首页 > 代码库 > 用命令测试安装好的OpenStack环境
用命令测试安装好的OpenStack环境
OpenStack三个节点icehouse-gre模式部署一文部署了一套OpenStack环境,接下来使用命令测试一遍。
一、查看nova和neutron服务,确保都是笑脸
#Nova-manage service list
root@controller:~# nova-manage service listBinary Host Zone Status State Updated_Atnova-cert controller internal enabled :-) 2015-01-12 00:39:05nova-consoleauth controller internal enabled :-) 2015-01-12 00:38:59nova-scheduler controller internal enabled :-) 2015-01-12 00:39:00nova-conductor controller internal enabled :-) 2015-01-12 00:39:03nova-compute compute1 nova enabled :-) 2015-01-12 00:39:03
#neutron agent-list
root@controller:~# neutron agent-list+--------------------------------------+--------------------+----------+-------+----------------+| id | agent_type | host | alive | admin_state_up |+--------------------------------------+--------------------+----------+-------+----------------+| 7a1f9910-62d8-4461-b31d-1a562bd0b76e | DHCP agent | network | :-) | True || 86d1c916-8b05-4840-965c-e9152388e0c2 | Open vSwitch agent | compute1 | :-) | True || 8809b0e3-010d-4d2f-b552-10be24002684 | Open vSwitch agent | network | :-) | True || aca01734-7522-427a-b3f2-45400d22121c | Metadata agent | network | :-) | True || e964a21a-4b8d-403b-9c81-2a95f387285e | L3 agent | network | :-) | True |+--------------------------------------+--------------------+----------+-------+----------------+
二、创建租户和用户
创建租户
# keystone tenant-create --name TenantA
root@controller:~# keystone tenant-create --name TenantAWARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).+-------------+----------------------------------+| Property | Value |+-------------+----------------------------------+| description | || enabled | True || id | 60a10cd7a61b493d910eabd353c07567 || name | TenantA |+-------------+----------------------------------+
创建用户
# keystone user-create --name=UserA --pass=password --tenant-id TenantA --email=usera@test.com
root@controller:~# keystone user-create --name=UserA --pass=password --tenant-id TenantA --email=usera@test.comWARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).+----------+----------------------------------+| Property | Value |+----------+----------------------------------+| email | usera@test.com || enabled | True || id | be1db0d2fd134025accd2654cfc66056 || name | UserA || tenantId | 60a10cd7a61b493d910eabd353c07567 || username | UserA |+----------+----------------------------------+
为租户添加用户
#keystone user-role-add --tenant TenantA --user UserA --role Member
root@controller:~# keystone user-role-add --tenant TenantA --user UserA --role MemberWARNING: Bypassing authentication using a token & endpoint (authentication credentials are being ignored).
三、准备neutron网络
创建外网
# neutron net-create Ext-Net --provider:network_type gre --provider:segmentation_id 1 --router:external true
root@controller:~# neutron net-create Ext-Net --provider:network_type gre --provider:segmentation_id 1 --router:external trueCreated a new network:+---------------------------+--------------------------------------+| Field | Value |+---------------------------+--------------------------------------+| admin_state_up | True || id | c8699820-7c6d-4441-9602-3425f2c630ec || name | Ext-Net || provider:network_type | gre || provider:physical_network | || provider:segmentation_id | 1 || router:external | True || shared | False || status | ACTIVE || subnets | || tenant_id | c91d0723aaea4985a77801a15ef66438 |+---------------------------+--------------------------------------+
创建外网的子网
# neutron subnet-create --allocation-pool start=10.1.101.80,end=10.1.101.100 --gateway 10.1.101.254 Ext-Net 10.1.101.0/24 --enable_dhcp=False
root@controller:~# neutron subnet-create --allocation-pool start=10.1.101.80,end=10.1.101.100 --gateway 10.1.101.254 Ext-Net 10.1.101.0/24 --enable_dhcp=FalseCreated a new subnet:+------------------+-------------------------------------------------+| Field | Value |+------------------+-------------------------------------------------+| allocation_pools | {"start": "10.1.101.80", "end": "10.1.101.100"} || cidr | 10.1.101.0/24 || dns_nameservers | || enable_dhcp | False || gateway_ip | 10.1.101.254 || host_routes | || id | 2c4155c9-5a2e-471c-a4d8-40a86b45ab0a || ip_version | 4 || name | || network_id | c8699820-7c6d-4441-9602-3425f2c630ec || tenant_id | c91d0723aaea4985a77801a15ef66438 |+------------------+-------------------------------------------------+
接下来创建租户的子网和虚拟路由
创建租户网络
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 net-create tenantA-Net
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 net-create tenantA-NetCreated a new network:+----------------+--------------------------------------+| Field | Value |+----------------+--------------------------------------+| admin_state_up | True || id | 7c22bbd9-166c-4610-9a3d-3b8b92c77518 || name | tenantA-Net || shared | False || status | ACTIVE || subnets | || tenant_id | 60a10cd7a61b493d910eabd353c07567 |+----------------+--------------------------------------+
创建租户子网
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 subnet-create tenantA-Net 10.0.0.0/24
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 subnet-create tenantA-Net 10.0.0.0/24Created a new subnet:+------------------+--------------------------------------------+| Field | Value |+------------------+--------------------------------------------+| allocation_pools | {"start": "10.0.0.2", "end": "10.0.0.254"} || cidr | 10.0.0.0/24 || dns_nameservers | || enable_dhcp | True || gateway_ip | 10.0.0.1 || host_routes | || id | c37d8ed0-372e-4b24-9ba2-897c38c6ddbf || ip_version | 4 || name | || network_id | 7c22bbd9-166c-4610-9a3d-3b8b92c77518 || tenant_id | 60a10cd7a61b493d910eabd353c07567 |+------------------+--------------------------------------------+
创建租户虚拟路由
neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-create tenant-R1
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-create tenant-R1Created a new router:+-----------------------+--------------------------------------+| Field | Value |+-----------------------+--------------------------------------+| admin_state_up | True || external_gateway_info | || id | 680944ad-679c-4fe8-ae4b-258cd8ac337f || name | tenant-R1 || status | ACTIVE || tenant_id | 60a10cd7a61b493d910eabd353c07567 |+-----------------------+--------------------------------------+
增加路由接口
(替换${subnet_id}为子网ID)
neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-interface-add tenant-R1 ${subnet_id}
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 router-interface-add tenant-R1 c37d8ed0-372e-4b24-9ba2-897c38c6ddbfAdded interface 81388454-30e0-45e4-b3dd-b7b2e8dbf067 to router tenant-R1.
给路由增加网关
# neutron router-gateway-set tenant-R1 Ext-Net
root@controller:~# neutron router-gateway-set tenant-R1 Ext-Net Set gateway for router tenant-R1
到此为止UserA看到的网络拓扑如下:
四、安全组规则
安全组规则会影响到外面ping虚拟机和ssh登录虚拟机,所以在controller节点中为openstack设置好ICMP和TCP规则。
获得TenantA的default安全组规则
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 security-group-list
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 security-group-list+--------------------------------------+---------+-------------+| id | name | description |+--------------------------------------+---------+-------------+| 8bd8fb6b-7141-4900-8321-390cc1a5d999 | default | default |+--------------------------------------+---------+-------------+
默认default规则:
设置nova中default的 ICMP/TCP/UDP安全组规则
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default tcp 1 65535 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default tcp 1 65535 0.0.0.0/0+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| tcp | 1 | 65535 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default udp 1 65535 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default udp 1 65535 0.0.0.0/0+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| udp | 1 | 65535 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default icmp -1 -1 0.0.0.0/0
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 secgroup-add-rule default icmp -1 -1 0.0.0.0/0+-------------+-----------+---------+-----------+--------------+| IP Protocol | From Port | To Port | IP Range | Source Group |+-------------+-----------+---------+-----------+--------------+| icmp | -1 | -1 | 0.0.0.0/0 | |+-------------+-----------+---------+-----------+--------------+
五、起虚拟机
查看镜像:
# glance index
root@controller:~# glance indexID Name Disk Format Container Format Size ------------------------------------ ------------------------------ -------------------- -------------------- --------------a1de861a-be9c-4223-9a7a-cf5917489ce9 cirros-0.3.2-x86_64 qcow2 bare 13167616
起虚拟机,替换{the cirros ID from Glance}为镜像ID
#root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 boot --flavor 1 --image{the cirros ID from Glance} vm001
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 boot --flavor 1 --image a1de861a-be9c-4223-9a7a-cf5917489ce9 vm001+--------------------------------------+------------------------------------------------------------+| Property | Value |+--------------------------------------+------------------------------------------------------------+| OS-DCF:diskConfig | MANUAL || OS-EXT-AZ:availability_zone | nova || OS-EXT-STS:power_state | 0 || OS-EXT-STS:task_state | scheduling || OS-EXT-STS:vm_state | building || OS-SRV-USG:launched_at | - || OS-SRV-USG:terminated_at | - || accessIPv4 | || accessIPv6 | || adminPass | sCekd6U9PcvU || config_drive | || created | 2015-01-12T01:18:27Z || flavor | m1.tiny (1) || hostId | || id | d4a05267-b610-4c61-86e0-542ae9a7d93f || image | cirros-0.3.2-x86_64 (a1de861a-be9c-4223-9a7a-cf5917489ce9) || key_name | - || metadata | {} || name | vm001 || os-extended-volumes:volumes_attached | [] || progress | 0 || security_groups | default || status | BUILD || tenant_id | 60a10cd7a61b493d910eabd353c07567 || updated | 2015-01-12T01:18:28Z || user_id | be1db0d2fd134025accd2654cfc66056 |+--------------------------------------+------------------------------------------------------------+
检查虚拟机状态为ACTIVE
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list+--------------------------------------+-------+--------+------------+-------------+----------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+-------+--------+------------+-------------+----------------------+| d4a05267-b610-4c61-86e0-542ae9a7d93f | vm001 | ACTIVE | - | Running | tenantA-Net=10.0.0.2 |+--------------------------------------+-------+--------+------------+-------------+----------------------+
六、为虚拟机分配浮动IP
创建一个浮动IP
# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floatingip-create Ext-Net
root@controller:~# neutron --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floatingip-create Ext-NetCreated a new floatingip:+---------------------+--------------------------------------+| Field | Value |+---------------------+--------------------------------------+| fixed_ip_address | || floating_ip_address | 10.1.101.81 || floating_network_id | c8699820-7c6d-4441-9602-3425f2c630ec || id | 0482a808-e92b-4ae0-a830-6f149d310c30 || port_id | || router_id | || status | DOWN || tenant_id | 60a10cd7a61b493d910eabd353c07567 |+---------------------+--------------------------------------+
查看floating-ip
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-list+-------------+-----------+----------+---------+| Ip | Server Id | Fixed Ip | Pool |+-------------+-----------+----------+---------+| 10.1.101.81 | | - | Ext-Net |+-------------+-----------+----------+---------+
我创建了一个新的浮动IP10.1.101.82,分配的是10.1.101.82
分配浮动IP给虚拟机,替换{the vm id}为虚拟机ID
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-associate {the vm id} 10.1.101.82
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 floating-ip-associate d4a05267-b610-4c61-86e0-542ae9a7d93f 10.1.101.82
检查虚拟机状态,现在就可以看到浮动ip了。
# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list
root@controller:~# nova --os-tenant-name TenantA --os-username UserA --os-password password --os-auth-url=http://localhost:5000/v2.0 list+--------------------------------------+-------+--------+------------+-------------+-----------------------------------+| ID | Name | Status | Task State | Power State | Networks |+--------------------------------------+-------+--------+------------+-------------+-----------------------------------+| d4a05267-b610-4c61-86e0-542ae9a7d93f | vm001 | ACTIVE | - | Running | tenantA-Net=10.0.0.2, 10.1.101.82 |+--------------------------------------+-------+--------+------------+-------------+-----------------------------------+
七、SSH到虚拟机(虚拟机状态为ACTIVE,密码是cubswin:))
替换{put_floating_ip_here}为虚拟机的浮动IP
ssh cirros@{put_floating_ip_here}root@controller:~# ssh cirros@10.1.101.82The authenticity of host ‘10.1.101.82 (10.1.101.82)‘ can‘t be established.RSA key fingerprint is da:a3:1a:60:f1:e9:3a:e2:a7:6c:35:cb:f8:9b:b7:65.Are you sure you want to continue connecting (yes/no)? yesWarning: Permanently added ‘10.1.101.82‘ (RSA) to the list of known hosts.cirros@10.1.101.82‘s password: $ $ $ $ ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: seq=3 ttl=35 time=295.980 ms
64 bytes from 8.8.8.8: seq=7 ttl=35 time=299.047 ms
用命令测试安装好的OpenStack环境
声明:以上内容来自用户投稿及互联网公开渠道收集整理发布,本网站不拥有所有权,未作人工编辑处理,也不承担相关法律责任,若内容有误或涉及侵权可进行投诉: 投诉/举报 工作人员会在5个工作日内联系你,一经查实,本站将立刻删除涉嫌侵权内容。