服务器命令搭建云主机实例~ @
简单创建云主机实例只需要上传一个测试镜像、创建一张外网卡、创建一个实例类型、修改安全组规则即可
注:这里的两条命令是为了解决 虚拟机 环境下的 QEMU模拟器错误 导致云主机无法使用的问题,旧版本先电v2.2不存在此问题,真实服务器请忽略。
## 更改配置文件并重启 nova-compute 服务[root@compute ~]# crudini --set /etc/nova/nova.conf libvirt virt_type qemu[root@compute ~]# systemctl restart openstack-nova-compute上传一个centos镜像,还可以设置最小启动磁盘与内存等,可以参考文档
ages]# openstack image create --disk-format qcow2 --container-format bare --file ./CentOS_7.2_x86_64_XD.qcow2 centos
[root@controller images]# openstack image create --disk-format qcow2 --container-format bare --file ./CentOS_7.2_x86_64_XD.qcow2 centos+------------------+------------------------------------------------------+| Field | Value |+------------------+------------------------------------------------------+| checksum | ea197f4c679b8e1ce34c0aa70ae2a94a || container_format | bare || created_at | 2022-04-30T20:53:21Z || disk_format | qcow2 || file | /v2/images/2be3f0d5-2090-490c-8b91-84d96912e7c6/file || id | 2be3f0d5-2090-490c-8b91-84d96912e7c6 || min_disk | 0 || min_ram | 0 || name | centos || owner | 0635fff1ca6c42ab983e8a05d533eda3 || protected | False || schema | /v2/schemas/image || size | 400752640 || status | active || tags | || updated_at | 2022-04-30T20:53:23Z || virtual_size | None || visibility | shared |+------------------+------------------------------------------------------+创建一个名为test0的实例
openstack flavor create --disk 10 --ram 1024 --vcpu 2 --id 99999 test0
[root@controller ~]# openstack flavor create --disk 10 --ram 1024 --vcpu 2 --id 99999 test0+----------------------------+-------+| Field | Value |+----------------------------+-------+| OS-FLV-DISABLED:disabled | False || OS-FLV-EXT-DATA:ephemeral | 0 || disk | 10 || id | 99999 || name | test0 || os-flavor-access:is_public | True || properties | || ram | 1024 || rxtx_factor | 1.0 || swap | || vcpus | 2 |+----------------------------+-------+注:若使用 虚拟机 搭建,外部网络类型请选择Flat;若使用 服务器 搭建,外部网络类型请选择VLAN;注意不要重复执行命令,二选一执行。
openstack network create --provider-network-type vlan --provider-physical-network provider network-vlan --provider-segment 200
[root@controller ~]# openstack network create --provider-network-type vlan --provider-physical-network provider ext-net --provider-segment 200+---------------------------+-----------------------------------------------------------+| Field | Value |+---------------------------+-----------------------------------------------------------+| admin_state_up | UP || availability_zone_hints | || availability_zones | || created_at | 2022-04-10T05:02:18Z || description | || dns_domain | None || id | cccedc78-027d-40e9-afbd-708154923ca6 || ipv4_address_scope | None || ipv6_address_scope | None || is_default | False || is_vlan_transparent | None || location | cloud='', project.domain_id=, project.domain_name='000000', project.id='1776912d52a7444d8b2d09eb86e8d1d9', project.name='admin', region_name='', zone= || mtu | 1500 || name | ext-net || port_security_enabled | True || project_id | 1776912d52a7444d8b2d09eb86e8d1d9 || provider:network_type | vlan || provider:physical_network | provider || provider:segmentation_id | 200 || qos_policy_id | None || revision_number | 1 || router:external | Internal || segments | None || shared | False || status | ACTIVE || subnets | || tags | || updated_at | 2022-04-10T05:02:18Z |+---------------------------+-----------------------------------------------------------+创建子网
openstack subnet create --network ext-net --allocation-pool start=10.60.3.10,end=10.60.3.200 --gateway 10.60.3.1 --subnet-range 10.60.3.0/24 ext-subnet
[root@controller ~]# openstack subnet list[root@controller ~]# openstack subnet create --network ext-net --allocation-pool start=10.60.3.10,end=10.60.3.200 --gateway 10.60.3.1 --subnet-range 10.60.3.0/24 ext-subnet+-------------------+------------------------------------------------------------------+| Field | Value |+-------------------+------------------------------------------------------------------+| allocation_pools | 10.60.3.10-10.60.3.200 || cidr | 10.60.3.0/24 || created_at | 2022-04-10T05:03:52Z || description | || dns_nameservers | || enable_dhcp | True || gateway_ip | 10.60.3.1 || host_routes | || id | 69c14fff-de95-440a-bc8e-fe9f43e4b424 || ip_version | 4 || ipv6_address_mode | None || ipv6_ra_mode | None || location | cloud='', project.domain_id=, project.domain_name='000000', project.id='1776912d52a7444d8b2d09eb86e8d1d9', project.name='admin', region_name='', zone= || name | ext-subnet || network_id | cccedc78-027d-40e9-afbd-708154923ca6 || prefix_length | None || project_id | 1776912d52a7444d8b2d09eb86e8d1d9 || revision_number | 0 || segment_id | None || service_types | || subnetpool_id | None || tags | || updated_at | 2022-04-10T05:03:52Z |+-------------------+------------------------------------------------------------------+添加所有的udp、icmp、tcp的出入口
查看安全组id
openstack security group list
[root@controller ~]# openstack security group list+--------------------------------------+---------+------------------------+----------------------------------+| ID | Name | Description | Project |+--------------------------------------+---------+------------------------+----------------------------------+ | || 712025d7-6aa6-40e4-9104-4df6706b6697 | default | Default security group | 0635fff1ca6c42ab983e8a05d533eda3 | |+--------------------------------------+---------+------------------------+----------------------------------+添加所有ifmp规则入口
openstack security group rule create --protocol icmp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule create --protocol icmp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| created_at | 2022-04-30T21:22:54Z || description | || direction | ingress || ether_type | IPv4 || id | 869e67e5-5571-4c03-a21c-715e3dd51a5c || name | None || port_range_max | None || port_range_min | None || project_id | 0635fff1ca6c42ab983e8a05d533eda3 || protocol | icmp || remote_group_id | None || remote_ip_prefix | 0.0.0.0/0 || revision_number | 0 || security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 || updated_at | 2022-04-30T21:22:54Z |+-------------------+--------------------------------------+添加所有icmp规则出口
openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule create --protocol icmp --egress 712025d7-6aa6-40e4-9104-4df6706b6697+-------------------+--------------------------------------+| Field | Value |+-------------------+--------------------------------------+| created_at | 2022-04-30T21:27:42Z || description | || direction | egress || ether_type | IPv4 || id | ede63376-0eeb-4a6b-9dd9-f3a63418c85b || name | None || port_range_max | None || port_range_min | None || project_id | 0635fff1ca6c42ab983e8a05d533eda3 || protocol | icmp || remote_group_id | None || remote_ip_prefix | 0.0.0.0/0 || revision_number | 0 || security_group_id | 712025d7-6aa6-40e4-9104-4df6706b6697 || updated_at | 2022-04-30T21:27:42Z |+-------------------+--------------------------------------+添加所有udp规则入口
openstack security group rule create --protocol udp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有udp规则出口
openstack security group rule create --protocol udp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有tcp规则入口
openstack security group rule create --protocol tcp --ingress 712025d7-6aa6-40e4-9104-4df6706b6697
添加所有tcp规则出口
openstack security group rule create --protocol tcp --egress 712025d7-6aa6-40e4-9104-4df6706b6697
查看安全组规则
openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697
[root@controller ~]# openstack security group rule list 712025d7-6aa6-40e4-9104-4df6706b6697+--------------------------------------+-------------+-----------+------------+-----------------------+| ID | IP Protocol | IP Range | Port Range | Remote Security Group |+--------------------------------------+-------------+-----------+------------+-----------------------+| 869e67e5-5571-4c03-a21c-715e3dd51a5c | icmp | 0.0.0.0/0 | | None || 8a91bc8e-c9cd-4bf1-86ae-0c6d9eef67e7 | udp | 0.0.0.0/0 | | None || b525b93f-ffb6-4b84-be99-fdfd6f0fad75 | tcp | 0.0.0.0/0 | | None || dfea0691-0903-4cdf-b775-297eb6858f0d | udp | 0.0.0.0/0 | | None || ede63376-0eeb-4a6b-9dd9-f3a63418c85b | icmp | 0.0.0.0/0 | | None || f9371589-1b17-4e5b-9f8d-798055cdc662 | tcp | 0.0.0.0/0 | | None |+--------------------------------------+-------------+-----------+------------+-----------------------+openstack server create --image centos --flavor test0 --network ext-net --security-group 712025d7-6aa6-40e4-9104-4df6706b6697 test
[root@controller ~]# openstack server create --image centos --flavor test0 --network ext-net --security-group 712025d7-6aa6-40e4-9104-4df6706b6697 test+-------------------------------------+-----------------------------------------------+| Field | Value |+-------------------------------------+-----------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | || OS-EXT-SRV-ATTR:host | None || OS-EXT-SRV-ATTR:hypervisor_hostname | None || OS-EXT-SRV-ATTR:instance_name | || OS-EXT-STS:power_state | NOSTATE || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | None || OS-SRV-USG:terminated_at | None || accessIPv4 | || accessIPv6 | || addresses | || adminPass | QPNdhd27eT9S || config_drive | || created | 2022-04-30T21:38:08Z || flavor | test0 (99999) || hostId | || id | 3a8870c8-411a-4674-b075-568dbf7f2bb1 || image | centos (cc01ec45-6683-4fe1-ab4b-d38ca295d3d0) || key_name | None || name | test || progress | 0 || project_id | 0635fff1ca6c42ab983e8a05d533eda3 || properties | || security_groups | name='712025d7-6aa6-40e4-9104-4df6706b6697' || status | BUILD || updated | 2022-04-30T21:38:08Z || user_id | 71b51689f3e94be4927ed7d96ef6925b || volumes_attached | |+-------------------------------------+-----------------------------------------------+查看并测试
[root@controller ~]# openstack server list+--------------------------------------+------------+--------+--------------------------------------------+--------+--------+| ID | Name | Status | Networks | Image | Flavor |+--------------------------------------+------------+--------+--------------------------------------------+--------+--------+| 7ae48fd3-7ec7-4011-af07-1d75bc9578a4 | test | ACTIVE | ext-net=10.60.3.11 | centos | test10 | +--------------------------------------+------------+--------+--------------------------------------------+--------+--------+[root@controller ~]# ping 10.60.3.11PING 10.60.3.11 (10.60.3.11) 56(84) bytes of data.64 bytes from 10.60.3.11: icmp_seq=1 ttl=63 time=0.256 ms64 bytes from 10.60.3.11: icmp_seq=2 ttl=63 time=0.279 ms64 bytes from 10.60.3.11: icmp_seq=3 ttl=63 time=0.253 ms64 bytes from 10.60.3.11: icmp_seq=4 ttl=63 time=0.242 ms64 bytes from 10.60.3.11: icmp_seq=5 ttl=63 time=0.223 ms