~]# openstack server list
+--------------------------------------+-----------+--------+-----------------------------+--------------+---------+
| ID | Name | Status | Networks | Image | Flavor |
+--------------------------------------+-----------+--------+-----------------------------+--------------+---------+
| 8c473aa3-0b38-4817-95f0-78a6d089eda2 | linux-vm1 | ACTIVE | external-net=192.168.37.229 | cirros-0.4.0 | m1.nano |
+--------------------------------------+-----------+--------+-----------------------------+--------------+---------+
使用虚拟控制台访问实例
#更改hosts文件后、可用浏览器打开(http://openstack.123.net:6080/vnc_auto.html?path=%3Ftoken%3D69108f1f-61dd-48e3-ac17-fb637b244cca)
[root@controller1 ~]# openstack console url show linux-vm1
+-------+--------------------------------------------------------------------------------------------------+
| Field | Value |
+-------+--------------------------------------------------------------------------------------------------+
| type | novnc |
| url | http://openstack.123.net:6080/vnc_auto.html?path=%3Ftoken%3D69108f1f-61dd-48e3-ac17-fb637b244cca |
+-------+--------------------------------------------------------------------------------------------------+
Windows
更改hosts文件
浏览器
node1(103)
#查询网桥信息
[root@node1 ~]# brctl show
bridge name bridge id STP enabled interfaces
brq8da22e8c-e4 8000.000c29dd648a no eth0
tap7865f65a-6b
#列出虚拟机信息
[root@node1 ~]# virsh list
Id Name State
----------------------------------------------------
1 instance-00000001 running
node2(104)
安装包
[root@node2 ~]# yum install centos-release-openstack-stein -y
[root@node2 ~]# yum install python-openstackclient openstack-selinux openstack-nova-compute openstack-neutron-linuxbridge ebtables ipset -y
在内核中添加两个参数
[root@node2 ~]# vim /etc/sysctl.conf
net.bridge.bridge-nf-call-iptables = 1
net.bridge.bridge-nf-call-ip6tables = 1
DNS解析
[root@node2 ~]# vim /etc/hosts
192.168.37.101 openstack.123.net <--
启动并设置开机启动
[root@node2 ~]# systemctl start openstack-nova-compute.service neutron-linuxbridge-agent.service
[root@node2 ~]# systemctl enable openstack-nova-compute.service neutron-linuxbridge-agent.service
使变量生效
[root@node2 ~]# sysctl -p
node1
打包'nova'和'neutron'
[root@node1 ~]# cd /etc/nova/
[root@node1 nova]# ll
total 396
-rw-r----- 1 root nova 2923 Nov 9 2020 api-paste.ini
-rw-r----- 1 root nova 388363 Sep 23 02:05 nova.conf
-rw-r----- 1 root nova 4 Nov 9 2020 policy.json
-rw-r--r-- 1 root root 64 Nov 9 2020 release
-rw-r----- 1 root nova 966 Nov 9 2020 rootwrap.conf
[root@node1 nova]# tar czvf nova-compute.tar.gz ./*
./api-paste.ini
./nova.conf
./policy.json
./release
./rootwrap.conf
[root@node1 nova]# cd /etc/neutron/
[root@node1 neutron]# ll
total 44
drwxr-xr-x 4 root root 64 Sep 23 01:43 conf.d
-rw-r----- 1 root neutron 39391 Sep 23 01:49 neutron.conf
drwxr-xr-x 3 root root 16 Sep 23 01:43 plugins
-rw-r--r-- 1 root root 1298 Nov 27 2020 rootwrap.conf
[root@node1 neutron]# tar czvf neutron-compute.tar.gz ./*
./conf.d/
./conf.d/README
./conf.d/common/
./conf.d/neutron-linuxbridge-agent/
./neutron.conf
./plugins/
./plugins/ml2/
./plugins/ml2/linuxbridge_agent.ini
./rootwrap.conf
将文件拷贝到node2
[root@node1 neutron]# scp /etc/nova/nova-compute.tar.gz 192.168.37.104:/etc/nova/
[root@node1 neutron]# scp /etc/neutron/neutron-compute.tar.gz 192.168.37.104:/etc/neutron/
[root@node1 neutron]# scp /root/scripts/n* 192.168.37.104:/root/
node2
解压缩
[root@node2 ~]# cd /etc/nova/
[root@node2 nova]# ll
total 496
-rw-r----- 1 root nova 2923 Nov 9 2020 api-paste.ini
-rw-r--r-- 1 root root 100465 Sep 24 10:04 nova-compute.tar.gz
-rw-r----- 1 root nova 387263 Nov 9 2020 nova.conf
-rw-r----- 1 root nova 4 Nov 9 2020 policy.json
-rw-r--r-- 1 root root 64 Nov 9 2020 release
-rw-r----- 1 root nova 966 Nov 9 2020 rootwrap.conf
[root@node2 nova]# tar xvf nova-compute.tar.gz
[root@node2 nova]# cd /etc/neutron/
[root@node2 neutron]# ll
total 60
drwxr-xr-x 4 root root 64 Sep 24 09:52 conf.d
-rw-r--r-- 1 root root 14679 Sep 24 10:05 neutron-compute.tar.gz
-rw-r----- 1 root neutron 38991 Nov 27 2020 neutron.conf
drwxr-xr-x 3 root root 16 Sep 24 09:52 plugins
-rw-r--r-- 1 root root 1298 Nov 27 2020 rootwrap.conf
[root@node2 neutron]# tar xvf neutron-compute.tar.gz
修改'nova.conf'
[root@node2 neutron]# vim /etc/nova/nova.conf
[vnc]
server_proxyclient_address = 192.168.37.104 <--改成自己本机的IP
重启'neutron'服务
[root@node2 neutron]# cd
[root@node2 ~]# bash neutron-restart_agent.sh
重启
[root@node2 ~]# reboot
controller1
导入环境变量
[root@controller1 ~]# source scripts/admin_stein.sh
nova服务列表(是否有node2)
[root@controller1 ~]# nova service-list
+--------------------------------------+------------------+-------------+----------+---------+-------+----------------------------+-----------------+-------------+
| Id | Binary | Host | Zone | Status | State | Updated_at | Disabled Reason | Forced down |
+--------------------------------------+------------------+-------------+----------+---------+-------+----------------------------+-----------------+-------------+
| f468a4e0-3f1b-4f1b-abb5-726fb146c75c | nova-consoleauth | controller1 | internal | enabled | up | 2022-09-23T18:08:44.000000 | - | False |
| 7e997d79-dc48-47c7-bc9b-9f47b50c798d | nova-scheduler | controller1 | internal | enabled | up | 2022-09-23T18:08:36.000000 | - | False |
| f0cf6785-041d-4469-8636-5354493636b2 | nova-conductor | controller1 | internal | enabled | up | 2022-09-23T18:08:42.000000 | - | False |
| db3927d9-9748-4781-9778-dab1d87efb89 | nova-compute | node1 | nova | enabled | up | 2022-09-23T18:08:45.000000 | - | False |
| 977b6bca-0cf0-4f4b-b228-6914af686cf8 | nova-console | controller1 | internal | enabled | down | 2022-09-22T10:35:39.000000 | - | False |
| b7665572-c7d7-45e7-9999-81794a940736 | nova-compute | node2 | nova | enabled | down | 2022-09-23T17:55:14.000000 | - | False |
+--------------------------------------+------------------+-------------+----------+---------+-------+----------------------------+-----------------+-------------+
查看到所有的agent列表(是否有node2)
[root@controller1 ~]# neutron agent-list
neutron CLI is deprecated and will be removed in the future. Use openstack CLI instead.
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
| id | agent_type | host | availability_zone | alive | admin_state_up | binary |
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
| 4a2a0ff2-2dcc-4fd1-8d30-55c3b89d7e92 | Linux bridge agent | node1 | | :-) | True | neutron-linuxbridge-agent |
| ace303e8-bcc2-42fe-a348-207c34f7032f | Linux bridge agent | controller1 | | :-) | True | neutron-linuxbridge-agent |
| b146298d-7dd4-4624-8d9e-d25b481bb7c3 | DHCP agent | controller1 | nova | :-) | True | neutron-dhcp-agent |
| ca704fc1-f8f7-450b-9652-b08d4aed5f62 | Metadata agent | controller1 | | :-) | True | neutron-metadata-agent |
| d300f6c1-5eac-4950-a662-d1f4f082ed48 | Linux bridge agent | node2 | | :-) | True | neutron-linuxbridge-agent |
+--------------------------------------+--------------------+-------------+-------------------+-------+----------------+---------------------------+
