CentOS 7 安装 Openstack Rocky 版本 - 创建实例

测试

创建网络

网卡得开启混杂模式，否则无法路由，影响网络连通性。

• Openstack, neutron, Can’t ping external network
• Instances Not Getting DHCP Lease
• DHCP failes to lease an IP address

创建生产者网络（公共网络）

# 更新环境变量
. admin-openrc

# 创建网络
openstack network create  --share --external \
  --provider-physical-network provider \
  --provider-network-type flat provider
# +---------------------------+--------------------------------------+
# | Field                     | Value                                |
# +---------------------------+--------------------------------------+
# | admin_state_up            | UP                                   |
# | availability_zone_hints   |                                      |
# | availability_zones        |                                      |
# | created_at                | 2020-12-29T08:21:54Z                 |
# | description               |                                      |
# | dns_domain                | None                                 |
# | id                        | f70c83d3-7626-44fb-8971-eaeefeb6a09f |
# | ipv4_address_scope        | None                                 |
# | ipv6_address_scope        | None                                 |
# | is_default                | False                                |
# | is_vlan_transparent       | None                                 |
# | mtu                       | 1500                                 |
# | name                      | provider                             |
# | port_security_enabled     | True                                 |
# | project_id                | 052158381fee46e693571c9dfb6ae3f5     |
# | provider:network_type     | flat                                 |
# | provider:physical_network | provider                             |
# | provider:segmentation_id  | None                                 |
# | qos_policy_id             | None                                 |
# | revision_number           | 1                                    |
# | router:external           | External                             |
# | segments                  | None                                 |
# | shared                    | True                                 |
# | status                    | ACTIVE                               |
# | subnets                   |                                      |
# | tags                      |                                      |
# | updated_at                | 2020-12-29T08:21:55Z                 |
# +---------------------------+--------------------------------------+


# 创建子网，指定实际网关和网段
openstack subnet create --network provider \
  --allocation-pool start=203.0.113.101,end=203.0.113.201 \
  --dns-nameserver 8.8.8.8 --gateway 203.0.113.1 \
  --subnet-range 203.0.113.0/24 provider
# +-------------------+--------------------------------------+
# | Field             | Value                                |
# +-------------------+--------------------------------------+
# | allocation_pools  | 203.0.113.101-203.0.113.201          |
# | cidr              | 203.0.113.0/24                       |
# | created_at        | 2020-12-29T08:25:50Z                 |
# | description       |                                      |
# | dns_nameservers   | 8.8.8.8                              |
# | enable_dhcp       | True                                 |
# | gateway_ip        | 203.0.113.1                          |
# | host_routes       |                                      |
# | id                | 55fdd901-0670-43bc-86f6-ef638cdd64b5 |
# | ip_version        | 4                                    |
# | ipv6_address_mode | None                                 |
# | ipv6_ra_mode      | None                                 |
# | name              | provider                             |
# | network_id        | f70c83d3-7626-44fb-8971-eaeefeb6a09f |
# | project_id        | 052158381fee46e693571c9dfb6ae3f5     |
# | revision_number   | 0                                    |
# | segment_id        | None                                 |
# | service_types     |                                      |
# | subnetpool_id     | None                                 |
# | tags              |                                      |
# | updated_at        | 2020-12-29T08:25:50Z                 |
# +-------------------+--------------------------------------+

创建自服务网络（私有项目网络）

# 更新环境变量
. demo-openrc

# 创建网络
openstack network create selfservice
# +---------------------------+--------------------------------------+
# | Field                     | Value                                |
# +---------------------------+--------------------------------------+
# | admin_state_up            | UP                                   |
# | availability_zone_hints   |                                      |
# | availability_zones        |                                      |
# | created_at                | 2020-12-29T08:42:39Z                 |
# | description               |                                      |
# | dns_domain                | None                                 |
# | id                        | 0cf109d0-183c-4c7e-8466-0ed3188d9179 |
# | ipv4_address_scope        | None                                 |
# | ipv6_address_scope        | None                                 |
# | is_default                | False                                |
# | is_vlan_transparent       | None                                 |
# | mtu                       | 1450                                 |
# | name                      | selfservice                          |
# | port_security_enabled     | True                                 |
# | project_id                | eb296de9a0e64b2a9243ad58f0805746     |
# | provider:network_type     | None                                 |
# | provider:physical_network | None                                 |
# | provider:segmentation_id  | None                                 |
# | qos_policy_id             | None                                 |
# | revision_number           | 1                                    |
# | router:external           | Internal                             |
# | segments                  | None                                 |
# | shared                    | False                                |
# | status                    | ACTIVE                               |
# | subnets                   |                                      |
# | tags                      |                                      |
# | updated_at                | 2020-12-29T08:42:39Z                 |
# +---------------------------+--------------------------------------+


# 创建子网，指定虚拟网关和网段
openstack subnet create --network selfservice \
  --dns-nameserver 8.8.8.8 --gateway 172.16.1.1 \
  --subnet-range 172.16.1.0/24 selfservice
# +-------------------+--------------------------------------+
# | Field             | Value                                |
# +-------------------+--------------------------------------+
# | allocation_pools  | 172.16.1.2-172.16.1.254              |
# | cidr              | 172.16.1.0/24                        |
# | created_at        | 2020-12-29T08:43:11Z                 |
# | description       |                                      |
# | dns_nameservers   | 8.8.8.8                              |
# | enable_dhcp       | True                                 |
# | gateway_ip        | 172.16.1.1                           |
# | host_routes       |                                      |
# | id                | 95afda9f-2fc0-47d2-b64b-a2e989990a80 |
# | ip_version        | 4                                    |
# | ipv6_address_mode | None                                 |
# | ipv6_ra_mode      | None                                 |
# | name              | selfservice                          |
# | network_id        | 0cf109d0-183c-4c7e-8466-0ed3188d9179 |
# | project_id        | eb296de9a0e64b2a9243ad58f0805746     |
# | revision_number   | 0                                    |
# | segment_id        | None                                 |
# | service_types     |                                      |
# | subnetpool_id     | None                                 |
# | tags              |                                      |
# | updated_at        | 2020-12-29T08:43:11Z                 |
# +-------------------+--------------------------------------+

创建路由

# 更新环境变量
. demo-openrc

# 创建路由
openstack router create router
# +-------------------------+--------------------------------------+
# | Field                   | Value                                |
# +-------------------------+--------------------------------------+
# | admin_state_up          | UP                                   |
# | availability_zone_hints |                                      |
# | availability_zones      |                                      |
# | created_at              | 2020-12-29T08:44:44Z                 |
# | description             |                                      |
# | external_gateway_info   | None                                 |
# | flavor_id               | None                                 |
# | id                      | 7ca8347e-efe3-4c17-91c2-302747f85b0a |
# | name                    | router                               |
# | project_id              | eb296de9a0e64b2a9243ad58f0805746     |
# | revision_number         | 1                                    |
# | routes                  |                                      |
# | status                  | ACTIVE                               |
# | tags                    |                                      |
# | updated_at              | 2020-12-29T08:44:44Z                 |
# +-------------------------+--------------------------------------+


# 添加子网接口
openstack router add subnet router selfservice

# 设置网关
openstack router set router --external-gateway provider

验证

# 更新环境变量
. admin-openrc

# 列出网络命名空间
ip netns
# qrouter-7ca8347e-efe3-4c17-91c2-302747f85b0a (id: 2)
# qdhcp-0cf109d0-183c-4c7e-8466-0ed3188d9179 (id: 1)
# qdhcp-f70c83d3-7626-44fb-8971-eaeefeb6a09f (id: 0)


# 列出路由器端口
openstack port list --router router
# +--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+
# | ID                                   | Name | MAC Address       | Fixed IP Addresses
#           | Status |
# +--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+
# | 3bde40c9-3843-4891-94b3-d107537ff43c |      | fa:16:3e:9f:b2:da | ip_address='172.16.1.1', subnet_id='95afda9f-2fc0-47d2-b64b-a2e989990a80'    | ACTIVE |
# | 973acecd-a543-4c4c-83f5-ec5ad2e5ec5f |      | fa:16:3e:48:b2:47 | ip_address='203.0.113.102', subnet_id='55fdd901-0670-43bc-86f6-ef638cdd64b5' | ACTIVE |
# +--------------------------------------+------+-------------------+------------------------------------------------------------------------------+--------+


# 测试路由器连通性
ping -c 4 203.0.113.102
# [root@controller ~]# ping -c 4 203.0.113.102
# PING 203.0.113.102 (203.0.113.102) 56(84) bytes of data.
# 64 bytes from 203.0.113.102: icmp_seq=1 ttl=63 time=0.347 ms
# 64 bytes from 203.0.113.102: icmp_seq=2 ttl=63 time=0.439 ms
# 64 bytes from 203.0.113.102: icmp_seq=3 ttl=63 time=0.527 ms
# 64 bytes from 203.0.113.102: icmp_seq=4 ttl=63 time=0.468 ms

# --- 203.0.113.102 ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3000ms
# rtt min/avg/max/mdev = 0.347/0.445/0.527/0.066 ms


ping -c 4 172.16.1.1
# [root@controller ~]# ping -c 4 172.16.1.1
# PING 172.16.1.1 (172.16.1.1) 56(84) bytes of data.
# 64 bytes from 172.16.1.1: icmp_seq=1 ttl=250 time=1.14 ms
# 64 bytes from 172.16.1.1: icmp_seq=2 ttl=250 time=2.50 ms
# 64 bytes from 172.16.1.1: icmp_seq=3 ttl=250 time=0.907 ms
# 64 bytes from 172.16.1.1: icmp_seq=4 ttl=250 time=1.10 ms

# --- 172.16.1.1 ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3002ms
# rtt min/avg/max/mdev = 0.907/1.414/2.500/0.634 ms

创建类型

# 更新环境变量
. admin-openrc

# 创建类型
openstack flavor create --id 0 --vcpus 1 --ram 64 --disk 1 m1.nano
# +----------------------------+---------+
# | Field                      | Value   |
# +----------------------------+---------+
# | OS-FLV-DISABLED:disabled   | False   |
# | OS-FLV-EXT-DATA:ephemeral  | 0       |
# | disk                       | 1       |
# | id                         | 0       |
# | name                       | m1.nano |
# | os-flavor-access:is_public | True    |
# | properties                 |         |
# | ram                        | 64      |
# | rxtx_factor                | 1.0     |
# | swap                       |         |
# | vcpus                      | 1       |
# +----------------------------+---------+

生成和配置密钥对

# 更新环境变量
. demo-openrc

# 生成和添加密钥对
ssh-keygen -q -N ""
openstack keypair create --public-key ~/.ssh/id_rsa.pub mykey
# +-------------+-------------------------------------------------+
# | Field       | Value                                           |
# +-------------+-------------------------------------------------+
# | fingerprint | 58:37:f6:09:1f:71:a6:83:70:42:54:1f:31:1c:14:59 |
# | name        | mykey                                           |
# | user_id     | 457b0cd7b50d454494d2b68f72aaebf8                |
# +-------------+-------------------------------------------------+


# 验证公钥的添加
nova keypair-list
# +-------+------+-------------------------------------------------+
# | Name  | Type | Fingerprint                                     |
# +-------+------+-------------------------------------------------+
# | mykey | ssh  | 58:37:f6:09:1f:71:a6:83:70:42:54:1f:31:1c:14:59 |
# +-------+------+-------------------------------------------------+

添加安全组规则

# 更新环境变量
. demo-openrc

# ICMP (ping)
openstack security group rule create --proto icmp default
# +-------------------+--------------------------------------+
# | Field             | Value                                |
# +-------------------+--------------------------------------+
# | created_at        | 2020-12-28T08:01:56Z                 |
# | description       |                                      |
# | direction         | ingress                              |
# | ether_type        | IPv4                                 |
# | id                | ce757300-6802-4a2b-a1be-919467e25d01 |
# | name              | None                                 |
# | port_range_max    | None                                 |
# | port_range_min    | None                                 |
# | project_id        | eb296de9a0e64b2a9243ad58f0805746     |
# | protocol          | icmp                                 |
# | remote_group_id   | None                                 |
# | remote_ip_prefix  | 0.0.0.0/0                            |
# | revision_number   | 0                                    |
# | security_group_id | 6bb072d4-379b-40dd-9c11-5241ae6b4728 |
# | updated_at        | 2020-12-28T08:01:56Z                 |
# +-------------------+--------------------------------------+


# secure shell (SSH)
openstack security group rule create --proto tcp --dst-port 22 default
# +-------------------+--------------------------------------+
# | Field             | Value                                |
# +-------------------+--------------------------------------+
# | created_at        | 2020-12-28T08:02:00Z                 |
# | description       |                                      |
# | direction         | ingress                              |
# | ether_type        | IPv4                                 |
# | id                | 12f9ee06-a501-4804-a90e-5dafac785c33 |
# | name              | None                                 |
# | port_range_max    | 22                                   |
# | port_range_min    | 22                                   |
# | project_id        | eb296de9a0e64b2a9243ad58f0805746     |
# | protocol          | tcp                                  |
# | remote_group_id   | None                                 |
# | remote_ip_prefix  | 0.0.0.0/0                            |
# | revision_number   | 0                                    |
# | security_group_id | 6bb072d4-379b-40dd-9c11-5241ae6b4728 |
# | updated_at        | 2020-12-28T08:02:00Z                 |
# +-------------------+--------------------------------------+

创建实例

确定实例选项

# 更新环境变量
. demo-openrc

# 列出可用类型
openstack flavor list
# +----+---------+-----+------+-----------+-------+-----------+
# | ID | Name    | RAM | Disk | Ephemeral | VCPUs | Is Public |
# +----+---------+-----+------+-----------+-------+-----------+
# | 0  | m1.nano |  64 |    1 |         0 |     1 | True      |
# +----+---------+-----+------+-----------+-------+-----------+


# 列出可用镜像
openstack image list
# +--------------------------------------+--------+--------+
# | ID                                   | Name   | Status |
# +--------------------------------------+--------+--------+
# | af73bd20-bdcf-47a2-af78-29fe3e98053b | cirros | active |
# +--------------------------------------+--------+--------+


# 列出可用的安全组
openstack security group list
# +--------------------------------------+---------+------------------------+----------------------------------+------+
# | ID                                   | Name    | Description            | Project                          | Tags |
# +--------------------------------------+---------+------------------------+----------------------------------+------+
# | 6bb072d4-379b-40dd-9c11-5241ae6b4728 | default | Default security group | eb296de9a0e64b2a9243ad58f0805746 | []   |
# +--------------------------------------+---------+------------------------+----------------------------------+------+


# 列出可用网络
openstack network list
# +--------------------------------------+-------------+--------------------------------------+
# | ID                                   | Name        | Subnets                              |
# +--------------------------------------+-------------+--------------------------------------+
# | 0cf109d0-183c-4c7e-8466-0ed3188d9179 | selfservice | 95afda9f-2fc0-47d2-b64b-a2e989990a80 |
# | f70c83d3-7626-44fb-8971-eaeefeb6a09f | provider    | 55fdd901-0670-43bc-86f6-ef638cdd64b5 |
# +--------------------------------------+-------------+--------------------------------------+

公共网络

创建实例，使用 provider 的网络 ID

# 创建实例
openstack server create --flavor m1.nano --image cirros \
  --nic net-id=f70c83d3-7626-44fb-8971-eaeefeb6a09f --security-group default \
  --key-name mykey provider-instance
# +-----------------------------+-----------------------------------------------+
# | Field                       | Value                                         |
# +-----------------------------+-----------------------------------------------+
# | OS-DCF:diskConfig           | MANUAL                                        |
# | OS-EXT-AZ:availability_zone |                                               |
# | OS-EXT-STS:power_state      | NOSTATE                                       |
# | OS-EXT-STS:task_state       | scheduling                                    |
# | OS-EXT-STS:vm_state         | building                                      |
# | OS-SRV-USG:launched_at      | None                                          |
# | OS-SRV-USG:terminated_at    | None                                          |
# | accessIPv4                  |                                               |
# | accessIPv6                  |                                               |
# | addresses                   |                                               |
# | adminPass                   | Nbckqj2Gnkmm                                  |
# | config_drive                |                                               |
# | created                     | 2020-12-29T08:26:55Z                          |
# | flavor                      | m1.nano (0)                                   |
# | hostId                      |                                               |
# | id                          | 7eb86260-fc83-4ba3-b5bf-336edf29ea0b          |
# | image                       | cirros (af73bd20-bdcf-47a2-af78-29fe3e98053b) |
# | key_name                    | mykey                                         |
# | name                        | provider-instance                             |
# | progress                    | 0                                             |
# | project_id                  | eb296de9a0e64b2a9243ad58f0805746              |
# | properties                  |                                               |
# | security_groups             | name='6bb072d4-379b-40dd-9c11-5241ae6b4728'   |
# | status                      | BUILD                                         |
# | updated                     | 2020-12-29T08:26:56Z                          |
# | user_id                     | 457b0cd7b50d454494d2b68f72aaebf8              |
# | volumes_attached            |                                               |
# +-----------------------------+-----------------------------------------------+


# 确认实例状态，运行中
openstack server list
# +--------------------------------------+-------------------+--------+------------------------+--------+---------+
# | ID                                   | Name              | Status | Networks               | Image  | Flavor  |
# +--------------------------------------+-------------------+--------+------------------------+--------+---------+
# | 7eb86260-fc83-4ba3-b5bf-336edf29ea0b | provider-instance | ACTIVE | provider=203.0.113.105 | cirros | m1.nano |
# +--------------------------------------+-------------------+--------+------------------------+--------+---------+

使用虚拟控制台访问实例

# 获得虚拟网络计算 (Virtual Network Computing, VNC) 会话的 URL
openstack console url show provider-instance
# +-------+-------------------------------------------------------------------------------------------+
# | Field | Value                                                                                     |
# +-------+-------------------------------------------------------------------------------------------+
# | type  | novnc                                                                                     |
# | url   | http://controller:6080/vnc_auto.html?path=%3Ftoken%3Dbad2366d-48e7-4aa2-9bf3-0728d58c2cc6 |
# +-------+-------------------------------------------------------------------------------------------+

通过网址连接到容器，默认用户名密码为 cirros 和 gocubsgo

# 验证到公共网络网关的访问
ping -c 4 203.0.113.1

# 验证互联网连接
ping -c 4 www.baidu.com

远程访问实例

• 在控制节点或公共网络上的任意主机验证

# 访问实例
ping -c 4 203.0.113.105
# [root@controller ~]# ping -c 4 203.0.113.105
# PING 203.0.113.105 (203.0.113.105) 56(84) bytes of data.
# 64 bytes from 203.0.113.105: icmp_seq=1 ttl=63 time=1.40 ms
# 64 bytes from 203.0.113.105: icmp_seq=2 ttl=63 time=1.18 ms
# 64 bytes from 203.0.113.105: icmp_seq=3 ttl=63 time=1.09 ms
# 64 bytes from 203.0.113.105: icmp_seq=4 ttl=63 time=0.971 ms

# --- 203.0.113.105 ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3003ms
# rtt min/avg/max/mdev = 0.971/1.163/1.406/0.160 ms


# SSH 连接
ssh cirros@203.0.113.105
# [root@controller ~]# ssh cirros@203.0.113.105
# The authenticity of host '203.0.113.105 (203.0.113.105)' can't be established.
# ECDSA key fingerprint is SHA256:VpMMidXYh8xrGgZgRh9x4q/lMeUjPXwNg7s4nz8t9gQ.
# ECDSA key fingerprint is MD5:91:59:69:61:f7:91:ab:0b:d8:64:36:41:aa:19:77:6e.
# Are you sure you want to continue connecting (yes/no)? yes
# Warning: Permanently added '203.0.113.105' (ECDSA) to the list of known hosts.
# $ ip a
# 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
#     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
#     inet 127.0.0.1/8 scope host lo
#        valid_lft forever preferred_lft forever
#     inet6 ::1/128 scope host
#        valid_lft forever preferred_lft forever
# 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast qlen 1000
#     link/ether fa:16:3e:b4:bc:a2 brd ff:ff:ff:ff:ff:ff
#     inet 203.0.113.105/24 brd 203.0.113.255 scope global eth0
#        valid_lft forever preferred_lft forever
#     inet6 fe80::f816:3eff:feb4:bca2/64 scope link
#        valid_lft forever preferred_lft forever
# $

私有网络

创建实例，使用 selfservice 的网络 ID

# 创建实例
openstack server create --flavor m1.nano --image cirros \
  --nic net-id=0cf109d0-183c-4c7e-8466-0ed3188d9179 --security-group default \
  --key-name mykey selfservice-instance
# +-----------------------------+-----------------------------------------------+
# | Field                       | Value                                         |
# +-----------------------------+-----------------------------------------------+
# | OS-DCF:diskConfig           | MANUAL                                        |
# | OS-EXT-AZ:availability_zone |                                               |
# | OS-EXT-STS:power_state      | NOSTATE                                       |
# | OS-EXT-STS:task_state       | scheduling                                    |
# | OS-EXT-STS:vm_state         | building                                      |
# | OS-SRV-USG:launched_at      | None                                          |
# | OS-SRV-USG:terminated_at    | None                                          |
# | accessIPv4                  |                                               |
# | accessIPv6                  |                                               |
# | addresses                   |                                               |
# | adminPass                   | v3VR5Kf6ae6M                                  |
# | config_drive                |                                               |
# | created                     | 2020-12-29T08:46:49Z                          |
# | flavor                      | m1.nano (0)                                   |
# | hostId                      |                                               |
# | id                          | 20d699f3-e59a-4425-8dd0-cafcc2721189          |
# | image                       | cirros (af73bd20-bdcf-47a2-af78-29fe3e98053b) |
# | key_name                    | mykey                                         |
# | name                        | selfservice-instance                          |
# | progress                    | 0                                             |
# | project_id                  | eb296de9a0e64b2a9243ad58f0805746              |
# | properties                  |                                               |
# | security_groups             | name='6bb072d4-379b-40dd-9c11-5241ae6b4728'   |
# | status                      | BUILD                                         |
# | updated                     | 2020-12-29T08:46:50Z                          |
# | user_id                     | 457b0cd7b50d454494d2b68f72aaebf8              |
# | volumes_attached            |                                               |
# +-----------------------------+-----------------------------------------------+


# 确认实例状态，运行中
openstack server list
# +--------------------------------------+----------------------+--------+------------------------+--------+---------+
# | ID                                   | Name                 | Status | Networks               | Image  | Flavor  |
# +--------------------------------------+----------------------+--------+------------------------+--------+---------+
# | 20d699f3-e59a-4425-8dd0-cafcc2721189 | selfservice-instance | ACTIVE | selfservice=172.16.1.7 | cirros | m1.nano |
# | 7eb86260-fc83-4ba3-b5bf-336edf29ea0b | provider-instance    | ACTIVE | provider=203.0.113.105 | cirros | m1.nano |
# +--------------------------------------+----------------------+--------+------------------------+--------+---------+

使用虚拟控制台访问实例

# 获得虚拟网络计算 (Virtual Network Computing, VNC) 会话的 URL
openstack console url show selfservice-instance
# +-------+-------------------------------------------------------------------------------------------+
# | Field | Value                                                                                     |
# +-------+-------------------------------------------------------------------------------------------+
# | type  | novnc                                                                                     |
# | url   | http://controller:6080/vnc_auto.html?path=%3Ftoken%3D78e4f0dc-e481-4184-b80b-e7211287fec5 |
# +-------+-------------------------------------------------------------------------------------------+

通过网址连接到容器，默认用户名密码为 cirros 和 gocubsgo

# 验证到私有网络网关的访问
ping -c 4 172.16.1.1

# 验证互联网连接
ping -c 4 www.baidu.com

创建浮动 IP ，使内网主机可以通过路由访问外网

• Cannot access VMs launched with Microstack - Destination Host Unreachable

# 在 provider 网络上创建浮动 IP
openstack floating ip create provider
# +---------------------+--------------------------------------+
# | Field               | Value                                |
# +---------------------+--------------------------------------+
# | created_at          | 2020-12-29T08:52:20Z                 |
# | description         |                                      |
# | dns_domain          | None                                 |
# | dns_name            | None                                 |
# | fixed_ip_address    | None                                 |
# | floating_ip_address | 203.0.113.103                        |
# | floating_network_id | f70c83d3-7626-44fb-8971-eaeefeb6a09f |
# | id                  | 686694a3-2d2a-4625-b1f5-fe7ff0118c7b |
# | name                | 203.0.113.103                        |
# | port_details        | None                                 |
# | port_id             | None                                 |
# | project_id          | eb296de9a0e64b2a9243ad58f0805746     |
# | qos_policy_id       | None                                 |
# | revision_number     | 0                                    |
# | router_id           | None                                 |
# | status              | DOWN                                 |
# | subnet_id           | None                                 |
# | tags                | []                                   |
# | updated_at          | 2020-12-29T08:52:20Z                 |
# +---------------------+--------------------------------------+


# 将浮动 IP 分配给实例
openstack server add floating ip selfservice-instance 203.0.113.103
# 无输出


# 查看浮动 IP
openstack server list
# +--------------------------------------+----------------------+--------+---------------------------------------+--------+---------+
# | ID                                   | Name                 | Status | Networks                              | Image  | Flavor  |
# +--------------------------------------+----------------------+--------+---------------------------------------+--------+---------+
# | 20d699f3-e59a-4425-8dd0-cafcc2721189 | selfservice-instance | ACTIVE | selfservice=172.16.1.7, 203.0.113.103 | cirros | m1.nano |
# | 7eb86260-fc83-4ba3-b5bf-336edf29ea0b | provider-instance    | ACTIVE | provider=203.0.113.105                | cirros | m1.nano |
# +--------------------------------------+----------------------+--------+---------------------------------------+--------+---------+


# 验证连通性
ping -c 4 203.0.113.103
# [root@controller ~]# ping -c 4 203.0.113.103
# PING 203.0.113.103 (203.0.113.103) 56(84) bytes of data.
# 64 bytes from 203.0.113.103: icmp_seq=1 ttl=62 time=4.10 ms
# 64 bytes from 203.0.113.103: icmp_seq=2 ttl=62 time=1.41 ms
# 64 bytes from 203.0.113.103: icmp_seq=3 ttl=62 time=1.29 ms
# 64 bytes from 203.0.113.103: icmp_seq=4 ttl=62 time=1.40 ms

# --- 203.0.113.103 ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3004ms
# rtt min/avg/max/mdev = 1.298/2.055/4.103/1.183 ms

SSH 连接

ssh cirros@203.0.113.103
# [root@controller ~]# ping -c 4 203.0.113.103
# PING 203.0.113.103 (203.0.113.103) 56(84) bytes of data.
# 64 bytes from 203.0.113.103: icmp_seq=1 ttl=62 time=4.10 ms
# 64 bytes from 203.0.113.103: icmp_seq=2 ttl=62 time=1.41 ms
# 64 bytes from 203.0.113.103: icmp_seq=3 ttl=62 time=1.29 ms
# 64 bytes from 203.0.113.103: icmp_seq=4 ttl=62 time=1.40 ms

# --- 203.0.113.103 ping statistics ---
# 4 packets transmitted, 4 received, 0% packet loss, time 3004ms
# rtt min/avg/max/mdev = 1.298/2.055/4.103/1.183 ms
# [root@controller ~]# ssh cirros@203.0.113.103
# The authenticity of host '203.0.113.103 (203.0.113.103)' can't be established.
# ECDSA key fingerprint is SHA256:B2iYVeMW4bGh3vxTP8aCFaqusiBkIPq9ys8RfBXRzw4.
# ECDSA key fingerprint is MD5:68:aa:9a:f3:a0:2a:a6:32:69:ca:fc:8c:e7:be:8a:c4.
# Are you sure you want to continue connecting (yes/no)? yes
# Warning: Permanently added '203.0.113.103' (ECDSA) to the list of known hosts.
# $ ip a
# 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue qlen 1
#     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
#     inet 127.0.0.1/8 scope host lo
#        valid_lft forever preferred_lft forever
#     inet6 ::1/128 scope host
#        valid_lft forever preferred_lft forever
# 2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast qlen 1000
#     link/ether fa:16:3e:88:8b:1c brd ff:ff:ff:ff:ff:ff
#     inet 172.16.1.7/24 brd 172.16.1.255 scope global eth0
#        valid_lft forever preferred_lft forever
#     inet6 fe80::f816:3eff:fe88:8b1c/64 scope link
#        valid_lft forever preferred_lft forever
# $

块存储

创建卷（需要 cinder 服务支持）

# 更新环境变量
. demo-openrc

# 创建 1 GB 的卷
openstack volume create --size 1 volume1
# +---------------------+--------------------------------------+
# | Field               | Value                                |
# +---------------------+--------------------------------------+
# | attachments         | []                                   |
# | availability_zone   | nova                                 |
# | bootable            | false                                |
# | consistencygroup_id | None                                 |
# | created_at          | 2020-12-29T08:54:52.000000           |
# | description         | None                                 |
# | encrypted           | False                                |
# | id                  | be13b4d8-aed6-48a8-8ef5-8692e3cd91a8 |
# | multiattach         | False                                |
# | name                | volume1                              |
# | properties          |                                      |
# | replication_status  | None                                 |
# | size                | 1                                    |
# | snapshot_id         | None                                 |
# | source_volid        | None                                 |
# | status              | creating                             |
# | type                | None                                 |
# | updated_at          | None                                 |
# | user_id             | 457b0cd7b50d454494d2b68f72aaebf8     |
# +---------------------+--------------------------------------+


# 查看卷状态
openstack volume list
# +--------------------------------------+---------+-----------+------+-------------+
# | ID                                   | Name    | Status    | Size | Attached to |
# +--------------------------------------+---------+-----------+------+-------------+
# | be13b4d8-aed6-48a8-8ef5-8692e3cd91a8 | volume1 | available |    1 |             |
# +--------------------------------------+---------+-----------+------+-------------+

将卷附加到实例

# 将卷附加到实例上
openstack server add volume provider-instance volume1

# 查看卷状态
openstack volume list
# +--------------------------------------+---------+--------+------+--------------------------------------------+
# | ID                                   | Name    | Status | Size | Attached to                                |
# +--------------------------------------+---------+--------+------+--------------------------------------------+
# | be13b4d8-aed6-48a8-8ef5-8692e3cd91a8 | volume1 | in-use |    1 | Attached to provider-instance on /dev/vdb  |
# +--------------------------------------+---------+--------+------+--------------------------------------------+

使用 ssh 连接实例，查看卷（块存储设备）

ssh cirros@203.0.113.103
...

sudo fdisk -l
# ...
# Disk /dev/vda: 1 GiB, 1073741824 bytes, 2097152 sectors
# Units: sectors of 1 * 512 = 512 bytes
# Sector size (logical/physical): 512 bytes / 512 bytes
# I/O size (minimum/optimal): 512 bytes / 512 bytes
# Disklabel type: gpt
# Disk identifier: 127BB530-4FDD-4855-B653-77C39F7AE9C4

# Device     Start     End Sectors  Size Type
# /dev/vda1  18432 2097118 2078687 1015M Linux filesystem
# /dev/vda15  2048   18431   16384    8M EFI System

# Partition table entries are not in disk order.
# $

参阅

• Launch an instance
• socket.error: [Errno 13] Permission denied — neutron agent-list
• ‘openstack subnet create’ causes linux bridge creation with disabled IPv6
• instance stuck in build, AMQPLAIN login refused: user ‘openstack’ - invalid credentials
• Launch Instance, nova-conductor ACCESS_REFUSED
• Openstack 清除openstack网络与路由 （十七）
• VMware-centos7 添加网卡后发现没有ifcfg-ens网卡配置文件 使用nmcli来配置ip地址并生成配置文件